townforge/unbound
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
4,530 Commits 1 Branch 0 Tags 79 MiB
cc
Commit Graph

436 Commits

Author SHA1 Message Date
ralph
04e4ee1d26 - Don't count CNAME response types received during qname minimisation as query 
restart.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4728 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-12 13:09:14 +00:00
wouter
a3295df8b6 better fix for #4100 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4709 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-04 14:07:08 +00:00
wouter
e43d3333c8 - Fix stub reprime when it becomes useless. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4707 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-04 12:28:33 +00:00
wouter
e02f387278 - Fix low-rtt-pct to low-rtt-permil, as it is parts in one thousand. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4683 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-15 07:30:53 +00:00
wouter
a0252812fa - Fix cname classification with qname minimisation enabled. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4648 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-23 13:14:39 +00:00
wouter
50220ed991 - Can set tls authentication with forward-addr: IP#tls.auth.name 
And put the public cert bundle in tls-cert-bundle: "ca-bundle.pem".


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4631 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-19 12:10:05 +00:00
wouter
a6494a30da - low-rtt and low-rtt-pct in unbound.conf enable the server selection 
of fast servers for some percentage of the time.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4612 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-09 13:27:28 +00:00
wouter
32d7d269e4 - num.query.authzone.up and num.query.authzone.down statistics counters. 
- Fix downstream auth zone, only fallback when auth zone fails to
  answer and fallback is enabled.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4610 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-09 10:15:06 +00:00
wouter
80ff206c36 Fixup. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4605 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-05 09:58:59 +00:00
wouter
6109798fea - Fix above stub queries for type NS and useless delegation point. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4604 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-05 09:53:27 +00:00
wouter
1692bfd8c2 - Fix unable to resolve after new WLAN connection, due to auth-zone 
failing with a forwarder set.  Now, auth-zone is only used for
  answers (not referrals) when a forwarder is set.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4600 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-03 12:22:35 +00:00
ralph
3d00933139 - Do use cached NSEC records to generate negative answers for domains under 
DNSSEC Negative Trust Anchors.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4593 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-21 14:34:17 +00:00
wouter
692f648a6e - Reverted fix for #3512, this may not be the best way forward; 
although it could be changed at a later time, to stay similar to
  other implementations.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4560 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-03-06 08:22:33 +00:00
wouter
ffa1194628 - Fix validation for CNAME loops. When it detects a cname loop, 
by finding the cname, cname in the existing list, it returns
  the partial result with the validation result up to then.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4547 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-21 14:04:02 +00:00
wouter
a68512c00f neater code. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4546 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-21 13:19:49 +00:00
wouter
8c37d1058a comment to explain it. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4545 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-21 13:17:27 +00:00
wouter
eb1adcf378 - Fix #3512: unbound incorrectly reports SERVFAIL for CAA query 
when there is a CNAME loop.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4544 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-21 13:13:58 +00:00
ralph
35bc8a1ecc - Aggressive use of NSEC implementation. Use cached NSEC records to generate 
NXDOMAIN, NODATA and positive wildcard answers.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4522 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-02-08 13:16:36 +00:00
wouter
df057fff19 failover for dnssec bogus 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4478 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-31 11:14:01 +00:00
wouter
4d3b9db01e unit test for auth zone lookup 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4469 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-30 15:44:49 +00:00
wouter
82881b17a4 - Fix #3397: Fix that cachedb could return a partial CNAME chain. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4445 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-22 13:54:20 +00:00
ralph
f31d36c8ac Please lint 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4435 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-03 17:05:48 +00:00
ralph
faf687efe9 - Fix queries being leaked above stub when refetching glue. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4434 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-03 16:54:22 +00:00
wouter
ed00a97133 - Fix that DS queries with referral replies are answered straight 
away, without a repeat query picking the DS from cache.
  The correct reply should have been an answer, the reply is fixed
  by the scrubber to have the answer in the answer section.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4430 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-02 09:48:22 +00:00
wouter
44915a87fe - Fix #2882: Unbound behaviour changes (wrong) when domain-insecure is 
set for stub zone.  It no longer searches for DNSSEC information.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4404 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-14 10:01:44 +00:00
wouter
1f3ab65816 no AAAA shortcuts. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4403 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-13 14:15:10 +00:00
wouter
6f02e4bb69 - Fix qname minimisation to send AAAA queries at zonecut like type A. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4402 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-11-13 12:11:38 +00:00
ralph
aa79205c9d - Update B root ipv4 address. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4385 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-24 14:50:20 +00:00
wouter
3110caa07e - Fix #1749: With harden-referral-path: performance drops, due to 
circular dependency in NS and DS lookups.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4372 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-17 07:22:58 +00:00
wouter
39ba948040 - Spelling fixes, from Phil Porada. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4344 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-15 14:29:28 +00:00
ralph
6d18c7e23d - Fix #1412: QNAME minimisation strict mode not honored 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4337 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-04 15:15:27 +00:00
ralph
d073e3e262 - Added stats for queries that have been ratelimited by domain recursion. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4292 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-03 12:52:33 +00:00
ralph
ebd76ef01f - Remove unused iter_env member (ip6arpa_dname) 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4290 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-03 09:29:21 +00:00
wouter
9beb7daffa - Fix query for refetch_glue of stub leaking to internet. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4227 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-15 15:00:07 +00:00
wouter
11a4c3b818 - Fix stub zone queries leaking to the internet for 
harden-referral-path ns checks.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4226 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-15 07:59:05 +00:00
wouter
2d77abbb5c - renumbering B-Root's IPv6 address to 2001:500:200::b. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4206 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-06-06 09:33:09 +00:00
wouter
31e253e294 - Fix queries for nameservers under a stub leaking to the internet. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4154 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-12 15:10:10 +00:00
wouter
eebaef35c9 - Adjust servfail by iterator to not store in cache when serve-expired 
is enabled, to avoid overwriting useful information there.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4153 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-12 12:16:41 +00:00
ralph
9b5ca3ffd8 - Remove ECS option after REFUSED answer 
- Fix small memory leak in edns_opt_copy_alloc



