upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-23 08:10:30 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
6058 commits 23 branches 209 tags 123 MiB
Commit graph

701 commits

Author SHA1 Message Date
Wouter Wijngaards
28e9561a94 fix spelling error 
git-svn-id: file:///svn/unbound/trunk@4548 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-21 14:07:12 +00:00
Wouter Wijngaards
6905e41b57 - Fix validation for CNAME loops. When it detects a cname loop, 
by finding the cname, cname in the existing list, it returns
  the partial result with the validation result up to then.


git-svn-id: file:///svn/unbound/trunk@4547 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-21 14:04:02 +00:00
Ralph Dolmans
a5df3a131e - Aggressive NSEC tests 
git-svn-id: file:///svn/unbound/trunk@4537 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-13 14:40:29 +00:00
Wouter Wijngaards
da961fd840 - Unit test for auth zone https url download. 
git-svn-id: file:///svn/unbound/trunk@4531 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-12 15:40:05 +00:00
Ralph Dolmans
eff62cecac - Added tests with wildcard expanded NSEC records (CVE-2017-15105 test) 
git-svn-id: file:///svn/unbound/trunk@4528 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-12 11:39:03 +00:00
Wouter Wijngaards
6fc79a70a3 Fixup tests for checklocks. Add auth axfr test for socket code. 
git-svn-id: file:///svn/unbound/trunk@4511 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-05 15:33:32 +00:00
Wouter Wijngaards
7edf4a3e75 auth zone test probe of SOA 
git-svn-id: file:///svn/unbound/trunk@4506 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-05 09:59:53 +00:00
Wouter Wijngaards
e6b770b686 auth zone ixfr unit tests 
git-svn-id: file:///svn/unbound/trunk@4505 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-05 09:53:26 +00:00
Wouter Wijngaards
172b84f7ce auth zone ixfr unit test, and fixes. 
git-svn-id: file:///svn/unbound/trunk@4504 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-05 09:42:42 +00:00
Wouter Wijngaards
237e796955 Enable valgrind in (some) tests. 
git-svn-id: file:///svn/unbound/trunk@4500 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-02 11:24:00 +00:00
Wouter Wijngaards
1931d6e9cf fix spelling error in delegation. 
git-svn-id: file:///svn/unbound/trunk@4499 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-02 11:13:45 +00:00
Wouter Wijngaards
cb28d35bd2 - Fix lock race condition in dns cache dname synthesis. 
git-svn-id: file:///svn/unbound/trunk@4495 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-02 10:33:19 +00:00
Wouter Wijngaards
fdd1199cb1 - unit test with valgrind 
git-svn-id: file:///svn/unbound/trunk@4493 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-02 09:45:13 +00:00
Wouter Wijngaards
0b5e37dcee auth zone test for host lookup 
git-svn-id: file:///svn/unbound/trunk@4488 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-01 15:02:38 +00:00
Wouter Wijngaards
4b9df2bae1 auth zone test checks stored axfr zonefile 
git-svn-id: file:///svn/unbound/trunk@4486 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-01 13:29:31 +00:00
Wouter Wijngaards
6a0b5aa8e3 auth zone test, udp and tcp answered from unit test 
git-svn-id: file:///svn/unbound/trunk@4484 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-01 10:38:05 +00:00
Wouter Wijngaards
c1047e6a6c auth zone test with zone transfer 
git-svn-id: file:///svn/unbound/trunk@4481 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-31 12:58:25 +00:00
Wouter Wijngaards
10cd092a78 failover for dnssec bogus 
git-svn-id: file:///svn/unbound/trunk@4478 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-31 11:14:01 +00:00
Wouter Wijngaards
0c4a702a39 test for validation of queries answered with a zonefile 
git-svn-id: file:///svn/unbound/trunk@4477 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-31 10:53:01 +00:00
Wouter Wijngaards
ed002df8f5 Test authority zone with zonefile for root referrals (RFC7706) 
git-svn-id: file:///svn/unbound/trunk@4476 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-31 08:37:38 +00:00
Wouter Wijngaards
657753aac2 auth zone for downstream 
git-svn-id: file:///svn/unbound/trunk@4474 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-31 08:30:32 +00:00
Wouter Wijngaards
7de2b4e047 no $INCLUDE in this test. 
git-svn-id: file:///svn/unbound/trunk@4473 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-30 16:14:09 +00:00
Wouter Wijngaards
f6946b9412 Test for no-upstream enabled, and thus fallback to normal priming and lookup. 
git-svn-id: file:///svn/unbound/trunk@4472 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-30 16:08:29 +00:00
Wouter Wijngaards
bea3b6b72d unit test for auth zone lookup 
git-svn-id: file:///svn/unbound/trunk@4469 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-30 15:44:49 +00:00
Wouter Wijngaards
6cb75924d9 - Fix that DS queries with referral replies are answered straight 
away, without a repeat query picking the DS from cache.
  The correct reply should have been an answer, the reply is fixed
  by the scrubber to have the answer in the answer section.


