W.C.A. Wijngaards
5e9b6296b7
- Add redis-command-timeout: 20 and redis-connect-timeout: 200,
...
that can set the timeout separately for commands and the
connection set up to the redis server. If they are not
specified, the redis-timeout value is used.
2024-09-17 13:10:34 +02:00
W.C.A. Wijngaards
606e262fdd
Changelog comment for #1140 .
...
- Merge #1140 : Fix spelling mistake in comments.
2024-09-16 12:15:04 +02:00
Tochus
819764663b
Fix spelling mistake in comments ( #1140 )
...
I noticed a spelling mistake in the comments. The term “chain of trust” was incorrectly written as “chainoftrust”. This change corrects the spelling to “chain of trust” which is the correct term used in English.
2024-09-16 12:14:28 +02:00
Yorgos Thessalonikefs
6bf2b2ac56
- Fix and add comments in testdata/val_negcache_ttl.rpl.
2024-09-11 12:16:02 +02:00
W.C.A. Wijngaards
5767b0933f
- Add unit test for ttl limit for aggressive nsec.
2024-09-10 10:17:31 +02:00
W.C.A. Wijngaards
24e0f0ab7e
- Fix to limit NSEC and NSEC3 TTL when aggressive nsec is
...
enabled (RFC9077).
2024-09-10 10:13:48 +02:00
Yorgos Thessalonikefs
d3fdbba877
- Fix comment to not trigger doxygen unknown command.
2024-09-06 16:03:20 +02:00
Yorgos Thessalonikefs
c36ce2a390
- Fix alloc-size and calloc-transposed-args compiler warnings.
2024-09-06 16:01:30 +02:00
W.C.A. Wijngaards
7ecff4113c
- Fix config file read for dnstap-sample-rate.
2024-09-05 09:35:54 +02:00
W.C.A. Wijngaards
99824bc0e6
Changelog note for #1135
...
- Merge #1135 : Add new IANA trust anchor.
2024-09-02 09:25:44 +02:00
Keelan Cannoo
9f09c36401
Add new IANA trust anchor ( #1135 )
...
Signed-off-by: Keelan Cannoo <keelan.cannoo@cyberstorm.mu>
Co-authored-by: Keelan10 <keelan.cannoo@cyberstorm.mu>
2024-09-02 09:24:55 +02:00
W.C.A. Wijngaards
a887284703
- Fix for #1132 , comment about adjusted copy of reference check.
2024-08-30 08:56:00 +02:00
W.C.A. Wijngaards
fb198b96f1
Changelog note for #1132 and fix for #1132 .
...
- Merge #1132 : b.root renumbering.
- Fix for #1132 , adjusted unit test for change in the test file.
2024-08-30 08:51:56 +02:00
Loganaden Velvindron
30bf996f39
b.root renumbering ( #1132 )
...
https://b.root-servers.org/news/2023/05/16/new-addresses.html
Worked together with Jaykishan Muktawoa <jay@cyberstorm.mu>
2024-08-30 08:48:31 +02:00
W.C.A. Wijngaards
52154e658a
- Fix to print port number in logs for auth zone transfer activities.
2024-08-29 13:04:03 +02:00
W.C.A. Wijngaards
c06d3646a9
- Unit test for auth zone transfer TLS, and TLS failure.
2024-08-29 10:40:31 +02:00
W.C.A. Wijngaards
42d421a305
- Fix that stub-zone and forward-zone clauses do not exhaust memory
...
for long content.
2024-08-28 13:16:29 +02:00
W.C.A. Wijngaards
b5951ce1fa
- Fix that when rpz is applied the message does not get picked up by
...
the validator. That stops validation failures for the message.
2024-08-28 10:51:22 +02:00
W.C.A. Wijngaards
6b37309705
- Fix #1130 : Loads of logs: "validation failure: key for validation
...
<domain>. is marked as invalid because of a previous" for
non-DNSSEC signed zone.
2024-08-27 17:00:27 +02:00
W.C.A. Wijngaards
dc274fef9b
- Fix documentation for cache_fill_missing function.
2024-08-23 13:19:15 +02:00
W.C.A. Wijngaards
db1167c8b3
- Fix #1127 : error: "memory exhausted" when defining more than 9994
...
local-zones.
2024-08-23 09:22:07 +02:00
W.C.A. Wijngaards
1e0cf1e86b
- Merge patch to fix for glue that is outside of zone, with
...
`harden-unverified-glue`, from Karthik Umashankar (Microsoft).
Enabling this option protects the Unbound resolver against bad
glue, that is unverified out of zone glue, by resolving them.
It uses the records as last resort if there is no other working
glue.
2024-08-23 08:56:48 +02:00
W.C.A. Wijngaards
348df52e05
Enable ci back after debug.
2024-08-21 14:20:04 +02:00
W.C.A. Wijngaards
6b3266aaf8
- Fix for char signedness warnings on NetBSD.
2024-08-21 14:15:23 +02:00
W.C.A. Wijngaards
4f52461e81
- Add cross platform netbsd to github ci.
2024-08-21 14:03:11 +02:00
W.C.A. Wijngaards
06d5031d22
- Add cross platform openbsd to github ci.
2024-08-21 13:50:55 +02:00
W.C.A. Wijngaards
12119e2d3e
ci for freebsd nicer, with libevent, faster without static compile, and
...
with grouped output, also the pkg install is conditional on the platform.
2024-08-21 13:37:42 +02:00
W.C.A. Wijngaards
19d53d5663
Fix for freebsd ci.
2024-08-21 13:24:54 +02:00
W.C.A. Wijngaards
04e6f9e03b
- Add cross platform freebsd to github ci.
