Wouter Wijngaards
7925a98141
variables get_option and set_option also for dnscrypt.
...
git-svn-id: file:///svn/unbound/trunk@4130 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-04-24 09:00:45 +00:00
Wouter Wijngaards
461c8c97db
- unbound-checkconf -o allows query of dnstap config variables.
...
Also unbound-control get_option.
git-svn-id: file:///svn/unbound/trunk@4129 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-04-24 08:30:32 +00:00
Wouter Wijngaards
16428ccbd2
- Fix #1250 : inconsistent indentation in services/listen_dnsport.c.
...
git-svn-id: file:///svn/unbound/trunk@4113 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-04-13 07:17:05 +00:00
Ralph Dolmans
a2bc93547f
- Generalise inplace callback (de)registration
...
- (de)register inplace callbacks for module id
- No unbound-control set_option for ECS options
- Deprecated client-subnet-opcode config option
- Introduced client-subnet-always-forward config option
- Changed max-client-subnet-ipv6 default to 56 (as in RFC)
- Removed extern ECS config options
- module_restart_next now calls clear on all following modules
- Also create ECS module qstate on module_event_pass event
git-svn-id: file:///svn/unbound/trunk@4092 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-04-06 13:13:06 +00:00
Ralph Dolmans
d30ae35c62
- Do not add current time twice to TTL before ECS cache store.
...
- Do not touch rrset cache after ECS cache message generation.
- Use LDNS_EDNS_CLIENT_SUBNET as default ECS opcode.
git-svn-id: file:///svn/unbound/trunk@4086 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-04-03 09:36:18 +00:00
Ralph Dolmans
b0fd814975
- Merge EDNS Client subnet implementation from feature branch into main branch,
...
using new EDNS processing framework.
git-svn-id: file:///svn/unbound/trunk@4074 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-03-21 12:08:17 +00:00
Wouter Wijngaards
7c9584e408
- #1217 . DNSCrypt support, with --enable-dnscrypt, libsodium and then
...
enabled in the config file from Manu Bretelle.
git-svn-id: file:///svn/unbound/trunk@4065 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-03-20 14:55:31 +00:00
Wouter Wijngaards
6c456aa15e
- Add trustanchor.unbound CH TXT that gets a response with a number
...
of TXT RRs with a string like "example.com. 2345 1234" with
the trust anchors and their keytags.
git-svn-id: file:///svn/unbound/trunk@4051 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-03-16 09:17:58 +00:00
Wouter Wijngaards
cae9809e11
- Response actions based on IP address from Jinmei Tatuya (Infoblox).
...
git-svn-id: file:///svn/unbound/trunk@4035 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-03-07 14:58:51 +00:00
Wouter Wijngaards
35ae8ef313
- Patch from Luiz Fernando Softov for Stats Shared Memory.
...
- unbound-control stats_shm command prints stats using shared memory,
which uses less cpu.
git-svn-id: file:///svn/unbound/trunk@4020 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-02-23 12:05:05 +00:00
Wouter Wijngaards
3a1ffe4c69
- Fix #1185 : Source IP rate limiting, patch from Larissa Feng.
...
git-svn-id: file:///svn/unbound/trunk@3981 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-01-05 13:57:12 +00:00
Wouter Wijngaards
9b4b0de746
- Fix #1184 : Log DNS replies. This includes the same logging
...
information that DNS queries and response code and response size,
patch from Larissa Feng.
git-svn-id: file:///svn/unbound/trunk@3980 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-01-05 11:39:54 +00:00
Wouter Wijngaards
cd7db58ce3
- configure --enable-systemd and lets unbound use systemd sockets if
...
you enable use-systemd: yes in unbound.conf.
Also there are contrib/unbound.socket and contrib/unbound.service:
systemd files for unbound, install them in /usr/lib/systemd/system.
Contributed by Sami Kerola and Pavel Odintsov.
git-svn-id: file:///svn/unbound/trunk@3975 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-01-03 13:43:29 +00:00
Ralph Dolmans
efe248c46a
- Added stub-ssl-upstream and forward-ssl-upstream options.
