clones/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2024-09-21 22:57:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,999 Commits 27 Branches 196 Tags 104 MiB
d323e1bda8
Commit Graph

747 Commits

Author SHA1 Message Date
Ralph Dolmans
7b18274d7e - Added stats for queries that have been ratelimited by domain recursion. 
git-svn-id: file:///svn/unbound/trunk@4292 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-03 12:52:33 +00:00
Ralph Dolmans
9f49585a63 - Do not reset rrset.bogus stats when called using stats_noreset. 
git-svn-id: file:///svn/unbound/trunk@4291 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-03 10:50:46 +00:00
Wouter Wijngaards
4f9236ae55 - Fix #1394: mix of serve-expired and response-ip could cause a crash. 
git-svn-id: file:///svn/unbound/trunk@4289 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-03 07:13:12 +00:00
Wouter Wijngaards
62e88b46cc - remove warning from windows compile. 
git-svn-id: file:///svn/unbound/trunk@4280 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 09:30:12 +00:00
Wouter Wijngaards
abb6cfdebd - upgrade aclocal(pkg.m4 0.29.1), config.guess(2016-10-02), 
config.sub(2016-09-05).
- annotate case statement fallthrough for gcc 7.1.1.
- flex output from flex 2.6.1.
- snprintf of thread number does not warn about truncated string.


git-svn-id: file:///svn/unbound/trunk@4278 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 09:04:18 +00:00
Wouter Wijngaards
feb890564b please doxygen 
git-svn-id: file:///svn/unbound/trunk@4277 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-17 08:31:59 +00:00
Wouter Wijngaards
1d3e6758b2 - Fix #1349: allow suppression of pidfiles (from Daniel Kahn Gillmor). 
With the -p option unbound does not create a pidfile.


git-svn-id: file:///svn/unbound/trunk@4276 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-17 08:26:49 +00:00
Wouter Wijngaards
522bff52fe - Fix 1332: Bump verbosity of failed chown'ing of the control socket. 
git-svn-id: file:///svn/unbound/trunk@4262 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-05 06:59:45 +00:00
Wouter Wijngaards
d514a9c709 Fixup 
git-svn-id: file:///svn/unbound/trunk@4261 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-03 13:44:17 +00:00
Wouter Wijngaards
67f54eea66 - Fix openssl 1.1.0 load of ssl error strings from ssl init. 
git-svn-id: file:///svn/unbound/trunk@4260 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-03 13:37:37 +00:00
Wouter Wijngaards
08a3461810 - enhancement for hardened-tls for DNS over TLS. Removed duplicated 
security settings.


git-svn-id: file:///svn/unbound/trunk@4255 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-29 11:45:43 +00:00
Wouter Wijngaards
50b7b2113e - Fix that infra cache host hash does not change after reconfig. 
git-svn-id: file:///svn/unbound/trunk@4252 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-27 15:23:17 +00:00
Wouter Wijngaards
5573d7508b - unbound-control dump_infra prints port number for address if not 53. 
git-svn-id: file:///svn/unbound/trunk@4248 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-26 12:31:49 +00:00
Wouter Wijngaards
311264b960 - Fix lintian typo. 
git-svn-id: file:///svn/unbound/trunk@4239 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-20 13:34:01 +00:00
Ralph Dolmans
486edb10db - Fix #1269: inconsistent use of built-in local zones with views. 
- Add defaults for new local-zone trees added to views using unbound-control.


git-svn-id: file:///svn/unbound/trunk@4199 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-30 13:04:19 +00:00
Wouter Wijngaards
8b2397542e - Fix assertion for low buffer size and big edns payload when worker 
overrides udpsize.


git-svn-id: file:///svn/unbound/trunk@4195 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-29 07:32:45 +00:00
Wouter Wijngaards
92d625b648 - better module memory lookup, fix of unbound-control shm names for 
module memory printout of statistics.


git-svn-id: file:///svn/unbound/trunk@4161 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-16 14:16:59 +00:00
George Thessalonikefs
491b0a26e4 - Implemented opportunistic IPsec support module (ipsecmod). 
- Some whitespace fixup.


git-svn-id: file:///svn/unbound/trunk@4158 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-16 12:39:24 +00:00
Ralph Dolmans
657948dd0c - Added mesh_add_sub to add detached mesh entries. 
- Use mesh_add_sub for key tag signaling queries.


