clones/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2024-09-21 22:57:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,580 Commits 27 Branches 196 Tags 104 MiB
22ab255231
Commit Graph

90 Commits

Author SHA1 Message Date
W.C.A. Wijngaards
cca5cfc88f - Fix compile on Solaris for unbound-checkconf. 2020-03-23 17:26:06 +01:00
W.C.A. Wijngaards
e4268663e6 - Fix #192: In the unbound-checkconf tool, the module config of 
dns64 subnetcache respip validator iterator is whitelisted, it was
  reported it seems to work.
 2020-03-16 09:44:38 +01:00
W.C.A. Wijngaards
318d4e91cc - Fix #165: Add prefer-ip4: yesno config option to prefer ipv4 for 
using ipv4 filters, because the hosts ip6 netblock /64 is not owned
  by one operator, and thus reputation is shared.
 2020-02-25 09:55:59 +01:00
Ralph Dolmans
b770699319 typo fix 2020-02-17 13:38:01 +01:00
Ralph Dolmans
fe5370a98a - Add respip to supported module-config options in unbound-checkconf. 2020-02-17 13:36:30 +01:00
W.C.A. Wijngaards
2665ae0414 - Stop unbound-checkconf from insisting that auth-zone and rpz 
zonefiles have to exist.  They can not exist, and download later.
 2020-02-14 07:57:57 +01:00
Ralph Dolmans
2b5cd8e9b4 Merge remote-tracking branch 'ralph/feature/rpz' into rpz 2019-09-09 17:11:26 +02:00
W.C.A. Wijngaards
bdb6c153e4 - Please doxygen's parser for "@" occurrence in doxygen comment. 2019-08-16 12:21:40 +02:00
Ralph Dolmans
a16111d471 Prevent potential double free 2019-08-16 12:13:30 +02:00
Ralph Dolmans
a8d6147ae4 - Added RPZ response IP support 2019-07-16 18:43:16 +02:00
W.C.A. Wijngaards
36819adcc2 Nicer spelling and layout. 2019-06-25 15:14:07 +02:00
W.C.A. Wijngaards
da46ea24d5 - For #45, check that 127.0.0.1 and ::1 are not used in unbound.conf 
when do-not-query-localhost is turned on, or at default on,
  unbound-checkconf prints a warning if it is found in forward-addr or
  stub-addr statements.
 2019-06-25 14:50:49 +02:00
Kevin Chu
1a48bdebb5 Add support for ipset 2019-05-02 19:43:30 +08:00
Ralph Dolmans
74f11b852c - apply chroot to auth-zone zonefile in unbound-checkconf 2019-04-11 15:07:49 +02:00
Wouter Wijngaards
81ded6124d - Fix that unbound-checkconf does not complains if the config file 
is not placed inside the chroot.


git-svn-id: file:///svn/unbound/trunk@4995 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-11-29 12:55:13 +00:00
Wouter Wijngaards
a07337fd6d Breakout at end. 
git-svn-id: file:///svn/unbound/trunk@4845 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-09 09:07:31 +00:00
Wouter Wijngaards
c580e0e33c Fixup 
git-svn-id: file:///svn/unbound/trunk@4843 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-09 08:46:13 +00:00
Wouter Wijngaards
d2f7999b4e - unbound-checkconf checks if modules exist and prints if they are 
not compiled in the name of the wrong module.


git-svn-id: file:///svn/unbound/trunk@4842 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-09 08:33:56 +00:00
Wouter Wijngaards
586b811b87 - Patch to implement tcp-connection-limit from Jim Hague (Sinodun). 
This limits the number of simultaneous TCP client connections
  from a nominated netblock.
And a simple test for TCP connection limit.


git-svn-id: file:///svn/unbound/trunk@4835 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-08-07 11:57:42 +00:00
Wouter Wijngaards
b26257248d - Fix unbound-checkconf for control-use-cert. 
git-svn-id: file:///svn/unbound/trunk@4742 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-18 12:15:21 +00:00
Wouter Wijngaards
7fd32916e8 - #4102 for NSD, but for Unbound. Named unix pipes do not use 
certificate and key files, access can be restricted with file and
  directory permissions.  The option control-use-cert is no longer
  used, and ignored if found in unbound.conf.


git-svn-id: file:///svn/unbound/trunk@4718 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-12 07:43:52 +00:00
Wouter Wijngaards
0362614f94 auth zone, make depend, fallback, create and delete, and lease_time, 
and lock fixes.


git-svn-id: file:///svn/unbound/trunk@4466 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-30 10:35:20 +00:00
Wouter Wijngaards
c54dfcade9 - Fix that unbound-checkconf -f flag works with auto-trust-anchor-file 
for startup scripts to get the full pathname(s) of anchor file(s).


git-svn-id: file:///svn/unbound/trunk@4447 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-23 14:20:17 +00:00
Wouter Wijngaards
bdb6a5501a - authzone work, probe timer setup. 
git-svn-id: file:///svn/unbound/trunk@4378 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-19 09:03:36 +00:00
Wouter Wijngaards
b37bc47eaa - Work on local root zone code. 
git-svn-id: file:///svn/unbound/trunk@4376 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-17 15:16:31 +00:00
Wouter Wijngaards
0b7d3bfd30 - Add dns64 for client-subnet in unbound-checkconf. 
git-svn-id: file:///svn/unbound/trunk@4340 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-12 05:43:46 +00:00
Wouter Wijngaards
3dc206c721 - Fix #1407: Add ECS options check to unbound-checkconf. 
git-svn-id: file:///svn/unbound/trunk@4307 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-22 07:43:59 +00:00
Wouter Wijngaards
5fba7e4339 - Fix for unbound-checkconf, check ipsecmod-hook if ipsecmod is turned 
on.


