#
1.17 |
|
24-Feb-2021 |
florian |
We need to track the pid of the connecting control connection to be able to send answers back to the correct client in case two are connecting at the same time. We also need to pass the pid around to the resolver process so that it can hand it back to us. Debugged by deraadt and dlg who noticed that answers would always arrive on the first control connection.
deraadt@ points out that tracking the pid is not the best choice in case one process wants to hold open two connections but at least this brings us in line with all the other privsep daemons with control tools. If we change this we should change it in all daemons.
|
#
1.16 |
|
19-Jan-2021 |
florian |
Move control_state and ctl_conns to control.c, it's not needed elsewhere and unbreaks -fno-common. Inspired by claudio Problem reported by mortimer
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.15 |
|
18-Dec-2019 |
florian |
Implement unwindctl status memory to show chache memory usage. testing by otto & pamela as part of a larger diff
|
#
1.14 |
|
08-Dec-2019 |
florian |
Turn opportunistic DoT into their own strategies. This is beneficial since we prefer strategies according to their performance. Previously name servers were upgraded to opportunistic DoT if it was available even if the round trip times went through the roof and there was no way to got back to plain udp/53 DNS. To make up a bit of space in the unwindctl status output, name servers learned via DHCP or SLAAC are printed in a new subcommand. The status output will be further improved shortly. Input & OK otto
|
#
1.13 |
|
03-Dec-2019 |
otto |
No more status subcommands; ok florian@
|
#
1.12 |
|
27-Nov-2019 |
florian |
Nuke http captive portal detection; something better is coming. OK otto
|
#
1.11 |
|
11-Nov-2019 |
florian |
Implement DNS proposals to learn nameservers from network autoconfiguration daemons. Currently only slaacd is switched over so we need to keep the lease file parsing.
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.10 |
|
01-Mar-2019 |
florian |
Due to the way we build libunbound inside of unwind .o files collide in the obj directory. Previously this was solved by keeping the libunbound file name (to be able to keep in sync with upstream) and prefixing the source filename of colliding .o files in unwind with uw_.
However, these files are shared through out our tree (namely parse.y, log.c and log.h) and we try to keep them in sync.
Move files back to their original name and instead symlink colliding source files in libunbound to unique filenames by prefixing them with the directory they live in: obj/sldns_parse.c -> /usr/src/sbin/unwind/libunbound/sldns/parse.c obj/util_log.c -> /usr/src/sbin/unwind/libunbound/util/log.c
Idea to use symlinks deraadt@ via jsg@ OK benno
|
#
1.9 |
|
18-Feb-2019 |
florian |
Introduce IMSG_DATA_SIZE() macro to to replace reoccuring math on imsg.hdr.len and shorten code. Input & OK pamela
|
#
1.8 |
|
17-Feb-2019 |
florian |
Pass verbosity changes to captive portal process.
|
#
1.7 |
|
17-Feb-2019 |
florian |
s/unwind_/uw_/ to save screen real estate; fix style(9) issues while here
|
#
1.6 |
|
03-Feb-2019 |
florian |
Captive portal detection for unwind(8).
|
#
1.5 |
|
31-Jan-2019 |
solene |
Remove a log statement used for debug
ok florian@
|
#
1.4 |
|
31-Jan-2019 |
solene |
restrict commands reload and log to root only
tweaks and ok florian@
|
#
1.3 |
|
29-Jan-2019 |
florian |
Make imsg processing much more paranoid.
If it comes from one of our processes and the size does not match what we expect call fatalx to crash and burn. We either hit a logic bug or something is fishy on the other end and we can't trust that process any longer. Not that we trust those processes to begin with.
This also applies to receiving resources that we don't expect. For example if we have an open UDP listen socket and get a new one passed from the main process something is wrong and we should crash and burn.
