W.C.A. Wijngaards
8fca3e7c5b
- For #1103 : Fix to drop mesh state reference for the http2 stream
...
associated with the reply, not the currently active stream. And
it does not remove it twice on a mesh_send_reply call. The reply
h2_stream is NULL when not in use, for more initialisation.
2024-07-16 14:23:10 +02:00
W.C.A. Wijngaards
8947c2c764
- For #1103 : fix to also drop mesh state reference when the discard
...
limit is reached, when there is an error making a new recursion
state and when the connection is dropped with is_drop.
2024-07-15 14:51:20 +02:00
W.C.A. Wijngaards
d52f501d90
- For #1103 : fix to also drop mesh state reference when a h2 reply is
...
dropped.
2024-07-12 16:41:46 +02:00
W.C.A. Wijngaards
3adb9c8f92
- Fix #1103 : unbound 1.20.0 segmentation fault with nghttp2.
2024-07-12 16:11:29 +02:00
Yorgos Thessalonikefs
70f73a33b3
- Explicitly set the RD bit for the mesh query flags when prefetching.
...
These queries have no waiting client but they need to be treated as
recursive.
2024-06-26 15:51:58 +02:00
W.C.A. Wijngaards
c3206f4568
- Fix for the DNSBomb vulnerability CVE-2024-33655. Thanks to Xiang Li
...
from the Network and Information Security Lab of Tsinghua University
for reporting it.
2024-05-01 10:10:58 +02:00
Yorgos Thessalonikefs
63a6b7b255
- Cleanup unnecessary strdup calls for EDE strings.
2024-04-29 10:15:19 +02:00
W.C.A. Wijngaards
d47849a26e
- Fix cachedb for serve-expired with serve-expired-reply-ttl.
2024-04-10 17:01:57 +02:00
W.C.A. Wijngaards
cccf5e73c0
- Fixup compile without cachedb.
2024-04-10 11:33:52 +02:00
W.C.A. Wijngaards
f3f85e5a11
- Fixup compile without cachedb.
2024-04-10 11:29:10 +02:00
W.C.A. Wijngaards
d55511f1dd
- Fixup compile without cachedb.
2024-04-10 11:27:08 +02:00
W.C.A. Wijngaards
d98c7b9ae3
- Implement cachedb-check-when-serve-expired: yes option, default
...
is enabled. When serve expired is enabled with cachedb, it first
checks cachedb before serving the expired response.
2024-04-10 11:21:28 +02:00
W.C.A. Wijngaards
2993437eaa
- Fix that addrinfo is not kept around but copied and freed, so that
...
log-destaddr uses a copy of the information, much like NSD does.
2024-03-15 13:39:49 +01:00
W.C.A. Wijngaards
3d1bc143af
- Fix #969 : [FR] distinguish Do53, DoT and DoH in the logs.
2023-12-05 10:05:51 +01:00
W.C.A. Wijngaards
39df4f0923
- disable-edns-do, queriers receive no EDNS in response if the
...
disable-edns-do option is enabled and they set the DO flag. And unit test
for that.
2023-10-04 13:54:05 +02:00
W.C.A. Wijngaards
bd5dc855af
- Fix rpz tcp-only action with rpz triggers nsdname and nsip.
2023-09-18 09:55:39 +02:00
George Thessalonikefs
6819c1e444
- Merge #759 from Tom Carpay: Add EDE (RFC8914) caching.
2023-07-30 11:48:04 +02:00
George Thessalonikefs
50ea4a1072
Address review comments for #759 :
...
- Decrease allocations for "" EDE strings when loading the cachedump.
- Check for existence of EDE code before attaching.
2023-07-28 12:56:13 +02:00
George Thessalonikefs
6289238cd6
- For #889 : Account for num_detached_states before possible
...
mesh_state_delete when erroring out.
2023-07-21 21:05:38 +02:00
George Thessalonikefs
201da1f50a
Merge branch 'free_memory_in_error_case' of https://github.com/borisVanhoof/unbound into borisVanhoof-free_memory_in_error_case
2023-07-21 17:04:33 +02:00
George Thessalonikefs
846b158304
- Remove redundant checks when attaching EDE to a SERVFAIL answer.
2023-07-19 15:26:08 +02:00
George Thessalonikefs
95604a90e8
Review for #759 :
...
- Keep EDE information for keys close to key creation.
- Fix inconsistencies between reply and cached EDEs.
- Incorporate EDE caching checks in EDE tests.
- Fix some EDE cases where missing DNSKEY was wrongly reported.
2023-07-19 15:20:44 +02:00
George Thessalonikefs
a952ac17be
Merge branch 'tilan7663-subnet_cache_prefetch' into subnet_cache_prefetch
2023-07-07 16:50:58 +02:00
George Thessalonikefs
40e47bf767
- For #664 : easier code flow for subnetcache prefetching.