git-svn-id: file:///svn/unbound/trunk@4430 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-02 09:48:22 +00:00
Wouter Wijngaards
b1abc813fc unit test for timestamp failure with clang 
git-svn-id: file:///svn/unbound/trunk@4424 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-12-15 09:38:11 +00:00
Wouter Wijngaards
3e1e982625 remove duplicate statements. 
git-svn-id: file:///svn/unbound/trunk@4364 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-05 10:47:30 +00:00
Wouter Wijngaards
d506659635 - Fix some more crpls in testdata for different signaling default. 
git-svn-id: file:///svn/unbound/trunk@4363 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-05 10:44:16 +00:00
Ralph Dolmans
ef740d0cca also disable trust-anchor-signaling is crpl tests 
git-svn-id: file:///svn/unbound/trunk@4361 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-05 10:36:52 +00:00
Ralph Dolmans
ac9b95ca0c - Set trust-anchor-signaling default to yes 
git-svn-id: file:///svn/unbound/trunk@4360 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-05 10:17:25 +00:00
Wouter Wijngaards
a270aa3c53 - but reverted that, tests fails with that escape. 
git-svn-id: file:///svn/unbound/trunk@4325 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-31 07:48:09 +00:00
Wouter Wijngaards
8a6d68e5d2 - For #1417: escape ; in dnscrypt tests. 
git-svn-id: file:///svn/unbound/trunk@4324 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-31 07:43:54 +00:00
Wouter Wijngaards
41e555aadf Fix dnscrypt tests grep. 
git-svn-id: file:///svn/unbound/trunk@4320 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-29 09:27:22 +00:00
Wouter Wijngaards
cfcf5437f4 - new keys and certs for dnscrypt tests. 
git-svn-id: file:///svn/unbound/trunk@4318 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-29 08:48:19 +00:00
Wouter Wijngaards
1159e53618 - Fix #1397: Recursive DS lookups for AS112 zones names should recurse. 
git-svn-id: file:///svn/unbound/trunk@4294 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-07 07:42:45 +00:00
Wouter Wijngaards
71788cf43a Fixup speed_cache for 01-doc test. 
git-svn-id: file:///svn/unbound/trunk@4265 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-06 13:30:37 +00:00
Wouter Wijngaards
5165e14802 tests in tdir format. 
git-svn-id: file:///svn/unbound/trunk@4264 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-06 13:27:30 +00:00
Wouter Wijngaards
ead37db595 - Fix tests to use .tdir (from Manu Bretelle) instead of .tpkg. 
git-svn-id: file:///svn/unbound/trunk@4263 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-06 13:27:05 +00:00
Wouter Wijngaards
e7260518ea - Better fixup of dnscrypt_cert_chacha test for different escapes. 
git-svn-id: file:///svn/unbound/trunk@4246 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-26 09:06:42 +00:00
Wouter Wijngaards
82258dff59 Fixup the fixup. 
git-svn-id: file:///svn/unbound/trunk@4245 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-23 07:09:58 +00:00
Wouter Wijngaards
a2f8946764 - (for 1.6.5): fixup of dnscrypt_cert_chacha test (from Manu Bretelle). 
git-svn-id: file:///svn/unbound/trunk@4244 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-23 06:56:59 +00:00
Wouter Wijngaards
2288777334 - Fix dnscrypt chacha cert support ifdefs. 
- Fix dnscrypt chacha cert unit test escapes in grep.
- Remove asynclook tests that cause test and purifier problems.


git-svn-id: file:///svn/unbound/trunk@4233 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-16 08:20:44 +00:00
Wouter Wijngaards
843bd4156e - Fix #1280: Unbound fails assert when response from authoritative 
contains malformed qname.  When 0x20 caps-for-id is enabled, when
  assertions are not enabled the malformed qname is handled correctly.
- 1.6.3 tag created, with only #1280 fix, trunk is 1.6.4 development.


git-svn-id: file:///svn/unbound/trunk@4224 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-13 14:25:47 +00:00
Wouter Wijngaards
e2459be7e1 - dnscrypt unit tests with chacha. 
git-svn-id: file:///svn/unbound/trunk@4216 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-08 08:27:49 +00:00
Wouter Wijngaards
54eabdde58 - Add dnscrypt XChaCha20 tests. 
git-svn-id: file:///svn/unbound/trunk@4213 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-07 11:39:02 +00:00
Wouter Wijngaards
8c4e7ffb14 - Support for openssl EVP_DigestVerify. 
- Support for the ED25519 algorithm with openssl (from openssl 1.1.1).


git-svn-id: file:///svn/unbound/trunk@4198 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-30 12:28:25 +00:00
George Thessalonikefs
491b0a26e4 - Implemented opportunistic IPsec support module (ipsecmod). 
- Some whitespace fixup.


git-svn-id: file:///svn/unbound/trunk@4158 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-16 12:39:24 +00:00
Wouter Wijngaards
1db056b19c - Fix queries for nameservers under a stub leaking to the internet. 
git-svn-id: file:///svn/unbound/trunk@4154 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-12 15:10:10 +00:00
Wouter Wijngaards
cb26ca2ce7 - Fix sldns parse and printout of TSIG RRs. 
The printout text format is the same as dig uses.


git-svn-id: file:///svn/unbound/trunk@4145 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-02 13:53:06 +00:00
Wouter Wijngaards
4770bfbb5b - Fix sldns wire2str printout of RR type CAA tags. 
git-svn-id: file:///svn/unbound/trunk@4142 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-02 12:05:10 +00:00
Wouter Wijngaards
3018dc636a - Added test for leak of stub information. 
git-svn-id: file:///svn/unbound/trunk@4141 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-02 09:16:54 +00:00
Ralph Dolmans
710778dfdd - Added ECS unit test (from Manu Bretelle). 
- ECS documentation fix (from Manu Bretelle). 


git-svn-id: file:///svn/unbound/trunk@4116 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-13 08:49:32 +00:00
Wouter Wijngaards
4d7d32c846 - harden algo downgrade also makes unbound more lenient about digest 
algorithms in DS records.


