W.C.A. Wijngaards
4b2799fdd6
- Fix #533 : Negative responses get cached even when setting
...
cache-max-negative-ttl: 1
2021-08-27 10:33:21 +02:00
W.C.A. Wijngaards
a9de6879b8
Merge branch 'master' into rpz-triggers
2021-08-18 09:53:35 +02:00
Shchelkunov Artem
e20b2c1aaf
fix: free() call more than once with the same pointer
2021-08-11 15:14:43 +05:00
W.C.A. Wijngaards
f232562430
Merge branch 'master' into rpz-triggers
2021-08-05 13:37:22 +02:00
W.C.A. Wijngaards
79209823ac
- Fix a number of warnings reported by the gcc analyzer.
2021-06-18 18:12:26 +02:00
W.C.A. Wijngaards
355526da7d
- rpz-triggers, the added soa for client ip modified answers is affected
...
by the minimal-responses config option.
2021-05-14 16:34:38 +02:00
W.C.A. Wijngaards
50dcadd495
- rpz-triggers, for clientip modified answers the rpz SOA is added to the
...
additional section with the serial number and name of the rpz zone that
was applied.
2021-05-14 15:34:48 +02:00
W.C.A. Wijngaards
32d82fac9b
Merge branch 'master' into rpz-triggers
2021-05-14 08:47:56 +02:00
George Thessalonikefs
e9a5f5ab3f
- Add more logging for out-of-memory cases.
2021-05-04 15:39:06 +02:00
W.C.A. Wijngaards
1c75e62804
- rpz-triggers, separate cache storage of RPZ records from network records.
2021-04-01 12:06:14 +02:00
W.C.A. Wijngaards
6f507eb036
Merge branch 'master' into rpz-triggers
2021-03-12 09:04:54 +01:00
W.C.A. Wijngaards
3b24d845ff
- Fix doxygen and pydoc warnings.
2021-02-18 11:39:06 +01:00
George Thessalonikefs
f5b7169729
Merge branch 'orig_ttl' of https://github.com/rijswijk/unbound into rijswijk-orig_ttl
2021-01-25 17:39:24 +01:00
Roland van Rijswijk-Deij
d253db04fd
Addressed review comment from @wcawijngaards
2021-01-22 18:56:09 +00:00
Roland van Rijswijk-Deij
c4c849d878
Rebase on master
2021-01-22 16:44:56 +00:00
Willem Toorop
48ecf95108
Merge branch 'master' into features/padding
2021-01-22 10:29:50 +01:00
W.C.A. Wijngaards
cdb60adcdc
Merge branch 'rpz' of https://github.com/magenbluten/unbound into magenbluten-rpz
...
Conflict fixed for rpz.disabled check added.
2021-01-14 12:11:29 +01:00
W.C.A. Wijngaards
d9dd7bc36f
- Add comment documentation.
2021-01-08 11:01:06 +01:00
W.C.A. Wijngaards
ee2545d939
- For #391 : fix indentation.
2021-01-08 09:53:52 +01:00
W.C.A. Wijngaards
3e03e2c26d
- For #391 : use struct timeval* start_time for callback information.
2021-01-08 09:47:46 +01:00
Frank Riley
e3abd772f7
Add start_time to reply callbacks so modules can compute the response time.
2021-01-01 15:44:21 -07:00
mb
f7fb338c95
rpz: continue work on the nsip trigger
2020-11-16 12:42:23 +01:00
W.C.A. Wijngaards
4990dae87d
- Fix that minimal-responses does not remove addresses from a priming
...
query response.
2020-10-22 09:26:27 +02:00
George Thessalonikefs
d55084ea9e
- Fix that if there are reply callbacks for the given rcode, those
...
are called per reply and a new message created if that was modified
by the call.
- Pass the comm_reply information to the inplace_cb_reply* functions
during the mesh state and update the documentation on that.
2020-10-15 17:17:59 +02:00
Ubuntu
027884aad2
Disable enforcing of min/max TTL when serving original TTL
2020-07-29 15:52:58 +00:00
Ubuntu
506dad946b
Ensure packet_rrset_data is always initialised to zero upon allocation
2020-07-29 15:26:42 +00:00
Ubuntu
ec6fde611c
Cleaned up adjustment in message encoding, fixes spurious negative TTLs
2020-07-15 15:36:06 +00:00
Ubuntu
b5b79e3a36
Add feature to serve original TTLs rather than decrementing ones
2020-07-15 15:15:45 +00:00
W.C.A. Wijngaards
ba0f382eee
- CVE-2020-12662 Unbound can be tricked into amplifying an incoming
...
query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
used to make Unbound unresponsive.
