clones/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2024-09-22 07:07:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,593 Commits 27 Branches 196 Tags 104 MiB
334498d9b9
Commit Graph

879 Commits

Author SHA1 Message Date
gthess
334498d9b9
Merge pull request #221 from NLnetLabs/more-SNI 
More SNI support on TLS
 2020-04-17 11:37:47 +02:00
George Thessalonikefs
e430e95d30 - Add SNI support on more TLS connections (fixes #193). 
- Add SNI support to unbound-anchor.
 2020-04-16 14:39:05 +02:00
George Thessalonikefs
e18ab07c62 - Add doxygen documentation for DSCP. 2020-04-16 13:58:35 +02:00
George Thessalonikefs
8a87fc6ae7 - Fix #220: auth-zone section in config may lead to segfault. 2020-04-15 17:57:02 +02:00
Ralph Dolmans
e4eb76a5f3 - Fix RPZ concurrency issue when using auth_zone_reload. 2020-03-26 19:11:57 +01:00
W.C.A. Wijngaards
bcdc13514a - Fixes on #200. and rerun autoconf. 2020-03-24 09:32:04 +01:00
Yaroslav K
cfddbcb5be add setting IP DiffServ Codepoint (DSCP, previously TOS) on sockets 2020-03-23 19:37:43 +00:00
Florian Obser
1a81965748 Declare lz_enter_rr_into_zone() static, it's only used in this file. 
Pointed out by clang with -Wmissing-prototypes
 2020-03-20 11:53:13 +01:00
Ralph Dolmans
87474563ff Merge branch 'kernel-random-port' of https://github.com/fobser/unbound into fobser-kernel-random-port 2020-03-19 15:48:12 +01:00
Ralph Dolmans
28e6c86e61 - Add check to make sure RPZ records are subdomain of configured zone origin. 2020-03-11 17:37:50 +01:00
W.C.A. Wijngaards
614ed2717b Merge branch 'master' into framestreams 
Fixed bison and flex conflicts by regenerating the files.
 2020-02-28 14:31:24 +01:00
W.C.A. Wijngaards
6f4818ebcb - Fix more undefined sanitizer issues, in respip copy_rrset null 
dname, and in the client_info_compare routine for null memcmp.
 2020-02-27 15:43:27 +01:00
Florian Obser
5aaa5e253d Allow the kernel to provide random source ports. 
On some operating systems, for example OpenBSD since some decades, the
kernel binds to a random source port if asked for any port (port
number 0). There is no need to replicate this functionality in
userland.
 2020-02-20 14:54:06 +01:00
W.C.A. Wijngaards
184f26355a Fix ifdef of X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS, and 
Merge branch 'master' into framestreams
 2020-02-18 08:33:58 +01:00
W.C.A. Wijngaards
6accd3d681 - protect X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS with ifdef for 
different openssl versions.
 2020-02-18 08:31:38 +01:00
W.C.A. Wijngaards
b4f055effc Merge branch 'master' into framestreams 2020-02-17 15:25:47 +01:00
George Thessalonikefs
4b354d38c1 - Remove unused variable. 2020-02-17 12:56:20 +01:00
W.C.A. Wijngaards
465af58457 dnstap io, fix to compile without ssl. 2020-02-14 13:23:58 +01:00
W.C.A. Wijngaards
e5e72eb398 Merge branch 'master' into framestreams 2020-02-12 11:58:01 +01:00
George Thessalonikefs
5d6358b66d - Cleaner code for mesh_serve_expired_lookup. 2020-02-06 14:38:01 +01:00
W.C.A. Wijngaards
4089147351 - Fix to lock and release once in mesh_serve_expired_lookup. 2020-02-06 14:01:45 +01:00
W.C.A. Wijngaards
18ea62e369 - Fix to lock zone before adding rpz qname trigger. 2020-02-06 12:22:15 +01:00
W.C.A. Wijngaards
d000523b00 - Fix to create and destroy rpz_lock in auth_zones structure. 2020-02-06 11:51:17 +01:00
George Thessalonikefs
0758d29324 - Fix num_reply_states and num_detached_states counting with 
serve_expired_callback.
 2020-02-06 11:44:48 +01:00
W.C.A. Wijngaards
af7abd4dfd - Fix num_reply_addr counting in mesh and tcp drop due to size 
after serve_stale commit.
