This repository has been archived by the owner on Sep 16, 2022. It is now read-only.
Monero: bump unbound to release 1.7.0rc3 #2
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4322 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4323 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4324 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4325 be551aaa-1e26-0410-a405-d3ace91eadb9
dnscrypt is not enabled. git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4326 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4327 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4328 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4329 be551aaa-1e26-0410-a405-d3ace91eadb9
ip-ratelimit-slabs. git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4330 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4331 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4332 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4333 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4335 be551aaa-1e26-0410-a405-d3ace91eadb9
and expat 2.2.4 install target fix. git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4336 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4337 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4338 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4339 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4340 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4341 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4343 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4344 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4345 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4347 be551aaa-1e26-0410-a405-d3ace91eadb9
control. git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4348 be551aaa-1e26-0410-a405-d3ace91eadb9
downstream. git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4349 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4350 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4351 be551aaa-1e26-0410-a405-d3ace91eadb9
always-forward. git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4352 be551aaa-1e26-0410-a405-d3ace91eadb9
(patch from Jinmei Tatuya). - trigger refetching of the answer in that case (this will bypass cachedb lookup) - allow storing a 0-TTL answer from cachedb in the in-memory message cache when serve-expired is yes git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4353 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4354 be551aaa-1e26-0410-a405-d3ace91eadb9
although it could be changed at a later time, to stay similar to other implementations. git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4560 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4561 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4563 be551aaa-1e26-0410-a405-d3ace91eadb9
cleanly for me, now also for others. git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4565 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4566 be551aaa-1e26-0410-a405-d3ace91eadb9
A. Schulze. git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4567 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4568 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4569 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4570 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4571 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4573 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4574 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4575 be551aaa-1e26-0410-a405-d3ace91eadb9
git-svn-id: https://unbound.nlnetlabs.nl/svn/trunk@4576 be551aaa-1e26-0410-a405-d3ace91eadb9
Credit for this commit goes to "ston1th <ston1th@giftfish.de>" who had committed the revision to the monero-project/monero repo. (cherry picked from commit ba1b89fbb7a2fde9b07fa906cdd3c1f4c3721a22)
Credit for this commit goes to "Pavel Maryanov <acid@jack.kiev.ua>" who had committed the revision to the monero-project/monero repo. (cherry picked from commit a17efcb039c1128fdb11fd147687f15f2ae12494)
