Wouter Wijngaards
510606dd1c
- Patch for TLS session resumption from Manabu Sonoda,
...
enable with tls-session-ticket-keys in unbound.conf.
git-svn-id: file:///svn/unbound/trunk@5059 be551aaa-1e26-0410-a405-d3ace91eadb9
2019-01-23 09:35:52 +00:00
Wouter Wijngaards
2f52ecdd9c
lex and yacc.
...
git-svn-id: file:///svn/unbound/trunk@5056 be551aaa-1e26-0410-a405-d3ace91eadb9
2019-01-23 08:46:33 +00:00
Wouter Wijngaards
d81e2c654f
- Add stream-wait-size: 4m config option to limit the maximum
...
memory used by waiting tcp and tls stream replies. This avoids
a denial of service where these replies use up all of the memory.
git-svn-id: file:///svn/unbound/trunk@5046 be551aaa-1e26-0410-a405-d3ace91eadb9
2019-01-21 16:20:14 +00:00
Wouter Wijngaards
2ad55ba791
- log-tag-queryreply: yes in unbound.conf tags the log-queries and
...
log-replies in the log file for easier log filter maintenance.
git-svn-id: file:///svn/unbound/trunk@5000 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-11-30 09:45:37 +00:00
Wouter Wijngaards
fd5e4e6019
- Fix #4126 : RTT_band too low on VSAT links with 600+ms latency,
...
adds the option unknown-server-time-limit to unbound.conf that
can be increased to avoid the problem.
git-svn-id: file:///svn/unbound/trunk@4954 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-10-25 09:21:41 +00:00
Ralph Dolmans
6021341118
- Add min-client-subnet-ipv6 and min-client-subnet-ipv4 options.
...
git-svn-id: file:///svn/unbound/trunk@4951 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-10-25 08:53:50 +00:00
Wouter Wijngaards
23505d30a5
- Fix #4190 : Please create a "ANY" deny option, adds the option
...
deny-any: yes in unbound.conf. This responds with an empty message
to queries of type ANY.
git-svn-id: file:///svn/unbound/trunk@4949 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-10-25 08:07:37 +00:00
Wouter Wijngaards
5fec1c8b1f
- Fix #4154 : make ECS_MAX_TREESIZE configurable, with
...
the max-ecs-tree-size-ipv4 and max-ecs-tree-size-ipv6 options.
git-svn-id: file:///svn/unbound/trunk@4945 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-10-22 14:54:28 +00:00
Ralph Dolmans
02bd3e2ff1
- Add fast-server-permil and fast-server-num options.
...
- Deprecate low-rtt and low-rtt-permil options.
git-svn-id: file:///svn/unbound/trunk@4938 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-10-08 16:03:46 +00:00
Ralph Dolmans
2e5e31e8ac
- Added serve-expired-ttl and serve-expired-ttl-reset options.
...
git-svn-id: file:///svn/unbound/trunk@4876 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-28 14:21:56 +00:00
Wouter Wijngaards
9926fcac4b
flex and bison re-run.
...
git-svn-id: file:///svn/unbound/trunk@4865 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-21 07:10:49 +00:00
Wouter Wijngaards
4fe427ded2
- log-servfail: yes prints log lines that say why queries are
...
returning SERVFAIL to clients.
git-svn-id: file:///svn/unbound/trunk@4863 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-17 15:22:05 +00:00
Wouter Wijngaards
256ab3d935
- Patch for stub-no-cache and forward-no-cache options that disable
...
caching for the contents of that stub or forward, for when you
want immediate changes visible, from Bjoern A. Zeeb.
git-svn-id: file:///svn/unbound/trunk@4846 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-09 12:44:40 +00:00
Wouter Wijngaards
b97b04a9db
yacc and lex.
...
git-svn-id: file:///svn/unbound/trunk@4837 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-07 12:02:10 +00:00
Wouter Wijngaards
b7abbd1d72
- Fix mesh.c incompatible pointer pass.
...
