upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-22 07:41:16 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
6058 commits 23 branches 209 tags 123 MiB
Commit graph

1678 commits

Author SHA1 Message Date
W.C.A. Wijngaards
09a0e6ee30 - iana portlist updated. 2019-06-04 12:21:21 +02:00
Ralph Dolmans
268580f348 Added RPZ log name and stats 2019-06-03 15:46:39 +02:00
Ralph Dolmans
b0b69321f9 - Added RPZ action overrides 
- Added RPZ policy apply logging
 2019-05-16 22:30:42 +02:00
W.C.A. Wijngaards
a95f5fd5cb - Squelch log messages from tcp send about connection reset by peer. 
They can be enabled with verbosity at higher values for diagnosing
  network connectivity issues.
 2019-05-13 10:39:39 +02:00
W.C.A. Wijngaards
73484d3b36 Fix spelling in code annotation of changes 
in the public domain lookup3.c file.
 2019-05-06 10:10:58 +02:00
W.C.A. Wijngaards
f1c23891ab - Fix #30: AddressSanitizer finding in lookup3.c. 
This sets the hash function to use a slower but better auditable code
that does not read beyond array boundaries.  This makes code better
security checkable, and is better for security.  It is fixed to be
slower, but not read outside of the array.
 2019-05-06 09:44:01 +02:00
Kevin Chu
56af87e2f3 edit config parser to support ipset 2019-05-03 17:45:34 +08:00
Kevin Chu
1a48bdebb5 Add support for ipset 2019-05-02 19:43:30 +08:00
Ralph Dolmans
46acf0f99d Merge branch 'feature/rpz' of github.com:ralphdolmans/unbound into feature/rpz 2019-04-25 14:47:09 +02:00
Ralph Dolmans
ba67920f9a - IXFR/AXFR support for RPZ 2019-04-25 14:46:45 +02:00
Ralph Dolmans
186c9e8e82
Merge pull request #5 from NLnetLabs/master 
bring fork up to date
 2019-04-25 14:43:02 +02:00
Wouter Wijngaards
61a28c2ee5 - iana portlist updated. 
git-svn-id: file:///svn/unbound/trunk@5161 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-04-16 13:21:22 +00:00
Wouter Wijngaards
ab6f1d0fc7 - Fix tls write event for read state change to re-call SSL_write and 
not resume the TLS handshake.


git-svn-id: file:///svn/unbound/trunk@5159 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-04-15 11:52:21 +00:00
Wouter Wijngaards
c8a56bfa8f - Squelch SSL read and write connection reset by peer and broken pipe 
messages.  Verbosity 2 and higher enables them.


git-svn-id: file:///svn/unbound/trunk@5158 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-04-11 15:04:32 +00:00
George Thessalonikefs
d1150541bb - Update python documentation for init_standard(). 
- Typos.


git-svn-id: file:///svn/unbound/trunk@5157 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-04-11 15:03:04 +00:00
Wouter Wijngaards
c6369e9ffa - Fix that auth zone fails over to next master for timeout in tcp. 
git-svn-id: file:///svn/unbound/trunk@5155 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-04-11 13:41:53 +00:00
Ralph Dolmans
edcf2ddd12 - Fix locking issue 
- Fixes for compiler warnings
 2019-04-10 11:53:08 +02:00
Wouter Wijngaards
bd3c02bd59 - Fix to wipe ssl ticket keys from memory with explicit_bzero, 
if available.


git-svn-id: file:///svn/unbound/trunk@5153 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-04-08 14:42:08 +00:00
Wouter Wijngaards
2b47ca080e - Fix to use event_assign with libevent for thread-safety. 
git-svn-id: file:///svn/unbound/trunk@5149 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-04-08 11:02:34 +00:00
Ralph Dolmans
c66e47c372 Initial RPZ commit - now with all files 2019-04-05 17:39:10 +02:00
Wouter Wijngaards
348cbab016 - Fix to reinit event structure for accepted TCP (and TLS) sockets. 
git-svn-id: file:///svn/unbound/trunk@5148 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-04-05 14:11:28 +00:00
Wouter Wijngaards
a777329b7f - Fix spelling error in log output for event method. 
git-svn-id: file:///svn/unbound/trunk@5147 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-04-04 14:28:39 +00:00
Wouter Wijngaards
e338143639 - Fix for out of bounds integers, thanks to OSTIF audit. It is in 
allocation debug code.


git-svn-id: file:///svn/unbound/trunk@5143 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-04-02 12:28:20 +00:00
Wouter Wijngaards
78adebf8ec - Fix crash if tls-servic-pem not filled in when necessary. 
git-svn-id: file:///svn/unbound/trunk@5141 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-03-25 08:51:17 +00:00
Philipp Serr
b248654aab Support multiple python module instances 
This commit adds proper support for multiple instances of the python
module: When more than one instance is added to the module list, the
first instance loads the first script specified in the `python:`
configuration section. The second instance loads the second script,
and so on.

When there are more module instances in the module list than there are
scripts in the `python:` section, an error is raised during
initialization and unbound won't start. When more scripts than module
instances are provided, the surplus scripts are ignored.
 2019-03-02 14:32:48 +01:00
Wouter Wijngaards
225534e5ab - Fix #4227: pair event del and add for libevent for tcp_req_info. 
git-svn-id: file:///svn/unbound/trunk@5122 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-02-25 15:48:27 +00:00
Wouter Wijngaards
fe97f25b75 - Fix that log-replies prints the correct name for local-alias 
names, for names that have a CNAME in local-data configuration.
  It logs the original query name, not the target of the CNAME.
- Add local-zone type inform_redirect, which logs like type inform,
  and redirects like type redirect.


git-svn-id: file:///svn/unbound/trunk@5099 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-02-04 09:51:27 +00:00
Wouter Wijngaards
281030d576 - Wipe TLS session key data from memory on exit. 
git-svn-id: file:///svn/unbound/trunk@5098 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-31 15:25:27 +00:00
Wouter Wijngaards
df8f236b62 - For openssl 1.0.2 use the CRYPTO_THREADID locking callbacks, 
still supports the set_id_callback previous API.  And for 1.1.0
  no locking callbacks are needed.


git-svn-id: file:///svn/unbound/trunk@5094 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-31 11:31:55 +00:00
Wouter Wijngaards
aae44940c7 - output of newer lex 2.6.1 and bison 3.0.5. 
git-svn-id: file:///svn/unbound/trunk@5078 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-25 13:00:09 +00:00
Wouter Wijngaards
062c2cacfc - remove compile warnings from libnettle compile. 
git-svn-id: file:///svn/unbound/trunk@5077 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-25 12:58:06 +00:00
Wouter Wijngaards
f11d6653d6 - Fix that tcp for auth zone and outgoing does not remove and 
then gets the ssl read again applied to the deleted commpoint.


git-svn-id: file:///svn/unbound/trunk@5074 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-25 12:46:15 +00:00
Wouter Wijngaards
20d5e35576 - Moved includes and make depend. 
git-svn-id: file:///svn/unbound/trunk@5073 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-24 16:10:05 +00:00
Wouter Wijngaards
3028fa50a8 - Patch from Florian Obser fixes some compiler warnings: 
include mini_event.h to have a prototype for mini_ev_cmp
  include edns.h to have a prototype for apply_edns_options
  sldns_wire2str_edns_keepalive_print is only called in the wire2str,
  module declare it static to get rid of compiler warning:
  no previous prototype for function
  infra_find_ip_ratedata() is only called in the infra module,
  declare it static to get rid of compiler warning:
  no previous prototype for function
  do not shadow local variable buf in authzone
  auth_chunks_delete and az_nsec3_findnode are only called in the
  authzone module, declare them static to get rid of compiler warning:
  no previous prototype for function...
  copy_rrset() is only called in the respip module, declare it
  static to get rid of compiler warning:
  no previous prototype for function 'copy_rrset'
  no need for another variable "r"; gets rid of compiler warning:
  declaration shadows a local variable in libunbound.c
  no need for another variable "ns"; gets rid of compiler warning:
  declaration shadows a local variable in iterator.c



git-svn-id: file:///svn/unbound/trunk@5072 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-24 16:05:00 +00:00
Wouter Wijngaards
707e5a915b Neater spaces 
git-svn-id: file:///svn/unbound/trunk@5067 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-23 14:18:24 +00:00
Wouter Wijngaards
68a57554a6 For TLS session keys, keep config options in order read from file to keep the first one as the first one. 
git-svn-id: file:///svn/unbound/trunk@5064 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-23 10:41:03 +00:00
Wouter Wijngaards
cc9fb69911 fix lint and clang analysis errors 
git-svn-id: file:///svn/unbound/trunk@5063 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-23 10:23:02 +00:00
Wouter Wijngaards
d3f397c686 More fixes, statistic counter at end of struct for backwards compatibility, man page, free at exit, indent. 
git-svn-id: file:///svn/unbound/trunk@5062 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-23 10:19:04 +00:00
Wouter Wijngaards
011a7d8830 - Fixes for patch (includes, declarations, warnings). 
git-svn-id: file:///svn/unbound/trunk@5060 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-23 09:43:47 +00:00
Wouter Wijngaards
510606dd1c - Patch for TLS session resumption from Manabu Sonoda, 
enable with tls-session-ticket-keys in unbound.conf.