Credit for this commit goes to "moneromooo-monero <moneromooo-monero@users.noreply.github.com>" who had committed the revision to the monero-project/monero repo. (cherry picked from commit 1a271d25a15fcfe4ee4c687257dcf30755ce7ca9)
Credit for this commit goes to "moneromooo-monero <moneromooo-monero@users.noreply.github.com>" who had committed the revision to the monero-project/monero repo. (cherry picked from commit e8d773a049487db7982e38b3986d63756fc45f84)
Credit for this commit goes to "xmr-eric <eric@moneroeric.com>" who had committed the revision to the monero-project/monero repo. (cherry picked from commit e8d773a049487db7982e38b3986d63756fc45f84)
Merges remote-tracking branch 'origin/master' into monero
|
why a release candidate as opposed to a stable version? |
|
It is the stable version and is the tag used for their March 15th, release, as posted on their website. cd unbound && git checkout -b review && git svn rebase && git log -p 0a3417c0a2028e7089b73ee1ee1b700bea0b79fd doc/ChangelogI wish we could simply use tags but git-svn does not do them well at all (afaict). |
fluffypony
added a commit
that referenced
this pull request
Mar 18, 2018
90c6150 CMake: update 2018 copyright (anonimal) 783c32d CMake: always build with -fPIC (anonimal) 1b3fa14 CMake: enable SHA1 (anonimal) 436f1f5 Build: add support for SunOS/Solaris (anonimal) efa249c CMake: fix libressl linkage (anonimal) a2bc300 Build: fix build by adding authzone to CMake (anonimal) 26f3ebc Build: fix build by adding CMake support for dnscrypt (anonimal) a481d3c Build: use configure_checks.cmake from the monero repo (anonimal) 3d0cbe0 Build: use config.h.cmake.in from the monero repo (anonimal) a3b8443 Build: use CMakeLists.txt from the monero repo (anonimal)
|
This needs to be merged to branch |
|
Reopened for me being an idiot |
fluffypony
added a commit
that referenced
this pull request
Mar 18, 2018
3786f4a - tag 1.7.0rc3. (wouter) 5295145 - Added documentation for aggressive-nsec: yes. (wouter) a3296c2 configure --disable-swig-version-check stops the swig version check. (wouter) a93a529 - Fix #3598: Fix swig build issue on rhel6 based system. (wouter) 7faeb8e 1.7.0rc2 (wouter) 12e74d0 - note when tag 1.7.0rc1 happened in the changelog. (wouter) da69a01 - Attempt to remove warning about trailing whitespace. (wouter) 2b00a5d - Attempt to remove warning about trailing whitespace. (wouter) 1c8938d - patch suggested by Debian lintian: allow to -> allow one to, from A. Schulze. (wouter) 0645371 - patch to log creates keytag queries, from A. Schulze. (wouter) d1ce267 - Fixed contrib/fastrpz.patch, even though this already applied cleanly for me, now also for others. (wouter) ed4f6f2 - Fix for windows compile. (wouter) cf7ae9c - svn trunk contains 1.7.0, this is the number for the next release. (wouter) 692f648 - Reverted fix for #3512, this may not be the best way forward; although it could be changed at a later time, to stay similar to other implementations. (wouter) 0a65f97 - Fix #3582: Squelch address already in use log when reuseaddr option causes same port to be used twice for tcp connections. (wouter) ebe1d77 - iana port update. (wouter) 5754fd7 removed unneeded includes. (wouter) f9f0108 - Fix to check define of DSA for when openssl is without deprecated. (wouter) 327d22f - Fix nettle compile. (wouter) 7cb6d24 - Fix compile with staticexe and python module. (wouter) 340efc3 - Fix compile without threads, and remove unused variable. (wouter) 325fc06 - Fixup contrib/fastrpz.patch so that it applies. (wouter) e3ee8c6 - use existing code to find signer on positive wildcard answers (ralph) 3377e6f - Save wildcard RRset from answer with original owner for use in aggressive NSEC. (ralph) 3c305c6 - more robust cachedump rrset routine. (wouter) 6270fb6 fix spelling error (wouter) ffa1194 - Fix validation for CNAME loops. When it detects a cname loop, by finding the cname, cname in the existing list, it returns the partial result with the validation result up to then. (wouter) a68512c neater code. (wouter) 8c37d10 comment to explain it. (wouter) eb1adcf - Fix #3512: unbound incorrectly reports SERVFAIL for CAA query when there is a CNAME loop. (wouter) 2c129d2 