daiyunwei
0784ad7a11
#420
...
clear the c->buffer in the comm_point_send_reply does resolve the "can't fit qbuffer in c->buffer" issue, but it breaks the mesh reply list function that need to reuse the answer. because the c->buffer is cleared in the comm_point_send_reply, it cannot be resued again. it means that it is not inappropriate to clear c->buffer in the comm_point_send_reply.
After some investigation, i found it is appropriate to clear c->buffer before use in the http2_query_read_done.
2021-08-03 11:40:30 +08:00
W.C.A. Wijngaards
89e2f2f753
- iana portlist update.
2021-08-02 15:26:20 +02:00
W.C.A. Wijngaards
b6abcb1508
- For #515 : Fix compilation with openssl 3.0.0 beta2, lib64 dir and
...
SSL_get_peer_certificate.
- Move acx_nlnetlabs.m4 to version 41, with lib64 openssl dir check.
2021-07-30 13:54:43 +02:00
Artem Egorenkov
d9153cb35b
Option --enable-linux-ip-local-port-range added to use system configured port range for libunbound on Linux
2021-07-20 14:46:43 +02:00
George Thessalonikefs
ca4d68c64c
- Introduce 'http-user-agent:' and 'hide-http-user-agent:' options.
2021-07-16 14:32:18 +02:00
W.C.A. Wijngaards
8180ca192f
- Fix for #510 : in depth, use ifdefs for windows api event calls.
2021-07-16 09:12:06 +02:00
Nick Porter
2c3f764d61
Don't call a function which hasn't been defined
2021-07-15 17:55:33 +01:00
W.C.A. Wijngaards
3f7e164751
- iana portlist update.
2021-07-06 15:15:43 +02:00
W.C.A. Wijngaards
79209823ac
- Fix a number of warnings reported by the gcc analyzer.
2021-06-18 18:12:26 +02:00
George Thessalonikefs
d02e956da0
- Changelog entry for #486 : Make VAL_MAX_RESTART_COUNT configurable.
...
- Generetated lexer and parser for #486 ; updated example.conf.
2021-06-09 12:32:58 +02:00
gthess
45be341267
Merge pull request #486 from fobser/val-max-restart
...
Make VAL_MAX_RESTART_COUNT configurable.
2021-06-09 12:09:27 +02:00
W.C.A. Wijngaards
cf0aad9fb6
Merge branch 'master' into rpz-triggers
2021-05-28 15:00:55 +02:00
W.C.A. Wijngaards
ea4f1ee8a6
- zonemd-check: yesno option, default no, enables the processing
...
of ZONEMD records for that zone.
2021-05-27 14:20:53 +02:00
Jim Hague
6066a24405
Use build system endianness if available, otherwise try to work it out.
...
The getdns build system provides the endianness, enabling building on
Windows native. This change is a convenience for getdns maintainers.
2021-05-27 10:57:35 +01:00
W.C.A. Wijngaards
11b3ebc386
- Move the NSEC3 max iterations count in line with the 150 value
...
used by BIND, Knot and PowerDNS. This sets the default value
for it in the configuration to 150 for all key sizes.
2021-05-25 14:35:19 +02:00
W.C.A. Wijngaards
e5cb48c432
Merge branch 'master' into rpz-triggers
2021-05-21 14:09:30 +02:00
George Thessalonikefs
ff6b527184
- Fix for #411 , #439 , #469 : Reset the DNS message ID when moving queries
...
between TCP streams.
- Refactor for uniform way to produce random DNS message IDs.
2021-05-19 15:07:32 +02:00
W.C.A. Wijngaards
355526da7d
- rpz-triggers, the added soa for client ip modified answers is affected
...
by the minimal-responses config option.
2021-05-14 16:34:38 +02:00
W.C.A. Wijngaards
50dcadd495
- rpz-triggers, for clientip modified answers the rpz SOA is added to the
...
additional section with the serial number and name of the rpz zone that
was applied.
2021-05-14 15:34:48 +02:00
W.C.A. Wijngaards
32d82fac9b
Merge branch 'master' into rpz-triggers
2021-05-14 08:47:56 +02:00
Florian Obser
d4314cad33
Make VAL_MAX_RESTART_COUNT configurable.
...
unbound tries very hard (up to 6 authoritative servers) to find a
validating answer. This is not always desirable, for example on high
latency links.
2021-05-08 16:56:32 +02:00
W.C.A. Wijngaards
80f06ae9b1
- Rerun flex and bison.
2021-05-04 16:24:16 +02:00
George Thessalonikefs
e9a5f5ab3f
- Add more logging for out-of-memory cases.
2021-05-04 15:39:06 +02:00
André Cruz
e07f973938
Allow configuration of TCP timeout while waiting for response
...
This allows us to configure how long Unbound will wait for a response
on a TCP connection.
2021-04-28 16:20:46 +01:00
George Thessalonikefs
45328d37b1
- Fix compiler warning for signed/unsigned comparison for
...
max_reuse_tcp_queries.
2021-04-28 16:15:52 +02:00
W.C.A. Wijngaards
4604f30d70
- Fix #474 : always_null and others inside view.
2021-04-28 14:05:23 +02:00
Wouter Wijngaards
646d6b9bce
Merge pull request #470 from edevil/configurable_tcp
...
Allow configuration of persistent TCP connections
2021-04-26 16:07:16 +02:00
W.C.A. Wijngaards
25425d9aa7
- Fix #468 : OpenSSL 1.0.1 can no longer build Unbound.