...
git-svn-id: file:///svn/unbound/trunk@3923 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-04 12:07:52 +00:00
Wouter Wijngaards
c22f958152
Free log_identity config string.
...
git-svn-id: file:///svn/unbound/trunk@3918 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-03 13:19:12 +00:00
Wouter Wijngaards
680e14cb65
- log-identity: config option to set sys log identity, patch from
...
"Robin H. Johnson" <robbat2@gentoo.org>
git-svn-id: file:///svn/unbound/trunk@3917 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-03 08:51:40 +00:00
Wouter Wijngaards
a9a65800b8
- serve-expired config option: serve expired responses with TTL 0.
...
git-svn-id: file:///svn/unbound/trunk@3903 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-24 12:43:20 +00:00
Ralph Dolmans
840142397d
- Free view config elements.
...
git-svn-id: file:///svn/unbound/trunk@3881 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-12 10:09:42 +00:00
Ralph Dolmans
9c0944ec1e
- Added qname-minimisation-strict config option.
...
git-svn-id: file:///svn/unbound/trunk@3878 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-11 11:32:50 +00:00
Ralph Dolmans
b587c7f72d
Added views functionality.
...
git-svn-id: file:///svn/unbound/trunk@3876 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-05 09:36:25 +00:00
Wouter Wijngaards
42f14e7c4d
- Fix #802 : workaround for function parameters that are "unused"
...
without log_assert.
git-svn-id: file:///svn/unbound/trunk@3823 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-07-22 07:05:52 +00:00
Wouter Wijngaards
a2555b39d7
and fixup delete rest of list on parse failure.
...
git-svn-id: file:///svn/unbound/trunk@3762 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-06-06 15:01:48 +00:00
Wouter Wijngaards
0e97374466
- access-control-tag-action and access-control-tag-data config
...
directives.
- make depend
git-svn-id: file:///svn/unbound/trunk@3759 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-06-06 13:47:24 +00:00
Wouter Wijngaards
65bcb9b0ca
- local-zone-override config directive.
...
git-svn-id: file:///svn/unbound/trunk@3758 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-06-06 10:00:25 +00:00
Wouter Wijngaards
415fc52b08
- access-control-tag config directive.
...
git-svn-id: file:///svn/unbound/trunk@3754 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-06-06 08:33:59 +00:00
Wouter Wijngaards
7fcec8102f
- disable-dnssec-lame-check config option from Charles Walker.
...
git-svn-id: file:///svn/unbound/trunk@3725 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-05-24 12:17:42 +00:00
Wouter Wijngaards
ab2435a1b9
code improvement.
...
git-svn-id: file:///svn/unbound/trunk@3712 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-04-21 15:02:00 +00:00
Wouter Wijngaards
dc6cd053da
more please lint.
...
git-svn-id: file:///svn/unbound/trunk@3710 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-04-21 10:07:45 +00:00
Wouter Wijngaards
46d476b0c2
define-tag and local-zone-tag configuration.
...
git-svn-id: file:///svn/unbound/trunk@3708 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-04-21 09:49:02 +00:00
Wouter Wijngaards
9f8b2bb468
- ip_freebind: yesno option in unbound.conf sets IP_FREEBIND for
...
binding to an IP address while the interface or address is down.
git-svn-id: file:///svn/unbound/trunk@3673 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-03-15 09:35:48 +00:00
Wouter Wijngaards
36d3966e60
- ub_ctx_set_stub() function for libunbound to config stub zones.
...
git-svn-id: file:///svn/unbound/trunk@3632 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-02-23 10:43:10 +00:00
Wouter Wijngaards
785697de82
- insecure-lan-zones: yesno config option, patch from Dag-Erling
...
Smørgrav.
git-svn-id: file:///svn/unbound/trunk@3619 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-02-09 13:25:59 +00:00
Wouter Wijngaards
5d0ad681a2
- #731 : tcp-mss, outgoing-tcp-mss options for unbound.conf, patch
...
from Daisuke Higashi.
git-svn-id: file:///svn/unbound/trunk@3591 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-01-05 10:03:59 +00:00
Wouter Wijngaards
bb7b4db353
Fixup #724 in unbound-checkconf and fname_after_chroot calls.
