73ace4957c- Default for ssl-port is port 853, the temporary port assignment for secure domain name system traffic. If you used to rely on the older default of port 443, you have to put a clause in unbound.conf for that. The new value is likely going to be the standardised port number for this traffic.
wouter
2015-10-09 07:55:21 +0000
73d2ca61bf- Fix config globbed include chroot treatment, this fixes reload of globs (patch from Dag-Erling Smørgrav).
wouter
2015-09-22 08:04:19 +0000
f9de753734- changed windows setup compression to be more transparent.
wouter
2015-08-31 07:44:36 +0000
9f1c38eeb4- Feature #699: --enable-pie option to that builds PIE binary. - Feature #700: --enable-relro-now option that enables full read-only relocation.
wouter
2015-08-28 14:27:03 +0000
39fee4ebb1- Fix#697: Get PY_MAJOR_VERSION failure at configure for python 2.4 to 2.6.
wouter
2015-08-28 06:56:27 +0000
bdfddd498ffix test for new default.
wouter
2015-08-24 15:07:42 +0000
8230d6dc08- Change default of harden-algo-downgrade to off. This is lenient for algorithm rollover.
wouter
2015-08-24 15:05:10 +0000
1116189f7a- Fix deadlock for local data add and zone add when unbound-control list_local_data printout is interrupted.
wouter
2015-08-24 10:49:28 +0000
b6be203fc3fixup libressl detection on solaris.
wouter
2015-08-14 09:08:44 +0000
55d089da65fix windows portability
wouter
2015-08-13 15:06:01 +0000
dcb7d29d76- Reap the child process that libunbound spawns.
wouter
2015-08-13 14:17:44 +0000
7f99e7c795- Fix configure to detect SSL_CTX_set_ecdh_auto.
wouter
2015-07-21 14:30:49 +0000
e00efba037- Enable ECDHE for servers. Where available, use SSL_CTX_set_ecdh_auto() for TLS-wrapped server configurations to enable ECDHE. Otherwise, manually offer curve p256. Client connections should automatically use ECDHE when available. (thanks Daniel Kahn Gillmor)
wouter
2015-07-20 06:56:01 +0000
221499af71SSL_CTX_use_certificate_chain_file() should be used instead of the SSL_CTX_use_certificate_file() function in order to allow the use of complete certificate chains even when no trusted CA storage is used or when the CA issuing the certificate shall not be added to the trusted CA storage.
willem
2015-07-18 12:34:37 +0000
8c62cad20d- Fix#677 Fix DNAME responses from cache that failed internal chain test.
wouter
2015-06-26 07:27:32 +0000
9ee8380800- Fix#677 Fix CNAME corresponding to a DNAME was checked incorrectly and was therefore always synthesized (thanks to Valentin Dietrich).
wouter
2015-06-22 09:23:43 +0000
0e8b1e0111- RFC 7553 RR type URI support, is now enabled by default.
wouter
2015-06-04 12:30:29 +0000
0ad11968be- Fix#674: Do not free pointers given by getenv.
wouter
2015-06-02 07:31:43 +0000
916b3a305d- SOA negative TTL is capped at minimumttl in its rdata section. - cache-max-negative-ttl config option, default 3600.
wouter
2015-05-29 14:51:36 +0000
c17574c81a- DLV is going to be decommissioned. Advice to stop using it, and put text in the example configuration and man page to that effect.
wouter
2015-05-20 06:24:06 +0000
97ffe64ba3- Change syntax of particular validator error to be easier for machine parse, swap rrset and ip adres info so it looks like: validation failure <www.example.nl. TXT IN>: signature crypto failed from 2001:DB8:7:bba4::53 for <*.example.nl. NSEC IN>
wouter
2015-05-10 12:04:22 +0000
a26e8c10a3Check for out of memory.
wouter
2015-05-01 13:35:02 +0000
a2f75d6c35- caps-whitelist in unbound.conf allows whitelist of loadbalancers that cannot work with caps-for-id or its fallback.
wouter
2015-05-01 12:36:16 +0000
c2ba182678- Unit test for type ANY synthesis.
wouter
2015-04-30 10:27:27 +0000
258d561704- Removed contrib/unbound_unixsock.diff, because it has been integrated, use control-interface: /path in unbound.conf.
wouter
2015-04-22 08:03:34 +0000
9763997a7c- Synthesize ANY responses from cache. Does not search exhaustively, but MX,A,AAAA,SOA,NS also CNAME. - Fix leaked dns64prefix configuration string.
wouter
2015-04-17 14:58:07 +0000