2021-04-22 09:00:15 +02:00
André Cruz
75875d4d1c
Allow configuration of persistent TCP connections
...
Added 2 new options to configure previously hardcoded
values: max-reuse-tcp-queries and tcp-reuse-timeout. These
allow fine-grained control over how unbound uses persistent
TCP connections to authority servers.
2021-04-21 13:50:45 +01:00
Felipe Gasper
0efccaa1eb
Support OpenSSLs that lack SSL_get0_alpn_selected.
2021-04-19 13:05:50 -04:00
W.C.A. Wijngaards
b366441157
Merge branch 'master' into rpz-triggers
2021-04-14 09:39:41 +02:00
George Thessalonikefs
13e445d50b
- Remove unused functions worker_handle_reply and
...
libworker_handle_reply.
2021-04-13 14:54:26 +02:00
W.C.A. Wijngaards
addd21f750
- Fix permission denied sendto log, squelch the log messages
...
unless high verbosity is set.
2021-04-12 11:18:23 +02:00
Christian Allred
0e3068559c
Add max-query-restarts to grammar and lexer
2021-04-05 16:24:49 -07:00
Christian Allred
41fa45c99e
Add max-query-restarts config parameter
2021-04-05 15:41:53 -07:00
W.C.A. Wijngaards
1c75e62804
- rpz-triggers, separate cache storage of RPZ records from network records.
2021-04-01 12:06:14 +02:00
W.C.A. Wijngaards
49d9e91492
Merge branch 'master' into rpz-triggers
2021-03-25 17:28:53 +01:00
W.C.A. Wijngaards
ff0c5f863d
- Fix #429 : Also fix end of transfer for http download of auth zones.
2021-03-25 12:18:49 +01:00
W.C.A. Wijngaards
5b782d0a22
- iana portlist update.
2021-03-22 09:12:41 +01:00
W.C.A. Wijngaards
57d4c3a8a4
- Fix for #447 : squelch connection refused tcp connection failures
...
from the log, unless verbosity is high.
2021-03-19 17:43:36 +01:00
W.C.A. Wijngaards
6f507eb036
Merge branch 'master' into rpz-triggers
2021-03-12 09:04:54 +01:00
W.C.A. Wijngaards
9753f36463
- iana portlist update.
2021-03-04 10:14:32 +01:00
Wouter Wijngaards
209dc32624
Merge pull request #367 from NLnetLabs/dnstap-log-local-addr
...
DNSTAP log local address
2021-02-25 11:58:36 +01:00
W.C.A. Wijngaards
6612974d12
- spelling fix in header.
2021-02-24 16:56:57 +01:00
W.C.A. Wijngaards
a9e15f36d8
- Fix unit test for added ulimit checks.
2021-02-24 15:30:12 +01:00
W.C.A. Wijngaards
40fbc3fa8a
- Fix #431 : Squelch permission denied errors for tcp connect
2021-02-22 08:24:04 +01:00
W.C.A. Wijngaards
bc4bdbabea
- Fix #429 : rpz: url: with https: broken (regression in 1.13.1).
2021-02-19 14:42:02 +01:00
W.C.A. Wijngaards
f5339ec7e5
Merge branch 'master' into dnstap-log-local-addr
2021-02-18 13:12:09 +01:00
W.C.A. Wijngaards
3b24d845ff
- Fix doxygen and pydoc warnings.
2021-02-18 11:39:06 +01:00
W.C.A. Wijngaards
c906401597
Merge branch 'master' into zonemd
2021-02-12 17:21:51 +01:00
yunwei
5d5e4579de
Merge pull request #1 from NLnetLabs/master
...
synchronize the code.
2021-02-10 09:03:38 +08:00
W.C.A. Wijngaards
b7a633fdc0
Merge branch 'master' into zonemd
2021-02-04 16:08:11 +01:00
W.C.A. Wijngaards
ad8104bb7c
- Fix empty clause warning in edns pass for padding.
2021-01-28 09:15:45 +01:00
W.C.A. Wijngaards
3a19ceaae6
- Fix to use correct type for label count in ipdnametoaddr rpz routine.
2021-01-28 09:14:19 +01:00
W.C.A. Wijngaards
cb55b5906a
- Fix empty clause warning in config_file nsid parse.
2021-01-28 09:11:46 +01:00
George Thessalonikefs
515df834a5
Merge branch 'rijswijk-orig_ttl'
2021-01-26 12:58:38 +01:00
George Thessalonikefs
707eb6108d
Merge branch 'yacc-clashes' of https://github.com/fobser/unbound into fobser-yacc-clashes
2021-01-25 20:56:36 +01:00
George Thessalonikefs
f5b7169729
Merge branch 'orig_ttl' of https://github.com/rijswijk/unbound into rijswijk-orig_ttl
2021-01-25 17:39:24 +01:00
Willem Toorop
ca2139bf3d
Some review nits from George
2021-01-25 15:13:54 +01:00
Roland van Rijswijk-Deij
d253db04fd
Addressed review comment from @wcawijngaards
2021-01-22 18:56:09 +00:00
Roland van Rijswijk-Deij
c4c849d878
Rebase on master
2021-01-22 16:44:56 +00:00
Willem Toorop
48ecf95108
Merge branch 'master' into features/padding
2021-01-22 10:29:50 +01:00
yunwei
0215500261
Update netevent.c
...