The only place where we are more lenient is on the control socket. We just ignore wrong sized messages so that users can't bring down unwind.
|
#
1.2 |
|
27-Jan-2019 |
florian |
unwind(8) traces its ancestry to rad(8) and inherited all of its include directives, some of them no longer necessary. Cleanup by Caspar Schutijser, thank you very much!
|
#
1.1 |
|
23-Jan-2019 |
florian |
Import unwind(8).
unwind(8) is a hybrid validating stub & recursive resolver.
It actively observes the local net to decide how to best resolve names. It can chose to recurse on it's own or talk to dhcp provided forwardes or statically defined forwarders in the config file.
The intention is to be able to run it on localhost on every machine.
"toss it in man" deraadt@
|
#
1.16 |
|
19-Jan-2021 |
florian |
Move control_state and ctl_conns to control.c, it's not needed elsewhere and unbreaks -fno-common. Inspired by claudio Problem reported by mortimer
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.15 |
|
18-Dec-2019 |
florian |
Implement unwindctl status memory to show chache memory usage. testing by otto & pamela as part of a larger diff
|
#
1.14 |
|
08-Dec-2019 |
florian |
Turn opportunistic DoT into their own strategies. This is beneficial since we prefer strategies according to their performance. Previously name servers were upgraded to opportunistic DoT if it was available even if the round trip times went through the roof and there was no way to got back to plain udp/53 DNS. To make up a bit of space in the unwindctl status output, name servers learned via DHCP or SLAAC are printed in a new subcommand. The status output will be further improved shortly. Input & OK otto
|
#
1.13 |
|
03-Dec-2019 |
otto |
No more status subcommands; ok florian@
|
#
1.12 |
|
27-Nov-2019 |
florian |
Nuke http captive portal detection; something better is coming. OK otto
|
#
1.11 |
|
11-Nov-2019 |
florian |
Implement DNS proposals to learn nameservers from network autoconfiguration daemons. Currently only slaacd is switched over so we need to keep the lease file parsing.
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.10 |
|
01-Mar-2019 |
florian |
Due to the way we build libunbound inside of unwind .o files collide in the obj directory. Previously this was solved by keeping the libunbound file name (to be able to keep in sync with upstream) and prefixing the source filename of colliding .o files in unwind with uw_.
However, these files are shared through out our tree (namely parse.y, log.c and log.h) and we try to keep them in sync.
Move files back to their original name and instead symlink colliding source files in libunbound to unique filenames by prefixing them with the directory they live in: obj/sldns_parse.c -> /usr/src/sbin/unwind/libunbound/sldns/parse.c obj/util_log.c -> /usr/src/sbin/unwind/libunbound/util/log.c
Idea to use symlinks deraadt@ via jsg@ OK benno
|
#
1.9 |
|
18-Feb-2019 |
florian |
Introduce IMSG_DATA_SIZE() macro to to replace reoccuring math on imsg.hdr.len and shorten code. Input & OK pamela
|
#
1.8 |
|
17-Feb-2019 |
florian |
Pass verbosity changes to captive portal process.
|
#
1.7 |
|
17-Feb-2019 |
florian |
s/unwind_/uw_/ to save screen real estate; fix style(9) issues while here
|
#
1.6 |
|
03-Feb-2019 |
florian |
Captive portal detection for unwind(8).
|
#
1.5 |
|
31-Jan-2019 |
solene |
Remove a log statement used for debug
ok florian@
|
#
1.4 |
|
31-Jan-2019 |
solene |
restrict commands reload and log to root only
tweaks and ok florian@
|
#
1.3 |
|
29-Jan-2019 |
florian |
Make imsg processing much more paranoid.
If it comes from one of our processes and the size does not match what we expect call fatalx to crash and burn. We either hit a logic bug or something is fishy on the other end and we can't trust that process any longer. Not that we trust those processes to begin with.
This also applies to receiving resources that we don't expect. For example if we have an open UDP listen socket and get a new one passed from the main process something is wrong and we should crash and burn.
