clones/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2024-09-22 07:07:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,767 Commits 27 Branches 196 Tags 104 MiB
9d78ad6898
Commit Graph

3758 Commits

Author SHA1 Message Date
W.C.A. Wijngaards
84b0207956 - Fix for mesh accounting when rpz decides to drop a reply with a 
tcp stream waiting for it.
 2020-06-30 16:20:09 +02:00
W.C.A. Wijngaards
6f0c2956ac - Also move reply list clean for mesh callbacks to the scrip callback 
can see the reply_info.
- Fix for mesh accounting if the reply list already empty to begin
  with.
 2020-06-30 15:48:11 +02:00
W.C.A. Wijngaards
8ac054733b - Move reply list clean for serve expired mesh callback to after 
the reply is sent, so that script callbacks have reply_info.
 2020-06-30 13:41:26 +02:00
W.C.A. Wijngaards
2a90e8fa1e - doxygen file comments for dynlibmodule. 2020-06-24 13:37:43 +02:00
W.C.A. Wijngaards
be1182c3db - iana portlist updated. 2020-06-24 13:33:47 +02:00
W.C.A. Wijngaards
5203954068 - Fix display of event loop method with libev. 2020-06-17 14:32:57 +02:00
W.C.A. Wijngaards
6e0756e819 - Fix default explanation in man page for qname-minimisation-strict. 2020-06-17 08:20:52 +02:00
W.C.A. Wijngaards
c053513cbd - Mention tls name possible when tls is enabled for stub-addr in the 
man page.
 2020-06-08 08:35:10 +02:00
George Thessalonikefs
062f7b7ba2 - Changelog entry for PR #241. 2020-05-27 18:25:29 +02:00
George Thessalonikefs
21cd836e82 - Update contrib/aaaa-filter-iterator.patch for the recent 
generate_sub_request() change and to apply cleanly.
 2020-05-25 11:49:48 +02:00
George Thessalonikefs
8af3d73b9b - Fix for integer overflow when printing RDF_TYPE_TIME. 2020-05-21 22:48:57 +02:00
W.C.A. Wijngaards
f37242566b - For PR #93: unit test for dynlib module. 2020-05-19 15:49:08 +02:00
W.C.A. Wijngaards
711c0548f0 - For PR #93: windows compile warnings removal 
- windows compile warnings removal for ip dscp option code.
 2020-05-19 14:36:57 +02:00
W.C.A. Wijngaards
a1d4e151ee - Release 1.10.1 is 1.10.0 with fixes, code repository continues, 
including those fixes, towards the next release.  Configure has
  version 1.10.2 version number in it.
 2020-05-19 10:29:37 +02:00
W.C.A. Wijngaards
ba0f382eee - CVE-2020-12662 Unbound can be tricked into amplifying an incoming 
query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
  used to make Unbound unresponsive.
 2020-05-19 10:27:27 +02:00
W.C.A. Wijngaards
4ccac696ca - For PR #93: fix link of other executables for dynlibmod dependency. 2020-05-18 17:26:01 +02:00
W.C.A. Wijngaards
a238f35d7d - For PR #93: man page spelling reference fix. 2020-05-18 10:22:00 +02:00
W.C.A. Wijngaards
a77ebed550 - For PR #93: checkconf allows python dynlib in module-config, for 
a couple cases.
 2020-05-18 10:18:28 +02:00
W.C.A. Wijngaards
84e95d6c68 - For PR #93: checkconf allow multiple dynlib in module-config, for 
a couple cases.
 2020-05-18 10:16:40 +02:00
W.C.A. Wijngaards
01db6c365c - For PR #93: dynlibmod can handle reloads and deinit and inits again, 
with dlclose and dlopen of the library again.  Also for multiple
  modules.  Fix memory leak by not closing dlopened content.  Fix
  to allow one dynlibmod instance by unbound-checkconf.
 2020-05-18 10:11:16 +02:00
W.C.A. Wijngaards
510e79a053 - For PR #93: Fix warnings for dynlibmodule. 2020-05-15 16:42:45 +02:00
W.C.A. Wijngaards
2c8ebe6206 - Fixed conflicts for PR #93 and make configure, yacc, lex. 2020-05-15 14:55:36 +02:00
Ralph Dolmans
99fd6cf711 - Cache ECS answers with longest scope of CNAME chain. 2020-05-15 13:13:49 +02:00
George Thessalonikefs
a269db3828 - Explicitly use 'rrset-roundrobin: no' for test cases. 2020-04-22 19:27:20 +02:00
George Thessalonikefs
584c2cf804 - Fix tests for new rrset-roundrobin default. 2020-04-21 22:02:56 +02:00
W.C.A. Wijngaards
6320776b25 Changelog note for PR #225 
- Merge #225 from akhait: KSK-2010 has been revoked. It removes the
  KSK-2010 from the default list in unbound-anchor, now that the
  revocation period is over.  KSK-2017 is the only trust anchor in
  the shipped default now.