#386
I found the root cause of this issue. r_buffer is r->query_reply.c->buffer, used to fill the reply in the mesh_send_reply function, then call comm_point_send_reply, and then call http2_submit_dns_response to send the DOH response. However, the buffer is not cleared after use. If the query length is greater than the last response length, the next dns query in the same H2 session will encounter an error.
This is bug!!!
Clear the buffer after use.
2021-01-20 14:12:51 +08:00
Florian Obser
68d92b7bbb
Prevent a few more yacc clashes.
2021-01-19 17:13:00 +01:00
Willem Toorop
a152c7f907
Merge branch 'master' into features/nsid
2021-01-19 14:21:18 +01:00
W.C.A. Wijngaards
c125fe67bc
- Fix #404 : DNS query with small edns bufsize fail.
2021-01-18 08:29:52 +01:00
W.C.A. Wijngaards
cdb60adcdc
Merge branch 'rpz' of https://github.com/magenbluten/unbound into magenbluten-rpz
...
Conflict fixed for rpz.disabled check added.
2021-01-14 12:11:29 +01:00
xiangbao227
93e5705259
I found that in function lruhash_remove, table was locked at first ,then lru_remove the entry , then unlock the table, and then markdel entry , but in function rrset_cache_touch , the entry will be touched to lru again before markdelling entry in function lruhash_remove. This is a bug!
2021-01-13 10:33:41 +08:00
W.C.A. Wijngaards
d1b92a6ce2
- Fix so local zone types always_nodata and always_deny can be used
...
from the config file.
2021-01-12 13:39:07 +01:00
W.C.A. Wijngaards
3322f631e5
- Fix #397 : [Feature request] add new type always_null to local-zone
...
similar to always_nxdomain.
2021-01-12 13:35:05 +01:00
W.C.A. Wijngaards
d9dd7bc36f
- Add comment documentation.
2021-01-08 11:01:06 +01:00
W.C.A. Wijngaards
ee2545d939
- For #391 : fix indentation.
2021-01-08 09:53:52 +01:00
W.C.A. Wijngaards
3e03e2c26d
- For #391 : use struct timeval* start_time for callback information.
2021-01-08 09:47:46 +01:00
Wouter Wijngaards
48724de155
Merge pull request #391 from fhriley/reply_cb_start_time
...
Add start_time to reply callbacks so modules can compute the response…
2021-01-08 09:35:07 +01:00
Anton Lindqvist
422213c171
add missing null check
...
I have a unbound forward zone configured on my router for my $DAYJOB.
The address associated with the zone is only accessible when the router
is connected to a VPN. If the VPN connection is absent, trying to
resolve any domain that must be handled by the zone crashes unbound.
Turns out there's a missing NULL check in `comm_point_send_udp_msg()`.
The same routine already has `if (addr) {} else {}` branches so I guess
protecting the call to `log_addr()` using the same conditional is
reasonable
I have also committed the same fix to unbound shipped with OpenBSD[1].
[1] https://marc.info/?l=openbsd-cvs&m=160993335615698&w=2
2021-01-06 12:44:26 +01:00
W.C.A. Wijngaards
44075a06a5
- Fix #379 : zone loading over HTTP appears to have buffer issues.
2021-01-06 10:36:23 +01:00
W.C.A. Wijngaards
64cccdb8d5
- iana portlist updated.
2021-01-04 14:18:24 +01:00
W.C.A. Wijngaards
4d51c6b86e
- For #376 : Fix that comm point event is not double removed or double
...
added to event map.
2021-01-04 14:05:50 +01:00
Frank Riley
e3abd772f7
Add start_time to reply callbacks so modules can compute the response time.
2021-01-01 15:44:21 -07:00
Frank Riley
28b45e1d87
Add missing callbacks to the python module
2021-01-01 10:19:32 -07:00
George Thessalonikefs
08968baec1
- Fix error cases when udp-connect is set and send() returns an error
...
(modified patch from Xin Li @delphij).
2020-12-16 17:11:41 +01:00
Wouter Wijngaards
48c038391a
Merge pull request #373 from fobser/void-arithmetic
...
Warning: arithmetic on a pointer to void is a GNU extension.
2020-12-11 14:07:30 +01:00
Wouter Wijngaards
29b5b25852
Merge pull request #335 from fobser/static
...
Sprinkle in some static to prevent missing prototype warnings.
2020-12-11 14:03:46 +01:00
Florian Obser
15e1b16da0
Warning: arithmetic on a pointer to void is a GNU extension.
2020-12-11 14:00:20 +01:00
W.C.A. Wijngaards
7077660932
- Fix to squelch permission denied and other errors from remote host,
...
they are logged at higher verbosity but not on low verbosity.
2020-12-11 10:30:54 +01:00
W.C.A. Wijngaards
51e431ada1
doxygen comments fixup
2020-12-09 14:17:02 +01:00
W.C.A. Wijngaards
6bf1293bcd
No need for mk_local_addr, can pass the sockaddr structure.
2020-12-09 11:56:35 +01:00
W.C.A. Wijngaards
7167153db5
configure test for struct sockaddr_in6 sin6_len member
2020-12-09 11:41:07 +01:00
W.C.A. Wijngaards
72d3b588ca
For the DoH create_http_handler, also pass the socket.
2020-12-09 11:29:57 +01:00
W.C.A. Wijngaards
31cedb47cb
Remove unused whitespace, add missing header change, make it compile
2020-12-09 11:13:58 +01:00
W.C.A. Wijngaards
bdfa65c6ab
Import the patches from the files in the tarball in
...
issue #365 https://github.com/NLnetLabs/unbound/files/5659923/patches.tar.gz
from iruzanov. The merge conflicts are fixed, but no changes are made
to the patched code.
