src - OpenBSD base system

Age	Commit message (Collapse)	Author
2019-10-07	As found by tb@, the name of the temporary file used when updating the	Stuart Henderson
	root anchor changed in unbound 1.9.3, "Add hex print of trust anchor pointer to trust anchor file temp name to make it unique, for libunbound created multiple contexts". This isn't allowed by unbound-anchor's unveil; adjust to unveil the parent directory (typically /var/unbound/db, but generated from the filename). ok florian@ tb@
2019-10-04	merge in the rest of unbound-1.9.4 (we already had the only code change)	Stuart Henderson

2019-10-03	Fix CVE-2019-16866	Florian Obser
	--- Recent versions of Unbound contain a problem that may cause Unbound to crash after receiving a specially crafted query. This issue can only be triggered by queries received from addresses allowed by Unbound's ACL. --- tested by benno, tb
2019-09-11	merge unbound 1.9.3	Stuart Henderson

2019-09-11	import unbound 1.9.3, thanks gonzalo@ dtucker@ for tests.	Stuart Henderson

2019-06-28	merge unbound 1.9.2	Stuart Henderson

2019-06-28	update to unbound-1.9.2, florian@ agrees	Stuart Henderson

2019-05-23	unbound-checkconf pledges "stdio rpath getpw", later narrowing to "stdio rpath".	Stuart Henderson
	(File access is needed through the course of a run depending on which options are configured - e.g. for DNSSEC root keys, hints and zone files). Based on a diff from, and ok with, mestre@
2019-03-31	The way we merge libunbound from unbound(8) into unwind(8) we need to make	Florian Obser
	sure that we don't accidentally enable threading by accident. A threaded unwind(8) does not work since it's missing openssl locks. No config.h change. input & OK sthen
2019-03-27	merge unbound 1.9.1	Stuart Henderson

2019-02-08	Backport r5108 from unbound upstream, pointed out by florian@.	Stuart Henderson
	Shouldn't affect unwind but keeping in sync. r5108 \| wouter \| 2019-02-08 15:05:24 +0000 (Fri, 08 Feb 2019) \| 3 lines - Fix #4225: clients seem to erroneously receive no answer with DNS-over-TLS and qname-minimisation.
2019-02-08	merge unbound-1.9.0	Stuart Henderson

2019-02-08	import unbound 1.9.0, ok florian@	Stuart Henderson

2019-01-10	change order of pledge(2) promises to the canonical form.	Ricardo Mestre
	while here also use NULL as its second argument, instead of "", like it's done everywhere else in the tree. OK florian@
2019-01-10	unbound-anchor needs to talk to the internet and write to the trust	Florian Obser
	anchor file (create it if it doesn't exist). pledge & unveil accordingly OK sthen
2018-12-11	merge 1.8.3	Stuart Henderson

2018-12-11	Fix dns64 allocation in wrong region for returned internal queries.	Stuart Henderson
	(This is the only code change in upstream release 1.8.3).
2018-12-04	merge unbound 1.8.2	Stuart Henderson

2018-12-04	import unbound 1.8.2	Stuart Henderson

2018-10-08	merge 1.8.1	Stuart Henderson

2018-10-08	import unbound 1.8.1	Stuart Henderson
	tests on arm64 (danj@), sparc64 (kn@), amd64 (benno@ and me)
2018-09-20	merge unbound 1.8.0	Stuart Henderson

2018-09-20	import unbound 1.8.0, tested by myself and benno@	Stuart Henderson

2018-09-17	remove binary doc files that aren't really useful to have in-tree	Stuart Henderson

2018-09-17	merge conflicts	Stuart Henderson

2018-09-17	import unbound 1.7.3, testing from benno@ and Brad.	Stuart Henderson

2018-09-09	merge in some missed bits from 1.7.0 to simplify update prep.	Stuart Henderson

2018-09-09	merge in some missed bits from 1.7.0 to simplify update prep.	Stuart Henderson
	(I think we actually had slightly beyond 1.7.0, I've left code bits but there are some SSL->TLS changes which go away with this and will come back with the update).
2018-03-29	Check the result of strdup not the argument for NULL to report malloc	Florian Obser
	errors. Pointed out by benno
2018-03-29	update to unbound 1.7.0	Florian Obser
	testing tb, sthen OK benno, sthen
2012-03-26	Import Unbound 1.4.16 to work on in-tree (not yet linked to the build).	Stuart Henderson
	These are the direct sources from NLnet Labs upstream, minus these: compat contrib libunbound/python pythonmod testcode testdata winrc ok deraadt@ jakob@
2018-02-07	update to unbound 1.6.8, testing millert, OK sthen	Florian Obser

