townforge/unbound
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
4,530 Commits 1 Branch 0 Tags 79 MiB
cc
Commit Graph

96 Commits

Author SHA1 Message Date
wouter
7911e492f9 - patch for CVE-2017-15105: vulnerability in the processing of 
wildcard synthesized NSEC records.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4441 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-19 09:50:35 +00:00
wouter
0a121de98f fix oneoff 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4433 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-02 13:36:17 +00:00
wouter
e8865e9ac9 fixup larger than 2**31 case. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4432 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-02 12:43:43 +00:00
wouter
fe7c8d17cb - Remove clang optimizer disable, 
Fix that expiration date checks don't fail with clang -O2.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4431 be551aaa-1e26-0410-a405-d3ace91eadb9
 2018-01-02 10:48:00 +00:00
wouter
dd172dfbec remove debug output 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4426 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-12-15 10:21:38 +00:00
wouter
8ddd743496 this version of unbound fails when compiled with CC=clang and -O (edit Makefile), or -O2 (default). If you use no optimizing flag, unittest works. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4425 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-12-15 10:16:06 +00:00
wouter
39ba948040 - Spelling fixes, from Phil Porada. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4344 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-09-15 14:29:28 +00:00
wouter
7dd4463598 - --disable-sha1 disables SHA1 support in RRSIG, so from DNSKEY and 
DS records.  NSEC3 is not disabled.
- fake-sha1 test option; print warning if used.  To make unit tests.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4043 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-03-09 13:18:08 +00:00
wouter
60a7029fcd - Fix to rename internally used types from _t to _type, because _t 
type names are reserved by POSIX.
- iana portlist update


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3989 be551aaa-1e26-0410-a405-d3ace91eadb9
 2017-01-19 10:25:41 +00:00
ralph
caf867d9be - Fix #1117: spelling errors, from Robert Edmonds 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3877 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-10-05 09:56:05 +00:00
ralph
8dc79ecaed Take configured minimum TTL into consideration when reducing TTL to original 
TTL from RRSIG.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3849 be551aaa-1e26-0410-a405-d3ace91eadb9
 2016-09-05 12:30:46 +00:00
wouter
984f91d1b4 - Fix #594. libunbound: optionally use libnettle for crypto. 
Contributed by Luca Bruno.  Added --with-nettle for use with
  --with-libunbound-only.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3533 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-11-17 09:43:07 +00:00
wouter
553bf1df1e - Remove confusion comment from canonical_compare() function. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3488 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-09-22 08:43:56 +00:00
wouter
410ac6cd67 - rename ldns subdirectory to sldns to avoid name collision. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3380 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-26 10:21:38 +00:00
wouter
d1bf57dfd1 - Fixes to add integer overflow checks on allocation (defense in depth). 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3372 be551aaa-1e26-0410-a405-d3ace91eadb9
 2015-03-20 15:36:25 +00:00
wouter
68b138cbd3 And fix #551 REGENT to COPYRIGHT HOLDER in license in file headings. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3079 be551aaa-1e26-0410-a405-d3ace91eadb9
 2014-02-07 13:28:39 +00:00
wouter
db8f72c4f7 - Fix sldns to use sldns_ prefix for all ldns_ variables. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3022 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-12-03 09:11:16 +00:00
wouter
884b06df55 Fix linking of sldns and ldns, unique identifiers for global variables. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3021 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-11-30 11:03:55 +00:00
wouter
8e6ee27eda - separate ldns into core ldns inside ldns/ subdirectory. No more 
--with-ldns is needed and unbound does not rely on libldns.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2998 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-10-31 15:09:26 +00:00
wouter
b4a007738c - Fix for 2038, with time_t instead of uint32_t. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2939 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-08-20 12:23:42 +00:00
wouter
48c72225d1 - Robust checks on dname validity from rdata for dname compare. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2892 be551aaa-1e26-0410-a405-d3ace91eadb9
 2013-04-25 10:28:25 +00:00
wouter
5373e6bec7 - work on --with-nss build option (for now, --with-libunbound-only). 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2690 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-20 15:11:53 +00:00
wouter
ec417b19da code review. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2688 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-06-18 14:22:29 +00:00
wouter
f467fc9b41 lint and doxygen fixes. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2631 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-16 10:08:07 +00:00
wouter
778fd7476a - workaround for openssl 0.9.8 ecdsa sha2 and evp problem. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2608 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-08 16:40:46 +00:00
wouter
27329b8cc9 - implement draft-ietf-dnsext-ecdsa-04; which is in IETF LC; This 
implementation is experimental at this time and not recommended
  for use on the public internet (the protocol numbers have not
  been assigned).  Needs recent ldns with --enable-ecdsa.
- fix memory leak in errorcase for DSA signatures.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2606 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-02-08 13:22:44 +00:00
wouter
cc265b7ce4 - Fix bug where canonical_compare of RRSIG did not downcase the 
signer-name.  This is mostly harmless because RRSIGs do not have
  to be sorted in canonical order, usually.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2586 be551aaa-1e26-0410-a405-d3ace91eadb9
 2012-01-17 09:06:18 +00:00
wouter
a1f677fcac - Makefile changed for BSD make compatibility. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2544 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-11-10 18:44:06 +00:00
wouter
0210c9c214 val-override-date: -1 ignores dates entirely, for NTP usage. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2410 be551aaa-1e26-0410-a405-d3ace91eadb9
 2011-04-08 14:06:46 +00:00
wouter
323d94a758 test and cleanup. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2360 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-22 09:41:38 +00:00
wouter
a33b75aebf Work on validation of multiple algorithms. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2356 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-12-20 15:58:12 +00:00
wouter
874ce84c9f - Fix reported validation error in out of memory condition. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2237 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-16 13:57:22 +00:00
wouter
db4944a21d - Algorithm rollover operational reality intrudes, for trust-anchor, 
5011-store, and DLV-anchor if one key matches it's good enough.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2235 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-09-16 13:40:26 +00:00
wouter
6f7205f522 add and fix doxygen comments for doxygen-1.7.1. (which reports lots of 
spurious items as well, by the way).


