townforge/unbound
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
4,530 Commits 1 Branch 0 Tags 79 MiB
cc
Commit Graph

477 Commits

Author SHA1 Message Date
matje
2fc8d69edc typo svn:NO TEST 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@2010 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-03-04 15:24:51 +00:00
wouter
76852e4b9f Skip RRSIGs on 5011 init. Make install makes all. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1997 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-03-01 10:26:42 +00:00
wouter
bc146457db printout errors if trust anchor write fails. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1984 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-02-16 08:52:44 +00:00
wouter
5b27935db0 Fix for Roy. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1982 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-02-15 10:49:03 +00:00
wouter
26ab4d33f5 Retry in case of validation failure less, cached per-zone not per-query. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1981 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-02-12 15:24:42 +00:00
wouter
abcdf16305 remove warning on format string. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1964 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-01-27 20:29:07 +00:00
wouter
988cdf0808 work on prefetch: store the updated results in the cache. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1954 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-01-08 15:59:36 +00:00
wouter
2a29e7923e Doc fix and work on prefetch feature. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1951 be551aaa-1e26-0410-a405-d3ace91eadb9
 2010-01-07 14:38:18 +00:00
wouter
cf25644378 fixes and new ldns tarball. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1939 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-12-15 09:31:39 +00:00
wouter
02d69146e3 Answer qclass=ANY. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1938 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-12-15 09:10:04 +00:00
wouter
aa41f2fe99 Check rrsig expiration last in verify_rrsig 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1936 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-12-10 16:03:31 +00:00
wouter
4d9ec354dc fix crash for hauke 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1933 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-12-09 16:27:13 +00:00
wouter
901335beb1 - Fix SOA excluded from negative DS responses. Reported by Hauke 
Lampe.  The negative cache did not include proper SOA records for
	  negative qtype DS responses which makes BIND barf on it, such
	  responses are now only used internally.
	- Fix negative cache lookup of closestencloser check of DS type bit.



git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1932 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-12-09 14:55:19 +00:00
wouter
fcdfe259c4 Fix crash reported on unbound-users with module-config "iterator" 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1924 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-12-01 08:12:00 +00:00
wouter
0e49081a44 review comments 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1915 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-11-20 12:06:00 +00:00
wouter
a4575ae427 Fixup unsigned CNAME to signed CNAME detection of signatures. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1905 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-11-16 13:34:03 +00:00
wouter
3e0c959ed8 Fix validation failure cnamenodata proof failed for hud.gov. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1902 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-11-13 10:10:05 +00:00
wouter
4b099772a0 review fixes. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1901 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-11-12 16:27:11 +00:00
wouter
4dad95e304 Fixup to clean errinf on restart so no extremely long printouts. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1900 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-11-12 15:07:38 +00:00
wouter
91b0796453 Fix crash bug with DLV and dnssec-retry for the domain registered in it. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1895 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-11-10 10:42:50 +00:00
wouter
b8541cecba and error 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1894 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-11-10 08:15:08 +00:00
wouter
1c60814d93 debug code 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1893 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-11-09 16:26:24 +00:00
wouter
b32bb876fe more error text 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1892 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-11-05 19:32:02 +00:00
wouter
90548a0528 better error text. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1891 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-11-05 19:22:50 +00:00
wouter
73f67632b4 parameter documented 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1887 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-11-02 15:23:41 +00:00
wouter
e7d4ff03bc Fix autotrust initialised with DS. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1884 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-11-02 13:56:14 +00:00
wouter
7acf38ac32 - Made new validator error string available from libunbound for 
applications.  It is in result->why_bogus, a zero-terminated string.
	  unbound-host prints it by default if a result is bogus.
	  Also the errinf is public in module_qstate (for other modules).
	Binary API different. bumped library ABI version.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1874 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-08 17:05:53 +00:00
wouter
a3172d08ca Fix double time subtraction in negative cache. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1873 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-08 09:18:40 +00:00
wouter
0867d55d16 neater errors for algo and key failure. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1872 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-08 08:02:00 +00:00
wouter
7b7265c532 More detailed errors. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1871 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-08 07:23:49 +00:00
wouter
95b2bc86ff neater explanation for unsigned or signatureless negative DS replies. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1870 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-08 06:57:23 +00:00
wouter
7f41a8fd8a More vallog reason. Doxygen. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1869 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-08 06:35:14 +00:00
wouter
622609bde7 - moved version number to 1.4.0 because of 1.3.4 release with only 
the NSEC3 patch.