- yacc and lex.
git-svn-id: file:///svn/unbound/trunk@4808 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-07-31 07:23:58 +00:00
Wouter Wijngaards
2beae211ee
- dns64-ignore-aaaa: config option to list domain names for which the
...
existing AAAA is ignored and dns64 processing is used on the A
record.
git-svn-id: file:///svn/unbound/trunk@4762 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-06-29 12:58:52 +00:00
Wouter Wijngaards
23edc18cac
- Rename tls-additional-ports to tls-additional-port, because every
...
line adds one port.
git-svn-id: file:///svn/unbound/trunk@4721 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-06-12 08:45:57 +00:00
Wouter Wijngaards
7509bf208e
- Rename additional-tls-port to tls-additional-ports.
...
The older name is accepted for backwards compatibility.
git-svn-id: file:///svn/unbound/trunk@4703 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-06-01 08:02:04 +00:00
Wouter Wijngaards
1a0bd1a150
- tls-win-cert option that adds the system certificate store for
...
authenticating DNS-over-TLS connections. It can be used instead
of the tls-cert-bundle option, or with it to add certificates.
git-svn-id: file:///svn/unbound/trunk@4698 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-05-28 14:15:06 +00:00
Wouter Wijngaards
ba29a4a078
generated yacc and lex output.
...
git-svn-id: file:///svn/unbound/trunk@4684 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-05-15 07:48:12 +00:00
Ralph Dolmans
4d06c36342
- Added root-key-sentinel support
...
git-svn-id: file:///svn/unbound/trunk@4652 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-24 09:03:49 +00:00
Wouter Wijngaards
1b055c6ca7
- allow-notify: config statement for auth-zones.
...
git-svn-id: file:///svn/unbound/trunk@4628 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-17 13:23:35 +00:00
Wouter Wijngaards
d41cdb6ce8
- low-rtt and low-rtt-pct in unbound.conf enable the server selection
...
of fast servers for some percentage of the time.
git-svn-id: file:///svn/unbound/trunk@4612 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-09 13:27:28 +00:00
Wouter Wijngaards
874165904f
doc and flex and yacc.
...
git-svn-id: file:///svn/unbound/trunk@4589 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-03-15 14:23:51 +00:00
Wouter Wijngaards
e784758a21
- Add --with-libhiredis, unbound support for a new cached backend
...
that uses a Redis server as the storage. This implementation
depends on the hiredis client library (https://redislabs.com/lp/hiredis/ ).
And unbound should be built with both --enable-cachedb and
--with-libhiredis[=PATH] (where $PATH/include/hiredis/hiredis.h
should exist). Patch from Jinmei Tatuya (Infoblox).
git-svn-id: file:///svn/unbound/trunk@4586 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-03-15 12:33:51 +00:00
Wouter Wijngaards
54bd1fdd62
- tls-cert-bundle option in unbound.conf enables TLS authentication.
...
git-svn-id: file:///svn/unbound/trunk@4532 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-02-13 10:35:09 +00:00
Ralph Dolmans
77f78152ee
- Aggressive use of NSEC implementation. Use cached NSEC records to generate
...
NXDOMAIN, NODATA and positive wildcard answers.
git-svn-id: file:///svn/unbound/trunk@4522 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-02-08 13:16:36 +00:00
Wouter Wijngaards
0362614f94
auth zone, make depend, fallback, create and delete, and lease_time,
...
and lock fixes.
git-svn-id: file:///svn/unbound/trunk@4466 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-01-30 10:35:20 +00:00
Wouter Wijngaards
b37bc47eaa
- Work on local root zone code.
...
git-svn-id: file:///svn/unbound/trunk@4376 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-10-17 15:16:31 +00:00
Wouter Wijngaards
52e2331dd4
- [dnscrypt] prevent dnscrypt-secret-key, dnscrypt-provider-cert
...
duplicates
- [dnscrypt] introduce dnscrypt-provider-cert-rotated option,
from Manu Bretelle.
This option allows handling multiple cert/key pairs while only
distributing some of them.