git-svn-id: file:///svn/unbound/trunk@4104 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-10 13:38:50 +00:00
Ralph Dolmans
a2bc93547f - Generalise inplace callback (de)registration 
- (de)register inplace callbacks for module id
- No unbound-control set_option for ECS options
- Deprecated client-subnet-opcode config option
- Introduced client-subnet-always-forward config option
- Changed max-client-subnet-ipv6 default to 56 (as in RFC)
- Removed extern ECS config options
- module_restart_next now calls clear on all following modules
- Also create ECS module qstate on module_event_pass event


git-svn-id: file:///svn/unbound/trunk@4092 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-06 13:13:06 +00:00
Ralph Dolmans
b0fd814975 - Merge EDNS Client subnet implementation from feature branch into main branch, 
using new EDNS processing framework.


git-svn-id: file:///svn/unbound/trunk@4074 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-21 12:08:17 +00:00
Wouter Wijngaards
f0bf15d2cb - fixup for lruhash (whitespace and header file comment). 
- dnscrypt tests.


git-svn-id: file:///svn/unbound/trunk@4072 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-20 15:51:34 +00:00
Wouter Wijngaards
ca48de34e9 - Fix that looped DNAMEs do not cause unbound to spend effort. 
git-svn-id: file:///svn/unbound/trunk@4055 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-16 14:32:58 +00:00
Wouter Wijngaards
6c456aa15e - Add trustanchor.unbound CH TXT that gets a response with a number 
of TXT RRs with a string like "example.com. 2345 1234" with
  the trust anchors and their keytags.


git-svn-id: file:///svn/unbound/trunk@4051 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-16 09:17:58 +00:00
Wouter Wijngaards
bf1b3c1166 Fixup validation test; the YXDOMAIN is returned and the DNAME. 
git-svn-id: file:///svn/unbound/trunk@4050 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-13 08:29:08 +00:00
Wouter Wijngaards
45517ad616 - Fix #1235: Fix too long DNAME expansion produces SERVFAIL instead 
of YXDOMAIN + query loop, reported by Petr Spacek.


git-svn-id: file:///svn/unbound/trunk@4049 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-13 08:27:01 +00:00
Wouter Wijngaards
038550c889 - Fix #1234: shortening DNAME loop produces duplicate DNAME records 
in ANSWER section.


git-svn-id: file:///svn/unbound/trunk@4047 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-10 13:04:24 +00:00
Wouter Wijngaards
a6fba1b8a6 fixup script tests 
git-svn-id: file:///svn/unbound/trunk@4044 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-09 13:23:06 +00:00
Wouter Wijngaards
05215e8e7d - --disable-sha1 disables SHA1 support in RRSIG, so from DNSKEY and 
DS records.  NSEC3 is not disabled.
- fake-sha1 test option; print warning if used.  To make unit tests.


git-svn-id: file:///svn/unbound/trunk@4043 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-09 13:18:08 +00:00
Wouter Wijngaards
86c28f2d57 - fix root_anchor test for updated icannbundle.pem lower certificates. 
git-svn-id: file:///svn/unbound/trunk@3997 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-03 09:33:32 +00:00
Ralph Dolmans
4f487cf746 Add DSA support for OpenSSL 1.1 
git-svn-id: file:///svn/unbound/trunk@3954 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-07 12:58:47 +00:00
Ralph Dolmans
61b23e3811 - Added local-zones and local-data bulk addition and removal functionality in 
unbound-control (local_zones, local_zones_remove, local_datas and
  local_datas_remove).                                   
- iana portlist update


git-svn-id: file:///svn/unbound/trunk@3941 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-30 11:22:29 +00:00
Ralph Dolmans
d3b85ed7d8 - Added unit test for QNAME minimisation + harden below nxdomain 
synergy.


git-svn-id: file:///svn/unbound/trunk@3933 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-22 13:53:51 +00:00
Wouter Wijngaards
632e60eccd - Fix unit tests for DS hash processing for fake-dsa test option. 
git-svn-id: file:///svn/unbound/trunk@3929 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-22 08:23:24 +00:00
Ralph Dolmans
e6678abba6 - Fix #1155: test status code of unbound-control in 04-checkconf, not the status 
code from the tee command.


git-svn-id: file:///svn/unbound/trunk@3926 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-10 11:20:27 +00:00
Wouter Wijngaards
27182d614b - Fix unit tests for openssl 1.1, with no DSA, by faking DSA, enabled 
with the undocumented switch 'fake-dsa'.  It logs a warning.


git-svn-id: file:///svn/unbound/trunk@3909 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-26 07:38:00 +00:00
Wouter Wijngaards
f8ba15e8dd - Ported tests for local_cname unit test to testbound framework. 
git-svn-id: file:///svn/unbound/trunk@3902 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-21 08:59:56 +00:00
Wouter Wijngaards
8c1ecf875e Template entry for unit test. 
git-svn-id: file:///svn/unbound/trunk@3893 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-18 14:27:08 +00:00
Ralph Dolmans
0b3138e1bf - Fix #1117: spelling errors, from Robert Edmonds 
git-svn-id: file:///svn/unbound/trunk@3877 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-05 09:56:05 +00:00
Ralph Dolmans
b587c7f72d Added views functionality. 
git-svn-id: file:///svn/unbound/trunk@3876 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-05 09:36:25 +00:00
Wouter Wijngaards
17023457a9 - access-control-tag-data implemented. verbose(4) prints tag debug. 
git-svn-id: file:///svn/unbound/trunk@3811 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-07 10:20:05 +00:00
Ralph Dolmans
54b820773c - Possibility to specify local-zone types for an acl/tag pair 
- Possibility to specify (override) local-zone types for a source address block


git-svn-id: file:///svn/unbound/trunk@3797 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-24 19:08:58 +00:00
Ralph Dolmans
568dc57186 - QNAME minimisation unit test for dropped QTYPE=A queries. 
git-svn-id: file:///svn/unbound/trunk@3792 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-14 12:36:22 +00:00
Ralph Dolmans
5b63c08c72 - Use QTYPE=A for QNAME minimisation. 
- Keep track of number of time-outs when performing QNAME minimisation.
  Stop minimising when number of time-outs for a QNAME/QTYPE pair is
  more than three.