git-svn-id: file:///svn/unbound/trunk@4144 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-02 13:17:56 +00:00
Wouter Wijngaards
7940e854e6 - Fix #1259: "--disable-ecdsa" argument overwritten 
by "#ifdef SHA256_DIGEST_LENGTH@daemon/remote.c".


git-svn-id: file:///svn/unbound/trunk@4137 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-01 07:34:48 +00:00
Ralph Dolmans
89c2383c71 - Fix #1252: more indentation inconsistencies. 
git-svn-id: file:///svn/unbound/trunk@4125 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-18 09:00:52 +00:00
Wouter Wijngaards
582a7f449e lint. 
git-svn-id: file:///svn/unbound/trunk@4124 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-13 13:29:38 +00:00
Wouter Wijngaards
8d853b7eb6 more lint for stats 
git-svn-id: file:///svn/unbound/trunk@4123 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-13 13:24:26 +00:00
Wouter Wijngaards
a482b5cf12 no lint for timeval. 
git-svn-id: file:///svn/unbound/trunk@4122 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-13 13:17:51 +00:00
Wouter Wijngaards
0f8b560bd5 more lint. 
git-svn-id: file:///svn/unbound/trunk@4121 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-13 13:11:54 +00:00
Wouter Wijngaards
17dd3370fc - (for 1.6.3:) unbound.h exports the shm stats structures. They use 
type long long and no ifdefs, and ub_ before the typenames.


git-svn-id: file:///svn/unbound/trunk@4117 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-13 12:47:29 +00:00
Ralph Dolmans
8fedcffc02 - Display ECS module memory usage. 
git-svn-id: file:///svn/unbound/trunk@4106 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-11 13:10:30 +00:00
Ralph Dolmans
a2bc93547f - Generalise inplace callback (de)registration 
- (de)register inplace callbacks for module id
- No unbound-control set_option for ECS options
- Deprecated client-subnet-opcode config option
- Introduced client-subnet-always-forward config option
- Changed max-client-subnet-ipv6 default to 56 (as in RFC)
- Removed extern ECS config options
- module_restart_next now calls clear on all following modules
- Also create ECS module qstate on module_event_pass event


git-svn-id: file:///svn/unbound/trunk@4092 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-06 13:13:06 +00:00
Wouter Wijngaards
897635b32b - Fix #1217: Add metrics to unbound-control interface showing 
crypted, cert request, plaintext and malformed queries (from
  Manu Bretelle).


git-svn-id: file:///svn/unbound/trunk@4084 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-03 09:03:32 +00:00
Wouter Wijngaards
78fecfe558 - Fix #1238: segmentation fault when adding through the remote 
interface a per-view local zone to a view with no previous
  (configured) local zones.


git-svn-id: file:///svn/unbound/trunk@4077 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-22 07:19:38 +00:00
Wouter Wijngaards
451e1900a9 more fixups. 
git-svn-id: file:///svn/unbound/trunk@4067 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-20 15:16:19 +00:00
Wouter Wijngaards
7c9584e408 - #1217. DNSCrypt support, with --enable-dnscrypt, libsodium and then 
enabled in the config file from Manu Bretelle.


git-svn-id: file:///svn/unbound/trunk@4065 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-20 14:55:31 +00:00
Wouter Wijngaards
984c6c33bc prettier size_t and defines. 
git-svn-id: file:///svn/unbound/trunk@4062 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-16 15:43:25 +00:00
Wouter Wijngaards
84be084384 Fixup array reference 
git-svn-id: file:///svn/unbound/trunk@4061 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-16 15:24:14 +00:00
Wouter Wijngaards
77b328475a one less include and make depend 
git-svn-id: file:///svn/unbound/trunk@4059 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-16 15:15:04 +00:00
Wouter Wijngaards
f374268521 - trustanchor tags are sorted. reusable routine to fetch taglist. 
git-svn-id: file:///svn/unbound/trunk@4056 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-16 15:04:18 +00:00
Wouter Wijngaards
2042facc8b fixup 
git-svn-id: file:///svn/unbound/trunk@4054 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-16 09:29:59 +00:00
Wouter Wijngaards
df947d4056 fix doxygen annotation 
git-svn-id: file:///svn/unbound/trunk@4053 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-16 09:28:19 +00:00
Wouter Wijngaards
3d6783e38c remove debug print out 
git-svn-id: file:///svn/unbound/trunk@4052 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-16 09:27:08 +00:00
Wouter Wijngaards
6c456aa15e - Add trustanchor.unbound CH TXT that gets a response with a number 
of TXT RRs with a string like "example.com. 2345 1234" with
  the trust anchors and their keytags.