git-svn-id: file:///svn/unbound/trunk@5059 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-23 09:35:52 +00:00
Wouter Wijngaards
4c8f334c15 another spelling fix. 
git-svn-id: file:///svn/unbound/trunk@5057 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-23 08:48:52 +00:00
Wouter Wijngaards
2f52ecdd9c lex and yacc. 
git-svn-id: file:///svn/unbound/trunk@5056 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-23 08:46:33 +00:00
Wouter Wijngaards
5d82b7c421 - Fixes for the patch, and man page entry. 
git-svn-id: file:///svn/unbound/trunk@5055 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-23 08:45:16 +00:00
Wouter Wijngaards
8ae9f26bce - Patch from Manabu Sonoda with tls-ciphers and tls-ciphersuites 
options for unbound.conf.


git-svn-id: file:///svn/unbound/trunk@5054 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-23 08:37:00 +00:00
Wouter Wijngaards
d81e2c654f - Add stream-wait-size: 4m config option to limit the maximum 
memory used by waiting tcp and tls stream replies.  This avoids
  a denial of service where these replies use up all of the memory.


git-svn-id: file:///svn/unbound/trunk@5046 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-21 16:20:14 +00:00
Wouter Wijngaards
f5dcd84d27 Fix reread of buffer data, better, also for TCP. 
git-svn-id: file:///svn/unbound/trunk@5045 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-21 14:14:12 +00:00
Wouter Wijngaards
be4583ac84 - Fix that multiple dns fragments can be carried in one TLS frame. 
git-svn-id: file:///svn/unbound/trunk@5043 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-21 13:41:13 +00:00
Wouter Wijngaards
dd19026e91 - Initial commit for out-of-order processing for TCP and TLS. 
git-svn-id: file:///svn/unbound/trunk@5032 be551aaa-1e26-0410-a405-d3ace91eadb9
 2019-01-11 14:12:27 +00:00
Wouter Wijngaards
4c7f824e0a - Fix config parser memory leaks. 
git-svn-id: file:///svn/unbound/trunk@5014 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-12-10 09:27:49 +00:00
Wouter Wijngaards
198a7ce74d - cache-max-ttl also defines upperbound of initial TTL in response. 
git-svn-id: file:///svn/unbound/trunk@5007 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-12-03 14:50:47 +00:00
Wouter Wijngaards
2ad55ba791 - log-tag-queryreply: yes in unbound.conf tags the log-queries and 
log-replies in the log file for easier log filter maintenance.


git-svn-id: file:///svn/unbound/trunk@5000 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-11-30 09:45:37 +00:00
Wouter Wijngaards
fb342b73d3 - iana portlist updated. 
git-svn-id: file:///svn/unbound/trunk@4991 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-11-29 08:27:22 +00:00
Wouter Wijngaards
7bb6358540 Better fix. 
git-svn-id: file:///svn/unbound/trunk@4987 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-11-27 13:46:44 +00:00
Wouter Wijngaards
ca33c52086 - Fix windows compile for new rrset roundrobin fix. 
git-svn-id: file:///svn/unbound/trunk@4986 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-11-27 13:35:29 +00:00
Wouter Wijngaards
4d5b32ee59 - Fix to not set GLOB_NOSORT so the unbound.conf include: files are 
sorted and in a predictable order.


git-svn-id: file:///svn/unbound/trunk@4975 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-11-26 09:54:34 +00:00
Wouter Wijngaards
04d73b9192 - Add patch from Jan Vcelak for pythonmod, 
add sockaddr_storage getters, add support for query callbacks,
  allow raw address access via comm_reply and update API documentation.


git-svn-id: file:///svn/unbound/trunk@4962 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-11-20 12:24:40 +00:00
Wouter Wijngaards
c9955f9fdf - Fix #4152: Logs shows wrong time when using log-time-ascii: yes. 
git-svn-id: file:///svn/unbound/trunk@4957 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-25 13:52:13 +00:00
Wouter Wijngaards
fd5e4e6019 - Fix #4126: RTT_band too low on VSAT links with 600+ms latency, 
adds the option unknown-server-time-limit to unbound.conf that
  can be increased to avoid the problem.


git-svn-id: file:///svn/unbound/trunk@4954 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-25 09:21:41 +00:00
Ralph Dolmans
6021341118 - Add min-client-subnet-ipv6 and min-client-subnet-ipv4 options. 
git-svn-id: file:///svn/unbound/trunk@4951 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-25 08:53:50 +00:00
Wouter Wijngaards
d5922830d0 - Fix #4141: More randomness to rrset-roundrobin. 
git-svn-id: file:///svn/unbound/trunk@4950 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-25 08:26:40 +00:00
Wouter Wijngaards
23505d30a5 - Fix #4190: Please create a "ANY" deny option, adds the option 
deny-any: yes in unbound.conf.  This responds with an empty message
  to queries of type ANY.


git-svn-id: file:///svn/unbound/trunk@4949 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-25 08:07:37 +00:00
Ralph Dolmans
140a165ab2 - Add markdel function to ECS slabhash. 
- Limit ECS scope returned to client to the scope used for caching.      
 - Make lint like previous #4154 fix. 


git-svn-id: file:///svn/unbound/trunk@4946 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-24 13:50:18 +00:00
Wouter Wijngaards
5fec1c8b1f - Fix #4154: make ECS_MAX_TREESIZE configurable, with 
the max-ecs-tree-size-ipv4 and max-ecs-tree-size-ipv6 options.


git-svn-id: file:///svn/unbound/trunk@4945 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-22 14:54:28 +00:00
Ralph Dolmans
6b5e7d78e3 - Change fast-server-num default to 3. 
git-svn-id: file:///svn/unbound/trunk@4941 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-22 09:36:36 +00:00
Ralph Dolmans
a8b2c64cbf More lint pleasing 
git-svn-id: file:///svn/unbound/trunk@4940 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-08 16:38:25 +00:00
Ralph Dolmans
9268f0db50 Please lint by using proper types 
git-svn-id: file:///svn/unbound/trunk@4939 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-08 16:33:04 +00:00
Ralph Dolmans
02bd3e2ff1 - Add fast-server-permil and fast-server-num options. 
- Deprecate low-rtt and low-rtt-permil options.


git-svn-id: file:///svn/unbound/trunk@4938 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-08 16:03:46 +00:00
Wouter Wijngaards
837565c505 - iana port update. 
git-svn-id: file:///svn/unbound/trunk@4933 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-05 15:18:08 +00:00
Wouter Wijngaards
fece182cf5 - Set default for so-reuseport to no for FreeBSD. It is enabled 
by default for Linux and DragonFlyBSD.  The setting can 
  be configured in unbound.conf to override the default.


git-svn-id: file:///svn/unbound/trunk@4932 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-05 15:07:19 +00:00
Wouter Wijngaards
d967ceb98b Remove that fix, analyzer is for debug with assertions. 
- Fix clang analyzer for optimize compile analysis.


git-svn-id: file:///svn/unbound/trunk@4929 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-02 12:32:33 +00:00
Wouter Wijngaards
c85ff492d0 - Fix clang analyzer for optimize compile analysis. 
git-svn-id: file:///svn/unbound/trunk@4922 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-02 10:51:05 +00:00
Wouter Wijngaards
898d4c8dd9 - Fix memory leak when message parse fails partway through copy. 
- remove unused udpsize assignment in message encode.


