upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-01-02 12:59:36 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
6733 commits 23 branches 209 tags 124 MiB
Commit graph

1791 commits

Author SHA1 Message Date
George Thessalonikefs
24eded6ef9 - Fix for #558: clear the UB_EV_TIMEOUT bit before adding an event. 2021-11-05 11:21:30 +01:00
George Thessalonikefs
431b749d7a - Fix for #558: fix loop in comm_point->tcp_free when a comm_point is reclaimed 
more than once during callbacks.
 2021-11-05 11:19:08 +01:00
W.C.A. Wijngaards
ecb0b44ba8 - Fix to protect custom regional create against small values. 2021-10-11 17:23:30 +02:00
W.C.A. Wijngaards
9f26f397a9 - Fix crosscompile windows to use libssp when it exists. 
- For the windows compile script disable gost.
- Fix that on windows, use BIO_set_callback_ex instead of deprecated
 2021-09-21 13:51:34 +02:00
W.C.A. Wijngaards
829f3c932e - Fix for #41: change outbound retry to int to fix signed comparison 
warnings.
 2021-09-08 15:07:11 +02:00
W.C.A. Wijngaards
750f46d1aa - Small fixes for #41: changelog, conflicts resolved, 
processQueryResponse takes an iterator env argument like other
  functions in the iterator, no colon in string for set_option,
  and some whitespace style, to make it similar to the rest.
 2021-09-08 14:52:56 +02:00
W.C.A. Wijngaards
204edd229e Merge branch 'feature/configure-outbound_msg_retry' of git://github.com/countsudoku/unbound into countsudoku-feature/configure-outbound_msg_retry 2021-09-08 14:38:36 +02:00
Thomas du Boÿs
ebb4987146 Fix subnetcache statistics 2021-09-03 10:37:07 +02:00
W.C.A. Wijngaards
520fa84265 - Fix tcp fastopen failure when disabled, try normal connect instead. 2021-09-01 16:21:10 +02:00
W.C.A. Wijngaards
4b2799fdd6 - Fix #533: Negative responses get cached even when setting 
cache-max-negative-ttl: 1
 2021-08-27 10:33:21 +02:00
Wouter Wijngaards
74f1f0addd
Merge pull request #401 from NLnetLabs/rpz-triggers 
RPZ triggers
 2021-08-25 10:14:12 +02:00
W.C.A. Wijngaards
54b7554b5a Changelog note for #529 and nicer layout. 
- Fix #529: Fix: log_assert does nothing if UNBOUND_DEBUG is
  undefined.
 2021-08-20 14:32:13 +02:00
Shchelkunov Artem
4ea9651624
Fix: log_assert does nothing if UNBOUND_DEBUG is undefined 
Found by static analyzer svace
Static analyzer message: Integer value 'len' obtained from untrusted
source at tube.c:374 by passing as 2nd parameter to function 'read'
at tube.c:340 without checking its higher bound is used as a loop bound
at tube.c:374.


on-behalf-of: @ideco-team <github@ideco.ru>
 2021-08-20 17:16:39 +05:00
W.C.A. Wijngaards
a9de6879b8 Merge branch 'master' into rpz-triggers 2021-08-18 09:53:35 +02:00
W.C.A. Wijngaards
d88f554503 - Fix #527: not sending quad9 cert to syslog (and may be more). 2021-08-17 13:03:33 +02:00
W.C.A. Wijngaards
ad45e9b89e - Fix for #431: Squelch permission denied errors for udp connect, 
and udp send, they are visible at higher verbosity settings.
 2021-08-13 09:27:58 +02:00
W.C.A. Wijngaards
de31bcdf2e - Support using system-wide crypto policies. 2021-08-13 09:21:47 +02:00
W.C.A. Wijngaards
2f828ec720 - For #519: yacc and lex. And fix python bindings, and test program 
unbound-dnstap-socket.
 2021-08-12 15:12:55 +02:00
Wouter Wijngaards
0ace659fe2
Merge pull request #519 from ziollek/tcp_upstream_option 
Support for selective enabling tcp-upstream for stub/forward zones
 2021-08-12 15:03:57 +02:00
Wouter Wijngaards
79df099f4c
Merge pull request #523 from Shchelk/bugfix 
fix: free() call more than once with the same pointer
 2021-08-12 13:45:00 +02:00
Shchelkunov Artem
e20b2c1aaf fix: free() call more than once with the same pointer 2021-08-11 15:14:43 +05:00
liheng562653799
edbf9c21ee
Update mini_event.c 
When in heavy load, unbound opens many outside_network sockets for out going queries to delegation servers, which may result in a big fd(maxfd) value(for thread A 65500, for thread B 65501, for thread C ...). 
There are situations when thread A has a max fd num 65500 where maxfd is of course 65500, thread B has max fd num 20 for now but maxfd is still 65501. Though linux kernel checks whether maxfd+1  passed by select syscall  is really the process' maxfd+1. Linux kernel can not tell maxfd+1 passed by thread B select syscall is much bigger(65501+1 or 65500+1  after trimed by kerne) than it should be (20+1).
In this situation, when kernel do_select() for thread B, much work is wasted.
 2021-08-06 12:00:56 +08:00
W.C.A. Wijngaards
f232562430 Merge branch 'master' into rpz-triggers 2021-08-05 13:37:22 +02:00
Tomasz Ziolkowski
ae45f46b9e Add (stub|forward)-tcp-upstream options which enable using tcp transport only for specified stub/forward zones 2021-08-05 08:44:18 +02:00
gthess
bdaecd942d
Merge pull request #415 from sibeream/master 
Use /proc/sys/net/ipv4/ip_local_port_range to determine available outgoing ports
 2021-08-04 10:42:12 +02:00
W.C.A. Wijngaards
2a0df9e72e - Annotate assertion into error printout; we think it may be an 
error, but the situation looks harmless.
 2021-08-03 14:08:30 +02:00
Wouter Wijngaards
5196ee03e6
Merge pull request #517 from dyunwei/master 
#420 breaks the mesh reply list function that need to reuse the dns answer.
 2021-08-03 13:11:01 +02:00
George Thessalonikefs
a519009378 Merge branch 'master' of github.com:NLnetLabs/unbound 2021-08-03 12:20:45 +02:00
George Thessalonikefs
ca67691092 - Listen to read or write events after the SSL handshake. 
Sticky events on windows would stick on read when write was needed.
 2021-08-03 12:18:58 +02:00
daiyunwei
0784ad7a11 #420 
clear the c->buffer in the comm_point_send_reply does resolve the "can't fit qbuffer in c->buffer" issue, but it breaks the mesh reply list function that need to reuse the answer. because the c->buffer is cleared in the comm_point_send_reply, it cannot be resued again. it means that it is not inappropriate to clear c->buffer in the comm_point_send_reply.