git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4100 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-10 09:12:04 +00:00
ralph
12728301d7 - Merge EDNS Client subnet implementation from feature branch into main branch, 
using new EDNS processing framework.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4074 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-21 12:08:17 +00:00
wouter
8eb62715cf - Fix #1237 - Wrong resolving in chain, for norec queries that get 
SERVFAIL returned.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4064 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-17 14:32:25 +00:00
wouter
bd9bcfa75f - Fix that looped DNAMEs do not cause unbound to spend effort. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4055 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-16 14:32:58 +00:00
wouter
838e7b0434 - Fix #1235: Fix too long DNAME expansion produces SERVFAIL instead 
of YXDOMAIN + query loop, reported by Petr Spacek.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4049 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-13 08:27:01 +00:00
wouter
7d444915c1 - Fix #1234: shortening DNAME loop produces duplicate DNAME records 
in ANSWER section.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4047 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-10 13:04:24 +00:00
wouter
60a7029fcd - Fix to rename internally used types from _t to _type, because _t 
type names are reserved by POSIX.
- iana portlist update


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3989 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-19 10:25:41 +00:00
george
4812f02dd0 - Added generic EDNS code for registering known EDNS option codes, 
bypassing the cache response stage and uniquifying mesh states. Four EDNS
  option lists were added to module_qstate (module_qstate.edns_opts_*) to
  store EDNS options from/to front/back side.
- Added two flags to module_qstate (no_cache_lookup, no_cache_store) that
  control the modules' cache interactions.
- Added code for registering inplace callback functions. The registered
  functions can be called just before replying with local data or Chaos,
  replying from cache, replying with SERVFAIL, replying with a resolved
  query, sending a query to a nameserver. The functions can inspect the
  available data and maybe change response/query related data (i.e. append
  EDNS options).
- Updated Python module for the above.
- Updated Python documentation.



git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3947 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-06 13:42:51 +00:00
ralph
3fb4900c0e - Added stub-ssl-upstream and forward-ssl-upstream options. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3923 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-04 12:07:52 +00:00
wouter
78de2ff5ae g.root-servers.net has AAAA address. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3906 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-24 13:11:39 +00:00
wouter
a622051af1 - Fixup query_info local_alias init. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3901 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-20 15:05:30 +00:00
wouter
bc78c785ce - Patch that resolves CNAMEs entered in local-data conf statements that 
point to data on the internet, from Jinmei Tatuya (Infoblox).


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3885 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-18 13:18:20 +00:00