git-svn-id: file:///svn/unbound/trunk@3782 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-13 13:06:35 +00:00
Ralph Dolmans
2d69c5d879 - Possibility to lookup local_zone regardless the taglist. 
- Added local_zone/taglist/acl unit test.



git-svn-id: file:///svn/unbound/trunk@3767 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-07 14:31:30 +00:00
Wouter Wijngaards
22804de061 trying to debug. 
git-svn-id: file:///svn/unbound/trunk@3714 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-04-25 14:53:53 +00:00
Wouter Wijngaards
b41c4da040 Trying to debug #756. 
git-svn-id: file:///svn/unbound/trunk@3713 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-04-22 14:29:21 +00:00
Wouter Wijngaards
de86531822 - Test for type OPENPGPKEY. 
git-svn-id: file:///svn/unbound/trunk@3618 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-02-09 08:45:09 +00:00
Wouter Wijngaards
10f951d835 Unit test for CSYNC 
git-svn-id: file:///svn/unbound/trunk@3616 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-02-08 15:48:26 +00:00
Wouter Wijngaards
7ca8dbf51f Fix test to cleanup executable and wait for error printout 
git-svn-id: file:///svn/unbound/trunk@3611 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-27 07:55:18 +00:00
Ralph Dolmans
e47e31a69f Keep incrementing QNAME after receiving throwaway answer. 
git-svn-id: file:///svn/unbound/trunk@3568 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-12-03 12:09:45 +00:00
Wouter Wijngaards
63d58c7613 add unit test. 
git-svn-id: file:///svn/unbound/trunk@3556 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-12-01 08:36:26 +00:00
Wouter Wijngaards
147ba02e17 remove unused comment. 
git-svn-id: file:///svn/unbound/trunk@3531 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-16 09:56:53 +00:00
Wouter Wijngaards
7c1131625c - Fix for lenient accept of reverse order DNAME and CNAME. 
git-svn-id: file:///svn/unbound/trunk@3530 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-16 09:48:51 +00:00
Wouter Wijngaards
b4a7e9ad8d - Fix segfault in the dns64 module in the formaterror error path. 
git-svn-id: file:///svn/unbound/trunk@3506 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-15 09:02:01 +00:00
Wouter Wijngaards
14b1de6166 fix test for new default. 
git-svn-id: file:///svn/unbound/trunk@3479 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-08-24 15:07:42 +00:00
Wouter Wijngaards
dbb27a0072 Fix fwd_compress_c00c for FreeBSD xxd. 
git-svn-id: file:///svn/unbound/trunk@3439 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-06-26 09:55:00 +00:00
Wouter Wijngaards
91468c9fcf Test diff of hex. 
git-svn-id: file:///svn/unbound/trunk@3438 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-06-26 07:47:47 +00:00
Wouter Wijngaards
fe485c7240 and check ttls of CNAME and DNAME in cache response in unit test. 
git-svn-id: file:///svn/unbound/trunk@3437 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-06-26 07:43:42 +00:00
Wouter Wijngaards
cb90782087 - Fix #677 Fix DNAME responses from cache that failed internal chain 
test.


git-svn-id: file:///svn/unbound/trunk@3435 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-06-26 07:27:32 +00:00
Wouter Wijngaards
94a6478e05 - SOA negative TTL is capped at minimumttl in its rdata section. 
- cache-max-negative-ttl config option, default 3600.


git-svn-id: file:///svn/unbound/trunk@3431 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-29 14:51:36 +00:00
Wouter Wijngaards
f03d3b870e - caps-whitelist in unbound.conf allows whitelist of loadbalancers 
that cannot work with caps-for-id or its fallback.


git-svn-id: file:///svn/unbound/trunk@3420 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-01 12:36:16 +00:00
Wouter Wijngaards
b8eb1713e0 - Unit test for type ANY synthesis. 
git-svn-id: file:///svn/unbound/trunk@3419 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-30 10:27:27 +00:00
Wouter Wijngaards
d95b378fad Fixup test; icann root cert has not changed. 
git-svn-id: file:///svn/unbound/trunk@3386 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-07 08:01:22 +00:00
Wouter Wijngaards
49250ef291 - Fix #644: harden-algo-downgrade option, if turned off, fixes the 
reported excessive validation failure when multiple algorithms
  are present.  It allows the weakest algorithm to validate the zone.


git-svn-id: file:///svn/unbound/trunk@3354 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-09 13:30:37 +00:00
Wouter Wijngaards
e08aa7c5e1 - Fix validation failure in case upstream forwarder (ISC BIND) does 
not have the same trust anchors and decides to insert unsigned NS
  record in authority section.