2024-08-21 13:20:00 +02:00
W.C.A. Wijngaards
3d350fa73d
- Add iter-scrub-ns, iter-scrub-cname and max-global-quota
...
configuration options.
2024-08-20 14:08:52 +02:00
W.C.A. Wijngaards
015b2b0daf
- Fix #1126 : unbound-control-setup hangs while testing for openssl
...
presence starting from version 1.21.0.
2024-08-19 15:51:47 +02:00
W.C.A. Wijngaards
5fa84d50bf
- Tag for release 1.21.0, the repository continues with 1.21.1
...
in development.
2024-08-15 11:01:41 +02:00
W.C.A. Wijngaards
79e4c57851
- Fix spelling for the cache-min-negative-ttl entry in the
...
example.conf.
2024-08-09 14:04:25 +02:00
W.C.A. Wijngaards
5abdd09095
- Fix that for windows the module startup is called and sets up
...
the module-config.
2024-08-08 16:14:09 +02:00
W.C.A. Wijngaards
158c1defe3
- Set version number to 1.21.0 for release.
2024-08-08 09:30:53 +02:00
W.C.A. Wijngaards
b4519012dc
- Fix CacheFlush issues with limit on NS RRs. Thanks to Yehuda Afek,
...
Anat Bremler-Barr, Shoham Danino and Yuval Shavitt (Tel-Aviv
University and Reichman University).
2024-08-08 09:28:44 +02:00
W.C.A. Wijngaards
ed883238fd
- Fix CAMP issues with global quota. Thanks to Huayi Duan, Marco
...
Bearzi, Jodok Vieli, and Cagin Tanir from NetSec group, ETH Zurich.
2024-08-08 09:27:45 +02:00
W.C.A. Wijngaards
0f2f6025e7
- Fix that alloc stats for forwards and hints are printed, and when
...
alloc stats is enabled, the unit test for unbound control waits for
reloads to complete.
2024-08-02 15:51:40 +02:00
W.C.A. Wijngaards
3cbf554e3b
Changelog note for #1090
...
- Merge #1090 : Cookie secret file. Adds
`cookie-secret-file: "unbound_cookiesecrets.txt"` option to store
cookie secrets for EDNS COOKIE secret rollover. The remote control
add_cookie_secret, activate_cookie_secret and drop_cookie_secret
commands can be used for rollover, the command print_cookie_secrets
shows the values in use.
2024-08-02 13:36:06 +02:00
Wouter Wijngaards
ad21dbd1c2
Cookie secret file ( #1090 )
...
* - cookie-secret-file, define struct.
* - cookie-secret-file, add config option, create, read and delete struct.
* - cookie-secret-file, check cookie secrets for cookie validation.
* - cookie-secret-file, unbound-control add_cookie_secret, drop_cookie_secret,
activate_cookie_secret and print_cookie_secrets.
* - cookie-secret-file, test and fix locks, renew writes a fresh cookie,
staging cookies get a fresh cookie and spelling in error message.
* - cookie-secret-file, remove unused variable from cookie file unit test.
* Remove unshare and faketime dependencies for cookie_file test; documentation nits.
---------
Co-authored-by: Yorgos Thessalonikefs <yorgos@nlnetlabs.nl>
2024-08-02 13:32:08 +02:00
W.C.A. Wijngaards
50cf55bdac
Update changelog.
...
- Fix testbound for alloc stats strdup in util/alloc.c.
2024-08-02 08:59:47 +02:00
W.C.A. Wijngaards
6106528a50
- Fix testbound for alloc stats strdup in util/alloc.c.
2024-08-02 08:58:22 +02:00
W.C.A. Wijngaards
befa7d8cd8
- Fix that alloc stats has strdup checks, it stops debuggers from
...
complaining about mismatch at free time.
2024-08-02 08:54:54 +02:00
W.C.A. Wijngaards
92be76fb89
- Fix that the worker mem report with alloc stats does not attempt
...
to print memory use of forwards and hints if they have been
deleted already.
2024-08-01 17:15:07 +02:00
W.C.A. Wijngaards
9a6b6765cc
- Fix dnstap test program, cleans up to have clean memory on exit,
...
for tap_data_free, does not delete NULL items. Also it does not try
to free the tail, specifically in the free of the list since that
picked up the next item in the list for its loop causing invalid
free. Added internal unit test to unbound-dnstap-socket for that.
2024-08-01 16:12:04 +02:00
W.C.A. Wijngaards
03b511b1a2
- Fix for #1114 : Fix that cache fill for forward-host names is
...
performed, so that with nonzero target-fetch-policy it fetches
forwarder addresses and uses them from cache. Also updated that
delegation point cache fill routines use CDflag for AAAA message
lookups, so that its negative lookup stops a recursion since the
cache uses the bit for disambiguation for dns64 but the recursion
uses CDflag for the AAAA target lookups, so the check correctly
stops a useless recursion by its cache lookup.
2024-07-31 11:42:44 +02:00
W.C.A. Wijngaards
6af28bed08
- Fix to document parameters of auth_zone_verify_zonemd_with_key.
2024-07-30 13:47:53 +02:00
W.C.A. Wijngaards
f094f4ea3c
- Add root key 38696 from 2024 for DNSSEC validation. It is added
...
to the default root keys in unbound-anchor. The content can be
inspected with `unbound-anchor -l`.
2024-07-25 11:42:22 +02:00
Yorgos Thessalonikefs
c717debace
- For #935 and #1104 , clarify RPZ order and semantics.
2024-07-24 01:54:02 +02:00
Yorgos Thessalonikefs
7d4d21764a
- Cleanup ede.tdir test.
2024-07-23 20:22:25 +02:00