Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
HardenedBSD
HardenedBSD
Commits
835a7e7a
Commit
835a7e7a
authored
Dec 12, 2015
by
Dag-Erling Smørgrav
Browse files
import unbound 1.5.6
parent
de0161d6
Changes
18
Hide whitespace changes
Inline
Side-by-side
configure
View file @
835a7e7a
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.69 for unbound 1.5.
5
.
# Generated by GNU Autoconf 2.69 for unbound 1.5.
6
.
#
# Report bugs to <unbound-bugs@nlnetlabs.nl>.
#
...
...
@@ -590,8 +590,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='unbound'
PACKAGE_TARNAME='unbound'
PACKAGE_VERSION='1.5.
5
'
PACKAGE_STRING='unbound 1.5.
5
'
PACKAGE_VERSION='1.5.
6
'
PACKAGE_STRING='unbound 1.5.
6
'
PACKAGE_BUGREPORT='unbound-bugs@nlnetlabs.nl'
PACKAGE_URL=''
...
...
@@ -1391,7 +1391,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
\`configure' configures unbound 1.5.
5
to adapt to many kinds of systems.
\`configure' configures unbound 1.5.
6
to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
...
...
@@ -1456,7 +1456,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
short | recursive ) echo "Configuration of unbound 1.5.
5
:";;
short | recursive ) echo "Configuration of unbound 1.5.
6
:";;
esac
cat <<\_ACEOF
...
...
@@ -1635,7 +1635,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
unbound configure 1.5.
5
unbound configure 1.5.
6
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
...
...
@@ -2344,7 +2344,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
It was created by unbound $as_me 1.5.
5
, which was
It was created by unbound $as_me 1.5.
6
, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
...
...
@@ -2696,11 +2696,11 @@ UNBOUND_VERSION_MAJOR=1
UNBOUND_VERSION_MINOR=5
UNBOUND_VERSION_MICRO=
5
UNBOUND_VERSION_MICRO=
6
LIBUNBOUND_CURRENT=5
LIBUNBOUND_REVISION=
8
LIBUNBOUND_REVISION=
9
LIBUNBOUND_AGE=3
# 1.0.0 had 0:12:0
# 1.0.1 had 0:13:0
...
...
@@ -2745,6 +2745,7 @@ LIBUNBOUND_AGE=3
# 1.5.3 had 5:6:3
# 1.5.4 had 5:7:3
# 1.5.5 had 5:8:3
# 1.5.6 had 5:9:3
# Current -- the number of the binary API that we're implementing
# Revision -- which iteration of the implementation of the binary
...
...
@@ -19017,7 +19018,7 @@ _ACEOF
version=1.5.
5
version=1.5.
6
date=`date +'%b %e, %Y'`
...
...
@@ -19532,7 +19533,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
This file was extended by unbound $as_me 1.5.
5
, which was
This file was extended by unbound $as_me 1.5.
6
, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
...
...
@@ -19598,7 +19599,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
unbound config.status 1.5.
5
unbound config.status 1.5.
6
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
...
...
configure.ac
View file @
835a7e7a
...
...
@@ -10,14 +10,14 @@ sinclude(dnstap/dnstap.m4)
# must be numbers. ac_defun because of later processing
m4_define([VERSION_MAJOR],[1])
m4_define([VERSION_MINOR],[5])
m4_define([VERSION_MICRO],[
5
])
m4_define([VERSION_MICRO],[
6
])
AC_INIT(unbound, m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]), unbound-bugs@nlnetlabs.nl, unbound)
AC_SUBST(UNBOUND_VERSION_MAJOR, [VERSION_MAJOR])
AC_SUBST(UNBOUND_VERSION_MINOR, [VERSION_MINOR])
AC_SUBST(UNBOUND_VERSION_MICRO, [VERSION_MICRO])
LIBUNBOUND_CURRENT=5
LIBUNBOUND_REVISION=
8
LIBUNBOUND_REVISION=
9
LIBUNBOUND_AGE=3
# 1.0.0 had 0:12:0
# 1.0.1 had 0:13:0
...
...
@@ -62,6 +62,7 @@ LIBUNBOUND_AGE=3
# 1.5.3 had 5:6:3
# 1.5.4 had 5:7:3
# 1.5.5 had 5:8:3
# 1.5.6 had 5:9:3
# Current -- the number of the binary API that we're implementing
# Revision -- which iteration of the implementation of the binary
...
...
dns64/dns64.c
View file @
835a7e7a
...
...