 2020-02-06 11:09:30 +01:00
W.C.A. Wijngaards
ad180402ea dnstap io, set tls auth name in outgoing ssl 2020-02-05 16:17:21 +01:00
gthess
f7fe95ad7b
Serve stale (#159) 
- Added serve-stale functionality as described in
  draft-ietf-dnsop-serve-stale-10. `serve-expired-*` options can be used
  to configure the behavior.
- Updated cachedb to honor `serve-expired-ttl`; Fixes #107.
- Renamed statistic `num.zero_ttl` to `num.expired` as expired replies
  come with a configurable TTL value (`serve-expired-reply-ttl`).
- Fixed stats when replying with cached, cname-aliased records.
- Added missing default values for redis cachedb backend.
 2020-02-05 14:20:27 +01:00
Ralph Dolmans
4fc622031d - Reformat rpz disabled stats counter 2020-02-03 16:52:25 +01:00
Ralph Dolmans
810862dc65 - Stop working on socket when socket() call returns an error. 
- Check malloc return values in TLS session ticket code
 2020-01-30 19:15:58 +01:00
Ralph Dolmans
056176ec9a Merge branch 'master' into rpz 2020-01-30 15:57:34 +01:00
Ralph Dolmans
4f5b934688 - Fix small memory leak in error condition remote.c 
- Fix double free in error condition view.c
 2020-01-30 14:56:48 +01:00
Ralph Dolmans
b9c9fc066f - Fix RPZ locking issues on error conditions 2020-01-30 14:46:39 +01:00
Ralph Dolmans
7da16febc4 - Use consistent dname buffer sizes for RPZ 2020-01-29 12:07:13 +01:00
Ralph Dolmans
ef120738c0 - Fix RPZ's get_tld_label maxdnamelen check 2020-01-29 10:57:29 +01:00
Ralph Dolmans
9df07b4036 - Address review feedback 2020-01-28 18:35:04 +01:00
Mikhail Nacharov
c3fac2550f
minor #1344 change rfc reference for reserved top level dns names 2020-01-27 22:04:09 +05:00
Ralph Dolmans
9877e52161 Merge branch 'master' of github.com:NLnetLabs/unbound into rpz 2020-01-15 23:44:10 +01:00
Ralph Dolmans
16543731f5 - Fix doxygen issue 2020-01-15 23:14:24 +01:00
Ralph Dolmans
344f12dd99 - fix compiler warnings 2020-01-15 23:03:44 +01:00
Ralph Dolmans
14913d75c0 - processed RPZ review feedback 
- fix potential locking issue
  - add extra out of bound checks
 2020-01-15 22:45:29 +01:00
Ralph Dolmans
e098285892 - Implement RPZ CNAME target wildcard synthesis 2020-01-15 22:42:18 +01:00
W.C.A. Wijngaards
1e0c957dcd - Fix auth zone support for NSEC3 records without salt. 2020-01-14 16:03:29 +01:00
Ralph Dolmans
ae4f6a259b Proccess more review feedback 2019-12-23 16:02:43 +01:00
W.C.A. Wijngaards
41d3e2027c - Fix to make auth zone IXFR to fallback to AXFR if a single 
response RR is received over TCP with the SOA in it.
 2019-12-10 13:09:50 +01:00
W.C.A. Wijngaards
5a66aecef9 - Fix similar code in auth_zone synth cname to add the extra checks. 2019-12-03 15:11:22 +01:00
W.C.A. Wijngaards
1718a8e6b5 - Fix dname loop maximum, reported by Eric Sesterhenn from X41 D-Sec. 2019-11-22 14:23:00 +01:00
Ralph Dolmans
bbb737ca5a processing RPZ review feedback 2019-11-22 12:56:24 +08:00
W.C.A. Wijngaards
493921ef1f Review fix of space. 2019-11-20 14:24:31 +01:00
W.C.A. Wijngaards
3a49e683ed - Fix Enum Name not Used, reported by X41 D-Sec. 2019-11-20 14:22:06 +01:00
W.C.A. Wijngaards
16bbfc3461 - Fix authzone printout buffer length check. 2019-11-19 10:09:44 +01:00