import unbound 1.5.6

This commit is contained in:
des 2015-12-12 22:17:01 +00:00
parent c7a82ae9fc
commit 620149a23f
18 changed files with 163 additions and 35 deletions

25
configure vendored
View File

@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.69 for unbound 1.5.5.
# Generated by GNU Autoconf 2.69 for unbound 1.5.6.
#
# Report bugs to <unbound-bugs@nlnetlabs.nl>.
#
@ -590,8 +590,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='unbound'
PACKAGE_TARNAME='unbound'
PACKAGE_VERSION='1.5.5'
PACKAGE_STRING='unbound 1.5.5'
PACKAGE_VERSION='1.5.6'
PACKAGE_STRING='unbound 1.5.6'
PACKAGE_BUGREPORT='unbound-bugs@nlnetlabs.nl'
PACKAGE_URL=''
@ -1391,7 +1391,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
\`configure' configures unbound 1.5.5 to adapt to many kinds of systems.
\`configure' configures unbound 1.5.6 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@ -1456,7 +1456,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
short | recursive ) echo "Configuration of unbound 1.5.5:";;
short | recursive ) echo "Configuration of unbound 1.5.6:";;
esac
cat <<\_ACEOF
@ -1635,7 +1635,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
unbound configure 1.5.5
unbound configure 1.5.6
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@ -2344,7 +2344,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
It was created by unbound $as_me 1.5.5, which was
It was created by unbound $as_me 1.5.6, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@ -2696,11 +2696,11 @@ UNBOUND_VERSION_MAJOR=1
UNBOUND_VERSION_MINOR=5
UNBOUND_VERSION_MICRO=5
UNBOUND_VERSION_MICRO=6
LIBUNBOUND_CURRENT=5
LIBUNBOUND_REVISION=8
LIBUNBOUND_REVISION=9
LIBUNBOUND_AGE=3
# 1.0.0 had 0:12:0
# 1.0.1 had 0:13:0
@ -2745,6 +2745,7 @@ LIBUNBOUND_AGE=3
# 1.5.3 had 5:6:3
# 1.5.4 had 5:7:3
# 1.5.5 had 5:8:3
# 1.5.6 had 5:9:3
# Current -- the number of the binary API that we're implementing
# Revision -- which iteration of the implementation of the binary
@ -19017,7 +19018,7 @@ _ACEOF
version=1.5.5
version=1.5.6
date=`date +'%b %e, %Y'`
@ -19532,7 +19533,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
This file was extended by unbound $as_me 1.5.5, which was
This file was extended by unbound $as_me 1.5.6, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@ -19598,7 +19599,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
unbound config.status 1.5.5
unbound config.status 1.5.6
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"

View File

@ -10,14 +10,14 @@ sinclude(dnstap/dnstap.m4)
# must be numbers. ac_defun because of later processing
m4_define([VERSION_MAJOR],[1])
m4_define([VERSION_MINOR],[5])
m4_define([VERSION_MICRO],[5])
m4_define([VERSION_MICRO],[6])
AC_INIT(unbound, m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]), unbound-bugs@nlnetlabs.nl, unbound)
AC_SUBST(UNBOUND_VERSION_MAJOR, [VERSION_MAJOR])
AC_SUBST(UNBOUND_VERSION_MINOR, [VERSION_MINOR])
AC_SUBST(UNBOUND_VERSION_MICRO, [VERSION_MICRO])
LIBUNBOUND_CURRENT=5
LIBUNBOUND_REVISION=8
LIBUNBOUND_REVISION=9
LIBUNBOUND_AGE=3
# 1.0.0 had 0:12:0
# 1.0.1 had 0:13:0
@ -62,6 +62,7 @@ LIBUNBOUND_AGE=3
# 1.5.3 had 5:6:3
# 1.5.4 had 5:7:3
# 1.5.5 had 5:8:3
# 1.5.6 had 5:9:3
# Current -- the number of the binary API that we're implementing
# Revision -- which iteration of the implementation of the binary