git-svn-id: file:///svn/unbound/trunk@4904 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-09-13 12:30:44 +00:00
Wouter Wijngaards
75b8b8c875 - Free memory leak in config strlist append. 
- make sure nsec3 comparison salt is initialized.


git-svn-id: file:///svn/unbound/trunk@4900 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-09-13 10:23:30 +00:00
Wouter Wijngaards
9a82526b91 - exit log routine is annotated as noreturn function. 
- free memory leaks in config strlist and str2list insert functions.
- do not move unused argv variable after getopt.
- Remove unused if clause in testcode.


git-svn-id: file:///svn/unbound/trunk@4896 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-09-13 08:58:21 +00:00
Wouter Wijngaards
d8f890a43a - iana port update. 
git-svn-id: file:///svn/unbound/trunk@4890 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-09-10 12:35:01 +00:00
Wouter Wijngaards
d4a69e4d2a flex. 
git-svn-id: file:///svn/unbound/trunk@4878 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-30 09:02:29 +00:00
Ralph Dolmans
2e5e31e8ac - Added serve-expired-ttl and serve-expired-ttl-reset options. 
git-svn-id: file:///svn/unbound/trunk@4876 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-28 14:21:56 +00:00
Wouter Wijngaards
e0745813f4 - Set defaults to yes for a number of options to increase speed and 
resilience of the server.  The so-reuseport, harden-below-nxdomain,
  and minimal-responses options are enabled by default.  They used
  to be disabled by default, waiting to make sure they worked.  They
  are enabled by default now, and can be disabled explicitly by
  setting them to "no" in the unbound.conf config file.  The reuseport
  and minimal options increases speed of the server, and should be
  otherwise harmless.  The harden-below-nxdomain option works well
  together with the recently default enabled qname minimisation, this
  causes more fetches to use information from the cache.


git-svn-id: file:///svn/unbound/trunk@4871 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-27 13:18:19 +00:00
George Thessalonikefs
0171d06aa2 - #4140: Expose repinfo (comm_reply) to the inplace_callbacks. This 
gives access to reply information for the client's communication
  point when the callback is called before the mesh state (modules).
  Changes to C and Python's inplace_callback signatures were also
  necessary.


git-svn-id: file:///svn/unbound/trunk@4870 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-22 10:51:13 +00:00
Wouter Wijngaards
4daf8f5bdb - Fix only misc failure from log-servfail when val-log-level is not 
enabled.


git-svn-id: file:///svn/unbound/trunk@4869 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-21 14:31:37 +00:00
Wouter Wijngaards
9926fcac4b flex and bison re-run. 
git-svn-id: file:///svn/unbound/trunk@4865 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-21 07:10:49 +00:00
Wouter Wijngaards
01d8dc2240 - log-local-actions: yes option for unbound.conf that logs all the 
local zone actions, a patch from Saksham Manchanda (Secure64).


git-svn-id: file:///svn/unbound/trunk@4864 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-21 07:10:09 +00:00
Wouter Wijngaards
4fe427ded2 - log-servfail: yes prints log lines that say why queries are 
returning SERVFAIL to clients.


git-svn-id: file:///svn/unbound/trunk@4863 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-17 15:22:05 +00:00
Wouter Wijngaards
b0daf867c2 and the error looks good. 
git-svn-id: file:///svn/unbound/trunk@4860 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-17 14:17:48 +00:00
Wouter Wijngaards
df85836b15 - Fix warning on compile without threads. 
git-svn-id: file:///svn/unbound/trunk@4855 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-16 10:28:11 +00:00
Wouter Wijngaards
256ab3d935 - Patch for stub-no-cache and forward-no-cache options that disable 
caching for the contents of that stub or forward, for when you
  want immediate changes visible, from Bjoern A. Zeeb.


git-svn-id: file:///svn/unbound/trunk@4846 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-09 12:44:40 +00:00
Wouter Wijngaards
611e37aa2d (On the patch) 
- make depend, yacc, lex, doc, headers.  And log the limit exceeded
  message only on high verbosity, so as to not spam the logs when
  it is busy.


git-svn-id: file:///svn/unbound/trunk@4841 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-07 12:48:49 +00:00
Wouter Wijngaards
77bd7d228b Fix comment reference to variable name in header file. 
git-svn-id: file:///svn/unbound/trunk@4838 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-07 12:03:46 +00:00
Wouter Wijngaards
b97b04a9db yacc and lex. 
git-svn-id: file:///svn/unbound/trunk@4837 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-07 12:02:10 +00:00
Wouter Wijngaards
586b811b87 - Patch to implement tcp-connection-limit from Jim Hague (Sinodun). 
This limits the number of simultaneous TCP client connections
  from a nominated netblock.
And a simple test for TCP connection limit.


git-svn-id: file:///svn/unbound/trunk@4835 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-07 11:57:42 +00:00
George Thessalonikefs
749d1b9ebc - Expose if a query (or a subquery) was ratelimited (not src IP 
ratelimiting) to libunbound under 'ub_result.was_ratelimited'.
  This also introduces a change to 'ub_event_callback_type' in
  libunbound/unbound-event.h.
- Tidy pylib tests.


git-svn-id: file:///svn/unbound/trunk@4828 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-03 14:00:46 +00:00
Wouter Wijngaards
37e9f5591a - Revert previous change for #4136: because it introduces build 
problems.


git-svn-id: file:///svn/unbound/trunk@4826 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-03 09:47:53 +00:00
Wouter Wijngaards
d546e7766d - iana port list update. 
git-svn-id: file:///svn/unbound/trunk@4825 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-01 14:07:54 +00:00
Wouter Wijngaards
1f148e632f remove unused variable 
git-svn-id: file:///svn/unbound/trunk@4822 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 13:36:45 +00:00
Wouter Wijngaards
f9c0f359a7 please lint. 
git-svn-id: file:///svn/unbound/trunk@4814 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 08:14:52 +00:00
Wouter Wijngaards
cc538f4f9f - Please doxygen so it passes. 
git-svn-id: file:///svn/unbound/trunk@4813 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 08:10:20 +00:00
Wouter Wijngaards
900cd200a2 more comments (from commit messages). 
git-svn-id: file:///svn/unbound/trunk@4812 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 08:00:57 +00:00
Wouter Wijngaards
26eaf2d1ee And these source files. 
git-svn-id: file:///svn/unbound/trunk@4810 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 07:48:58 +00:00
Wouter Wijngaards
b7abbd1d72 - Fix mesh.c incompatible pointer pass. 
- yacc and lex.


git-svn-id: file:///svn/unbound/trunk@4808 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 07:23:58 +00:00
Wouter Wijngaards
e3f08cb2a2 - Implement progressive backoff of TCP idle/keepalive timeout. 
git-svn-id: file:///svn/unbound/trunk@4806 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 07:20:15 +00:00
Wouter Wijngaards
3dbdde7fed - Add edns-tcp-keepalive and edns-tcp-keepalive timeout options 
and implement option in client responses.


git-svn-id: file:///svn/unbound/trunk@4804 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 07:18:34 +00:00
Wouter Wijngaards
007123ee2c - Sort out test runs when the build directory isn't the project 
root directory.
- Add config tcp-idle-timeout (default 30s). This applies to
  client connections only; the timeout on TCP connections upstream
  is unaffected.


git-svn-id: file:///svn/unbound/trunk@4802 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-31 07:15:12 +00:00
Wouter Wijngaards
10c085f81d - Fix #4136: insufficiency from mismatch of FLEX capability between 
released tarball and build host.


git-svn-id: file:///svn/unbound/trunk@4801 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-30 09:58:05 +00:00
Wouter Wijngaards
f8e585f308 nicer code, in function. 
git-svn-id: file:///svn/unbound/trunk@4790 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-17 15:07:09 +00:00
Wouter Wijngaards
4bf9d12419 - Fix for 4126 that the #define for UNKNOWN_SERVER_NICENESS can be more 
easily changed to adjust default rtt assumptions.