git-svn-id: file:///svn/unbound/trunk@3329 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-02-09 11:44:46 +00:00
Wouter Wijngaards
74cac624bd Fixup unit test. 
git-svn-id: file:///svn/unbound/trunk@3325 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-30 09:57:32 +00:00
Wouter Wijngaards
be5ac109c3 And a unit test for the strip operation. 
git-svn-id: file:///svn/unbound/trunk@3324 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-30 09:47:03 +00:00
Wouter Wijngaards
c9a20c4a33 Fixup control socket test for OSX. 
git-svn-id: file:///svn/unbound/trunk@3320 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-23 16:00:33 +00:00
Wouter Wijngaards
92e26a89ad - unit test for local unix connection. Documentation and log_addr 
does not inspect port for AF_LOCAL.


git-svn-id: file:///svn/unbound/trunk@3315 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-16 13:11:07 +00:00
Wouter Wijngaards
eca9b37353 - Fix unit test for CDS typecode. 
git-svn-id: file:///svn/unbound/trunk@3221 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-09-15 12:49:37 +00:00
Wouter Wijngaards
caaa9c7afc Fixup fwd_ancil for running in the freebsd jail without ::1. 
git-svn-id: file:///svn/unbound/trunk@3211 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-08-18 14:54:33 +00:00
Wouter Wijngaards
aa9a1721cc Fixup for dnstap. 
git-svn-id: file:///svn/unbound/trunk@3209 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-08-18 14:42:26 +00:00
Wouter Wijngaards
1db64fa265 - testdata/dns64_lookup.rpl for unit test for dns64 functionality. 
git-svn-id: file:///svn/unbound/trunk@3200 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-07-31 08:16:18 +00:00
Wouter Wijngaards
2d2aa3483f - DLV tests added. 
- signit tool fixup for compile with libldns library.


git-svn-id: file:///svn/unbound/trunk@3154 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-07-03 09:07:38 +00:00
Wouter Wijngaards
43f3b0623f Fixup testsetup for VM tests (testcode/run_vm.sh). 
git-svn-id: file:///svn/unbound/trunk@3147 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-06-24 10:26:02 +00:00
Wouter Wijngaards
eb5e9a89c4 - Fix #558: failed prefetch lookup does not remove cached response 
but delays next prefetch (in lieu of caching a SERVFAIL).


git-svn-id: file:///svn/unbound/trunk@3111 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-04-10 13:56:16 +00:00
Wouter Wijngaards
a8c4de09ba - Fix #572: Fix unit test failure for systems with different 
/etc/services.


git-svn-id: file:///svn/unbound/trunk@3103 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-04-07 09:18:29 +00:00
Matthijs Mekking
f54f748dd0 add test for being lenient with NSEC empty non-terminal Name Error responses with rcode=NXDOMAIN while it should be rcode=NOERROR 
git-svn-id: file:///svn/unbound/trunk@3090 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-20 09:48:08 +00:00
Matthijs Mekking
f415c6f409 - test for too lenient LOC record 
- remove temporary review comments



git-svn-id: file:///svn/unbound/trunk@3086 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-18 09:46:16 +00:00
Wouter Wijngaards
108d3b5c3c Fix parse of #553(NSD) string in sldns, quotes without spaces. 
git-svn-id: file:///svn/unbound/trunk@3080 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-11 08:29:42 +00:00
Wouter Wijngaards
676faa606a - add body to ifstatement if locks disabled. 
- add TXT string"string" test case to unit test.


git-svn-id: file:///svn/unbound/trunk@3077 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-07 12:14:09 +00:00
Wouter Wijngaards
51be201ada - sldns has type HIP. 
git-svn-id: file:///svn/unbound/trunk@3071 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-06 10:57:42 +00:00
Wouter Wijngaards
65fe94c9ba more loc tests (and print 2.3 precision like in the RFC). 
git-svn-id: file:///svn/unbound/trunk@3069 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-03 15:46:50 +00:00
Wouter Wijngaards
d2b03defce - Fix parse in sldns of quoted parenthesized text strings. 
git-svn-id: file:///svn/unbound/trunk@3066 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-03 14:28:57 +00:00
Wouter Wijngaards
decb716939 - fixup type EUI48 and EUI64, type APL and type IPSECKEY in string 
parse sldns.


git-svn-id: file:///svn/unbound/trunk@3063 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-01-31 13:50:57 +00:00
Wouter Wijngaards
6479785360 fixup nss compile (no ldns in it). 
fixup warning in unitldns
fixup WKS and rdata type service to print unsigned because strings are not portable.


git-svn-id: file:///svn/unbound/trunk@3061 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-01-31 11:25:36 +00:00
Wouter Wijngaards
61095a0cfd - unit test for ldns wire to str and back with zones, root, nlnetlabs 
and types.sidnlabs.
- Fix for hex to string in unknown, atma and nsap.


git-svn-id: file:///svn/unbound/trunk@3060 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-01-31 10:19:01 +00:00
Wouter Wijngaards
4adaadab61 - iana portlist test updated so it does not touch the source 
if there are no changes.


git-svn-id: file:///svn/unbound/trunk@3057 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-01-28 10:12:13 +00:00
Wouter Wijngaards
5ff6ae3f51 and unit test. 
git-svn-id: file:///svn/unbound/trunk@3039 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-01-16 13:14:54 +00:00
Wouter Wijngaards
159cc301c5 pylib test referred to ldns which is not a dependency any more. 
git-svn-id: file:///svn/unbound/trunk@3036 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-12-05 16:49:37 +00:00
Wouter Wijngaards
29e96e86c9 - separate ldns into core ldns inside ldns/ subdirectory. No more 
--with-ldns is needed and unbound does not rely on libldns.


