Commit Graph

4530 Commits

Author SHA1 Message Date
wouter
c4d8a8858a - Fix that with openssl 1.1 control-use-cert: no uses less cpu, by
using no encryption over the unix socket.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3936 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-25 16:14:14 +00:00
ralph
ae25494609 Check and free data allocated by fname_after_chroot
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3935 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-23 11:21:10 +00:00
wouter
ff49098e7d - patch from Dag-Erling Smorgrav that removes code that relies
on sbrk().


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3934 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-22 15:50:07 +00:00
ralph
338f46d26f - Added unit test for QNAME minimisation + harden below nxdomain
synergy.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3933 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-22 13:53:51 +00:00
ralph
b4889ffa4d - QNAME minimisation uses QTYPE=A, therefore always check cache for
this type in harden-below-nxdomain functionality.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3932 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-22 10:50:53 +00:00
wouter
251ee80c3d remove unused variables.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3931 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-22 10:18:33 +00:00
ralph
36b4e3e8d0 - Make access-control-tag-data RDATA absolute. This makes the RDATA origin
consistent between local-data and access-control-tag-data.
- Fix NSEC ENT wildcard check. Matching wildcard does not have to be a subdomain
  of the NSEC owner.



git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3930 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-22 10:10:48 +00:00
wouter
5795b9d972 - Fix unit tests for DS hash processing for fake-dsa test option.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3929 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-22 08:23:24 +00:00
wouter
425b2bfb84 - iana portlist update.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3928 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-22 08:22:49 +00:00
wouter
2ab2a2ec28 - Fix #1158: reference RFC 8020 "NXDOMAIN: There Really Is Nothing
Underneath" for the harden-below-nxdomain option.



git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3927 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-21 09:53:43 +00:00
ralph
51aa35e9e6 - Fix #1155: test status code of unbound-control in 04-checkconf, not the status
code from the tee command.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3926 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-10 11:20:27 +00:00
wouter
95d8709a9a - Note that for harden-below-nxdomain the nxdomain must be secure,
this means nsec3 with optout is insufficient.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3925 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-04 14:49:43 +00:00
ralph
4097f78b84 pass ssl_upstream as int to (lib)worker_send_query
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3924 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-04 14:02:22 +00:00
ralph
3fb4900c0e - Added stub-ssl-upstream and forward-ssl-upstream options.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3923 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-04 12:07:52 +00:00
wouter
ba9a05f5e6 - Fix #1154: segfault when reading config with duplicate zones.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3922 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-04 08:16:55 +00:00
wouter
7e9e2bfb99 - configure detects ssl security level API function in the autoconf
manner.  Every function on its own, so that other libraries (eg.
  LibreSSL) can develop their API without hindrance.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3921 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-04 08:05:42 +00:00
wouter
22f6a8f7a4 Fixup #if at start of line, for portability.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3920 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-04 07:58:57 +00:00
ralph
c1f7eb0ce5 Set openssl security level to 0 when using aNULL ciphers
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3919 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-03 16:59:00 +00:00
wouter
ea515755f0 Free log_identity config string.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3918 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-03 13:19:12 +00:00
wouter
b565dd0a77 - log-identity: config option to set sys log identity, patch from
"Robin H. Johnson" <robbat2@gentoo.org>


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3917 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-03 08:51:40 +00:00
wouter
7763171707 - .gitattributes line for githubs code language display.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3916 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-03 08:29:29 +00:00
wouter
7397821cbd - iana portlist update.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3915 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-02 08:43:14 +00:00
wouter
fd7a40ce90 change to test cronjob-2.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3914 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-02 08:38:03 +00:00
wouter
c4f88dc5a7 Change to test commit cronjob.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3913 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-11-02 07:22:20 +00:00
wouter
72c74b26b4 - iana portlist update.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3912 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-31 08:18:17 +00:00
wouter
ab3589f2d1 - Fix failure to build on arm64 with no sbrk.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3911 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-31 08:05:41 +00:00
wouter
bbe0c0a707 - Patch for server.num.zero_ttl stats for count of expired replies,
from Pavel Odintsov.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3910 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-28 15:08:32 +00:00
wouter
7073948a03 - Fix unit tests for openssl 1.1, with no DSA, by faking DSA, enabled
with the undocumented switch 'fake-dsa'.  It logs a warning.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3909 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-26 07:38:00 +00:00
wouter
cb4533e683 - Fix #1134: unbound-control set_option -- val-override-date: -1 works
immediately to ignore datetime, or back to 0 to enable it again.
  The -- is to ignore the '-1' as an option flag.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3908 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-25 11:49:08 +00:00
wouter
76d75d9d0d - Fix #1134: unbound-control set_option val-date-override: -1 works
immediately to ignore datetime, or back to 0 to enable it again.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3907 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-25 11:44:03 +00:00
wouter
78de2ff5ae g.root-servers.net has AAAA address.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3906 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-24 13:11:39 +00:00
wouter
fa50e32c4b Fixup cachedb for root prime module return.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3905 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-24 13:01:19 +00:00
wouter
f1e90237e6 Fixup prefetch only when needed
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3904 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-24 12:53:13 +00:00
wouter
416af5ad2e - serve-expired config option: serve expired responses with TTL 0.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3903 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-24 12:43:20 +00:00
wouter
16f0f57b09 - Ported tests for local_cname unit test to testbound framework.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3902 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-21 08:59:56 +00:00
wouter
a622051af1 - Fixup query_info local_alias init.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3901 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-20 15:05:30 +00:00
wouter
387ce0f4ff Fixup chachedb printout.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3900 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-20 14:56:08 +00:00
wouter
0d07974baf - Fixup query_info local_alias init.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3899 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-20 14:55:57 +00:00
wouter
726011b074 - Fix DNSSEC validation of query type ANY with DNAME answers.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3898 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-20 14:27:13 +00:00
wouter
5da97362ae - fix --enable-dsa to work, instead of copying ecdsa enable.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3897 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-20 09:22:04 +00:00
wouter
a3d0df3258 - init lzt variable, for older gcc compiler warnings.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3896 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-20 07:57:12 +00:00
wouter
cacf924b0e - suppress compile warning in lex files.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3895 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-20 07:46:35 +00:00
wouter
ada0d4354f - Fix #1130: whitespace in example.conf.in more consistent.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3894 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-19 07:15:41 +00:00
wouter
cff8fd9715 Template entry for unit test.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3893 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-18 14:27:08 +00:00
wouter
82afa0ef30 - Please doxygen by modifying mesh.h
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3892 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-18 13:59:17 +00:00
wouter
d73173c1b5 Fixup changelog bug number to 1118.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3891 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-18 13:58:09 +00:00
wouter
3f80d607d4 - Added Requires line to libunbound.pc
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3890 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-18 13:57:39 +00:00
wouter
a37c47bc77 - Fix #1117: libunbound.pc sets strange Libs, Libs.private values.
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3889 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-18 13:56:42 +00:00
wouter
be164dce50 - Fix #1125: unbound could reuse an answer packet incorrectly for
clients with different EDNS parameters, from Jinmei Tatuya.


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3888 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-18 13:42:08 +00:00
wouter
b77a908a85 - Added documentation doc/CNAME-basedRedirectionDesignNotes.pdf,
from Jinmei Tatuya (Infoblox).


git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@3887 be551aaa-1e26-0410-a405-d3ace91eadb9
2016-10-18 13:21:35 +00:00