townforge/unbound
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
4,530 Commits 1 Branch 0 Tags 79 MiB
cc
Commit Graph

436 Commits

Author SHA1 Message Date
ralph
1393dff5a3 - Added qname-minimisation-strict config option. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3878 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-11 11:32:50 +00:00
wouter
ff5789ef78 - Add default root hints for IPv6 E.ROOT-SERVERS.NET, 2001:500:a8::e. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3838 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-08-29 07:11:35 +00:00
wouter
00bb15e2c3 - Fix #804: lower num_target_queries for iterator also for failed 
lookups.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3831 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-08-23 08:49:01 +00:00
wouter
0e0b34e6bd - For #787: prefer-ip6 option for unbound.conf prefers to send 
upstream queries to ipv6 servers.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3803 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-07-04 14:49:49 +00:00
ralph
3977c7c8fb - Decrease dp attempts at each QNAME minimisation iteration 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3796 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-16 11:57:20 +00:00
ralph
d1646a497f - Use QTYPE=A for QNAME minimisation. 
- Keep track of number of time-outs when performing QNAME minimisation.
  Stop minimising when number of time-outs for a QNAME/QTYPE pair is
  more than three.



git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3782 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-06-13 13:06:35 +00:00
wouter
9504853b86 - and also generic edns options for upstream messages (and replies). 
after parse use edns_opt_find(edns.opt_list, LDNS_EDNS_NSID),
  to insert use edns_opt_append(edns, region, code, len, bindata) on
  the opt_list passed to send_query, or in edns_opt_inplace_reply.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3742 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-31 16:55:22 +00:00
wouter
f3d914e425 - generic edns option parse and store code. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3740 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-31 15:08:05 +00:00
wouter
f43aba4792 - Updated patch from Charles Walker. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3728 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-26 06:49:44 +00:00
wouter
ac4562081c - disable-dnssec-lame-check config option from Charles Walker. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3725 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-24 12:17:42 +00:00
ralph
c33ba2b2c4 - No QNAME minimisation fall-back for NXDOMAIN answers from DNSSEC signed zones. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3722 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-20 14:04:27 +00:00
wouter
e99c41d4b6 - Fix #761: DNSSEC LAME false positive resolving nic.club. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3720 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-05-18 14:09:12 +00:00
wouter
6fa4d6f2a8 - Fix #749: unbound-checkconf gets SIGSEGV when use against a 
malformatted conf file.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3696 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-24 12:30:47 +00:00
wouter
59868899cf note RFC number. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3691 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-23 08:35:58 +00:00
ralph
dfff30e7ee - Validate QNAME minimised NXDOMAIN responses. 
- If QNAME minimisation is enabled, do cache lookup for QTYPE NS in
   harden-below-nxdomain.



git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3682 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-18 15:44:41 +00:00
ralph
8061e51f9b - Limit number of QNAME minimisation iterations. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3681 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-17 14:44:41 +00:00
wouter
4ecf673365 - Fix #746: Fix unbound sets CD bit on all forwards. 
If no trust anchors, it'll not set CD bit when forwarding to another
  server.  If a trust anchor, no CD bit on the first attempt to a
  forwarder, but CD bit thereafter on repeated attempts to get DNSSEC.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3679 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-17 14:01:59 +00:00
wouter
edb30a7f74 - Updated L root IPv6 address. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3652 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-03-10 08:23:46 +00:00
ralph
bc65e486f3 Don't minimise forwarded requests. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3575 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-12-07 15:56:47 +00:00
ralph
a0364790ff Stop minimising after receiving rcode!=NOERROR 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3573 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-12-03 15:45:52 +00:00
ralph
a152692279 Keep incrementing QNAME after receiving throwaway answer. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3568 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-12-03 12:09:45 +00:00
ralph
d19a47950a Qname minimisation review fixes 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3561 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-12-01 13:14:00 +00:00
wouter
728daa8ef4 yacced,lexed, include for undeclared function and make depend. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3555 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-12-01 08:11:48 +00:00
ralph
481e89ca4c Implemented qname minimisation 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3554 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-30 16:10:26 +00:00
wouter
33c3822724 - spelling fixes from Igor Sobrado Delgado. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3544 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-18 14:11:46 +00:00
wouter
fb0d0537f1 Remove debug print. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3532 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-16 10:01:47 +00:00
wouter
34b59b59f4 - Fix for lenient accept of reverse order DNAME and CNAME. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3530 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-16 09:48:51 +00:00
wouter
18d55bcb86 - MAX_TARGET_COUNT increased to 64, to fix up sporadic resolution 
failures.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3494 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-09-28 07:21:48 +00:00
wouter
52a96d6510 - Fix #702: New IPs for for h.root-servers.net. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3487 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-09-22 08:35:03 +00:00
wouter
9ee8380800 - Fix #677 Fix CNAME corresponding to a DNAME was checked incorrectly 
and was therefore always synthesized (thanks to Valentin Dietrich).