@@ -618,8 +618,10 @@ dns64_synth_aaaa_data(const struct ub_packed_rrset_key* fk,
dd
->
rr_ttl
=
(
time_t
*
)
&
dd
->
rr_data
[
dd
->
count
];
for
(
i
=
0
;
i
<
fd
->
count
;
++
i
)
{
if
(
fd
->
rr_len
[
i
]
!=
6
||
fd
->
rr_data
[
i
][
0
]
!=
0
||
fd
->
rr_data
[
i
][
1
]
!=
4
)
||
fd
->
rr_data
[
i
][
1
]
!=
4
)
{
*
dd_out
=
NULL
;
return
;
}
dd
->
rr_len
[
i
]
=
18
;
dd
->
rr_data
[
i
]
=
(
uint8_t
*
)
&
dd
->
rr_ttl
[
dd
->
count
]
+
18
*
i
;
...
...
@@ -638,6 +640,7 @@ dns64_synth_aaaa_data(const struct ub_packed_rrset_key* fk,
*/
if
(
!
dk
)
{
log_err
(
"no key"
);
*
dd_out
=
NULL
;
return
;
}
...
...
@@ -646,6 +649,7 @@ dns64_synth_aaaa_data(const struct ub_packed_rrset_key* fk,
if
(
!
dk
->
rk
.
dname
)
{
log_err
(
"out of memory"
);
*
dd_out
=
NULL
;
return
;
}
...
...
doc/Changelog
View file @
835a7e7a
15 October 2015: Wouter
- Fix segfault in the dns64 module in the formaterror error path.
- Fix sldns_wire2str_rdata_scan for malformed RRs.
- tag for 1.5.6rc1 release.
14 October 2015: Wouter
- ANY responses include DNAME records if present, as per Evan Hunt's
remark in dnsop.
- Fix manpage to suggest using SIGTERM to terminate the server.
9 October 2015: Wouter
- Default for ssl-port is port 853, the temporary port assignment
for secure domain name system traffic.
If you used to rely on the older default of port 443, you have
to put a clause in unbound.conf for that. The new value is likely
going to be the standardised port number for this traffic.
- iana portlist update.
6 October 2015: Wouter
- 1.5.5 release.
- trunk tracks the development of 1.5.6.
28 September 2015: Wouter
- MAX_TARGET_COUNT increased to 64, to fix up sporadic resolution
failures.
...
...
doc/README
View file @
835a7e7a
README for Unbound 1.5.
5
README for Unbound 1.5.
6
Copyright 2007 NLnet Labs
http://unbound.net
...
...
doc/example.conf.in
View file @
835a7e7a
#
# Example configuration file.
#
# See unbound.conf(5) man page, version 1.5.
5
.
# See unbound.conf(5) man page, version 1.5.
6
.
#
# this is a comment.
...
...
@@ -552,7 +552,7 @@ server:
# default is "" (disabled). requires restart to take effect.
# ssl-service-key: "path/to/privatekeyfile.key"
# ssl-service-pem: "path/to/publiccertfile.pem"
# ssl-port:
44
3
# ssl-port:
85
3
# request upstream over SSL (with plain DNS inside the SSL stream).
# Default is no. Can be turned on and off with unbound-control.
...
...
doc/libunbound.3.in
View file @
835a7e7a
.TH "libunbound" "3" "Oct
6
, 2015" "NLnet Labs" "unbound 1.5.
5
"
.TH "libunbound" "3" "Oct
20
, 2015" "NLnet Labs" "unbound 1.5.
6
"
.\"
.\" libunbound.3 -- unbound library functions manual
.\"
...
...
@@ -42,7 +42,7 @@
.B ub_ctx_zone_remove,
.B ub_ctx_data_add,
.B ub_ctx_data_remove
\- Unbound DNS validating resolver 1.5.
5
functions.
\- Unbound DNS validating resolver 1.5.
6
functions.
.SH "SYNOPSIS"
.B #include <unbound.h>
.LP
...
...
doc/unbound-anchor.8.in
View file @
835a7e7a
.TH "unbound-anchor" "8" "Oct
6
, 2015" "NLnet Labs" "unbound 1.5.
5
"
.TH "unbound-anchor" "8" "Oct
20
, 2015" "NLnet Labs" "unbound 1.5.
6
"
.\"
.\" unbound-anchor.8 -- unbound anchor maintenance utility manual
.\"
...
...
doc/unbound-checkconf.8.in
View file @
835a7e7a
.TH "unbound-checkconf" "8" "Oct
6
, 2015" "NLnet Labs" "unbound 1.5.
5
"
.TH "unbound-checkconf" "8" "Oct
20
, 2015" "NLnet Labs" "unbound 1.5.