2020-12-09 11:00:51 +01:00
W.C.A. Wijngaards
b49cc2e667
- iana portlist updated.
2020-12-03 10:27:19 +01:00
W.C.A. Wijngaards
9eeb95a960
- Fix update, with write event check with streamreuse and fastopen.
2020-12-02 16:17:26 +01:00
W.C.A. Wijngaards
0502ab3026
- Fix for #283 : fix stream reuse and tcp fast open.
2020-12-02 15:42:24 +01:00
W.C.A. Wijngaards
e049fb303c
- Fix on windows to ignore connection failure on UDP, unless verbose.
2020-12-02 11:58:24 +01:00
Willem Toorop
fb150f9655
Merge branch 'master' into features/nsid
2020-12-02 11:19:32 +01:00
W.C.A. Wijngaards
16c496bff6
- Fix #356 : deadlock when listening tcp.
2020-12-02 10:10:27 +01:00
W.C.A. Wijngaards
1ebf851bf0
- Fix #360 : for the additionally reported TCP Fast Open makes TCP
...
connections fail, in that case we print a hint that this is
happening with the error in the logs.
2020-12-02 09:51:26 +01:00
Willem Toorop
ddb751751c
NSID for Unbound
2020-12-01 15:19:17 +01:00
W.C.A. Wijngaards
67a0614db7
- Fix that after failed read, the readagain cannot activate.
2020-11-26 12:12:52 +01:00
W.C.A. Wijngaards
4a8669612a
- Fix to omit UDP receive errors from log, if verbosity low.
...
These happen because of udp-connect.
2020-11-26 09:39:54 +01:00
W.C.A. Wijngaards
e50152aa1f
- Fix readagain and writeagain callback functions for comm point
...
cleanup.
2020-11-25 13:46:28 +01:00
W.C.A. Wijngaards
a5167e495f
- Fix memory leak for edns client tag opcode config element.
2020-11-25 12:04:38 +01:00
W.C.A. Wijngaards
15e8f5c6d4
- Fix udp-connect on FreeBSD, do send calls on connected UDP socket.
2020-11-25 09:55:01 +01:00
W.C.A. Wijngaards
5924a591be
- with udp-connect ignore connection refused with UDP timeouts.
2020-11-25 09:41:06 +01:00
W.C.A. Wijngaards
4e8a1ede3b
- Fix padding of struct regional for 32bit systems.
2020-11-24 17:06:54 +01:00
W.C.A. Wijngaards
a69304011a
- iana portlist updated.
2020-11-24 13:17:15 +01:00
Wouter Wijngaards
ead06af086
Merge branch 'master' into stream-reuse
2020-11-24 08:20:07 +01:00
George Thessalonikefs
b0247b6e93
Merge branch 'master' into edns-string
2020-11-23 16:58:30 +01:00
W.C.A. Wijngaards
9cc8aa1ddf
- Option to toggle udp-connect, default is enabled.
2020-11-23 11:06:53 +01:00
W.C.A. Wijngaards
9423b5b8b2
Merge branch 'master' into stream-reuse
2020-11-23 09:49:26 +01:00
mb
f7fb338c95
rpz: continue work on the nsip trigger
2020-11-16 12:42:23 +01:00
Ralph Dolmans
946ed23f73
Merge branch 'master' into edns-string
2020-11-11 11:37:32 +01:00
Florian Obser
9fb65e2b9e
Sprinkle in some static to prevent missing prototype warnings.
2020-10-28 14:15:23 +01:00
W.C.A. Wijngaards
94ac072f9b
zonemd, zonemd-reject-absence config for an auth-zone rejects the zone if
...
no ZONEMD is present.
2020-10-26 15:37:43 +01:00
W.C.A. Wijngaards
2b9569c7fe
zonemd, fix config_get_option for zonemd-permissive-mode and unit test
...
for zonemd-permissive-mode.
2020-10-23 14:38:57 +02:00
W.C.A. Wijngaards
165b048e07
zonemd, zonemd-permissive-mode: yes logs the failure but does not block
...
the zone after a ZONEMD verification failure.
2020-10-23 14:33:04 +02:00
W.C.A. Wijngaards
5d7e001c63
Merge branch 'master' into zonemd
2020-10-22 09:49:27 +02:00
W.C.A. Wijngaards
4990dae87d
- Fix that minimal-responses does not remove addresses from a priming
...
query response.
2020-10-22 09:26:27 +02:00
George Thessalonikefs
0272889c44
- Fix #320 : potential memory corruption due to size miscomputation upton
...
custom region alloc init.
2020-10-21 17:44:04 +02:00
W.C.A. Wijngaards
2ebc4eae2f
Merge branch 'master' into zonemd
2020-10-21 10:59:32 +02:00
W.C.A. Wijngaards
1e9381f76c
Merge branch 'master' into stream-reuse
2020-10-21 10:36:27 +02:00
W.C.A. Wijngaards
37354c8927
Merge branch 'master' into infra-keep-probing
2020-10-21 10:13:10 +02:00
W.C.A. Wijngaards
78e9b8949c
Merge branch 'master' into stream-reuse
...
Resolved comm_point_start_listening conflict for socket close.
2020-10-21 09:54:03 +02:00
W.C.A. Wijngaards
531ce9e85c
Fixup for clear of tcp handler structure.
2020-10-19 13:36:53 +02:00
W.C.A. Wijngaards
68c57314c4
- Fix to set the tcp handler event toggle flag back to default when
...
the handler structure is reused.
