clones/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2024-09-21 06:37:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,789 Commits 27 Branches 196 Tags 104 MiB
master
Commit Graph

602 Commits

Author SHA1 Message Date
Wouter Wijngaards
a09c4bbdc2 - Fix spelling errors. 
git-svn-id: file:///svn/unbound/trunk@4893 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-09-11 13:28:21 +00:00
Ralph Dolmans
2e5e31e8ac - Added serve-expired-ttl and serve-expired-ttl-reset options. 
git-svn-id: file:///svn/unbound/trunk@4876 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-28 14:21:56 +00:00
Wouter Wijngaards
b0ca964984 and printout for these cases too. 
git-svn-id: file:///svn/unbound/trunk@4862 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-17 15:09:23 +00:00
Wouter Wijngaards
e8c4f20f66 - added more servfail printout statements, to the iterator. 
git-svn-id: file:///svn/unbound/trunk@4861 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-17 15:01:35 +00:00
Wouter Wijngaards
b0daf867c2 and the error looks good. 
git-svn-id: file:///svn/unbound/trunk@4860 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-17 14:17:48 +00:00
Wouter Wijngaards
8385c462ed - print servfail info to log as error. 
git-svn-id: file:///svn/unbound/trunk@4859 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-17 13:29:27 +00:00
Ralph Dolmans
afd4063f20 - Fix classification for QTYPE=CNAME queries when QNAME minimisation is enabled. 
git-svn-id: file:///svn/unbound/trunk@4858 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-17 12:48:47 +00:00
Wouter Wijngaards
1e61604aab use closer of stub and forward if both configured. 
git-svn-id: file:///svn/unbound/trunk@4849 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-09 13:00:06 +00:00
Wouter Wijngaards
488eaf09ce Fixup log printout. 
git-svn-id: file:///svn/unbound/trunk@4848 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-09 12:56:49 +00:00
Wouter Wijngaards
256ab3d935 - Patch for stub-no-cache and forward-no-cache options that disable 
caching for the contents of that stub or forward, for when you
  want immediate changes visible, from Bjoern A. Zeeb.


git-svn-id: file:///svn/unbound/trunk@4846 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-09 12:44:40 +00:00
Ralph Dolmans
3f2d186694 - Make capsforid fallback QNAME minimisation aware. 
git-svn-id: file:///svn/unbound/trunk@4840 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-07 12:43:49 +00:00
George Thessalonikefs
749d1b9ebc - Expose if a query (or a subquery) was ratelimited (not src IP 
ratelimiting) to libunbound under 'ub_result.was_ratelimited'.
  This also introduces a change to 'ub_event_callback_type' in
  libunbound/unbound-event.h.
- Tidy pylib tests.


git-svn-id: file:///svn/unbound/trunk@4828 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-03 14:00:46 +00:00
Wouter Wijngaards
cc5ab744c5 - Print error if SSL name verification configured but not available 
in the ssl library.


git-svn-id: file:///svn/unbound/trunk@4784 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-17 12:26:32 +00:00
Wouter Wijngaards
8aa53f027d - Fix qname minimisation NXDOMAIN validation lookup failures causing 
error_supers assertion fails.


git-svn-id: file:///svn/unbound/trunk@4780 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-16 10:21:34 +00:00
Wouter Wijngaards
5e3c30beac - Fix round robin for failed addresses with prefer-ip6: yes 
git-svn-id: file:///svn/unbound/trunk@4776 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-06 14:40:35 +00:00
Wouter Wijngaards
86f16bef93 Fix round robin for failed addresses with prefer-ip6: yes 
git-svn-id: file:///svn/unbound/trunk@4775 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-06 14:14:19 +00:00
Ralph Dolmans
00a0cabf7f - Don't count CNAME response types received during qname minimisation as query 
restart.


git-svn-id: file:///svn/unbound/trunk@4728 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-12 13:09:14 +00:00
Wouter Wijngaards
53b1e11eba better fix for #4100 
git-svn-id: file:///svn/unbound/trunk@4709 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-04 14:07:08 +00:00
Wouter Wijngaards
d386641820 - Fix stub reprime when it becomes useless. 
git-svn-id: file:///svn/unbound/trunk@4707 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-04 12:28:33 +00:00
Wouter Wijngaards
676644d8e8 - Fix low-rtt-pct to low-rtt-permil, as it is parts in one thousand. 
git-svn-id: file:///svn/unbound/trunk@4683 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-15 07:30:53 +00:00
Wouter Wijngaards
2be0263dfa - Fix cname classification with qname minimisation enabled. 
git-svn-id: file:///svn/unbound/trunk@4648 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-23 13:14:39 +00:00
Wouter Wijngaards
9d28279475 - Can set tls authentication with forward-addr: IP#tls.auth.name 
And put the public cert bundle in tls-cert-bundle: "ca-bundle.pem".


git-svn-id: file:///svn/unbound/trunk@4631 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-19 12:10:05 +00:00
Wouter Wijngaards
d41cdb6ce8 - low-rtt and low-rtt-pct in unbound.conf enable the server selection 
of fast servers for some percentage of the time.


git-svn-id: file:///svn/unbound/trunk@4612 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-09 13:27:28 +00:00
Wouter Wijngaards
89ad258515 - num.query.authzone.up and num.query.authzone.down statistics counters. 
- Fix downstream auth zone, only fallback when auth zone fails to
  answer and fallback is enabled.


git-svn-id: file:///svn/unbound/trunk@4610 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-09 10:15:06 +00:00
Wouter Wijngaards
100cc496de Fixup. 
git-svn-id: file:///svn/unbound/trunk@4605 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-05 09:58:59 +00:00
Wouter Wijngaards
0a06c5bfa2 - Fix above stub queries for type NS and useless delegation point. 
git-svn-id: file:///svn/unbound/trunk@4604 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-05 09:53:27 +00:00
Wouter Wijngaards
4e0128f16a - Fix unable to resolve after new WLAN connection, due to auth-zone 
failing with a forwarder set.  Now, auth-zone is only used for
  answers (not referrals) when a forwarder is set.