git-svn-id: file:///svn/unbound/trunk@4257 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-03 07:14:37 +00:00
George Thessalonikefs
491b0a26e4 - Implemented opportunistic IPsec support module (ipsecmod). 
- Some whitespace fixup.


git-svn-id: file:///svn/unbound/trunk@4158 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-16 12:39:24 +00:00
Ralph Dolmans
89c2383c71 - Fix #1252: more indentation inconsistencies. 
git-svn-id: file:///svn/unbound/trunk@4125 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-18 09:00:52 +00:00
Ralph Dolmans
b0fd814975 - Merge EDNS Client subnet implementation from feature branch into main branch, 
using new EDNS processing framework.


git-svn-id: file:///svn/unbound/trunk@4074 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-21 12:08:17 +00:00
Wouter Wijngaards
cae9809e11 - Response actions based on IP address from Jinmei Tatuya (Infoblox). 
git-svn-id: file:///svn/unbound/trunk@4035 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-07 14:58:51 +00:00
George Thessalonikefs
7b948b0647 - Added generic EDNS code for registering known EDNS option codes, 
bypassing the cache response stage and uniquifying mesh states. Four EDNS
  option lists were added to module_qstate (module_qstate.edns_opts_*) to
  store EDNS options from/to front/back side.
- Added two flags to module_qstate (no_cache_lookup, no_cache_store) that
  control the modules' cache interactions.
- Added code for registering inplace callback functions. The registered
  functions can be called just before replying with local data or Chaos,
  replying from cache, replying with SERVFAIL, replying with a resolved
  query, sending a query to a nameserver. The functions can inspect the
  available data and maybe change response/query related data (i.e. append
  EDNS options).
- Updated Python module for the above.
- Updated Python documentation.



git-svn-id: file:///svn/unbound/trunk@3947 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-06 13:42:51 +00:00
Ralph Dolmans
2dce3856cd Check and free data allocated by fname_after_chroot 
git-svn-id: file:///svn/unbound/trunk@3935 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-23 11:21:10 +00:00
Wouter Wijngaards
52dbaa4ac1 - Fix #838: 1.5.10 cannot be built on Solaris, undefined PATH_MAX. 
git-svn-id: file:///svn/unbound/trunk@3871 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-29 07:00:31 +00:00
Wouter Wijngaards
1508a5bb2c - Fix incomplete prototypes reported by Dag-Erling Smørgrav. 
git-svn-id: file:///svn/unbound/trunk@3848 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-05 07:23:23 +00:00
Wouter Wijngaards
1394dcba69 - Fix #787: outgoing-interface netblock/64 ipv6 option to use linux 
freebind to use 64bits of entropy for every query with random local
  part.


git-svn-id: file:///svn/unbound/trunk@3804 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-04 14:51:30 +00:00
Wouter Wijngaards
b6b3e2b914 - For #787: prefer-ip6 option for unbound.conf prefers to send 
upstream queries to ipv6 servers.


git-svn-id: file:///svn/unbound/trunk@3803 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-04 14:49:49 +00:00
Wouter Wijngaards
c697604224 - Fix #784: Build configure assumess that having getpwnam means there 
is endpwent function available.
- Updated repository with newer flex and bison output.


git-svn-id: file:///svn/unbound/trunk@3799 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-27 08:00:55 +00:00
Wouter Wijngaards
2fffe65332 - Fix directory: fix for unbound-checkconf, it restores cwd. 
git-svn-id: file:///svn/unbound/trunk@3783 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-13 13:33:51 +00:00
Wouter Wijngaards
f103787644 - cachedb module framework (empty). 
git-svn-id: file:///svn/unbound/trunk@3698 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-04-14 14:50:18 +00:00
Wouter Wijngaards
bb7b4db353 Fixup #724 in unbound-checkconf and fname_after_chroot calls. 
git-svn-id: file:///svn/unbound/trunk@3558 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-12-01 09:12:30 +00:00
Wouter Wijngaards
b2bdce46be - rename ldns subdirectory to sldns to avoid name collision. 
git-svn-id: file:///svn/unbound/trunk@3380 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-26 10:21:38 +00:00
Wouter Wijngaards
4de0734ec8 - unbound-checkconf -f prints chroot with pidfile path. 
git-svn-id: file:///svn/unbound/trunk@3316 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-16 14:31:02 +00:00
Wouter Wijngaards
df73be98bd - patch for remote control over local sockets, from Dag-Erling 
Smorgrav, Ilya Bakulin.  Use control-interface: /path/sock and
  control-use-cert: no.


git-svn-id: file:///svn/unbound/trunk@3304 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-06 14:12:59 +00:00
Wouter Wijngaards
1c42e5f3f9 - Fix unbound-checkconf check for module config with dns64 module. 
git-svn-id: file:///svn/unbound/trunk@3238 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-10-10 07:07:58 +00:00
Wouter Wijngaards
0c7d24f655 - Fix #603: unbound-checkconf -o <option> should skip verification 
checks.


git-svn-id: file:///svn/unbound/trunk@3207 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-08-18 07:21:01 +00:00
Wouter Wijngaards
2b90f38a70 And fix #551 REGENT to COPYRIGHT HOLDER in license in file headings. 
git-svn-id: file:///svn/unbound/trunk@3079 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-07 13:28:39 +00:00
Wouter Wijngaards
361cc1f511 - made lint clean. 
git-svn-id: file:///svn/unbound/trunk@3050 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-01-24 13:23:45 +00:00
Wouter Wijngaards
d3cbd76546 - Fix sldns to use sldns_ prefix for all ldns_ variables. 
git-svn-id: file:///svn/unbound/trunk@3022 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-12-03 09:11:16 +00:00