W.C.A. Wijngaards
e4e0eaa63e
Analysis workflow, fix ctime formatting for autotrust and testbound.
2021-06-25 15:11:10 +02:00
W.C.A. Wijngaards
79209823ac
- Fix a number of warnings reported by the gcc analyzer.
2021-06-18 18:12:26 +02:00
Florian Obser
d4314cad33
Make VAL_MAX_RESTART_COUNT configurable.
...
unbound tries very hard (up to 6 authoritative servers) to find a
validating answer. This is not always desirable, for example on high
latency links.
2021-05-08 16:56:32 +02:00
W.C.A. Wijngaards
e217bb48ad
- Remove case fallthrough from deprecate-rsa-1024 code.
2021-05-07 17:06:09 +02:00
W.C.A. Wijngaards
59ea44322e
- Add ./configure --with-deprecate-rsa-1024 that turns off RSA 1024.
2021-05-07 14:28:20 +02:00
George Thessalonikefs
e9a5f5ab3f
- Add more logging for out-of-memory cases.
2021-05-04 15:39:06 +02:00
W.C.A. Wijngaards
b7a633fdc0
Merge branch 'master' into zonemd
2021-02-04 16:08:11 +01:00
Willem Toorop
48ecf95108
Merge branch 'master' into features/padding
2021-01-22 10:29:50 +01:00
W.C.A. Wijngaards
42d7cdb7d5
zonemd, region freed, and qstate not used when not in a query, and nsec
...
and nsec3 bitmap checks.
2020-10-14 14:46:59 +02:00
W.C.A. Wijngaards
1dc4d7a9f6
zonemd, harden result length for unsupported algo in nettle digest final.
2020-10-09 14:40:26 +02:00
W.C.A. Wijngaards
5e477e8a31
Merge branch 'master' into zonemd
2020-10-09 14:32:24 +02:00
W.C.A. Wijngaards
fca884a7e6
- Fix warning in libnss compile, nss_buf2dsa is not used without DSA.
2020-10-09 14:31:55 +02:00
W.C.A. Wijngaards
6cb0c4c61d
zonemd, libnss implementation and libnettle implementation. Both succeed
...
on unit tests.
2020-10-09 14:30:56 +02:00
W.C.A. Wijngaards
eb4932a463
zonemd, digest code calls, secalgo openssl sha384 and sha512.
2020-10-09 11:19:31 +02:00
W.C.A. Wijngaards
3163a93121
zonemd, loop over zone and canonicalize data, test call in unit test.
2020-10-06 17:07:24 +02:00
W.C.A. Wijngaards
dd59521e52
dlv removal, remove from comments and unused code in iterator and validator
2020-08-04 17:17:48 +02:00
W.C.A. Wijngaards
f78f6a3b29
dlv removal, remove from tests and validator state machine
2020-08-04 09:15:45 +02:00
W.C.A. Wijngaards
c0c722cd97
DLV removal
2020-08-04 09:05:09 +02:00
W.C.A. Wijngaards
ff50993f36
- Fix add missing DSA header, for compilation without deprecated
...
OpenSSL APIs.
2020-07-08 11:43:50 +02:00
Willem Toorop
4f78b37c61
Down- and upstream padding a la RFC7830 & RFC8467
2020-04-02 18:34:03 +02:00
Willem Toorop
d4dcdba07e
Cleanup nettle_ecc_point when verifying for ...
...
... ECDSA256 with libnettle
2020-03-02 12:27:45 +01:00
W.C.A. Wijngaards
57bbbfc0e6
- Fix #170 : Fix gcc undefined sanitizer signed integer overflow
...
warning in signature expiry RFC1982 serial number arithmetic.
2020-02-27 15:22:35 +01:00
W.C.A. Wijngaards
2916cfb3b0
- Fix with libnettle make test with dsa disabled.
2020-02-12 11:15:24 +01:00
W.C.A. Wijngaards
2c4be0c201
- Fix crash after reload where a stats lookup could reference old key
...
cache and neg cache structures.
2020-01-14 15:18:52 +01:00
Florian Obser
da6ac0c4ff
Use passed in neg and key cache if non-NULL.
...
With this the neg and key caches can be shared between multiple
libunbound contexts.
The msg and rrset caches already allowed this since context_finalize()
did not touch those if they are already available and have the correct
size.
Care must be taken to properly unhook the caches from the validator
environment before calling ub_ctx_delete() otherwise one risks double
free or use after free bugs.
2019-12-19 13:20:34 +01:00
W.C.A. Wijngaards
5a00b31f86
- Fix text around serial arithmatic used for RRSIG times to refer
...
to correct RFC number.
2019-12-03 12:58:09 +01:00
W.C.A. Wijngaards
3a49e683ed
- Fix Enum Name not Used, reported by X41 D-Sec.