2017-11-01	Extra space in previous	Jeremie Courreges-Anglas

2017-11-01	Make ip-transparent option work by using SO_BINDANY.	Florian Obser
	OK jca, benno
2017-09-29	update to unbound-1.6.6, ok florian	Stuart Henderson

2012-03-26	Import Unbound 1.4.16 to work on in-tree (not yet linked to the build).	Stuart Henderson
	These are the direct sources from NLnet Labs upstream, minus these: compat contrib libunbound/python pythonmod testcode testdata winrc ok deraadt@ jakob@
2017-08-23	sync with upstream; unbound 1.6.5	Stuart Henderson

2017-08-23	Fix trust anchor installation when two anchors are present. Concretely, fixes	Stuart Henderson
	root.key creation if unbound is installed between sep11 and oct11 2017. Looks good to jca. This is the only substantial change in Unbound 1.6.5; next commit will sync ancillary files.
2012-03-26	Import Unbound 1.4.16 to work on in-tree (not yet linked to the build).	Stuart Henderson
	These are the direct sources from NLnet Labs upstream, minus these: compat contrib libunbound/python pythonmod testcode testdata winrc ok deraadt@ jakob@
2017-08-12	update to unbound 1.6.4, ok florian@	Stuart Henderson

2012-03-26	Import Unbound 1.4.16 to work on in-tree (not yet linked to the build).	Stuart Henderson
	These are the direct sources from NLnet Labs upstream, minus these: compat contrib libunbound/python pythonmod testcode testdata winrc ok deraadt@ jakob@
2017-02-26	Use mkdir -p instead of install -d to create the obj/util directory.	Theo Buehler
	The latter defaults to 755, which doesn't play nicely with BUILDUSER. Problem reported by jmc and Jan Stary; tested by myself and jmc. ok ajacoutot
2017-02-21	update to unbound-1.6.1 release; only version string changes compared to	Stuart Henderson
	the release candidate we had.
2017-02-17	Update to unbound-1.6.1rc3 - thanks millert@ and Brad for tests.	Stuart Henderson

2012-03-26	Import Unbound 1.4.16 to work on in-tree (not yet linked to the build).	Stuart Henderson
	These are the direct sources from NLnet Labs upstream, minus these: compat contrib libunbound/python pythonmod testcode testdata winrc ok deraadt@ jakob@
2017-01-28	Back out make(obj) hack: it doesn't solve the problem entirely and may	Theo Buehler
	interfere with read-only src tree setups.
2017-01-24	Add a workaround for the fact that 'install -d' without explicit mode	Theo Buehler
	defaults to 755, which is incompatible with WOBJUMASK. Make sure that obj/util has permissions :wobj 770, as all other directories in obj/. Issue also found by jmc, actual reason tracked down by ajacoutot. ok ajacoutot
2016-12-14	Remove a resource leak by closing the socket in all error cases.	Ricardo Mestre
	The patch was already committed upstream. OK tb@ and sthen@. jca@ has a valid point that the error would be fatal and most likely the socket would not leak, nevertheless create_tcp_accept_sock() close the socket everytime so for clarity apply the same principal here in create_local_accept_sock()
2016-10-05	Rewriting USER gets in the way of the de-escalation mechanism as it	Martin Natano
	shadows the real user's identity. ok deraadt
2016-09-06	Backport unbound r3830/3831 from upstreadm, fixing an issue where it can	Stuart Henderson
	become unresponsive and need to be restarted following a connectivity outage. From Brad, ok florian@ r3831 \| wouter \| 2016-08-23 04:49:01 -0400 (Tue, 23 Aug 2016) \| 3 lines - Fix #804: lower num_target_queries for iterator also for failed lookups. r3830 \| wouter \| 2016-08-23 04:30:12 -0400 (Tue, 23 Aug 2016) \| 3 lines - Fix #804: unbound stops responding after outage. Fixes queries that attempt to wait for an empty list of subqueries.