townforge/unbound
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
4,530 Commits 1 Branch 0 Tags 79 MiB
cc
Commit Graph

292 Commits

Author SHA1 Message Date
ralph
04e4ee1d26 - Don't count CNAME response types received during qname minimisation as query 
restart.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4728 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-12 13:09:14 +00:00
wouter
a3295df8b6 better fix for #4100 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4709 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-04 14:07:08 +00:00
wouter
e43d3333c8 - Fix stub reprime when it becomes useless. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4707 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-04 12:28:33 +00:00
wouter
a0252812fa - Fix cname classification with qname minimisation enabled. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4648 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-23 13:14:39 +00:00
wouter
50220ed991 - Can set tls authentication with forward-addr: IP#tls.auth.name 
And put the public cert bundle in tls-cert-bundle: "ca-bundle.pem".


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4631 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-19 12:10:05 +00:00
wouter
a6494a30da - low-rtt and low-rtt-pct in unbound.conf enable the server selection 
of fast servers for some percentage of the time.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4612 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-09 13:27:28 +00:00
wouter
32d7d269e4 - num.query.authzone.up and num.query.authzone.down statistics counters. 
- Fix downstream auth zone, only fallback when auth zone fails to
  answer and fallback is enabled.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4610 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-09 10:15:06 +00:00
wouter
80ff206c36 Fixup. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4605 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-05 09:58:59 +00:00
wouter
6109798fea - Fix above stub queries for type NS and useless delegation point. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4604 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-05 09:53:27 +00:00
wouter
1692bfd8c2 - Fix unable to resolve after new WLAN connection, due to auth-zone 
failing with a forwarder set.  Now, auth-zone is only used for
  answers (not referrals) when a forwarder is set.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4600 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-03 12:22:35 +00:00
ralph
3d00933139 - Do use cached NSEC records to generate negative answers for domains under 
DNSSEC Negative Trust Anchors.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4593 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-21 14:34:17 +00:00
wouter
692f648a6e - Reverted fix for #3512, this may not be the best way forward; 
although it could be changed at a later time, to stay similar to
  other implementations.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4560 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-06 08:22:33 +00:00
wouter
ffa1194628 - Fix validation for CNAME loops. When it detects a cname loop, 
by finding the cname, cname in the existing list, it returns
  the partial result with the validation result up to then.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4547 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-21 14:04:02 +00:00
wouter
a68512c00f neater code. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4546 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-21 13:19:49 +00:00
wouter
8c37d1058a comment to explain it. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4545 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-21 13:17:27 +00:00
wouter
eb1adcf378 - Fix #3512: unbound incorrectly reports SERVFAIL for CAA query 
when there is a CNAME loop.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4544 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-21 13:13:58 +00:00
ralph
35bc8a1ecc - Aggressive use of NSEC implementation. Use cached NSEC records to generate 
NXDOMAIN, NODATA and positive wildcard answers.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4522 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 13:16:36 +00:00
wouter
df057fff19 failover for dnssec bogus 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4478 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-31 11:14:01 +00:00
wouter
4d3b9db01e unit test for auth zone lookup 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4469 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-30 15:44:49 +00:00
wouter
82881b17a4 - Fix #3397: Fix that cachedb could return a partial CNAME chain. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4445 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-22 13:54:20 +00:00
ralph
f31d36c8ac Please lint 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4435 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-03 17:05:48 +00:00
ralph
faf687efe9 - Fix queries being leaked above stub when refetching glue. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4434 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-03 16:54:22 +00:00
wouter
1f3ab65816 no AAAA shortcuts. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4403 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-13 14:15:10 +00:00
wouter
6f02e4bb69 - Fix qname minimisation to send AAAA queries at zonecut like type A. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4402 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-13 12:11:38 +00:00
wouter
3110caa07e - Fix #1749: With harden-referral-path: performance drops, due to 
circular dependency in NS and DS lookups.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4372 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-17 07:22:58 +00:00
wouter
39ba948040 - Spelling fixes, from Phil Porada. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4344 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-15 14:29:28 +00:00
ralph
6d18c7e23d - Fix #1412: QNAME minimisation strict mode not honored 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4337 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-04 15:15:27 +00:00
ralph
d073e3e262 - Added stats for queries that have been ratelimited by domain recursion. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4292 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-03 12:52:33 +00:00
wouter
9beb7daffa - Fix query for refetch_glue of stub leaking to internet. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4227 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-15 15:00:07 +00:00
wouter
11a4c3b818 - Fix stub zone queries leaking to the internet for 
harden-referral-path ns checks.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4226 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-15 07:59:05 +00:00
wouter
31e253e294 - Fix queries for nameservers under a stub leaking to the internet. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4154 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-12 15:10:10 +00:00
wouter
eebaef35c9 - Adjust servfail by iterator to not store in cache when serve-expired 
is enabled, to avoid overwriting useful information there.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4153 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-12 12:16:41 +00:00
ralph
9b5ca3ffd8 - Remove ECS option after REFUSED answer 
- Fix small memory leak in edns_opt_copy_alloc