2020-10-19 12:55:43 +02:00
W.C.A. Wijngaards
4a14ef8c3a
Merge branch 'master' into zonemd
2020-10-19 11:33:32 +02:00
Ralph Dolmans
a433a25ba3
Merge pull request #329 from NLnetLabs/nochunk-region
...
local-zone regional allocations outside of chunk
2020-10-19 11:21:30 +02:00
W.C.A. Wijngaards
ab9d732796
- Log ip address when http session recv fails, eg. due to tls fail.
2020-10-19 11:06:55 +02:00
W.C.A. Wijngaards
a3e2bfbb0c
- Fix #330 : [Feature request] Add unencrypted DNS over HTTPS support.
...
This adds the option http-notls-downstream: yesno to change that,
and the dohclient test code has the -n option.
2020-10-19 10:24:03 +02:00
W.C.A. Wijngaards
ba074c8bef
- Fix memory leak of https port string when reading config.
2020-10-19 10:14:40 +02:00
W.C.A. Wijngaards
46607e7c0c
- Fix that http settings have colon in set_option, for
...
http-endpoint, http-max-streams, http-query-buffer-size,
http-response-buffer-size, and http-nodelay.
2020-10-19 09:06:33 +02:00
Ralph Dolmans
1d11f470df
- local-zone regional allocations outside of chunk to prevent large
...
chunk per small local-zone allocations.
2020-10-16 17:12:08 +02:00
George Thessalonikefs
d55084ea9e
- Fix that if there are reply callbacks for the given rcode, those
...
are called per reply and a new message created if that was modified
by the call.
- Pass the comm_reply information to the inplace_cb_reply* functions
during the mesh state and update the documentation on that.
2020-10-15 17:17:59 +02:00
W.C.A. Wijngaards
22e82765f9
zonemd, dnssec verification routines.
2020-10-14 13:34:50 +02:00
Ralph Dolmans
eb799026ff
Replace edns-client-tag with edns-client-string option
2020-09-30 23:17:53 +02:00
Ralph Dolmans
b6d04f500b
- DNS Flag Day 2020: change edns-buffer-size default to 1232.
2020-09-29 14:07:38 +02:00
Ralph Dolmans
eb8ec9c18b
- Use inclusive language in configuration
2020-09-23 14:35:51 +02:00
W.C.A. Wijngaards
3527171397
- Fix to ifdef fptr wlist item for dnstap.
2020-09-23 14:30:31 +02:00
Ralph Dolmans
7da369e85a
- Add edns-client-tag-opcode option
2020-09-23 12:09:48 +02:00
W.C.A. Wijngaards
e41daa954e
Merge branch 'master' of github.com:NLnetLabs/unbound
2020-09-23 11:14:50 +02:00
W.C.A. Wijngaards
48a56751e9
- Fix #305 : dnstap logging significantly affects unbound performance
...
(regression in 1.11).
2020-09-23 11:13:52 +02:00
Ralph Dolmans
9e9810ab8b
- Fix edns-client-tags get_option typo
2020-09-23 10:05:39 +02:00
W.C.A. Wijngaards
c5f0ec36bb
- iana portlist updated.
2020-09-21 11:38:20 +02:00
W.C.A. Wijngaards
6ea24c5c86
- iana portlist updated.
2020-09-18 13:43:16 +02:00
Ralph Dolmans
ea90f50ca8
Merge branch 'master' into doh
2020-09-18 12:05:53 +02:00
W.C.A. Wijngaards
2541ccbb1b
- Fix that prefer-ip4 and prefer-ip6 can be get and set with
...
unbound-control, with libunbound and the unbound-checkconf option
output function.
2020-09-18 09:56:38 +02:00
Ralph Dolmans
4ae823fbc2
Merge branch 'master' into doh
2020-09-16 18:38:51 +02:00
Ralph Dolmans
42a35ac26e
- Final round of DoH review feedback processing.
2020-09-16 18:25:02 +02:00
Ralph Dolmans
a3be2b73b6
Properly handle http_endpoint malloc failure.
2020-09-10 13:05:55 +02:00
W.C.A. Wijngaards
47a5dc8cae
- Refactor to use sock_strerr shorthand function.
2020-08-31 09:12:01 +02:00
W.C.A. Wijngaards
a6dc0743b4
- Merge PR #293 : Add missing prototype. Also refactor to use the new
...
shorthand function to clean up the code.
2020-08-31 08:41:34 +02:00
W.C.A. Wijngaards
f6a527c25a
- Similar to NSD PR#113, implement that interface names can be used,
...
eg. something like interface: eth0 is resolved at server start and
uses the IP addresses for that named interface.
2020-08-27 14:53:33 +02:00
Ralph Dolmans
a6603c94d8
Merge branch 'master' of github.com:NLnetLabs/unbound
2020-08-10 17:32:00 +02:00
Ralph Dolmans
31f81adadb
- Check for existence 'EVP_MAC_CTX_set_params' function (openssl >=
...
3.0.0-alpha5)
2020-08-10 17:29:06 +02:00
Ralph Dolmans
afd49e897f
Merge branch 'openssl-3.0' of https://github.com/ciz/unbound into ciz-openssl-3.0
2020-08-06 17:27:27 +02:00
W.C.A. Wijngaards
2fade6f970
Merge branch 'master' into dlv-removal
2020-08-06 14:20:42 +02:00
W.C.A. Wijngaards
4ec55910c4
dlv removal, free unused variable.