2019-11-20 14:22:06 +01:00
W.C.A. Wijngaards
3907876eac
- Fix Unrequired Checks, reported by X41 D-Sec.
2019-11-20 14:05:54 +01:00
W.C.A. Wijngaards
fcd9b34bb5
- Fix Useless memset() in validator, reported by X41 D-Sec.
2019-11-20 14:02:58 +01:00
W.C.A. Wijngaards
1fa40654d2
- Fix Race Condition in autr_tp_create(),
...
reported by X41 D-Sec.
2019-11-20 11:01:56 +01:00
W.C.A. Wijngaards
d05d6b959a
- fixes for splint cleanliness, long vs int in SSL set_mode.
2019-11-13 15:16:27 +01:00
Vladimír Čunát
ec021e0d4b
fix build with nettle-3.5
...
https://git.lysator.liu.se/nettle/nettle/commit/8bf4747d9
2019-10-02 20:05:03 +02:00
W.C.A. Wijngaards
4700d79024
- avoid warning about upcast on 32bit systems for autotrust.
2019-08-15 14:25:46 +02:00
W.C.A. Wijngaards
9d9884c442
- Fix autotrust temp file uniqueness windows compile.
2019-08-15 14:02:14 +02:00
W.C.A. Wijngaards
fe0b1da859
Fix comment.
2019-07-29 16:58:23 +02:00
W.C.A. Wijngaards
27811ffaa9
- Add hex print of trust anchor pointer to trust anchor file temp
...
name to make it unique, for libunbound created multiple contexts.
2019-07-29 16:51:40 +02:00
Wouter Wijngaards
c1c1cd97e7
- Remove clang analysis warnings.
...
git-svn-id: file:///svn/unbound/trunk@4998 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-11-29 14:39:26 +00:00
Wouter Wijngaards
5c25bbd93f
fix error print
...
git-svn-id: file:///svn/unbound/trunk@4911 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-09-17 07:44:11 +00:00
Wouter Wijngaards
d8937492cb
fixup 3
...
git-svn-id: file:///svn/unbound/trunk@4910 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-09-17 07:35:09 +00:00
Wouter Wijngaards
e91d85edb5
Fixup
...
git-svn-id: file:///svn/unbound/trunk@4909 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-09-17 07:32:40 +00:00
Wouter Wijngaards
5089db7331
- Fix unbound for openssl in FIPS mode, it uses the digests with
...
the EVP call contexts.
git-svn-id: file:///svn/unbound/trunk@4908 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-09-17 07:28:55 +00:00
Wouter Wijngaards
2e9d09b961
- initialize statistics totals for printout.
...
- in authzone check that node exists before adding rrset.
- in unbound-anchor, use readwrite memory BIO.
- assertion in autotrust that packed rrset is formed correctly.
git-svn-id: file:///svn/unbound/trunk@4903 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-09-13 12:20:41 +00:00
Wouter Wijngaards
75b8b8c875
- Free memory leak in config strlist append.
...
- make sure nsec3 comparison salt is initialized.
git-svn-id: file:///svn/unbound/trunk@4900 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-09-13 10:23:30 +00:00
Ralph Dolmans
2e5e31e8ac
- Added serve-expired-ttl and serve-expired-ttl-reset options.
...
git-svn-id: file:///svn/unbound/trunk@4876 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-28 14:21:56 +00:00
Wouter Wijngaards
4fe427ded2
- log-servfail: yes prints log lines that say why queries are
...
returning SERVFAIL to clients.
git-svn-id: file:///svn/unbound/trunk@4863 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-17 15:22:05 +00:00
Wouter Wijngaards
b0ca964984
and printout for these cases too.
...
git-svn-id: file:///svn/unbound/trunk@4862 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-17 15:09:23 +00:00
Wouter Wijngaards
b0daf867c2
and the error looks good.
...
git-svn-id: file:///svn/unbound/trunk@4860 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-17 14:17:48 +00:00
Wouter Wijngaards
8e5a32f4dc
- Fix that printout of error for cycle targets is a verbosity 4
...
printout and does not wrongly print it is a memory error.
git-svn-id: file:///svn/unbound/trunk@4851 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-14 07:27:57 +00:00
George Thessalonikefs
749d1b9ebc
- Expose if a query (or a subquery) was ratelimited (not src IP
...
ratelimiting) to libunbound under 'ub_result.was_ratelimited'.
This also introduces a change to 'ub_event_callback_type' in
libunbound/unbound-event.h.
- Tidy pylib tests.
git-svn-id: file:///svn/unbound/trunk@4828 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-03 14:00:46 +00:00
Ralph Dolmans
127759b160
strcpy to memmove, to please analysers
...
git-svn-id: file:///svn/unbound/trunk@4656 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-24 10:10:11 +00:00