6
"
.\"
.\" unbound-checkconf.8 -- unbound configuration checker manual
.\"
...
...
doc/unbound-control.8.in
View file @
835a7e7a
.TH "unbound-control" "8" "Oct
6
, 2015" "NLnet Labs" "unbound 1.5.
5
"
.TH "unbound-control" "8" "Oct
20
, 2015" "NLnet Labs" "unbound 1.5.
6
"
.\"
.\" unbound-control.8 -- unbound remote control manual
.\"
...
...
doc/unbound-host.1.in
View file @
835a7e7a
.TH "unbound\-host" "1" "Oct
6
, 2015" "NLnet Labs" "unbound 1.5.
5
"
.TH "unbound\-host" "1" "Oct
20
, 2015" "NLnet Labs" "unbound 1.5.
6
"
.\"
.\" unbound-host.1 -- unbound DNS lookup utility
.\"
...
...
doc/unbound.8.in
View file @
835a7e7a
.TH "unbound" "8" "Oct
6
, 2015" "NLnet Labs" "unbound 1.5.
5
"
.TH "unbound" "8" "Oct
20
, 2015" "NLnet Labs" "unbound 1.5.
6
"
.\"
.\" unbound.8 -- unbound manual
.\"
...
...
@@ -9,7 +9,7 @@
.\"
.SH "NAME"
.B unbound
\- Unbound DNS validating resolver 1.5.
5
.
\- Unbound DNS validating resolver 1.5.
6
.
.SH "SYNOPSIS"
.B unbound
.RB [ \-h ]
...
...
doc/unbound.conf.5.in
View file @
835a7e7a
.TH "unbound.conf" "5" "Oct
6
, 2015" "NLnet Labs" "unbound 1.5.
5
"
.TH "unbound.conf" "5" "Oct
20
, 2015" "NLnet Labs" "unbound 1.5.
6
"
.\"
.\" unbound.conf.5 -- unbound.conf manual
.\"
...
...
@@ -362,7 +362,7 @@ The public key certificate pem file for the ssl service. Default is "",
turned off.
.TP
.B ssl\-port: \fI<number>
The port number on which to provide TCP SSL service, default
44
3, only
The port number on which to provide TCP SSL service, default
85
3, only
interfaces configured with that port number as @number get the SSL service.
.TP
.B do\-daemonize: \fI<yes or no>
...
...
@@ -481,7 +481,7 @@ kill \-HUP `cat @UNBOUND_PIDFILE@`
.fi
triggers a reload,
.nf
kill \-
QUIT
`cat @UNBOUND_PIDFILE@`
kill \-
TERM
`cat @UNBOUND_PIDFILE@`
.fi
gracefully terminates.
.TP
...
...
services/cache/dns.c
View file @
835a7e7a
...
...
@@ -656,8 +656,9 @@ fill_any(struct module_env* env,
time_t
now
=
*
env
->
now
;
struct
dns_msg
*
msg
=
NULL
;
uint16_t
lookup
[]
=
{
LDNS_RR_TYPE_A
,
LDNS_RR_TYPE_AAAA
,
LDNS_RR_TYPE_MX
,
LDNS_RR_TYPE_SOA
,
LDNS_RR_TYPE_NS
,
0
};
int
i
,
num
=
5
;
/* number of RR types to look up */
LDNS_RR_TYPE_MX
,
LDNS_RR_TYPE_SOA
,
LDNS_RR_TYPE_NS
,
LDNS_RR_TYPE_DNAME
,
0
};
int
i
,
num
=
6
;
/* number of RR types to look up */
log_assert
(
lookup
[
num
]
==
0
);
for
(
i
=
0
;
i
<
num
;
i
++
)
{
...
...
sldns/wire2str.c
View file @
835a7e7a
...
...
@@ -697,6 +697,9 @@ int sldns_wire2str_rdata_scan(uint8_t** d, size_t* dlen, char** s,
}
w
+=
n
;
}
if
(
*
dlen
!=
0
)
{
goto
failed
;
}
return
w
;
}
...
...
testdata/dns64_lookup.rpl
View file @
835a7e7a
...
...
@@ -15,7 +15,7 @@ SCENARIO_BEGIN Test dns64 lookup and synthesis.
; AAAA if present, is passed through unchanged.
; K.ROOT-SERVERS.NET.
RANGE_BEGIN 0
1
00
RANGE_BEGIN 0
2
00
ADDRESS 193.0.14.129
ENTRY_BEGIN
MATCH opcode qtype qname
...
...
@@ -40,10 +40,23 @@ com. IN NS a.gtld-servers.net.
