clones/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2024-09-21 14:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,765 Commits 27 Branches 196 Tags 104 MiB
1ef8cfcac5
Commit Graph

217 Commits

Author SHA1 Message Date
Wouter Wijngaards
b23c373f4d - Refuse to start with no ports. 
git-svn-id: file:///svn/unbound/trunk@4997 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-11-29 14:26:16 +00:00
Wouter Wijngaards
2d28fba3bf - Squelch log of failed to tcp initiate after TCP Fastopen failure. 
git-svn-id: file:///svn/unbound/trunk@4937 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-10-08 13:27:53 +00:00
Wouter Wijngaards
377d5b426a - Add SSL cleanup for tcp timeout. 
git-svn-id: file:///svn/unbound/trunk@4915 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-09-25 09:01:13 +00:00
Wouter Wijngaards
f82a128909 - Perform TLS SNI indication of the host that is being contacted 
for DNS over TLS service.  It sets the configured tls auth name.
  This is useful for hosts that apart from the DNS over TLS services
  also provide other (web) services.


git-svn-id: file:///svn/unbound/trunk@4914 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-09-25 08:31:42 +00:00
Wouter Wijngaards
9b6caf5a5b - Fix that with harden-below-nxdomain and qname minisation enabled 
some iterator states for nonresponsive domains can get into a
  state where they waited for an empty list.
- Stop UDP to TCP failover after timeouts that causes the ping count
  to be reset by the TCP time measurement (that exists for TLS),
  because that causes the UDP part to not be measured as timeout.


git-svn-id: file:///svn/unbound/trunk@4912 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-09-17 11:25:52 +00:00
Wouter Wijngaards
4bf9d12419 - Fix for 4126 that the #define for UNKNOWN_SERVER_NICENESS can be more 
easily changed to adjust default rtt assumptions.


git-svn-id: file:///svn/unbound/trunk@4779 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-12 14:15:03 +00:00
Wouter Wijngaards
5d298ed474 - Fix permission denied printed for auth zone probe random port nrs. 
git-svn-id: file:///svn/unbound/trunk@4769 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-07-03 13:58:49 +00:00
Wouter Wijngaards
23f475bccc - Tentative fix for permission denied on IPv6 address on FreeBSD. 
git-svn-id: file:///svn/unbound/trunk@4754 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-26 08:01:44 +00:00
Wouter Wijngaards
b9607297e9 - For TCP and TLS connections that don't establish, perform address 
update in infra cache, so future selections can exclude them.


git-svn-id: file:///svn/unbound/trunk@4693 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-25 06:21:39 +00:00
Wouter Wijngaards
6fefbb4115 - Fix fail to reject dead peers in forward-zone, with ssl-upstream. 
git-svn-id: file:///svn/unbound/trunk@4670 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-02 06:36:02 +00:00
Wouter Wijngaards
9d28279475 - Can set tls authentication with forward-addr: IP#tls.auth.name 
And put the public cert bundle in tls-cert-bundle: "ca-bundle.pem".


git-svn-id: file:///svn/unbound/trunk@4631 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-19 12:10:05 +00:00
Wouter Wijngaards
5c8819f1ac - Fix for windows compile. 
git-svn-id: file:///svn/unbound/trunk@4563 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-06 09:18:53 +00:00
Wouter Wijngaards
54bd1fdd62 - tls-cert-bundle option in unbound.conf enables TLS authentication. 
git-svn-id: file:///svn/unbound/trunk@4532 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-13 10:35:09 +00:00
Wouter Wijngaards
ad89368b4e auth zone work. 
git-svn-id: file:///svn/unbound/trunk@4521 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 11:59:30 +00:00
Wouter Wijngaards
75eb720ab5 auth zone work on http feature. 
git-svn-id: file:///svn/unbound/trunk@4517 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-07 16:10:31 +00:00
Wouter Wijngaards
cc9a0671f3 auth zone socket creation fix. 
git-svn-id: file:///svn/unbound/trunk@4489 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-01 15:43:00 +00:00
Wouter Wijngaards
84e819dc31 auth zone move file descriptor functionality to outside network 
for the unit test


git-svn-id: file:///svn/unbound/trunk@4482 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-31 14:59:17 +00:00
Wouter Wijngaards
30da6bde6f - authzone work, transfer connect. 
git-svn-id: file:///svn/unbound/trunk@4420 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-12-12 15:39:45 +00:00
Wouter Wijngaards
7d17a926ac - Spelling fixes, from Phil Porada. 
git-svn-id: file:///svn/unbound/trunk@4344 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-15 14:29:28 +00:00
Wouter Wijngaards
b320c7ebd5 - Fix issue on macOX 10.10 where TCP fast open is detected but not 
implemented causing TCP to fail. The fix allows fallback to regular
  TCP in this case and is also more robust for cases where connectx()
  fails for some reason.