fix noview. (wouter) 67f76f8 - Fix for more maintainable code in localzone. (wouter) 5a0f620 bug ref nr. (wouter) 80ab137 - local-zone noview can be used to break out of the view to the global local zone contents, for queries for that zone. (wouter) aaf91e2 - Fix #3505: Documentation for default local zones references wrong RFC. (wouter) 1a9d913 - Fixes for clang static analyzer, the missing ; in edns-subnet/addrtree.c after the assert made clang analyzer produce a failure to analyze it. (wouter) c217a69 - Aggressive NSEC tests (ralph) fcd9b8c auth zone: default is https if no 'http://' given. (wouter) b52ca64 auth zone whitespace fixes and input validation. (wouter) 2b221f3 auth zone review fixes (wouter) 4ddbf8a - iana port update. (wouter) 4d4669b - tls-cert-bundle option in unbound.conf enables TLS authentication. (wouter) 0e2c3c5 - Unit test for auth zone https url download. (wouter) 6408197 - Fix the ce_len+2 fix (Aggressive NSEC review) (ralph) 42255fc - Processed aggressive NSEC code review remarks Wouter (ralph) 2d5fc74 - Added tests with wildcard expanded NSEC records (CVE-2017-15105 test) (ralph) 2076e1e auth zone work, nicer debug output. (wouter) 647c958 auth zone stop sending packets when the application quits. (wouter) f928cde - auth zone url config. (wouter) b8a397a auth zone http work. (wouter) 7c5497d auth zone work. (wouter) 35bc8a1 - Aggressive use of NSEC implementation. Use cached NSEC records to generate NXDOMAIN, NODATA and positive wildcard answers. (ralph) 2de81e0 auth zone work. (wouter) 7a30b4a auth zone review. (wouter) 6342b79 - iana port update. (wouter) 4281825 fix for doxygen and lint. (wouter) 4028695 auth zone work on http feature. (wouter) 1cb6bd9 fix for doxygen (wouter) e48156c auth zone work. (wouter) 5caf1ae fix lint warning (wouter) 081cdce fix lint warning (wouter) 1e7120e auth zone work. (wouter) 19c3997 Fixup tests for checklocks. Add auth axfr test for socket code. (wouter) db621d9 - auth-zone provides a way to configure RFC7706 from unbound.conf, eg. with auth-zone: name: "." for-downstream: no for-upstream: yes fallback-enabled: yes and masters or a zonefile with data. (wouter) c172f0d make depend. (wouter) e7a76a8 - Fix #3451: dnstap not building when you have a separate build dir. And removed protoc warning, set dnstap.proto syntax to proto2. (wouter) 98bf718 auth zone fixup lock protection, it wrongly covered the rbtree node. (wouter) 8c4be29 auth zone test probe of SOA (wouter) 276d313 auth zone ixfr unit tests (wouter) ebda5cb auth zone ixfr unit test, and fixes. (wouter) 4d36916 auth zone, remove unused code (wouter) 9caa77b fix unit test for new output func. (wouter) 1f7eff8 auth zone, axfr and printout works. (wouter) ff360ae Enable valgrind in (some) tests. (wouter) aca1f55 fix spelling error in delegation. (wouter) cf525b9 Fix more critical regions. Cleans tests. (wouter) 6b49cdd - lock subnet new item before insertion to please checklocks, no modification of critical regions outside of lock region. (wouter) cee5790 auth zone race condition remove and checklock fix for check of unused alignment memory in structure. (wouter) 252eae4 - Fix lock race condition in dns cache dname synthesis. (wouter) f4a83a9 - unit test with valgrind (wouter) 1b9c86b - unit test with valgrind (wouter) 1d3cb2e remove debug printf. (wouter) f8f3f79 - Fix unfreed locks in log and arc4random at exit of unbound. (wouter) cc667b6 - fix unaligned structure making a false positive in checklock unitialised memory. (wouter) 3601b23 auth zone socket creation fix. (wouter) 28d9793 auth zone test for host lookup (wouter) 78cac2d auth zone, nicer debug log (wouter) 7897dad auth zone test checks stored axfr zonefile (wouter) 43c4502 auth zone unit test extra_packet moves multipe tcp packets on stream (wouter) a8847f6 auth zone test, udp and tcp answered from unit test (wouter) a7ae601 auth zone fix comment (wouter) e4c6da8 auth zone move file descriptor functionality to outside network for the unit test (wouter) f88d7a6 auth zone test with zone transfer (wouter) 2470b31 cleanup without losing zone contents, and also