git-svn-id: file:///svn/unbound/trunk@4051 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-16 09:17:58 +00:00
Wouter Wijngaards
cae9809e11 - Response actions based on IP address from Jinmei Tatuya (Infoblox). 
git-svn-id: file:///svn/unbound/trunk@4035 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-07 14:58:51 +00:00
Wouter Wijngaards
689fdc1d0b - For #1227: if we have sha256, set the cipher list to have no 
known vulns.


git-svn-id: file:///svn/unbound/trunk@4030 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-28 08:23:25 +00:00
Wouter Wijngaards
791767d62f - Fix #1227: Fix that Unbound control allows weak ciphersuits. 
git-svn-id: file:///svn/unbound/trunk@4029 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-27 15:24:58 +00:00
Wouter Wijngaards
3289d8482c - Fix #1227: Fix that Unbound control allows weak ciphersuits. 
git-svn-id: file:///svn/unbound/trunk@4027 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-27 14:40:30 +00:00
Wouter Wijngaards
35ae8ef313 - Patch from Luiz Fernando Softov for Stats Shared Memory. 
- unbound-control stats_shm command prints stats using shared memory,
  which uses less cpu.


git-svn-id: file:///svn/unbound/trunk@4020 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-23 12:05:05 +00:00
Wouter Wijngaards
c010e93d4a - Fix to rename internally used types from _t to _type, because _t 
type names are reserved by POSIX.
- iana portlist update


git-svn-id: file:///svn/unbound/trunk@3989 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-19 10:25:41 +00:00
Wouter Wijngaards
ef80a99397 - Fix to also block meta types 128 through to 248 with formerr. 
git-svn-id: file:///svn/unbound/trunk@3985 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-12 08:12:39 +00:00
Wouter Wijngaards
e5431ca7e5 - Fix #1201: Fix missing unlock in answer_from_cache error condition. 
git-svn-id: file:///svn/unbound/trunk@3983 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-06 15:50:39 +00:00
Wouter Wijngaards
3a1ffe4c69 - Fix #1185: Source IP rate limiting, patch from Larissa Feng. 
git-svn-id: file:///svn/unbound/trunk@3981 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-05 13:57:12 +00:00
Wouter Wijngaards
9b4b0de746 - Fix #1184: Log DNS replies. This includes the same logging 
information that DNS queries and response code and response size,
  patch from Larissa Feng.


git-svn-id: file:///svn/unbound/trunk@3980 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-05 11:39:54 +00:00
Wouter Wijngaards
a3441215f1 and ratelimit the formerr. 
git-svn-id: file:///svn/unbound/trunk@3979 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-05 10:22:13 +00:00
Wouter Wijngaards
5adb2dc4cf - Fix to return formerr for queries for meta-types, to avoid 
packet amplification if this meta-type is sent on to upstream.


git-svn-id: file:///svn/unbound/trunk@3978 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-05 08:14:34 +00:00
Wouter Wijngaards
cd7db58ce3 - configure --enable-systemd and lets unbound use systemd sockets if 
you enable use-systemd: yes in unbound.conf.
  Also there are contrib/unbound.socket and contrib/unbound.service:
  systemd files for unbound, install them in /usr/lib/systemd/system.
  Contributed by Sami Kerola and Pavel Odintsov.