The only place where we are more lenient is on the control socket. We just ignore wrong sized messages so that users can't bring down unwind.
|
#
1.2 |
|
27-Jan-2019 |
florian |
unwind(8) traces its ancestry to rad(8) and inherited all of its include directives, some of them no longer necessary. Cleanup by Caspar Schutijser, thank you very much!
|
#
1.1 |
|
23-Jan-2019 |
florian |
Import unwind(8).
unwind(8) is a hybrid validating stub & recursive resolver.
It actively observes the local net to decide how to best resolve names. It can chose to recurse on it's own or talk to dhcp provided forwardes or statically defined forwarders in the config file.
The intention is to be able to run it on localhost on every machine.
"toss it in man" deraadt@
|
#
1.15 |
|
18-Dec-2019 |
florian |
Implement unwindctl status memory to show chache memory usage. testing by otto & pamela as part of a larger diff
|
#
1.14 |
|
08-Dec-2019 |
florian |
Turn opportunistic DoT into their own strategies. This is beneficial since we prefer strategies according to their performance. Previously name servers were upgraded to opportunistic DoT if it was available even if the round trip times went through the roof and there was no way to got back to plain udp/53 DNS. To make up a bit of space in the unwindctl status output, name servers learned via DHCP or SLAAC are printed in a new subcommand. The status output will be further improved shortly. Input & OK otto
|
#
1.13 |
|
03-Dec-2019 |
otto |
No more status subcommands; ok florian@
|
#
1.12 |
|
27-Nov-2019 |
florian |
Nuke http captive portal detection; something better is coming. OK otto
|
#
1.11 |
|
11-Nov-2019 |
florian |
Implement DNS proposals to learn nameservers from network autoconfiguration daemons. Currently only slaacd is switched over so we need to keep the lease file parsing.
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.10 |
|
01-Mar-2019 |
florian |
Due to the way we build libunbound inside of unwind .o files collide in the obj directory. Previously this was solved by keeping the libunbound file name (to be able to keep in sync with upstream) and prefixing the source filename of colliding .o files in unwind with uw_.
However, these files are shared through out our tree (namely parse.y, log.c and log.h) and we try to keep them in sync.
Move files back to their original name and instead symlink colliding source files in libunbound to unique filenames by prefixing them with the directory they live in: obj/sldns_parse.c -> /usr/src/sbin/unwind/libunbound/sldns/parse.c obj/util_log.c -> /usr/src/sbin/unwind/libunbound/util/log.c
Idea to use symlinks deraadt@ via jsg@ OK benno
|
#
1.9 |
|
18-Feb-2019 |
florian |
Introduce IMSG_DATA_SIZE() macro to to replace reoccuring math on imsg.hdr.len and shorten code. Input & OK pamela
|
#
1.8 |
|
17-Feb-2019 |
florian |
Pass verbosity changes to captive portal process.
|
#
1.7 |
|
17-Feb-2019 |
florian |
s/unwind_/uw_/ to save screen real estate; fix style(9) issues while here
|
#
1.6 |
|
03-Feb-2019 |
florian |
Captive portal detection for unwind(8).
|
#
1.5 |
|
31-Jan-2019 |
solene |
Remove a log statement used for debug
ok florian@
|
#
1.4 |
|
31-Jan-2019 |
solene |
restrict commands reload and log to root only
tweaks and ok florian@
|
#
1.3 |
|
29-Jan-2019 |
florian |
Make imsg processing much more paranoid.
If it comes from one of our processes and the size does not match what we expect call fatalx to crash and burn. We either hit a logic bug or something is fishy on the other end and we can't trust that process any longer. Not that we trust those processes to begin with.
This also applies to receiving resources that we don't expect. For example if we have an open UDP listen socket and get a new one passed from the main process something is wrong and we should crash and burn.
The only place where we are more lenient is on the control socket. We just ignore wrong sized messages so that users can't bring down unwind.
|
#
1.2 |
|
27-Jan-2019 |
florian |
unwind(8) traces its ancestry to rad(8) and inherited all of its include directives, some of them no longer necessary. Cleanup by Caspar Schutijser, thank you very much!
|
#
1.1 |
|
23-Jan-2019 |
florian |
Import unwind(8).
unwind(8) is a hybrid validating stub & recursive resolver.