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3434 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-06-22 09:23:43 +00:00
wouter
a26e8c10a3 Check for out of memory. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3421 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-01 13:35:02 +00:00
wouter
a2f75d6c35 - caps-whitelist in unbound.conf allows whitelist of loadbalancers 
that cannot work with caps-for-id or its fallback.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3420 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-01 12:36:16 +00:00
wouter
f77c2a06f1 - Ratelimit does not apply to prefetched queries, and ratelimit-factor 
is default 10.  Repeated normal queries get resolved and with
  prefetch stay in the cache.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3399 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-16 14:18:50 +00:00
wouter
d5e5296e40 Fixes. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3392 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-10 10:57:25 +00:00
wouter
7062b00d0b - ratelimit feature, ratelimit: 100, or some sensible qps, can be 
used to turn it on.  It ratelimits recursion effort per zone.
  For particular names you can configure exceptions in unbound.conf.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3391 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-10 09:59:57 +00:00
wouter
410ac6cd67 - rename ldns subdirectory to sldns to avoid name collision. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3380 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-26 10:21:38 +00:00
wouter
d1bf57dfd1 - Fixes to add integer overflow checks on allocation (defense in depth). 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3372 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-20 15:36:25 +00:00
wouter
e578b9a03d And use best response in case 0x20 fallback done. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3349 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-04 09:35:06 +00:00
wouter
798e778410 - store caps_response with best response in case downgrade response 
happens to be the last one.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3348 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-04 09:31:26 +00:00
wouter
a0c81b8339 - many nameservers does not try to compare more than max-sent-count, 
parse failures start 0x20 fallback procedure.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3347 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-04 09:06:05 +00:00
wouter
2c4190b319 - 0x20 fallback improved, better handling of servfail responses, 
they do not count as missing comparisons (except if all are failed),
  and better handling of inability to find nameservers, no more
  nameservers can be found results in fallback acceptance.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3346 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-04 08:30:17 +00:00
wouter
62bd0e84f6 - Fix scrubber with harden-glue turned off to reject NS (and other 
not-address) records.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3330 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-02-10 14:01:45 +00:00
wouter
674e12318a - Fix 0x20 capsforid fallback to omit gratuitous NS and additional 
section changes.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3323 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-30 09:35:38 +00:00
wouter
ad9a0833fe - print query name when max target count is exceeded. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3296 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-05 13:12:42 +00:00
wouter
c89cf11661 - Fix CVE-2014-8602: denial of service by making resolver chase 
endless series of delegations.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3289 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-12-08 15:09:18 +00:00
wouter
f9213eaf93 - Fix cdflag dns64 processing. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3275 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-11-19 08:43:08 +00:00
wouter
0778829809 - Fix that CD flag disables DNS64 processing, returning the DNSSEC 
signed AAAA denial.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3273 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-11-18 15:15:57 +00:00
wouter
21c836d58c - Fix bug where forward or stub addresses with same address but 
different port number were not tried.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3258 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-11-11 13:10:44 +00:00
wouter
88f1956519 - Fix unbound capsforid fallback, it ignores TTLs in comparison. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3239 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-10-10 14:12:17 +00:00
wouter
c9c7f29161 - Fix caps-for-id fallback, and added fallback attempt when servers 
drop 0x20 perturbed queries.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3146 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-06-24 08:24:28 +00:00
wouter
21badea7ff - Add AAAA for B root server to default root hints. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3143 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-06-03 07:29:41 +00:00
wouter
efd392cf85 Remove unused define from iterator.h 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3142 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-06-02 10:03:21 +00:00
wouter
7d212de4bc - Change MAX_SENT_COUNT from 16 to 32 to resolve some cases easier. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3127 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-05-06 12:37:37 +00:00
wouter
0b1ed0233c - Fix #558: failed prefetch lookup does not remove cached response 
but delays next prefetch (in lieu of caching a SERVFAIL).