View File

@ -618,8 +618,10 @@ dns64_synth_aaaa_data(const struct ub_packed_rrset_key* fk,
dd->rr_ttl = (time_t*)&dd->rr_data[dd->count];
for(i = 0; i < fd->count; ++i) {
if (fd->rr_len[i] != 6 || fd->rr_data[i][0] != 0
|| fd->rr_data[i][1] != 4)
|| fd->rr_data[i][1] != 4) {
*dd_out = NULL;
return;
}
dd->rr_len[i] = 18;
dd->rr_data[i] =
(uint8_t*)&dd->rr_ttl[dd->count] + 18*i;
@ -638,6 +640,7 @@ dns64_synth_aaaa_data(const struct ub_packed_rrset_key* fk,
*/
if(!dk) {
log_err("no key");
*dd_out = NULL;
return;
}
@ -646,6 +649,7 @@ dns64_synth_aaaa_data(const struct ub_packed_rrset_key* fk,
if(!dk->rk.dname) {
log_err("out of memory");
*dd_out = NULL;
return;
}

View File

@ -1,3 +1,25 @@
15 October 2015: Wouter
- Fix segfault in the dns64 module in the formaterror error path.
- Fix sldns_wire2str_rdata_scan for malformed RRs.
- tag for 1.5.6rc1 release.
14 October 2015: Wouter
- ANY responses include DNAME records if present, as per Evan Hunt's
remark in dnsop.
- Fix manpage to suggest using SIGTERM to terminate the server.
9 October 2015: Wouter
- Default for ssl-port is port 853, the temporary port assignment
for secure domain name system traffic.
If you used to rely on the older default of port 443, you have
to put a clause in unbound.conf for that. The new value is likely
going to be the standardised port number for this traffic.
- iana portlist update.
6 October 2015: Wouter
- 1.5.5 release.
- trunk tracks the development of 1.5.6.
28 September 2015: Wouter
- MAX_TARGET_COUNT increased to 64, to fix up sporadic resolution
failures.

View File

@ -1,4 +1,4 @@
README for Unbound 1.5.5
README for Unbound 1.5.6
Copyright 2007 NLnet Labs
http://unbound.net

View File

@ -1,7 +1,7 @@
#
# Example configuration file.
#
# See unbound.conf(5) man page, version 1.5.5.
# See unbound.conf(5) man page, version 1.5.6.
#
# this is a comment.
@ -552,7 +552,7 @@ server:
# default is "" (disabled). requires restart to take effect.
# ssl-service-key: "path/to/privatekeyfile.key"
# ssl-service-pem: "path/to/publiccertfile.pem"
# ssl-port: 443
# ssl-port: 853
# request upstream over SSL (with plain DNS inside the SSL stream).
# Default is no. Can be turned on and off with unbound-control.

View File

@ -1,4 +1,4 @@
.TH "libunbound" "3" "Oct 6, 2015" "NLnet Labs" "unbound 1.5.5"
.TH "libunbound" "3" "Oct 20, 2015" "NLnet Labs" "unbound 1.5.6"
.\"
.\" libunbound.3 -- unbound library functions manual
.\"
@ -42,7 +42,7 @@
.B ub_ctx_zone_remove,
.B ub_ctx_data_add,
.B ub_ctx_data_remove
\- Unbound DNS validating resolver 1.5.5 functions.
\- Unbound DNS validating resolver 1.5.6 functions.
.SH "SYNOPSIS"
.B #include <unbound.h>
.LP

View File

@ -1,4 +1,4 @@
.TH "unbound-anchor" "8" "Oct 6, 2015" "NLnet Labs" "unbound 1.5.5"
.TH "unbound-anchor" "8" "Oct 20, 2015" "NLnet Labs" "unbound 1.5.6"
.\"
.\" unbound-anchor.8 -- unbound anchor maintenance utility manual
.\"

View File

@ -1,4 +1,4 @@
.TH "unbound-checkconf" "8" "Oct 6, 2015" "NLnet Labs" "unbound 1.5.5"
.TH "unbound-checkconf" "8" "Oct 20, 2015" "NLnet Labs" "unbound 1.5.6"
.\"
.\" unbound-checkconf.8 -- unbound configuration checker manual
.\"

