d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
251,873 Commits 72 Branches 135 Tags 3.2 GiB
eb578fec7f
Commit Graph

75 Commits

Author SHA1 Message Date
Cy Schubert
091e9e469b MFV r361322: 
Update unbound 1.9.6 --> 1.10.1.

Bug Fixes:
 - CVE-2020-12662 Unbound can be tricked into amplifying an incoming
   query into a large number of queries directed to a target.
 - CVE-2020-12663 Malformed answers from upstream name servers can be
   used to make Unbound unresponsive.

Reported by:	emaste
MFC after:	3 days
Relnotes:	yes
Security:	CVE-2020-12662, CVE-2020-12663
 2020-05-21 21:00:46 +00:00
Cy Schubert
6692aa840c Unbound's config.h is manually maintained, using a ./configure produced 
config.h as a guide. In practice contributed software maintains a copy
of config.h within its build directory tree containing its Makefile.
usr.sbin/unbound is the home for its config.h.

MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D22983
 2020-01-13 06:55:31 +00:00
Cy Schubert
0eefd3079a MFV r356143: 
Update unbound 1.9.2 --> 1.9.6.

MFC after:	3 days
Security:	CVE-2019-18934 (fixed by 1.9.5)
 2019-12-31 15:50:41 +00:00
Dag-Erling Smørgrav
e86b909626 Upgrade Unbound to 1.9.2. 2019-07-04 08:40:10 +00:00
Dag-Erling Smørgrav
209fcf8ed9 Merge upstream r4932: turn so-reuseport option off by default. 
MFC after:	3 days
 2018-11-01 23:42:35 +00:00
Dag-Erling Smørgrav
b319ead8be Try harder to sanitize the environment before running configure. 
Remove a workaround for older Unbound versions that used sbrk.

Approved by:	re (gjb)
 2018-10-10 22:29:06 +00:00
Dag-Erling Smørgrav
a755b6f6ca Upgrade to 1.8.1. 
Approved by:	re (kib)
 2018-10-10 08:53:47 +00:00
Dag-Erling Smørgrav
4c75e3aa0f Upgrade Unbound to 1.8.0. More to follow. 
Approved by:	re (kib)
 2018-10-10 07:55:06 +00:00
Jung-uk Kim
8eec4954fb Make unbound buildable. 2018-09-19 07:03:28 +00:00
Jung-uk Kim
3459507c9d Revert r338774. Unrelated changes were committed with Apache Serf. 2018-09-19 06:56:37 +00:00
Jung-uk Kim
3d32dc633c Update Apache Serf to 1.3.9 to make it buildable with OpenSSL 1.1.1. 2018-09-19 06:49:55 +00:00
Dag-Erling Smørgrav
7da0adf72b Upgrade Unbound to 1.7.3. More to follow. 
Approved by:	re (kib@)
 2018-09-10 17:37:34 +00:00
Dag-Erling Smørgrav
3bd4df0a68 Upgrade Unbound to 1.7.2. More to follow. 
Approved by:	re (kib@)
 2018-09-10 16:56:44 +00:00
Dag-Erling Smørgrav
b70d78d6e8 Rename all Unbound binaries and man pages from unbound* to local-unbound*. 
PR:		222902
 2018-05-12 17:10:36 +00:00
Dag-Erling Smørgrav
0fb349906e Upgrade Unbound to 1.7.1. 2018-05-12 15:20:39 +00:00
Dag-Erling Smørgrav
57bddd215c Upgrade Unbound to 1.7.0. More to follow. 2018-05-12 15:04:05 +00:00
Dag-Erling Smørgrav
838e13ceea Upgrade Unbound to 1.6.8. More to follow. 2018-05-12 14:57:42 +00:00
Dag-Erling Smørgrav
db8dbc29fc No reason to keep this around. 2018-05-12 14:51:53 +00:00
Dag-Erling Smørgrav
8a384985ac Upgrade Unbound to 1.6.7. More to follow. 2018-05-12 14:51:18 +00:00
Dag-Erling Smørgrav
971980c374 Upgrade Unbound to 1.6.6. More to follow. 2018-05-12 14:48:38 +00:00
Dag-Erling Smørgrav
8157cbab02 Upgrade Unbound to 1.6.5. More to follow. 2018-05-12 14:39:41 +00:00
Dag-Erling Smørgrav
c7f4d7ad9b Upgrade Unbound to 1.6.4. More to follow. 2018-05-12 14:36:58 +00:00
Dag-Erling Smørgrav
92bb4ebdc4 Upgrade Unbound to 1.6.3. More to follow. 2018-05-12 14:19:14 +00:00
Dag-Erling Smørgrav
65b390aa03 Upgrade Unbound to 1.6.2. More to follow. 2018-05-12 14:15:39 +00:00
Dag-Erling Smørgrav
3005e0a300 Upgrade Unbound to 1.6.1. More to follow. 2018-05-12 14:04:48 +00:00
Dag-Erling Smørgrav
bc89214039 Upgrade Unbound to 1.6.0. More to follow. 2018-05-12 12:57:34 +00:00
Dag-Erling Smørgrav
e8a699bb6e Merge upstream r4302 to support multiple concurrently valid anchors. 
If an unpatched unbound-anchor is run without a preexisting root anchor
between 2017-09-11 and 2017-10-11, it will fail and Unbound will not be
able to start unless the validator is disabled.  An EN will be issued
with patches for existing systems and information on how to work around
the issue on new installations.
 2017-08-31 12:02:14 +00:00
Dag-Erling Smørgrav
b5663de9eb Upgrade to Unbound 1.5.10. 2016-09-29 18:24:29 +00:00
Dag-Erling Smørgrav
e2d1500434 Upgrade to Unbound 1.5.9. 2016-09-04 12:17:57 +00:00
Dag-Erling Smørgrav
a2d0006e29 Apply upstream r3651: the IPv6 address of the L root has changed. 2016-03-11 14:57:40 +00:00
Dag-Erling Smørgrav
f61ef7f679 Upgrade to Unbound 1.5.8. 2016-03-05 19:29:18 +00:00
Dag-Erling Smørgrav
0de4f1bf64 Use the new insecure-lan-zones option instead of listing each AS112 zone 
separately.

