wouter
8fa54ec661
- Add routine from getdns to add windows cert store to the SSL_CTX.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4697 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-05-28 13:22:10 +00:00
wouter
589198d82e
- removed free from failed parse case.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4640 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-20 14:10:55 +00:00
wouter
1586971688
- For addr with #authname and no @port notation, the default is 853.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4637 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-19 14:23:14 +00:00
wouter
5bf4d998ec
fix lint
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4633 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-19 12:18:00 +00:00
wouter
50220ed991
- Can set tls authentication with forward-addr: IP#tls.auth.name
...
And put the public cert bundle in tls-cert-bundle: "ca-bundle.pem".
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4631 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-19 12:10:05 +00:00
wouter
c983bccafe
- Fix auth zone target lookup iterator.
...
- notify with prefix
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4624 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-04-16 13:14:24 +00:00
wouter
5caf1aee13
fix lint warning
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4514 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-02-06 11:17:29 +00:00
wouter
1e7120e420
auth zone work.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4512 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-02-06 09:32:41 +00:00
wouter
a0ffe3a276
- Fix #2362 : TLS1.3/openssl-1.1.1 not working.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4396 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-11-03 07:40:36 +00:00
wouter
489ad287a4
- Fix #1402 : squelch invalid argument error for fd_set_block on windows.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4306 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-08-21 14:15:32 +00:00
wouter
d616547ec7
remove warning
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4282 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-07-24 09:53:11 +00:00
wouter
756034dbbe
- Fix compile with libnettle
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4281 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-07-24 09:52:20 +00:00
wouter
80663d8e0c
lint fix and check errcode.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4256 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-06-29 11:53:21 +00:00
wouter
ad5295b585
- enhancement for hardened-tls for DNS over TLS. Removed duplicated
...
security settings.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4255 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-06-29 11:45:43 +00:00
wouter
54bfc89f6b
compile fix
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3990 be551aaa-1e26-0410-a405-d3ace91eadb9
2017-01-19 11:34:21 +00:00
wouter
63ee7f3970
- Fix for compile without warnings with openssl 1.1.0.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3840 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-09-01 12:23:59 +00:00
wouter
7b6e5dd9c7
- OpenSSL 1.1.0 portability, --disable-dsa configure option.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3689 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-03-23 08:19:49 +00:00
wouter
b7b759b22d
- patch from Doug Hogan for SSL_OP_NO_SSLvx options.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3525 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-10-29 08:32:58 +00:00
wouter
b85dd91be1
Fixup #if
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3454 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-07-21 14:37:15 +00:00
wouter
7f99e7c795
- Fix configure to detect SSL_CTX_set_ecdh_auto.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3453 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-07-21 14:30:49 +00:00
wouter
e00efba037
- Enable ECDHE for servers. Where available, use
...
SSL_CTX_set_ecdh_auto() for TLS-wrapped server configurations to
enable ECDHE. Otherwise, manually offer curve p256.
Client connections should automatically use ECDHE when available.
(thanks Daniel Kahn Gillmor)
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3452 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-07-20 06:56:01 +00:00
willem
221499af71
SSL_CTX_use_certificate_chain_file() should be used instead of the
...
SSL_CTX_use_certificate_file() function in order to allow the use of
complete certificate chains even when no trusted CA storage is used or
when the CA issuing the certificate shall not be added to the trusted
CA storage.
Thanks Daniel Kahn Gillmore
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3451 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-07-18 12:34:37 +00:00
wouter
410ac6cd67
- rename ldns subdirectory to sldns to avoid name collision.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3380 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-03-26 10:21:38 +00:00
wouter
5479ce5b4c
please lint.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3367 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-03-17 09:44:57 +00:00
wouter
9f56dc9102
- Use reallocarray for integer overflow protection, patch submitted
...
by Loganaden Velvindron.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3365 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-03-17 08:24:24 +00:00
wouter
5edccddab6
please lint.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3363 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-03-16 11:51:30 +00:00
wouter
653053c1f9
- Fixup compile on cygwin, more portable openssl thread id.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3362 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-03-16 10:51:32 +00:00
wouter
de842e85fe
- unit test for local unix connection. Documentation and log_addr
...
does not inspect port for AF_LOCAL.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3315 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-01-16 13:11:07 +00:00
wouter
9537cdfccf
- patch for remote control over local sockets, from Dag-Erling
...