View File

@ -1,4 +1,4 @@
.TH "unbound-control" "8" "Oct 6, 2015" "NLnet Labs" "unbound 1.5.5"
.TH "unbound-control" "8" "Oct 20, 2015" "NLnet Labs" "unbound 1.5.6"
.\"
.\" unbound-control.8 -- unbound remote control manual
.\"

View File

@ -1,4 +1,4 @@
.TH "unbound\-host" "1" "Oct 6, 2015" "NLnet Labs" "unbound 1.5.5"
.TH "unbound\-host" "1" "Oct 20, 2015" "NLnet Labs" "unbound 1.5.6"
.\"
.\" unbound-host.1 -- unbound DNS lookup utility
.\"

View File

@ -1,4 +1,4 @@
.TH "unbound" "8" "Oct 6, 2015" "NLnet Labs" "unbound 1.5.5"
.TH "unbound" "8" "Oct 20, 2015" "NLnet Labs" "unbound 1.5.6"
.\"
.\" unbound.8 -- unbound manual
.\"
@ -9,7 +9,7 @@
.\"
.SH "NAME"
.B unbound
\- Unbound DNS validating resolver 1.5.5.
\- Unbound DNS validating resolver 1.5.6.
.SH "SYNOPSIS"
.B unbound
.RB [ \-h ]

View File

@ -1,4 +1,4 @@
.TH "unbound.conf" "5" "Oct 6, 2015" "NLnet Labs" "unbound 1.5.5"
.TH "unbound.conf" "5" "Oct 20, 2015" "NLnet Labs" "unbound 1.5.6"
.\"
.\" unbound.conf.5 -- unbound.conf manual
.\"
@ -362,7 +362,7 @@ The public key certificate pem file for the ssl service. Default is "",
turned off.
.TP
.B ssl\-port: \fI<number>
The port number on which to provide TCP SSL service, default 443, only
The port number on which to provide TCP SSL service, default 853, only
interfaces configured with that port number as @number get the SSL service.
.TP
.B do\-daemonize: \fI<yes or no>
@ -481,7 +481,7 @@ kill \-HUP `cat @UNBOUND_PIDFILE@`
.fi
triggers a reload,
.nf
kill \-QUIT `cat @UNBOUND_PIDFILE@`
kill \-TERM `cat @UNBOUND_PIDFILE@`
.fi
gracefully terminates.
.TP

View File

@ -656,8 +656,9 @@ fill_any(struct module_env* env,
time_t now = *env->now;
struct dns_msg* msg = NULL;
uint16_t lookup[] = {LDNS_RR_TYPE_A, LDNS_RR_TYPE_AAAA,
LDNS_RR_TYPE_MX, LDNS_RR_TYPE_SOA, LDNS_RR_TYPE_NS, 0};
int i, num=5; /* number of RR types to look up */
LDNS_RR_TYPE_MX, LDNS_RR_TYPE_SOA, LDNS_RR_TYPE_NS,
LDNS_RR_TYPE_DNAME, 0};
int i, num=6; /* number of RR types to look up */
log_assert(lookup[num] == 0);
for(i=0; i<num; i++) {

View File

@ -697,6 +697,9 @@ int sldns_wire2str_rdata_scan(uint8_t** d, size_t* dlen, char** s,
}
w += n;
}
if(*dlen != 0) {
goto failed;
}
return w;
}