git-svn-id: file:///svn/unbound/trunk@2998 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-10-31 15:09:26 +00:00
Wouter Wijngaards
92ec7822f5 fixup nss compile, ldns git. 
git-svn-id: file:///svn/unbound/trunk@2938 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-19 12:14:48 +00:00
Wouter Wijngaards
c8d22543f3 - Fix#516 dnssec lameness detection for answers that are improper. 
git-svn-id: file:///svn/unbound/trunk@2933 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-08 09:29:33 +00:00
Wouter Wijngaards
bcf5b23273 - Fix#501: forward-first does not recurse, when forward name is ".". 
git-svn-id: file:///svn/unbound/trunk@2907 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-06-10 12:25:10 +00:00
Wouter Wijngaards
d88911eed5 - Fix queries leaking up for stubs and forwards, if the configured 
nameservers all fail to answer.


git-svn-id: file:///svn/unbound/trunk@2882 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-04-11 10:08:34 +00:00
Wouter Wijngaards
f9137645fb - Fix crash in previous private address fixup of 22 March. 
git-svn-id: file:///svn/unbound/trunk@2880 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-04-09 07:38:24 +00:00
Wouter Wijngaards
2ad6ee3c72 - Fix resolve of names that use a mix of public and private addresses. 
git-svn-id: file:///svn/unbound/trunk@2868 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-03-22 09:36:33 +00:00
Wouter Wijngaards
556acaaf32 Fixup for compile on open and install paths of nss and nspr. 
git-svn-id: file:///svn/unbound/trunk@2842 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-02-08 15:50:22 +00:00
Wouter Wijngaards
18d1cf41b5 fixup nss compile with file url. 
git-svn-id: file:///svn/unbound/trunk@2841 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-02-08 15:04:07 +00:00
Wouter Wijngaards
60fa25264f fixup nss svn path. 
git-svn-id: file:///svn/unbound/trunk@2840 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-02-08 14:52:43 +00:00
Wouter Wijngaards
e1b0e38102 Fixup use of netcat. 
git-svn-id: file:///svn/unbound/trunk@2839 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-02-08 14:51:04 +00:00
Wouter Wijngaards
26f8395712 Compile test for libnss and libunbound compile mode, runs on check in. 
git-svn-id: file:///svn/unbound/trunk@2838 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-02-08 14:28:40 +00:00
Wouter Wijngaards
fefeb21cf0 - updated fwd_zero for newer nc. Updated common.sh for newer netstat. 
git-svn-id: file:///svn/unbound/trunk@2825 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-01-28 13:30:46 +00:00
Wouter Wijngaards
60f4c5a535 update test for new requirements. 
git-svn-id: file:///svn/unbound/trunk@2809 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-01-17 11:58:30 +00:00
Wouter Wijngaards
ad0ec1b45f fixup test and test name check. 
git-svn-id: file:///svn/unbound/trunk@2805 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-01-03 15:37:54 +00:00
Wouter Wijngaards
3b467728ec - Test that unbound can handle a CNAME at an intermediate node in 
the chain of trust (where it seeks a DS record).


git-svn-id: file:///svn/unbound/trunk@2803 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-01-03 12:25:48 +00:00
Wouter Wijngaards
5d86f6932a - Test that unbound-control checks client credentials. 
git-svn-id: file:///svn/unbound/trunk@2802 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-01-03 10:58:31 +00:00
Wouter Wijngaards
1c3c7294e6 - Tested that unbound implements the RFC5155 Technical Errata id 3441. 
Unbound already implements insecure classification of an empty
  nonterminal in NSEC3 optout zone.


git-svn-id: file:///svn/unbound/trunk@2800 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-01-02 14:42:20 +00:00
Matthijs Mekking
79ffc1ab81 Fix validation for responses with CNAME and wildcard expanded CNAME in 
ANSWER section.



git-svn-id: file:///svn/unbound/trunk@2777 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-10-29 14:06:00 +00:00
Wouter Wijngaards
07470115e5 - fix bogus nodata cname chain not reported as bogus by validator, 
(Thanks Peter van Dijk).


git-svn-id: file:///svn/unbound/trunk@2727 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-07-27 13:38:00 +00:00
Wouter Wijngaards
0f1aa80123 - Fix bug#452 and another assertion failure in mesh.c, makes 
assertions in mesh.c resist duplicates.  Fixes DS NS search to
  not generate duplicate sub queries.


git-svn-id: file:///svn/unbound/trunk@2718 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-07-20 13:08:19 +00:00
Wouter Wijngaards
fa3337d42a - new approach to NS fetches for DS lookup that works with 
cornercases, and is more robust and considers forwarders.


git-svn-id: file:///svn/unbound/trunk@2646 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-03-21 15:01:01 +00:00
Wouter Wijngaards
0d5441bd8a - fix to locate nameservers for DS lookup with NS fetches. 
git-svn-id: file:///svn/unbound/trunk@2645 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-03-19 15:44:21 +00:00
Wouter Wijngaards
1736d8078a - forward-first option. Tries without forward if a query fails. 
Also stub-first option that is similar.


git-svn-id: file:///svn/unbound/trunk@2637 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-03-01 13:16:40 +00:00
Wouter Wijngaards
773d8e3b84 Fix prefetch and stickyness. 
git-svn-id: file:///svn/unbound/trunk@2632 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-16 11:04:53 +00:00
Wouter Wijngaards
03a7425ead - Fix sticky NS (ghost domain problem) if prefetch is yes. 
git-svn-id: file:///svn/unbound/trunk@2619 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-14 11:06:44 +00:00
Wouter Wijngaards
db33e4dbf6 fix unit test to be more reliable on slower systems. 
git-svn-id: file:///svn/unbound/trunk@2615 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-10 14:09:39 +00:00
Wouter Wijngaards
05aaa8a138 - unit test fix for nomem_cnametopos.rpl race condition. 
git-svn-id: file:///svn/unbound/trunk@2614 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-10 12:54:27 +00:00
Wouter Wijngaards
09b9ea04a3 - Fix timeouts to keep track of query type, A, AAAA and other, if 
another has caused timeout blacklist, different type can still probe.