git-svn-id: file:///svn/unbound/trunk@4600 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-03 12:22:35 +00:00
Ralph Dolmans
9f0d521b88 - Do use cached NSEC records to generate negative answers for domains under 
DNSSEC Negative Trust Anchors.


git-svn-id: file:///svn/unbound/trunk@4593 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-21 14:34:17 +00:00
Wouter Wijngaards
1a7540c80a - Reverted fix for #3512, this may not be the best way forward; 
although it could be changed at a later time, to stay similar to
  other implementations.


git-svn-id: file:///svn/unbound/trunk@4560 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-06 08:22:33 +00:00
Wouter Wijngaards
6905e41b57 - Fix validation for CNAME loops. When it detects a cname loop, 
by finding the cname, cname in the existing list, it returns
  the partial result with the validation result up to then.


git-svn-id: file:///svn/unbound/trunk@4547 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-21 14:04:02 +00:00
Wouter Wijngaards
075f470778 neater code. 
git-svn-id: file:///svn/unbound/trunk@4546 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-21 13:19:49 +00:00
Wouter Wijngaards
b8c72d7cbc comment to explain it. 
git-svn-id: file:///svn/unbound/trunk@4545 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-21 13:17:27 +00:00
Wouter Wijngaards
b89db70821 - Fix #3512: unbound incorrectly reports SERVFAIL for CAA query 
when there is a CNAME loop.


git-svn-id: file:///svn/unbound/trunk@4544 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-21 13:13:58 +00:00
Ralph Dolmans
77f78152ee - Aggressive use of NSEC implementation. Use cached NSEC records to generate 
NXDOMAIN, NODATA and positive wildcard answers.


git-svn-id: file:///svn/unbound/trunk@4522 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 13:16:36 +00:00
Wouter Wijngaards
10cd092a78 failover for dnssec bogus 
git-svn-id: file:///svn/unbound/trunk@4478 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-31 11:14:01 +00:00
Wouter Wijngaards
bea3b6b72d unit test for auth zone lookup 
git-svn-id: file:///svn/unbound/trunk@4469 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-30 15:44:49 +00:00
Wouter Wijngaards
df6fbb82be - Fix #3397: Fix that cachedb could return a partial CNAME chain. 
git-svn-id: file:///svn/unbound/trunk@4445 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-22 13:54:20 +00:00
Ralph Dolmans
7e8d3423cd Please lint 
git-svn-id: file:///svn/unbound/trunk@4435 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-03 17:05:48 +00:00
Ralph Dolmans
0df528cc9e - Fix queries being leaked above stub when refetching glue. 
git-svn-id: file:///svn/unbound/trunk@4434 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-03 16:54:22 +00:00
Wouter Wijngaards
6cb75924d9 - Fix that DS queries with referral replies are answered straight 
away, without a repeat query picking the DS from cache.
  The correct reply should have been an answer, the reply is fixed
  by the scrubber to have the answer in the answer section.


git-svn-id: file:///svn/unbound/trunk@4430 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-02 09:48:22 +00:00
Wouter Wijngaards
52aeaf4924 - Fix #2882: Unbound behaviour changes (wrong) when domain-insecure is 
set for stub zone.  It no longer searches for DNSSEC information.


git-svn-id: file:///svn/unbound/trunk@4404 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-14 10:01:44 +00:00
Wouter Wijngaards
6c2fa12f10 no AAAA shortcuts. 
git-svn-id: file:///svn/unbound/trunk@4403 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-13 14:15:10 +00:00
Wouter Wijngaards
f3304d408c - Fix qname minimisation to send AAAA queries at zonecut like type A. 
git-svn-id: file:///svn/unbound/trunk@4402 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-13 12:11:38 +00:00
Ralph Dolmans
afb2d5f105 - Update B root ipv4 address. 
git-svn-id: file:///svn/unbound/trunk@4385 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-24 14:50:20 +00:00
Wouter Wijngaards
5ad3bbb27f - Fix #1749: With harden-referral-path: performance drops, due to 
circular dependency in NS and DS lookups.


git-svn-id: file:///svn/unbound/trunk@4372 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-17 07:22:58 +00:00
Wouter Wijngaards
7d17a926ac - Spelling fixes, from Phil Porada. 
git-svn-id: file:///svn/unbound/trunk@4344 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-15 14:29:28 +00:00
Ralph Dolmans
eb25148123 - Fix #1412: QNAME minimisation strict mode not honored 
git-svn-id: file:///svn/unbound/trunk@4337 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-04 15:15:27 +00:00
Ralph Dolmans
7b18274d7e - Added stats for queries that have been ratelimited by domain recursion. 
git-svn-id: file:///svn/unbound/trunk@4292 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-03 12:52:33 +00:00
Ralph Dolmans
de731edc0d - Remove unused iter_env member (ip6arpa_dname) 
git-svn-id: file:///svn/unbound/trunk@4290 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-03 09:29:21 +00:00
Wouter Wijngaards
7bb1d8a8d1 - Fix query for refetch_glue of stub leaking to internet. 
git-svn-id: file:///svn/unbound/trunk@4227 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-15 15:00:07 +00:00
Wouter Wijngaards
39b5f5bbc6 - Fix stub zone queries leaking to the internet for 
harden-referral-path ns checks.