In order to reliably match a client magic with a given key without
strong assumption as to how those were generated, we need both key and
cert. Likewise, in order to know which ES version should be used.
On the other hand, when rotating a cert, it can be desirable to only
serve the new cert but still be able to handle clients that are still
using the old certs's public key.
The `dnscrypt-provider-cert-rotated` allow to instruct unbound to not
publish the cert as part of the DNS's provider_name's TXT answer.
git-svn-id: file:///svn/unbound/trunk@4373 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-10-17 07:34:49 +00:00
Wouter Wijngaards
ee8f07a686
- Fix #1440 : [dnscrypt] client nonce cache.
...
git-svn-id: file:///svn/unbound/trunk@4351 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-09-18 08:55:08 +00:00
Wouter Wijngaards
c49226613b
- Fix #1435 : Please allow UDP to be disabled separately upstream and
...
downstream.
git-svn-id: file:///svn/unbound/trunk@4349 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-09-18 08:42:24 +00:00
Wouter Wijngaards
e583448a6d
les and bison.
...
git-svn-id: file:///svn/unbound/trunk@4329 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-08-31 11:59:38 +00:00
Wouter Wijngaards
5797c77f55
yacc 1.9 and flex 2.6.1.
...
git-svn-id: file:///svn/unbound/trunk@4296 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-08-08 09:09:45 +00:00
Wouter Wijngaards
c52c07c086
- Fix #1350 : make cachedb backend configurable (from JINMEI Tatuya).
...
git-svn-id: file:///svn/unbound/trunk@4275 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-07-17 08:21:19 +00:00
Ralph Dolmans
998793998d
- Added domain name based ECS whitelist.
...
git-svn-id: file:///svn/unbound/trunk@4217 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-06-08 14:44:55 +00:00
Wouter Wijngaards
7641f23f87
- updated configure, dependencies and flex output.
...
git-svn-id: file:///svn/unbound/trunk@4159 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-05-16 13:21:10 +00:00
Ralph Dolmans
a511d5d95e
- Implemented trust anchor signaling using key tag query.
...
git-svn-id: file:///svn/unbound/trunk@4134 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-04-26 12:58:13 +00:00
Ralph Dolmans
a2bc93547f
- Generalise inplace callback (de)registration
...
- (de)register inplace callbacks for module id
- No unbound-control set_option for ECS options
- Deprecated client-subnet-opcode config option
- Introduced client-subnet-always-forward config option
- Changed max-client-subnet-ipv6 default to 56 (as in RFC)
- Removed extern ECS config options
- module_restart_next now calls clear on all following modules
- Also create ECS module qstate on module_event_pass event
git-svn-id: file:///svn/unbound/trunk@4092 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-04-06 13:13:06 +00:00
Ralph Dolmans
b0fd814975
- Merge EDNS Client subnet implementation from feature branch into main branch,
...
using new EDNS processing framework.
git-svn-id: file:///svn/unbound/trunk@4074 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-03-21 12:08:17 +00:00
Wouter Wijngaards
86f0baf146
- make depend, autoconf, remove warnings about statement before var.
...
git-svn-id: file:///svn/unbound/trunk@4066 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-03-20 15:09:06 +00:00
Wouter Wijngaards
6c456aa15e
- Add trustanchor.unbound CH TXT that gets a response with a number
...
of TXT RRs with a string like "example.com. 2345 1234" with
the trust anchors and their keytags.
git-svn-id: file:///svn/unbound/trunk@4051 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-03-16 09:17:58 +00:00
Wouter Wijngaards
05215e8e7d
- --disable-sha1 disables SHA1 support in RRSIG, so from DNSKEY and
...
DS records. NSEC3 is not disabled.
- fake-sha1 test option; print warning if used. To make unit tests.
git-svn-id: file:///svn/unbound/trunk@4043 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-03-09 13:18:08 +00:00
Wouter Wijngaards
cae9809e11
- Response actions based on IP address from Jinmei Tatuya (Infoblox).