	- val-log-level: 2 shows extended error information for validation
	  failures, but still one (longish) line per failure.  For example:
	  validation failure <example.com. DNSKEY IN>: signature expired from
	  192.0.2.4 for trust anchor example.com. while building chain of trust
	  validation failure <www.example.com. A IN>: no signatures from
	  192.0.2.6 for key example.com. while building chain of trust



git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1868 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-07 16:45:47 +00:00
wouter
a6b082b118 Fix trunk. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1866 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-07 14:00:56 +00:00
wouter
978c34f302 Fix check for signatures. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1864 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-07 12:56:57 +00:00
wouter
98f810640e retry mode: empty non terminal. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1862 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-07 08:53:09 +00:00
wouter
6be18f21cc retry mode: DNSKEY. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1861 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-07 08:22:27 +00:00
wouter
404b2e7a85 Retry mode, DS and prime. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1860 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-07 07:52:02 +00:00
wouter
4ba1003f2c Data retry on validation failure. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1859 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-06 08:31:47 +00:00
wouter
971004b350 Fix autotrust-5011 file used from libunbound (no probing by itself because 
it may not have the processor whenever it likes).


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1857 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-10-02 08:08:44 +00:00
wouter
145338e6c8 review fixes. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1855 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-28 14:52:53 +00:00
wouter
a3e36f1ee5 Read iana root multiline and prevent integer underflow. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1854 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-28 13:14:01 +00:00
wouter
1086910ad6 review fixes 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1853 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-25 15:20:29 +00:00
wouter
bf212d9136 review nits 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1852 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-25 11:16:43 +00:00
wouter
7277db04c9 review comments 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1850 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-23 15:15:41 +00:00
wouter
b4a655b16e Failure handling for 5011. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1848 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-23 09:05:44 +00:00
wouter
5d07c6ae3c revocation of trust anchors works. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1846 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-22 14:04:43 +00:00
wouter
6650ab00ca rfc5011 and algorithm rollover 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1845 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-22 12:20:21 +00:00
wouter
8e36b3fee5 Pick up revocations even if not normally validly signed. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1842 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-18 10:13:06 +00:00
wouter
f6e1799332 autotrust tests and fixes. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1841 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-18 07:49:29 +00:00
wouter
bf3424f061 remove printf format warning 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1825 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-10 13:41:01 +00:00
wouter
8a4b3d5fbe Fixup TTL too large bug for bogus responses. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1822 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-10 10:01:36 +00:00
wouter
1c400300ef - autotrust testbound scenarios. 
- autotrust fix that failure count is written to file.
        - autotrust fix that keys may become valid after add holddown time
          alone, before the probe returns.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1819 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-07 14:34:29 +00:00
wouter
188a59db98 source IP from python and doxygen fixes. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1813 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-03 14:51:38 +00:00
wouter
7fb0c22ffa document last change 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1805 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-03 09:29:54 +00:00
wouter
da1b7f1826 - TRAFFIC keyword for testbound. Simplifies test generation. 
${range lower val upper} to check probe timeout values.
- test with 5011-prepublish rollover and revocation.