Smorgrav, Ilya Bakulin. Use control-interface: /path/sock and
control-use-cert: no.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3304 be551aaa-1e26-0410-a405-d3ace91eadb9
2015-01-06 14:12:59 +00:00
wouter
d437febed1
- Fix #627 : SSL_CTX_load_verify_locations return code not properly
...
checked.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3271 be551aaa-1e26-0410-a405-d3ace91eadb9
2014-11-17 08:10:49 +00:00
wouter
6128ac971e
- Disabled use of SSLv3 in remote-control and ssl-upstream.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3248 be551aaa-1e26-0410-a405-d3ace91eadb9
2014-10-27 09:26:48 +00:00
wouter
7de5b0ec61
- Fix #545 : improved logging, the ip address of the error is printed
...
on the same log-line as the error.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3112 be551aaa-1e26-0410-a405-d3ace91eadb9
2014-04-10 14:40:20 +00:00
wouter
68b138cbd3
And fix #551 REGENT to COPYRIGHT HOLDER in license in file headings.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3079 be551aaa-1e26-0410-a405-d3ace91eadb9
2014-02-07 13:28:39 +00:00
wouter
03da1e8f35
- made lint clean.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3050 be551aaa-1e26-0410-a405-d3ace91eadb9
2014-01-24 13:23:45 +00:00
wouter
db8f72c4f7
- Fix sldns to use sldns_ prefix for all ldns_ variables.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3022 be551aaa-1e26-0410-a405-d3ace91eadb9
2013-12-03 09:11:16 +00:00
wouter
884b06df55
Fix linking of sldns and ldns, unique identifiers for global variables.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3021 be551aaa-1e26-0410-a405-d3ace91eadb9
2013-11-30 11:03:55 +00:00
wouter
8e6ee27eda
- separate ldns into core ldns inside ldns/ subdirectory. No more
...
--with-ldns is needed and unbound does not rely on libldns.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2998 be551aaa-1e26-0410-a405-d3ace91eadb9
2013-10-31 15:09:26 +00:00
wouter
537b023feb
- Fixup openssl_thread init code to only run if compiled with SSL.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2843 be551aaa-1e26-0410-a405-d3ace91eadb9
2013-02-11 16:03:51 +00:00
wouter
1b929d1f1c
Even neater openssl callback removal code from Robert Fleischman.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2801 be551aaa-1e26-0410-a405-d3ace91eadb9
2013-01-02 14:44:34 +00:00
wouter
7244053f53
- Fix openssl lock free on exit (reported by Robert Fleischman).
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2798 be551aaa-1e26-0410-a405-d3ace91eadb9
2013-01-02 10:53:57 +00:00
wouter
677fa01bdc
compile without warnings unthreaded.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2737 be551aaa-1e26-0410-a405-d3ace91eadb9
2012-08-01 14:07:04 +00:00
wouter
ac3c2e2310
remove warnings on Solaris.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2735 be551aaa-1e26-0410-a405-d3ace91eadb9
2012-08-01 13:18:19 +00:00
wouter
a134a7edc7
ifdef for NSS compile.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2734 be551aaa-1e26-0410-a405-d3ace91eadb9
2012-08-01 13:08:58 +00:00
wouter
efebff52f7
- Fix openssl race condition, initializes openssl locks, reported
...
by Einar Lonn and Patrik Wallstrom.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2733 be551aaa-1e26-0410-a405-d3ace91eadb9
2012-08-01 11:31:29 +00:00
wouter
eba23b8235
- compile libunbound with libnss on Suse, passes regression tests.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2710 be551aaa-1e26-0410-a405-d3ace91eadb9
2012-07-04 12:33:32 +00:00
wouter
5373e6bec7
- work on --with-nss build option (for now, --with-libunbound-only).
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2690 be551aaa-1e26-0410-a405-d3ace91eadb9
2012-06-20 15:11:53 +00:00
wouter
ae03c65057
- Applied patch from Daisuke HIGASHI for rrset-roundrobin and
...
minimal-responses features.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2658 be551aaa-1e26-0410-a405-d3ace91eadb9
2012-04-10 09:16:39 +00:00
wouter
a1f677fcac
- Makefile changed for BSD make compatibility.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2544 be551aaa-1e26-0410-a405-d3ace91eadb9
2011-11-10 18:44:06 +00:00
wouter
1f9e9b78fe
- dns over ssl support, ssl-service-pem and ssl-service-key files
...
can be given and then TCP queries are serviced wrapped in SSL.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2530 be551aaa-1e26-0410-a405-d3ace91eadb9
2011-10-31 14:48:48 +00:00
wouter
e06ff53943
lint fix.
...
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2520 be551aaa-1e26-0410-a405-d3ace91eadb9
2011-10-19 14:39:35 +00:00