2020-08-06 08:14:14 +02:00
Ralph Dolmans
74ec8a758b
Merge pull request #272 from NLnetLabs/edns-client-tag
...
Add EDNS client tag functionality
2020-08-05 16:07:49 +02:00
Ralph Dolmans
70c8d09edd
- Process EDNS client tag review feedback
2020-08-05 15:56:45 +02:00
W.C.A. Wijngaards
c0c722cd97
DLV removal
2020-08-04 09:05:09 +02:00
W.C.A. Wijngaards
4770359384
Merge branch 'master' into stream-reuse
2020-08-04 08:45:15 +02:00
W.C.A. Wijngaards
6983189528
Merge branch 'master' into infra-keep-probing
2020-08-04 08:45:04 +02:00
W.C.A. Wijngaards
fc55345dcb
- Fix mini_event.h on OpenBSD cannot find fd_set.
2020-08-04 08:14:25 +02:00
Vitezslav Cizek
61100b6463
net_help: Rename EVP_MAC_set_ctx_params to EVP_MAC_CTX_set_params
...
This fixes build with OpenSSL 3.0.0 Alpha 5.
EVP_MAC_set_ctx_params got renamed back to EVP_MAC_CTX_set_params
in https://github.com/openssl/openssl/pull/12186
2020-07-31 14:48:44 +02:00
W.C.A. Wijngaards
2f9050dde8
Merge branch 'master' into stream-reuse
2020-07-31 09:11:35 +02:00
W.C.A. Wijngaards
1cfa21f23d
Merge branch 'master' into infra-keep-probing
2020-07-31 09:11:20 +02:00
W.C.A. Wijngaards
e855d5779a
- Fix doxygen comment for no ssl for tls session ticket key callback
...
routine.
2020-07-31 09:10:40 +02:00
Ubuntu
f95dce8e34
Rebase on master
2020-07-29 16:02:16 +00:00
Ubuntu
027884aad2
Disable enforcing of min/max TTL when serving original TTL
2020-07-29 15:52:58 +00:00
Ubuntu
506dad946b
Ensure packet_rrset_data is always initialised to zero upon allocation
2020-07-29 15:26:42 +00:00
Ralph Dolmans
2fe398f4bf
EDNS client tags - insert configured tags into tree
2020-07-24 16:00:13 +02:00
Ralph Dolmans
64806a0d14
Add edns-client-tag configuration option
2020-07-24 14:52:04 +02:00
Ralph Dolmans
16029281a8
Start of EDNS client tags implementation.
2020-07-23 17:17:44 +02:00
W.C.A. Wijngaards
8b43b94b22
Merge branch 'master' into stream-reuse
2020-07-22 09:53:57 +02:00
W.C.A. Wijngaards
63b92ea1e8
Merge branch 'master' into infra-keep-probing
2020-07-22 09:53:30 +02:00
W.C.A. Wijngaards
7d4445c03d
- Fix libnettle compile for session ticket key callback function
...
changes.
2020-07-17 16:53:52 +02:00
Ralph Dolmans
14a0433470
- Merge PR #234 - Ensure proper alignment of cmsg buffers by Jérémie
...
Courrèges-Anglas.
- Fix PR #234 log_assert sizeof to use union buffer.
2020-07-17 13:07:03 +02:00
Ralph Dolmans
7d364f1111
Merge branch 'align-cmsg-buffers' of https://github.com/jcourreges/unbound into jcourreges-align-cmsg-buffers
2020-07-17 13:01:44 +02:00
W.C.A. Wijngaards
3d1383bed3
Merge branch 'master' into infra-keep-probing
2020-07-16 16:00:06 +02:00
W.C.A. Wijngaards
ff5d0ce327
Merge branch 'master' into stream-reuse
2020-07-16 14:13:24 +02:00
George Thessalonikefs
833ab1aab3
Merge branch 'master' into include-toplevel
2020-07-16 12:53:29 +02:00
Ubuntu
ec6fde611c
Cleaned up adjustment in message encoding, fixes spurious negative TTLs
2020-07-15 15:36:06 +00:00
Ubuntu
b5b79e3a36
Add feature to serve original TTLs rather than decrementing ones
2020-07-15 15:15:45 +00:00
George Thessalonikefs
7f802b07ef
Merge branch 'master' into include-toplevel
2020-07-15 15:17:48 +02:00
Ralph Dolmans
d4bcfbe996
Merge branch 'master' into fstrm-bidi
2020-07-13 17:30:36 +02:00
Ralph Dolmans
9cebc13150
- Add option to send DNSTAP messages over bidirectional frame streams
2020-07-13 17:28:50 +02:00
W.C.A. Wijngaards
766005a356
stream reuse, in callbacks, removed whitespace.
2020-07-13 15:45:16 +02:00
W.C.A. Wijngaards
19a35fb839
stream reuse, write and read again if more data can go over the channel,
...
this amortizes the event loop mechanism for busy channels, for performance.
2020-07-13 15:16:59 +02:00
W.C.A. Wijngaards
9914b7216b
stream reuse, remove debug output
2020-07-10 16:06:17 +02:00
W.C.A. Wijngaards
7a69ff4182
fix that ssl_handle_it() uses tcp_is_reading in tcp_write_and_read mode.
...
fix that netevent tcp_write_and_read mode does not close due to error from
assert that not both write and read happen at the same time.
2020-07-10 15:37:30 +02:00
W.C.A. Wijngaards
e95edd3d36
debug prints in verbose output.
