clones/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2024-09-22 07:07:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,537 Commits 27 Branches 196 Tags 104 MiB
41b78b263d
Commit Graph

33 Commits

Author SHA1 Message Date
Wouter Wijngaards
152458c40b - spelling fixes from Igor Sobrado Delgado. 
git-svn-id: file:///svn/unbound/trunk@3544 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-18 14:11:46 +00:00
Wouter Wijngaards
e08aa7c5e1 - Fix validation failure in case upstream forwarder (ISC BIND) does 
not have the same trust anchors and decides to insert unsigned NS
  record in authority section.


git-svn-id: file:///svn/unbound/trunk@3329 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-02-09 11:44:46 +00:00
Wouter Wijngaards
2b90f38a70 And fix #551 REGENT to COPYRIGHT HOLDER in license in file headings. 
git-svn-id: file:///svn/unbound/trunk@3079 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-07 13:28:39 +00:00
Wouter Wijngaards
daab92e954 - algorithm compromise protection using the algorithms signalled in 
the DS record.  Also, trust anchors, DLV, and RFC5011 receive this,
         and thus, if you have multiple algorithms in your trust-anchor-file
         then it will now behave different than before.  Also, 5011 rollover
         for algorithms needs to be double-signature until the old algorithm
         is revoked.


git-svn-id: file:///svn/unbound/trunk@2358 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-21 14:19:55 +00:00
Wouter Wijngaards
e9582487d9 Work on validation of multiple algorithms. 
git-svn-id: file:///svn/unbound/trunk@2356 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-20 15:58:12 +00:00
Wouter Wijngaards
46345c0809 - Fix bug when DLV below a trust-anchor that uses NSEC3 optout where 
the zone has a secure delegation hosted on the same server did not
         verify as secure (it was insecure by mistake).


git-svn-id: file:///svn/unbound/trunk@2275 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-11 12:21:19 +00:00
Wouter Wijngaards
8b274b92aa - Algorithm rollover operational reality intrudes, for trust-anchor, 
5011-store, and DLV-anchor if one key matches it's good enough.


git-svn-id: file:///svn/unbound/trunk@2235 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-16 13:40:26 +00:00
Wouter Wijngaards
c68aebb3d7 - Fix SOA excluded from negative DS responses. Reported by Hauke 
Lampe.  The negative cache did not include proper SOA records for
	  negative qtype DS responses which makes BIND barf on it, such
	  responses are now only used internally.
	- Fix negative cache lookup of closestencloser check of DS type bit.



git-svn-id: file:///svn/unbound/trunk@1932 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-12-09 14:55:19 +00:00
Wouter Wijngaards
07f5b21b7b parameter documented 
git-svn-id: file:///svn/unbound/trunk@1887 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-11-02 15:23:41 +00:00
Wouter Wijngaards
bf8bc06860 Fix autotrust initialised with DS. 
git-svn-id: file:///svn/unbound/trunk@1884 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-11-02 13:56:14 +00:00
Wouter Wijngaards
f42d27e1a2 - Made new validator error string available from libunbound for 
applications.  It is in result->why_bogus, a zero-terminated string.
	  unbound-host prints it by default if a result is bogus.
	  Also the errinf is public in module_qstate (for other modules).
	Binary API different. bumped library ABI version.


git-svn-id: file:///svn/unbound/trunk@1874 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-08 17:05:53 +00:00
Wouter Wijngaards
a909fa9a3a neater explanation for unsigned or signatureless negative DS replies. 
git-svn-id: file:///svn/unbound/trunk@1870 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-08 06:57:23 +00:00
Wouter Wijngaards
e0b639accd More vallog reason. Doxygen. 
git-svn-id: file:///svn/unbound/trunk@1869 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-08 06:35:14 +00:00
Wouter Wijngaards
ce45cbda6d - moved version number to 1.4.0 because of 1.3.4 release with only 
the NSEC3 patch.
	- val-log-level: 2 shows extended error information for validation
	  failures, but still one (longish) line per failure.  For example:
	  validation failure <example.com. DNSKEY IN>: signature expired from
	  192.0.2.4 for trust anchor example.com. while building chain of trust
	  validation failure <www.example.com. A IN>: no signatures from
	  192.0.2.6 for key example.com. while building chain of trust



git-svn-id: file:///svn/unbound/trunk@1868 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-07 16:45:47 +00:00
Wouter Wijngaards
5d2e8e8e97 Retry mode, DS and prime. 
git-svn-id: file:///svn/unbound/trunk@1860 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-07 07:52:02 +00:00
Wouter Wijngaards
a8dccbdd40 autotrust 
git-svn-id: file:///svn/unbound/trunk@1765 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-17 15:58:27 +00:00
Wouter Wijngaards
41e589b08b Fixup trust anchor algorithm check. 
git-svn-id: file:///svn/unbound/trunk@1532 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-03-18 13:07:48 +00:00
Wouter Wijngaards
05cd134de9 Do not mark additional section items bogus. 
git-svn-id: file:///svn/unbound/trunk@1222 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-09-02 14:35:13 +00:00
Wouter Wijngaards
b2710818d4 Faster due to time-sharing. 
git-svn-id: file:///svn/unbound/trunk@966 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-02-19 13:12:23 +00:00
Wouter Wijngaards
09e18ffdbb fixup validator classification of root referrals. 
git-svn-id: file:///svn/unbound/trunk@936 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-02-08 12:24:01 +00:00
Wouter Wijngaards
63aa7463e8 ISO C 
git-svn-id: file:///svn/unbound/trunk@712 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-22 09:14:29 +00:00
Wouter Wijngaards
6f49c2fe55 regional nicer, remove region-allocator. 
git-svn-id: file:///svn/unbound/trunk@697 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-18 20:31:43 +00:00
Wouter Wijngaards
75792c34dc fixup insecure glue on referrals. 
git-svn-id: file:///svn/unbound/trunk@688 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-17 15:48:54 +00:00
Wouter Wijngaards
e8bcec4529 print validator classification type. 
update plan items.


git-svn-id: file:///svn/unbound/trunk@619 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-18 12:33:51 +00:00
Wouter Wijngaards
0e90c03e95 Referral validation. 
git-svn-id: file:///svn/unbound/trunk@553 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-28 09:39:43 +00:00
Wouter Wijngaards
f9cc9481e2 validator also computes insecure and indeterminate for rrsets and stores 
that.


git-svn-id: file:///svn/unbound/trunk@551 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-27 14:55:06 +00:00
Wouter Wijngaards
3a422ba496 prettier proof routines. 
git-svn-id: file:///svn/unbound/trunk@544 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-24 10:36:15 +00:00
Wouter Wijngaards
6890f55d17 refuse unsigned authority section. clean additional section as option. 
git-svn-id: file:///svn/unbound/trunk@543 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-24 09:44:29 +00:00
Wouter Wijngaards
b54a0400ab CNAME validation. 
git-svn-id: file:///svn/unbound/trunk@542 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-23 15:23:45 +00:00
Wouter Wijngaards
1b42a51048 VALIDATE state and positive response validation. 
git-svn-id: file:///svn/unbound/trunk@532 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-20 12:31:12 +00:00
Wouter Wijngaards
cedeaa8316 ds2ke and nsec work. 
git-svn-id: file:///svn/unbound/trunk@529 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-17 11:41:49 +00:00
Wouter Wijngaards
b2639ba961 val_util work. 
git-svn-id: file:///svn/unbound/trunk@497 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-07 14:30:01 +00:00
Wouter Wijngaards
188bfacd05 validator work. 
git-svn-id: file:///svn/unbound/trunk@493 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-06 12:57:29 +00:00