It actively observes the local net to decide how to best resolve names. It can chose to recurse on it's own or talk to dhcp provided forwardes or statically defined forwarders in the config file.
The intention is to be able to run it on localhost on every machine.
"toss it in man" deraadt@
|
#
1.14 |
|
08-Dec-2019 |
florian |
Turn opportunistic DoT into their own strategies. This is beneficial since we prefer strategies according to their performance. Previously name servers were upgraded to opportunistic DoT if it was available even if the round trip times went through the roof and there was no way to got back to plain udp/53 DNS. To make up a bit of space in the unwindctl status output, name servers learned via DHCP or SLAAC are printed in a new subcommand. The status output will be further improved shortly. Input & OK otto
|
#
1.13 |
|
03-Dec-2019 |
otto |
No more status subcommands; ok florian@
|
#
1.12 |
|
27-Nov-2019 |
florian |
Nuke http captive portal detection; something better is coming. OK otto
|
#
1.11 |
|
11-Nov-2019 |
florian |
Implement DNS proposals to learn nameservers from network autoconfiguration daemons. Currently only slaacd is switched over so we need to keep the lease file parsing.
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.10 |
|
01-Mar-2019 |
florian |
Due to the way we build libunbound inside of unwind .o files collide in the obj directory. Previously this was solved by keeping the libunbound file name (to be able to keep in sync with upstream) and prefixing the source filename of colliding .o files in unwind with uw_.
However, these files are shared through out our tree (namely parse.y, log.c and log.h) and we try to keep them in sync.
Move files back to their original name and instead symlink colliding source files in libunbound to unique filenames by prefixing them with the directory they live in: obj/sldns_parse.c -> /usr/src/sbin/unwind/libunbound/sldns/parse.c obj/util_log.c -> /usr/src/sbin/unwind/libunbound/util/log.c
Idea to use symlinks deraadt@ via jsg@ OK benno
|
#
1.9 |
|
18-Feb-2019 |
florian |
Introduce IMSG_DATA_SIZE() macro to to replace reoccuring math on imsg.hdr.len and shorten code. Input & OK pamela
|
#
1.8 |
|
17-Feb-2019 |
florian |
Pass verbosity changes to captive portal process.
|
#
1.7 |
|
17-Feb-2019 |
florian |
s/unwind_/uw_/ to save screen real estate; fix style(9) issues while here
|
#
1.6 |
|
03-Feb-2019 |
florian |
Captive portal detection for unwind(8).
|
#
1.5 |
|
31-Jan-2019 |
solene |
Remove a log statement used for debug
ok florian@
|
#
1.4 |
|
31-Jan-2019 |
solene |
restrict commands reload and log to root only
tweaks and ok florian@
|
#
1.3 |
|
29-Jan-2019 |
florian |
Make imsg processing much more paranoid.
If it comes from one of our processes and the size does not match what we expect call fatalx to crash and burn. We either hit a logic bug or something is fishy on the other end and we can't trust that process any longer. Not that we trust those processes to begin with.
This also applies to receiving resources that we don't expect. For example if we have an open UDP listen socket and get a new one passed from the main process something is wrong and we should crash and burn.
The only place where we are more lenient is on the control socket. We just ignore wrong sized messages so that users can't bring down unwind.
|
#
1.2 |
|
27-Jan-2019 |
florian |
unwind(8) traces its ancestry to rad(8) and inherited all of its include directives, some of them no longer necessary. Cleanup by Caspar Schutijser, thank you very much!
|
#
1.1 |
|
23-Jan-2019 |
florian |
Import unwind(8).
unwind(8) is a hybrid validating stub & recursive resolver.
It actively observes the local net to decide how to best resolve names. It can chose to recurse on it's own or talk to dhcp provided forwardes or statically defined forwarders in the config file.
The intention is to be able to run it on localhost on every machine.