2020-07-09 13:41:50 +02:00
W.C.A. Wijngaards
ccc9e0749c
stream reuse toggle write and read to only read mode when write is done.
...
tcp callback from stream read without entry linked.
2020-07-09 13:41:03 +02:00
W.C.A. Wijngaards
80f21f48c5
Merge branch 'master' into stream-reuse
2020-07-09 08:55:19 +02:00
W.C.A. Wijngaards
abe7a01bf5
Merge branch 'master' into infra-keep-probing
2020-07-09 08:55:01 +02:00
W.C.A. Wijngaards
e99b5046eb
- Fix to use SSL_CTX_set_tlsext_ticket_key_evp_cb in OpenSSL
...
3.0.0-alpha4.
- Longer keys for the test set, this avoids weak crypto errors.
2020-07-08 16:22:39 +02:00
W.C.A. Wijngaards
cfe009a31c
tcp read and write handling of write events in netevent for tcp and ssl.
2020-06-26 16:05:15 +02:00
W.C.A. Wijngaards
64c8d18814
in tcp write callback routine dont reset read byte count if write and read.
...
in tcp write callback and write and read and write is done perform callback.
tcp connection is selected to not toggle readwrite and give closed callback.
2020-06-26 10:54:13 +02:00
W.C.A. Wijngaards
39a50f30a3
tcp callback handle timeout event for read and reuse keepalive.
2020-06-25 14:26:29 +02:00
W.C.A. Wijngaards
5f5cdd3be1
comm point write and read structure members.
2020-06-25 13:06:21 +02:00
W.C.A. Wijngaards
75da272afe
reuse tcp id_cmp function. clear list and tree after delete. clear when
...
decommisioned. callbacks when closed for lru space, and when closed because
not kept open.
2020-06-24 16:28:42 +02:00
Ralph Dolmans
740da89578
Merge branch 'master' into doh
2020-06-24 14:18:47 +02:00
Ralph Dolmans
0fbfce4c99
- Add DoH tests
2020-06-24 14:04:34 +02:00
W.C.A. Wijngaards
dd096ccd22
Merge branch 'master' into stream-reuse
2020-06-24 13:39:13 +02:00
W.C.A. Wijngaards
445a066cbe
Merge branch 'master' into infra-keep-probing
2020-06-24 13:38:56 +02:00
W.C.A. Wijngaards
be1182c3db
- iana portlist updated.
2020-06-24 13:33:47 +02:00
W.C.A. Wijngaards
4fe2122890
Merge branch 'master' into infra-keep-probing
...
Remade yacc and lex files.
2020-06-24 13:21:14 +02:00
W.C.A. Wijngaards
658e5f1553
Merge branch 'master' into stream-reuse
2020-06-24 12:57:50 +02:00
W.C.A. Wijngaards
5203954068
- Fix display of event loop method with libev.
2020-06-17 14:32:57 +02:00
W.C.A. Wijngaards
a695ba447c
set timeout to wait for reuse
...
add comm_point indicator for write events for reuse stream writes.
2020-06-09 16:15:03 +02:00
W.C.A. Wijngaards
fd723aed27
tcp connection is stored and picked up for reuse
...
fix that comm_point_start_listening does not close the same fd that is started.
2020-06-03 17:24:26 +02:00
W.C.A. Wijngaards
a83f5d7260
Merge branch 'master' into stream-reuse
2020-05-20 15:39:50 +02:00
W.C.A. Wijngaards
ba0f382eee
- CVE-2020-12662 Unbound can be tricked into amplifying an incoming
...
query into a large number of queries directed to a target.
- CVE-2020-12663 Malformed answers from upstream name servers can be
used to make Unbound unresponsive.
2020-05-19 10:27:27 +02:00
W.C.A. Wijngaards
2c8ebe6206
- Fixed conflicts for PR #93 and make configure, yacc, lex.
2020-05-15 14:55:36 +02:00
W.C.A. Wijngaards
edcef18274
Merge branch 'master' of git://github.com/PMunch/unbound into PMunch-master
...
Fixed conflicts in Makefile.in and configparser.y
2020-05-15 14:52:53 +02:00
Ralph Dolmans
8fc2320b5c
- Add mem.http.query_buffer and mem.http.response_buffer stats
...
- Add configurable limits for http-query-buffer-size and
http-response-buffer-size
- Make http endpoint, max_streams, and TCP_NODELAY for HTTP sockets
configurable.
2020-05-12 18:12:19 +02:00
Jeremie Courreges-Anglas
8175161059
Ensure proper alignment of cmsg buffers
...
The cmsg macros expect a control message buffer to be aligned like
a struct cmsghdr. The current layout around those stack-allocated
buffers probably provides the required alignment (usually 4 bytes).
Use a union to enforce proper alignment, in case future changes modify
the stack layout.
Spotted when chasing an unrelated bug with Otto Moerbeek (@omoerbeek).
2020-05-10 17:23:33 +02:00
Ralph Dolmans
e7601870cc
Merge branch 'master' into doh
2020-05-07 17:12:26 +02:00
Ralph Dolmans
8dae5d9f81
- Add DNS-over-HTTPS support
2020-05-07 16:36:26 +02:00
George Thessalonikefs
1bd4dbf302
- New include directive 'include-toplevel:'. It closes the previous
...
clause (if any) and requires that all included files explicitly
start a clause.
2020-04-29 11:23:12 +02:00
W.C.A. Wijngaards
055f5e68a3
Add infra-keep-probing: yes option. Hosts that are down are probed more
...
frequently.
