clones/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2024-09-21 06:37:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,770 Commits 27 Branches 196 Tags 104 MiB
dc274fef9b
Commit Graph

7770 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
W.C.A. Wijngaards
dc274fef9b - Fix documentation for cache_fill_missing function. 2024-08-23 13:19:15 +02:00
W.C.A. Wijngaards
db1167c8b3 - Fix #1127: error: "memory exhausted" when defining more than 9994 
local-zones.
 2024-08-23 09:22:07 +02:00
W.C.A. Wijngaards
1e0cf1e86b - Merge patch to fix for glue that is outside of zone, with 
`harden-unverified-glue`, from Karthik Umashankar (Microsoft).
  Enabling this option protects the Unbound resolver against bad
  glue, that is unverified out of zone glue, by resolving them.
  It uses the records as last resort if there is no other working
  glue.
 2024-08-23 08:56:48 +02:00
W.C.A. Wijngaards
348df52e05 Enable ci back after debug. 2024-08-21 14:20:04 +02:00
W.C.A. Wijngaards
6b3266aaf8 - Fix for char signedness warnings on NetBSD. 2024-08-21 14:15:23 +02:00
W.C.A. Wijngaards
4f52461e81 - Add cross platform netbsd to github ci. 2024-08-21 14:03:11 +02:00
W.C.A. Wijngaards
06d5031d22 - Add cross platform openbsd to github ci. 2024-08-21 13:50:55 +02:00
W.C.A. Wijngaards
12119e2d3e ci for freebsd nicer, with libevent, faster without static compile, and 
with grouped output, also the pkg install is conditional on the platform.
 2024-08-21 13:37:42 +02:00
W.C.A. Wijngaards
19d53d5663 Fix for freebsd ci. 2024-08-21 13:24:54 +02:00
W.C.A. Wijngaards
04e6f9e03b - Add cross platform freebsd to github ci. 2024-08-21 13:20:00 +02:00
W.C.A. Wijngaards
3d350fa73d - Add iter-scrub-ns, iter-scrub-cname and max-global-quota 
configuration options.
 2024-08-20 14:08:52 +02:00
W.C.A. Wijngaards
015b2b0daf - Fix #1126: unbound-control-setup hangs while testing for openssl 
presence starting from version 1.21.0.
 2024-08-19 15:51:47 +02:00
W.C.A. Wijngaards
5fa84d50bf - Tag for release 1.21.0, the repository continues with 1.21.1 
in development.
 2024-08-15 11:01:41 +02:00
W.C.A. Wijngaards
79e4c57851 - Fix spelling for the cache-min-negative-ttl entry in the 
example.conf.
 2024-08-09 14:04:25 +02:00
W.C.A. Wijngaards
5abdd09095 - Fix that for windows the module startup is called and sets up 
the module-config.
 2024-08-08 16:14:09 +02:00
W.C.A. Wijngaards
158c1defe3 - Set version number to 1.21.0 for release. 2024-08-08 09:30:53 +02:00
W.C.A. Wijngaards
b4519012dc - Fix CacheFlush issues with limit on NS RRs. Thanks to Yehuda Afek, 
Anat Bremler-Barr, Shoham Danino and Yuval Shavitt (Tel-Aviv
  University and Reichman University).
 2024-08-08 09:28:44 +02:00
W.C.A. Wijngaards
ed883238fd - Fix CAMP issues with global quota. Thanks to Huayi Duan, Marco 
Bearzi, Jodok Vieli, and Cagin Tanir from NetSec group, ETH Zurich.
 2024-08-08 09:27:45 +02:00
W.C.A. Wijngaards
0f2f6025e7 - Fix that alloc stats for forwards and hints are printed, and when 
alloc stats is enabled, the unit test for unbound control waits for
  reloads to complete.
 2024-08-02 15:51:40 +02:00
W.C.A. Wijngaards
3cbf554e3b Changelog note for #1090 
- Merge #1090: Cookie secret file. Adds
  `cookie-secret-file: "unbound_cookiesecrets.txt"` option to store
  cookie secrets for EDNS COOKIE secret rollover. The remote control
  add_cookie_secret, activate_cookie_secret and drop_cookie_secret
  commands can be used for rollover, the command print_cookie_secrets
  shows the values in use.
 2024-08-02 13:36:06 +02:00
Wouter Wijngaards
ad21dbd1c2
Cookie secret file (#1090) 
* - cookie-secret-file, define struct.

* - cookie-secret-file, add config option, create, read and delete struct.

* - cookie-secret-file, check cookie secrets for cookie validation.

* - cookie-secret-file, unbound-control add_cookie_secret, drop_cookie_secret,
  activate_cookie_secret and print_cookie_secrets.

* - cookie-secret-file, test and fix locks, renew writes a fresh cookie,
  staging cookies get a fresh cookie and spelling in error message.

* - cookie-secret-file, remove unused variable from cookie file unit test.

* Remove unshare and faketime dependencies for cookie_file test; documentation nits.