MFC after:	3 days
 2016-02-11 17:37:02 +00:00
Maxim Sobolev
1d854f3d3e Root out files that don't really belong here and could in fact screw 
you over if you happen to use git for FreeBSD development, as it is
the case with the unbound/.gitignore, which lits files that are
actually required for the buildworld.

MFC after:	1 day
 2016-02-02 19:04:40 +00:00
Dag-Erling Smørgrav
05ab290102 Upgrade to Unbound 1.5.7. 2015-12-14 13:01:51 +00:00
Dag-Erling Smørgrav
c0096f20d0 Ask make(1) which compiler to use rather than rely on whatever is in $PATH. 2015-12-12 22:54:12 +00:00
Dag-Erling Smørgrav
8fd566ab3e Apply r3505 (s/SIGQUIT/SIGTERM/ in man page) 
PR:		203580
 2015-10-14 18:08:38 +00:00
Dag-Erling Smørgrav
b75612f8e7 Upgrade to Unbound 1.5.5. 2015-10-09 11:46:27 +00:00
Dag-Erling Smørgrav
e4c53d3bf0 When chrooted, we need to strip the chroot directory from the front of 
included paths.  Don't forget to do it for globs as well.
 2015-09-17 16:19:36 +00:00
Dag-Erling Smørgrav
09a3aaf3e0 Upgrade to Unbound 1.5.4. 2015-09-17 16:10:11 +00:00
Dag-Erling Smørgrav
6480faa8a2 Upgrade Unbound to 1.5.3. 2015-04-27 12:06:13 +00:00
Dag-Erling Smørgrav
748bd82957 MFV (r277045): merge upstream version of the local socket patch. 2015-01-12 09:46:49 +00:00
Dag-Erling Smørgrav
31099b506d mfv (r276698): support for remote control over local sockets. 2015-01-05 14:59:18 +00:00
Dag-Erling Smørgrav
c809460030 Add generated files. 2015-01-03 11:52:43 +00:00
Dag-Erling Smørgrav
ff8258499c Upgrade to Unbound 1.5.1. Almost all our local changes to date have been 
adopted upstream, greatly reducing the diff.
 2015-01-03 02:40:51 +00:00
Dag-Erling Smørgrav
7ca2a8903f Recognize the lexer and parser sources. 2015-01-03 00:31:52 +00:00
Xin LI
52df462f7f MFV r275844: 
Fix unbound remote denial of service vulnerability.

Security:	FreeBSD-SA-14:30.unbound
Security:	CVE-2014-8602
 2014-12-17 06:55:44 +00:00
Dag-Erling Smørgrav
e8263e185c Clean up the libunbound build to avoid accidentally regenerating the 
configuration lexer and parser during buildworld.  Instead of being
included in the source as it is in the upstream distribution, the code is
now always generated (in ${.OBJDIR}) at build time.

PR:		190739
MFC after:	1 week
 2014-07-19 18:38:48 +00:00
Dag-Erling Smørgrav
c536e4dc7a Import unblock-lan-zones feature backported from upstream svn trunk. 
This is a partial fix for reverse lookups in RFC 1918 networks.  With
this option enabled, unbound no longer ignores these queries; however,
it will still reject the answer it gets from the forwarder, because
the RFC 1918 reverse zones are signed.

Submitted by:	"W.C.A. Wijngaards" <wouter@nlnetlabs.nl>
 2014-07-18 11:32:44 +00:00
Dag-Erling Smørgrav
d8229aaf73 Move libworker_event_done_cb() from libworker.h to worker.h. 2014-05-27 23:39:28 +00:00
Dag-Erling Smørgrav
d107305190 regenerate 2014-05-15 19:48:52 +00:00