clones/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2024-09-21 22:57:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,231 Commits 27 Branches 196 Tags 104 MiB
ff898bfdd6
Commit Graph

137 Commits

Author SHA1 Message Date
Wouter Wijngaards
ff898bfdd6 - Synthesize ANY responses from cache. Does not search exhaustively, 
but MX,A,AAAA,SOA,NS also CNAME.
- Fix leaked dns64prefix configuration string.


git-svn-id: file:///svn/unbound/trunk@3405 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-17 14:58:07 +00:00
Wouter Wijngaards
c03ff186ec fixes for undeclared function. 
git-svn-id: file:///svn/unbound/trunk@3394 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-10 12:19:30 +00:00
Wouter Wijngaards
85192d4569 - unbound-control ratelimit_list lists high rate domains. 
git-svn-id: file:///svn/unbound/trunk@3393 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-10 12:13:59 +00:00
Wouter Wijngaards
bc658e0361 Fixes. 
git-svn-id: file:///svn/unbound/trunk@3392 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-10 10:57:25 +00:00
Wouter Wijngaards
e30a90febc - ratelimit feature, ratelimit: 100, or some sensible qps, can be 
used to turn it on.  It ratelimits recursion effort per zone.
  For particular names you can configure exceptions in unbound.conf.


git-svn-id: file:///svn/unbound/trunk@3391 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-10 09:59:57 +00:00
Wouter Wijngaards
06fa21b0da Fixup rrset unlock in case of allocation failure. 
git-svn-id: file:///svn/unbound/trunk@3381 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-26 13:15:55 +00:00
Wouter Wijngaards
b2bdce46be - rename ldns subdirectory to sldns to avoid name collision. 
git-svn-id: file:///svn/unbound/trunk@3380 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-26 10:21:38 +00:00
Wouter Wijngaards
6feb8fb6a5 - Fixes to add integer overflow checks on allocation (defense in depth). 
git-svn-id: file:///svn/unbound/trunk@3372 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-20 15:36:25 +00:00
Wouter Wijngaards
b781f2d48d - Fix that CD flag disables DNS64 processing, returning the DNSSEC 
signed AAAA denial.


git-svn-id: file:///svn/unbound/trunk@3273 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-11-18 15:15:57 +00:00
Wouter Wijngaards
eb5e9a89c4 - Fix #558: failed prefetch lookup does not remove cached response 
but delays next prefetch (in lieu of caching a SERVFAIL).


git-svn-id: file:///svn/unbound/trunk@3111 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-04-10 13:56:16 +00:00
Wouter Wijngaards
2b90f38a70 And fix #551 REGENT to COPYRIGHT HOLDER in license in file headings. 
git-svn-id: file:///svn/unbound/trunk@3079 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-07 13:28:39 +00:00
Wouter Wijngaards
d3cbd76546 - Fix sldns to use sldns_ prefix for all ldns_ variables. 
git-svn-id: file:///svn/unbound/trunk@3022 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-12-03 09:11:16 +00:00
Wouter Wijngaards
29e96e86c9 - separate ldns into core ldns inside ldns/ subdirectory. No more 
--with-ldns is needed and unbound does not rely on libldns.


git-svn-id: file:///svn/unbound/trunk@2998 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-10-31 15:09:26 +00:00
Wouter Wijngaards
f1fd2b53eb - Fix for 2038, with time_t instead of uint32_t. 
git-svn-id: file:///svn/unbound/trunk@2939 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-20 12:23:42 +00:00
Wouter Wijngaards
c8d22543f3 - Fix#516 dnssec lameness detection for answers that are improper. 
git-svn-id: file:///svn/unbound/trunk@2933 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-08 09:29:33 +00:00
Wouter Wijngaards
940f6d98de - Fix timeouts so that when a server has been offline for a while 
and is probed to see it works, it becomes fully available for
  server selection again.