- fix revocation of RR for autotrust, stray exclamation mark.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1804 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-02 13:11:52 +00:00
wouter
7bc0cca2bf active probe 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1802 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-01 14:47:57 +00:00
wouter
60d7e0ac6c More lint. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1801 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-01 13:15:51 +00:00
wouter
467a1da442 lint and doc 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1800 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-01 13:09:55 +00:00
wouter
19c9400842 docs 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1799 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-01 13:07:38 +00:00
wouter
a1d844cda6 randomise probe time. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1798 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-09-01 12:45:10 +00:00
wouter
5f5fe07809 Empty callback. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1791 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-27 15:22:48 +00:00
wouter
d6a58dba46 autotrust probing and testbound with fake timer support. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1787 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-26 13:23:49 +00:00
wouter
2f57ef5e30 Fixup DS query handling. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1785 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-25 15:15:10 +00:00
wouter
73c0eee802 remove debug print 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1784 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-25 14:59:48 +00:00
wouter
a1811bccb0 revoke point handling 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1777 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-25 10:02:17 +00:00
wouter
dc96615355 Fixup memleak in unsupported algorithm checks at startup. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1774 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-25 06:51:00 +00:00
wouter
59f0039bba autotrust test routines. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1771 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-24 14:40:25 +00:00
wouter
462e16b0cb debug routines and first brazilian prime has been done. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1770 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-21 15:27:23 +00:00
wouter
5816d9887f autotrust work 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1769 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-20 11:49:33 +00:00
wouter
92a8802da0 autotrust state table updates. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1767 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-19 15:30:20 +00:00
wouter
1f843d457b autotrust event_update routine. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1766 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-18 15:36:46 +00:00
wouter
df9556e87e autotrust 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1765 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-17 15:58:27 +00:00
wouter
7777e76e67 make better use of the cache. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1763 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-14 14:15:08 +00:00
wouter
f2ab6580f6 Fix bug in DLV. Iana portlist. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1762 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-14 13:58:54 +00:00
wouter
98a2d20556 report RTT 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1761 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-14 08:35:46 +00:00
wouter
344d6b7622 autotrust work 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1760 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-13 15:32:04 +00:00
wouter
d3a9449a97 autotrust work 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1758 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-12 15:26:47 +00:00
wouter
6fafacffab lint 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1757 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-11 14:25:34 +00:00
wouter
79363fc5ea OpenSSL config() and small memory leak. No more ENGINE_load_gost(). 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1750 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-07 15:23:35 +00:00
wouter
96c6d3daf3 GOST support with --enable-gost. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1747 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-06 13:38:55 +00:00
wouter
9594aaf3d5 Fix for Roland, tell why the error happens. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1740 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-08-03 08:46:26 +00:00
wouter
4c611f0e08 Log option for bogus only. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1734 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-07-20 14:22:29 +00:00
wouter
f687f767e0 nicer error message 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1733 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-07-20 13:31:45 +00:00
wouter
87df1bf1ed More lenient. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1692 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-30 13:20:02 +00:00
wouter
10f8e9d5a0 More lenient checks. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1691 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-30 12:50:57 +00:00
wouter
af41fcdcc6 Removed debug prints. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1690 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-30 08:24:19 +00:00
wouter
e2f08e1807 Better wrongly truncated check. And debug statements. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1687 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-29 10:15:27 +00:00
wouter
ee3b5239cb debugprint for wrongly_truncated 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1685 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-29 08:52:58 +00:00
wouter
106e99fc42 documentation 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1679 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-19 11:40:44 +00:00
wouter
efa0fad14e extremely lenient for truncated positive replies 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1670 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-18 10:59:59 +00:00
wouter
a081885de3 Fixup DLV lookups and pickup responses from cache. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1657 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-15 13:27:53 +00:00
wouter
c8dcc0edd2 Remove REVOKE flag support. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1639 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-08 08:29:17 +00:00
wouter
fbc5031604 Fixup bad free. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1635 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-03 07:57:19 +00:00
wouter
e6df7cd585 rsasha256 and rsasha512 not enabled by default. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1631 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-06-02 09:04:16 +00:00
wouter
aff70c0594 RSASHA256 implicitly means NSEC3 support. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1593 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-04-09 14:51:17 +00:00
wouter
5b421dc1c8 remove empty line 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1592 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-04-07 15:02:57 +00:00
wouter
12e1046582 signature clock skew code. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1590 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-04-06 14:09:33 +00:00
wouter
c865eb338d RRSIG validation fixed after Stephane Bortzmeyer reported. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1565 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-03-30 09:35:48 +00:00
wouter
2e66e891ae inverse trust anchor. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1533 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-03-18 14:02:46 +00:00
wouter
91b39120f4 Fixup trust anchor algorithm check. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1532 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-03-18 13:07:48 +00:00
wouter
858469b119 warn for bad trust anchors. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1487 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-02-19 09:01:39 +00:00
wouter
20bb53cd82 Do not validate with revoked keys. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1471 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-02-10 13:01:38 +00:00
wouter
eeaddb3e7a sun cc warnings 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1439 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-01-15 10:34:18 +00:00
wouter
e84409c12f fixes for suncc warnings 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1438 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-01-15 10:29:17 +00:00
wouter
c09d19a2ed removed debug print. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1424 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-01-09 15:17:39 +00:00
wouter
ccea9bc14f Wildcard support (from patch by Paul Wouters). 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1413 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-01-07 12:24:34 +00:00
wouter
7bd73ba9ca chrooted include file fix 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1411 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-01-06 15:47:15 +00:00
wouter
11da2e67b3 HINFO not downcased any more 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1410 be551aaa-1e26-0410-a405-d3ace91eadb9
 2009-01-06 14:49:26 +00:00
wouter
4ed4e0b7f7 fixup for DLV lookup higher NSEC examination bug. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1398 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-12-18 10:14:30 +00:00
wouter
55b1c9928d Fixup for problems with do-ip6: no and only ipv6 addresses. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1353 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-11-17 12:47:34 +00:00
wouter
c95412e5eb - unit test for negative cache, stress tests the refcounting. 