"toss it in man" deraadt@
|
#
1.13 |
|
03-Dec-2019 |
otto |
No more status subcommands; ok florian@
|
#
1.12 |
|
27-Nov-2019 |
florian |
Nuke http captive portal detection; something better is coming. OK otto
|
#
1.11 |
|
11-Nov-2019 |
florian |
Implement DNS proposals to learn nameservers from network autoconfiguration daemons. Currently only slaacd is switched over so we need to keep the lease file parsing.
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.10 |
|
01-Mar-2019 |
florian |
Due to the way we build libunbound inside of unwind .o files collide in the obj directory. Previously this was solved by keeping the libunbound file name (to be able to keep in sync with upstream) and prefixing the source filename of colliding .o files in unwind with uw_.
However, these files are shared through out our tree (namely parse.y, log.c and log.h) and we try to keep them in sync.
Move files back to their original name and instead symlink colliding source files in libunbound to unique filenames by prefixing them with the directory they live in: obj/sldns_parse.c -> /usr/src/sbin/unwind/libunbound/sldns/parse.c obj/util_log.c -> /usr/src/sbin/unwind/libunbound/util/log.c
Idea to use symlinks deraadt@ via jsg@ OK benno
|
#
1.9 |
|
18-Feb-2019 |
florian |
Introduce IMSG_DATA_SIZE() macro to to replace reoccuring math on imsg.hdr.len and shorten code. Input & OK pamela
|
#
1.8 |
|
17-Feb-2019 |
florian |
Pass verbosity changes to captive portal process.
|
#
1.7 |
|
17-Feb-2019 |
florian |
s/unwind_/uw_/ to save screen real estate; fix style(9) issues while here
|
#
1.6 |
|
03-Feb-2019 |
florian |
Captive portal detection for unwind(8).
|
#
1.5 |
|
31-Jan-2019 |
solene |
Remove a log statement used for debug
ok florian@
|
#
1.4 |
|
31-Jan-2019 |
solene |
restrict commands reload and log to root only
tweaks and ok florian@
|
#
1.3 |
|
29-Jan-2019 |
florian |
Make imsg processing much more paranoid.
If it comes from one of our processes and the size does not match what we expect call fatalx to crash and burn. We either hit a logic bug or something is fishy on the other end and we can't trust that process any longer. Not that we trust those processes to begin with.
This also applies to receiving resources that we don't expect. For example if we have an open UDP listen socket and get a new one passed from the main process something is wrong and we should crash and burn.
The only place where we are more lenient is on the control socket. We just ignore wrong sized messages so that users can't bring down unwind.
|
#
1.2 |
|
27-Jan-2019 |
florian |
unwind(8) traces its ancestry to rad(8) and inherited all of its include directives, some of them no longer necessary. Cleanup by Caspar Schutijser, thank you very much!
|
#
1.1 |
|
23-Jan-2019 |
florian |
Import unwind(8).
unwind(8) is a hybrid validating stub & recursive resolver.
It actively observes the local net to decide how to best resolve names. It can chose to recurse on it's own or talk to dhcp provided forwardes or statically defined forwarders in the config file.
The intention is to be able to run it on localhost on every machine.
"toss it in man" deraadt@
|
#
1.12 |
|
27-Nov-2019 |
florian |
Nuke http captive portal detection; something better is coming. OK otto
|
#
1.11 |
|
11-Nov-2019 |
florian |
Implement DNS proposals to learn nameservers from network autoconfiguration daemons. Currently only slaacd is switched over so we need to keep the lease file parsing.
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.10 |
|
01-Mar-2019 |
florian |
Due to the way we build libunbound inside of unwind .o files collide in the obj directory. Previously this was solved by keeping the libunbound file name (to be able to keep in sync with upstream) and prefixing the source filename of colliding .o files in unwind with uw_.
However, these files are shared through out our tree (namely parse.y, log.c and log.h) and we try to keep them in sync.