git-svn-id: file:///svn/unbound/trunk@4226 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-15 07:59:05 +00:00
Wouter Wijngaards
124f8d57ab - renumbering B-Root's IPv6 address to 2001:500:200::b. 
git-svn-id: file:///svn/unbound/trunk@4206 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-06 09:33:09 +00:00
Wouter Wijngaards
1db056b19c - Fix queries for nameservers under a stub leaking to the internet. 
git-svn-id: file:///svn/unbound/trunk@4154 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-12 15:10:10 +00:00
Wouter Wijngaards
893159454f - Adjust servfail by iterator to not store in cache when serve-expired 
is enabled, to avoid overwriting useful information there.


git-svn-id: file:///svn/unbound/trunk@4153 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-12 12:16:41 +00:00
Ralph Dolmans
a5c7c469ee - Remove ECS option after REFUSED answer 
- Fix small memory leak in edns_opt_copy_alloc



git-svn-id: file:///svn/unbound/trunk@4100 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-10 09:12:04 +00:00
Ralph Dolmans
b0fd814975 - Merge EDNS Client subnet implementation from feature branch into main branch, 
using new EDNS processing framework.


git-svn-id: file:///svn/unbound/trunk@4074 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-21 12:08:17 +00:00
Wouter Wijngaards
f952ac1dee - Fix #1237 - Wrong resolving in chain, for norec queries that get 
SERVFAIL returned.


git-svn-id: file:///svn/unbound/trunk@4064 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-17 14:32:25 +00:00
Wouter Wijngaards
ca48de34e9 - Fix that looped DNAMEs do not cause unbound to spend effort. 
git-svn-id: file:///svn/unbound/trunk@4055 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-16 14:32:58 +00:00
Wouter Wijngaards
45517ad616 - Fix #1235: Fix too long DNAME expansion produces SERVFAIL instead 
of YXDOMAIN + query loop, reported by Petr Spacek.


git-svn-id: file:///svn/unbound/trunk@4049 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-13 08:27:01 +00:00
Wouter Wijngaards
038550c889 - Fix #1234: shortening DNAME loop produces duplicate DNAME records 
in ANSWER section.


git-svn-id: file:///svn/unbound/trunk@4047 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-10 13:04:24 +00:00
Wouter Wijngaards
c010e93d4a - Fix to rename internally used types from _t to _type, because _t 
type names are reserved by POSIX.
- iana portlist update


git-svn-id: file:///svn/unbound/trunk@3989 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-19 10:25:41 +00:00
George Thessalonikefs
7b948b0647 - Added generic EDNS code for registering known EDNS option codes, 
bypassing the cache response stage and uniquifying mesh states. Four EDNS
  option lists were added to module_qstate (module_qstate.edns_opts_*) to
  store EDNS options from/to front/back side.
- Added two flags to module_qstate (no_cache_lookup, no_cache_store) that
  control the modules' cache interactions.
- Added code for registering inplace callback functions. The registered
  functions can be called just before replying with local data or Chaos,
  replying from cache, replying with SERVFAIL, replying with a resolved
  query, sending a query to a nameserver. The functions can inspect the
  available data and maybe change response/query related data (i.e. append
  EDNS options).
- Updated Python module for the above.
- Updated Python documentation.



git-svn-id: file:///svn/unbound/trunk@3947 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-06 13:42:51 +00:00
Ralph Dolmans
efe248c46a - Added stub-ssl-upstream and forward-ssl-upstream options. 
git-svn-id: file:///svn/unbound/trunk@3923 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-04 12:07:52 +00:00
Wouter Wijngaards
6e2e8c047f g.root-servers.net has AAAA address. 
git-svn-id: file:///svn/unbound/trunk@3906 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-24 13:11:39 +00:00
Wouter Wijngaards
2785225a43 - Fixup query_info local_alias init. 
git-svn-id: file:///svn/unbound/trunk@3901 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-20 15:05:30 +00:00
Wouter Wijngaards
503df095b2 - Patch that resolves CNAMEs entered in local-data conf statements that 
point to data on the internet, from Jinmei Tatuya (Infoblox).


git-svn-id: file:///svn/unbound/trunk@3885 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-18 13:18:20 +00:00
Ralph Dolmans
9c0944ec1e - Added qname-minimisation-strict config option. 
git-svn-id: file:///svn/unbound/trunk@3878 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-11 11:32:50 +00:00
Wouter Wijngaards
56928896b8 - Add default root hints for IPv6 E.ROOT-SERVERS.NET, 2001:500:a8::e. 
git-svn-id: file:///svn/unbound/trunk@3838 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-08-29 07:11:35 +00:00
Wouter Wijngaards
9bc918fa7b - Fix #804: lower num_target_queries for iterator also for failed 
lookups.


git-svn-id: file:///svn/unbound/trunk@3831 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-08-23 08:49:01 +00:00
Wouter Wijngaards
b6b3e2b914 - For #787: prefer-ip6 option for unbound.conf prefers to send 
upstream queries to ipv6 servers.


git-svn-id: file:///svn/unbound/trunk@3803 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-04 14:49:49 +00:00
Ralph Dolmans
dfe52a0de5 - Decrease dp attempts at each QNAME minimisation iteration 
git-svn-id: file:///svn/unbound/trunk@3796 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-16 11:57:20 +00:00
Ralph Dolmans
5b63c08c72 - Use QTYPE=A for QNAME minimisation. 
- Keep track of number of time-outs when performing QNAME minimisation.
  Stop minimising when number of time-outs for a QNAME/QTYPE pair is
  more than three.



git-svn-id: file:///svn/unbound/trunk@3782 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-13 13:06:35 +00:00
Wouter Wijngaards
031caba9c0 - and also generic edns options for upstream messages (and replies). 
after parse use edns_opt_find(edns.opt_list, LDNS_EDNS_NSID),
  to insert use edns_opt_append(edns, region, code, len, bindata) on
  the opt_list passed to send_query, or in edns_opt_inplace_reply.