View File

@ -15,7 +15,7 @@ SCENARIO_BEGIN Test dns64 lookup and synthesis.
; AAAA if present, is passed through unchanged.
; K.ROOT-SERVERS.NET.
RANGE_BEGIN 0 100
RANGE_BEGIN 0 200
ADDRESS 193.0.14.129
ENTRY_BEGIN
MATCH opcode qtype qname
@ -40,10 +40,23 @@ com. IN NS a.gtld-servers.net.
SECTION ADDITIONAL
a.gtld-servers.net. IN A 192.5.6.30
ENTRY_END
ENTRY_BEGIN
MATCH opcode subdomain
ADJUST copy_id copy_query
REPLY QR NOERROR
SECTION QUESTION
7.6.5.in-addr.arpa. IN A
SECTION AUTHORITY
7.6.5.in-addr.arpa. IN NS ns.example.com.
SECTION ADDITIONAL
ns.example.com. IN A 1.2.3.4
ENTRY_END
RANGE_END
; a.gtld-servers.net.
RANGE_BEGIN 0 100
RANGE_BEGIN 0 200
ADDRESS 192.5.6.30
ENTRY_BEGIN
MATCH opcode qtype qname
@ -71,7 +84,7 @@ ENTRY_END
RANGE_END
; ns.example.com.
RANGE_BEGIN 0 100
RANGE_BEGIN 0 200
ADDRESS 1.2.3.4
ENTRY_BEGIN
MATCH opcode qtype qname
@ -125,6 +138,33 @@ SECTION ADDITIONAL
ns.example.com. IN A 1.2.3.4
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR NOERROR
SECTION QUESTION
broken.example.com. IN AAAA
SECTION ANSWER
; NO AAAA present
SECTION AUTHORITY
example.com. IN SOA a. b. 1 2 3 4 5
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR NOERROR
SECTION QUESTION
broken.example.com. IN A
SECTION ANSWER
broken.example.com. IN A 5.6.7.8
broken.example.com. IN A \# 3 030405
SECTION AUTHORITY
example.com. IN NS ns.example.com.
SECTION ADDITIONAL
ns.example.com. IN A 1.2.3.4
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
@ -138,6 +178,19 @@ example.com. IN NS ns.example.com.
SECTION ADDITIONAL
ns.example.com. IN A 1.2.3.4
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR NOERROR
SECTION QUESTION
8.7.6.5.in-addr.arpa. IN PTR
SECTION ANSWER
8.7.6.5.in-addr.arpa. PTR ip4.example.com.
SECTION AUTHORITY
7.6.5.in-addr.arpa. IN NS ns.example.com.
ENTRY_END
RANGE_END
STEP 1 QUERY
@ -208,4 +261,46 @@ SECTION ADDITIONAL
ns.example.com. IN A 1.2.3.4
ENTRY_END
; test ptr lookup
STEP 60 QUERY
ENTRY_BEGIN
REPLY RD
SECTION QUESTION
8.0.7.0.6.0.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.b.9.f.f.4.6.0.0.ip6.arpa. IN PTR
ENTRY_END
; recursion happens here.
STEP 70 CHECK_ANSWER
ENTRY_BEGIN
MATCH all
REPLY QR RD RA NOERROR
SECTION QUESTION
8.0.7.0.6.0.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.b.9.f.f.4.6.0.0.ip6.arpa. IN PTR
SECTION ANSWER
8.0.7.0.6.0.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.b.9.f.f.4.6.0.0.ip6.arpa. IN PTR ip4.example.com.
SECTION AUTHORITY
7.6.5.in-addr.arpa. IN NS ns.example.com.
ENTRY_END
; synthesize from broken, malformed A records
STEP 80 QUERY
ENTRY_BEGIN
REPLY RD
SECTION QUESTION
broken.example.com. IN AAAA
ENTRY_END
; recursion happens here.
STEP 90 CHECK_ANSWER
ENTRY_BEGIN
MATCH all
REPLY QR RD RA NOERROR
SECTION QUESTION
broken.example.com. IN AAAA
SECTION ANSWER
SECTION AUTHORITY
example.com. IN SOA a. b. 1 2 3 4 5
SECTION ADDITIONAL
ENTRY_END
SCENARIO_END

View File

@ -100,7 +100,7 @@ config_create(void)
cfg->tcp_upstream = 0;
cfg->ssl_service_key = NULL;
cfg->ssl_service_pem = NULL;
cfg->ssl_port = 443;
cfg->ssl_port = 853;
cfg->ssl_upstream = 0;
cfg->use_syslog = 1;
cfg->log_time_ascii = 0;

View File

@ -660,6 +660,7 @@
833,
847,
848,
853,
860,
861,
862,