git-svn-id: file:///svn/unbound/trunk@4779 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-12 14:15:03 +00:00
Wouter Wijngaards
15c4dd79f4 - iana port update. 
git-svn-id: file:///svn/unbound/trunk@4772 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-06 06:48:44 +00:00
Wouter Wijngaards
2beae211ee - dns64-ignore-aaaa: config option to list domain names for which the 
existing AAAA is ignored and dns64 processing is used on the A
  record.


git-svn-id: file:///svn/unbound/trunk@4762 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-29 12:58:52 +00:00
Wouter Wijngaards
d3ff7a9333 - log port number with err_addr logs. 
git-svn-id: file:///svn/unbound/trunk@4761 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-29 08:34:41 +00:00
Wouter Wijngaards
c15eae814f - Fix that control-use-cert: no works for 127.0.0.1 to disable certs. 
git-svn-id: file:///svn/unbound/trunk@4738 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-18 09:04:35 +00:00
Wouter Wijngaards
0e72e06886 - Print warning when control-use-cert is used with an IP-address 
in unbound-control, and that TLS is enabled.


git-svn-id: file:///svn/unbound/trunk@4737 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-18 08:40:30 +00:00
Wouter Wijngaards
9cb404ba5f - Fix that first control-interface determines if TLS is used. Warn 
when IP address interfaces are used without TLS.


git-svn-id: file:///svn/unbound/trunk@4730 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-14 08:14:43 +00:00
Wouter Wijngaards
0b0ece9db0 better documentation in header file 
git-svn-id: file:///svn/unbound/trunk@4722 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-12 10:15:08 +00:00
Wouter Wijngaards
23edc18cac - Rename tls-additional-ports to tls-additional-port, because every 
line adds one port.


git-svn-id: file:///svn/unbound/trunk@4721 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-12 08:45:57 +00:00
Wouter Wijngaards
7fd32916e8 - #4102 for NSD, but for Unbound. Named unix pipes do not use 
certificate and key files, access can be restricted with file and
  directory permissions.  The option control-use-cert is no longer
  used, and ignored if found in unbound.conf.


git-svn-id: file:///svn/unbound/trunk@4718 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-12 07:43:52 +00:00
Wouter Wijngaards
7509bf208e - Rename additional-tls-port to tls-additional-ports. 
The older name is accepted for backwards compatibility.


git-svn-id: file:///svn/unbound/trunk@4703 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-01 08:02:04 +00:00
Wouter Wijngaards
ec34bc9af1 rerun bison. 
git-svn-id: file:///svn/unbound/trunk@4702 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-30 09:35:21 +00:00
Wouter Wijngaards
8d1af17449 - Patch from Syzdek: Add ability to ignore RD bit and treat all 
requests as if the RD bit is set.


git-svn-id: file:///svn/unbound/trunk@4701 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-30 09:33:21 +00:00
Wouter Wijngaards
1a0bd1a150 - tls-win-cert option that adds the system certificate store for 
authenticating DNS-over-TLS connections.  It can be used instead
  of the tls-cert-bundle option, or with it to add certificates.


git-svn-id: file:///svn/unbound/trunk@4698 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-28 14:15:06 +00:00
Wouter Wijngaards
5a726fb61f - Add routine from getdns to add windows cert store to the SSL_CTX. 
git-svn-id: file:///svn/unbound/trunk@4697 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-28 13:22:10 +00:00
Wouter Wijngaards
6792d2d036 - Fix windows tcp and tls spin on events. 
git-svn-id: file:///svn/unbound/trunk@4696 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-28 12:30:34 +00:00
Wouter Wijngaards
d32fb26adb - Fix close events for tcp only. 
git-svn-id: file:///svn/unbound/trunk@4695 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-25 10:41:24 +00:00
Wouter Wijngaards
d4ba7731ad - Fix that tcp sticky events are removed for closed fd on windows. 
git-svn-id: file:///svn/unbound/trunk@4694 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-25 10:02:06 +00:00
Wouter Wijngaards
261bf354b7 - Use accept4 to speed up incoming TCP (and TLS) connections, 
available on Linux and FreeBSD.


git-svn-id: file:///svn/unbound/trunk@4686 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-23 13:55:09 +00:00
Ralph Dolmans
50b6dc4b81 - Qname minimisation default changed to yes. 
git-svn-id: file:///svn/unbound/trunk@4685 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-17 10:33:19 +00:00
Wouter Wijngaards
ba29a4a078 generated yacc and lex output. 
git-svn-id: file:///svn/unbound/trunk@4684 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-15 07:48:12 +00:00
Wouter Wijngaards
676644d8e8 - Fix low-rtt-pct to low-rtt-permil, as it is parts in one thousand. 
git-svn-id: file:///svn/unbound/trunk@4683 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-15 07:30:53 +00:00
Wouter Wijngaards
16b6619dfa - Fix windows to not have sticky TLS events for TCP. 
- Fix read of DNS over TLS length and data in one read call.


git-svn-id: file:///svn/unbound/trunk@4680 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-07 08:31:17 +00:00
Wouter Wijngaards
6fefbb4115 - Fix fail to reject dead peers in forward-zone, with ssl-upstream. 
git-svn-id: file:///svn/unbound/trunk@4670 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-02 06:36:02 +00:00
Wouter Wijngaards
85bf0bd994 - Fix that unbound-control reload frees the rrset keys and returns 
the memory pages to the system.


git-svn-id: file:///svn/unbound/trunk@4669 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-01 14:00:06 +00:00
Wouter Wijngaards
2c9d9fe211 And assertion. 
git-svn-id: file:///svn/unbound/trunk@4661 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-24 15:16:16 +00:00
Wouter Wijngaards
583411768d - Fix auth https for libev. 
git-svn-id: file:///svn/unbound/trunk@4660 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-24 15:13:18 +00:00
Wouter Wijngaards
d6de848e29 This lexer output looks like it'll have less signed-unsigned warnings. 
git-svn-id: file:///svn/unbound/trunk@4658 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-24 10:23:12 +00:00
Ralph Dolmans
4d06c36342 - Added root-key-sentinel support 
git-svn-id: file:///svn/unbound/trunk@4652 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-24 09:03:49 +00:00
Wouter Wijngaards
716282cc1a - Fix #4092: libunbound: use-caps-for-id lacks colon in 
config_set_option.


git-svn-id: file:///svn/unbound/trunk@4644 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-23 07:51:21 +00:00
Wouter Wijngaards
5bee11a6d3 - removed free from failed parse case. 
git-svn-id: file:///svn/unbound/trunk@4640 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-20 14:10:55 +00:00
Wouter Wijngaards
f39e39ed47 - For addr with #authname and no @port notation, the default is 853. 
git-svn-id: file:///svn/unbound/trunk@4637 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-19 14:23:14 +00:00
Wouter Wijngaards
23656b2b0e fix lint 
git-svn-id: file:///svn/unbound/trunk@4633 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-19 12:18:00 +00:00
Wouter Wijngaards
9d28279475 - Can set tls authentication with forward-addr: IP#tls.auth.name 
And put the public cert bundle in tls-cert-bundle: "ca-bundle.pem".


git-svn-id: file:///svn/unbound/trunk@4631 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-19 12:10:05 +00:00
Wouter Wijngaards
1b055c6ca7 - allow-notify: config statement for auth-zones. 
git-svn-id: file:///svn/unbound/trunk@4628 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-17 13:23:35 +00:00
Wouter Wijngaards
4691979679 - Fix auth zone target lookup iterator. 
- notify with prefix


git-svn-id: file:///svn/unbound/trunk@4624 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-16 13:14:24 +00:00
Wouter Wijngaards
ad9784c5e8 - auth zone notify work. 
git-svn-id: file:///svn/unbound/trunk@4619 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-10 14:57:38 +00:00
Wouter Wijngaards
d91f09896d get_option and set_option for low-rtt and low-rtt-pct. 
git-svn-id: file:///svn/unbound/trunk@4613 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-09 13:39:29 +00:00
Wouter Wijngaards
d41cdb6ce8 - low-rtt and low-rtt-pct in unbound.conf enable the server selection 
of fast servers for some percentage of the time.


git-svn-id: file:///svn/unbound/trunk@4612 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-09 13:27:28 +00:00
Wouter Wijngaards
fbee729c5b - Accept both option names with and without colon for get_option 
and set_option.