...
- For #664 : add testcase.
2023-07-06 22:22:21 +02:00
George Thessalonikefs
2069271384
- Merge #802 : add validation EDEs to queries where the CD bit is set.
...
- For #802 : Cleanup comments and add RCODE check for CD bit test case.
2023-07-03 14:48:39 +02:00
George Thessalonikefs
014db3fb03
- For #802 : Cleanup comments and add RCODE check for CD bit test case.
2023-07-03 14:40:01 +02:00
W.C.A. Wijngaards
5aa47fb1fa
- Fix dereference of NULL variable warning in mesh_do_callback.
2023-07-03 13:50:39 +02:00
George Thessalonikefs
db5cf5851d
- More efficient mesh accounting per client.
2023-05-30 23:34:31 +02:00
George Thessalonikefs
4f52be4db9
- Introduce num.query.cachedb to track cache hits for the external cache.
2023-05-30 17:49:50 +02:00
Boris VANHOOF
a21bc23139
free memory in error case
2023-05-23 09:23:03 +02:00
Boris VANHOOF
62d54d8091
remove unused function
2023-05-23 09:22:35 +02:00
Vadim Fedorenko
a197aac2f6
timeval_func: move all timeval manipulation to separate file
...
There are several definitions of the same functions manipulating timeval
structures. Let's move them to separate file and arrange the code
preperly.
Signed-off-by: Vadim Fedorenko <vadfed@meta.com>
2023-04-26 03:23:41 -07:00
Vadim Fedorenko
648ad4db6f
Linting change.
...
Remove config parser/lexer code as it's rebuilded every time but can
break adding new config options.
Also clean up the code base to avoid mixing actual code changes and lint
issues.
Signed-off-by: Vadim Fedorenko <vadfed@meta.com>
2023-04-25 17:05:00 -07:00
Philip Homburg
fb06364014
Fix issue #825 : interaction between ECS and serve-expired.
2023-02-21 09:20:28 +01:00
TCY16
dd3984eae9
add validation EDEs to CD bit queries
2022-12-05 11:41:17 +01:00
Yorgos Thessalonikefs
c4e51a4cfe
PROXYv2 downstream support ( #760 )
2022-10-03 15:29:47 +02:00
W.C.A. Wijngaards
137719522a
- Patch for CVE-2022-3204 Non-Responsive Delegation Attack.
2022-09-21 11:10:38 +02:00
W.C.A. Wijngaards
f6753a0f10
- Fix the novel ghost domain issues CVE-2022-30698 and CVE-2022-30699.
2022-08-01 13:24:40 +02:00
Philip Homburg
3bade62c8a
Fix use after free issue with edns options ( https://github.com/NLnetLabs/unbound/issues/663 )
2022-06-22 15:00:28 +02:00
George Thessalonikefs
91c298c901
Merge branch 'subnet_cache_prefetch' of https://github.com/tilan7663/unbound into tilan7663-subnet_cache_prefetch
2022-05-17 16:16:09 +03:00
George Thessalonikefs
daf316ea1b
- Fix #417 : prefetch and ECS causing cache corruption when used
...
together.
2022-05-12 00:56:01 +02:00
tcarpay
0ce36e8289
Add the basic EDE (RFC8914) cases ( #604 )
2022-05-06 12:48:53 +02:00
Tian Lan
8afbc0944f
Add prefetch support for subnet cache entries
...
- Entries in the subnet cache should now be prefetched.
- Rename testdata subnet_*.crpl to subnet_*.rpl so they are visible to
make test
Signed-off-by: Tian Lan <tian.lan@twosigma.com>
2022-04-29 11:46:05 -04:00
W.C.A. Wijngaards
2b90181d3a
- Fix #628 : A rpz-passthru action is not ending RPZ zone processing.
2022-02-15 16:20:12 +01:00
Wouter Wijngaards
9645228f03
Merge pull request #570 from rex4539/typos
...
Fix typos
2021-11-29 11:39:48 +01:00
Dimitris Apostolou
c21d6af617
Fix typos
2021-11-13 16:56:15 +02:00
TCY16
8205c87a96
complete renaming of the modules edns list
2021-11-08 11:50:29 +01:00
Tom Carpay
5f8447830a
Move option handling to parse-time
2021-11-01 13:48:31 +00:00
Tom Carpay
89d7476539
split edns_data.opt_list in opt_list_in and opt_list_out
...
opt_list_in for parsed (incoming) edns options, and
opt_list_out for outgoing (to be encoded) edns options
2021-11-01 12:48:40 +00:00
Tom Carpay
3925297d07
Remove apply_edns_options from worker and mesh...
...
to be returned in message encoding later...
2021-11-01 10:44:55 +00:00