git-svn-id: file:///svn/unbound/trunk@3742 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-31 16:55:22 +00:00
Wouter Wijngaards
40dd2acfd9 - generic edns option parse and store code. 
git-svn-id: file:///svn/unbound/trunk@3740 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-31 15:08:05 +00:00
Wouter Wijngaards
74603017b6 - Updated patch from Charles Walker. 
git-svn-id: file:///svn/unbound/trunk@3728 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-26 06:49:44 +00:00
Wouter Wijngaards
7fcec8102f - disable-dnssec-lame-check config option from Charles Walker. 
git-svn-id: file:///svn/unbound/trunk@3725 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-24 12:17:42 +00:00
Ralph Dolmans
f39692acc7 - No QNAME minimisation fall-back for NXDOMAIN answers from DNSSEC signed zones. 
git-svn-id: file:///svn/unbound/trunk@3722 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-20 14:04:27 +00:00
Wouter Wijngaards
3d60a6f446 - Fix #761: DNSSEC LAME false positive resolving nic.club. 
git-svn-id: file:///svn/unbound/trunk@3720 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-18 14:09:12 +00:00
Wouter Wijngaards
f101785ea1 - Fix #749: unbound-checkconf gets SIGSEGV when use against a 
malformatted conf file.


git-svn-id: file:///svn/unbound/trunk@3696 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-24 12:30:47 +00:00
Wouter Wijngaards
6062e896b9 note RFC number. 
git-svn-id: file:///svn/unbound/trunk@3691 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-23 08:35:58 +00:00
Ralph Dolmans
5d061f13f9 - Validate QNAME minimised NXDOMAIN responses. 
- If QNAME minimisation is enabled, do cache lookup for QTYPE NS in
   harden-below-nxdomain.



git-svn-id: file:///svn/unbound/trunk@3682 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-18 15:44:41 +00:00
Ralph Dolmans
6362a12bd7 - Limit number of QNAME minimisation iterations. 
git-svn-id: file:///svn/unbound/trunk@3681 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-17 14:44:41 +00:00
Wouter Wijngaards
47e2026ca6 - Fix #746: Fix unbound sets CD bit on all forwards. 
If no trust anchors, it'll not set CD bit when forwarding to another
  server.  If a trust anchor, no CD bit on the first attempt to a
  forwarder, but CD bit thereafter on repeated attempts to get DNSSEC.


git-svn-id: file:///svn/unbound/trunk@3679 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-17 14:01:59 +00:00
Wouter Wijngaards
7d76a151b3 - Updated L root IPv6 address. 
git-svn-id: file:///svn/unbound/trunk@3652 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-10 08:23:46 +00:00
Ralph Dolmans
d853b0841b Don't minimise forwarded requests. 
git-svn-id: file:///svn/unbound/trunk@3575 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-12-07 15:56:47 +00:00
Ralph Dolmans
3328dc4d68 Stop minimising after receiving rcode!=NOERROR 
git-svn-id: file:///svn/unbound/trunk@3573 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-12-03 15:45:52 +00:00
Ralph Dolmans
e47e31a69f Keep incrementing QNAME after receiving throwaway answer. 
git-svn-id: file:///svn/unbound/trunk@3568 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-12-03 12:09:45 +00:00
Ralph Dolmans
014142d7bf Qname minimisation review fixes 
git-svn-id: file:///svn/unbound/trunk@3561 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-12-01 13:14:00 +00:00
Wouter Wijngaards
3ee1dc25d5 yacced,lexed, include for undeclared function and make depend. 
git-svn-id: file:///svn/unbound/trunk@3555 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-12-01 08:11:48 +00:00
Ralph Dolmans
a05bf09811 Implemented qname minimisation 
git-svn-id: file:///svn/unbound/trunk@3554 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-30 16:10:26 +00:00
Wouter Wijngaards
152458c40b - spelling fixes from Igor Sobrado Delgado. 
git-svn-id: file:///svn/unbound/trunk@3544 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-18 14:11:46 +00:00
Wouter Wijngaards
2d8d820e07 Remove debug print. 
git-svn-id: file:///svn/unbound/trunk@3532 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-16 10:01:47 +00:00
Wouter Wijngaards
7c1131625c - Fix for lenient accept of reverse order DNAME and CNAME. 
git-svn-id: file:///svn/unbound/trunk@3530 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-16 09:48:51 +00:00
Wouter Wijngaards
0735cf0e53 - MAX_TARGET_COUNT increased to 64, to fix up sporadic resolution 
failures.


git-svn-id: file:///svn/unbound/trunk@3494 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-09-28 07:21:48 +00:00
Wouter Wijngaards
44644a7e7c - Fix #702: New IPs for for h.root-servers.net. 
git-svn-id: file:///svn/unbound/trunk@3487 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-09-22 08:35:03 +00:00
Wouter Wijngaards
0884d263ef - Fix #677 Fix CNAME corresponding to a DNAME was checked incorrectly 
and was therefore always synthesized (thanks to Valentin Dietrich).


git-svn-id: file:///svn/unbound/trunk@3434 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-06-22 09:23:43 +00:00
Wouter Wijngaards
2910eec34c Check for out of memory. 
git-svn-id: file:///svn/unbound/trunk@3421 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-01 13:35:02 +00:00
Wouter Wijngaards
f03d3b870e - caps-whitelist in unbound.conf allows whitelist of loadbalancers 
that cannot work with caps-for-id or its fallback.


git-svn-id: file:///svn/unbound/trunk@3420 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-01 12:36:16 +00:00
Wouter Wijngaards
628ff05285 - Ratelimit does not apply to prefetched queries, and ratelimit-factor 
is default 10.  Repeated normal queries get resolved and with
  prefetch stay in the cache.