git-svn-id: file:///svn/unbound/trunk@4304 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-21 11:44:46 +00:00
Wouter Wijngaards
7ebe1fe115 - More fixes in depth for buffer checks in 0x20 qname checks. 
git-svn-id: file:///svn/unbound/trunk@4225 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-13 14:34:44 +00:00
Wouter Wijngaards
843bd4156e - Fix #1280: Unbound fails assert when response from authoritative 
contains malformed qname.  When 0x20 caps-for-id is enabled, when
  assertions are not enabled the malformed qname is handled correctly.
- 1.6.3 tag created, with only #1280 fix, trunk is 1.6.4 development.


git-svn-id: file:///svn/unbound/trunk@4224 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-13 14:25:47 +00:00
Wouter Wijngaards
4e502fd624 - Set SO_REUSEADDR on outgoing tcp connections to fix the bind before 
connect limited tcp connections.  With the option tcp connections
  can share the same source port (for different destinations).


git-svn-id: file:///svn/unbound/trunk@4151 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-08 10:41:03 +00:00
Wouter Wijngaards
ad2e157763 - Fix tcp-mss failure printout text. 
git-svn-id: file:///svn/unbound/trunk@4150 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-08 07:15:48 +00:00
Wouter Wijngaards
c010e93d4a - Fix to rename internally used types from _t to _type, because _t 
type names are reserved by POSIX.
- iana portlist update


git-svn-id: file:///svn/unbound/trunk@3989 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-19 10:25:41 +00:00
Wouter Wijngaards
cd7db58ce3 - configure --enable-systemd and lets unbound use systemd sockets if 
you enable use-systemd: yes in unbound.conf.
  Also there are contrib/unbound.socket and contrib/unbound.service:
  systemd files for unbound, install them in /usr/lib/systemd/system.
  Contributed by Sami Kerola and Pavel Odintsov.



git-svn-id: file:///svn/unbound/trunk@3975 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-03 13:43:29 +00:00
George Thessalonikefs
7b948b0647 - Added generic EDNS code for registering known EDNS option codes, 
bypassing the cache response stage and uniquifying mesh states. Four EDNS
  option lists were added to module_qstate (module_qstate.edns_opts_*) to
  store EDNS options from/to front/back side.
- Added two flags to module_qstate (no_cache_lookup, no_cache_store) that
  control the modules' cache interactions.
- Added code for registering inplace callback functions. The registered
  functions can be called just before replying with local data or Chaos,
  replying from cache, replying with SERVFAIL, replying with a resolved
  query, sending a query to a nameserver. The functions can inspect the
  available data and maybe change response/query related data (i.e. append
  EDNS options).
- Updated Python module for the above.
- Updated Python documentation.



git-svn-id: file:///svn/unbound/trunk@3947 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-06 13:42:51 +00:00
Wouter Wijngaards
2127c65561 - Fix dnstap relaying "random" messages instead of resolver/forwarder 
responses, from Nikolay Edigaryev.


git-svn-id: file:///svn/unbound/trunk@3869 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-27 11:56:55 +00:00
Wouter Wijngaards
42f14e7c4d - Fix #802: workaround for function parameters that are "unused" 
without log_assert.


git-svn-id: file:///svn/unbound/trunk@3823 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-22 07:05:52 +00:00
Wouter Wijngaards
e71f0b2f34 - Fix #798: Client-side TCP fast open fails (Linux). 
git-svn-id: file:///svn/unbound/trunk@3819 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-18 13:54:32 +00:00
Wouter Wijngaards
95e9dff362 - TCP Fast open patch from Sara Dickinson. 
git-svn-id: file:///svn/unbound/trunk@3814 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-14 07:06:34 +00:00
Wouter Wijngaards
48ca4dc880 lint. 
git-svn-id: file:///svn/unbound/trunk@3813 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-07 10:31:50 +00:00
Wouter Wijngaards
1394dcba69 - Fix #787: outgoing-interface netblock/64 ipv6 option to use linux 
freebind to use 64bits of entropy for every query with random local
  part.