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3111 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-04-10 13:56:16 +00:00
wouter
82d8262980 - C.ROOT-SERVERS.NET has an IPv6 address, and we updated the root 
hints (patch from Anand Buddhdev).


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3102 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-04-07 08:18:39 +00:00
wouter
68b138cbd3 And fix #551 REGENT to COPYRIGHT HOLDER in license in file headings. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3079 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-07 13:28:39 +00:00
wouter
db8f72c4f7 - Fix sldns to use sldns_ prefix for all ldns_ variables. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3022 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-12-03 09:11:16 +00:00
wouter
884b06df55 Fix linking of sldns and ldns, unique identifiers for global variables. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3021 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-11-30 11:03:55 +00:00
wouter
8e6ee27eda - separate ldns into core ldns inside ldns/ subdirectory. No more 
--with-ldns is needed and unbound does not rely on libldns.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2998 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-10-31 15:09:26 +00:00
wouter
e37c8fa8e9 - Fix #528: if very high logging (4 or more) segfault on allow_snoop. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2994 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-10-22 12:01:51 +00:00
wouter
51857088da review fixes. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2940 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-20 14:14:08 +00:00
wouter
b4a007738c - Fix for 2038, with time_t instead of uint32_t. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2939 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-20 12:23:42 +00:00
wouter
1402c87b39 Fix uninit variable in fix#516. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2934 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-14 07:53:33 +00:00
wouter
ef7be2ae15 - Fix#516 dnssec lameness detection for answers that are improper. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2933 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-08 09:29:33 +00:00
wouter
bcb1b4b1da - Fix#501: forward-first does not recurse, when forward name is ".". 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2907 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-06-10 12:25:10 +00:00
wouter
b838694589 - Fix queries leaking up for stubs and forwards, if the configured 
nameservers all fail to answer.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2882 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-04-11 10:08:34 +00:00
wouter
072b65caae - Fix crash in previous private address fixup of 22 March. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2880 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-04-09 07:38:24 +00:00
wouter
e306a8f384 - Fix resolve of names that use a mix of public and private addresses. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2868 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-03-22 09:36:33 +00:00
wouter
9285d02d4a - printout name of zone with duplicate fwd and hint errors. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2828 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-01-29 08:13:57 +00:00
wouter
f1a5d98065 - Change of D.ROOT-SERVERS.NET A address in default root hints. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2794 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-12-14 08:08:59 +00:00
wouter
87c60e499f - Fix unbound-control forward disables configured stubs below it. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2781 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-11-09 15:35:18 +00:00
wouter
800da7f0fd - Fix forward-first option where it sets the RD flag wrongly. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2731 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-07-31 12:53:53 +00:00
wouter
f29947421f - implemented forward_first for the root. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2722 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-07-23 13:42:07 +00:00
wouter
4a9e53af6f - Fix bug#452 and another assertion failure in mesh.c, makes 
assertions in mesh.c resist duplicates.  Fixes DS NS search to
  not generate duplicate sub queries.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2718 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-07-20 13:08:19 +00:00
wouter
2a46be9b00 - code review: return value of cache_store can be ignored for better 
performance in out of memory conditions.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2704 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-28 14:18:41 +00:00
wouter
ec417b19da code review. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2688 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-18 14:22:29 +00:00
wouter
e3f7381966 - code review. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2687 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-15 19:44:09 +00:00
wouter
a29ad4c7d0 - Review comments from Yuri, removed duplicate memset to zero in delegpt. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2675 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-05-18 15:04:08 +00:00