- fix for refcounting error that could cause fptr_wlist fatal exit
	  in the negative cache rbtree (upcoming 1.1 feature). (Thanks to 
	  Attila Nagy for testing).
	- nicer comments in cachedump about failed RR to string conversion.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1342 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-11-11 11:54:06 +00:00
wouter
ba1299b375 fixup memleaks. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1331 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-11-05 10:38:22 +00:00
wouter
7af3150ba5 detection of sha256 and sha512 by testing if functionality was compiled 
into openssl.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1328 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-11-03 16:06:12 +00:00
wouter
3f93452b2d - RSASHA256_NSEC3 and RSASHA512_NSEC3 algos are supported. 
- updated ldns tarball (with those algos).



git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1327 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-11-03 15:42:07 +00:00
wouter
f5c3f58439 Fixup b32 compat for Mac OSX linker. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1323 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-11-03 14:38:03 +00:00
wouter
9eabe79321 More verbose on signer name error. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1322 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-23 10:54:03 +00:00
wouter
9cbc705f8a less log 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1310 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-20 09:11:17 +00:00
wouter
a3f550e8f6 Fixup negative TTLs Attila Nagy has reported. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1306 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-16 13:12:32 +00:00
wouter
15a0554309 nsec3 negative cache works. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1292 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-09 15:06:35 +00:00
wouter
14e22d1a19 max iterations for neg cache. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1291 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-09 13:06:06 +00:00
wouter
cf9d865669 work on nsec3 negative cache for qtype DS . 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1290 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-08 14:42:46 +00:00
wouter
e4adee6800 nsec negative DS. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1289 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-08 10:04:27 +00:00
wouter
05dcda36e2 working on negative DS 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1288 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-07 15:22:32 +00:00
wouter
b2759462dd fixup SHA256 algorithm set routine 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1279 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-10-02 09:05:20 +00:00
wouter
d3c4fb4145 SHA256 support. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1275 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-09-30 13:06:07 +00:00
wouter
d1f18eb211 doxygen, detect SHA256 support for test. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1274 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-09-30 11:35:48 +00:00
wouter
706d293bcd Fix for SHA256 DS downgrade. And test of resistance. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1273 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-09-30 10:42:02 +00:00
wouter
af05e11f7c add remove local data and local zone with remote control 
(ldns-testpkts sync with ldns trunk).


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1261 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-09-19 14:49:29 +00:00
wouter
f2c643c169 threadsafe rrset counter. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1240 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-09-17 07:13:31 +00:00
wouter
6791fa38ec extended statistics. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1239 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-09-16 14:08:38 +00:00
wouter
3ba08ebd78 Do not mark additional section items bogus. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1222 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-09-02 14:35:13 +00:00
wouter
90163454a7 dlv negative cache size option. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1213 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-27 13:02:22 +00:00
wouter
343c2425ae more test DLV. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1203 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-22 10:06:14 +00:00
wouter
3be517fbe4 Test DLV anchor. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1202 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-21 14:58:39 +00:00
wouter
7faf341d92 DLV negative cache works. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1200 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-21 10:43:45 +00:00
wouter
9bf1d5ea0d Negative cache code. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1199 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-20 13:31:06 +00:00
wouter
4a217a3a2d negative cache work for DLV 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1198 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-19 15:27:31 +00:00
wouter
4ad099aa45 negative cache design. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1197 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-18 15:00:17 +00:00
wouter
0dada87558 doxygen. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1193 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-15 14:00:08 +00:00
wouter
82b8d51ea8 negative cache design. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1192 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-15 13:31:16 +00:00
wouter
e03225f480 basic DLV works. 
iana port update.



