summaryrefslogtreecommitdiff
path: root/src
Commit message (Expand)AuthorAgeFilesLines
* First commit for DHCPv6_PD.pdSimon Kelley2014-05-0110-90/+606
* Handle SERVFAIL replies when looking for proven-nonexistence of DS.Simon Kelley2014-04-261-7/+14
* Need to fixup records in the additional section when removing DNSSEC stuff.v2.71test1Simon Kelley2014-04-241-5/+10
* Fix crash on TCP DNS request when DNSSEC not enabled.Simon Kelley2014-04-161-1/+1
* Ensure request name in buffer for ipset lookup.Simon Kelley2014-04-131-12/+15
* Fix NXDOMAIN RCODE in auth PTR replies.Simon Kelley2014-04-031-2/+4
* Fix ipsets logging patch.v2.69rc4v2.69rc3Simon Kelley2014-03-291-1/+1
* Log IPSET actions.v2.69rc2Wang Jian2014-03-283-1/+12
* Add --dnssec-no-timecheckSimon Kelley2014-03-284-83/+107
* Ensure ->sentto is valid for DNSSEC forwards. Otherwise retries SEGV.Simon Kelley2014-03-271-0/+1
* Cache stats availble in CHAOS .bind domain.Simon Kelley2014-03-274-13/+143
* Terminate DS-search when reaching the root via cache entries.Simon Kelley2014-03-261-0/+11
* SERVFAIL is an expected error return, don't try all servers.Simon Kelley2014-03-251-4/+3
* Handle failure of hash_questions()Tomas Hozza2014-03-251-29/+33
* Memory leak in error path.Tomas Hozza2014-03-251-2/+5
* Reorder sanity checks on UDP packet reception, to cope with failed recvfrom()Simon Kelley2014-03-241-7/+11
* Ignore DNS queries from port 0: http://www.ietf.org/mail-archive/web/dnsop/cu...Simon Kelley2014-03-221-3/+16
* Tidy uid defines.Andy2014-03-222-2/+2
* Fix DNSSEC crash retrying to IPv6 server.Simon Kelley2014-03-211-2/+2
* Initialise uid when creating CNAME cache record.Simon Kelley2014-03-201-0/+2
* Make --quiet-dhcp apply to DHCPDISCOVER when client ignored.Simon Kelley2014-03-201-0/+2
* Tidy and fix cache->uid handling.Simon Kelley2014-03-183-15/+27
* Ensure next_uid() can never return 0.Andy2014-03-171-2/+4
* Handle integer overflow in uid counter. Fixes rare crashes in cache code.Simon Kelley2014-03-164-16/+23
* Warn about non-local queries once only for UDP.Simon Kelley2014-03-121-1/+6
* OPT_LOCAL_SERVICE needs up-to-date interface list too.Simon Kelley2014-03-061-1/+2
* Set --local-service in Debian package startup.Simon Kelley2014-03-051-0/+3
* --local-service. Default protection from DNS amplification attacks.Simon Kelley2014-03-054-1/+115
* Compiler warning.Simon Kelley2014-03-031-2/+2
* KEYBLOCK LEN better as a multiple of 8.Simon Kelley2014-03-021-1/+1
* Can have local DS records (trust anchors).v2.69test11Simon Kelley2014-03-011-1/+1
* Mass edit of INSECURE->BOGUS returns for server failure/bad input.v2.69test10Simon Kelley2014-03-011-84/+73
* Don't cache secure replies which we've messsed with.Simon Kelley2014-03-011-5/+4
* Tweak tuning params.Simon Kelley2014-03-013-4/+5
* Handle replies with no answers and no NS in validate_reply.Simon Kelley2014-03-011-0/+4
* Don't free blockdata for negative DS cache entries.Simon Kelley2014-03-012-2/+2
* Fix off-by-one overwrite.Simon Kelley2014-03-011-1/+2
* Tidy.Simon Kelley2014-03-011-4/+3
* Check that unsigned replies come from unsigned zones if --dnssec-check-unsign...Simon Kelley2014-02-285-110/+460
* Negative caching for DS records.Simon Kelley2014-02-273-48/+104
* Return INSECURE when validation fails with proved non-existent DS.Simon Kelley2014-02-251-5/+9
* Strip DNSSEC RRs when query doesn't have DO bit set.Simon Kelley2014-02-254-94/+327
* Speeling.Simon Kelley2014-02-241-7/+7
* Code cleanup.v2.69test9Simon Kelley2014-02-241-47/+34
* An NSEC record cannot attest to its own non-existance!Simon Kelley2014-02-241-4/+8
* Check signer name in RRSIGs.Simon Kelley2014-02-231-6/+32
* Bugfix for last commit.Simon Kelley2014-02-231-4/+4
* NSEC3 validation. First pass.Simon Kelley2014-02-235-113/+505
* Add --servers-file option.Simon Kelley2014-02-206-27/+82
* Omit ECC from DNSSEC if nettle library is old.Simon Kelley2014-02-191-6/+13