wouter
346ff9c3ff
- Fix that control-use-cert: no works for 127.0.0.1 to disable certs.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/tags/release-1.7.3rc2@4740 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-06-18 09:46:01 +00:00
wouter
0f9b6582fa
- Fix that first control-interface determines if TLS is used. Warn
...
when IP address interfaces are used without TLS.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4730 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-06-14 08:14:43 +00:00
wouter
83da630f76
better documentation in header file
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4722 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-06-12 10:15:08 +00:00
wouter
ab61a40dd4
- Rename tls-additional-ports to tls-additional-port, because every
...
line adds one port.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4721 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-06-12 08:45:57 +00:00
wouter
7ad84e32e0
- #4102 for NSD, but for Unbound. Named unix pipes do not use
...
certificate and key files, access can be restricted with file and
directory permissions. The option control-use-cert is no longer
used, and ignored if found in unbound.conf.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4718 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-06-12 07:43:52 +00:00
wouter
472d02ab51
- Rename additional-tls-port to tls-additional-ports.
...
The older name is accepted for backwards compatibility.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4703 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-06-01 08:02:04 +00:00
wouter
78716a759d
rerun bison.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4702 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-05-30 09:35:21 +00:00
wouter
3506f85724
- Patch from Syzdek: Add ability to ignore RD bit and treat all
...
requests as if the RD bit is set.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4701 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-05-30 09:33:21 +00:00
wouter
4a5ccf25b0
- tls-win-cert option that adds the system certificate store for
...
authenticating DNS-over-TLS connections. It can be used instead
of the tls-cert-bundle option, or with it to add certificates.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4698 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-05-28 14:15:06 +00:00
wouter
8fa54ec661
- Add routine from getdns to add windows cert store to the SSL_CTX.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4697 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-05-28 13:22:10 +00:00
wouter
aee754fc46
- Fix windows tcp and tls spin on events.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4696 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-05-28 12:30:34 +00:00
wouter
c8130661f9
- Fix close events for tcp only.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4695 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-05-25 10:41:24 +00:00
wouter
4fbdf39ad1
- Fix that tcp sticky events are removed for closed fd on windows.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4694 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-05-25 10:02:06 +00:00
wouter
34a161c0e3
- Use accept4 to speed up incoming TCP (and TLS) connections,
...
available on Linux and FreeBSD.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4686 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-05-23 13:55:09 +00:00
ralph
8b19239862
- Qname minimisation default changed to yes.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4685 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-05-17 10:33:19 +00:00
wouter
7d7303a6d2
generated yacc and lex output.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4684 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-05-15 07:48:12 +00:00
wouter
e02f387278
- Fix low-rtt-pct to low-rtt-permil, as it is parts in one thousand.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4683 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-05-15 07:30:53 +00:00
wouter
dab69869cd
- Fix windows to not have sticky TLS events for TCP.
...
- Fix read of DNS over TLS length and data in one read call.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4680 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-05-07 08:31:17 +00:00
wouter
bb358ef952
- Fix fail to reject dead peers in forward-zone, with ssl-upstream.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4670 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-05-02 06:36:02 +00:00
wouter
1ad21fa550
- Fix that unbound-control reload frees the rrset keys and returns
...
the memory pages to the system.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4669 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-05-01 14:00:06 +00:00
wouter
6609994291
And assertion.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4661 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-24 15:16:16 +00:00
wouter
9b8e7776b7
- Fix auth https for libev.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4660 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-24 15:13:18 +00:00
wouter
b89b3ebb90
This lexer output looks like it'll have less signed-unsigned warnings.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4658 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-24 10:23:12 +00:00
ralph
38b5b4c8c6
- Added root-key-sentinel support
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4652 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-24 09:03:49 +00:00
wouter
40de1a23fa
- Fix #4092 : libunbound: use-caps-for-id lacks colon in
...
config_set_option.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4644 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-23 07:51:21 +00:00
wouter
589198d82e
- removed free from failed parse case.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4640 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-20 14:10:55 +00:00
wouter
1586971688
- For addr with #authname and no @port notation, the default is 853.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4637 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-19 14:23:14 +00:00
wouter
5bf4d998ec
fix lint
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4633 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-19 12:18:00 +00:00
wouter
50220ed991
- Can set tls authentication with forward-addr: IP#tls.auth.name
...
And put the public cert bundle in tls-cert-bundle: "ca-bundle.pem".
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4631 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-19 12:10:05 +00:00
wouter
329a8e105e
- allow-notify: config statement for auth-zones.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4628 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-17 13:23:35 +00:00
wouter
c983bccafe
- Fix auth zone target lookup iterator.
...
- notify with prefix
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4624 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-16 13:14:24 +00:00
wouter
96756438cf
- auth zone notify work.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4619 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-10 14:57:38 +00:00
wouter
e0854f3847
get_option and set_option for low-rtt and low-rtt-pct.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4613 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-09 13:39:29 +00:00
wouter
a6494a30da
- low-rtt and low-rtt-pct in unbound.conf enable the server selection
...
of fast servers for some percentage of the time.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4612 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-09 13:27:28 +00:00
wouter
0e69ab1789
- Accept both option names with and without colon for get_option
...
and set_option.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4611 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-09 10:42:48 +00:00
wouter
7d87afac47
- Combine write of tcp length and tcp query for dns over tls.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4601 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-05 08:10:25 +00:00
ralph
8d778e3a8d
- Fix unbound-control get_option aggressive-nsec
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4597 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-03-23 12:23:02 +00:00
wouter
59cd6fd783
- iana port update.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4592 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-03-19 13:19:53 +00:00
wouter
747b0fe252
doc and flex and yacc.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4589 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-03-15 14:23:51 +00:00
wouter
c549551a6c
- Create additional tls service interfaces by opening them on other
...
portnumbers and listing the portnumbers as additional-tls-port: nr.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4588 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-03-15 14:19:02 +00:00
wouter
0700c011c6
- Fix #3817 : core dump happens in libunbound delete, when queued
...
servfail hits deleted message queue.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4587 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-03-15 13:32:19 +00:00
wouter
96979a9d6c
- Add --with-libhiredis, unbound support for a new cached backend
...
that uses a Redis server as the storage. This implementation
depends on the hiredis client library (https://redislabs.com/lp/hiredis/ ).
And unbound should be built with both --enable-cachedb and
--with-libhiredis[=PATH] (where $PATH/include/hiredis/hiredis.h
should exist). Patch from Jinmei Tatuya (Infoblox).
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4586 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-03-15 12:33:51 +00:00
wouter
0a65f973e9
- Fix #3582 : Squelch address already in use log when reuseaddr option
...
causes same port to be used twice for tcp connections.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4559 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-03-05 15:45:34 +00:00
wouter
ebe1d77ccd
- iana port update.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4558 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-03-05 14:38:30 +00:00
wouter
327d22ff3e
- Fix nettle compile.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4555 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-02-27 13:03:54 +00:00
wouter
340efc3a79
- Fix compile without threads, and remove unused variable.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4553 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-02-27 10:36:12 +00:00
wouter
2c129d2a5c
fix noview.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4543 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-02-19 13:30:38 +00:00
wouter
1a9d913ee5
- Fixes for clang static analyzer, the missing ; in
...
edns-subnet/addrtree.c after the assert made clang analyzer
produce a failure to analyze it.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4538 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-02-16 10:31:48 +00:00
wouter
2b221f3140
auth zone review fixes
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4534 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-02-13 14:09:57 +00:00
wouter
4ddbf8aed9
- iana port update.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4533 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-02-13 10:35:31 +00:00