 2020-04-21 15:11:02 +02:00
George Thessalonikefs
226d66ca92 - Change default value for 'rrset-roundrobin' to yes. 2020-04-21 12:58:48 +02:00
W.C.A. Wijngaards
cee3098e87 - Remove unneeded was_mesh_reply check. 2020-04-20 15:35:45 +02:00
W.C.A. Wijngaards
00323b71d7 - Fix for count of reply states in the mesh. 2020-04-20 14:24:05 +02:00
W.C.A. Wijngaards
5151190dbc Fix that it is --enable-rpath, for #222. 2020-04-20 10:08:08 +02:00
W.C.A. Wijngaards
52ebdd85da - Fix #222: --with-rpath, fails to rpath python lib. 2020-04-20 10:04:34 +02:00
George Thessalonikefs
a4dcd5eb91 - Update Changelog for PR #221. 2020-04-17 11:41:47 +02:00
George Thessalonikefs
e18ab07c62 - Add doxygen documentation for DSCP. 2020-04-16 13:58:35 +02:00
W.C.A. Wijngaards
963cfb58be - Fix for posix shell syntax for trap in run_msg.sh test script. 2020-04-16 13:17:33 +02:00
W.C.A. Wijngaards
3cd288a9f2 - Fix for posix shell syntax for trap in nsd-control-setup. 2020-04-16 13:14:50 +02:00
W.C.A. Wijngaards
2193d06af6 Merge branch 'master' of github.com:NLnetLabs/unbound 2020-04-16 11:48:53 +02:00
W.C.A. Wijngaards
eed157d36e - Fix help return code in unbound-control-setup script. 2020-04-16 11:47:27 +02:00
George Thessalonikefs
8a87fc6ae7 - Fix #220: auth-zone section in config may lead to segfault. 2020-04-15 17:57:02 +02:00
W.C.A. Wijngaards
c7f1d2d889 - Merge PR #214 from gearnode: unbound-control-setup recreate 
certificates.  With the -r option the certificates are created
  again, without it, only the files that do not exist are created.
 2020-04-07 13:49:25 +02:00
Ralph Dolmans
03a37d1ff6 - Keep track of number of timeouts. Use this counter to determine if capsforid 
fallback should be started.
 2020-04-06 18:00:06 +02:00
George Thessalonikefs
33a2613a49 - More documentation for redis-expire-records option. 2020-04-06 13:46:45 +02:00
George Thessalonikefs
a601fd6d3c Merge branch 'Talkabout-redis-expire-records' 2020-04-01 17:24:07 +02:00
W.C.A. Wijngaards
94e92b197a - Merge PR #208: Fix uncached CLIENT_RESPONSE'es on stateful 
transports.
 2020-03-30 14:55:00 +02:00
W.C.A. Wijngaards
e9e2871f18 - Merge PR #207: Clarify if-automatic listens on 0.0.0.0 and :: 2020-03-30 10:27:44 +02:00
W.C.A. Wijngaards
8dc35cfce3 Changelog note for PR #203. 
- Merge PR #203 from noloader: Update README-Travis.md with current
  procedures.
 2020-03-27 16:07:03 +01:00
Ralph Dolmans
51593d47ac Make unbound-control error returned on missing domain name more user friendly. 2020-03-27 11:27:12 +01:00
Ralph Dolmans
e4eb76a5f3 - Fix RPZ concurrency issue when using auth_zone_reload. 2020-03-26 19:11:57 +01:00
George Thessalonikefs
40ed82f522 Changelog entry for #201 
- Merge PR #201 from noloader: Fix OpenSSL cross-compaile warnings.
 2020-03-25 14:10:27 +01:00
W.C.A. Wijngaards
2889be5e90 - Travis fix for ios by omitting tools from install. 2020-03-24 10:23:00 +01:00
W.C.A. Wijngaards
bcdc13514a - Fixes on #200. and rerun autoconf. 2020-03-24 09:32:04 +01:00
W.C.A. Wijngaards
311f163aed Changelog for #200 and bison, flex regenerate. 
- Merge PR #200 from yarikk: add ip-dscp option to specify the DSCP
  tag for outgoing packets.
 2020-03-24 09:25:05 +01:00
W.C.A. Wijngaards
cca5cfc88f - Fix compile on Solaris for unbound-checkconf. 2020-03-23 17:26:06 +01:00
George Thessalonikefs
ce7fd591c6 - Changelog note for PR #198: Declare lz_enter_rr_into_zone() static, 
it's only used in this file, by fobser.
