summaryrefslogtreecommitdiff
path: root/usr.sbin/unbound
AgeCommit message (Collapse)Author
2021-03-12merge unbound-1.13.1Stuart Henderson
2021-03-12update to unbound-1.13.1, tested by gnezdo@Stuart Henderson
2021-01-21Backport "Squelch udp connect 'no route to host' errors" from upstream.Stuart Henderson
Problem reported and diff tested by danj@ From 5906811ff19f005110b2edbda5aa144ad5fa05b1 Mon Sep 17 00:00:00 2001 From: "W.C.A. Wijngaards" <wouter@nlnetlabs.nl> Date: Tue, 1 Dec 2020 09:09:13 +0100 Subject: [PATCH] - Fix #358: Squelch udp connect 'no route to host' errors on low verbosity.
2021-01-06do not call log_addr() when the address is NULLanton
ok florian@
2020-12-10merge unbound 1.13.0Stuart Henderson
2020-12-10import unbound 1.13.0, heavy lifting done by florian@Stuart Henderson
2020-11-11remove reference to non-existent pidfile;Jason McIntyre
issue raised by martin vahlensieck discussed with and ok sthen
2020-10-28merge Unbound 1.12.0Stuart Henderson
2020-10-28import Unbound 1.12.0, ok tb@Stuart Henderson
2020-08-24The kernel provides sufficiently randomised ports.Florian Obser
OK sthen
2020-08-24merge unbound 1.11.0Stuart Henderson
2020-08-24update to unbound 1.11.0, tests tb@ dtucker@, ok tb@Stuart Henderson
2020-06-02less convoluted Makefile, removes useless redirectionsMarc Espie
okay tb@, florian@
2020-05-19merge unbound 1.10.1Stuart Henderson
2020-05-08Use a union to ensure cmsg buffer is properly alignedJeremie Courreges-Anglas
Fix synced from unwind/libunbound. unwind(8) crash on landisk (strict alignement arch) reported by otto@, original diff ok deraadt@ otto@
2020-03-20remove unbound files that aren't really useful here, pointed out by florian@Stuart Henderson
2020-03-19merge update to Unbound 1.10.0Stuart Henderson
2020-03-19import Unbound 1.10.0, ok tb@Stuart Henderson
2019-12-21a few depend:-related thingies that were still in.Marc Espie
okay millert@, tb@
2019-12-18merge Unbound 1.9.6Stuart Henderson
2019-12-18import Unbound 1.9.6, ok tb florianStuart Henderson
2019-10-07As found by tb@, the name of the temporary file used when updating theStuart Henderson
root anchor changed in unbound 1.9.3, "Add hex print of trust anchor pointer to trust anchor file temp name to make it unique, for libunbound created multiple contexts". This isn't allowed by unbound-anchor's unveil; adjust to unveil the parent directory (typically /var/unbound/db, but generated from the filename). ok florian@ tb@
2019-10-04merge in the rest of unbound-1.9.4 (we already had the only code change)Stuart Henderson
2019-10-03Fix CVE-2019-16866Florian Obser
--- Recent versions of Unbound contain a problem that may cause Unbound to crash after receiving a specially crafted query. This issue can only be triggered by queries received from addresses allowed by Unbound's ACL. --- tested by benno, tb
2019-09-11merge unbound 1.9.3Stuart Henderson
2019-09-11import unbound 1.9.3, thanks gonzalo@ dtucker@ for tests.Stuart Henderson
2019-06-28merge unbound 1.9.2Stuart Henderson
2019-06-28update to unbound-1.9.2, florian@ agreesStuart Henderson
2019-05-23unbound-checkconf pledges "stdio rpath getpw", later narrowing to "stdio rpath".Stuart Henderson
(File access is needed through the course of a run depending on which options are configured - e.g. for DNSSEC root keys, hints and zone files). Based on a diff from, and ok with, mestre@
2019-03-31The way we merge libunbound from unbound(8) into unwind(8) we need to makeFlorian Obser
sure that we don't accidentally enable threading by accident. A threaded unwind(8) does not work since it's missing openssl locks. No config.h change. input & OK sthen
2019-03-27merge unbound 1.9.1Stuart Henderson
2019-02-08Backport r5108 from unbound upstream, pointed out by florian@.Stuart Henderson
Shouldn't affect unwind but keeping in sync. r5108 | wouter | 2019-02-08 15:05:24 +0000 (Fri, 08 Feb 2019) | 3 lines - Fix #4225: clients seem to erroneously receive no answer with DNS-over-TLS and qname-minimisation.
2019-02-08merge unbound-1.9.0Stuart Henderson
2019-02-08import unbound 1.9.0, ok florian@Stuart Henderson
2019-01-10change order of pledge(2) promises to the canonical form.Ricardo Mestre
while here also use NULL as its second argument, instead of "", like it's done everywhere else in the tree. OK florian@
2019-01-10unbound-anchor needs to talk to the internet and write to the trustFlorian Obser
anchor file (create it if it doesn't exist). pledge & unveil accordingly OK sthen
2018-12-11merge 1.8.3Stuart Henderson
2018-12-11Fix dns64 allocation in wrong region for returned internal queries.Stuart Henderson
(This is the only code change in upstream release 1.8.3).
2018-12-04merge unbound 1.8.2Stuart Henderson
2018-12-04import unbound 1.8.2Stuart Henderson
2018-10-08merge 1.8.1Stuart Henderson
2018-10-08import unbound 1.8.1Stuart Henderson
tests on arm64 (danj@), sparc64 (kn@), amd64 (benno@ and me)
2018-09-20merge unbound 1.8.0Stuart Henderson
2018-09-20import unbound 1.8.0, tested by myself and benno@Stuart Henderson
2018-09-17remove binary doc files that aren't really useful to have in-treeStuart Henderson
2018-09-17merge conflictsStuart Henderson
2018-09-17import unbound 1.7.3, testing from benno@ and Brad.Stuart Henderson
2018-09-09merge in some missed bits from 1.7.0 to simplify update prep.Stuart Henderson
2018-09-09merge in some missed bits from 1.7.0 to simplify update prep.Stuart Henderson
(I think we actually had slightly beyond 1.7.0, I've left code bits but there are some SSL->TLS changes which go away with this and will come back with the update).
2018-03-29Check the result of strdup not the argument for NULL to report mallocFlorian Obser
errors. Pointed out by benno
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-23 13:54:14 +0000