backoff for nonresponsive masters while zone data is available. (wouter) fd5b2dd pickup worker events, and free them. exponential backoff for continuously failing zones. (wouter) df057ff failover for dnssec bogus (wouter) 9f91e3c test for validation of queries answered with a zonefile (wouter) 4cf7809 Test authority zone with zonefile for root referrals (RFC7706) (wouter) 0293366 make depend (wouter) 4f5bbce auth zone for downstream (wouter) 7060ceb no $INCLUDE in this test. (wouter) 71ba486 Test for no-upstream enabled, and thus fallback to normal priming and lookup. (wouter) 12f5077 remove debug print (wouter) 483796b fix to please doxygen's parser. (wouter) 4d3b9db unit test for auth zone lookup (wouter) 5c23b37 Fix sldns parse state prev dname. (wouter) 90141b6 fix $INCLUDE (wouter) f92f7fb auth zone, make depend, fallback, create and delete, and lease_time, and lock fixes. (wouter) 80ab330 lint fixes. (wouter) 82a0a76 lint fixes (wouter) b20df48 Also use NSEC with longest closest encloser for CNAME responses. (ralph) 7af974c remove unused TODO items (wouter) ee752be auth zone work, ixfr apply procedure. (wouter) 5489a6b - Use NSEC with longest ce to prove wildcard absence. - Only use *.ce to prove wildcard absence, no longer names. (ralph) 5af55ba remove unneeded statements (wouter) cea3d1e fixup iterator (wouter) 3e50a1f unneeded statement (wouter) 337ef21 fix id check (wouter) c0b6702 lint fix. (wouter) e2560b3 lint fixes. (wouter) 6511959 fix ixfr and axfr end detection. (wouter) 1456e7a authzone transfer functionality (wouter) 7774d57 correct name for libunbound.so.conf (wouter) 0a2f0cf add semicolon at end of line. (wouter) 1926bbe - ltrace.conf file for libunbound in contrib. (wouter) 74d2a9d - Print fatal errors about remote control setup before log init, so that it is printed to console. (wouter) f84f924 - Fix that unbound-checkconf -f flag works with auto-trust-anchor-file for startup scripts to get the full pathname(s) of anchor file(s). (wouter) 98b9046 - Fix #3397: Fix that when the cache contains an unsigned DNAME in the middle of a cname chain, a result without the DNAME could be returned. (wouter) 82881b1 - Fix #3397: Fix that cachedb could return a partial CNAME chain. (wouter) bf48ee6 - Accept tls-upstream in unbound.conf, the ssl-upstream keyword is also recognized and means the same. Also for tls-port, tls-service-key, tls-service-pem, stub-tls-upstream and forward-tls-upstream. (wouter) 58bcba7 - make depend: code dependencies updated in Makefile. (wouter) b9d1810 - iana port update. (wouter) 7911e49 - patch for CVE-2017-15105: vulnerability in the processing of wildcard synthesized NSEC records. (wouter) 51c4c97 - trunk has 1.6.9 with fix and previous commits. (wouter) a28f91e - Copy query and correctly set flags on REFUSED answers when cache snooping is not allowed. (ralph) f31d36c Please lint (ralph) faf687e - Fix queries being leaked above stub when refetching glue. (ralph) 0a121de fix oneoff (wouter) e8865e9 fixup larger than 2**31 case. (wouter) fe7c8d1 - Remove clang optimizer disable, Fix that expiration date checks don't fail with clang -O2. (wouter) ed00a97 - Fix that DS queries with referral replies are answered straight away, without a repeat query picking the DS from cache. The correct reply should have been an answer, the reply is fixed by the scrubber to have the answer in the answer section. (wouter) bd2f389 - Also disable -flto for clang, to make incep-expi signature check work. (wouter) b4462e0 - iana port update. (wouter) e905d51 - Fix timestamp failure because of clang optimizer failure, by disabling -O2 when the compiler --version is clang. (wouter) dd172df remove debug output (wouter) 8ddd743 this version of unbound fails when compiled with CC=clang and -O (edit Makefile), or -O2 (default). If you use no optimizing flag, unittest works. (wouter) eaeddf2 unit test for timestamp failure with clang (wouter) 074b850 authzone work (wouter) 2c0645e set repinfo correctly (this prints out debug and errors with the correct remote IP) (wouter) ea5643f fix unit tests (wouter) a1ad3c1 - authzone