Move files back to their original name and instead symlink colliding source files in libunbound to unique filenames by prefixing them with the directory they live in: obj/sldns_parse.c -> /usr/src/sbin/unwind/libunbound/sldns/parse.c obj/util_log.c -> /usr/src/sbin/unwind/libunbound/util/log.c
Idea to use symlinks deraadt@ via jsg@ OK benno
|
#
1.9 |
|
18-Feb-2019 |
florian |
Introduce IMSG_DATA_SIZE() macro to to replace reoccuring math on imsg.hdr.len and shorten code. Input & OK pamela
|
#
1.8 |
|
17-Feb-2019 |
florian |
Pass verbosity changes to captive portal process.
|
#
1.7 |
|
17-Feb-2019 |
florian |
s/unwind_/uw_/ to save screen real estate; fix style(9) issues while here
|
#
1.6 |
|
03-Feb-2019 |
florian |
Captive portal detection for unwind(8).
|
#
1.5 |
|
31-Jan-2019 |
solene |
Remove a log statement used for debug
ok florian@
|
#
1.4 |
|
31-Jan-2019 |
solene |
restrict commands reload and log to root only
tweaks and ok florian@
|
#
1.3 |
|
29-Jan-2019 |
florian |
Make imsg processing much more paranoid.
If it comes from one of our processes and the size does not match what we expect call fatalx to crash and burn. We either hit a logic bug or something is fishy on the other end and we can't trust that process any longer. Not that we trust those processes to begin with.
This also applies to receiving resources that we don't expect. For example if we have an open UDP listen socket and get a new one passed from the main process something is wrong and we should crash and burn.
The only place where we are more lenient is on the control socket. We just ignore wrong sized messages so that users can't bring down unwind.
|
#
1.2 |
|
27-Jan-2019 |
florian |
unwind(8) traces its ancestry to rad(8) and inherited all of its include directives, some of them no longer necessary. Cleanup by Caspar Schutijser, thank you very much!
|
#
1.1 |
|
23-Jan-2019 |
florian |
Import unwind(8).
unwind(8) is a hybrid validating stub & recursive resolver.
It actively observes the local net to decide how to best resolve names. It can chose to recurse on it's own or talk to dhcp provided forwardes or statically defined forwarders in the config file.
The intention is to be able to run it on localhost on every machine.
"toss it in man" deraadt@
|
#
1.11 |
|
11-Nov-2019 |
florian |
Implement DNS proposals to learn nameservers from network autoconfiguration daemons. Currently only slaacd is switched over so we need to keep the lease file parsing.
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.10 |
|
01-Mar-2019 |
florian |
Due to the way we build libunbound inside of unwind .o files collide in the obj directory. Previously this was solved by keeping the libunbound file name (to be able to keep in sync with upstream) and prefixing the source filename of colliding .o files in unwind with uw_.
However, these files are shared through out our tree (namely parse.y, log.c and log.h) and we try to keep them in sync.
Move files back to their original name and instead symlink colliding source files in libunbound to unique filenames by prefixing them with the directory they live in: obj/sldns_parse.c -> /usr/src/sbin/unwind/libunbound/sldns/parse.c obj/util_log.c -> /usr/src/sbin/unwind/libunbound/util/log.c
Idea to use symlinks deraadt@ via jsg@ OK benno
|
#
1.9 |
|
18-Feb-2019 |
florian |
Introduce IMSG_DATA_SIZE() macro to to replace reoccuring math on imsg.hdr.len and shorten code. Input & OK pamela
|
#
1.8 |
|
17-Feb-2019 |
florian |
Pass verbosity changes to captive portal process.
|
#
1.7 |
|
17-Feb-2019 |
florian |
s/unwind_/uw_/ to save screen real estate; fix style(9) issues while here
|
#
1.6 |
|
03-Feb-2019 |
florian |
Captive portal detection for unwind(8).
|
#
1.5 |
|
31-Jan-2019 |
solene |
Remove a log statement used for debug
ok florian@
|
#
1.4 |
|
31-Jan-2019 |
solene |
restrict commands reload and log to root only
tweaks and ok florian@
|
#
1.3 |
|
29-Jan-2019 |
florian |
Make imsg processing much more paranoid.
