clones/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2024-09-21 14:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,684 Commits 27 Branches 196 Tags 104 MiB
902c79608c
Commit Graph

986 Commits

Author SHA1 Message Date
Yorgos Thessalonikefs
486985fbdf - Fix memory leak when reload_keep_cache is used and num-threads changes. 2024-05-31 12:09:35 +02:00
Martin Vopatek
8ff1baf585 Only check old pid if no username 
Do as the comment says and only check old pid if there is no username
configured.
 2024-05-29 14:16:18 +02:00
Yorgos Thessalonikefs
7f184c8ca8
Fix unbound-control stdin commands for multi-process Unbounds (#1069) 
- Fix unbound-control commands that read stdin in multi-process
  operation (local_zones_remove, local_zones, local_datas_remove,
  local_datas, view_local_datas_remove, view_local_datas). They will
  be properly distributed to all processes. dump_cache and load_cache
  are no longer supported in multi-process operation.

 - Remove testdata/remote-threaded.tdir. testdata/09-unbound-control.tdir
  now checks both single and multi process/thread operation.

---------

Co-authored-by: Wouter Wijngaards <wcawijngaards@users.noreply.github.com>
 2024-05-17 10:25:24 +02:00
W.C.A. Wijngaards
da2b307aa3 - Fix #1071: [FR] Clear both in-memory and cachedb module cache with 
`unbound-control flush*` commands.
 2024-05-16 16:56:58 +02:00
W.C.A. Wijngaards
7c5e765b3b - Fix cachedb with serve-expired-client-timeout disabled. The edns 
subnet module deletes global cache and cachedb cache when it
  stores a result, and serve-expired is enabled, so that the global
  reply, that is older than the ecs reply, does not return after
  the ecs reply expires.
 2024-04-26 13:32:15 +02:00
Wouter Wijngaards
ced9762b14
Merge pull request #1041 from NLnetLabs/stubfwd-unshare 
Stub and Forward unshare
 2024-04-25 11:11:00 +02:00
Yorgos Thessalonikefs
9b9bba9f02
Update locking management for iter_fwd and iter_hints methods. (#1054) 
fast reload, move most of the locking management to iter_fwd and
iter_hints methods. The caller still has the ability to handle its
own locking, if desired, for atomic operations on sets of different
structs.

Co-authored-by: Wouter Wijngaards <wcawijngaards@users.noreply.github.com>
 2024-04-25 11:05:58 +02:00
W.C.A. Wijngaards
cccf5e73c0 - Fixup compile without cachedb. 2024-04-10 11:33:52 +02:00
W.C.A. Wijngaards
d98c7b9ae3 - Implement cachedb-check-when-serve-expired: yes option, default 
is enabled. When serve expired is enabled with cachedb, it first
  checks cachedb before serving the expired response.
 2024-04-10 11:21:28 +02:00
Yorgos Thessalonikefs
fb4a7d65d7 - Fix #369: dnstap showing extra responses; for client responses 
right from the cache when replying with expired data or
  prefetching.
 2024-04-03 15:18:13 +02:00
W.C.A. Wijngaards
48113cfaba - fast-reload, unshared stub hints, making the structure locked, with an rwlock. 2024-04-03 13:55:57 +02:00
W.C.A. Wijngaards
c0b5754ef7 - fast-reload, for nonthreaded, the unbound-control commands forward, 
forward_add and forward_delete should be distributed to other processes,
  but when threaded, they should not be distributed to other threads because
  the structure is not thread specific any more.
 2024-04-03 13:55:57 +02:00
W.C.A. Wijngaards
f2fb498c69 - fast-reload, unshare forwards, making the structure locked, with an rwlock. 2024-04-03 13:55:54 +02:00
W.C.A. Wijngaards
6d1e61173b - Fix #1034: DoT forward-zone via unbound-control. 2024-03-28 09:58:03 +01:00
W.C.A. Wijngaards
6f82b5be4a - Fix that the server does not chown the pidfile. 2024-03-27 14:52:25 +01:00
W.C.A. Wijngaards
192f1b0e2b - Fix that when the server truncates the pidfile, it does not follow 
symbolic links.
 2024-03-27 14:07:54 +01:00
W.C.A. Wijngaards
2993437eaa - Fix that addrinfo is not kept around but copied and freed, so that 
log-destaddr uses a copy of the information, much like NSD does.
 2024-03-15 13:39:49 +01:00
W.C.A. Wijngaards
ec0b510f1c - Fix for #1022: Fix ede prohibited in access control refused answers. 2024-03-05 13:39:29 +01:00
Willem Toorop
e1229e375f
Mention REFUSED has the TC bit set with unmatched allow_cookie acl in the manpage (#1010) 
* Mention REFUSED with TC with unmatched allow_cookie acl in manpage

Also moved the part about bypassing ip-ratelimit to the ip-ratelimit
description as it will be bypassed with a valid DNS-Cookie regardless of the
allow_cookie acl.