git-svn-id: file:///svn/unbound/trunk@4611 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-09 10:42:48 +00:00
Wouter Wijngaards
2be98b581a - Combine write of tcp length and tcp query for dns over tls. 
git-svn-id: file:///svn/unbound/trunk@4601 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-05 08:10:25 +00:00
Ralph Dolmans
39f6488471 - Fix unbound-control get_option aggressive-nsec 
git-svn-id: file:///svn/unbound/trunk@4597 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-23 12:23:02 +00:00
Wouter Wijngaards
78031b37fc - iana port update. 
git-svn-id: file:///svn/unbound/trunk@4592 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-19 13:19:53 +00:00
Wouter Wijngaards
874165904f doc and flex and yacc. 
git-svn-id: file:///svn/unbound/trunk@4589 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-15 14:23:51 +00:00
Wouter Wijngaards
1d2d33d01a - Create additional tls service interfaces by opening them on other 
portnumbers and listing the portnumbers as additional-tls-port: nr.


git-svn-id: file:///svn/unbound/trunk@4588 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-15 14:19:02 +00:00
Wouter Wijngaards
59935375a3 - Fix #3817: core dump happens in libunbound delete, when queued 
servfail hits deleted message queue.


git-svn-id: file:///svn/unbound/trunk@4587 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-15 13:32:19 +00:00
Wouter Wijngaards
e784758a21 - Add --with-libhiredis, unbound support for a new cached backend 
that uses a Redis server as the storage.  This implementation
  depends on the hiredis client library (https://redislabs.com/lp/hiredis/).
  And unbound should be built with both --enable-cachedb and
  --with-libhiredis[=PATH] (where $PATH/include/hiredis/hiredis.h
  should exist).  Patch from Jinmei Tatuya (Infoblox).


git-svn-id: file:///svn/unbound/trunk@4586 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-15 12:33:51 +00:00
Wouter Wijngaards
5919273709 - Fix #3582: Squelch address already in use log when reuseaddr option 
causes same port to be used twice for tcp connections.


git-svn-id: file:///svn/unbound/trunk@4559 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-05 15:45:34 +00:00
Wouter Wijngaards
4a3a6d1294 - iana port update. 
git-svn-id: file:///svn/unbound/trunk@4558 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-05 14:38:30 +00:00
Wouter Wijngaards
9f88892190 - Fix nettle compile. 
git-svn-id: file:///svn/unbound/trunk@4555 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-27 13:03:54 +00:00
Wouter Wijngaards
0e390bca00 - Fix compile without threads, and remove unused variable. 
git-svn-id: file:///svn/unbound/trunk@4553 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-27 10:36:12 +00:00
Wouter Wijngaards
a92e9692c1 fix noview. 
git-svn-id: file:///svn/unbound/trunk@4543 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-19 13:30:38 +00:00
Wouter Wijngaards
5b7942d197 - Fixes for clang static analyzer, the missing ; in 
edns-subnet/addrtree.c after the assert made clang analyzer
  produce a failure to analyze it.


git-svn-id: file:///svn/unbound/trunk@4538 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-16 10:31:48 +00:00
Wouter Wijngaards
da06b1c76c auth zone review fixes 
git-svn-id: file:///svn/unbound/trunk@4534 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-13 14:09:57 +00:00
Wouter Wijngaards
b32284af57 - iana port update. 
git-svn-id: file:///svn/unbound/trunk@4533 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-13 10:35:31 +00:00
Wouter Wijngaards
54bd1fdd62 - tls-cert-bundle option in unbound.conf enables TLS authentication. 
git-svn-id: file:///svn/unbound/trunk@4532 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-13 10:35:09 +00:00
Wouter Wijngaards
d19f3c8c07 - auth zone url config. 
git-svn-id: file:///svn/unbound/trunk@4525 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 16:11:27 +00:00
Wouter Wijngaards
427836884e auth zone http work. 
git-svn-id: file:///svn/unbound/trunk@4524 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 15:14:51 +00:00
Wouter Wijngaards
1ad34fe7ae auth zone work. 
git-svn-id: file:///svn/unbound/trunk@4523 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 14:37:36 +00:00
Ralph Dolmans
77f78152ee - Aggressive use of NSEC implementation. Use cached NSEC records to generate 
NXDOMAIN, NODATA and positive wildcard answers.


git-svn-id: file:///svn/unbound/trunk@4522 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 13:16:36 +00:00
Wouter Wijngaards
ad89368b4e auth zone work. 
git-svn-id: file:///svn/unbound/trunk@4521 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 11:59:30 +00:00
Wouter Wijngaards
5b41e86d51 auth zone review. 
git-svn-id: file:///svn/unbound/trunk@4520 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 10:43:58 +00:00
Wouter Wijngaards
48bd83f3b4 - iana port update. 
git-svn-id: file:///svn/unbound/trunk@4519 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 10:14:34 +00:00
Wouter Wijngaards
db766ce064 fix for doxygen and lint. 
git-svn-id: file:///svn/unbound/trunk@4518 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 10:00:10 +00:00
Wouter Wijngaards
75eb720ab5 auth zone work on http feature. 
git-svn-id: file:///svn/unbound/trunk@4517 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-07 16:10:31 +00:00
Wouter Wijngaards
0ab8edd170 auth zone work. 
git-svn-id: file:///svn/unbound/trunk@4515 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-06 15:54:49 +00:00
Wouter Wijngaards
10e165c574 fix lint warning 
git-svn-id: file:///svn/unbound/trunk@4514 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-06 11:17:29 +00:00
Wouter Wijngaards
3b87862c8a auth zone work. 
git-svn-id: file:///svn/unbound/trunk@4512 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-06 09:32:41 +00:00
Wouter Wijngaards
a66fd181e5 auth zone race condition remove and checklock fix for 
check of unused alignment memory in structure.


git-svn-id: file:///svn/unbound/trunk@4496 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-02 10:35:11 +00:00
Wouter Wijngaards
30891d6fff - Fix unfreed locks in log and arc4random at exit of unbound. 
git-svn-id: file:///svn/unbound/trunk@4491 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-02 09:27:16 +00:00
Wouter Wijngaards
8605797002 - fix unaligned structure making a false positive in checklock 
unitialised memory.


git-svn-id: file:///svn/unbound/trunk@4490 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-01 15:55:48 +00:00
Wouter Wijngaards
0362614f94 auth zone, make depend, fallback, create and delete, and lease_time, 
and lock fixes.


git-svn-id: file:///svn/unbound/trunk@4466 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-30 10:35:20 +00:00
Wouter Wijngaards
4b4b1eec8b - Accept tls-upstream in unbound.conf, the ssl-upstream keyword is 
also recognized and means the same.  Also for tls-port,
  tls-service-key, tls-service-pem, stub-tls-upstream and
  forward-tls-upstream.


git-svn-id: file:///svn/unbound/trunk@4444 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-22 08:35:44 +00:00
Wouter Wijngaards
fa57a0fbac - iana port update. 
git-svn-id: file:///svn/unbound/trunk@4442 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-19 09:51:50 +00:00
Ralph Dolmans
7e8d3423cd Please lint 
git-svn-id: file:///svn/unbound/trunk@4435 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-03 17:05:48 +00:00
Wouter Wijngaards
dfba6bf690 - iana port update. 
git-svn-id: file:///svn/unbound/trunk@4428 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-12-15 12:42:45 +00:00
Wouter Wijngaards
1ed537dc52 lookup and transfer setup 
git-svn-id: file:///svn/unbound/trunk@4417 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-12-04 16:24:24 +00:00
Wouter Wijngaards
d88bb99957 - auth zone work. probe hostname lookup. 
git-svn-id: file:///svn/unbound/trunk@4411 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-12-01 14:02:28 +00:00
Wouter Wijngaards
975a7b1fc0 - auth xfer work on probe timer and lookup. 
git-svn-id: file:///svn/unbound/trunk@4405 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-14 15:58:24 +00:00
Wouter Wijngaards
621b1c57a3 - Fix #2362: TLS1.3/openssl-1.1.1 not working. 
git-svn-id: file:///svn/unbound/trunk@4396 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-03 07:40:36 +00:00
Wouter Wijngaards
8cf7e424e2 - iana port update. 
git-svn-id: file:///svn/unbound/trunk@4391 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-31 13:18:04 +00:00
Wouter Wijngaards
cba64aaaa4 - lexer output. 
git-svn-id: file:///svn/unbound/trunk@4390 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-31 10:07:01 +00:00
Ralph Dolmans
e13088d911 - Fix #2031: Double included headers 
git-svn-id: file:///svn/unbound/trunk@4388 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-25 13:30:32 +00:00
Wouter Wijngaards
6f88df1fc8 authzone work. 
git-svn-id: file:///svn/unbound/trunk@4380 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-19 15:11:20 +00:00
Wouter Wijngaards
bdb6a5501a - authzone work, probe timer setup. 
git-svn-id: file:///svn/unbound/trunk@4378 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-19 09:03:36 +00:00
Wouter Wijngaards
b37bc47eaa - Work on local root zone code. 
git-svn-id: file:///svn/unbound/trunk@4376 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-17 15:16:31 +00:00
Wouter Wijngaards
8752326d8c Turn duplicates into warnings for dnscrypt, and 
fix declaration and code mix warning.