...
git-svn-id: file:///svn/unbound/trunk@4035 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-03-07 14:58:51 +00:00
Wouter Wijngaards
35ae8ef313
- Patch from Luiz Fernando Softov for Stats Shared Memory.
...
- unbound-control stats_shm command prints stats using shared memory,
which uses less cpu.
git-svn-id: file:///svn/unbound/trunk@4020 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-02-23 12:05:05 +00:00
Wouter Wijngaards
3a1ffe4c69
- Fix #1185 : Source IP rate limiting, patch from Larissa Feng.
...
git-svn-id: file:///svn/unbound/trunk@3981 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-01-05 13:57:12 +00:00
Wouter Wijngaards
9b4b0de746
- Fix #1184 : Log DNS replies. This includes the same logging
...
information that DNS queries and response code and response size,
patch from Larissa Feng.
git-svn-id: file:///svn/unbound/trunk@3980 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-01-05 11:39:54 +00:00
Wouter Wijngaards
cd7db58ce3
- configure --enable-systemd and lets unbound use systemd sockets if
...
you enable use-systemd: yes in unbound.conf.
Also there are contrib/unbound.socket and contrib/unbound.service:
systemd files for unbound, install them in /usr/lib/systemd/system.
Contributed by Sami Kerola and Pavel Odintsov.
git-svn-id: file:///svn/unbound/trunk@3975 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-01-03 13:43:29 +00:00
Ralph Dolmans
efe248c46a
- Added stub-ssl-upstream and forward-ssl-upstream options.
...
git-svn-id: file:///svn/unbound/trunk@3923 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-04 12:07:52 +00:00
Wouter Wijngaards
680e14cb65
- log-identity: config option to set sys log identity, patch from
...
"Robin H. Johnson" <robbat2@gentoo.org>
git-svn-id: file:///svn/unbound/trunk@3917 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-03 08:51:40 +00:00
Wouter Wijngaards
27182d614b
- Fix unit tests for openssl 1.1, with no DSA, by faking DSA, enabled
...
with the undocumented switch 'fake-dsa'. It logs a warning.
git-svn-id: file:///svn/unbound/trunk@3909 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-26 07:38:00 +00:00
Wouter Wijngaards
a9a65800b8
- serve-expired config option: serve expired responses with TTL 0.
...
git-svn-id: file:///svn/unbound/trunk@3903 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-24 12:43:20 +00:00
Ralph Dolmans
9c0944ec1e
- Added qname-minimisation-strict config option.
...
git-svn-id: file:///svn/unbound/trunk@3878 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-11 11:32:50 +00:00
Ralph Dolmans
b587c7f72d
Added views functionality.
...
git-svn-id: file:///svn/unbound/trunk@3876 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-05 09:36:25 +00:00
Wouter Wijngaards
b6b3e2b914
- For #787 : prefer-ip6 option for unbound.conf prefers to send
...
upstream queries to ipv6 servers.
git-svn-id: file:///svn/unbound/trunk@3803 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-07-04 14:49:49 +00:00
Wouter Wijngaards
c697604224
- Fix #784 : Build configure assumess that having getpwnam means there
...
is endpwent function available.
- Updated repository with newer flex and bison output.
git-svn-id: file:///svn/unbound/trunk@3799 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-06-27 08:00:55 +00:00
Ralph Dolmans
54b820773c
- Possibility to specify local-zone types for an acl/tag pair
...
- Possibility to specify (override) local-zone types for a source address block
git-svn-id: file:///svn/unbound/trunk@3797 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-06-24 19:08:58 +00:00
Wouter Wijngaards
0e97374466
- access-control-tag-action and access-control-tag-data config
...
directives.
- make depend
git-svn-id: file:///svn/unbound/trunk@3759 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-06-06 13:47:24 +00:00
Wouter Wijngaards
65bcb9b0ca
- local-zone-override config directive.
...
git-svn-id: file:///svn/unbound/trunk@3758 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-06-06 10:00:25 +00:00
Wouter Wijngaards
415fc52b08
- access-control-tag config directive.