git-svn-id: file:///svn/unbound/trunk@3975 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-03 13:43:29 +00:00
Ralph Dolmans
f761bc3cdd - Fix remote control without certificate for LibreSSL 
git-svn-id: file:///svn/unbound/trunk@3956 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-07 14:13:01 +00:00
George Thessalonikefs
3ac8cf0380 please lint again. 
git-svn-id: file:///svn/unbound/trunk@3951 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-06 14:41:14 +00:00
George Thessalonikefs
9323fa7688 please lint again. 
git-svn-id: file:///svn/unbound/trunk@3950 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-06 14:33:08 +00:00
George Thessalonikefs
7b948b0647 - Added generic EDNS code for registering known EDNS option codes, 
bypassing the cache response stage and uniquifying mesh states. Four EDNS
  option lists were added to module_qstate (module_qstate.edns_opts_*) to
  store EDNS options from/to front/back side.
- Added two flags to module_qstate (no_cache_lookup, no_cache_store) that
  control the modules' cache interactions.
- Added code for registering inplace callback functions. The registered
  functions can be called just before replying with local data or Chaos,
  replying from cache, replying with SERVFAIL, replying with a resolved
  query, sending a query to a nameserver. The functions can inspect the
  available data and maybe change response/query related data (i.e. append
  EDNS options).
- Updated Python module for the above.
- Updated Python documentation.



git-svn-id: file:///svn/unbound/trunk@3947 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-06 13:42:51 +00:00
Ralph Dolmans
61b23e3811 - Added local-zones and local-data bulk addition and removal functionality in 
unbound-control (local_zones, local_zones_remove, local_datas and
  local_datas_remove).                                   
- iana portlist update


git-svn-id: file:///svn/unbound/trunk@3941 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-30 11:22:29 +00:00
Wouter Wijngaards
c604b9c6a9 Fixup for windows compile. 
git-svn-id: file:///svn/unbound/trunk@3940 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-29 15:49:37 +00:00
Wouter Wijngaards
92bff79d3d - Fix that with openssl 1.1 control-use-cert: no uses less cpu, by 
using no encryption over the unix socket.


git-svn-id: file:///svn/unbound/trunk@3936 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-25 16:14:14 +00:00
Wouter Wijngaards
a6e3ed1025 - patch from Dag-Erling Smorgrav that removes code that relies 
on sbrk().


git-svn-id: file:///svn/unbound/trunk@3934 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-22 15:50:07 +00:00
Ralph Dolmans
11031a7d36 pass ssl_upstream as int to (lib)worker_send_query 
git-svn-id: file:///svn/unbound/trunk@3924 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-04 14:02:22 +00:00
Ralph Dolmans
efe248c46a - Added stub-ssl-upstream and forward-ssl-upstream options. 
git-svn-id: file:///svn/unbound/trunk@3923 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-04 12:07:52 +00:00
Wouter Wijngaards
fa81710d16 - configure detects ssl security level API function in the autoconf 
manner.  Every function on its own, so that other libraries (eg.
  LibreSSL) can develop their API without hindrance.


git-svn-id: file:///svn/unbound/trunk@3921 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-04 08:05:42 +00:00
Wouter Wijngaards
3b4cbcf631 Fixup #if at start of line, for portability. 
git-svn-id: file:///svn/unbound/trunk@3920 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-04 07:58:57 +00:00
Ralph Dolmans
589eabc0cb Set openssl security level to 0 when using aNULL ciphers 
git-svn-id: file:///svn/unbound/trunk@3919 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-03 16:59:00 +00:00
Wouter Wijngaards
680e14cb65 - log-identity: config option to set sys log identity, patch from 
"Robin H. Johnson" <robbat2@gentoo.org>


git-svn-id: file:///svn/unbound/trunk@3917 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-03 08:51:40 +00:00
Wouter Wijngaards
96961081b0 - Patch for server.num.zero_ttl stats for count of expired replies, 
from Pavel Odintsov.


git-svn-id: file:///svn/unbound/trunk@3910 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-28 15:08:32 +00:00
Wouter Wijngaards
147a6c8548 - Fix #1134: unbound-control set_option val-date-override: -1 works 
immediately to ignore datetime, or back to 0 to enable it again.


git-svn-id: file:///svn/unbound/trunk@3907 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-25 11:44:03 +00:00
Wouter Wijngaards
a4fae019de Fixup prefetch only when needed 
git-svn-id: file:///svn/unbound/trunk@3904 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-24 12:53:13 +00:00
Wouter Wijngaards
a9a65800b8 - serve-expired config option: serve expired responses with TTL 0. 
git-svn-id: file:///svn/unbound/trunk@3903 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-24 12:43:20 +00:00
Wouter Wijngaards
2785225a43 - Fixup query_info local_alias init. 
git-svn-id: file:///svn/unbound/trunk@3901 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-20 15:05:30 +00:00
Wouter Wijngaards
9d2b5ca345 - Removed patch comments from acllist.c and msgencode.c 
git-svn-id: file:///svn/unbound/trunk@3886 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-18 13:20:42 +00:00
Wouter Wijngaards
503df095b2 - Patch that resolves CNAMEs entered in local-data conf statements that 
point to data on the internet, from Jinmei Tatuya (Infoblox).