git-svn-id: file:///svn/unbound/trunk@2613 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-10 12:17:25 +00:00
Wouter Wijngaards
924789d877 - implement draft-ietf-dnsext-ecdsa-04; which is in IETF LC; This 
implementation is experimental at this time and not recommended
  for use on the public internet (the protocol numbers have not
  been assigned).  Needs recent ldns with --enable-ecdsa.
- fix memory leak in errorcase for DSA signatures.


git-svn-id: file:///svn/unbound/trunk@2606 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-08 13:22:44 +00:00
Wouter Wijngaards
dff630c788 - Fix validation failures (like: validation failure xx: no NSEC3 
closest encloser from yy for DS zz. while building chain of trust,
         because of a bug in the TTL-fix in 1.4.15, it picked the wrong rdata
         for an NSEC3.  Now it does not change rdata, and fixes TTL.


git-svn-id: file:///svn/unbound/trunk@2599 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-01 11:18:07 +00:00
Wouter Wijngaards
6dd2c0467e - Fix bug #425: unbound reports wrong TTL in reply, it reports a TTL 
that would be permissible by the RFCs but it is not the TTL in the
  cache.


git-svn-id: file:///svn/unbound/trunk@2581 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-01-10 09:42:32 +00:00
Wouter Wijngaards
65ad15da56 - Fix parse error on negative SOA RRSIGs if badly ordered in the packet. 
git-svn-id: file:///svn/unbound/trunk@2573 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-12-15 13:37:13 +00:00
Wouter Wijngaards
2824d0ad52 fix exit code of remote-threaded.post. 
git-svn-id: file:///svn/unbound/trunk@2552 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-11-11 14:33:39 +00:00
Wouter Wijngaards
cf1d2135e1 unit test for SSL upstream. 
git-svn-id: file:///svn/unbound/trunk@2543 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-11-09 13:20:30 +00:00
Wouter Wijngaards
11f5e16932 infra cache consolidated and stores per zone, IP. 
git-svn-id: file:///svn/unbound/trunk@2525 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-10-26 15:46:23 +00:00
Wouter Wijngaards
17e5bba504 Fix validation of qtype ANY responses with CNAMEs (thanks Cathy Zhang and Luo Ce). 
git-svn-id: file:///svn/unbound/trunk@2477 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-08-22 12:02:50 +00:00
Wouter Wijngaards
7359d84e2f - Fix wildcard expansion no-data reply under an optout NSEC3 zone is 
validated as insecure, reported by Jia Li (lijia@cnnic.cn).


git-svn-id: file:///svn/unbound/trunk@2461 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-07-11 09:03:18 +00:00
Wouter Wijngaards
784d659e91 - Fix TTL of SOA so negative TTL is separately cached from normal TTL. 
git-svn-id: file:///svn/unbound/trunk@2416 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-05-10 12:34:47 +00:00
Wouter Wijngaards
efb9c02d54 - iana portlist updated. 
- queries with CD flag set cause DNSSEC validation, but the answer is
  not withheld if it is bogus.  Thus, unbound will retry if it is bad
  and curb the TTL if it is bad, thus protecting the cache for use by
  downstream validators.


git-svn-id: file:///svn/unbound/trunk@2409 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-04-08 13:58:41 +00:00
Wouter Wijngaards
04fa474ac3 fix test 
git-svn-id: file:///svn/unbound/trunk@2408 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-03-29 10:38:59 +00:00
Wouter Wijngaards
b4a089ff0d - Fix no ADflag for NXDOMAIN in NSEC3 optout. And wildcard in optout. 
git-svn-id: file:///svn/unbound/trunk@2397 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-03-01 12:48:45 +00:00
Wouter Wijngaards
c2299a3c5f version 3 for common.sh 
git-svn-id: file:///svn/unbound/trunk@2395 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-02-23 15:17:49 +00:00
Wouter Wijngaards
d8928e1b19 common.sh to version 2. 
git-svn-id: file:///svn/unbound/trunk@2392 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-02-18 16:11:21 +00:00
Wouter Wijngaards
1550bc65f3 use common functionality file. 
git-svn-id: file:///svn/unbound/trunk@2390 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-02-11 12:30:42 +00:00
Wouter Wijngaards
87296966ae - Added regression test for addition of a .net DS to the root, and 
cache effects with different TTL for glue and DNSKEY.


git-svn-id: file:///svn/unbound/trunk@2387 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-02-07 12:07:46 +00:00
Wouter Wijngaards
f5a97a3e8f - Fix so a changed NS RRset does not get moved name stuck on old 
server, for type NS the TTL is not increased.


git-svn-id: file:///svn/unbound/trunk@2373 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-14 13:56:25 +00:00
Wouter Wijngaards
790cb51775 - Fix prefetch so it does not get stuck on old server for moved names. 
git-svn-id: file:///svn/unbound/trunk@2372 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-13 10:13:01 +00:00
Wouter Wijngaards
4a746142cf - Fix insecure CNAME sequence marked as secure, reported by Bert Hubert. 
git-svn-id: file:///svn/unbound/trunk@2369 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-11 12:32:29 +00:00
Wouter Wijngaards
003658eea0 test and cleanup. 
git-svn-id: file:///svn/unbound/trunk@2360 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-22 09:41:38 +00:00
Wouter Wijngaards
c4c8a65ff2 - fix validation in this case: CNAME to nodata for co-hosted opt-in 
NSEC3 insecure delegation, was bogus, fixed to be insecure.