...
git-svn-id: file:///svn/unbound/trunk@3754 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-06-06 08:33:59 +00:00
Wouter Wijngaards
7fcec8102f
- disable-dnssec-lame-check config option from Charles Walker.
...
git-svn-id: file:///svn/unbound/trunk@3725 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-05-24 12:17:42 +00:00
Wouter Wijngaards
46d476b0c2
define-tag and local-zone-tag configuration.
...
git-svn-id: file:///svn/unbound/trunk@3708 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-04-21 09:49:02 +00:00
Wouter Wijngaards
9f8b2bb468
- ip_freebind: yesno option in unbound.conf sets IP_FREEBIND for
...
binding to an IP address while the interface or address is down.
git-svn-id: file:///svn/unbound/trunk@3673 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-03-15 09:35:48 +00:00
Wouter Wijngaards
785697de82
- insecure-lan-zones: yesno config option, patch from Dag-Erling
...
Smørgrav.
git-svn-id: file:///svn/unbound/trunk@3619 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-02-09 13:25:59 +00:00
Wouter Wijngaards
c53222e101
- Fix to simplify empty string checking from Michael McConville.
...
git-svn-id: file:///svn/unbound/trunk@3600 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-01-14 08:28:46 +00:00
Wouter Wijngaards
5d0ad681a2
- #731 : tcp-mss, outgoing-tcp-mss options for unbound.conf, patch
...
from Daisuke Higashi.
git-svn-id: file:///svn/unbound/trunk@3591 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-01-05 10:03:59 +00:00
Wouter Wijngaards
3ee1dc25d5
yacced,lexed, include for undeclared function and make depend.
...
git-svn-id: file:///svn/unbound/trunk@3555 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-12-01 08:11:48 +00:00
Ralph Dolmans
a05bf09811
Implemented qname minimisation
...
git-svn-id: file:///svn/unbound/trunk@3554 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-11-30 16:10:26 +00:00
Wouter Wijngaards
ee263cf6c5
- Added permit-small-holddown config to debug fast 5011 rollover.
...
git-svn-id: file:///svn/unbound/trunk@3462 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-07-30 11:52:12 +00:00
Wouter Wijngaards
94a6478e05
- SOA negative TTL is capped at minimumttl in its rdata section.
...
- cache-max-negative-ttl config option, default 3600.
git-svn-id: file:///svn/unbound/trunk@3431 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-05-29 14:51:36 +00:00
Wouter Wijngaards
f03d3b870e
- caps-whitelist in unbound.conf allows whitelist of loadbalancers
...
that cannot work with caps-for-id or its fallback.
git-svn-id: file:///svn/unbound/trunk@3420 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-05-01 12:36:16 +00:00
Wouter Wijngaards
628ff05285
- Ratelimit does not apply to prefetched queries, and ratelimit-factor
...
is default 10. Repeated normal queries get resolved and with
prefetch stay in the cache.
git-svn-id: file:///svn/unbound/trunk@3399 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-04-16 14:18:50 +00:00
Wouter Wijngaards
e30a90febc
- ratelimit feature, ratelimit: 100, or some sensible qps, can be
...
used to turn it on. It ratelimits recursion effort per zone.
For particular names you can configure exceptions in unbound.conf.
git-svn-id: file:///svn/unbound/trunk@3391 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-04-10 09:59:57 +00:00
Wouter Wijngaards
77088b12ff
- Add ip-transparent config option for bind to non-local addresses.
...
git-svn-id: file:///svn/unbound/trunk@3369 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-03-19 09:50:35 +00:00
Wouter Wijngaards
49250ef291
- Fix #644 : harden-algo-downgrade option, if turned off, fixes the
...
reported excessive validation failure when multiple algorithms
are present. It allows the weakest algorithm to validate the zone.
git-svn-id: file:///svn/unbound/trunk@3354 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-03-09 13:30:37 +00:00
Wouter Wijngaards
3ef33154e5
- infra-cache-min-rtt patch from Florian Riehm, for expected long
...
uplink roundtrip times.
git-svn-id: file:///svn/unbound/trunk@3328 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-02-02 08:46:22 +00:00
Wouter Wijngaards
df73be98bd
- patch for remote control over local sockets, from Dag-Erling
...