git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1191 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-15 10:55:09 +00:00
wouter
cf59fb45fb DLV work 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1190 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-14 15:16:50 +00:00
wouter
e3726cb80b proper handling of empty files and neater code. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1189 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-13 15:18:39 +00:00
wouter
ccf1d99a58 dlv anchor file and chroot. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1188 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-13 14:46:33 +00:00
wouter
45fbd03377 - ldns snapshot r2699 taken (includes DLV type). 
- DLV work, config file element, trust anchor read in.



git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1187 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-13 14:30:35 +00:00
wouter
71700f6a04 - Fixup rrset security updates overwriting 2181 trust status. 
This makes validated to be insecure data just as worthless as
	  nonvalidated data, and 2181 rules prevent cache overwrites to them.
	- Fix assertion fail on bogus key handling.
	- dnssec lameness detection works on first query at trust apex.
	- NS queries get proper cache and dnssec lameness treatment.
	- fixup compilation without pthreads on linux.
	- NS queries are done after every referral.
	  validator is used on those NS records (if anchors enabled).




git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1185 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-12 10:13:57 +00:00
wouter
45a4f6cf9a fixup DS test for apex validation of NODATA. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1177 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-08-05 10:54:27 +00:00
wouter
cf24285e05 bugfix to DS qtype from client. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1170 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-07-30 21:38:37 +00:00
wouter
0e619f9bdd fixup for type DS queries from clients when trustanchor for that name exists. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1148 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-07-15 09:45:50 +00:00
wouter
6f3aa14fa5 DSA signature compatibility. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1053 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-04-15 19:51:28 +00:00
wouter
7714222dd8 Fixup unbound. Now still a switch DSA(ldns) DSA(bind) ... 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1052 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-04-15 18:01:14 +00:00
wouter
abc608675f DSA test 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1051 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-04-15 15:19:25 +00:00
wouter
69cc6982a4 Check sig type for DSA. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1043 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-04-14 15:57:52 +00:00
wouter
649bb694f5 Jelte found DSA sig solution, copied from ldns to fit into unbound validator. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@1042 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-04-14 15:34:09 +00:00
wouter
38c018e539 - setup speec_cache for need-ldns-testns in dotests. 
- check number of queued replies on incoming queries to avoid overload
         on that account.
       - fptr whitelist checks are not disabled in optimize mode.



git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@971 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-02-20 07:18:42 +00:00
wouter
cf50a0bcb7 Faster due to time-sharing. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@966 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-02-19 13:12:23 +00:00
wouter
361bf7d411 fixup validator classification of root referrals. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@936 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-02-08 12:24:01 +00:00
wouter
76a26d97a8 log level 2. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@930 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-02-07 11:04:56 +00:00
wouter
e2ce21cf4d move around debug levels. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@929 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-02-07 09:46:49 +00:00
wouter
0e6c6e9734 chroot checks for roothints and anchor files. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@910 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-01-30 11:21:20 +00:00
wouter
2e9293e6e6 please doxygen. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@898 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-01-25 10:41:17 +00:00
wouter
f4ca0398b1 test for ancillary data and fixes for lint and doxygen. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@848 be551aaa-1e26-0410-a405-d3ace91eadb9
 2008-01-15 10:10:22 +00:00
wouter
d186da5604 fptrwlist and remove oldhack with islocked param. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@805 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-12-04 21:34:53 +00:00
wouter
a1ba0ccb3f coverity run fixes. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@803 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-12-04 17:54:14 +00:00
wouter
748ca720d3 nonRD fix. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@786 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-11-28 12:06:32 +00:00
wouter
8130e75eab nonRD fix. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@785 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-11-28 11:02:01 +00:00
wouter
5d3597ebd3 No downcasing for NSEC and RRSIG 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@754 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-11-19 08:55:19 +00:00
wouter
ae9a865863 Harden dnssec stripped zones. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@730 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-11-01 15:32:27 +00:00
wouter
0d1d88543d Fixup of reload bug. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@726 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-11-01 09:48:20 +00:00
wouter
67d2bad8e0 dnssec lame detection. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@714 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-22 15:25:37 +00:00
wouter
a939400c02 ISO C 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@712 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-22 09:14:29 +00:00
wouter
ae66969d39 - lex fix 
- unsecure validation neater
- const cast warning removal


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@702 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-19 08:03:08 +00:00
wouter
4bcd6aac94 regional nicer, remove region-allocator. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@697 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-18 20:31:43 +00:00
wouter
28e9a2eb92 fixup insecure glue on referrals. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@688 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-17 15:48:54 +00:00
wouter
49a22dcb04 fixup test, less logging. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@687 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-17 14:49:12 +00:00
wouter
5741aa1aca fixup crashy. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@685 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-17 14:22:14 +00:00
wouter