work, transfer connect. (wouter) 9437250 - Fix qname-minimisation documentation (A QTYPE, not NS) (ralph) 1a699f5 - Check whether --with-libunbound-only is set when using --with-nettle or --with-nss. (ralph) 14da355 lookup and transfer setup (wouter) 32908dc disown and pickup of next task. (wouter) bf39361 fixup locks. (wouter) f9decd7 - Fix link failure on OmniOS. (wouter) bf32cf4 auth zone transfer setup. (wouter) 276a63a iterate probe over looked up ip4 and ip6 addresses (wouter) 3338ac1 - auth zone work. probe hostname lookup. (wouter) 0dfd323 note that state must be separated because of error corner cases. (wouter) 8fb3f71 - Fix #3299 - forward CNAME daisy chain is not working (wouter) 19649cb re-run aclocal (of Fedora 27). (wouter) c8b4fc8 upgraded comment (wouter) 98a152c fix for lint. (wouter) 9efb904 - auth xfer work on probe timer and lookup. (wouter) 44915a8 - Fix #2882: Unbound behaviour changes (wrong) when domain-insecure is set for stub zone. It no longer searches for DNSSEC information. (wouter) 1f3ab65 no AAAA shortcuts. (wouter) 6f02e4b - Fix qname minimisation to send AAAA queries at zonecut like type A. (wouter) e23fd13 - Fix #2801: Install libunbound.pc. (wouter) 58a0187 unused void cast. (wouter) 3ccb98d - Fix #2492: Documentation libunbound. (wouter) a022c9b - Fix #2141 - for libsodium detect lack of entropy in chroot, print a message and exit. (wouter) f03a2ab - Fix #2034 - Autoconf and -flto. (wouter) a0ffe3a - Fix #2362: TLS1.3/openssl-1.1.1 not working. (wouter) de14a7e Correct line ending in man page. (wouter) f2a4d20 Typing error fix up. (wouter) 6c4ad22 - make ip-transparent option work on OpenBSD. (wouter) 72b70b5 - Fix #1913: ub_ctx_config is under circumstances thread-safe. (wouter) c9ce6f5 - iana port update. (wouter) ba572d6 - lexer output. (wouter) 470f64d - Document that errno is left informative on libunbound config read fail. (wouter) d1c485b - Fix #2031: Double included headers (ralph) 24b4835 - Fix #1949: [dnscrypt] make provider name mismatch more obvious. (ralph) 9c22e42 - Fixed libunbound manual typo. (ralph) aa79205 - Update B root ipv4 address. (ralph) e004cf8 authzone, handle probe return packets. (wouter) 8098745 fix lint (wouter) 516f8fc corrected fix for test link. (wouter) 533368b fix test link (wouter) cc34c6b authzone work. (wouter) 735c650 fix doxygen (wouter) f6767b6 - authzone work, probe timer setup. (wouter) 6f83cdd - lint for recent authzone commit. (wouter) 77d3988 - Work on local root zone code. (wouter) 8ea0120 - Better documentation for cache-max-negative-ttl. (wouter) 1a62747 Turn duplicates into warnings for dnscrypt, and fix declaration and code mix warning. (wouter) cbb64b3 - [dnscrypt] prevent dnscrypt-secret-key, dnscrypt-provider-cert duplicates - [dnscrypt] introduce dnscrypt-provider-cert-rotated option, from Manu Bretelle. This option allows handling multiple cert/key pairs while only distributing some of them. In order to reliably match a client magic with a given key without strong assumption as to how those were generated, we need both key and cert. Likewise, in order to know which ES version should be used. On the other hand, when rotating a cert, it can be desirable to only serve the new cert but still be able to handle clients that are still using the old certs's public key. The `dnscrypt-provider-cert-rotated` allow to instruct unbound to not publish the cert as part of the DNS's provider_name's TXT answer. (wouter) 3110caa - Fix #1749: With harden-referral-path: performance drops, due to circular dependency in NS and DS lookups. (wouter) 9ebff36 - trunk has version 1.6.8. (wouter) 8a71dc5 - tag 1.6.7 (wouter) ddc2388 - Fix spelling in unbound-control man page. (wouter) 486ac17 - tag 1.6.7rc1 (wouter) 95863bf - Use RCODE from A response on DNS64 synthesized answer. (ralph) 511a63e remove duplicate statements. (wouter) 2013052 - Fix some more crpls in testdata for different signaling default. (wouter) c523378 - Fix trust-anchor-signaling works in libunbound. (wouter) 8824ebc also disable trust-anchor-signaling is crpl tests (ralph) c42f536 - Set trust-anchor-signaling default to yes (ralph) 970f539 - Fix param unused warning for windows exportsymbol compile. (wouter) 8f05e95 - Fix #1450: Generate again patch contrib/aaaa-filter-iterator.patch (by Danilo G. Baio). (ralph) 4d5b70b - Log name of looping module (ralph) 235b9c1 Spelling fixes are from Josh Soref. (wouter) f5d8f50 - Fix DNSCACHE_STORE_ZEROTTL to be bigger than 0xffff. (wouter) f8f0018 assert and lint. (wouter) 6c6d337 - use a cachedb answer even if it's "expired" when serve-expired is yes (patch from Jinmei Tatuya). - trigger refetching of the answer in that case (this will bypass cachedb lookup) - allow storing a 0-TTL answer from cachedb in the in-memory message cache when serve-expired is yes (wouter) c881f5f - Fix #1400: allowing use of global cache on ECS-forwarding unless always-forward. (ralph) 87a108b - Fix #1440: [dnscrypt] client nonce cache. (wouter) e12160f and man page. (wouter) e2aaf5e - Fix #1435: Please allow UDP to be disabled separately upstream and downstream. (wouter) 5251dae - Fix that looping modules always stop the query, and don't pass control. (wouter) becbd20 - tag 1.6.6rc2, became 1.6.6 on 18 sep. trunk 1.6.7 in development. (wouter) b5aba92 autoconf. (wouter) 39ba948 - Spelling fixes, from Phil Porada. (wouter) ddd249d - Fix unbound-host to report error for DNSSEC state of failed lookups. (wouter) dfb5ebd - tag 1.6.6rc2 (wouter) 86daa97 - Add dns64 for client-subnet in unbound-checkconf. (wouter) 45adede remove debug (wouter) 6e59036 - Fix #1434: Fix windows openssl 1.1.0 linking. (wouter) 6d18c7e - Fix #1412: QNAME minimisation strict mode not honored (ralph) 3a1a576 - makedist fix for windows binaries, with openssl 1.1.0 windres fix, and expat 2.2.4 install target fix. (wouter) 526d1e8 note tag 1.6.6rc1 (wouter) 50941d6 and in man page. (wouter) d8d4c8c - Recommend 1472 buffer size in unbound.conf (wouter) 3d60e53 lock_protect mutex in cachedb. (wouter) 15de646 - Fix #1418: [ip ratelimit] initialize slabhash using ip-ratelimit-slabs. (wouter) 57323a8 les and bison. (wouter) dfb7048 dnscrypt cache size configuration option. (wouter) 6a32cf0 - make depend (wouter) ce208bb - Fix #1417: [dnscrypt] shared secret cache counters, and works when dnscrypt is not enabled. (wouter) 7e69f3e - but reverted that, tests fails with that escape. (wouter) 74148f5 - For #1417: escape ; in dnscrypt tests. (wouter) 99f7948 - Fix #1424: cachedb:testframe is not thread safe. (wouter) e7919c4 - Fix 1416: qname-minimisation breaks TLSA lookups with CNAMEs. (wouter) 40e912f - updated contrib/fastrpz.patch to apply with configparser changes. (wouter) 5b50b5b Fix dnscrypt tests grep. (wouter) 818ac2a - fixup WKS test on buildhost without servicebyname. (wouter) 1f65079 - new keys and certs for dnscrypt tests. (wouter) a599031 - zero qinfo in handle_request, this zeroes local_alias and also the qname member. (wouter) 9500ddd - Fix #1414: fix segfault on parse failure and log_replies. (wouter) bc1fba7 nicer layout. (wouter) d566f3c - Fix WKS records on kvm autobuild host, with default protobyname entries for udp and tcp. (wouter) 398021b - Small fixes for the shared secret cache patch. (wouter) 8e49ed8 - Fix #1415: [dnscrypt] shared secret cache, patch from Manu Bretelle. (wouter) 737cb74 - iana portlist update (wouter) 8b3bfc6 - Fix #1415: patch to free dnscrypt environment on reload. (wouter) 6aa6c48 - Fix to reclaim tcp handler when it is closed due to dnscrypt buffer allocation failure. (wouter) 51808a9 - make depend (wouter) a2f9551 - Fix #1407: Add ECS options check to unbound-checkconf. (wouter) 489ad28 - Fix #1402: squelch invalid argument error for fd_set_block on windows. (wouter) 2cbdee0 Better text for change: - Fix install of trust anchor when two anchors are present, makes both valid. Checks hash of DS but not signature of new key. This fixes the root.key file if created when unbound is installed between sep11 and oct11 2017. (wouter) 69cabf5 - Fix issue on macOX 10.10 where TCP fast open is detected but not implemented causing TCP to fail. The fix allows fallback to regular TCP in this case and is also more