Smorgrav, Ilya Bakulin. Use control-interface: /path/sock and
control-use-cert: no.
git-svn-id: file:///svn/unbound/trunk@3304 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-01-06 14:12:59 +00:00
Wouter Wijngaards
e8fa4a9aff
- parser with bison 2.7
...
git-svn-id: file:///svn/unbound/trunk@3270 be551aaa-1e26-0410-a405-d3ace91eadb9
2014-11-14 15:59:30 +00:00
Wouter Wijngaards
8ccba42b1f
- dnstap support, with a patch from Farsight Security, written by
...
Robert Edmonds. The --enable-dnstap needs libfstrm and protobuf-c.
It is BSD licensed (see dnstap/dnstap.c).
Building with --enable-dnstap needs pkg-config with this patch.
- Noted dnstap in doc/README and doc/CREDITS.
git-svn-id: file:///svn/unbound/trunk@3206 be551aaa-1e26-0410-a405-d3ace91eadb9
2014-08-05 07:57:52 +00:00
Wouter Wijngaards
45022b6add
- DNS64 from Viagenie (BSD Licensed), written by Simon Perrault.
...
Initial commit of the patch from the FreeBSD base (with its fixes).
This adds a module (for module-config in unbound.conf) dns64 that
performs DNS64 processing, see README.DNS64.
git-svn-id: file:///svn/unbound/trunk@3198 be551aaa-1e26-0410-a405-d3ace91eadb9
2014-07-31 07:15:33 +00:00
Wouter Wijngaards
bdc57e5be5
- Feature, unblock-lan-zones: yesno that you can use to make unbound
...
perform 10.0.0.0/8 and other reverse lookups normally, for use if
unbound is running service for localhost on localhost.
git-svn-id: file:///svn/unbound/trunk@3133 be551aaa-1e26-0410-a405-d3ace91eadb9
2014-05-20 10:38:32 +00:00
Wouter Wijngaards
d8e5a83392
- delay-close: msec option that delays closing ports for which
...
the UDP reply has timed out. Keeps the port open, only accepts
the correct reply. This correct reply is not used, but the port
is open so that no port-denied ICMPs are generated.
git-svn-id: file:///svn/unbound/trunk@3058 be551aaa-1e26-0410-a405-d3ace91eadb9
2014-01-28 14:35:55 +00:00
Wouter Wijngaards
60511959ab
- so-reuseport: yesno option to distribute queries evenly over
...
threads on Linux (Thanks Robert Edmonds).
git-svn-id: file:///svn/unbound/trunk@3049 be551aaa-1e26-0410-a405-d3ace91eadb9
2014-01-24 11:43:38 +00:00
Wouter Wijngaards
b9efb261da
- Fix bug#536: acl_deny_non_local and refuse_non_local added.
...
git-svn-id: file:///svn/unbound/trunk@3015 be551aaa-1e26-0410-a405-d3ace91eadb9
2013-11-12 10:08:54 +00:00
Wouter Wijngaards
29e96e86c9
- separate ldns into core ldns inside ldns/ subdirectory. No more
...
--with-ldns is needed and unbound does not rely on libldns.
git-svn-id: file:///svn/unbound/trunk@2998 be551aaa-1e26-0410-a405-d3ace91eadb9
2013-10-31 15:09:26 +00:00
Wouter Wijngaards
ff1dbe4fcc
- Implement max-udp-size config option, default 4096 (thanks
...
Daisuke Higashi).
git-svn-id: file:///svn/unbound/trunk@2893 be551aaa-1e26-0410-a405-d3ace91eadb9
2013-04-25 11:55:46 +00:00
Wouter Wijngaards
cf147df593
- Applied patch from Daisuke HIGASHI for rrset-roundrobin and
...
minimal-responses features.
git-svn-id: file:///svn/unbound/trunk@2658 be551aaa-1e26-0410-a405-d3ace91eadb9
2012-04-10 09:16:39 +00:00
Wouter Wijngaards
1736d8078a
- forward-first option. Tries without forward if a query fails.
