]> git.ipfire.org Git - thirdparty/unbound.git/commit
projects / thirdparty / unbound.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 71f23ef) | patch
Downstream DNS Cookies a la RFC7873 and RFC9018
authorWillem Toorop <willem@nlnetlabs.nl>
Wed, 28 Sep 2022 08:28:19 +0000 (10:28 +0200)
committerWillem Toorop <willem@nlnetlabs.nl>
Wed, 28 Sep 2022 08:28:19 +0000 (10:28 +0200)
commit75f3fbdd6563dd87c93964e48a3fb7e6c520d74e
treecf4d947a4fd70d58e15d9c94520cc6bc282a2702tree | snapshot
parent71f23ef354fae12e99963fe43200d38dfe796222commit | diff
Downstream DNS Cookies a la RFC7873 and RFC9018

Create server cookies for clients that send client cookies.
Needs to be turned on in the config file with:

answer-cookie: yes

A cookie-secret can be configured for anycast setups.
Also adds an access control list that will allow queries with
either a valid cookie or over a stateful transport.
17 files changed:
Makefile.in diff | blob | blame | history
daemon/acl_list.c diff | blob | blame | history
daemon/acl_list.h diff | blob | blame | history
daemon/worker.c diff | blob | blame | history
doc/unbound.conf.5.in diff | blob | blame | history
libunbound/libworker.c diff | blob | blame | history
services/authzone.c diff | blob | blame | history
sldns/rrdef.h diff | blob | blame | history
testcode/fake_event.c diff | blob | blame | history
util/config_file.c diff | blob | blame | history
util/config_file.h diff | blob | blame | history
util/configlexer.lex diff | blob | blame | history
util/configparser.y diff | blob | blame | history
util/data/msgparse.c diff | blob | blame | history
util/data/msgparse.h diff | blob | blame | history
util/siphash.c [new file with mode: 0644] blob
validator/autotrust.c diff | blob | blame | history
Mirror of https://github.com/NLnetLabs/unbound.git