Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | Log IPSET actions.v2.69rc2 | Wang Jian | 2014-03-28 | 3 | -1/+12 | |
| | ||||||
* | Add --dnssec-no-timecheck | Simon Kelley | 2014-03-28 | 5 | -83/+116 | |
| | ||||||
* | Ensure ->sentto is valid for DNSSEC forwards. Otherwise retries SEGV. | Simon Kelley | 2014-03-27 | 1 | -0/+1 | |
| | ||||||
* | Cache stats availble in CHAOS .bind domain. | Simon Kelley | 2014-03-27 | 5 | -15/+155 | |
| | ||||||
* | Terminate DS-search when reaching the root via cache entries. | Simon Kelley | 2014-03-26 | 1 | -0/+11 | |
| | ||||||
* | SERVFAIL is an expected error return, don't try all servers. | Simon Kelley | 2014-03-25 | 1 | -4/+3 | |
| | ||||||
* | Handle failure of hash_questions() | Tomas Hozza | 2014-03-25 | 1 | -29/+33 | |
| | ||||||
* | Memory leak in error path. | Tomas Hozza | 2014-03-25 | 1 | -2/+5 | |
| | ||||||
* | Reorder sanity checks on UDP packet reception, to cope with failed recvfrom() | Simon Kelley | 2014-03-24 | 1 | -7/+11 | |
| | ||||||
* | Add dnssec-check-unsigned to example config file. | Simon Kelley | 2014-03-24 | 1 | -0/+8 | |
| | ||||||
* | CHANGELOG update.v2.69rc1 | Simon Kelley | 2014-03-22 | 1 | -0/+4 | |
| | ||||||
* | Ignore DNS queries from port 0: ↵ | Simon Kelley | 2014-03-22 | 1 | -3/+16 | |
| | | | | http://www.ietf.org/mail-archive/web/dnsop/current/msg11441.html | |||||
* | Tidy uid defines. | Andy | 2014-03-22 | 2 | -2/+2 | |
| | ||||||
* | Fix DNSSEC crash retrying to IPv6 server. | Simon Kelley | 2014-03-21 | 1 | -2/+2 | |
| | ||||||
* | Initialise uid when creating CNAME cache record. | Simon Kelley | 2014-03-20 | 1 | -0/+2 | |
| | ||||||
* | Make --quiet-dhcp apply to DHCPDISCOVER when client ignored. | Simon Kelley | 2014-03-20 | 1 | -0/+2 | |
| | ||||||
* | Manpage typos. | Moritz Warning | 2014-03-20 | 1 | -2/+2 | |
| | ||||||
* | Tidy and fix cache->uid handling. | Simon Kelley | 2014-03-18 | 3 | -15/+27 | |
| | | | | | | | | | | | | Some CNAMES left the value of ->uid undefined. Since there are now special values if this, for CNAMES to interface names, that could cause a crash if the undefined value hit the special value. Also ensure that the special value can't arise when the uid is encoding the source of an F_CONFIG record, in case there's a CNAME to it. | |||||
* | Ensure next_uid() can never return 0. | Andy | 2014-03-17 | 1 | -2/+4 | |
| | ||||||
* | Handle integer overflow in uid counter. Fixes rare crashes in cache code. | Simon Kelley | 2014-03-16 | 4 | -16/+23 | |
| | ||||||
* | Warn about non-local queries once only for UDP. | Simon Kelley | 2014-03-12 | 1 | -1/+6 | |
| | ||||||
* | Typo | Simon Kelley | 2014-03-12 | 1 | -1/+1 | |
| | ||||||
* | OPT_LOCAL_SERVICE needs up-to-date interface list too. | Simon Kelley | 2014-03-06 | 1 | -1/+2 | |
| | ||||||
* | Set --local-service in Debian package startup. | Simon Kelley | 2014-03-05 | 3 | -0/+17 | |
| | ||||||
* | --local-service. Default protection from DNS amplification attacks. | Simon Kelley | 2014-03-05 | 6 | -2/+133 | |
| | ||||||
* | Add --static to pkg-config command when appropriate. | Simon Kelley | 2014-03-05 | 1 | -1/+4 | |
| | ||||||
* | Compiler warning. | Simon Kelley | 2014-03-03 | 1 | -2/+2 | |
| | ||||||
* | Man page updates for DNSSEC. | Simon Kelley | 2014-03-02 | 1 | -2/+13 | |
| | ||||||
* | KEYBLOCK LEN better as a multiple of 8. | Simon Kelley | 2014-03-02 | 1 | -1/+1 | |
| | ||||||
* | Can have local DS records (trust anchors).v2.69test11 | Simon Kelley | 2014-03-01 | 1 | -1/+1 | |
| | ||||||
* | Mass edit of INSECURE->BOGUS returns for server failure/bad input.v2.69test10 | Simon Kelley | 2014-03-01 | 1 | -84/+73 | |
| | ||||||
* | Don't cache secure replies which we've messsed with. | Simon Kelley | 2014-03-01 | 1 | -5/+4 | |
| | ||||||
* | Tweak tuning params. | Simon Kelley | 2014-03-01 | 3 | -4/+5 | |
| | ||||||
* | Handle replies with no answers and no NS in validate_reply. | Simon Kelley | 2014-03-01 | 1 | -0/+4 | |
| | ||||||
* | Don't free blockdata for negative DS cache entries. | Simon Kelley | 2014-03-01 | 2 | -2/+2 | |
| | ||||||
* | Fix off-by-one overwrite. | Simon Kelley | 2014-03-01 | 1 | -1/+2 | |
| | ||||||
* | Tidy. | Simon Kelley | 2014-03-01 | 1 | -4/+3 | |
| | ||||||
* | Check that unsigned replies come from unsigned zones if ↵ | Simon Kelley | 2014-02-28 | 6 | -110/+469 | |
| | | | | --dnssec-check-unsigned set. | |||||
* | Negative caching for DS records. | Simon Kelley | 2014-02-27 | 3 | -48/+104 | |
| | ||||||
* | Return INSECURE when validation fails with proved non-existent DS. | Simon Kelley | 2014-02-25 | 1 | -5/+9 | |
| | ||||||
* | Strip DNSSEC RRs when query doesn't have DO bit set. | Simon Kelley | 2014-02-25 | 4 | -94/+327 | |
| | ||||||
* | Speeling. | Simon Kelley | 2014-02-24 | 1 | -7/+7 | |
| | ||||||
* | Code cleanup.v2.69test9 | Simon Kelley | 2014-02-24 | 1 | -47/+34 | |
| | ||||||
* | An NSEC record cannot attest to its own non-existance! | Simon Kelley | 2014-02-24 | 1 | -4/+8 | |
| | ||||||
* | Check signer name in RRSIGs. | Simon Kelley | 2014-02-23 | 1 | -6/+32 | |
| | ||||||
* | Bugfix for last commit. | Simon Kelley | 2014-02-23 | 1 | -4/+4 | |
| | ||||||
* | NSEC3 validation. First pass. | Simon Kelley | 2014-02-23 | 5 | -113/+505 | |
| | ||||||
* | Add --servers-file option. | Simon Kelley | 2014-02-20 | 8 | -27/+92 | |
| | ||||||
* | Omit ECC from DNSSEC if nettle library is old. | Simon Kelley | 2014-02-19 | 2 | -6/+17 | |
| | ||||||
* | More server cleanup. | Simon Kelley | 2014-02-19 | 1 | -29/+24 | |
| |