...
git-svn-id: file:///svn/unbound/trunk@3558 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-12-01 09:12:30 +00:00
Ralph Dolmans
a05bf09811
Implemented qname minimisation
...
git-svn-id: file:///svn/unbound/trunk@3554 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-11-30 16:10:26 +00:00
Wouter Wijngaards
c3a45dde15
- Default for ssl-port is port 853, the temporary port assignment
...
for secure domain name system traffic.
If you used to rely on the older default of port 443, you have
to put a clause in unbound.conf for that. The new value is likely
going to be the standardised port number for this traffic.
git-svn-id: file:///svn/unbound/trunk@3502 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-10-09 07:55:21 +00:00
Wouter Wijngaards
e65fdc31aa
- Change default of harden-algo-downgrade to off. This is lenient
...
for algorithm rollover.
git-svn-id: file:///svn/unbound/trunk@3478 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-08-24 15:05:10 +00:00
Wouter Wijngaards
ee263cf6c5
- Added permit-small-holddown config to debug fast 5011 rollover.
...
git-svn-id: file:///svn/unbound/trunk@3462 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-07-30 11:52:12 +00:00
Wouter Wijngaards
94a6478e05
- SOA negative TTL is capped at minimumttl in its rdata section.
...
- cache-max-negative-ttl config option, default 3600.
git-svn-id: file:///svn/unbound/trunk@3431 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-05-29 14:51:36 +00:00
Wouter Wijngaards
f03d3b870e
- caps-whitelist in unbound.conf allows whitelist of loadbalancers
...
that cannot work with caps-for-id or its fallback.
git-svn-id: file:///svn/unbound/trunk@3420 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-05-01 12:36:16 +00:00
Wouter Wijngaards
ff898bfdd6
- Synthesize ANY responses from cache. Does not search exhaustively,
...
but MX,A,AAAA,SOA,NS also CNAME.
- Fix leaked dns64prefix configuration string.
git-svn-id: file:///svn/unbound/trunk@3405 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-04-17 14:58:07 +00:00
Wouter Wijngaards
628ff05285
- Ratelimit does not apply to prefetched queries, and ratelimit-factor
...
is default 10. Repeated normal queries get resolved and with
prefetch stay in the cache.
git-svn-id: file:///svn/unbound/trunk@3399 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-04-16 14:18:50 +00:00
Wouter Wijngaards
55412b2645
- Fix that get_option for cache-sizes does not print double newline.
...
git-svn-id: file:///svn/unbound/trunk@3395 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-04-10 13:43:44 +00:00
Wouter Wijngaards
e30a90febc
- ratelimit feature, ratelimit: 100, or some sensible qps, can be
...
used to turn it on. It ratelimits recursion effort per zone.
For particular names you can configure exceptions in unbound.conf.
git-svn-id: file:///svn/unbound/trunk@3391 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-04-10 09:59:57 +00:00
Wouter Wijngaards
b2bdce46be
- rename ldns subdirectory to sldns to avoid name collision.
...
git-svn-id: file:///svn/unbound/trunk@3380 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-03-26 10:21:38 +00:00
Wouter Wijngaards
e3994c1273
Fixed like Maciej did.
...
git-svn-id: file:///svn/unbound/trunk@3376 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-03-23 20:42:47 +00:00
Wouter Wijngaards
bd404f5fd3
- Fix segfault on user not found at startup (from Maciej Soltysiak).
...
git-svn-id: file:///svn/unbound/trunk@3375 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-03-23 20:20:15 +00:00
Wouter Wijngaards
77088b12ff
- Add ip-transparent config option for bind to non-local addresses.
...
git-svn-id: file:///svn/unbound/trunk@3369 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-03-19 09:50:35 +00:00
Wouter Wijngaards
0f9fda81e6
please lint.
...
git-svn-id: file:///svn/unbound/trunk@3366 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-03-17 09:38:47 +00:00
Wouter Wijngaards
63b5d109f8
- Use reallocarray for integer overflow protection, patch submitted
...
by Loganaden Velvindron.
git-svn-id: file:///svn/unbound/trunk@3365 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-03-17 08:24:24 +00:00