959eef4c63- Be lenient when a NSEC NameError response with RCODE=NXDOMAIN is received. This is okay according 4035, but not after revising existence in 4592. NSEC empty non-terminals exist and thus the RCODE should have been NOERROR. If this occurs, and the RRsets are secure, we set the RCODE to NOERROR and the security status of the reponse is also considered secure.
wouter
2014-02-20 12:36:05 +0000
7e6a9939faadd test for being lenient with NSEC empty non-terminal Name Error responses with rcode=NXDOMAIN while it should be rcode=NOERROR
matje
2014-02-20 09:48:08 +0000
96e1b5ac58Be lenient when a NSEC NameError response with RCODE=NXDOMAIN is received. This is okay according 4035, but not after revising existence in 4592. NSEC empty non-terminals exist and thus the RCODE should have been NOERROR.
matje
2014-02-20 09:46:50 +0000
0d567cf966fixup nss compile (no ldns in it). fixup warning in unitldns fixup WKS and rdata type service to print unsigned because strings are not portable.
wouter
2014-01-31 11:25:36 +0000
5758551602- unit test for ldns wire to str and back with zones, root, nlnetlabs and types.sidnlabs. - Fix for hex to string in unknown, atma and nsap.
wouter
2014-01-31 10:19:01 +0000
5ad20035bd- delay-close does not act if there are udp-wait queries, so that it does not make a socketdrain DoS easier.
wouter
2014-01-30 09:27:00 +0000
d1cb31280e- delay-close: msec option that delays closing ports for which the UDP reply has timed out. Keeps the port open, only accepts the correct reply. This correct reply is not used, but the port is open so that no port-denied ICMPs are generated.
wouter
2014-01-28 14:35:55 +0000
8ce81b472f- iana portlist test updated so it does not touch the source if there are no changes.
wouter
2014-01-28 10:12:13 +0000
1315093384- reuseport is attempted, then fallback to without on failure.
wouter
2014-01-27 10:27:19 +0000
f8b0477cceRemove warnings on BSD systems.
wouter
2014-01-24 15:15:37 +0000
a35941f56cAnd fixup for FreeBSD.
wouter
2014-01-24 13:35:35 +0000
67175bd525and the formatcode disabled (gcc reports it better).
wouter
2014-01-24 13:24:33 +0000
03da1e8f35- made lint clean.
wouter
2014-01-24 13:23:45 +0000
36afba318e- so-reuseport: yesno option to distribute queries evenly over threads on Linux (Thanks Robert Edmonds).
wouter
2014-01-24 11:43:38 +0000
2920d0fa82- speed up unbound (reports say it could be up to 10%), by reducing lock contention on localzones.lock. It is changed to an rwlock.
wouter
2014-01-24 11:21:15 +0000
f19df3745f- unbound-event.h is installed if you configure --enable-event-api.
wouter
2014-01-24 10:55:28 +0000
8e6ee27eda- separate ldns into core ldns inside ldns/ subdirectory. No more --with-ldns is needed and unbound does not rely on libldns.
wouter
2013-10-31 15:09:26 +0000
61ef2ac265- Set SO_REUSEADDR so that the wildcard interface and a more specific interface port 53 can be used at the same time, and one of the daemons is unbound.
wouter
2013-10-31 15:06:11 +0000
e37c8fa8e9- Fix#528: if very high logging (4 or more) segfault on allow_snoop.
wouter
2013-10-22 12:01:51 +0000
d672c0066c- Patch from Neel Goyal: Add an API call to set an event base on an existing ub_ctx. This basically just destroys the current worker and sets the event base to the current. And fix a deadlock in ub_resolve_event – the cfglock is held when libworker_create is called. This ends up trying to acquire the lock again in context_obtain_alloc in the call chain.
wouter
2013-10-22 09:32:10 +0000
6f38f4319dmake depend and doc.
wouter
2013-09-26 08:54:27 +0000
a6234674fb- unbound-event.h is installed if configured --with-libevent. It contains low-level library calls, that use libevent's event_base and an ldns_buffer for the wire return packet to perform async resolution in the client's eventloop.
wouter
2013-09-26 08:34:14 +0000
4d385dc589- acx_nlnetlabs.m4 to 26; improve FLTO help text.
wouter
2013-09-19 13:08:58 +0000