2020-04-22 16:29:06 +02:00
George Thessalonikefs
226d66ca92
- Change default value for 'rrset-roundrobin' to yes.
2020-04-21 12:58:48 +02:00
George Thessalonikefs
e430e95d30
- Add SNI support on more TLS connections ( fixes #193 ).
...
- Add SNI support to unbound-anchor.
2020-04-16 14:39:05 +02:00
Willem Toorop
2c8a91c2f9
pad-queries default yes
2020-04-14 08:52:51 +02:00
Willem Toorop
551e476a17
Merge branch 'master' into features/padding
2020-04-02 18:54:18 +02:00
Willem Toorop
4f78b37c61
Down- and upstream padding a la RFC7830 & RFC8467
2020-04-02 18:34:03 +02:00
George Thessalonikefs
a601fd6d3c
Merge branch 'Talkabout-redis-expire-records'
2020-04-01 17:24:07 +02:00
George Thessalonikefs
557a309f9d
- Changes for PR #206 (formatting and remade lex and yacc output).
2020-04-01 17:14:58 +02:00
Talkabout
c25eb2c4c8
implemented review feedback
...
renamed option from 'redis-set-ttl' to 'redis-expire-records'
2020-03-31 23:10:45 +02:00
Talkabout
b130a8b459
added option 'redis-set-ttl' to define whether ttl should be added to redis records
...
added check for redis command 'setex' when initializing redis connection
updated documentation
minor improvements to previous changes
2020-03-31 12:47:13 +02:00
Willem Toorop
af0bd5b0b4
Send tcp_req_info->spool_buffer as dnstap CLIENT_RESPONSE
...
When tcp_req_info exists. This fixes that dnstap CLIENT_RESPONSE messages did not contain the response message when answering on statful transport for uncached responses.
2020-03-30 12:19:17 +02:00
Willem Toorop
9d9eee8402
Fix uncached CLIENT_RESPONSE'es on stateful transports
...
Because repinfo->c->buffer does not contain the response when the it did not came from cache.
Only after tcp_req_info_send_reply is called, is the response on the buffer which is used to fill the dnstap protobuf's.
2020-03-30 11:39:07 +02:00
W.C.A. Wijngaards
7459b1dceb
- Fixes for #200 : example.conf note and set_value for ip-dscp.
2020-03-24 09:36:27 +01:00
W.C.A. Wijngaards
311f163aed
Changelog for #200 and bison, flex regenerate.
...
- Merge PR #200 from yarikk: add ip-dscp option to specify the DSCP
tag for outgoing packets.
2020-03-24 09:25:05 +01:00
Yaroslav K
c0118410a2
add ip-dscp configuration option for setting IP DiffServ codepoint (DSCP, previously TOS) on sockets
2020-03-23 19:37:43 +00:00
Florian Obser
bdd245ff7d
Make log_ident_revert_to_default() a proper prototype.
...
Pointed out by clang with -Wstrict-prototypes.
2020-03-20 11:44:38 +01:00
Ralph Dolmans
4504dd3737
- Log warning when using outgoing-port-permit and outgoing-port-avoid
...
while explicit port randomisation is disabled.
2020-03-19 17:34:46 +01:00
Ralph Dolmans
2c03028fa3
- Fix #158 : open tls-session-ticket-keys as binary, for Windows. By Daisuke
...
HIGASHI.
2020-03-19 14:00:33 +01:00
Jeffrey Walton
6ab0db6e25
Fix NetBSD compile (GH #189 )
2020-03-11 03:35:28 -04:00
W.C.A. Wijngaards
614ed2717b
Merge branch 'master' into framestreams
...
Fixed bison and flex conflicts by regenerating the files.
2020-02-28 14:31:24 +01:00
W.C.A. Wijngaards
e13dfc743d
For incoming ssl context with verifypem != NULL, we can set
...
SSL_VERIFY_FAIL_IF_NO_PEER_CERT that can reject client
connections without peer cert during the handshake, which is nicer
than just a connection drop to the client (when we then check
for no peer certificate afterwards).
2020-02-28 11:10:12 +01:00
W.C.A. Wijngaards
b63032b4dd
dnstap io, fixup fptr_wlist for unbound_dnstap_socket tool.
2020-02-28 08:55:10 +01:00
W.C.A. Wijngaards
5b61afd38c
Return 0 when ssl authentication is not available
2020-02-28 08:11:11 +01:00
W.C.A. Wijngaards
398e260145
Fixup ssl authentication not available with check for it.
2020-02-27 16:57:24 +01:00
W.C.A. Wijngaards
f03245c362
Document log check functions.
2020-02-27 16:28:36 +01:00
W.C.A. Wijngaards
f469049198
- iana portlist updated.
2020-02-26 14:32:14 +01:00
W.C.A. Wijngaards
6a51e9e037
Add dnstap io callbacks to fptr whitelist event.
2020-02-26 12:14:52 +01:00
W.C.A. Wijngaards
318d4e91cc
- Fix #165 : Add prefer-ip4: yesno config option to prefer ipv4 for
...
using ipv4 filters, because the hosts ip6 netblock /64 is not owned
by one operator, and thus reputation is shared.
2020-02-25 09:55:59 +01:00
W.C.A. Wijngaards
184f26355a
Fix ifdef of X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS, and
...
Merge branch 'master' into framestreams
2020-02-18 08:33:58 +01:00
W.C.A. Wijngaards
465af58457
dnstap io, fix to compile without ssl.
2020-02-14 13:23:58 +01:00