 2020-03-20 13:06:43 +01:00
W.C.A. Wijngaards
e8aab3f3f4 Changelog note for #197. 
- Merge PR #197 from fobser: Make log_ident_revert_to_default() a
  proper prototype.
 2020-03-20 11:54:57 +01:00
Ralph Dolmans
7fa2b19389 - Fix .travis.yml error, missing 'env' option. 2020-03-19 18:11:22 +01:00
Ralph Dolmans
5f7d73ae88 - Merge PR#194: Add libevent testing to Travis, by Jeffrey Walton. 2020-03-19 17:59:08 +01:00
Ralph Dolmans
d0ee8c1cbd Add changelog entries for PR#134. 2020-03-19 17:37:27 +01:00
Ralph Dolmans
2c03028fa3 - Fix #158: open tls-session-ticket-keys as binary, for Windows. By Daisuke 
HIGASHI.
 2020-03-19 14:00:33 +01:00
Ralph Dolmans
acfa55713c - Merge PR#191: Update iOS testing on Travis, by Jeffrey Walton. 2020-03-19 10:55:39 +01:00
W.C.A. Wijngaards
e4268663e6 - Fix #192: In the unbound-checkconf tool, the module config of 
dns64 subnetcache respip validator iterator is whitelisted, it was
  reported it seems to work.
 2020-03-16 09:44:38 +01:00
Wouter Wijngaards
59fe188954 - Fix compile of test tools without protobuf. 2020-03-12 10:49:24 +01:00
Ralph Dolmans
28e6c86e61 - Add check to make sure RPZ records are subdomain of configured zone origin. 2020-03-11 17:37:50 +01:00
George Thessalonikefs
67b4ab2c90 - Changelog entry for (Fix #189, Merge PR #190). 2020-03-11 11:50:38 +01:00
W.C.A. Wijngaards
50bc604586 Changelog for #188 and configure script created. Removed unneeded whitespace. 2020-03-11 08:41:56 +01:00
George Thessalonikefs
730aa097f8 - Changelog note for PR #186: Fix unrecognized 'echo -n' option on OS X, 
by noloader.
 2020-03-06 11:59:13 +01:00
W.C.A. Wijngaards
93c92eeabb Fix changelog note, it is #182, not #184. 2020-03-05 17:03:28 +01:00
W.C.A. Wijngaards
b8540e1e70 Changelog note for #184. 
- Fix PR #184 from noloader: Add iOS testing to Travis.
 2020-03-05 17:02:20 +01:00
Ralph Dolmans
cd6bb00f2c - Update README-Travis.md (from PR #179), by Jeffrey Walton. 2020-03-04 12:02:10 +01:00
George Thessalonikefs
a1b2261b7b - Merge PR #180 from noloader: Avoid calling exit in Travis script. 2020-03-04 10:25:04 +01:00
W.C.A. Wijngaards
779d65208e Changelog note for PR#180 . 
- Merge PR#180 from noloader: Avoid calling exit in Travis script.
 2020-03-04 08:18:00 +01:00
George Thessalonikefs
114d650d32 - Upgrade config.guess(2020-01-01) and config.sub(2020-01-01). 2020-03-03 18:29:11 +01:00
George Thessalonikefs
f4eaf6c0ff - Merge PR #174: Add Android to Travis testing, by noloader. 
- Move android build scripts to contrib/ and allow android tests to fail.
 2020-03-02 15:17:59 +01:00
Ralph Dolmans
26f057d668 Merge branch 'noloader-openssl' 2020-03-02 14:14:25 +01:00
Ralph Dolmans
868ce6372d - Add github reference in changelog (Fix #175, Merge PR #176) 2020-03-02 14:13:20 +01:00
Ralph Dolmans
90040b24ce - Fix link error when OpenSSL is configured with no-engine, thanks noloader. 2020-03-02 14:06:10 +01:00
W.C.A. Wijngaards
4207b58700 - Fix #177: dnstap does not build on macOS. 2020-03-02 13:33:34 +01:00
George Thessalonikefs
c5897dc058 - Fix compiler warning in dns64/dns64.c. 2020-03-02 11:52:33 +01:00
W.C.A. Wijngaards
93189d3083 Changelog note for PR #164 and text for release explanation. 
- Merge PR #164: Framestreams, this branch implements dnstap
  unidirectional connectivity in unbound. This has a number of
  new features.

  The dependency on libfstrm is removed. The fstrm protocol code
  resides in dnstap/dnstap_fstrm.h and dnstap/dnstap_fstrm.c. This
  contains a brief definition of what unbound needs.

