townforge/unbound
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
4,530 Commits 1 Branch 0 Tags 79 MiB
cc
Commit Graph

49 Commits

Author SHA1 Message Date
wouter
7911e492f9 - patch for CVE-2017-15105: vulnerability in the processing of 
wildcard synthesized NSEC records.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4441 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-19 09:50:35 +00:00
wouter
39ba948040 - Spelling fixes, from Phil Porada. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4344 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-15 14:29:28 +00:00
wouter
60a7029fcd - Fix to rename internally used types from _t to _type, because _t 
type names are reserved by POSIX.
- iana portlist update


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3989 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-19 10:25:41 +00:00
ralph
caf867d9be - Fix #1117: spelling errors, from Robert Edmonds 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3877 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-05 09:56:05 +00:00
wouter
33c3822724 - spelling fixes from Igor Sobrado Delgado. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3544 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-18 14:11:46 +00:00
wouter
0a8bb72c5d - refactor nsec3 hash implementation to be more library-portable. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3535 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-17 11:30:04 +00:00
wouter
984f91d1b4 - Fix #594. libunbound: optionally use libnettle for crypto. 
Contributed by Luca Bruno.  Added --with-nettle for use with
  --with-libunbound-only.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3533 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-17 09:43:07 +00:00
wouter
410ac6cd67 - rename ldns subdirectory to sldns to avoid name collision. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3380 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-26 10:21:38 +00:00
wouter
def3dfd114 More unsigned chasts for toupper/tolower/ctype 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3242 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-10-13 08:35:00 +00:00
wouter
68b138cbd3 And fix #551 REGENT to COPYRIGHT HOLDER in license in file headings. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3079 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-07 13:28:39 +00:00
wouter
db8f72c4f7 - Fix sldns to use sldns_ prefix for all ldns_ variables. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3022 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-12-03 09:11:16 +00:00
wouter
8e6ee27eda - separate ldns into core ldns inside ldns/ subdirectory. No more 
--with-ldns is needed and unbound does not rely on libldns.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2998 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-10-31 15:09:26 +00:00
wouter
658bd3bcf8 - review fixes from Willem. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2945 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-22 14:10:29 +00:00
wouter
2643272560 - includes and have_ssl fixes for nss. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2830 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-01-30 13:15:03 +00:00
wouter
109c3e384b - Fix validation of qtype DS queries that result in no data for 
non-optout NSEC3 zones.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2712 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-07-06 13:56:44 +00:00
wouter
2d5552262c implement DNSSEC with libNSS: NSEC3, RSA, DSA, ECDSA, and DS hashes. 
make test succeeds.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2699 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-22 14:31:29 +00:00
wouter
50a8288ce6 - Fix for VU#209659 CVE-2011-4528: Unbound denial of service 
vulnerabilities from nonstandard redirection and denial of existence
http://www.unbound.net/downloads/CVE-2011-4528.txt
- robust checks for next-closer NSEC3s.
- tag 1.4.14 created.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2574 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-12-19 10:55:32 +00:00
wouter
fac34aa3d7 - fix various compiler warnings (reported by Paul Wouters). 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2497 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-09-16 11:35:01 +00:00
wouter
56a4ca7adc - Fix validation of . DS query. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2474 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-08-17 14:28:32 +00:00
wouter
b05d47d4a5 - Fix wildcard expansion no-data reply under an optout NSEC3 zone is 
validated as insecure, reported by Jia Li (lijia@cnnic.cn).


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2461 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-07-11 09:03:18 +00:00
wouter
fa30bf953f - Fix no ADflag for NXDOMAIN in NSEC3 optout. And wildcard in optout. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2397 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-03-01 12:48:45 +00:00
wouter
d0d27bd296 - fix validation in this case: CNAME to nodata for co-hosted opt-in 
NSEC3 insecure delegation, was bogus, fixed to be insecure.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2355 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-17 10:05:56 +00:00
wouter
206d95e87a - Fix validation failure for parent and child on same server with an 
insecure childzone and a CNAME from parent to child.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2321 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-10-29 13:10:26 +00:00
wouter
2b05eb39ec - Abide RFC5155 section 9.2: no AD flag for replies with NSEC3 optout. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2233 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-15 07:08:09 +00:00
wouter
83015bad7a review of NSEC and NSEC3 zones results 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2058 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-03-22 14:40:45 +00:00
wouter
3fa3f23be7 cache verify work for nsec and nsec3. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2047 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-03-17 09:49:18 +00:00
wouter
e26a64059e and store sec status 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2046 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-03-17 09:27:53 +00:00
wouter
d28c283f3b Faster nsec3. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2044 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-03-16 16:52:56 +00:00
wouter
5fb04b1a9c Move includes to code files. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2035 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-03-12 15:17:48 +00:00
wouter
3e0c959ed8 Fix validation failure cnamenodata proof failed for hud.gov. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1902 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-11-13 10:10:05 +00:00
wouter
7b7265c532 More detailed errors. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1871 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-08 07:23:49 +00:00
wouter
622609bde7 - moved version number to 1.4.0 because of 1.3.4 release with only 
the NSEC3 patch.
	- val-log-level: 2 shows extended error information for validation
	  failures, but still one (longish) line per failure.  For example:
	  validation failure <example.com. DNSKEY IN>: signature expired from
	  192.0.2.4 for trust anchor example.com. while building chain of trust
	  validation failure <www.example.com. A IN>: no signatures from
	  192.0.2.6 for key example.com. while building chain of trust



git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1868 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-07 16:45:47 +00:00
wouter
a6b082b118 Fix trunk. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1866 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-07 14:00:56 +00:00
wouter
978c34f302 Fix check for signatures. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1864 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-07 12:56:57 +00:00
wouter
7af3150ba5 detection of sha256 and sha512 by testing if functionality was compiled 
into openssl.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1328 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-11-03 16:06:12 +00:00
wouter
f5c3f58439 Fixup b32 compat for Mac OSX linker. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1323 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-11-03 14:38:03 +00:00
wouter
cf9d865669 work on nsec3 negative cache for qtype DS . 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1290 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-08 14:42:46 +00:00
wouter
2e9293e6e6 please doxygen. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@898 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-01-25 10:41:17 +00:00
wouter
4bcd6aac94 regional nicer, remove region-allocator. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@697 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-18 20:31:43 +00:00
wouter
20434e30e3 NSEC3 test and fix for bitmap protection code. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@637 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-25 08:33:14 +00:00
wouter
818bf52b10 wildcard nsec3 tests. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@618 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-18 08:28:35 +00:00
wouter
32ccda683f more nsec3 tests. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@617 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-17 14:52:14 +00:00
wouter
bca2a9be40 namerror nsec3 proof works. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@616 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-17 14:03:35 +00:00
wouter
97eb86507e nsec3 hash function unit test. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@615 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-17 09:25:54 +00:00
wouter
6fb9ede4b5 NSEC3. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@613 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-14 11:15:42 +00:00
wouter
958c81e30f if no NSEC3 present, skip validation. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@611 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-13 15:09:58 +00:00
wouter
13bf8e2c40 nsec3 work, prove name error. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@610 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-13 15:02:33 +00:00
wouter
7ce3b06765 nsec3 work. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@609 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-12 14:16:46 +00:00
wouter
aeb09dffa7 nsec3 work. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@607 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-11 18:18:16 +00:00