Wouter Wijngaards
c1c1cd97e7
- Remove clang analysis warnings.
...
git-svn-id: file:///svn/unbound/trunk@4998 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-11-29 14:39:26 +00:00
Wouter Wijngaards
5c25bbd93f
fix error print
...
git-svn-id: file:///svn/unbound/trunk@4911 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-09-17 07:44:11 +00:00
Wouter Wijngaards
d8937492cb
fixup 3
...
git-svn-id: file:///svn/unbound/trunk@4910 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-09-17 07:35:09 +00:00
Wouter Wijngaards
e91d85edb5
Fixup
...
git-svn-id: file:///svn/unbound/trunk@4909 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-09-17 07:32:40 +00:00
Wouter Wijngaards
5089db7331
- Fix unbound for openssl in FIPS mode, it uses the digests with
...
the EVP call contexts.
git-svn-id: file:///svn/unbound/trunk@4908 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-09-17 07:28:55 +00:00
Wouter Wijngaards
2e9d09b961
- initialize statistics totals for printout.
...
- in authzone check that node exists before adding rrset.
- in unbound-anchor, use readwrite memory BIO.
- assertion in autotrust that packed rrset is formed correctly.
git-svn-id: file:///svn/unbound/trunk@4903 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-09-13 12:20:41 +00:00
Wouter Wijngaards
75b8b8c875
- Free memory leak in config strlist append.
...
- make sure nsec3 comparison salt is initialized.
git-svn-id: file:///svn/unbound/trunk@4900 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-09-13 10:23:30 +00:00
Ralph Dolmans
2e5e31e8ac
- Added serve-expired-ttl and serve-expired-ttl-reset options.
...
git-svn-id: file:///svn/unbound/trunk@4876 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-28 14:21:56 +00:00
Wouter Wijngaards
4fe427ded2
- log-servfail: yes prints log lines that say why queries are
...
returning SERVFAIL to clients.
git-svn-id: file:///svn/unbound/trunk@4863 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-17 15:22:05 +00:00
Wouter Wijngaards
b0ca964984
and printout for these cases too.
...
git-svn-id: file:///svn/unbound/trunk@4862 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-17 15:09:23 +00:00
Wouter Wijngaards
b0daf867c2
and the error looks good.
...
git-svn-id: file:///svn/unbound/trunk@4860 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-17 14:17:48 +00:00
Wouter Wijngaards
8e5a32f4dc
- Fix that printout of error for cycle targets is a verbosity 4
...
printout and does not wrongly print it is a memory error.
git-svn-id: file:///svn/unbound/trunk@4851 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-14 07:27:57 +00:00
George Thessalonikefs
749d1b9ebc
- Expose if a query (or a subquery) was ratelimited (not src IP
...
ratelimiting) to libunbound under 'ub_result.was_ratelimited'.
This also introduces a change to 'ub_event_callback_type' in
libunbound/unbound-event.h.
- Tidy pylib tests.
git-svn-id: file:///svn/unbound/trunk@4828 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-03 14:00:46 +00:00
Ralph Dolmans
127759b160
strcpy to memmove, to please analysers
...
git-svn-id: file:///svn/unbound/trunk@4656 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-24 10:10:11 +00:00
Ralph Dolmans
4d06c36342
- Added root-key-sentinel support
...
git-svn-id: file:///svn/unbound/trunk@4652 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-24 09:03:49 +00:00
Ralph Dolmans
6ef9cafc0e
- num.query.aggressive.NOERROR and num.query.aggressive.NXDOMAIN statistics
...
counters
git-svn-id: file:///svn/unbound/trunk@4616 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-10 11:39:23 +00:00
Wouter Wijngaards
1f9caf5805
- ED448 support.
...
git-svn-id: file:///svn/unbound/trunk@4607 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-05 14:44:17 +00:00
Wouter Wijngaards
980711e658
- patch to log creates keytag queries, from A. Schulze.
...
git-svn-id: file:///svn/unbound/trunk@4566 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-03-07 08:39:10 +00:00
Wouter Wijngaards
1a7540c80a
- Reverted fix for #3512 , this may not be the best way forward;
...
although it could be changed at a later time, to stay similar to
other implementations.
git-svn-id: file:///svn/unbound/trunk@4560 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-03-06 08:22:33 +00:00
Wouter Wijngaards
0e390bca00
- Fix compile without threads, and remove unused variable.
...
git-svn-id: file:///svn/unbound/trunk@4553 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-02-27 10:36:12 +00:00
Ralph Dolmans
8148308cff
- use existing code to find signer on positive wildcard answers
...
git-svn-id: file:///svn/unbound/trunk@4551 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-02-22 15:32:18 +00:00
Ralph Dolmans
24fc3242fc
- Save wildcard RRset from answer with original owner for use in aggressive
...
NSEC.
git-svn-id: file:///svn/unbound/trunk@4550 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-02-22 15:12:31 +00:00
Wouter Wijngaards
6905e41b57
- Fix validation for CNAME loops. When it detects a cname loop,
...
by finding the cname, cname in the existing list, it returns
the partial result with the validation result up to then.
git-svn-id: file:///svn/unbound/trunk@4547 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-02-21 14:04:02 +00:00
Ralph Dolmans
8449dc1b9d
- Fix the ce_len+2 fix (Aggressive NSEC review)
...
git-svn-id: file:///svn/unbound/trunk@4530 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-02-12 12:22:29 +00:00
Ralph Dolmans
0648475a66
- Processed aggressive NSEC code review remarks Wouter
...
git-svn-id: file:///svn/unbound/trunk@4529 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-02-12 12:14:01 +00:00
Ralph Dolmans
77f78152ee
- Aggressive use of NSEC implementation. Use cached NSEC records to generate
...