git-svn-id: file:///svn/unbound/trunk@3885 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-18 13:18:20 +00:00
Ralph Dolmans
de7bc9f96e - fix memoryleak logfile when in debug mode. 
git-svn-id: file:///svn/unbound/trunk@3880 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-11 13:43:18 +00:00
Ralph Dolmans
b587c7f72d Added views functionality. 
git-svn-id: file:///svn/unbound/trunk@3876 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-05 09:36:25 +00:00
Ralph Dolmans
5a56d54086 Check for LibreSSL usage when OpenSSL version number >= 1.1 
git-svn-id: file:///svn/unbound/trunk@3862 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-15 14:40:42 +00:00
Wouter Wijngaards
42d2190343 - Test for openssl init_crypto and init_ssl functions. 
git-svn-id: file:///svn/unbound/trunk@3860 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-15 12:03:10 +00:00
Ralph Dolmans
e2e34ad273 fix potential memory leak in daemon/remote.c and nullpointer dereference in 
validator/autotrust.


git-svn-id: file:///svn/unbound/trunk@3856 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-15 08:39:59 +00:00
Wouter Wijngaards
1508a5bb2c - Fix incomplete prototypes reported by Dag-Erling Smørgrav. 
git-svn-id: file:///svn/unbound/trunk@3848 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-05 07:23:23 +00:00
Wouter Wijngaards
7ef6c46aaf Fixup for defines not funcs 
git-svn-id: file:///svn/unbound/trunk@3845 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-02 11:20:21 +00:00
Wouter Wijngaards
3514843818 - Fix compile with openssl 1.1.0 with api=1.1.0. 
git-svn-id: file:///svn/unbound/trunk@3844 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-02 09:59:09 +00:00
Wouter Wijngaards
35e1120341 Fixup position before flip. 
git-svn-id: file:///svn/unbound/trunk@3842 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-01 14:51:46 +00:00
Wouter Wijngaards
0143885a41 - Fix #826: Fix refuse_non_local could result in a broken response. 
git-svn-id: file:///svn/unbound/trunk@3841 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-01 14:34:45 +00:00
Wouter Wijngaards
ca5eca9567 - Fix #777: OpenSSL 1.1.0 compatibility, patch from Sebastian A. Siewior. 
git-svn-id: file:///svn/unbound/trunk@3837 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-08-29 07:05:19 +00:00
Wouter Wijngaards
df4b4e6902 - Fix #806: wrong comment removed. 
git-svn-id: file:///svn/unbound/trunk@3826 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-28 07:13:48 +00:00
Wouter Wijngaards
29ada8b41a - Fix #803: confusing (and incorrect) code comment in daemon_cleanup(). 
git-svn-id: file:///svn/unbound/trunk@3824 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-22 07:08:42 +00:00
Wouter Wijngaards
6b7e0676b9 - Fix #801: missing error condition handling in 
daemon_create_workers().


git-svn-id: file:///svn/unbound/trunk@3822 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-22 07:02:03 +00:00
Wouter Wijngaards
17023457a9 - access-control-tag-data implemented. verbose(4) prints tag debug. 
git-svn-id: file:///svn/unbound/trunk@3811 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-07 10:20:05 +00:00
Wouter Wijngaards
c697604224 - Fix #784: Build configure assumess that having getpwnam means there 
is endpwent function available.
- Updated repository with newer flex and bison output.


