summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Handle domain names with '.' or /000 within labels.v2.73rc5escape_namesSimon Kelley2015-04-215-13/+71
| | | | | Only in DNSSEC mode, where we might need to validate or store such names. In none-DNSSEC mode, simply don't cache these, as before.
* Revert 61b838dd574c51d96fef100285a0d225824534f9 and just quieten log instead.Simon Kelley2015-04-201-14/+10
|
* Check IP address command line arg in dhcp_release.cMoshe Levi2015-04-191-0/+5
|
* Log domain when reporting DNSSEC validation failure.Simon Kelley2015-04-171-5/+10
|
* Note CVE-2015-3294Simon Kelley2015-04-161-0/+3
|
* Fix (srk induced) crash in new tftp_no_fail code.Stefan Tomanek2015-04-161-2/+4
|
* Auth: correct replies to NS and SOA in .arpa zones.Simon Kelley2015-04-162-21/+38
|
* Fix crash in auth code with odd configuration.Simon Kelley2015-04-122-16/+29
|
* Fix crash on receipt of certain malformed DNS requests.v2.73rc4Simon Kelley2015-04-092-3/+9
|
* Fix crash caused by looking up servers.bind when many servers defined.Simon Kelley2015-04-062-3/+8
|
* Fix compiler warning when not including DNSSEC.Simon Kelley2015-04-031-1/+2
|
* Return INSECURE, rather than BOGUS when DS proved not to exist.Simon Kelley2015-04-033-21/+69
| | | | | | | | | | | Return INSECURE when validating DNS replies which have RRSIGs, but when a needed DS record in the trust chain is proved not to exist. It's allowed for a zone to set up DNSKEY and RRSIG records first, then add a DS later, completing the chain of trust. Also, since we don't have the infrastructure to track that these non-validated replies have RRSIGS, don't cache them, so we don't provide answers with missing RRSIGS from the cache.
* Whitespace fixes.Stefan Tomanek2015-04-012-8/+8
|
* add --tftp-no-fail to ignore missing tftp rootStefan Tomanek2015-03-316-11/+45
|
* Merge message translations.v2.73rc3v2.73rc2Simon Kelley2015-03-3010-3573/+4396
|
* Fix crash in last commit.Simon Kelley2015-03-291-3/+4
|
* Allow control characters in names in the cache, handle when logging.Simon Kelley2015-03-293-23/+37
|
* DNSSEC fix for non-ascii characters in labels.Simon Kelley2015-03-282-19/+20
|
* Protect against broken DNSSEC upstreams.Simon Kelley2015-03-271-2/+5
|
* Return SERVFAIL when validation abandoned.Simon Kelley2015-03-271-2/+9
|
* Don't fail DNSSEC when a signed CNAME dangles into an unsigned zone.Simon Kelley2015-03-261-1/+2
|
* dhcp: set outbound interface via cmsg in unicast replyv2.73rc1Lung-Pin Chang2015-03-191-20/+25
| | | | | | | If multiple routes to the same network exist, Linux blindly picks the first interface (route) based on destination address, which might not be the one we're actually offering leases. Rather than relying on this, always set the interface for outgoing unicast DHCP packets.
* Make --address=/example.com/ equivalent to --server=/example.com/Simon Kelley2015-03-193-6/+7
|
* Fix boilerplate code for re-running system calls on EINTR and EAGAIN etc.Simon Kelley2015-03-1111-84/+93
| | | | | | The nasty code with static variable in retry_send() which avoids looping forever needs to be called on success of the syscall, to reset the static variable.
* Tweak DNSSEC timestamp code to create file later, removing need to chown it.domain_lookupSimon Kelley2015-03-074-23/+36
|
* New version of contrib/reverse-dnsSimon Kelley2015-03-043-57/+125
|
* Fix last commit to not crash if uid changing not configured.Simon Kelley2015-03-023-4/+4
|
* Add --dnssec-timestamp option and facility.Simon Kelley2015-03-016-6/+108
|
* Log parsing utils in contrib/reverse-dnsJoachim Zobel2015-02-233-0/+75
|
* Fix uninitialized value used in get_client_mac()Tomas Hozza2015-02-231-1/+3
|
* Fix trivial memory leaks to quieten valgrind.Chen Wei2015-02-172-2/+11
|
* Make dynamic hosts files work when --no-hosts set.Simon Kelley2015-02-141-10/+11
|
* Typos.Simon Kelley2015-02-141-1/+2
|
* Debian systemd fixes.Simon Kelley2015-02-124-13/+16
|
* Fix get-version script which returned wrong tag in some situations.Shantanu Gadgil2015-02-111-1/+1
|
* Make Debian build reproducible.Chris Lamb2015-02-092-11/+12
|
* man page typo.Simon Kelley2015-02-071-0/+1
|
* Extra logging for inotify code.Simon Kelley2015-02-033-7/+10
|
* Fixup dhcp-configs after reading extra hostfiles with inotify.Simon Kelley2015-02-021-1/+13
|
* Manpage typo fix.ThiƩbaud Weksteen2015-02-021-1/+1
|
* Debian changelog bugfix.Simon Kelley2015-02-021-0/+1
|
* Fix build failure on openBSD.Simon Kelley2015-02-011-1/+1
|
* BSD make supportSimon Kelley2015-02-011-2/+4
|
* Fix broken ECDSA DNSSEC signatures.Simon Kelley2015-01-312-1/+3
|
* inotify documentation updates.Simon Kelley2015-01-311-2/+9
|
* Update copyrights for dawn of 2015.Simon Kelley2015-01-3138-39/+39
|
* Expand inotify code to dhcp-hostsdir, dhcp-optsdir and hostsdir.Simon Kelley2015-01-315-133/+187
|
* Allow inotify to be disabled at compile time on Linux.Simon Kelley2015-01-265-16/+37
|
* Don't reply to DHCPv6 SOLICIT messages when not configured for statefull DHCPv6.Win King Wan2015-01-212-0/+17
|
* Update German translation.Conrad Kostecki2015-01-201-54/+47
|
View Lorry Controller Status