git-svn-id: file:///svn/unbound/trunk@3804 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-04 14:51:30 +00:00
Wouter Wijngaards
031caba9c0 - and also generic edns options for upstream messages (and replies). 
after parse use edns_opt_find(edns.opt_list, LDNS_EDNS_NSID),
  to insert use edns_opt_append(edns, region, code, len, bindata) on
  the opt_list passed to send_query, or in edns_opt_inplace_reply.


git-svn-id: file:///svn/unbound/trunk@3742 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-31 16:55:22 +00:00
Wouter Wijngaards
3904c2be9a fixup upstream edns opts. 
git-svn-id: file:///svn/unbound/trunk@3741 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-31 15:52:33 +00:00
Wouter Wijngaards
3e41fd11fc - Fix #759: 0x20 capsforid no longer checks type PTR, for 
compatibility with cisco dns guard.  This lowers false positives.


git-svn-id: file:///svn/unbound/trunk@3715 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-04-28 07:24:50 +00:00
Wouter Wijngaards
636e2ef520 please lint. 
git-svn-id: file:///svn/unbound/trunk@3704 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-04-18 12:39:16 +00:00
Wouter Wijngaards
f64c2d8d08 Slightly more general (i.e. for TYPE0 too). 
git-svn-id: file:///svn/unbound/trunk@3703 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-04-18 12:23:21 +00:00
Wouter Wijngaards
0d5d685514 Explain what we do. 
git-svn-id: file:///svn/unbound/trunk@3702 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-04-18 12:00:57 +00:00
Wouter Wijngaards
e77a3a9941 - Fix some malformed reponses to edns queries get fallback to nonedns. 
git-svn-id: file:///svn/unbound/trunk@3701 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-04-18 11:56:55 +00:00
Wouter Wijngaards
9f8b2bb468 - ip_freebind: yesno option in unbound.conf sets IP_FREEBIND for 
binding to an IP address while the interface or address is down.


git-svn-id: file:///svn/unbound/trunk@3673 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-15 09:35:48 +00:00
Wouter Wijngaards
4f1625afb7 - Fix #747: assert in outnet_serviced_query_stop. 
git-svn-id: file:///svn/unbound/trunk@3646 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-07 10:00:08 +00:00
Wouter Wijngaards
dd8b5729f2 Fix signed-unsigned lint warnings in tcp-mss. 
git-svn-id: file:///svn/unbound/trunk@3592 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-05 10:08:37 +00:00
Wouter Wijngaards
5d0ad681a2 - #731: tcp-mss, outgoing-tcp-mss options for unbound.conf, patch 
from Daisuke Higashi.


git-svn-id: file:///svn/unbound/trunk@3591 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-05 10:03:59 +00:00
Wouter Wijngaards
f03d3b870e - caps-whitelist in unbound.conf allows whitelist of loadbalancers 
that cannot work with caps-for-id or its fallback.


git-svn-id: file:///svn/unbound/trunk@3420 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-01 12:36:16 +00:00
Wouter Wijngaards
e0631733a6 - Fix crash in dnstap: Do not try to log TCP responses after timeout. 
git-svn-id: file:///svn/unbound/trunk@3390 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-08 19:58:06 +00:00
Wouter Wijngaards
b2bdce46be - rename ldns subdirectory to sldns to avoid name collision. 
git-svn-id: file:///svn/unbound/trunk@3380 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-26 10:21:38 +00:00
Wouter Wijngaards
77088b12ff - Add ip-transparent config option for bind to non-local addresses. 
git-svn-id: file:///svn/unbound/trunk@3369 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-19 09:50:35 +00:00
Wouter Wijngaards
339a6be27d More unsigned chasts for toupper/tolower/ctype 
git-svn-id: file:///svn/unbound/trunk@3242 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-10-13 08:35:00 +00:00
Wouter Wijngaards
6a7193a016 - Fix tcp timer waiting list removal code. 
git-svn-id: file:///svn/unbound/trunk@3222 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-09-16 13:08:27 +00:00