* Apply suggestions from code review

* Update doc/unbound.conf.5.in

* DNS-Cookies should bypass ip-ratelimit setting
 2024-02-20 15:29:34 +01:00
dyunwei
eb7eb5ce68 Fix NLnetLabs#981: dump_cache truncates large records. 2024-01-09 14:17:31 +08:00
W.C.A. Wijngaards
b9b488b6d3 - Remove unneeded newlines and improve indentation in remote control 
code.
 2024-01-04 17:06:15 +01:00
k-akashi
4b9cd8e81d Add DoH and DoT to dnstap message 2023-12-27 07:26:21 +09:00
W.C.A. Wijngaards
3d1bc143af - Fix #969: [FR] distinguish Do53, DoT and DoH in the logs. 2023-12-05 10:05:51 +01:00
Wouter Wijngaards
c4e0354876
Merge pull request #971 from dukeartem/master 
fix 'WARNING: Message has 41 extra bytes at end'
 2023-12-05 09:09:23 +01:00
Artem
389e820878
fix 'WARNING: Message has 41 extra bytes at end' 2023-12-05 09:43:15 +03:00
W.C.A. Wijngaards
35d0a8a843 - Fix to print detailed errors when an SSL IO routine fails via 
SSL_get_error.
 2023-10-19 11:17:32 +02:00
George Thessalonikefs
07149f576a - Better fix for infinite loop when reading multiple lines of input on 
a broken remote control socket, by treating a zero byte line the
  same as transmission end. Addesses #947 and #948.
 2023-10-13 14:58:16 +02:00
Wouter Wijngaards
5c6c57ed89
Merge pull request #944 from NLnetLabs/disable-edns-do 
Disable EDNS DO
 2023-10-12 14:04:29 +02:00
George Thessalonikefs
516f90abdb - Fix infinite loop when reading multiple lines of input on a broken 
remote control socket. Addesses #947 and #948.
 2023-10-10 15:17:48 +02:00
W.C.A. Wijngaards
39df4f0923 - disable-edns-do, queriers receive no EDNS in response if the 
disable-edns-do option is enabled and they set the DO flag. And unit test
  for that.
 2023-10-04 13:54:05 +02:00
George Thessalonikefs
13d4504dfc - Merge #881: Generalise the proxy protocol code. 2023-10-03 14:51:50 +02:00
George Thessalonikefs
bab5ad623c - For #762: Introduce stat counters for downstream DNS Cookies per 
thread and total: num.queries_cookie_valid, num.queries_cookie_client,
  num.queries.cookie_invalid.
 2023-08-08 15:19:56 +02:00
George Thessalonikefs
49e4258102 - For #762: Interaction between DNS Cookies and source IP ratelimiting 
by allowing Cookies to bypass the ratelimit, but still allowing
  ratelimit to valid DNS Cookie clients via the new
  ip-ratelimit-cookie option.
 2023-08-08 10:14:03 +02:00
George Thessalonikefs
4ccb613396 Merge branch 'master' into features/downstream-cookies 2023-08-05 20:37:48 +02:00
George Thessalonikefs
fbc0256825 - For #762: Cleaner manpage text and uniform use of the term DNS 
Cookies.
 2023-08-05 20:00:37 +02:00
George Thessalonikefs
b6e2f4dbf8 - For #762: Formatting. 2023-08-04 19:03:23 +02:00
George Thessalonikefs
d4145772b5 - Move a cache reply callback in worker.c closer to the cache reply 
generation.
 2023-08-02 12:33:52 +02:00
George Thessalonikefs
2cc9563cf8 - Fix to use the now cached EDE, if any, for CD_bit queries. 2023-08-01 15:23:25 +02:00
George Thessalonikefs
6819c1e444 - Merge #759 from Tom Carpay: Add EDE (RFC8914) caching. 2023-07-30 11:48:04 +02:00
George Thessalonikefs
50ea4a1072 Address review comments for #759: 
- Decrease allocations for "" EDE strings when loading the cachedump.
- Check for existence of EDE code before attaching.
 2023-07-28 12:56:13 +02:00
George Thessalonikefs
5b7faca7db For #909: Numeric truncation when parsing TYPEXX and CLASSXX representation 
- Fix return values.
- Formatting nits.
 2023-07-20 11:42:05 +02:00
headshog
0b131d5a31 parse sldns_get_rr_class_by_name and sldns_get_rr_type_by_name return value 0 2023-07-19 18:09:03 +03:00
George Thessalonikefs
90b434c260 - For #759: add support for cached EDEs to cachedump 2023-07-19 17:06:10 +02:00
George Thessalonikefs
f5a2a58ce3 Review for #759: 
- Fix SEGFAULT in load_cache control command.
- Change reason_bogus_str to an explicit NULL-terminated string.
- Fix potential memory leak when discarding a message for referrals and
  0 TTL answers.
- Fix reason_bogus initialization in localzone answers.
- reply_info creation in validator is always regional.
 2023-07-17 17:26:31 +02:00
George Thessalonikefs
15b8d8b96a Merge branch 'master' into features/ede-caching 2023-07-13 11:25:59 +02:00
George Thessalonikefs
a952ac17be Merge branch 'tilan7663-subnet_cache_prefetch' into subnet_cache_prefetch 2023-07-07 16:50:58 +02:00
George Thessalonikefs
40e47bf767 - For #664: easier code flow for subnetcache prefetching. 
- For #664: add testcase.
 2023-07-06 22:22:21 +02:00
George Thessalonikefs
41dac805f5 - Merge #892: Add cachedb hit stat. Introduces 'num.query.cachedb' as 
a new statistical counter.
 2023-06-27 12:46:26 +02:00
George Thessalonikefs
0f1ea7e490 - Properly handle all return values of worker_check_request during 
early EDE code.
- Do not check the incoming request more than once.
 2023-06-14 11:40:59 +02:00
Yorgos Thessalonikefs
9412b9c2ca
Review comment for daemon/stats.c 
Co-authored-by: Wouter Wijngaards <wcawijngaards@users.noreply.github.com>
 2023-06-02 12:39:23 +02:00