git-svn-id: file:///svn/unbound/trunk@4374 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-17 07:36:51 +00:00
Wouter Wijngaards
52e2331dd4 - [dnscrypt] prevent dnscrypt-secret-key, dnscrypt-provider-cert 
duplicates
- [dnscrypt] introduce dnscrypt-provider-cert-rotated option,
  from Manu Bretelle.
	This option allows handling multiple cert/key pairs while only
	distributing some of them.
	In order to reliably match a client magic with a given key without
	strong assumption as to how those were generated, we need both key and
	cert. Likewise, in order to know which ES version should be used.
	On the other hand, when rotating a cert, it can be desirable to only
	serve the new cert but still be able to handle clients that are still
	using the old certs's public key.
	The `dnscrypt-provider-cert-rotated` allow to instruct unbound to not
	publish the cert as part of the DNS's provider_name's TXT answer.



git-svn-id: file:///svn/unbound/trunk@4373 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-17 07:34:49 +00:00
Ralph Dolmans
ac9b95ca0c - Set trust-anchor-signaling default to yes 
git-svn-id: file:///svn/unbound/trunk@4360 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-05 10:17:25 +00:00
Wouter Wijngaards
bbe5c6acf0 - Fix param unused warning for windows exportsymbol compile. 
git-svn-id: file:///svn/unbound/trunk@4359 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-02 12:24:48 +00:00
Wouter Wijngaards
55d8fe2837 - use a cachedb answer even if it's "expired" when serve-expired is yes 
(patch from Jinmei Tatuya).
- trigger refetching of the answer in that case (this will bypass
  cachedb lookup)
- allow storing a 0-TTL answer from cachedb in the in-memory message
  cache when serve-expired is yes


git-svn-id: file:///svn/unbound/trunk@4353 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-19 09:08:29 +00:00
Wouter Wijngaards
ee8f07a686 - Fix #1440: [dnscrypt] client nonce cache. 
git-svn-id: file:///svn/unbound/trunk@4351 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-18 08:55:08 +00:00
Wouter Wijngaards
c49226613b - Fix #1435: Please allow UDP to be disabled separately upstream and 
downstream.


git-svn-id: file:///svn/unbound/trunk@4349 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-18 08:42:24 +00:00
Wouter Wijngaards
7d17a926ac - Spelling fixes, from Phil Porada. 
git-svn-id: file:///svn/unbound/trunk@4344 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-15 14:29:28 +00:00
Wouter Wijngaards
e583448a6d les and bison. 
git-svn-id: file:///svn/unbound/trunk@4329 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-31 11:59:38 +00:00
Wouter Wijngaards
a17400b45e dnscrypt cache size configuration option. 
git-svn-id: file:///svn/unbound/trunk@4328 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-31 11:58:29 +00:00
Wouter Wijngaards
425dec3037 - Fix #1417: [dnscrypt] shared secret cache counters, and works when 
dnscrypt is not enabled.


git-svn-id: file:///svn/unbound/trunk@4326 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-31 08:06:17 +00:00
Wouter Wijngaards
1624efa939 - Fix #1414: fix segfault on parse failure and log_replies. 
git-svn-id: file:///svn/unbound/trunk@4316 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-29 07:28:29 +00:00
Wouter Wijngaards
e3cc298ffd - Fix #1415: [dnscrypt] shared secret cache, patch from 
Manu Bretelle.


git-svn-id: file:///svn/unbound/trunk@4312 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-28 10:55:41 +00:00
Wouter Wijngaards
cd46a535cd - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@4311 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-28 08:29:00 +00:00
Wouter Wijngaards
ffc2f687cf - Fix to reclaim tcp handler when it is closed due to dnscrypt buffer 
allocation failure.


git-svn-id: file:///svn/unbound/trunk@4309 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-22 13:40:44 +00:00
Wouter Wijngaards
d8960d2c55 - Fix #1402: squelch invalid argument error for fd_set_block on windows. 
git-svn-id: file:///svn/unbound/trunk@4306 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-21 14:15:32 +00:00
Wouter Wijngaards
5797c77f55 yacc 1.9 and flex 2.6.1. 
git-svn-id: file:///svn/unbound/trunk@4296 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-08 09:09:45 +00:00
Wouter Wijngaards
ae67923bab - Fix #1398: make cachedb secret configurable. 
git-svn-id: file:///svn/unbound/trunk@4295 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-08 09:04:51 +00:00
Wouter Wijngaards
ff6a1cee12 - iana update 
git-svn-id: file:///svn/unbound/trunk@4288 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 11:58:18 +00:00
Wouter Wijngaards
36eeb92391 remove warning 
git-svn-id: file:///svn/unbound/trunk@4282 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 09:53:11 +00:00
Wouter Wijngaards
b7d9b59aa9 - Fix compile with libnettle 
git-svn-id: file:///svn/unbound/trunk@4281 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 09:52:20 +00:00
Wouter Wijngaards
abb6cfdebd - upgrade aclocal(pkg.m4 0.29.1), config.guess(2016-10-02), 
config.sub(2016-09-05).
- annotate case statement fallthrough for gcc 7.1.1.
- flex output from flex 2.6.1.
- snprintf of thread number does not warn about truncated string.


git-svn-id: file:///svn/unbound/trunk@4278 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 09:04:18 +00:00
Wouter Wijngaards
c52c07c086 - Fix #1350: make cachedb backend configurable (from JINMEI Tatuya). 
git-svn-id: file:///svn/unbound/trunk@4275 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-17 08:21:19 +00:00
Wouter Wijngaards
962fea87d3 lint fix and check errcode. 
git-svn-id: file:///svn/unbound/trunk@4256 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-29 11:53:21 +00:00
Wouter Wijngaards
08a3461810 - enhancement for hardened-tls for DNS over TLS. Removed duplicated 
security settings.


git-svn-id: file:///svn/unbound/trunk@4255 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-29 11:45:43 +00:00
Wouter Wijngaards
60d4c9bd54 - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@4254 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-29 07:36:02 +00:00
Wouter Wijngaards
062515d9bc - Fix #1316: heap read buffer overflow in parse_edns_options. 
git-svn-id: file:///svn/unbound/trunk@4240 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-21 11:50:39 +00:00
Wouter Wijngaards
cf0429f3e1 and yacc, lex it. 
git-svn-id: file:///svn/unbound/trunk@4232 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-16 07:56:28 +00:00
Wouter Wijngaards
dff6c5ff7a - Fix memory leak in dnscrypt config read. 
git-svn-id: file:///svn/unbound/trunk@4231 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-16 07:55:52 +00:00
Wouter Wijngaards
ca8d0a0e92 - Fix #1279: Memory leak on reload when python module is enabled. 
git-svn-id: file:///svn/unbound/trunk@4220 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-13 07:10:58 +00:00
Ralph Dolmans
998793998d - Added domain name based ECS whitelist. 
git-svn-id: file:///svn/unbound/trunk@4217 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-08 14:44:55 +00:00
Wouter Wijngaards
b3b854072b and this dnscrypt commit for chacha. 
git-svn-id: file:///svn/unbound/trunk@4214 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-08 07:29:06 +00:00
Wouter Wijngaards
f78e04a12c - Add an explicit type cast for TCP FASTOPEN fix. 
git-svn-id: file:///svn/unbound/trunk@4205 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-06 07:59:32 +00:00
Wouter Wijngaards
401e456a17 - Fix fastopen EPIPE fallthrough to perform connect. 
git-svn-id: file:///svn/unbound/trunk@4203 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-01 09:06:14 +00:00
Wouter Wijngaards
627299f5e4 - If MSG_FASTOPEN gives EPIPE fallthrough to try normal tcp write. 
git-svn-id: file:///svn/unbound/trunk@4201 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-31 11:09:15 +00:00
Ralph Dolmans
486edb10db - Fix #1269: inconsistent use of built-in local zones with views. 
- Add defaults for new local-zone trees added to views using unbound-control.