git-svn-id: file:///svn/unbound/trunk@3799 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-27 08:00:55 +00:00
Ralph Dolmans
54b820773c - Possibility to specify local-zone types for an acl/tag pair 
- Possibility to specify (override) local-zone types for a source address block


git-svn-id: file:///svn/unbound/trunk@3797 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-24 19:08:58 +00:00
Wouter Wijngaards
2121961929 - TCP_TIMEOUT is specified in milliseconds. 
git-svn-id: file:///svn/unbound/trunk@3793 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-15 14:23:43 +00:00
Wouter Wijngaards
48acd0bf4d - Fix #778: unbound 1.5.9: -h segfault (null deref). 
git-svn-id: file:///svn/unbound/trunk@3781 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-13 07:06:23 +00:00
Ralph Dolmans
ff091efe7b - Lookup localzones by taglist from acl. 
git-svn-id: file:///svn/unbound/trunk@3764 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-07 08:36:19 +00:00
Wouter Wijngaards
a2555b39d7 and fixup delete rest of list on parse failure. 
git-svn-id: file:///svn/unbound/trunk@3762 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-06 15:01:48 +00:00
Wouter Wijngaards
2cc017981b - free acl-tags, acltag-action and acltag-data config lists during 
initialisation to free up memory for more entries.


git-svn-id: file:///svn/unbound/trunk@3761 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-06 14:57:24 +00:00
Wouter Wijngaards
886a4fb7f1 please lint. 
git-svn-id: file:///svn/unbound/trunk@3760 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-06 13:52:56 +00:00
Wouter Wijngaards
0e97374466 - access-control-tag-action and access-control-tag-data config 
directives.
- make depend


git-svn-id: file:///svn/unbound/trunk@3759 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-06 13:47:24 +00:00
Wouter Wijngaards
415fc52b08 - access-control-tag config directive. 
git-svn-id: file:///svn/unbound/trunk@3754 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-06 08:33:59 +00:00
Wouter Wijngaards
73704e9ed5 - Fix to not ignore return value of chown() in daemon startup. 
git-svn-id: file:///svn/unbound/trunk@3752 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-03 07:38:53 +00:00
Wouter Wijngaards
6137af9c86 please dox. 
git-svn-id: file:///svn/unbound/trunk@3743 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-31 16:56:27 +00:00
Wouter Wijngaards
031caba9c0 - and also generic edns options for upstream messages (and replies). 
after parse use edns_opt_find(edns.opt_list, LDNS_EDNS_NSID),
  to insert use edns_opt_append(edns, region, code, len, bindata) on
  the opt_list passed to send_query, or in edns_opt_inplace_reply.


git-svn-id: file:///svn/unbound/trunk@3742 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-31 16:55:22 +00:00
Wouter Wijngaards
40dd2acfd9 - generic edns option parse and store code. 
git-svn-id: file:///svn/unbound/trunk@3740 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-31 15:08:05 +00:00
Wouter Wijngaards
cffec5e0fe - Fix #770: Small subgroup attack on DH used in unix pipe on localhost 
if unbound control uses a unix local named pipe.


git-svn-id: file:///svn/unbound/trunk@3729 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-27 06:50:49 +00:00
Wouter Wijngaards
fbae76885a - OpenSSL 1.1.0 portability, --disable-dsa configure option. 
git-svn-id: file:///svn/unbound/trunk@3689 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-23 08:19:49 +00:00
Wouter Wijngaards
59fd18e8ce - OPENSSL_config is deprecated, removing. 
git-svn-id: file:///svn/unbound/trunk@3688 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-21 11:44:03 +00:00
Wouter Wijngaards
edf80f5e3d - ERR_remove_state deprecated since openssl 1.0.0. 
git-svn-id: file:///svn/unbound/trunk@3687 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-21 11:38:50 +00:00
Wouter Wijngaards
9f8b2bb468 - ip_freebind: yesno option in unbound.conf sets IP_FREEBIND for 
binding to an IP address while the interface or address is down.