git-svn-id: file:///svn/unbound/trunk@3399 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-16 14:18:50 +00:00
Wouter Wijngaards
bc658e0361 Fixes. 
git-svn-id: file:///svn/unbound/trunk@3392 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-10 10:57:25 +00:00
Wouter Wijngaards
e30a90febc - ratelimit feature, ratelimit: 100, or some sensible qps, can be 
used to turn it on.  It ratelimits recursion effort per zone.
  For particular names you can configure exceptions in unbound.conf.


git-svn-id: file:///svn/unbound/trunk@3391 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-10 09:59:57 +00:00
Wouter Wijngaards
b2bdce46be - rename ldns subdirectory to sldns to avoid name collision. 
git-svn-id: file:///svn/unbound/trunk@3380 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-26 10:21:38 +00:00
Wouter Wijngaards
6feb8fb6a5 - Fixes to add integer overflow checks on allocation (defense in depth). 
git-svn-id: file:///svn/unbound/trunk@3372 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-20 15:36:25 +00:00
Wouter Wijngaards
7861314db3 And use best response in case 0x20 fallback done. 
git-svn-id: file:///svn/unbound/trunk@3349 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-04 09:35:06 +00:00
Wouter Wijngaards
7e50976476 - store caps_response with best response in case downgrade response 
happens to be the last one.


git-svn-id: file:///svn/unbound/trunk@3348 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-04 09:31:26 +00:00
Wouter Wijngaards
54771e5b3d - many nameservers does not try to compare more than max-sent-count, 
parse failures start 0x20 fallback procedure.


git-svn-id: file:///svn/unbound/trunk@3347 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-04 09:06:05 +00:00
Wouter Wijngaards
ab62061196 - 0x20 fallback improved, better handling of servfail responses, 
they do not count as missing comparisons (except if all are failed),
  and better handling of inability to find nameservers, no more
  nameservers can be found results in fallback acceptance.


git-svn-id: file:///svn/unbound/trunk@3346 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-04 08:30:17 +00:00
Wouter Wijngaards
025f36b169 - Fix scrubber with harden-glue turned off to reject NS (and other 
not-address) records.


git-svn-id: file:///svn/unbound/trunk@3330 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-02-10 14:01:45 +00:00
Wouter Wijngaards
3d66ef2b92 - Fix 0x20 capsforid fallback to omit gratuitous NS and additional 
section changes.


git-svn-id: file:///svn/unbound/trunk@3323 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-30 09:35:38 +00:00
Wouter Wijngaards
42cf616fae - print query name when max target count is exceeded. 
git-svn-id: file:///svn/unbound/trunk@3296 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-05 13:12:42 +00:00
Wouter Wijngaards
f7039d8a59 - Fix CVE-2014-8602: denial of service by making resolver chase 
endless series of delegations.


git-svn-id: file:///svn/unbound/trunk@3289 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-12-08 15:09:18 +00:00
Wouter Wijngaards
67a3c4933c - Fix cdflag dns64 processing. 
git-svn-id: file:///svn/unbound/trunk@3275 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-11-19 08:43:08 +00:00
Wouter Wijngaards
b781f2d48d - Fix that CD flag disables DNS64 processing, returning the DNSSEC 
signed AAAA denial.


git-svn-id: file:///svn/unbound/trunk@3273 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-11-18 15:15:57 +00:00
Wouter Wijngaards
612a4e152f - Fix bug where forward or stub addresses with same address but 
different port number were not tried.


git-svn-id: file:///svn/unbound/trunk@3258 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-11-11 13:10:44 +00:00
Wouter Wijngaards
83f9f236d7 - Fix unbound capsforid fallback, it ignores TTLs in comparison. 
git-svn-id: file:///svn/unbound/trunk@3239 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-10-10 14:12:17 +00:00
Wouter Wijngaards
bc7f906590 - Fix caps-for-id fallback, and added fallback attempt when servers 
drop 0x20 perturbed queries.


git-svn-id: file:///svn/unbound/trunk@3146 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-06-24 08:24:28 +00:00
Wouter Wijngaards
b4e45145cd - Add AAAA for B root server to default root hints. 
git-svn-id: file:///svn/unbound/trunk@3143 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-06-03 07:29:41 +00:00
Wouter Wijngaards
1a6515778d Remove unused define from iterator.h 
git-svn-id: file:///svn/unbound/trunk@3142 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-06-02 10:03:21 +00:00
Wouter Wijngaards
cddec24dd2 - Change MAX_SENT_COUNT from 16 to 32 to resolve some cases easier. 
git-svn-id: file:///svn/unbound/trunk@3127 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-05-06 12:37:37 +00:00
Wouter Wijngaards
eb5e9a89c4 - Fix #558: failed prefetch lookup does not remove cached response 
but delays next prefetch (in lieu of caching a SERVFAIL).


git-svn-id: file:///svn/unbound/trunk@3111 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-04-10 13:56:16 +00:00
Wouter Wijngaards
b6c714c979 - C.ROOT-SERVERS.NET has an IPv6 address, and we updated the root 
hints (patch from Anand Buddhdev).


git-svn-id: file:///svn/unbound/trunk@3102 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-04-07 08:18:39 +00:00
Wouter Wijngaards
2b90f38a70 And fix #551 REGENT to COPYRIGHT HOLDER in license in file headings. 
git-svn-id: file:///svn/unbound/trunk@3079 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-07 13:28:39 +00:00
Wouter Wijngaards
d3cbd76546 - Fix sldns to use sldns_ prefix for all ldns_ variables. 
git-svn-id: file:///svn/unbound/trunk@3022 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-12-03 09:11:16 +00:00
Wouter Wijngaards
3de090dadb Fix linking of sldns and ldns, unique identifiers for global variables. 
git-svn-id: file:///svn/unbound/trunk@3021 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-11-30 11:03:55 +00:00
Wouter Wijngaards
29e96e86c9 - separate ldns into core ldns inside ldns/ subdirectory. No more 
--with-ldns is needed and unbound does not rely on libldns.