git-svn-id: file:///svn/unbound/trunk@4199 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-30 13:04:19 +00:00
Wouter Wijngaards
dd0da65da9 fix for lint 
git-svn-id: file:///svn/unbound/trunk@4197 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-29 14:34:28 +00:00
Wouter Wijngaards
8b2397542e - Fix assertion for low buffer size and big edns payload when worker 
overrides udpsize.


git-svn-id: file:///svn/unbound/trunk@4195 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-29 07:32:45 +00:00
Wouter Wijngaards
65dde0c965 - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@4183 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-23 10:33:15 +00:00
Wouter Wijngaards
71fba3d221 - first services/authzone check in, it compiles and reads and writes 
zonefiles.


git-svn-id: file:///svn/unbound/trunk@4178 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-23 09:32:40 +00:00
Wouter Wijngaards
1a44a8402e - Fix #1268: SIGSEGV after log_reopen. 
git-svn-id: file:///svn/unbound/trunk@4177 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-22 07:20:59 +00:00
Wouter Wijngaards
92d625b648 - better module memory lookup, fix of unbound-control shm names for 
module memory printout of statistics.


git-svn-id: file:///svn/unbound/trunk@4161 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-16 14:16:59 +00:00
Wouter Wijngaards
7641f23f87 - updated configure, dependencies and flex output. 
git-svn-id: file:///svn/unbound/trunk@4159 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-16 13:21:10 +00:00
George Thessalonikefs
491b0a26e4 - Implemented opportunistic IPsec support module (ipsecmod). 
- Some whitespace fixup.


git-svn-id: file:///svn/unbound/trunk@4158 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-16 12:39:24 +00:00
Ralph Dolmans
ce54c45394 - Add 'c' to getopt() in testbound. 
- iana portlist update.


git-svn-id: file:///svn/unbound/trunk@4152 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-09 15:02:39 +00:00
Ralph Dolmans
657948dd0c - Added mesh_add_sub to add detached mesh entries. 
- Use mesh_add_sub for key tag signaling queries.


git-svn-id: file:///svn/unbound/trunk@4144 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-02 13:17:56 +00:00
Wouter Wijngaards
3676f20923 - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@4138 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-01 13:29:48 +00:00
Ralph Dolmans
a511d5d95e - Implemented trust anchor signaling using key tag query. 
git-svn-id: file:///svn/unbound/trunk@4134 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-26 12:58:13 +00:00
Wouter Wijngaards
7925a98141 variables get_option and set_option also for dnscrypt. 
git-svn-id: file:///svn/unbound/trunk@4130 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-24 09:00:45 +00:00
Wouter Wijngaards
461c8c97db - unbound-checkconf -o allows query of dnstap config variables. 
Also unbound-control get_option.


git-svn-id: file:///svn/unbound/trunk@4129 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-24 08:30:32 +00:00
Ralph Dolmans
593949c88e - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@4128 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-21 10:26:01 +00:00
Ralph Dolmans
89c2383c71 - Fix #1252: more indentation inconsistencies. 
git-svn-id: file:///svn/unbound/trunk@4125 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-18 09:00:52 +00:00
Wouter Wijngaards
8466ee1c62 please lint. 
git-svn-id: file:///svn/unbound/trunk@4120 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-13 13:03:38 +00:00
Wouter Wijngaards
d4e0116ba8 please lint. 
git-svn-id: file:///svn/unbound/trunk@4119 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-13 12:56:53 +00:00
Wouter Wijngaards
17dd3370fc - (for 1.6.3:) unbound.h exports the shm stats structures. They use 
type long long and no ifdefs, and ub_ before the typenames.


git-svn-id: file:///svn/unbound/trunk@4117 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-13 12:47:29 +00:00
Wouter Wijngaards
16428ccbd2 - Fix #1250: inconsistent indentation in services/listen_dnsport.c. 
git-svn-id: file:///svn/unbound/trunk@4113 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-13 07:17:05 +00:00
Wouter Wijngaards
c9e5433a70 - subnet mem value is available in shm, also when not enabled, 
to make the struct easier to memmap by other applications,
  independent of the configuration of unbound.


git-svn-id: file:///svn/unbound/trunk@4112 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-12 15:01:11 +00:00
Ralph Dolmans
4b39a9eaf8 - Set SHM ECS memory usage to 0 when module not loaded. 
git-svn-id: file:///svn/unbound/trunk@4111 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-12 13:51:34 +00:00
Ralph Dolmans
a8bfa02af1 - Also display ECS module memory stats in stats_shm 
git-svn-id: file:///svn/unbound/trunk@4107 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-11 13:37:39 +00:00
Wouter Wijngaards
4d7d32c846 - harden algo downgrade also makes unbound more lenient about digest 
algorithms in DS records.


git-svn-id: file:///svn/unbound/trunk@4104 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-10 13:38:50 +00:00
Ralph Dolmans
e3058de235 - Use correct identifier for SHM destroy. 
git-svn-id: file:///svn/unbound/trunk@4103 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-10 12:58:26 +00:00
Ralph Dolmans
a5c7c469ee - Remove ECS option after REFUSED answer 
- Fix small memory leak in edns_opt_copy_alloc



git-svn-id: file:///svn/unbound/trunk@4100 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-10 09:12:04 +00:00
Wouter Wijngaards
5591fdff8d assign cb_arg 
git-svn-id: file:///svn/unbound/trunk@4096 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-06 13:47:46 +00:00
Ralph Dolmans
ae31233b19 - remove malloc from inplace_cb_register 
git-svn-id: file:///svn/unbound/trunk@4095 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-06 13:41:49 +00:00
Wouter Wijngaards
b96a41d19e Fixup unused parameters. 
git-svn-id: file:///svn/unbound/trunk@4094 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-06 13:35:33 +00:00
Ralph Dolmans
a2bc93547f - Generalise inplace callback (de)registration 
- (de)register inplace callbacks for module id
- No unbound-control set_option for ECS options
- Deprecated client-subnet-opcode config option
- Introduced client-subnet-always-forward config option
- Changed max-client-subnet-ipv6 default to 56 (as in RFC)
- Removed extern ECS config options
- module_restart_next now calls clear on all following modules
- Also create ECS module qstate on module_event_pass event


git-svn-id: file:///svn/unbound/trunk@4092 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-06 13:13:06 +00:00
Wouter Wijngaards
f7595c3348 - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@4090 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-06 07:04:34 +00:00
Wouter Wijngaards
7338c1b892 - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@4088 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-04 13:46:45 +00:00
Ralph Dolmans
d30ae35c62 - Do not add current time twice to TTL before ECS cache store. 
- Do not touch rrset cache after ECS cache message generation.
- Use LDNS_EDNS_CLIENT_SUBNET as default ECS opcode.


git-svn-id: file:///svn/unbound/trunk@4086 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-03 09:36:18 +00:00
Wouter Wijngaards
292a337dad - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@4085 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-03 09:07:17 +00:00
Wouter Wijngaards
553544feac autoconf (because easier diffs with other releases) 
git-svn-id: file:///svn/unbound/trunk@4075 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-21 14:18:45 +00:00
Ralph Dolmans
b0fd814975 - Merge EDNS Client subnet implementation from feature branch into main branch, 
using new EDNS processing framework.


git-svn-id: file:///svn/unbound/trunk@4074 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-21 12:08:17 +00:00
Wouter Wijngaards
f0bf15d2cb - fixup for lruhash (whitespace and header file comment). 
- dnscrypt tests.