git-svn-id: file:///svn/unbound/trunk@3673 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-15 09:35:48 +00:00
Wouter Wijngaards
6a6cf23179 - Fixup backend2str for libev. 
git-svn-id: file:///svn/unbound/trunk@3660 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-10 14:39:48 +00:00
Willem Toorop
bcfbe0d9c4 User defined pluggable event mechanism (for review) 
git-svn-id: file:///svn/unbound/branches/ub_event@3647 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-07 14:10:06 +00:00
Wouter Wijngaards
7d070c9305 - Fix patch typo in prevuous commit for 734 from Adi Prasaja. 
git-svn-id: file:///svn/unbound/trunk@3614 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-02-08 08:17:00 +00:00
Wouter Wijngaards
733d9f2e3c - Neater cmdline_verbose increment patch from Edgar Pettijohn. 
git-svn-id: file:///svn/unbound/trunk@3613 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-29 08:06:51 +00:00
Wouter Wijngaards
cee936b715 Fixup declaration after statement. 
git-svn-id: file:///svn/unbound/trunk@3606 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-26 09:00:06 +00:00
Wouter Wijngaards
b3b87e1f4f Fixup ;. 
git-svn-id: file:///svn/unbound/trunk@3605 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-26 08:27:40 +00:00
Wouter Wijngaards
fe0663405e - Fix #734: chown the pidfile if it resides inside the chroot. 
git-svn-id: file:///svn/unbound/trunk@3604 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-26 08:05:04 +00:00
Wouter Wijngaards
9bb637e7a4 - Fix #734: Do not log an error when the PID file cannot be chown'ed. 
Patch from Simon Deziel.


git-svn-id: file:///svn/unbound/trunk@3599 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-12 08:04:42 +00:00
Wouter Wijngaards
5d0ad681a2 - #731: tcp-mss, outgoing-tcp-mss options for unbound.conf, patch 
from Daisuke Higashi.


git-svn-id: file:///svn/unbound/trunk@3591 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-01-05 10:03:59 +00:00
Wouter Wijngaards
b085b4d31a and also #724 for unbound.exe commandline. 
git-svn-id: file:///svn/unbound/trunk@3559 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-12-01 09:26:02 +00:00
Wouter Wijngaards
55f5a55f5f But RFC wants empty EDNS in formerr. 
git-svn-id: file:///svn/unbound/trunk@3547 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-20 10:32:18 +00:00
Wouter Wijngaards
2262975cab - Fix that malformed EDNS query gets a response without malformed EDNS. 
git-svn-id: file:///svn/unbound/trunk@3546 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-20 09:09:55 +00:00
Wouter Wijngaards
3bdaebf966 Nicer unbound.c for nettle. 
git-svn-id: file:///svn/unbound/trunk@3534 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-17 10:02:17 +00:00
Wouter Wijngaards
1ebcdeac38 - patch from Doug Hogan for SSL_OP_NO_SSLvx options. 
git-svn-id: file:///svn/unbound/trunk@3525 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-10-29 08:32:58 +00:00
Wouter Wijngaards
725f11e349 - Fix unbound-control flush that does not succeed in removing data. 
git-svn-id: file:///svn/unbound/trunk@3493 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-09-25 12:39:10 +00:00
Wouter Wijngaards
9d9984a187 - Fix deadlock for local data add and zone add when unbound-control 
list_local_data printout is interrupted.


git-svn-id: file:///svn/unbound/trunk@3476 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-08-24 10:49:28 +00:00
Wouter Wijngaards
a7dcbc4d19 Fix lint. 
git-svn-id: file:///svn/unbound/trunk@3458 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-24 11:49:35 +00:00
Wouter Wijngaards
cd223885eb And fix reponse generation when reducing the number of threads. 
git-svn-id: file:///svn/unbound/trunk@3457 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-24 11:44:58 +00:00
Wouter Wijngaards
d889832892 - Fix #690: Reload fails when so-reuseport is yes after changing 
git-svn-id: file:///svn/unbound/trunk@3456 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-24 07:02:14 +00:00
Wouter Wijngaards
1d7d43f9b5 Fixup #if 
git-svn-id: file:///svn/unbound/trunk@3454 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-21 14:37:15 +00:00
Wouter Wijngaards
583b376217 - Fix configure to detect SSL_CTX_set_ecdh_auto. 
git-svn-id: file:///svn/unbound/trunk@3453 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-21 14:30:49 +00:00
Wouter Wijngaards
78c8224655 - Enable ECDHE for servers. Where available, use 
SSL_CTX_set_ecdh_auto() for TLS-wrapped server configurations to
  enable ECDHE.  Otherwise, manually offer curve p256.
  Client connections should automatically use ECDHE when available.
  (thanks Daniel Kahn Gillmor)


git-svn-id: file:///svn/unbound/trunk@3452 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-20 06:56:01 +00:00
Willem Toorop
fa20564699 SSL_CTX_use_certificate_chain_file() should be used instead of the 
SSL_CTX_use_certificate_file() function in order to allow the use of
complete certificate chains even when no trusted CA storage is used or
when the CA issuing the certificate shall not be added to the trusted
CA storage.