SECTION ADDITIONAL
a.gtld-servers.net. IN A 192.5.6.30
ENTRY_END
ENTRY_BEGIN
MATCH opcode subdomain
ADJUST copy_id copy_query
REPLY QR NOERROR
SECTION QUESTION
7.6.5.in-addr.arpa. IN A
SECTION AUTHORITY
7.6.5.in-addr.arpa. IN NS ns.example.com.
SECTION ADDITIONAL
ns.example.com. IN A 1.2.3.4
ENTRY_END
RANGE_END
; a.gtld-servers.net.
RANGE_BEGIN 0
1
00
RANGE_BEGIN 0
2
00
ADDRESS 192.5.6.30
ENTRY_BEGIN
MATCH opcode qtype qname
...
...
@@ -71,7 +84,7 @@ ENTRY_END
RANGE_END
; ns.example.com.
RANGE_BEGIN 0
1
00
RANGE_BEGIN 0
2
00
ADDRESS 1.2.3.4
ENTRY_BEGIN
MATCH opcode qtype qname
...
...
@@ -125,6 +138,33 @@ SECTION ADDITIONAL
ns.example.com. IN A 1.2.3.4
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR NOERROR
SECTION QUESTION
broken.example.com. IN AAAA
SECTION ANSWER
; NO AAAA present
SECTION AUTHORITY
example.com. IN SOA a. b. 1 2 3 4 5
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR NOERROR
SECTION QUESTION
broken.example.com. IN A
SECTION ANSWER
broken.example.com. IN A 5.6.7.8
broken.example.com. IN A \# 3 030405
SECTION AUTHORITY
example.com. IN NS ns.example.com.
SECTION ADDITIONAL
ns.example.com. IN A 1.2.3.4
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
...
...
@@ -138,6 +178,19 @@ example.com. IN NS ns.example.com.
SECTION ADDITIONAL
ns.example.com. IN A 1.2.3.4
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR NOERROR
SECTION QUESTION
8.7.6.5.in-addr.arpa. IN PTR
SECTION ANSWER
8.7.6.5.in-addr.arpa. PTR ip4.example.com.
SECTION AUTHORITY
7.6.5.in-addr.arpa. IN NS ns.example.com.
ENTRY_END
RANGE_END
STEP 1 QUERY
...
...
@@ -208,4 +261,46 @@ SECTION ADDITIONAL
ns.example.com. IN A 1.2.3.4
ENTRY_END
; test ptr lookup
STEP 60 QUERY
ENTRY_BEGIN
REPLY RD
SECTION QUESTION
8.0.7.0.6.0.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.b.9.f.f.4.6.0.0.ip6.arpa. IN PTR
ENTRY_END
; recursion happens here.
STEP 70 CHECK_ANSWER
ENTRY_BEGIN
MATCH all
REPLY QR RD RA NOERROR
SECTION QUESTION
8.0.7.0.6.0.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.b.9.f.f.4.6.0.0.ip6.arpa. IN PTR
SECTION ANSWER
8.0.7.0.6.0.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.b.9.f.f.4.6.0.0.ip6.arpa. IN PTR ip4.example.com.
SECTION AUTHORITY
7.6.5.in-addr.arpa. IN NS ns.example.com.
ENTRY_END
; synthesize from broken, malformed A records
STEP 80 QUERY
ENTRY_BEGIN
REPLY RD
SECTION QUESTION
broken.example.com. IN AAAA
ENTRY_END
; recursion happens here.
STEP 90 CHECK_ANSWER
ENTRY_BEGIN
MATCH all
REPLY QR RD RA NOERROR
SECTION QUESTION
broken.example.com. IN AAAA
SECTION ANSWER
SECTION AUTHORITY
example.com. IN SOA a. b. 1 2 3 4 5
SECTION ADDITIONAL
ENTRY_END
SCENARIO_END
util/config_file.c
View file @
835a7e7a
...
...
@@ -100,7 +100,7 @@ config_create(void)
cfg
->
tcp_upstream
=
0
;
cfg
->
ssl_service_key
=
NULL
;
cfg
->
ssl_service_pem
=
NULL
;
cfg
->
ssl_port
=
44
3
;
cfg
->
ssl_port
=
85
3
;
cfg
->
ssl_upstream
=
0
;
cfg
->
use_syslog
=
1
;
cfg
->
log_time_ascii
=
0
;
...
...
util/iana_ports.inc
View file @
835a7e7a
...
...
@@ -660,6 +660,7 @@
833
,
847
,
848
,
853
,
860
,
861
,
862
,
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment