clones/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2024-09-21 06:37:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,789 Commits 27 Branches 196 Tags 104 MiB
master
Commit Graph

216 Commits

Author SHA1 Message Date
W.C.A. Wijngaards
8fca3e7c5b - For #1103: Fix to drop mesh state reference for the http2 stream 
associated with the reply, not the currently active stream. And
  it does not remove it twice on a mesh_send_reply call. The reply
  h2_stream is NULL when not in use, for more initialisation.
 2024-07-16 14:23:10 +02:00
W.C.A. Wijngaards
8947c2c764 - For #1103: fix to also drop mesh state reference when the discard 
limit is reached, when there is an error making a new recursion
  state and when the connection is dropped with is_drop.
 2024-07-15 14:51:20 +02:00
W.C.A. Wijngaards
d52f501d90 - For #1103: fix to also drop mesh state reference when a h2 reply is 
dropped.
 2024-07-12 16:41:46 +02:00
W.C.A. Wijngaards
3adb9c8f92 - Fix #1103: unbound 1.20.0 segmentation fault with nghttp2. 2024-07-12 16:11:29 +02:00
Yorgos Thessalonikefs
70f73a33b3 - Explicitly set the RD bit for the mesh query flags when prefetching. 
These queries have no waiting client but they need to be treated as
  recursive.
 2024-06-26 15:51:58 +02:00
W.C.A. Wijngaards
c3206f4568 - Fix for the DNSBomb vulnerability CVE-2024-33655. Thanks to Xiang Li 
from the Network and Information Security Lab of Tsinghua University
  for reporting it.
 2024-05-01 10:10:58 +02:00
Yorgos Thessalonikefs
63a6b7b255 - Cleanup unnecessary strdup calls for EDE strings. 2024-04-29 10:15:19 +02:00
W.C.A. Wijngaards
d47849a26e - Fix cachedb for serve-expired with serve-expired-reply-ttl. 2024-04-10 17:01:57 +02:00
W.C.A. Wijngaards
cccf5e73c0 - Fixup compile without cachedb. 2024-04-10 11:33:52 +02:00
W.C.A. Wijngaards
f3f85e5a11 - Fixup compile without cachedb. 2024-04-10 11:29:10 +02:00
W.C.A. Wijngaards
d55511f1dd - Fixup compile without cachedb. 2024-04-10 11:27:08 +02:00
W.C.A. Wijngaards
d98c7b9ae3 - Implement cachedb-check-when-serve-expired: yes option, default 
is enabled. When serve expired is enabled with cachedb, it first
  checks cachedb before serving the expired response.
 2024-04-10 11:21:28 +02:00
W.C.A. Wijngaards
2993437eaa - Fix that addrinfo is not kept around but copied and freed, so that 
log-destaddr uses a copy of the information, much like NSD does.
 2024-03-15 13:39:49 +01:00
W.C.A. Wijngaards
3d1bc143af - Fix #969: [FR] distinguish Do53, DoT and DoH in the logs. 2023-12-05 10:05:51 +01:00
W.C.A. Wijngaards
39df4f0923 - disable-edns-do, queriers receive no EDNS in response if the 
disable-edns-do option is enabled and they set the DO flag. And unit test
  for that.
 2023-10-04 13:54:05 +02:00
W.C.A. Wijngaards
bd5dc855af - Fix rpz tcp-only action with rpz triggers nsdname and nsip. 2023-09-18 09:55:39 +02:00
George Thessalonikefs
6819c1e444 - Merge #759 from Tom Carpay: Add EDE (RFC8914) caching. 2023-07-30 11:48:04 +02:00
George Thessalonikefs
50ea4a1072 Address review comments for #759: 
- Decrease allocations for "" EDE strings when loading the cachedump.
- Check for existence of EDE code before attaching.
 2023-07-28 12:56:13 +02:00
George Thessalonikefs
6289238cd6 - For #889: Account for num_detached_states before possible 
mesh_state_delete when erroring out.
 2023-07-21 21:05:38 +02:00
George Thessalonikefs
201da1f50a Merge branch 'free_memory_in_error_case' of https://github.com/borisVanhoof/unbound into borisVanhoof-free_memory_in_error_case 2023-07-21 17:04:33 +02:00
George Thessalonikefs
846b158304 - Remove redundant checks when attaching EDE to a SERVFAIL answer. 2023-07-19 15:26:08 +02:00
George Thessalonikefs
95604a90e8 Review for #759: 
- Keep EDE information for keys close to key creation.
- Fix inconsistencies between reply and cached EDEs.
- Incorporate EDE caching checks in EDE tests.
- Fix some EDE cases where missing DNSKEY was wrongly reported.
 2023-07-19 15:20:44 +02:00
George Thessalonikefs
a952ac17be Merge branch 'tilan7663-subnet_cache_prefetch' into subnet_cache_prefetch 2023-07-07 16:50:58 +02:00
George Thessalonikefs
40e47bf767 - For #664: easier code flow for subnetcache prefetching. 
- For #664: add testcase.
 2023-07-06 22:22:21 +02:00
George Thessalonikefs
2069271384 - Merge #802: add validation EDEs to queries where the CD bit is set. 
- For #802: Cleanup comments and add RCODE check for CD bit test case.
 2023-07-03 14:48:39 +02:00
George Thessalonikefs
014db3fb03 - For #802: Cleanup comments and add RCODE check for CD bit test case. 2023-07-03 14:40:01 +02:00
W.C.A. Wijngaards
5aa47fb1fa - Fix dereference of NULL variable warning in mesh_do_callback. 2023-07-03 13:50:39 +02:00
George Thessalonikefs
db5cf5851d - More efficient mesh accounting per client. 2023-05-30 23:34:31 +02:00
George Thessalonikefs
4f52be4db9 - Introduce num.query.cachedb to track cache hits for the external cache. 2023-05-30 17:49:50 +02:00
Boris VANHOOF
a21bc23139 free memory in error case 2023-05-23 09:23:03 +02:00
Boris VANHOOF
62d54d8091 remove unused function 2023-05-23 09:22:35 +02:00
Vadim Fedorenko
a197aac2f6 timeval_func: move all timeval manipulation to separate file 
There are several definitions of the same functions manipulating timeval
structures. Let's move them to separate file and arrange the code
preperly.