If it comes from one of our processes and the size does not match what we expect call fatalx to crash and burn. We either hit a logic bug or something is fishy on the other end and we can't trust that process any longer. Not that we trust those processes to begin with.
This also applies to receiving resources that we don't expect. For example if we have an open UDP listen socket and get a new one passed from the main process something is wrong and we should crash and burn.
The only place where we are more lenient is on the control socket. We just ignore wrong sized messages so that users can't bring down unwind.
|
#
1.2 |
|
27-Jan-2019 |
florian |
unwind(8) traces its ancestry to rad(8) and inherited all of its include directives, some of them no longer necessary. Cleanup by Caspar Schutijser, thank you very much!
|
#
1.1 |
|
23-Jan-2019 |
florian |
Import unwind(8).
unwind(8) is a hybrid validating stub & recursive resolver.
It actively observes the local net to decide how to best resolve names. It can chose to recurse on it's own or talk to dhcp provided forwardes or statically defined forwarders in the config file.
The intention is to be able to run it on localhost on every machine.
"toss it in man" deraadt@
|
#
1.10 |
|
01-Mar-2019 |
florian |
Due to the way we build libunbound inside of unwind .o files collide in the obj directory. Previously this was solved by keeping the libunbound file name (to be able to keep in sync with upstream) and prefixing the source filename of colliding .o files in unwind with uw_.
However, these files are shared through out our tree (namely parse.y, log.c and log.h) and we try to keep them in sync.
Move files back to their original name and instead symlink colliding source files in libunbound to unique filenames by prefixing them with the directory they live in: obj/sldns_parse.c -> /usr/src/sbin/unwind/libunbound/sldns/parse.c obj/util_log.c -> /usr/src/sbin/unwind/libunbound/util/log.c
Idea to use symlinks deraadt@ via jsg@ OK benno
|
#
1.9 |
|
18-Feb-2019 |
florian |
Introduce IMSG_DATA_SIZE() macro to to replace reoccuring math on imsg.hdr.len and shorten code. Input & OK pamela
|
#
1.8 |
|
17-Feb-2019 |
florian |
Pass verbosity changes to captive portal process.
|
#
1.7 |
|
17-Feb-2019 |
florian |
s/unwind_/uw_/ to save screen real estate; fix style(9) issues while here
|
#
1.6 |
|
03-Feb-2019 |
florian |
Captive portal detection for unwind(8).
|
#
1.5 |
|
31-Jan-2019 |
solene |
Remove a log statement used for debug
ok florian@
|
#
1.4 |
|
31-Jan-2019 |
solene |
restrict commands reload and log to root only
tweaks and ok florian@
|
#
1.3 |
|
29-Jan-2019 |
florian |
Make imsg processing much more paranoid.
If it comes from one of our processes and the size does not match what we expect call fatalx to crash and burn. We either hit a logic bug or something is fishy on the other end and we can't trust that process any longer. Not that we trust those processes to begin with.
This also applies to receiving resources that we don't expect. For example if we have an open UDP listen socket and get a new one passed from the main process something is wrong and we should crash and burn.
The only place where we are more lenient is on the control socket. We just ignore wrong sized messages so that users can't bring down unwind.
|
#
1.2 |
|
27-Jan-2019 |
florian |
unwind(8) traces its ancestry to rad(8) and inherited all of its include directives, some of them no longer necessary. Cleanup by Caspar Schutijser, thank you very much!
|
#
1.1 |
|
23-Jan-2019 |
florian |
Import unwind(8).
unwind(8) is a hybrid validating stub & recursive resolver.
It actively observes the local net to decide how to best resolve names. It can chose to recurse on it's own or talk to dhcp provided forwardes or statically defined forwarders in the config file.
The intention is to be able to run it on localhost on every machine.
"toss it in man" deraadt@
|