wouter
55733bc7d3 fix alloccheck 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2672 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-05-16 11:55:30 +00:00
wouter
4ce2a8f1e3 lint fixes. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2649 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-03-21 15:34:44 +00:00
wouter
d8c0dcb109 fixup include. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2647 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-03-21 15:05:34 +00:00
wouter
28727b8b02 - new approach to NS fetches for DS lookup that works with 
cornercases, and is more robust and considers forwarders.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2646 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-03-21 15:01:01 +00:00
wouter
e5d9f18a1c - fix to locate nameservers for DS lookup with NS fetches. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2645 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-03-19 15:44:21 +00:00
wouter
6d5f0687f2 comment for explanation of bit toggle. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2638 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-03-01 13:38:28 +00:00
wouter
276300a61a - forward-first option. Tries without forward if a query fails. 
Also stub-first option that is similar.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2637 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-03-01 13:16:40 +00:00
wouter
5a7af9871a Fix prefetch and stickyness. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2632 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-16 11:04:53 +00:00
wouter
6ffbc94b48 - iter_hints is now thread-owned in module env, and thus threadsafe. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2629 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-16 09:55:50 +00:00
wouter
d5150eafeb - unbound-control forward_add, forward_remove, stub_add, stub_remove 
can modify stubs and forwards for running unbound (on mobile computer)
  they can also add and remove domain-insecure for the zone.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2623 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-15 14:35:28 +00:00
wouter
ad8753ad44 hints uses malloc for more dynamicity. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2622 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-15 09:38:34 +00:00
wouter
7fe22008d7 - Fix forward-zone memory, uses malloc and frees original root dp. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2621 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-15 08:50:17 +00:00
wouter
7d756333e8 - iter forwards uses malloc inside for more dynamicity. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2620 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-14 15:41:09 +00:00
wouter
25fbc19b64 - Fix bug #425: unbound reports wrong TTL in reply, it reports a TTL 
that would be permissible by the RFCs but it is not the TTL in the
  cache.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2581 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-01-10 09:42:32 +00:00
wouter
50a8288ce6 - Fix for VU#209659 CVE-2011-4528: Unbound denial of service 
vulnerabilities from nonstandard redirection and denial of existence
http://www.unbound.net/downloads/CVE-2011-4528.txt
- robust checks for next-closer NSEC3s.
- tag 1.4.14 created.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2574 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-12-19 10:55:32 +00:00
wouter
a1f677fcac - Makefile changed for BSD make compatibility. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2544 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-11-10 18:44:06 +00:00
wouter
8762da8720 infra cache consolidated and stores per zone, IP. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2525 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-10-26 15:46:23 +00:00
wouter
da47b4231b - Fix resolve of partners.extranet.microsoft.com with a fix for the 
server selection for choosing out of a (particular) list of bad choices.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2522 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-10-24 08:34:59 +00:00
wouter
d4603fe66c - Fix classification of NS set in answer section, where there is a 
parent-child server, and the answer has the AA flag for dir.slb.com.
  Thanks to Amanda Constant from Secure64.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2501 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-20 07:42:04 +00:00
wouter
fbc5a3bf31 better sent count handling 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2500 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-16 14:15:13 +00:00
wouter
fe21693eb9 - max sent count. EDNS1480 only for rtt < 5000. No promiscuous 
fetch if sentcount > 3, stop query if sentcount > 16.  Count is
reset when referral or CNAME happens.  This makes unbound better
at managing large NS sets, they are explored when there is continued
interest (in the form of queries).


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2499 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-16 14:11:12 +00:00
wouter
950c3c067c revert earlier commit. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2488 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-12 11:28:14 +00:00