Signed-off-by: Vadim Fedorenko <vadfed@meta.com>
 2023-04-26 03:23:41 -07:00
Vadim Fedorenko
648ad4db6f Linting change. 
Remove config parser/lexer code as it's rebuilded every time but can
break adding new config options.
Also clean up the code base to avoid mixing actual code changes and lint
issues.

Signed-off-by: Vadim Fedorenko <vadfed@meta.com>
 2023-04-25 17:05:00 -07:00
Philip Homburg
fb06364014 Fix issue #825: interaction between ECS and serve-expired. 2023-02-21 09:20:28 +01:00
TCY16
dd3984eae9 add validation EDEs to CD bit queries 2022-12-05 11:41:17 +01:00
Yorgos Thessalonikefs
c4e51a4cfe
PROXYv2 downstream support (#760) 2022-10-03 15:29:47 +02:00
W.C.A. Wijngaards
137719522a - Patch for CVE-2022-3204 Non-Responsive Delegation Attack. 2022-09-21 11:10:38 +02:00
W.C.A. Wijngaards
f6753a0f10 - Fix the novel ghost domain issues CVE-2022-30698 and CVE-2022-30699. 2022-08-01 13:24:40 +02:00
Philip Homburg
3bade62c8a Fix use after free issue with edns options (https://github.com/NLnetLabs/unbound/issues/663) 2022-06-22 15:00:28 +02:00
George Thessalonikefs
91c298c901 Merge branch 'subnet_cache_prefetch' of https://github.com/tilan7663/unbound into tilan7663-subnet_cache_prefetch 2022-05-17 16:16:09 +03:00
George Thessalonikefs
daf316ea1b - Fix #417: prefetch and ECS causing cache corruption when used 
together.
 2022-05-12 00:56:01 +02:00
tcarpay
0ce36e8289
Add the basic EDE (RFC8914) cases (#604) 2022-05-06 12:48:53 +02:00
Tian Lan
8afbc0944f Add prefetch support for subnet cache entries 
- Entries in the subnet cache should now be prefetched.

- Rename testdata subnet_*.crpl to subnet_*.rpl so they are visible to
  make test

Signed-off-by: Tian Lan <tian.lan@twosigma.com>
 2022-04-29 11:46:05 -04:00
W.C.A. Wijngaards
2b90181d3a - Fix #628: A rpz-passthru action is not ending RPZ zone processing. 2022-02-15 16:20:12 +01:00
Wouter Wijngaards
9645228f03
Merge pull request #570 from rex4539/typos 
Fix typos
 2021-11-29 11:39:48 +01:00
Dimitris Apostolou
c21d6af617
Fix typos 2021-11-13 16:56:15 +02:00
TCY16
8205c87a96 complete renaming of the modules edns list 2021-11-08 11:50:29 +01:00
Tom Carpay
5f8447830a Move option handling to parse-time 2021-11-01 13:48:31 +00:00
Tom Carpay
89d7476539 split edns_data.opt_list in opt_list_in and opt_list_out 
opt_list_in for parsed (incoming) edns options, and
opt_list_out for outgoing (to be encoded) edns options
 2021-11-01 12:48:40 +00:00
Tom Carpay
3925297d07 Remove apply_edns_options from worker and mesh... 
to be returned in message encoding later...
 2021-11-01 10:44:55 +00:00