git-svn-id: file:///svn/unbound/trunk@2998 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-10-31 15:09:26 +00:00
Wouter Wijngaards
c1ce3e10d8 - Fix #528: if very high logging (4 or more) segfault on allow_snoop. 
git-svn-id: file:///svn/unbound/trunk@2994 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-10-22 12:01:51 +00:00
Wouter Wijngaards
de07375a9c review fixes. 
git-svn-id: file:///svn/unbound/trunk@2940 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-20 14:14:08 +00:00
Wouter Wijngaards
f1fd2b53eb - Fix for 2038, with time_t instead of uint32_t. 
git-svn-id: file:///svn/unbound/trunk@2939 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-20 12:23:42 +00:00
Wouter Wijngaards
5dbb2ce669 Fix uninit variable in fix#516. 
git-svn-id: file:///svn/unbound/trunk@2934 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-14 07:53:33 +00:00
Wouter Wijngaards
c8d22543f3 - Fix#516 dnssec lameness detection for answers that are improper. 
git-svn-id: file:///svn/unbound/trunk@2933 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-08 09:29:33 +00:00
Wouter Wijngaards
bcf5b23273 - Fix#501: forward-first does not recurse, when forward name is ".". 
git-svn-id: file:///svn/unbound/trunk@2907 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-06-10 12:25:10 +00:00
Wouter Wijngaards
d88911eed5 - Fix queries leaking up for stubs and forwards, if the configured 
nameservers all fail to answer.


git-svn-id: file:///svn/unbound/trunk@2882 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-04-11 10:08:34 +00:00
Wouter Wijngaards
f9137645fb - Fix crash in previous private address fixup of 22 March. 
git-svn-id: file:///svn/unbound/trunk@2880 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-04-09 07:38:24 +00:00
Wouter Wijngaards
2ad6ee3c72 - Fix resolve of names that use a mix of public and private addresses. 
git-svn-id: file:///svn/unbound/trunk@2868 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-03-22 09:36:33 +00:00
Wouter Wijngaards
6fe9aab1c2 - printout name of zone with duplicate fwd and hint errors. 
git-svn-id: file:///svn/unbound/trunk@2828 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-01-29 08:13:57 +00:00
Wouter Wijngaards
6c0c8fd672 - Change of D.ROOT-SERVERS.NET A address in default root hints. 
git-svn-id: file:///svn/unbound/trunk@2794 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-12-14 08:08:59 +00:00
Wouter Wijngaards
4b3fd4f789 - Fix unbound-control forward disables configured stubs below it. 
git-svn-id: file:///svn/unbound/trunk@2781 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-11-09 15:35:18 +00:00
Wouter Wijngaards
217ef3d9a3 - Fix forward-first option where it sets the RD flag wrongly. 
git-svn-id: file:///svn/unbound/trunk@2731 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-07-31 12:53:53 +00:00
Wouter Wijngaards
3c55073799 - implemented forward_first for the root. 
git-svn-id: file:///svn/unbound/trunk@2722 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-07-23 13:42:07 +00:00
Wouter Wijngaards
0f1aa80123 - Fix bug#452 and another assertion failure in mesh.c, makes 
assertions in mesh.c resist duplicates.  Fixes DS NS search to
  not generate duplicate sub queries.


git-svn-id: file:///svn/unbound/trunk@2718 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-07-20 13:08:19 +00:00
Wouter Wijngaards
1467c5de52 - code review: return value of cache_store can be ignored for better 
performance in out of memory conditions.


git-svn-id: file:///svn/unbound/trunk@2704 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-28 14:18:41 +00:00
Wouter Wijngaards
15aacbe89b code review. 
git-svn-id: file:///svn/unbound/trunk@2688 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-18 14:22:29 +00:00
Wouter Wijngaards
452b7fce3a - code review. 
git-svn-id: file:///svn/unbound/trunk@2687 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-15 19:44:09 +00:00
Wouter Wijngaards
159d5a18b6 - Review comments from Yuri, removed duplicate memset to zero in delegpt. 
git-svn-id: file:///svn/unbound/trunk@2675 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-05-18 15:04:08 +00:00
Wouter Wijngaards
43ab18d6ed fix alloccheck 
git-svn-id: file:///svn/unbound/trunk@2672 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-05-16 11:55:30 +00:00
Wouter Wijngaards
eb926f15da lint fixes. 
git-svn-id: file:///svn/unbound/trunk@2649 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-03-21 15:34:44 +00:00
Wouter Wijngaards
8e20d58fa8 fixup include. 
git-svn-id: file:///svn/unbound/trunk@2647 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-03-21 15:05:34 +00:00
Wouter Wijngaards
fa3337d42a - new approach to NS fetches for DS lookup that works with 
cornercases, and is more robust and considers forwarders.


git-svn-id: file:///svn/unbound/trunk@2646 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-03-21 15:01:01 +00:00
Wouter Wijngaards
0d5441bd8a - fix to locate nameservers for DS lookup with NS fetches. 
git-svn-id: file:///svn/unbound/trunk@2645 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-03-19 15:44:21 +00:00
Wouter Wijngaards
82ebbe32d1 comment for explanation of bit toggle. 
git-svn-id: file:///svn/unbound/trunk@2638 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-03-01 13:38:28 +00:00
Wouter Wijngaards
1736d8078a - forward-first option. Tries without forward if a query fails. 
Also stub-first option that is similar.


git-svn-id: file:///svn/unbound/trunk@2637 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-03-01 13:16:40 +00:00
Wouter Wijngaards
773d8e3b84 Fix prefetch and stickyness. 
git-svn-id: file:///svn/unbound/trunk@2632 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-16 11:04:53 +00:00
Wouter Wijngaards
8e1cb52458 - iter_hints is now thread-owned in module env, and thus threadsafe. 
git-svn-id: file:///svn/unbound/trunk@2629 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-16 09:55:50 +00:00
Wouter Wijngaards
d64b14cff9 - unbound-control forward_add, forward_remove, stub_add, stub_remove 
can modify stubs and forwards for running unbound (on mobile computer)
  they can also add and remove domain-insecure for the zone.