  The make unbound-dnstap-socket builds a debug tool,
  unbound-dnstap-socket. It can listen, accept multiple DNSTAP
  streams and print information. Commandline options control it.

  Unbound can reconnect if the unix domain socket file socket is
  closed. This uses exponential backoff after which it uses a
  one second timer to throttle cpu down. There is also support
  to use TCP and TLS for connecting to the log server. There
  are new config options to turn them on, in the dnstap section
  in the man page and example config file. dnstap-ip with IP
  address of server for TCP or TLS use. dnstap-tls to turn
  on TLS. And dnstap-tls-server-name, dnstap-tls-cert-bundle,
  dnstap-tls-client-key-file and dnstap-tls-client-cert-file
  to configure the certificates for server authentication and
  client authentication, or leave at "" to not use that.
 2020-02-28 15:23:54 +01:00
Ralph Dolmans
8f1cb41725 Merge PR #172: Add IBM s390x arch for testing, by noloader. 2020-02-28 11:42:17 +01:00
W.C.A. Wijngaards
d68c1e29b6 Changelog note for PR #173. 
- Merge PR #173: updated makedist.sh for config.guess and
  config.sub and sha256 digest for gpg, by noloader.
 2020-02-28 10:15:57 +01:00
George Thessalonikefs
9efe85fb4c - Merge PR #171: Add additional compilers and platforms to Travis 
testing, by noloader.
 2020-02-27 18:13:22 +01:00
W.C.A. Wijngaards
6f4818ebcb - Fix more undefined sanitizer issues, in respip copy_rrset null 
dname, and in the client_info_compare routine for null memcmp.
 2020-02-27 15:43:27 +01:00
W.C.A. Wijngaards
57bbbfc0e6 - Fix #170: Fix gcc undefined sanitizer signed integer overflow 
warning in signature expiry RFC1982 serial number arithmetic.
 2020-02-27 15:22:35 +01:00
W.C.A. Wijngaards
348e246b66 - Fix #169: Fix warning for daemon/remote.c output may be truncated 
from snprintf.
 2020-02-27 15:08:10 +01:00
W.C.A. Wijngaards
f469049198 - iana portlist updated. 2020-02-26 14:32:14 +01:00
W.C.A. Wijngaards
318d4e91cc - Fix #165: Add prefer-ip4: yesno config option to prefer ipv4 for 
using ipv4 filters, because the hosts ip6 netblock /64 is not owned
  by one operator, and thus reputation is shared.
 2020-02-25 09:55:59 +01:00
George Thessalonikefs
f99dd8f6dc Changelog note for PR #166. 
- Merge PR #166: Fix typo in unbound.service.in, by glitsj16.
 2020-02-24 12:01:20 +01:00
W.C.A. Wijngaards
d2a843b422 - master branch has 1.10.1 version. 2020-02-20 14:42:58 +01:00
W.C.A. Wijngaards
6d7e0d68cf Note tag position in Changelog. 2020-02-20 14:41:39 +01:00
W.C.A. Wijngaards
ec0d6f196e - Updated contrib/unbound_smf23.tar.gz with Solaris SMF service for 
Unbound from Yuri Voinov.
 2020-02-20 09:17:24 +01:00
W.C.A. Wijngaards
6accd3d681 - protect X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS with ifdef for 
different openssl versions.
 2020-02-18 08:31:38 +01:00
W.C.A. Wijngaards
85fd23769f - changelog point where the tag for 1.10.0rc2 release is. 2020-02-17 15:24:29 +01:00
Ralph Dolmans
fe5370a98a - Add respip to supported module-config options in unbound-checkconf. 2020-02-17 13:36:30 +01:00
George Thessalonikefs
4b354d38c1 - Remove unused variable. 2020-02-17 12:56:20 +01:00
W.C.A. Wijngaards
a9b7638f4b Neater changelog 2020-02-17 10:10:44 +01:00
W.C.A. Wijngaards
42fdfd8121 - contrib/drop2rpz: perl script that converts the Spamhaus DROP-List 
in RPZ-Format, contributed by Andreas Schulze.
 2020-02-17 10:09:46 +01:00
W.C.A. Wijngaards
2665ae0414 - Stop unbound-checkconf from insisting that auth-zone and rpz 
zonefiles have to exist.  They can not exist, and download later.
 2020-02-14 07:57:57 +01:00
W.C.A. Wijngaards
77bdbc6e98 - Fix spelling in unbound.conf.5.in. 2020-02-14 07:54:49 +01:00
W.C.A. Wijngaards
00d622bed7 - updated version number to 1.10.0. 2020-02-12 12:51:35 +01:00
W.C.A. Wijngaards
9e193be648 - Fix compile warning when threads disabled. 2020-02-12 11:55:02 +01:00