---------

Co-authored-by: Yorgos Thessalonikefs <yorgos@nlnetlabs.nl>
 2024-08-02 13:32:08 +02:00
W.C.A. Wijngaards
50cf55bdac Update changelog. 
- Fix testbound for alloc stats strdup in util/alloc.c.
 2024-08-02 08:59:47 +02:00
W.C.A. Wijngaards
6106528a50 - Fix testbound for alloc stats strdup in util/alloc.c. 2024-08-02 08:58:22 +02:00
W.C.A. Wijngaards
befa7d8cd8 - Fix that alloc stats has strdup checks, it stops debuggers from 
complaining about mismatch at free time.
 2024-08-02 08:54:54 +02:00
W.C.A. Wijngaards
92be76fb89 - Fix that the worker mem report with alloc stats does not attempt 
to print memory use of forwards and hints if they have been
  deleted already.
 2024-08-01 17:15:07 +02:00
W.C.A. Wijngaards
9a6b6765cc - Fix dnstap test program, cleans up to have clean memory on exit, 
for tap_data_free, does not delete NULL items. Also it does not try
  to free the tail, specifically in the free of the list since that
  picked up the next item in the list for its loop causing invalid
  free. Added internal unit test to unbound-dnstap-socket for that.
 2024-08-01 16:12:04 +02:00
W.C.A. Wijngaards
03b511b1a2 - Fix for #1114: Fix that cache fill for forward-host names is 
performed, so that with nonzero target-fetch-policy it fetches
  forwarder addresses and uses them from cache. Also updated that
  delegation point cache fill routines use CDflag for AAAA message
  lookups, so that its negative lookup stops a recursion since the
  cache uses the bit for disambiguation for dns64 but the recursion
  uses CDflag for the AAAA target lookups, so the check correctly
  stops a useless recursion by its cache lookup.
 2024-07-31 11:42:44 +02:00
W.C.A. Wijngaards
6af28bed08 - Fix to document parameters of auth_zone_verify_zonemd_with_key. 2024-07-30 13:47:53 +02:00
W.C.A. Wijngaards
f094f4ea3c - Add root key 38696 from 2024 for DNSSEC validation. It is added 
to the default root keys in unbound-anchor. The content can be
  inspected with `unbound-anchor -l`.
 2024-07-25 11:42:22 +02:00
Yorgos Thessalonikefs
c717debace - For #935 and #1104, clarify RPZ order and semantics. 2024-07-24 01:54:02 +02:00
Yorgos Thessalonikefs
7d4d21764a - Cleanup ede.tdir test. 2024-07-23 20:22:25 +02:00
W.C.A. Wijngaards
83e6977f06 - Fix link of unbound-dnstap-socket without openssl. 2024-07-23 15:06:54 +02:00
W.C.A. Wijngaards
671e11552c - Fix link of dnstap without openssl. 2024-07-23 14:56:21 +02:00
W.C.A. Wijngaards
c4541e634b - Fix uninitialized variable warning in create_tcp_accept_sock. 2024-07-23 10:42:36 +02:00
W.C.A. Wijngaards
30da725e67 - Fix to have empty definition when not supported for weak attribute. 2024-07-23 10:02:39 +02:00
W.C.A. Wijngaards
8de5ae3552 - Fix compile when the compiler does not support the noreturn 
attribute.
 2024-07-23 09:55:31 +02:00
W.C.A. Wijngaards
5bea29b01c - For #1110: Test for fallthrough attribute in configure and add 
fallthrough attribute annotations.
 2024-07-23 09:47:42 +02:00
Wouter Wijngaards
89c9eafa44
Merge pull request #1110 from r-barnes/patch-1 
Make fallthrough explicit for libworker.c
 2024-07-23 09:44:28 +02:00
Yorgos Thessalonikefs
3512eaec48 - Fix #1106: ratelimit-below-domain logs the wrong FROM address. 2024-07-23 09:07:06 +02:00
Richard Barnes
f9bd35dcfa
Make fallthrough explicit for libworker.c 
The code currently doesn't compile with LLVM's `-Wimplicit-fallthrough` flag, but the attribute works for both GCC (>=7) and LLVM.
 2024-07-22 16:37:38 -07:00
W.C.A. Wijngaards
3af4e44646 - Fix dnstap wakeup, a running wakeup timer is left to expire and not 
increased, a timer is started when the dtio thread is sleeping,
  the timer set disabled when the dtio thread goes to sleep, and
  after sleep the thread checks to see if there are messages to log
  immediately.
 2024-07-19 16:16:02 +02:00
W.C.A. Wijngaards
c3dd6a2dbd - Add dnstap-sample-rate that logs only 1/N messages, for high volume 
server environments. Thanks Dan Luther.
 2024-07-19 10:04:40 +02:00
W.C.A. Wijngaards
8fca3e7c5b - For #1103: Fix to drop mesh state reference for the http2 stream 
associated with the reply, not the currently active stream. And
  it does not remove it twice on a mesh_send_reply call. The reply
  h2_stream is NULL when not in use, for more initialisation.
 2024-07-16 14:23:10 +02:00
W.C.A. Wijngaards
8947c2c764 - For #1103: fix to also drop mesh state reference when the discard 
limit is reached, when there is an error making a new recursion
  state and when the connection is dropped with is_drop.
 2024-07-15 14:51:20 +02:00
W.C.A. Wijngaards
b1e3319a11 Merge branch 'master' of github.com:NLnetLabs/unbound 2024-07-12 16:41:58 +02:00
W.C.A. Wijngaards
d52f501d90 - For #1103: fix to also drop mesh state reference when a h2 reply is 
dropped.
 2024-07-12 16:41:46 +02:00
Yorgos Thessalonikefs
7083d58c6b - For #1102: clearer text for using interface-* options for the 
loopback interface.
 2024-07-12 16:29:44 +02:00
W.C.A. Wijngaards
3adb9c8f92 - Fix #1103: unbound 1.20.0 segmentation fault with nghttp2. 2024-07-12 16:11:29 +02:00
Yorgos Thessalonikefs
51425b2388 - Add RPZ tag tests in acl_interface.tdir. 2024-07-12 15:38:12 +02:00
W.C.A. Wijngaards
d43760a8cd - For #773: In contrib/unbound.service.in set unbound to start after 
network-online.target. Also for contrib/unbound_portable.service.in.
 2024-07-10 14:05:43 +02:00