git-svn-id: file:///svn/unbound/trunk@2745 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-08-21 07:17:48 +00:00
Wouter Wijngaards
773d8e3b84 Fix prefetch and stickyness. 
git-svn-id: file:///svn/unbound/trunk@2632 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-16 11:04:53 +00:00
Wouter Wijngaards
682ff957ed lint and doxygen fixes. 
git-svn-id: file:///svn/unbound/trunk@2631 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-16 10:08:07 +00:00
Wouter Wijngaards
03a7425ead - Fix sticky NS (ghost domain problem) if prefetch is yes. 
git-svn-id: file:///svn/unbound/trunk@2619 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-14 11:06:44 +00:00
Wouter Wijngaards
850525139b debug infra lines for infa timeout counters. 
git-svn-id: file:///svn/unbound/trunk@2616 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-10 14:48:09 +00:00
Wouter Wijngaards
09b9ea04a3 - Fix timeouts to keep track of query type, A, AAAA and other, if 
another has caused timeout blacklist, different type can still probe.


git-svn-id: file:///svn/unbound/trunk@2613 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-10 12:17:25 +00:00
Wouter Wijngaards
14059dca14 - Slightly smaller critical region in one case in infra cache. 
git-svn-id: file:///svn/unbound/trunk@2611 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-10 09:21:06 +00:00
Wouter Wijngaards
dff630c788 - Fix validation failures (like: validation failure xx: no NSEC3 
closest encloser from yy for DS zz. while building chain of trust,
         because of a bug in the TTL-fix in 1.4.15, it picked the wrong rdata
         for an NSEC3.  Now it does not change rdata, and fixes TTL.


git-svn-id: file:///svn/unbound/trunk@2599 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-01 11:18:07 +00:00
Wouter Wijngaards
589924e36c - uninitialised variable in reprobe for rtt blocked domains fixed. 
- lintfix and new flex output.


git-svn-id: file:///svn/unbound/trunk@2583 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-01-10 15:07:16 +00:00
Wouter Wijngaards
6dd2c0467e - Fix bug #425: unbound reports wrong TTL in reply, it reports a TTL 
that would be permissible by the RFCs but it is not the TTL in the
  cache.


git-svn-id: file:///svn/unbound/trunk@2581 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-01-10 09:42:32 +00:00
Wouter Wijngaards
8e62925ffb fix infra cache comparison. 
git-svn-id: file:///svn/unbound/trunk@2570 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-12-13 12:14:40 +00:00
Wouter Wijngaards
a1c76554a2 - Makefile changed for BSD make compatibility. 
git-svn-id: file:///svn/unbound/trunk@2544 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-11-10 18:44:06 +00:00
Wouter Wijngaards
11f5e16932 infra cache consolidated and stores per zone, IP. 
git-svn-id: file:///svn/unbound/trunk@2525 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-10-26 15:46:23 +00:00
Wouter Wijngaards
3c87eb6c49 - harden-below-nxdomain: changed so that it activates when the 
cached nxdomain is dnssec secure.  This avoids backwards
         incompatibility because those old servers do not have dnssec.


git-svn-id: file:///svn/unbound/trunk@2407 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-03-29 09:47:54 +00:00
Matthijs Mekking
797ef20155 nicely outlined 
git-svn-id: file:///svn/unbound/trunk@2378 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-17 13:59:07 +00:00
Wouter Wijngaards
5feb72d1eb fix 
git-svn-id: file:///svn/unbound/trunk@2376 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-14 15:58:05 +00:00
Wouter Wijngaards
22ac684cd9 and store bogus ttl (this is not picked out of the cache to send to, so saves work and avoids this target) 
git-svn-id: file:///svn/unbound/trunk@2375 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-14 15:51:11 +00:00
Wouter Wijngaards
e2dc829258 store if ttl expired 
git-svn-id: file:///svn/unbound/trunk@2374 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-14 15:23:51 +00:00
Wouter Wijngaards
f5a97a3e8f - Fix so a changed NS RRset does not get moved name stuck on old 
server, for type NS the TTL is not increased.