...
Also stub-first option that is similar.
git-svn-id: file:///svn/unbound/trunk@2637 be551aaa-1e26-0410-a405-d3ace91eadb9
2012-03-01 13:16:40 +00:00
Wouter Wijngaards
8f5596f643
ssl_port setting, so that the dnssec-trigger server can be on one host machine.
...
git-svn-id: file:///svn/unbound/trunk@2539 be551aaa-1e26-0410-a405-d3ace91eadb9
2011-11-08 10:56:42 +00:00
Wouter Wijngaards
aa0536dcb5
- dns over ssl support, ssl-service-pem and ssl-service-key files
...
can be given and then TCP queries are serviced wrapped in SSL.
git-svn-id: file:///svn/unbound/trunk@2530 be551aaa-1e26-0410-a405-d3ace91eadb9
2011-10-31 14:48:48 +00:00
Wouter Wijngaards
05e118b7d5
tcp upstream option.
...
git-svn-id: file:///svn/unbound/trunk@2480 be551aaa-1e26-0410-a405-d3ace91eadb9
2011-08-22 13:58:40 +00:00
Wouter Wijngaards
8def9c1043
- log-queries: yesno option, default is no, prints querylog.
...
git-svn-id: file:///svn/unbound/trunk@2429 be551aaa-1e26-0410-a405-d3ace91eadb9
2011-06-16 13:15:57 +00:00
Wouter Wijngaards
ca38a8bd55
- feature, ignore-cd-flag: yesno to provide dnssec to legacy servers.
...
git-svn-id: file:///svn/unbound/trunk@2414 be551aaa-1e26-0410-a405-d3ace91eadb9
2011-05-10 11:20:14 +00:00
Wouter Wijngaards
78cc3d8ae1
harden-below-nxdomain option taken from draft-vixie-dnsext-resimprove.
...
Default off (for now), as some older software that gives nxdomain for ENT
would be incompatible. But that would only happen in the reverse tree, and
such software (nonDNSSEC) may go out of style, so in the future a default yes
could be possible.
git-svn-id: file:///svn/unbound/trunk@2347 be551aaa-1e26-0410-a405-d3ace91eadb9
2010-11-18 08:49:15 +00:00
Wouter Wijngaards
8c5b3d3c8f
- so-sndbuf option for very busy servers, a bit like so-rcvbuf.
...
git-svn-id: file:///svn/unbound/trunk@2344 be551aaa-1e26-0410-a405-d3ace91eadb9
2010-11-15 14:30:34 +00:00
Wouter Wijngaards
271445fa4d
- Fix bug#308: spelling error in variable name in parser and lexer.
...
git-svn-id: file:///svn/unbound/trunk@2110 be551aaa-1e26-0410-a405-d3ace91eadb9
2010-05-06 05:23:49 +00:00
Wouter Wijngaards
bcd1ac7599
prefetch-key feature.
...
git-svn-id: file:///svn/unbound/trunk@1956 be551aaa-1e26-0410-a405-d3ace91eadb9
2010-01-13 13:33:18 +00:00
Wouter Wijngaards
43d228c5bc
Doc fix and work on prefetch feature.
...
git-svn-id: file:///svn/unbound/trunk@1951 be551aaa-1e26-0410-a405-d3ace91eadb9
2010-01-07 14:38:18 +00:00
Wouter Wijngaards
5b66f07e38
edns-buffer-size option.
...
git-svn-id: file:///svn/unbound/trunk@1881 be551aaa-1e26-0410-a405-d3ace91eadb9
2009-10-29 10:37:44 +00:00
Wouter Wijngaards
d59a8baec2
so-rcvbuf option.
...
git-svn-id: file:///svn/unbound/trunk@1851 be551aaa-1e26-0410-a405-d3ace91eadb9
2009-09-25 08:54:50 +00:00