Thanks Daniel Kahn Gillmore


git-svn-id: file:///svn/unbound/trunk@3451 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-18 12:34:37 +00:00
Wouter Wijngaards
f66a15d894 - Fix #681: Setting forwarders with unbound-control forward 
implicitly turns on forward-first.


git-svn-id: file:///svn/unbound/trunk@3447 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-09 09:45:08 +00:00
Wouter Wijngaards
cb90782087 - Fix #677 Fix DNAME responses from cache that failed internal chain 
test.


git-svn-id: file:///svn/unbound/trunk@3435 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-06-26 07:27:32 +00:00
Wouter Wijngaards
66b8f636cf fix doxygen comment. 
git-svn-id: file:///svn/unbound/trunk@3430 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-29 09:32:14 +00:00
Wouter Wijngaards
4b0c7880e4 - Fix that unparseable error responses are ratelimited. 
git-svn-id: file:///svn/unbound/trunk@3429 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-29 09:27:42 +00:00
Wouter Wijngaards
69d2fd7818 - Fix#663: ssl handshake fails when using unix socket because dh size 
is too small.


git-svn-id: file:///svn/unbound/trunk@3396 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-10 13:56:12 +00:00
Wouter Wijngaards
85192d4569 - unbound-control ratelimit_list lists high rate domains. 
git-svn-id: file:///svn/unbound/trunk@3393 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-10 12:13:59 +00:00
Wouter Wijngaards
53008d7969 - unbound-control list_insecure command shows the negative trust 
anchors currently configured, patch from Jelte Jansen.


git-svn-id: file:///svn/unbound/trunk@3389 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-07 13:50:09 +00:00
Wouter Wijngaards
b2bdce46be - rename ldns subdirectory to sldns to avoid name collision. 
git-svn-id: file:///svn/unbound/trunk@3380 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-26 10:21:38 +00:00
Wouter Wijngaards
de61a65867 - remote.c probedelay line is easier to read. 
git-svn-id: file:///svn/unbound/trunk@3379 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-26 09:46:06 +00:00
Wouter Wijngaards
bd404f5fd3 - Fix segfault on user not found at startup (from Maciej Soltysiak). 
git-svn-id: file:///svn/unbound/trunk@3375 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-23 20:20:15 +00:00
Wouter Wijngaards
383e32f02f Check before storing value. 
git-svn-id: file:///svn/unbound/trunk@3373 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-20 15:58:55 +00:00
Wouter Wijngaards
6feb8fb6a5 - Fixes to add integer overflow checks on allocation (defense in depth). 
git-svn-id: file:///svn/unbound/trunk@3372 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-20 15:36:25 +00:00
Wouter Wijngaards
77088b12ff - Add ip-transparent config option for bind to non-local addresses. 
git-svn-id: file:///svn/unbound/trunk@3369 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-19 09:50:35 +00:00
Wouter Wijngaards
b87e7c90be - stats reports tcp usage, of incoming-num-tcp buffers. 
git-svn-id: file:///svn/unbound/trunk@3353 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-05 15:23:14 +00:00
Wouter Wijngaards
a226533c8b - Fix #647 crash in 1.5.2 because pwd.db no longer accessible after 
reload.


git-svn-id: file:///svn/unbound/trunk@3341 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-02-20 14:48:04 +00:00
Wouter Wijngaards
79044dc6cf - windows port fixes, no AF_LOCAL, no chown, no chmod(grp). 
git-svn-id: file:///svn/unbound/trunk@3319 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-23 15:23:58 +00:00
Wouter Wijngaards
cd7d15aee9 Fix doc. 
git-svn-id: file:///svn/unbound/trunk@3307 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-06 14:41:04 +00:00
Wouter Wijngaards
a3f0a34efb - Fixup that patch and uid lookup (only for daemon). 
git-svn-id: file:///svn/unbound/trunk@3306 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-06 14:37:45 +00:00
Wouter Wijngaards
f46bcc5b6f please lint. 
git-svn-id: file:///svn/unbound/trunk@3305 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-06 14:18:03 +00:00