After some investigation, i found it is appropriate to clear c->buffer before use in the http2_query_read_done.
 2021-08-03 11:40:30 +08:00
W.C.A. Wijngaards
89e2f2f753 - iana portlist update. 2021-08-02 15:26:20 +02:00
W.C.A. Wijngaards
b6abcb1508 - For #515: Fix compilation with openssl 3.0.0 beta2, lib64 dir and 
SSL_get_peer_certificate.
- Move acx_nlnetlabs.m4 to version 41, with lib64 openssl dir check.
 2021-07-30 13:54:43 +02:00
Artem Egorenkov
d9153cb35b Option --enable-linux-ip-local-port-range added to use system configured port range for libunbound on Linux 2021-07-20 14:46:43 +02:00
George Thessalonikefs
ca4d68c64c - Introduce 'http-user-agent:' and 'hide-http-user-agent:' options. 2021-07-16 14:32:18 +02:00
W.C.A. Wijngaards
8180ca192f - Fix for #510: in depth, use ifdefs for windows api event calls. 2021-07-16 09:12:06 +02:00
Nick Porter
2c3f764d61
Don't call a function which hasn't been defined 2021-07-15 17:55:33 +01:00
W.C.A. Wijngaards
3f7e164751 - iana portlist update. 2021-07-06 15:15:43 +02:00
W.C.A. Wijngaards
79209823ac - Fix a number of warnings reported by the gcc analyzer. 2021-06-18 18:12:26 +02:00
George Thessalonikefs
d02e956da0 - Changelog entry for #486: Make VAL_MAX_RESTART_COUNT configurable. 
- Generetated lexer and parser for #486; updated example.conf.
 2021-06-09 12:32:58 +02:00
gthess
45be341267
Merge pull request #486 from fobser/val-max-restart 
Make VAL_MAX_RESTART_COUNT configurable.
 2021-06-09 12:09:27 +02:00
W.C.A. Wijngaards
cf0aad9fb6 Merge branch 'master' into rpz-triggers 2021-05-28 15:00:55 +02:00
W.C.A. Wijngaards
ea4f1ee8a6 - zonemd-check: yesno option, default no, enables the processing 
of ZONEMD records for that zone.
 2021-05-27 14:20:53 +02:00
Jim Hague
6066a24405 Use build system endianness if available, otherwise try to work it out. 
The getdns build system provides the endianness, enabling building on
Windows native. This change is a convenience for getdns maintainers.
 2021-05-27 10:57:35 +01:00
W.C.A. Wijngaards
11b3ebc386 - Move the NSEC3 max iterations count in line with the 150 value 
used by BIND, Knot and PowerDNS. This sets the default value
  for it in the configuration to 150 for all key sizes.
 2021-05-25 14:35:19 +02:00
W.C.A. Wijngaards
e5cb48c432 Merge branch 'master' into rpz-triggers 2021-05-21 14:09:30 +02:00
George Thessalonikefs
ff6b527184 - Fix for #411, #439, #469: Reset the DNS message ID when moving queries 
between TCP streams.
- Refactor for uniform way to produce random DNS message IDs.
 2021-05-19 15:07:32 +02:00
W.C.A. Wijngaards
355526da7d - rpz-triggers, the added soa for client ip modified answers is affected 
by the minimal-responses config option.
 2021-05-14 16:34:38 +02:00
W.C.A. Wijngaards
50dcadd495 - rpz-triggers, for clientip modified answers the rpz SOA is added to the 
additional section with the serial number and name of the rpz zone that
  was applied.
 2021-05-14 15:34:48 +02:00
W.C.A. Wijngaards
32d82fac9b Merge branch 'master' into rpz-triggers 2021-05-14 08:47:56 +02:00
Florian Obser
d4314cad33 Make VAL_MAX_RESTART_COUNT configurable. 
unbound tries very hard (up to 6 authoritative servers) to find a
validating answer. This is not always desirable, for example on high
latency links.
 2021-05-08 16:56:32 +02:00