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2211 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-08-13 08:41:49 +00:00
wouter
fe32eb79bc please lint. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2206 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-08-04 08:43:38 +00:00
wouter
358a2108de - Fix validation in case a trust anchor enters into a zone with 
unsupported algorithms.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2205 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-08-04 08:36:27 +00:00
wouter
796d87d213 Fix 4035 compliance for algorithms from the DS rrset that MUST sign the DNSKEY. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2172 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-07-01 12:08:48 +00:00
wouter
9d31e30c81 Fix various compiler warnings from the clang llvm compiler. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2111 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-05-18 12:37:04 +00:00
wouter
cc89cee01f GOST support. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2065 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-04-06 12:15:19 +00:00
wouter
5fb04b1a9c Move includes to code files. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2035 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-03-12 15:17:48 +00:00
wouter
aa41f2fe99 Check rrsig expiration last in verify_rrsig 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1936 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-12-10 16:03:31 +00:00
wouter
0867d55d16 neater errors for algo and key failure. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1872 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-08 08:02:00 +00:00
wouter
622609bde7 - moved version number to 1.4.0 because of 1.3.4 release with only 
the NSEC3 patch.
	- val-log-level: 2 shows extended error information for validation
	  failures, but still one (longish) line per failure.  For example:
	  validation failure <example.com. DNSKEY IN>: signature expired from
	  192.0.2.4 for trust anchor example.com. while building chain of trust
	  validation failure <www.example.com. A IN>: no signatures from
	  192.0.2.6 for key example.com. while building chain of trust



git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1868 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-07 16:45:47 +00:00
wouter
6fafacffab lint 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1757 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-11 14:25:34 +00:00
wouter
79363fc5ea OpenSSL config() and small memory leak. No more ENGINE_load_gost(). 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1750 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-07 15:23:35 +00:00
wouter
96c6d3daf3 GOST support with --enable-gost. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1747 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-06 13:38:55 +00:00
wouter
c8dcc0edd2 Remove REVOKE flag support. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1639 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-08 08:29:17 +00:00
wouter
fbc5031604 Fixup bad free. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1635 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-03 07:57:19 +00:00
wouter
e6df7cd585 rsasha256 and rsasha512 not enabled by default. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1631 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-02 09:04:16 +00:00
wouter
aff70c0594 RSASHA256 implicitly means NSEC3 support. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1593 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-04-09 14:51:17 +00:00