git-svn-id: file:///svn/unbound/trunk@2355 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-17 10:05:56 +00:00
Wouter Wijngaards
dd8e44ac37 - feature typetransparent localzone, does not block other RR types. 
git-svn-id: file:///svn/unbound/trunk@2350 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-02 12:39:33 +00:00
Wouter Wijngaards
79f4ca6a28 Fix storage of noEDNS in the infra cache. 
iana portlist updated.


git-svn-id: file:///svn/unbound/trunk@2348 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-30 12:55:48 +00:00
Wouter Wijngaards
78cc3d8ae1 harden-below-nxdomain option taken from draft-vixie-dnsext-resimprove. 
Default off (for now), as some older software that gives nxdomain for ENT
would be incompatible.  But that would only happen in the reverse tree, and
such software (nonDNSSEC) may go out of style, so in the future a default yes
could be possible.



git-svn-id: file:///svn/unbound/trunk@2347 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-18 08:49:15 +00:00
Wouter Wijngaards
289f13bc25 - implement draft-vixie-dnsext-resimprove-00, we stop on NXDOMAIN. 
git-svn-id: file:///svn/unbound/trunk@2345 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-17 10:02:34 +00:00
Wouter Wijngaards
2fe65ab2b5 - Be lenient and accept imgw.pl malformed packet (like BIND). 
git-svn-id: file:///svn/unbound/trunk@2339 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-08 18:32:55 +00:00
Wouter Wijngaards
c140638659 Test DS and CNAME in cache. 
git-svn-id: file:///svn/unbound/trunk@2336 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-05 15:45:53 +00:00
Wouter Wijngaards
f41a92daf5 detect nc version 
git-svn-id: file:///svn/unbound/trunk@2334 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-04 15:20:11 +00:00
Wouter Wijngaards
93e8ff1bb0 Fix test to work on ubuntu. 
git-svn-id: file:///svn/unbound/trunk@2333 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-04 15:16:13 +00:00
Wouter Wijngaards
488aee467a - Fix validation failure for parent and child on same server with an 
insecure childzone and a CNAME from parent to child.


git-svn-id: file:///svn/unbound/trunk@2321 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-29 13:10:26 +00:00
Wouter Wijngaards
8cf752e577 Uses curl to check if the icann cert file has been updated on the website. 
git-svn-id: file:///svn/unbound/trunk@2297 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-18 13:25:30 +00:00
Wouter Wijngaards
a0b58301ca unbound-anchor works on vista. 
git-svn-id: file:///svn/unbound/trunk@2292 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-14 14:55:38 +00:00
Wouter Wijngaards
c60c5d188e less verbose on output. 
git-svn-id: file:///svn/unbound/trunk@2290 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-14 09:18:20 +00:00
Wouter Wijngaards
46345c0809 - Fix bug when DLV below a trust-anchor that uses NSEC3 optout where 
the zone has a secure delegation hosted on the same server did not
         verify as secure (it was insecure by mistake).


git-svn-id: file:///svn/unbound/trunk@2275 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-11 12:21:19 +00:00
Wouter Wijngaards
236d4cea25 Fix out-of-order XML element parse, zone name check and newline filter for unbound-anchor XML parse. 
git-svn-id: file:///svn/unbound/trunk@2274 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-01 15:01:49 +00:00
Wouter Wijngaards
cb978ff7be test update and nicer text output for unbound-anchor 
git-svn-id: file:///svn/unbound/trunk@2273 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-01 13:55:16 +00:00
Wouter Wijngaards
00ae321bf4 fix test 
git-svn-id: file:///svn/unbound/trunk@2272 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-01 12:26:20 +00:00
Wouter Wijngaards
f3a4dad2c8 no override time, works on Minix and not needed for the tpkg. 
git-svn-id: file:///svn/unbound/trunk@2271 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-01 12:14:05 +00:00
Wouter Wijngaards
b3e4186cf2 Test for unbound-anchor. 
git-svn-id: file:///svn/unbound/trunk@2268 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-01 11:31:35 +00:00
Wouter Wijngaards
05c403f805 Updated net check. 
git-svn-id: file:///svn/unbound/trunk@2260 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-28 12:51:05 +00:00
Wouter Wijngaards
b7f7a772fb unbound-anchor work, -P option and test tpkg. 
git-svn-id: file:///svn/unbound/trunk@2259 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-28 12:30:38 +00:00
Wouter Wijngaards
9f44640fa7 - bug#329: in example.conf show correct ipv4 link-local 169.254/16. 
git-svn-id: file:///svn/unbound/trunk@2244 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-24 07:04:37 +00:00
Wouter Wijngaards
8b274b92aa - Algorithm rollover operational reality intrudes, for trust-anchor, 
5011-store, and DLV-anchor if one key matches it's good enough.


git-svn-id: file:///svn/unbound/trunk@2235 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-16 13:40:26 +00:00
Wouter Wijngaards
c3f180eebb - Abide RFC5155 section 9.2: no AD flag for replies with NSEC3 optout. 
git-svn-id: file:///svn/unbound/trunk@2233 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-15 07:08:09 +00:00
Wouter Wijngaards
cf19a76bf6 Test that AD flags and NSEC3 optout does what we say. 
git-svn-id: file:///svn/unbound/trunk@2230 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-14 09:11:19 +00:00