git-svn-id: file:///svn/unbound/trunk@2373 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-01-14 13:56:25 +00:00
Wouter Wijngaards
0bc54677db - Fix in infra cache that could cause rto larger than TOP_TIMEOUT kept. 
git-svn-id: file:///svn/unbound/trunk@2361 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-23 10:49:47 +00:00
Wouter Wijngaards
79f4ca6a28 Fix storage of noEDNS in the infra cache. 
iana portlist updated.


git-svn-id: file:///svn/unbound/trunk@2348 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-30 12:55:48 +00:00
Wouter Wijngaards
78cc3d8ae1 harden-below-nxdomain option taken from draft-vixie-dnsext-resimprove. 
Default off (for now), as some older software that gives nxdomain for ENT
would be incompatible.  But that would only happen in the reverse tree, and
such software (nonDNSSEC) may go out of style, so in the future a default yes
could be possible.



git-svn-id: file:///svn/unbound/trunk@2347 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-18 08:49:15 +00:00
Wouter Wijngaards
289f13bc25 - implement draft-vixie-dnsext-resimprove-00, we stop on NXDOMAIN. 
git-svn-id: file:///svn/unbound/trunk@2345 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-17 10:02:34 +00:00
Wouter Wijngaards
0b30fca935 - do not synthesize a CNAME message from cache for qtype DS. 
git-svn-id: file:///svn/unbound/trunk@2335 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-05 15:29:50 +00:00
Wouter Wijngaards
758a42643a nicer output from debug commands 
git-svn-id: file:///svn/unbound/trunk@2314 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-27 08:09:22 +00:00
Wouter Wijngaards
fdfa7b2793 subtract 1000 so it is more than the RTT_BAND 
git-svn-id: file:///svn/unbound/trunk@2313 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-26 15:41:23 +00:00
Wouter Wijngaards
a6b302f117 fix for top reuse 
git-svn-id: file:///svn/unbound/trunk@2312 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-26 15:28:01 +00:00
Wouter Wijngaards
498cc8ab88 - Change of timeout code. No more lost and backoff in blockage. 
At 12sec timeout (and at least 2x lost before) one probe per IP
  is allowed only.  At 120sec, the IP is blocked.  After 15min, a
  120sec entry has a single retry packet.


git-svn-id: file:///svn/unbound/trunk@2311 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-26 15:02:08 +00:00
Wouter Wijngaards
a032ac2f61 neater API for unbound-control lookup. 
git-svn-id: file:///svn/unbound/trunk@2310 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-26 13:43:28 +00:00
Wouter Wijngaards
a72fe210ca remove lost and backoff values. 
git-svn-id: file:///svn/unbound/trunk@2309 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-26 13:30:37 +00:00
Wouter Wijngaards
f2ae3e8167 dump_infra and flush_infra commands for unbound-control. 
git-svn-id: file:///svn/unbound/trunk@2306 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-26 09:08:33 +00:00
Wouter Wijngaards
2bdb094f7b - Fix bug where fallback_tcp causes wrong roundtrip and edns 
observation to be noted in cache.  Fix bug where EDNSprobe halted
  exponential backoff if EDNS status unknown.
- new unresponsive host method, exponentially increasing block backoff.
- iana portlist updated.


git-svn-id: file:///svn/unbound/trunk@2303 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-21 15:11:39 +00:00
Wouter Wijngaards
25a2e1da5a lint 
git-svn-id: file:///svn/unbound/trunk@2302 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-20 10:14:12 +00:00
Wouter Wijngaards
ea85e23516 Jostle time used to estimate roundtrip. 
git-svn-id: file:///svn/unbound/trunk@2301 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-20 08:19:05 +00:00
Wouter Wijngaards
e238b47b0a Fix for request list growth. 
git-svn-id: file:///svn/unbound/trunk@2298 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-19 14:53:29 +00:00