git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4100 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-10 09:12:04 +00:00
ralph
12728301d7 - Merge EDNS Client subnet implementation from feature branch into main branch, 
using new EDNS processing framework.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4074 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-21 12:08:17 +00:00
wouter
8eb62715cf - Fix #1237 - Wrong resolving in chain, for norec queries that get 
SERVFAIL returned.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4064 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-17 14:32:25 +00:00
wouter
bd9bcfa75f - Fix that looped DNAMEs do not cause unbound to spend effort. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4055 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-16 14:32:58 +00:00
wouter
838e7b0434 - Fix #1235: Fix too long DNAME expansion produces SERVFAIL instead 
of YXDOMAIN + query loop, reported by Petr Spacek.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4049 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-13 08:27:01 +00:00
wouter
7d444915c1 - Fix #1234: shortening DNAME loop produces duplicate DNAME records 
in ANSWER section.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4047 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-10 13:04:24 +00:00
wouter
60a7029fcd - Fix to rename internally used types from _t to _type, because _t 
type names are reserved by POSIX.
- iana portlist update


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3989 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-19 10:25:41 +00:00
george
4812f02dd0 - Added generic EDNS code for registering known EDNS option codes, 
bypassing the cache response stage and uniquifying mesh states. Four EDNS
  option lists were added to module_qstate (module_qstate.edns_opts_*) to
  store EDNS options from/to front/back side.
- Added two flags to module_qstate (no_cache_lookup, no_cache_store) that
  control the modules' cache interactions.
- Added code for registering inplace callback functions. The registered
  functions can be called just before replying with local data or Chaos,
  replying from cache, replying with SERVFAIL, replying with a resolved
  query, sending a query to a nameserver. The functions can inspect the
  available data and maybe change response/query related data (i.e. append
  EDNS options).
- Updated Python module for the above.
- Updated Python documentation.



git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3947 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-06 13:42:51 +00:00
ralph
3fb4900c0e - Added stub-ssl-upstream and forward-ssl-upstream options. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3923 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-04 12:07:52 +00:00
wouter
a622051af1 - Fixup query_info local_alias init. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3901 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-20 15:05:30 +00:00
wouter
bc78c785ce - Patch that resolves CNAMEs entered in local-data conf statements that 
point to data on the internet, from Jinmei Tatuya (Infoblox).


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3885 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-18 13:18:20 +00:00
ralph
1393dff5a3 - Added qname-minimisation-strict config option. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3878 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-11 11:32:50 +00:00
wouter
00bb15e2c3 - Fix #804: lower num_target_queries for iterator also for failed 
lookups.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3831 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-08-23 08:49:01 +00:00
ralph
3977c7c8fb - Decrease dp attempts at each QNAME minimisation iteration 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3796 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-16 11:57:20 +00:00
ralph
d1646a497f - Use QTYPE=A for QNAME minimisation. 
- Keep track of number of time-outs when performing QNAME minimisation.
  Stop minimising when number of time-outs for a QNAME/QTYPE pair is
  more than three.



git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3782 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-13 13:06:35 +00:00
wouter
9504853b86 - and also generic edns options for upstream messages (and replies). 
after parse use edns_opt_find(edns.opt_list, LDNS_EDNS_NSID),
  to insert use edns_opt_append(edns, region, code, len, bindata) on
  the opt_list passed to send_query, or in edns_opt_inplace_reply.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3742 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-31 16:55:22 +00:00
wouter
f3d914e425 - generic edns option parse and store code. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3740 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-31 15:08:05 +00:00
wouter
f43aba4792 - Updated patch from Charles Walker. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3728 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-26 06:49:44 +00:00