9860e15c26 no debug on low verbosity. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@684 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-17 14:10:46 +00:00
wouter
0b7bff6ccb please gcc more. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@663 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-05 13:02:50 +00:00
wouter
a4478ad648 function pointer whitelist for module operations. completing fptr work. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@661 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-05 12:42:25 +00:00
wouter
b5a046ad99 function pointer whitelists on data types. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@660 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-05 11:41:12 +00:00
wouter
eb4d666bf5 security audit changes. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@657 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-04 15:10:11 +00:00
wouter
510b51560a fixup cname out of unsec zone. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@655 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-03 13:33:23 +00:00
wouter
b476a154c3 Fixup and test. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@654 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-03 12:20:55 +00:00
wouter
4772e1a940 loopfix. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@653 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-10-03 08:36:47 +00:00
wouter
cfe76fa84f NSEC3 tests, and fixup for qtype ANY wildcard proof. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@638 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-25 09:39:32 +00:00
wouter
20434e30e3 NSEC3 test and fix for bitmap protection code. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@637 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-25 08:33:14 +00:00
wouter
7c02422dc4 Fixup and test for nonrec loop case. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@634 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-21 20:30:04 +00:00
wouter
7a61cc6108 debug 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@633 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-21 15:45:32 +00:00
wouter
9d162463e3 Fixup alloc in wrong region. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@628 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-21 13:34:44 +00:00
wouter
da7d0e0c2f quick fixup 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@626 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-20 12:46:19 +00:00
wouter
6ae36122de more liberal for ANS ENT bug. Fixup DS ENT handling too. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@625 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-20 12:31:35 +00:00
wouter
6a5ea1a369 Fixup for a wildcarded NSEC with empty nonterminal query. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@624 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-20 11:37:15 +00:00
wouter
8da65ba871 NSEC rdata not lowercased. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@623 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-19 12:34:42 +00:00
wouter
dc52d27c78 print validator classification type. 
update plan items.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@619 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-18 12:33:51 +00:00
wouter
818bf52b10 wildcard nsec3 tests. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@618 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-18 08:28:35 +00:00
wouter
32ccda683f more nsec3 tests. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@617 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-17 14:52:14 +00:00
wouter
bca2a9be40 namerror nsec3 proof works. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@616 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-17 14:03:35 +00:00
wouter
97eb86507e nsec3 hash function unit test. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@615 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-17 09:25:54 +00:00
wouter
6fb9ede4b5 NSEC3. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@613 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-14 11:15:42 +00:00
wouter
0f45d8bf99 Use nsec3s_seen flag for speedup. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@612 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-13 15:11:25 +00:00
wouter
958c81e30f if no NSEC3 present, skip validation. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@611 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-13 15:09:58 +00:00
wouter
13bf8e2c40 nsec3 work, prove name error. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@610 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-13 15:02:33 +00:00
wouter
7ce3b06765 nsec3 work. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@609 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-12 14:16:46 +00:00
wouter
aeb09dffa7 nsec3 work. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@607 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-11 18:18:16 +00:00
wouter
a85111360c please older gcc. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@604 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-06 09:16:43 +00:00
wouter
3ad0495feb port. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@603 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-06 09:14:13 +00:00
wouter
ef521111dc wildcard NSECs. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@596 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-05 12:58:25 +00:00
wouter
78e8c8c786 trust anchor denial test. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@594 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-05 11:47:09 +00:00
wouter
3d90b9afef wildcard DNAME detect 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@585 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-04 12:57:40 +00:00
wouter
f4e3dffeab DNAME synthesis and validation fixups. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@584 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-04 12:44:43 +00:00
wouter
5980a98623 tests, cleanup tmp when testbound fails, fixup referral glue cleanup. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@583 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-04 11:31:29 +00:00
wouter
4353a39c1b cname nxdomain fixup. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@576 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-09-03 09:13:27 +00:00
wouter
126276afc7 Nodata tests. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@572 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-31 12:35:41 +00:00
wouter
2a734b1305 please lint. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@570 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-31 07:56:00 +00:00
wouter
f4899c8521 can read bind-style config files for trust anchor information. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@569 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-31 07:44:16 +00:00
wouter
f8f907875d bind config trusted keys read work. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@568 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-30 15:36:23 +00:00
wouter
5fbfaf15ab crypto cleanups at exit. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@567 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-30 13:38:52 +00:00
wouter
e97cae4641 Memory cleanup. 