2020-05-19 10:27:27 +02:00
Willem Toorop
2c8a91c2f9
pad-queries default yes
2020-04-14 08:52:51 +02:00
Willem Toorop
4f78b37c61
Down- and upstream padding a la RFC7830 & RFC8467
2020-04-02 18:34:03 +02:00
gthess
f7fe95ad7b
Serve stale ( #159 )
...
- Added serve-stale functionality as described in
draft-ietf-dnsop-serve-stale-10. `serve-expired-*` options can be used
to configure the behavior.
- Updated cachedb to honor `serve-expired-ttl`; Fixes #107 .
- Renamed statistic `num.zero_ttl` to `num.expired` as expired replies
come with a configurable TTL value (`serve-expired-reply-ttl`).
- Fixed stats when replying with cached, cname-aliased records.
- Added missing default values for redis cachedb backend.
2020-02-05 14:20:27 +01:00
Ralph Dolmans
1d9185229e
- Make dname_has_label's dnamelen check work with 0 length
2020-01-29 11:30:22 +01:00
Ralph Dolmans
bda4c4a375
- improve dname_has_label(), add unit test
2020-01-16 17:50:44 +01:00
Ralph Dolmans
72c4c6b30c
- Fix the dname_has_label fix
2020-01-16 01:36:07 +01:00
Ralph Dolmans
9877e52161
Merge branch 'master' of github.com:NLnetLabs/unbound into rpz
2020-01-15 23:44:10 +01:00
Ralph Dolmans
344f12dd99
- fix compiler warnings
2020-01-15 23:03:44 +01:00
Ralph Dolmans
14913d75c0
- processed RPZ review feedback
...
- fix potential locking issue
- add extra out of bound checks
2020-01-15 22:45:29 +01:00
Ralph Dolmans
2abaca7a49
- Fix dname_has_label() code review changes
2019-12-23 17:35:11 +01:00
Ralph Dolmans
ae4f6a259b
Proccess more review feedback
2019-12-23 16:02:43 +01:00
W.C.A. Wijngaards
6c3a0b54ed
- Fix Out of Bound Write Compressed Names in rdata_copy(),
...
reported by X41 D-Sec.
2019-12-03 16:18:47 +01:00
W.C.A. Wijngaards
2d444a5037
- Fix Insufficient Handling of Compressed Names in dname_pkt_copy(),
...
reported by X41 D-Sec.
2019-12-03 16:17:03 +01:00
W.C.A. Wijngaards
d2eb78e871
- Fix Assert Causing DoS in dname_pkt_copy(),
...
reported by X41 D-Sec.
2019-12-03 15:20:48 +01:00
W.C.A. Wijngaards
72d348de6a
- Fix Out-of-Bounds Read in dname_valid(),
...
reported by X41 D-Sec.
2019-11-20 11:38:11 +01:00
W.C.A. Wijngaards
b60c4a472c
Branch 1.9.4 prepares for 1.9.4 release from 1.9.3
2019-10-03 10:34:40 +02:00
Ralph Dolmans
4ac33aa104
- Merge clean up
...
- revert dname2str off by one fix
- fix str2dname off by one at right location
2019-09-09 17:13:08 +02:00
Ralph Dolmans
2b5cd8e9b4
Merge remote-tracking branch 'ralph/feature/rpz' into rpz
2019-09-09 17:11:26 +02:00
W.C.A. Wijngaards
80c2c69fa7
- Fix log_dns_msg to log irrespective of minimal responses config.
2019-08-21 17:41:29 +02:00
W.C.A. Wijngaards
368386c011
- Fix #48 : Unbound returns additional records on NODATA response,
...
if minimal-responses is enabled, also the additional for negative
responses is removed.
2019-07-12 14:34:35 +02:00
Ralph Dolmans
395d83cfc8
Procedures to parse RPZ ip address notation.
2019-06-24 16:01:01 +02:00