robust for cases where connectx() fails for some reason. (wouter) b080335 - trunk version 1.6.6 in development. (wouter) e682b0b - Fix install of trust anchor when two anchors are present, makes both valid. Checks hash of DS but not signature of new key. This fixes installs between sep11 and oct11 2017. (wouter) 9e96762 better text. (wouter) aa09eec - Patch to show DNSCrypt status in help output, from Carsten Strotmann. (wouter) 36be78a - Remove spaces from Makefile. (wouter) 9e330d7 yacc 1.9 and flex 2.6.1. (wouter) 94f66ee - Fix #1398: make cachedb secret configurable. (wouter) df7d82a - Fix #1397: Recursive DS lookups for AS112 zones names should recurse. (wouter) e551345 Do not add rrset_bogus and query ratelimiting stats per thread. (ralph) d073e3e - Added stats for queries that have been ratelimited by domain recursion. (ralph) 2fc8218 - Do not reset rrset.bogus stats when called using stats_noreset. (ralph) ebd76ef - Remove unused iter_env member (ip6arpa_dname) (ralph) 4b3602b - Fix #1394: mix of serve-expired and response-ip could cause a crash. (wouter) 436f873 - iana update (wouter) 47dafe4 fix type cast. (wouter) 8afb918 - Fix #1365: Add Ed25519 support using libnettle. (wouter) cce1adf - Fix DSA configure switch (--disable dsa) for libnettle and libnss. (wouter) 4cc1a47 double fallthrough annotation to please gcc parser. (wouter) 0dcb114 annotate fallthrough (wouter) d616547 remove warning (wouter) 756034d - Fix compile with libnettle (wouter) daa625c - remove warning from windows compile. (wouter) 6521d82 - squelch TCP fast open error on FreeBSD when kernel has it disabled, unless verbosity is high. (wouter) 2f22e0e - upgrade aclocal(pkg.m4 0.29.1), config.guess(2016-10-02), config.sub(2016-09-05). - annotate case statement fallthrough for gcc 7.1.1. - flex output from flex 2.6.1. - snprintf of thread number does not warn about truncated string. (wouter) ea646bb please doxygen (wouter) 55c6dcd - Fix #1349: allow suppression of pidfiles (from Daniel Kahn Gillmor). With the -p option unbound does not create a pidfile. (wouter) fe4f885 - Fix #1350: make cachedb backend configurable (from JINMEI Tatuya). (wouter) e946f2f fix doc. (wouter) 4ebb3f5 - Redirect all localhost names to localhost address for RFC6761. (wouter) 7e2a0e9 - Fix #1344: RFC6761-reserved domains: test. and invalid. (wouter) 6ab32e3 fixup printout of skipped. (wouter) f48dade test report again (wouter) 61e5213 Test -f report. (wouter) b33ffd4 full report with -f (wouter) 3562699 run tests. (wouter) df993ad - Fix svn hooks for tdir (selected if testcode/mini_tdir.sh exists). (wouter) 3343bcb Fixup speed_cache for 01-doc test. (wouter) 8ba25b1 tests in tdir format. (wouter) 2ca4cc3 - Fix tests to use .tdir (from Manu Bretelle) instead of .tpkg. (wouter) b56b968 - Fix 1332: Bump verbosity of failed chown'ing of the control socket. (wouter) 029b56d Fixup (wouter) c6925b2 - Fix openssl 1.1.0 load of ssl error strings from ssl init. (wouter) 1b563e5 - Fix pythonmod link line option flag. (wouter) 4de1154 - Fix #1331: libunbound segfault in threaded mode when context is deleted. (wouter) cc82f13 - Fix for unbound-checkconf, check ipsecmod-hook if ipsecmod is turned on. (wouter) 80663d8 lint fix and check errcode. (wouter) ad5295b - enhancement for hardened-tls for DNS over TLS. Removed duplicated security settings. (wouter) 13034f0 - iana portlist update (wouter) f43c401 - Fix python example0 return module wait instead of error for pass. (wouter) 4e5449c - Fix that infra cache host hash does not change after reconfig. (wouter) cea4abd - Remove signed unsigned warning from authzone. (wouter) 32a5f8a - Trunk contains 1.6.5, with changes from 26, 27 june. (wouter) 90c6150 CMake: update 2018 copyright (anonimal) 783c32d CMake: always build with -fPIC (anonimal) 1b3fa14 CMake: enable SHA1 (anonimal) 436f1f5 Build: add support for SunOS/Solaris (anonimal) efa249c CMake: fix libressl linkage (anonimal)
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Based off of #1, requires merging of #1. Also includes all monero unbound additions since the
git svn rebaseof #1.