- caught bad free of un-alloced data in worker_send error case.
       - memory accounting for key cache (trust anchors and temporary cache).
       - memory accounting fixup for outside network tcp pending waits.
       - memory accounting fixup for outside network tcp callbacks.
       - memory accounting for iterator fixed storage.
       - key cache size and slabs config options.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@566 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-30 12:45:19 +00:00
wouter
8ebe08cf17 no convert to der for DSA signatures 
signature test.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@564 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-29 14:27:04 +00:00
wouter
04acd6e628 verbosity detail gives validation failures, but not boring algorithm logs. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@560 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-28 15:07:52 +00:00
wouter
e79bdf5567 doc fixup. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@559 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-28 14:14:20 +00:00
wouter
24afde4e4b Small speedup. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@558 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-28 14:13:32 +00:00
wouter
d6ebf64d22 Faster verification. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@557 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-28 13:54:55 +00:00
wouter
d053842ac7 permissive mode feature. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@556 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-28 11:53:27 +00:00
wouter
f147c8079f enforce signature TTLs 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@555 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-28 10:26:16 +00:00
wouter
debf453bdd No offtree signing. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@554 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-28 09:47:17 +00:00
wouter
28f18e649d Referral validation. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@553 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-28 09:39:43 +00:00
wouter
316be1bec1 validator also computes insecure and indeterminate for rrsets and stores 
that.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@551 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-27 14:55:06 +00:00
wouter
ee53b5fef8 do not cache nonRD replies in msg cache, the rrset cache is used for that. 
store verification status in rrset cache to enable security for nonRD
replies and also speed up processing.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@550 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-27 13:46:05 +00:00
wouter
191976ec2e DS and DNSKEY not from additional synthesis. Nicer signature expiration errors. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@546 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-24 13:14:23 +00:00
wouter
1cd7ce0266 Fixup. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@545 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-24 12:24:07 +00:00
wouter
27f63fd760 prettier proof routines. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@544 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-24 10:36:15 +00:00
wouter
3e00f0a5e9 refuse unsigned authority section. clean additional section as option. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@543 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-24 09:44:29 +00:00
wouter
808bdd71af CNAME validation. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@542 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-23 15:23:45 +00:00
wouter
2be671c1e7 review change. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@541 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-22 14:29:24 +00:00
wouter
ccf456e1db bogus ttl fixed value, config item. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@540 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-22 12:13:52 +00:00
wouter
4ee83871c3 Returns and caches validated replies. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@536 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-21 13:12:10 +00:00
wouter
47baec8a77 any response validation. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@535 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-21 07:58:55 +00:00
wouter
afc61f292b nxdomain validation. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@534 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-20 14:27:11 +00:00
wouter
940a8f82ba nodata validation. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@533 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-20 13:39:58 +00:00
wouter
c009f0706c VALIDATE state and positive response validation. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@532 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-20 12:31:12 +00:00
wouter
8c3416a20b handle DNSKEY response state. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@531 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-20 08:10:57 +00:00
wouter
63872867b7 nsec work, canonical compare routine and tests. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@530 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-17 14:25:42 +00:00
wouter
e173c2f391 ds2ke and nsec work. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@529 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-17 11:41:49 +00:00
wouter
f8f1f71a0d findkey state. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@528 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-16 15:06:40 +00:00
wouter
c74469a4e3 fixup canon compare. Include full AXFR data in signature test. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@526 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-16 10:05:52 +00:00
wouter
cba19c0ad0 key prime, DS test. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@525 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-16 09:33:35 +00:00
wouter
7e87d99efa unit test will fail, but this fixes canonical order in unbound, waiting 
for ldns fix.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@523 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-15 14:09:00 +00:00
wouter
3cdba8352f verify unit test. 
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@522 be551aaa-1e26-0410-a405-d3ace91eadb9
 2007-08-15 13:18:32 +00:00