townforge/unbound
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
4,530 Commits 1 Branch 0 Tags 79 MiB
cc
Commit Graph

124 Commits

Author SHA1 Message Date
wouter
728daa8ef4 yacced,lexed, include for undeclared function and make depend. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3555 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-12-01 08:11:48 +00:00
ralph
481e89ca4c Implemented qname minimisation 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3554 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-30 16:10:26 +00:00
wouter
c58e83c3e1 - Added permit-small-holddown config to debug fast 5011 rollover. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3462 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-07-30 11:52:12 +00:00
wouter
916b3a305d - SOA negative TTL is capped at minimumttl in its rdata section. 
- cache-max-negative-ttl config option, default 3600.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3431 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-29 14:51:36 +00:00
wouter
a2f75d6c35 - caps-whitelist in unbound.conf allows whitelist of loadbalancers 
that cannot work with caps-for-id or its fallback.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3420 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-05-01 12:36:16 +00:00
wouter
f77c2a06f1 - Ratelimit does not apply to prefetched queries, and ratelimit-factor 
is default 10.  Repeated normal queries get resolved and with
  prefetch stay in the cache.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3399 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-16 14:18:50 +00:00
wouter
7062b00d0b - ratelimit feature, ratelimit: 100, or some sensible qps, can be 
used to turn it on.  It ratelimits recursion effort per zone.
  For particular names you can configure exceptions in unbound.conf.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3391 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-04-10 09:59:57 +00:00
wouter
6478a1cbfd - Add ip-transparent config option for bind to non-local addresses. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3369 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-19 09:50:35 +00:00
wouter
5a4a7863b6 - Fix #644: harden-algo-downgrade option, if turned off, fixes the 
reported excessive validation failure when multiple algorithms
  are present.  It allows the weakest algorithm to validate the zone.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3354 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-09 13:30:37 +00:00
wouter
6856b6a202 - infra-cache-min-rtt patch from Florian Riehm, for expected long 
uplink roundtrip times.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3328 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-02-02 08:46:22 +00:00
wouter
9537cdfccf - patch for remote control over local sockets, from Dag-Erling 
Smorgrav, Ilya Bakulin.  Use control-interface: /path/sock and
  control-use-cert: no.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3304 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-01-06 14:12:59 +00:00
wouter
12e488a497 - parser with bison 2.7 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3270 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-11-14 15:59:30 +00:00
wouter
d74c01b712 - dnstap support, with a patch from Farsight Security, written by 
Robert Edmonds. The --enable-dnstap needs libfstrm and protobuf-c.
  It is BSD licensed (see dnstap/dnstap.c).
  Building with --enable-dnstap needs pkg-config with this patch.
- Noted dnstap in doc/README and doc/CREDITS.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3206 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-08-05 07:57:52 +00:00
wouter
f8f0117ea9 - DNS64 from Viagenie (BSD Licensed), written by Simon Perrault. 
Initial commit of the patch from the FreeBSD base (with its fixes).
  This adds a module (for module-config in unbound.conf) dns64 that
  performs DNS64 processing, see README.DNS64.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3198 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-07-31 07:15:33 +00:00
wouter
8d9d4eea91 - Feature, unblock-lan-zones: yesno that you can use to make unbound 
perform 10.0.0.0/8 and other reverse lookups normally, for use if
  unbound is running service for localhost on localhost.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3133 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-05-20 10:38:32 +00:00
wouter
d1cb31280e - delay-close: msec option that delays closing ports for which 
the UDP reply has timed out.  Keeps the port open, only accepts
  the correct reply.  This correct reply is not used, but the port
  is open so that no port-denied ICMPs are generated.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3058 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-01-28 14:35:55 +00:00
wouter
36afba318e - so-reuseport: yesno option to distribute queries evenly over 
threads on Linux (Thanks Robert Edmonds).


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3049 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-01-24 11:43:38 +00:00
wouter
2e1c6e061f - Fix bug#536: acl_deny_non_local and refuse_non_local added. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3015 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-11-12 10:08:54 +00:00
wouter
8e6ee27eda - separate ldns into core ldns inside ldns/ subdirectory. No more 
--with-ldns is needed and unbound does not rely on libldns.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2998 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-10-31 15:09:26 +00:00
wouter
d63f8ef809 - Implement max-udp-size config option, default 4096 (thanks 
Daisuke Higashi).


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2893 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-04-25 11:55:46 +00:00
wouter
ae03c65057 - Applied patch from Daisuke HIGASHI for rrset-roundrobin and 
minimal-responses features.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2658 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-04-10 09:16:39 +00:00
wouter
276300a61a - forward-first option. Tries without forward if a query fails. 
Also stub-first option that is similar.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2637 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-03-01 13:16:40 +00:00
wouter
1b8de9916c ssl_port setting, so that the dnssec-trigger server can be on one host machine. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2539 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-11-08 10:56:42 +00:00
wouter
1f9e9b78fe - dns over ssl support, ssl-service-pem and ssl-service-key files 
can be given and then TCP queries are serviced wrapped in SSL.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2530 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-10-31 14:48:48 +00:00
wouter
a28362a7fc tcp upstream option. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2480 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-08-22 13:58:40 +00:00
wouter
307c9d186f - log-queries: yesno option, default is no, prints querylog. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2429 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-06-16 13:15:57 +00:00
wouter
923921f02d - feature, ignore-cd-flag: yesno to provide dnssec to legacy servers. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2414 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-05-10 11:20:14 +00:00
wouter
b5252fabaa harden-below-nxdomain option taken from draft-vixie-dnsext-resimprove. 
Default off (for now), as some older software that gives nxdomain for ENT
would be incompatible.  But that would only happen in the reverse tree, and
such software (nonDNSSEC) may go out of style, so in the future a default yes
could be possible.



