townforge/unbound
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
4,530 Commits 1 Branch 0 Tags 79 MiB
cc
Commit Graph

281 Commits

Author SHA1 Message Date
wouter
873b46f247 Put fixes in 1.7.3 for release. 
- Fix for unbound-control on Windows and set TCP socket parameters
  more closely.
- Fix windows unbound-control no cert bad file descriptor error.
- Fix unbound-checkconf for control-use-cert.


git-svn-id: https://unbound.nlnetlabs.nl/svn/tags/release-1.7.3@4749 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-21 07:38:14 +00:00
wouter
346ff9c3ff - Fix that control-use-cert: no works for 127.0.0.1 to disable certs. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/tags/release-1.7.3rc2@4740 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-18 09:46:01 +00:00
wouter
0f9b6582fa - Fix that first control-interface determines if TLS is used. Warn 
when IP address interfaces are used without TLS.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4730 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-14 08:14:43 +00:00
wouter
ed387e5f93 Fixup error print for unix pipe. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4720 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-12 08:15:44 +00:00
wouter
7ad84e32e0 - #4102 for NSD, but for Unbound. Named unix pipes do not use 
certificate and key files, access can be restricted with file and
  directory permissions.  The option control-use-cert is no longer
  used, and ignored if found in unbound.conf.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4718 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-06-12 07:43:52 +00:00
wouter
c0e79fd89f - unbound-host initializes ssl (for potential DNS-over-TLS usage 
inside libunbound).


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4690 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-05-24 12:30:13 +00:00
wouter
34247dd0ce - list_auth_zones unbound-control command. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4650 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-23 14:42:30 +00:00
wouter
50220ed991 - Can set tls authentication with forward-addr: IP#tls.auth.name 
And put the public cert bundle in tls-cert-bundle: "ca-bundle.pem".


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4631 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-19 12:10:05 +00:00
ralph
5ac4889669 - num.query.aggressive.NOERROR and num.query.aggressive.NXDOMAIN statistics 
counters


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4616 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-10 11:39:23 +00:00
wouter
32d7d269e4 - num.query.authzone.up and num.query.authzone.down statistics counters. 
- Fix downstream auth zone, only fallback when auth zone fails to
  answer and fallback is enabled.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4610 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-09 10:15:06 +00:00
wouter
7584b945fc - Fix unbound-control over pipe with openssl 1.1.1, the TLSv1.3 
tls_choose_sigalg routine does not allow the ciphers for the pipe,
  so use TLSv1.2.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4606 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-04-05 13:43:05 +00:00
wouter
f92f7fb2d6 auth zone, make depend, fallback, create and delete, and lease_time, 
and lock fixes.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4466 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-30 10:35:20 +00:00
wouter
f84f924e28 - Fix that unbound-checkconf -f flag works with auto-trust-anchor-file 
for startup scripts to get the full pathname(s) of anchor file(s).


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4447 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-23 14:20:17 +00:00
wouter
f6767b6484 - authzone work, probe timer setup. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4378 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-19 09:03:36 +00:00
wouter
77d3988ed5 - Work on local root zone code. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4376 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-10-17 15:16:31 +00:00
wouter
87a108b346 - Fix #1440: [dnscrypt] client nonce cache. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4351 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-18 08:55:08 +00:00
wouter
39ba948040 - Spelling fixes, from Phil Porada. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4344 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-15 14:29:28 +00:00
wouter
ddd249d0df - Fix unbound-host to report error for DNSSEC state of failed lookups. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4343 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-15 14:11:43 +00:00
wouter
86daa970ea - Add dns64 for client-subnet in unbound-checkconf. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4340 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-12 05:43:46 +00:00
wouter
ce208bb8fe - Fix #1417: [dnscrypt] shared secret cache counters, and works when 
dnscrypt is not enabled.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4326 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-31 08:06:17 +00:00
wouter
a2f9551c88 - Fix #1407: Add ECS options check to unbound-checkconf. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4307 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-22 07:43:59 +00:00
ralph
d073e3e262 - Added stats for queries that have been ratelimited by domain recursion. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4292 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-08-03 12:52:33 +00:00
wouter
2f22e0e328 - upgrade aclocal(pkg.m4 0.29.1), config.guess(2016-10-02), 
config.sub(2016-09-05).
- annotate case statement fallthrough for gcc 7.1.1.
- flex output from flex 2.6.1.
- snprintf of thread number does not warn about truncated string.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4278 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-24 09:04:18 +00:00
wouter
c6925b28c4 - Fix openssl 1.1.0 load of ssl error strings from ssl init. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4260 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-03 13:37:37 +00:00
wouter
cc82f13e59 - Fix for unbound-checkconf, check ipsecmod-hook if ipsecmod is turned 
on.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4257 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-07-03 07:14:37 +00:00
wouter
c19a0cbb0d - better module memory lookup, fix of unbound-control shm names for 
module memory printout of statistics.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4161 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-16 14:16:59 +00:00
george
51e798d701 - Implemented opportunistic IPsec support module (ipsecmod). 
- Some whitespace fixup.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4158 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-16 12:39:24 +00:00
wouter
12aadd1da8 - Fix #1258: Windows 10 X64 unbound 1.6.2 service will not start. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4139 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-05-01 14:41:40 +00:00
ralph
e61bcbfd71 - Fix #1252: more indentation inconsistencies. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4125 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-18 09:00:52 +00:00
wouter
4a7b0a0112 no lint for timeval. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4122 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-13 13:17:51 +00:00
wouter
6e6dc43b16 more lint. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4121 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-13 13:11:54 +00:00
wouter
6e077f9cf9 - (for 1.6.3:) unbound.h exports the shm stats structures. They use 
type long long and no ifdefs, and ub_ before the typenames.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4117 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-13 12:47:29 +00:00
ralph
c2cea9742b - Also display ECS module memory stats in stats_shm 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4107 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-11 13:37:39 +00:00
wouter
3ad4ef86b2 - Fix #1217: Add metrics to unbound-control interface showing 
crypted, cert request, plaintext and malformed queries (from
  Manu Bretelle).