git-svn-id: file:///svn/unbound/trunk@4072 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-20 15:51:34 +00:00
Wouter Wijngaards
01697a9ab8 whitespace better. 
git-svn-id: file:///svn/unbound/trunk@4069 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-20 15:26:41 +00:00
Wouter Wijngaards
d1cbf19798 - lru_demote and lruhash_insert_or_retrieve functions for getdns. 
git-svn-id: file:///svn/unbound/trunk@4068 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-20 15:25:06 +00:00
Wouter Wijngaards
86f0baf146 - make depend, autoconf, remove warnings about statement before var. 
git-svn-id: file:///svn/unbound/trunk@4066 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-20 15:09:06 +00:00
Wouter Wijngaards
7c9584e408 - #1217. DNSCrypt support, with --enable-dnscrypt, libsodium and then 
enabled in the config file from Manu Bretelle.


git-svn-id: file:///svn/unbound/trunk@4065 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-20 14:55:31 +00:00
Wouter Wijngaards
52dd15dd87 - Patch for view functionality for local-data-ptr from Björn Ketelaars. 
git-svn-id: file:///svn/unbound/trunk@4063 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-17 08:01:40 +00:00
Wouter Wijngaards
6c456aa15e - Add trustanchor.unbound CH TXT that gets a response with a number 
of TXT RRs with a string like "example.com. 2345 1234" with
  the trust anchors and their keytags.


git-svn-id: file:///svn/unbound/trunk@4051 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-16 09:17:58 +00:00
Wouter Wijngaards
05215e8e7d - --disable-sha1 disables SHA1 support in RRSIG, so from DNSKEY and 
DS records.  NSEC3 is not disabled.
- fake-sha1 test option; print warning if used.  To make unit tests.


git-svn-id: file:///svn/unbound/trunk@4043 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-09 13:18:08 +00:00
Wouter Wijngaards
6ac9904ee5 please doxygen. 
git-svn-id: file:///svn/unbound/trunk@4039 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-08 08:27:17 +00:00
Wouter Wijngaards
cae9809e11 - Response actions based on IP address from Jinmei Tatuya (Infoblox). 
git-svn-id: file:///svn/unbound/trunk@4035 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-07 14:58:51 +00:00
Wouter Wijngaards
5058406b84 - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@4033 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-06 15:33:30 +00:00
Wouter Wijngaards
5f48fa3a6e - include sys/time.h for new shm code on OpenBSD. 
git-svn-id: file:///svn/unbound/trunk@4025 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-24 15:51:19 +00:00
Wouter Wijngaards
307c1b3321 lint. 
git-svn-id: file:///svn/unbound/trunk@4022 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-23 14:09:54 +00:00
Wouter Wijngaards
35ae8ef313 - Patch from Luiz Fernando Softov for Stats Shared Memory. 
- unbound-control stats_shm command prints stats using shared memory,
  which uses less cpu.


git-svn-id: file:///svn/unbound/trunk@4020 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-23 12:05:05 +00:00
Wouter Wijngaards
44cfd1d49b - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@4017 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-21 14:15:05 +00:00
Wouter Wijngaards
41fccf9fe4 more helpful error message. 
git-svn-id: file:///svn/unbound/trunk@3996 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-26 11:07:52 +00:00
Wouter Wijngaards
240a012bd8 layout. 
git-svn-id: file:///svn/unbound/trunk@3994 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-20 16:09:37 +00:00
Wouter Wijngaards
929b623e59 - Increase MAX_MODULE to 16. 
git-svn-id: file:///svn/unbound/trunk@3993 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-20 07:33:54 +00:00
Wouter Wijngaards
709d8223f5 fixes for _t changes. 
git-svn-id: file:///svn/unbound/trunk@3992 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-19 14:11:59 +00:00
Wouter Wijngaards
8746283787 fixup pythonmod. 
git-svn-id: file:///svn/unbound/trunk@3991 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-19 11:51:47 +00:00
Wouter Wijngaards
ff1b857f90 compile fix 
git-svn-id: file:///svn/unbound/trunk@3990 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-19 11:34:21 +00:00
Wouter Wijngaards
c010e93d4a - Fix to rename internally used types from _t to _type, because _t 
type names are reserved by POSIX.
- iana portlist update


git-svn-id: file:///svn/unbound/trunk@3989 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-19 10:25:41 +00:00
Wouter Wijngaards
ba11247f93 - Fix #1202: Fix code comment that packed_rrset_data is not always 
'packed'.


git-svn-id: file:///svn/unbound/trunk@3984 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-09 09:47:06 +00:00
Wouter Wijngaards
b019a6aad9 please splint. 
git-svn-id: file:///svn/unbound/trunk@3982 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-05 14:07:51 +00:00
Wouter Wijngaards
3a1ffe4c69 - Fix #1185: Source IP rate limiting, patch from Larissa Feng. 
git-svn-id: file:///svn/unbound/trunk@3981 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-05 13:57:12 +00:00
Wouter Wijngaards
9b4b0de746 - Fix #1184: Log DNS replies. This includes the same logging 
information that DNS queries and response code and response size,
  patch from Larissa Feng.


git-svn-id: file:///svn/unbound/trunk@3980 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-05 11:39:54 +00:00
Wouter Wijngaards
5839981255 - Fix reload chdir failure when also chrooted to that directory. 
git-svn-id: file:///svn/unbound/trunk@3976 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-03 13:46:00 +00:00
Wouter Wijngaards
cd7db58ce3 - configure --enable-systemd and lets unbound use systemd sockets if 
you enable use-systemd: yes in unbound.conf.
  Also there are contrib/unbound.socket and contrib/unbound.service:
  systemd files for unbound, install them in /usr/lib/systemd/system.
  Contributed by Sami Kerola and Pavel Odintsov.



git-svn-id: file:///svn/unbound/trunk@3975 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-03 13:43:29 +00:00
Ralph Dolmans
b4b2c18909 - Fix #1190: Do not echo back EDNS options in local-zone error response. 
- iana portlist update


git-svn-id: file:///svn/unbound/trunk@3972 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-23 11:46:54 +00:00
Ralph Dolmans
95d5334783 - Fix #1188: Unresolved symbol 'fake_dsa' in libunbound.so when built with 
Nettle


git-svn-id: file:///svn/unbound/trunk@3971 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-21 10:29:19 +00:00
Wouter Wijngaards
3d680a6d82 - iana portlist update 
git-svn-id: file:///svn/unbound/trunk@3967 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-15 08:43:33 +00:00
Wouter Wijngaards
163e7046cb printf arguments more portable. 
git-svn-id: file:///svn/unbound/trunk@3960 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-09 10:52:02 +00:00
Wouter Wijngaards
41d174b7f6 - Fix #1176: stack size too small for Alpine Linux. 
git-svn-id: file:///svn/unbound/trunk@3959 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-09 10:09:01 +00:00
Wouter Wijngaards
f15350b776 Unused variable warnings. 
git-svn-id: file:///svn/unbound/trunk@3952 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-06 14:42:20 +00:00
George Thessalonikefs
c879fa1e79 please lint. 
git-svn-id: file:///svn/unbound/trunk@3949 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-06 14:15:49 +00:00
George Thessalonikefs
7b948b0647 - Added generic EDNS code for registering known EDNS option codes, 
bypassing the cache response stage and uniquifying mesh states. Four EDNS
  option lists were added to module_qstate (module_qstate.edns_opts_*) to
  store EDNS options from/to front/back side.
- Added two flags to module_qstate (no_cache_lookup, no_cache_store) that
  control the modules' cache interactions.
- Added code for registering inplace callback functions. The registered
  functions can be called just before replying with local data or Chaos,
  replying from cache, replying with SERVFAIL, replying with a resolved
  query, sending a query to a nameserver. The functions can inspect the
  available data and maybe change response/query related data (i.e. append
  EDNS options).
- Updated Python module for the above.
- Updated Python documentation.



git-svn-id: file:///svn/unbound/trunk@3947 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-06 13:42:51 +00:00
Ralph Dolmans
61b23e3811 - Added local-zones and local-data bulk addition and removal functionality in 
unbound-control (local_zones, local_zones_remove, local_datas and
  local_datas_remove).                                   
- iana portlist update


git-svn-id: file:///svn/unbound/trunk@3941 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-30 11:22:29 +00:00
Wouter Wijngaards
f4673d87ce - iana portlist update. 
git-svn-id: file:///svn/unbound/trunk@3928 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-22 08:22:49 +00:00