NXDOMAIN, NODATA and positive wildcard answers.
git-svn-id: file:///svn/unbound/trunk@4522 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-02-08 13:16:36 +00:00
Ralph Dolmans
f4ff97c297
Also use NSEC with longest closest encloser for CNAME responses.
...
git-svn-id: file:///svn/unbound/trunk@4463 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-01-29 14:44:39 +00:00
Ralph Dolmans
b9f4ff6e9f
- Use NSEC with longest ce to prove wildcard absence.
...
- Only use *.ce to prove wildcard absence, no longer names.
git-svn-id: file:///svn/unbound/trunk@4460 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-01-29 13:46:57 +00:00
Wouter Wijngaards
2a6250e3fb
- patch for CVE-2017-15105: vulnerability in the processing of
...
wildcard synthesized NSEC records.
git-svn-id: file:///svn/unbound/trunk@4441 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-01-19 09:50:35 +00:00
Wouter Wijngaards
21d1989e05
fix oneoff
...
git-svn-id: file:///svn/unbound/trunk@4433 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-01-02 13:36:17 +00:00
Wouter Wijngaards
fa90bbc07a
fixup larger than 2**31 case.
...
git-svn-id: file:///svn/unbound/trunk@4432 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-01-02 12:43:43 +00:00
Wouter Wijngaards
44eb7bfd25
- Remove clang optimizer disable,
...
Fix that expiration date checks don't fail with clang -O2.
git-svn-id: file:///svn/unbound/trunk@4431 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-01-02 10:48:00 +00:00
Wouter Wijngaards
87edf6497d
remove debug output
...
git-svn-id: file:///svn/unbound/trunk@4426 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-12-15 10:21:38 +00:00
Wouter Wijngaards
6bae276ecb
this version of unbound fails when compiled with CC=clang and -O (edit Makefile), or -O2 (default). If you use no optimizing flag, unittest works.
...
git-svn-id: file:///svn/unbound/trunk@4425 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-12-15 10:16:06 +00:00
Wouter Wijngaards
7d17a926ac
- Spelling fixes, from Phil Porada.
...
git-svn-id: file:///svn/unbound/trunk@4344 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-09-15 14:29:28 +00:00
Wouter Wijngaards
fe18bbcb1f
- Fix 1416: qname-minimisation breaks TLSA lookups with CNAMEs.
...
git-svn-id: file:///svn/unbound/trunk@4322 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-08-30 13:13:43 +00:00
Wouter Wijngaards
8d1e4b3648
- Fix install of trust anchor when two anchors are present, makes both
...
valid. Checks hash of DS but not signature of new key. This fixes
installs between sep11 and oct11 2017.
git-svn-id: file:///svn/unbound/trunk@4302 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-08-21 08:57:44 +00:00
Wouter Wijngaards
6d8a924889
fix type cast.
...
git-svn-id: file:///svn/unbound/trunk@4287 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-07-24 10:50:16 +00:00
Wouter Wijngaards
e396684a54
- Fix #1365 : Add Ed25519 support using libnettle.
...
git-svn-id: file:///svn/unbound/trunk@4286 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-07-24 10:44:30 +00:00
Wouter Wijngaards
6f4b0c4fa6
double fallthrough annotation to please gcc parser.
...
git-svn-id: file:///svn/unbound/trunk@4284 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-07-24 09:58:00 +00:00
Wouter Wijngaards
cb0e3980d8
annotate fallthrough
...
git-svn-id: file:///svn/unbound/trunk@4283 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-07-24 09:54:21 +00:00
Wouter Wijngaards
0992621839
Fixup compile for clean_additional changes
...
git-svn-id: file:///svn/unbound/trunk@4211 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-06-07 09:24:33 +00:00
Wouter Wijngaards
bfddc0dc64
- Fix that unbound-control can set val_clean_additional and val_permissive_mode.
...
git-svn-id: file:///svn/unbound/trunk@4209 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-06-07 06:59:47 +00:00
Wouter Wijngaards
8c4e7ffb14
- Support for openssl EVP_DigestVerify.
...
- Support for the ED25519 algorithm with openssl (from openssl 1.1.1).
git-svn-id: file:///svn/unbound/trunk@4198 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-05-30 12:28:25 +00:00
Wouter Wijngaards
658c759b3d
- Fix #1267 : Libunbound validator/val_secalgo.c uses obsolete APIs.
...
git-svn-id: file:///svn/unbound/trunk@4174 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-05-18 07:15:16 +00:00
Ralph Dolmans
657948dd0c
- Added mesh_add_sub to add detached mesh entries.
...
- Use mesh_add_sub for key tag signaling queries.
git-svn-id: file:///svn/unbound/trunk@4144 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-05-02 13:17:56 +00:00
Ralph Dolmans
cb253fafe7
regional_alloc + memcpy to regional_alloc_init
...
git-svn-id: file:///svn/unbound/trunk@4136 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-04-26 15:03:32 +00:00
Ralph Dolmans
33001c8c4b
please lint
...
git-svn-id: file:///svn/unbound/trunk@4135 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-04-26 13:27:07 +00:00
Ralph Dolmans
a511d5d95e
- Implemented trust anchor signaling using key tag query.
...
git-svn-id: file:///svn/unbound/trunk@4134 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-04-26 12:58:13 +00:00
Wouter Wijngaards
4d7d32c846
- harden algo downgrade also makes unbound more lenient about digest
...
algorithms in DS records.
git-svn-id: file:///svn/unbound/trunk@4104 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-04-10 13:38:50 +00:00