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4084 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-04-03 09:03:32 +00:00
ralph
12728301d7 - Merge EDNS Client subnet implementation from feature branch into main branch, 
using new EDNS processing framework.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4074 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-21 12:08:17 +00:00
wouter
e69494bdc0 - unbound-control list local zone and data commands listed in the 
help output.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4046 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-09 16:25:32 +00:00
wouter
099cd16231 - Response actions based on IP address from Jinmei Tatuya (Infoblox). 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4035 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-07 14:58:51 +00:00
wouter
2b84aceea9 fixed for lint 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4023 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-23 14:17:58 +00:00
wouter
f0a9c86a73 - Patch from Luiz Fernando Softov for Stats Shared Memory. 
- unbound-control stats_shm command prints stats using shared memory,
  which uses less cpu.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4020 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-23 12:05:05 +00:00
wouter
f687a3f61a - Include root trust anchor id 20326 in unbound-anchor. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4000 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-02-07 15:22:31 +00:00
wouter
4bef018f2e complete ellipsis. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3987 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-12 15:57:22 +00:00
wouter
bc4d0a68d2 - Fix #1206: Some view-related commands are missing from 'unbound-control -h' 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3986 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-12 15:56:05 +00:00
wouter
3510c9fe88 - Fix #1185: Source IP rate limiting, patch from Larissa Feng. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3981 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-05 13:57:12 +00:00
wouter
1e2b467c73 - Fix unbound-control and ipv6 only. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3962 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-13 14:21:15 +00:00
george
4812f02dd0 - Added generic EDNS code for registering known EDNS option codes, 
bypassing the cache response stage and uniquifying mesh states. Four EDNS
  option lists were added to module_qstate (module_qstate.edns_opts_*) to
  store EDNS options from/to front/back side.
- Added two flags to module_qstate (no_cache_lookup, no_cache_store) that
  control the modules' cache interactions.
- Added code for registering inplace callback functions. The registered
  functions can be called just before replying with local data or Chaos,
  replying from cache, replying with SERVFAIL, replying with a resolved
  query, sending a query to a nameserver. The functions can inspect the
  available data and maybe change response/query related data (i.e. append
  EDNS options).
- Updated Python module for the above.
- Updated Python documentation.



git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3947 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-12-06 13:42:51 +00:00
ralph
4575fa9149 - Added local-zones and local-data bulk addition and removal functionality in 
unbound-control (local_zones, local_zones_remove, local_datas and
  local_datas_remove).                                   
- iana portlist update


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3941 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-30 11:22:29 +00:00
wouter
c4d8a8858a - Fix that with openssl 1.1 control-use-cert: no uses less cpu, by 
using no encryption over the unix socket.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3936 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-25 16:14:14 +00:00
ralph
ae25494609 Check and free data allocated by fname_after_chroot 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3935 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-23 11:21:10 +00:00
ralph
4097f78b84 pass ssl_upstream as int to (lib)worker_send_query 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3924 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-04 14:02:22 +00:00
ralph
3fb4900c0e - Added stub-ssl-upstream and forward-ssl-upstream options. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3923 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-11-04 12:07:52 +00:00