git-svn-id: file:///svn/unbound/trunk@2623 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-15 14:35:28 +00:00
Wouter Wijngaards
943f8f43b9 hints uses malloc for more dynamicity. 
git-svn-id: file:///svn/unbound/trunk@2622 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-15 09:38:34 +00:00
Wouter Wijngaards
7a58fdcebc - Fix forward-zone memory, uses malloc and frees original root dp. 
git-svn-id: file:///svn/unbound/trunk@2621 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-15 08:50:17 +00:00
Wouter Wijngaards
db6cd0a635 - iter forwards uses malloc inside for more dynamicity. 
git-svn-id: file:///svn/unbound/trunk@2620 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-14 15:41:09 +00:00
Wouter Wijngaards
6dd2c0467e - Fix bug #425: unbound reports wrong TTL in reply, it reports a TTL 
that would be permissible by the RFCs but it is not the TTL in the
  cache.


git-svn-id: file:///svn/unbound/trunk@2581 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-01-10 09:42:32 +00:00
Wouter Wijngaards
0916e1d0ea - Fix for VU#209659 CVE-2011-4528: Unbound denial of service 
vulnerabilities from nonstandard redirection and denial of existence
http://www.unbound.net/downloads/CVE-2011-4528.txt
- robust checks for next-closer NSEC3s.
- tag 1.4.14 created.


git-svn-id: file:///svn/unbound/trunk@2574 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-12-19 10:55:32 +00:00
Wouter Wijngaards
a1c76554a2 - Makefile changed for BSD make compatibility. 
git-svn-id: file:///svn/unbound/trunk@2544 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-11-10 18:44:06 +00:00
Wouter Wijngaards
11f5e16932 infra cache consolidated and stores per zone, IP. 
git-svn-id: file:///svn/unbound/trunk@2525 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-10-26 15:46:23 +00:00
Wouter Wijngaards
7ea69fe9c2 - Fix resolve of partners.extranet.microsoft.com with a fix for the 
server selection for choosing out of a (particular) list of bad choices.


git-svn-id: file:///svn/unbound/trunk@2522 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-10-24 08:34:59 +00:00
Wouter Wijngaards
881f0ad30f - Fix classification of NS set in answer section, where there is a 
parent-child server, and the answer has the AA flag for dir.slb.com.
  Thanks to Amanda Constant from Secure64.


git-svn-id: file:///svn/unbound/trunk@2501 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-20 07:42:04 +00:00
Wouter Wijngaards
d9ceec4005 better sent count handling 
git-svn-id: file:///svn/unbound/trunk@2500 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-16 14:15:13 +00:00
Wouter Wijngaards
f82a0847eb - max sent count. EDNS1480 only for rtt < 5000. No promiscuous 
fetch if sentcount > 3, stop query if sentcount > 16.  Count is
reset when referral or CNAME happens.  This makes unbound better
at managing large NS sets, they are explored when there is continued
interest (in the form of queries).


git-svn-id: file:///svn/unbound/trunk@2499 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-16 14:11:12 +00:00
Wouter Wijngaards
af93d6033c revert earlier commit. 
git-svn-id: file:///svn/unbound/trunk@2488 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-12 11:28:14 +00:00
Wouter Wijngaards
46eeced066 - Fix operation in ipv6 only (do-ip4: no) mode. 
git-svn-id: file:///svn/unbound/trunk@2487 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-07 14:34:10 +00:00
Wouter Wijngaards
d56aef7b33 - Fix validation failures due to EDNS backoff retries, the retry 
for fetch of data has want_dnssec because the iter_indicate_dnssec
         function returns true when validation failure retry happens, and
         then the serviced query code does not fallback to noEDNS, even if
         the cache says it has this.  This helps for DLV deployment when
         the DNSSEC status is not known for sure before the lookup concludes.


git-svn-id: file:///svn/unbound/trunk@2483 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-08-26 09:00:43 +00:00
Wouter Wijngaards
d265c02f69 - Fix that internally, CNAMEs with NXDOMAIN have that as rcode. 
git-svn-id: file:///svn/unbound/trunk@2478 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-08-22 12:11:54 +00:00
Wouter Wijngaards
17e5bba504 Fix validation of qtype ANY responses with CNAMEs (thanks Cathy Zhang and Luo Ce). 
git-svn-id: file:///svn/unbound/trunk@2477 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-08-22 12:02:50 +00:00
Wouter Wijngaards
608f82a1cd IPv6 service address for d.root-servers.net (2001:500:2D::D) 
git-svn-id: file:///svn/unbound/trunk@2426 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-06-12 09:51:00 +00:00
Wouter Wijngaards
eed924d7be - Fix remove private address does not throw away entire response. 
git-svn-id: file:///svn/unbound/trunk@2386 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-28 16:11:49 +00:00
Wouter Wijngaards
790cb51775 - Fix prefetch so it does not get stuck on old server for moved names. 
git-svn-id: file:///svn/unbound/trunk@2372 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-13 10:13:01 +00:00
Wouter Wijngaards
4a746142cf - Fix insecure CNAME sequence marked as secure, reported by Bert Hubert. 
git-svn-id: file:///svn/unbound/trunk@2369 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-11 12:32:29 +00:00
Wouter Wijngaards
a72fe210ca remove lost and backoff values. 
git-svn-id: file:///svn/unbound/trunk@2309 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-26 13:30:37 +00:00
Wouter Wijngaards
2bdb094f7b - Fix bug where fallback_tcp causes wrong roundtrip and edns 
observation to be noted in cache.  Fix bug where EDNSprobe halted
  exponential backoff if EDNS status unknown.
- new unresponsive host method, exponentially increasing block backoff.
- iana portlist updated.