git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2347 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-18 08:49:15 +00:00
wouter
3709f579a0 - so-sndbuf option for very busy servers, a bit like so-rcvbuf. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2344 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-11-15 14:30:34 +00:00
wouter
bedc58446d - Fix bug#308: spelling error in variable name in parser and lexer. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2110 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-06 05:23:49 +00:00
wouter
caa4f084e3 prefetch-key feature. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1956 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-01-13 13:33:18 +00:00
wouter
2a29e7923e Doc fix and work on prefetch feature. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1951 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-01-07 14:38:18 +00:00
wouter
71124621dc edns-buffer-size option. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1881 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-29 10:37:44 +00:00
wouter
e64f6a9b3a so-rcvbuf option. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1851 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-25 08:54:50 +00:00
wouter
0f8ead12a8 autotrust options 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1776 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-25 08:46:33 +00:00
wouter
d3a9449a97 autotrust work 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1758 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-12 15:26:47 +00:00
wouter
4c611f0e08 Log option for bogus only. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1734 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-07-20 14:22:29 +00:00
wouter
3cb0cdd59b newer bison. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1677 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-19 07:47:46 +00:00
wouter
e2df850810 min-ttl option and tests for min-ttl and max-ttl. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1598 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-04-14 10:10:11 +00:00
wouter
d1933ca660 detect gost. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1595 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-04-09 15:23:14 +00:00
wouter
12e1046582 signature clock skew code. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1590 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-04-06 14:09:33 +00:00
wouter
a93beb8c1c python contribution from Zdenek Vasicek and Marek Vavrusa (BSD licensed). 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1556 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-03-25 14:47:47 +00:00
wouter
2e66e891ae inverse trust anchor. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1533 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-03-18 14:02:46 +00:00
wouter
5484807371 doxygen, lex, yacc. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1525 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-03-13 09:27:37 +00:00
wouter
f89272deeb Parser allows syslog on windows. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1519 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-03-11 11:53:47 +00:00
wouter
7690c0f86a log-time-ascii option 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1465 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-02-06 12:51:45 +00:00
wouter
04ffe11ee9 unwanted reply threshold like in the draft. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1321 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-22 14:36:46 +00:00
wouter
eb7f891414 stub-prime option. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1319 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-22 12:01:40 +00:00
wouter
3e50ffc914 Option for DOS protection on slower links. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1282 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-06 09:28:50 +00:00
wouter
f79258bcad local data PTR shorthand. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1277 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-09-30 15:04:32 +00:00
wouter
d2a3e5aaf6 extended stats option. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1238 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-09-16 09:08:45 +00:00
wouter
d0a4ad4331 remote control setup, port binding and service. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1227 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-09-10 15:23:01 +00:00
wouter
2e6ceb9d98 private address and private domain config option read and store. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1223 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-09-03 14:40:09 +00:00
wouter
94962bb18f new NS queries is not an option (off by default). 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1219 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-29 14:46:08 +00:00
wouter
90163454a7 dlv negative cache size option. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1213 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-27 13:02:22 +00:00
wouter
3be517fbe4 Test DLV anchor. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1202 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-21 14:58:39 +00:00
wouter
45fbd03377 - ldns snapshot r2699 taken (includes DLV type). 
- DLV work, config file element, trust anchor read in.



git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1187 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-13 14:30:35 +00:00
wouter
efd453c4cc - removed base_port. 
- created 256-port ephemeral space for the OS, 59802 available.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1030 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-04-11 14:10:16 +00:00
wouter
b0e4db5b70 config available ports, iana assigned ports list. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1025 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-04-09 15:07:37 +00:00
wouter
e9a7e055f1 statistics cumulative option. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1024 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-04-09 12:29:53 +00:00
wouter
445079b19d confixlexer and parser from linux are a little more portable (despite the 
signed/unsigned comparison warning).


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1008 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-02-29 10:59:26 +00:00
wouter
7cca1a686a lexer and parser from freebsd. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1006 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-02-29 10:23:52 +00:00
wouter
c382cf89af config file option for draft-0x20. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@995 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-02-27 09:39:27 +00:00
wouter
49ed83586f do-daemonize 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@972 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-02-20 07:26:03 +00:00
wouter
d72f75b70f statistics-interval config setting. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@917 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-02-05 10:23:44 +00:00
wouter
bdb854787d interface-automatic (IP6mapped, good for anycast service and so on). 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@847 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-01-15 09:45:30 +00:00
wouter
4706faa6c4 localzone and localdata configuration setup. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@771 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-11-20 14:48:33 +00:00
wouter
4b1dc70de7 access-control 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@769 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-11-19 15:32:55 +00:00
wouter
ae9a865863 Harden dnssec stripped zones. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@730 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-11-01 15:32:27 +00:00
wouter
9e3c2e34e2 max ttl option. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@721 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-31 07:46:30 +00:00
wouter
8f403c2842 Fixup tests. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@711 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-22 06:25:46 +00:00
wouter
3ebb26d96d root-hints can be read from file. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@708 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-19 14:02:53 +00:00
wouter
b66b29f6da outgoing interfaces setting possible. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@704 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-19 08:32:36 +00:00
wouter
3dc0752529 Added yacc and lex files. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@701 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-18 22:49:08 +00:00