git-svn-id: file:///svn/unbound/trunk@2303 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-21 15:11:39 +00:00
Wouter Wijngaards
e238b47b0a Fix for request list growth. 
git-svn-id: file:///svn/unbound/trunk@2298 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-19 14:53:29 +00:00
Wouter Wijngaards
46345c0809 - Fix bug when DLV below a trust-anchor that uses NSEC3 optout where 
the zone has a secure delegation hosted on the same server did not
         verify as secure (it was insecure by mistake).


git-svn-id: file:///svn/unbound/trunk@2275 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-11 12:21:19 +00:00
Wouter Wijngaards
95db04a64c - bug#327: Fix for cannot access stub zones until the root is primed. 
git-svn-id: file:///svn/unbound/trunk@2228 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-13 09:25:52 +00:00
Wouter Wijngaards
f26b55ea7e fixup yesterdays fix 
git-svn-id: file:///svn/unbound/trunk@2227 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-10 11:16:12 +00:00
Wouter Wijngaards
8ec31ebbcc - unresponsive servers are not completely blacklisted (because of 
firewalls), but also not probed all the time (because of the request
            list size it generates).  The probe rate is 1%.


git-svn-id: file:///svn/unbound/trunk@2225 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-09 14:56:51 +00:00
Wouter Wijngaards
9d66b48885 - openbsd-lint fixes: acl_list_get_mem used if debug-alloc enabled. 
iterator get_mem includes priv_get_mem.  delegpt nodup removed.
  listen_pushback, query_info_allocqname, write_socket, send_packet,
  comm_point_set_cb_arg and listen_resume removed.


git-svn-id: file:///svn/unbound/trunk@2222 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-08-20 13:30:41 +00:00
Wouter Wijngaards
89845bca03 - Fix bug#321: resolution of rs.ripe.net artifacts with 0x20. 
Delegpt structures checked for duplicates always.
         No more nameserver lookups generated when depth is full anyway.


git-svn-id: file:///svn/unbound/trunk@2219 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-08-19 13:00:21 +00:00
Wouter Wijngaards
40f8fe2815 add and fix doxygen comments for doxygen-1.7.1. (which reports lots of 
spurious items as well, by the way).


git-svn-id: file:///svn/unbound/trunk@2211 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-08-13 08:41:49 +00:00
Wouter Wijngaards
b701d70147 - Return NXDOMAIN after chain of CNAMEs ends at name-not-found. 
git-svn-id: file:///svn/unbound/trunk@2208 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-08-05 14:31:52 +00:00
Wouter Wijngaards
f042f0dd5d - Neat function prototypes, unshadowed local declarations. 
git-svn-id: file:///svn/unbound/trunk@2188 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-07-07 13:13:36 +00:00
Wouter Wijngaards
654d66d6a7 - log if a server is skipped because it is on the donotquery list, 
at verbosity 4, to enable diagnosis why no queries to 127.0.0.1.


git-svn-id: file:///svn/unbound/trunk@2174 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-07-05 07:45:20 +00:00
Wouter Wijngaards
14f178e486 Fix for lame reply corner case. 
git-svn-id: file:///svn/unbound/trunk@2168 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-25 08:32:51 +00:00
Wouter Wijngaards
6325974a0b root hints from ftp.internic.net. 
git-svn-id: file:///svn/unbound/trunk@2158 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-18 07:18:22 +00:00
Wouter Wijngaards
d1a68958a9 - Add AAAA to root hints for I.ROOT-SERVERS.NET. 
git-svn-id: file:///svn/unbound/trunk@2157 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-17 19:17:09 +00:00
Wouter Wijngaards
cb3b649707 - Max referral count from 30 to 130, because 128 one character domains 
is valid DNS.


git-svn-id: file:///svn/unbound/trunk@2152 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-15 10:50:20 +00:00
Wouter Wijngaards
d7fec82eaa - Fix to use one pointer less for iterator query state store_parent_NS. 
git-svn-id: file:///svn/unbound/trunk@2150 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-15 09:47:11 +00:00
Wouter Wijngaards
b014aac438 fix 
git-svn-id: file:///svn/unbound/trunk@2146 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-11 14:24:25 +00:00
Wouter Wijngaards
1f0f85b59a - When retry to parent the retrycount is not wiped, so failed 
nameservers are not tried again.
       - iana portlist updated.


git-svn-id: file:///svn/unbound/trunk@2145 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-11 14:09:56 +00:00
Wouter Wijngaards
b9603c178a - Fix bug where a long loop could be entered, now cycle detection 
has a loop-counter and maximum search amount.


git-svn-id: file:///svn/unbound/trunk@2144 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-10 14:10:17 +00:00
Wouter Wijngaards
1f9172697c more last resort lookup options. 
git-svn-id: file:///svn/unbound/trunk@2139 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-03 15:06:50 +00:00
Wouter Wijngaards
b65fa84ea5 review fixes. 
git-svn-id: file:///svn/unbound/trunk@2138 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-03 13:38:09 +00:00
Wouter Wijngaards
ba4ff40d9d - Fix storage of negative parent glue if that last resort fails. 
git-svn-id: file:///svn/unbound/trunk@2127 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-01 09:33:25 +00:00
Wouter Wijngaards
1bd8583d3f Force off bit Z. 
git-svn-id: file:///svn/unbound/trunk@2126 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-06-01 06:48:15 +00:00
Wouter Wijngaards
d9e6fd3bac - fix parentside and querytargets modulestate, for dump_requestlist. 
git-svn-id: file:///svn/unbound/trunk@2123 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-31 14:01:32 +00:00