1. c8e8f5c Bump copyright notices for 2021. Happy New Year! by Simon Kelley · 3 years, 11 months ago
  2. 1eb6ced Fix DNS reply when asking for DNSSEC and a validated CNAME is already cached. by Simon Kelley · 4 years, 1 month ago
  3. 2d76586 Use SHA-256 to provide security against DNS cache poisoning. by Simon Kelley · 4 years, 1 month ago
  4. e7ee1aa Extend stop-dns-rebind to reject IPv6 LL and ULA addresses. by Dominik DL6ER · 4 years, 9 months ago
  5. 29ae308 Restore ability to answer non-recursive requests by Petr Menšík · 6 years ago
  6. 2a8710a Update copyrights to 2020. by Simon Kelley · 5 years ago
  7. 1aef66b New CNAME code shouldn't spin on CNAME loops. by Simon Kelley · 5 years ago
  8. 4a1c21d Fix spin-crash in new CNAME code (b59a5c2567aafac35734d9660d9480613999e4cb) by Simon Kelley · 5 years ago
  9. 1fd56c0 Tidy up CNAME representaion. by Simon Kelley · 5 years ago
  10. 84449bf Generalise locally-configured CNAME handling. by Simon Kelley · 5 years ago
  11. 122997d Fix bugs in caching CNAMEs with target to SRV records. by Simon Kelley · 5 years ago
  12. b59a5c2 Generalise CNAME handling. by Simon Kelley · 5 years ago
  13. ae7a3b9 DNSSEC: implement RFC-4036 para 5.3.3. rules on TTL values. by Simon Kelley · 5 years ago
  14. 5b99eae Cache SRV records. by Simon Kelley · 6 years ago
  15. cc921df Remove nested struct/union in cache records and all_addr. by Simon Kelley · 6 years ago
  16. 65a01b7 Tidy address-union handling: move class into explicit argument. by Simon Kelley · 6 years ago
  17. bde4647 Tidy all_addr union, merge log and rcode fields. by Simon Kelley · 6 years ago
  18. 07e25da Treat DS and DNSKEY queries being forwarded the same as those locally originated. by Simon Kelley · 6 years ago
  19. 6f7812d Fix spurious AD flags in some DNS replies from local config. by Simon Kelley · 6 years ago
  20. cbb5b17 Fix logging in cf5984367bc6a949e3803a576512c5a7bc48ebab by Simon Kelley · 6 years ago
  21. cf59843 Don't forward *.bind/*.server queries upstream by Vladislav Grishenko · 6 years ago
  22. ee87504 Remove ability to compile without IPv6 support. by Simon Kelley · 6 years ago
  23. a220545 Ensure that AD bit is reset on answers from --address=/<domain>/<address>. by Simon Kelley · 6 years ago
  24. 4139298 Change behavior when RD bit unset in queries. by Simon Kelley · 6 years ago
  25. c346f61 Handle ANY queries in context of da8b6517decdac593e7ce24bde2824dd841725c8 by Simon Kelley · 6 years ago
  26. b758b67 Improve logging of RRs from --dns-rr. by Simon Kelley · 6 years ago
  27. 97f876b Properly deal with unaligned addresses in DHCPv6 packets. by Simon Kelley · 6 years ago
  28. b6f926f Don't return NXDOMAIN to empty non-terminals. by Simon Kelley · 6 years ago
  29. 45d8a24 Introduce UID_NONE value, for cache records which are not the target of a CNAME. by Simon Kelley · 6 years ago
  30. a997ca0 Fix sometimes missing DNSSEC RRs when DNSSEC validation not enabled. by Simon Kelley · 6 years ago
  31. 07ed585 Add logging for DNS error returns from upstream and local configuration. by Simon Kelley · 7 years ago
  32. 1721453 Remove special handling of A-for-A queries. by Simon Kelley · 7 years ago
  33. d1ced3a Update copyrights to 2018. by Simon Kelley · 7 years ago
  34. 8c707e1 Make 373e91738929a3d416e6292e65824184ba8428a6 compile without DNSSEC. by Simon Kelley · 7 years ago
  35. 373e917 Fix a6004d7f17687ac2455f724d0b57098c413f128d to cope with >256 RRs in answer section. by Simon Kelley · 7 years ago
  36. 74f0f9a Commment language tweaks. by Josh Soref · 7 years ago
  37. 087eb76 Always return a SERVFAIL response to DNS queries with RD=0. by Simon Kelley · 7 years ago
  38. a6004d7 Fix caching logic for validated answers. by Simon Kelley · 7 years ago
  39. c366717 Tidy up add_resource_record() buffer size checks. by Simon Kelley · 7 years ago
  40. 62cb936 Security fix, CVE-2017-14491, DNS heap buffer overflow. by Simon Kelley · 7 years ago
  41. 6a0b00f Misc code cleanups arising from Google analysis. by Simon Kelley · 7 years ago
  42. 0549c73 Security fix, CVE-2017-14491 DNS heap buffer overflow. by Simon Kelley · 7 years ago
  43. 63437ff Fix CVE-2017-13704, which resulted in a crash on a large DNS query. by Simon Kelley · 7 years ago
  44. 50ca855 Bump year in copyrights. by Simon Kelley · 7 years ago
  45. 5a7212c Make --rev-server work in the presence of --bogus-priv. by Vladislav Grishenko · 8 years ago
  46. fca008d Make --bogus-priv apply to IPv6. by Simon Kelley · 8 years ago
  47. 43517fc Spelling fixes. by klemens · 8 years ago
  48. 730c674 Comprehensive spelling/typo fixes. by Josh Soref · 8 years ago
  49. d42d470 Make --localise-queries apply to names from --interface-name. by Simon Kelley · 8 years ago
  50. 7ac9ae1 Compile time option NO_ID by Kevin Darbyshire-Bryant · 8 years ago
  51. fa78573 Zero packet buffers before building output, to reduce risk of information leakage. by Simon Kelley · 8 years ago
  52. c7f3bd2 Replace incoming EDNS0_OPTION_NOMDEVICEID and EDNS0_OPTION_NOMCPEID options. by Simon Kelley · 9 years ago
  53. 7480aef Apply ceiling of lease length to TTL when --dhcp-ttl in use. by Simon Kelley · 9 years ago
  54. 832e47b Add --dhcp-ttl option. by Simon Kelley · 9 years ago
  55. df3d54f Add TTL parameter to --host-record and --cname. by Simon Kelley · 9 years ago
  56. d05dd58 Fix wrong reply to simple name when --domain-needed set and no servers configured. by Simon Kelley · 9 years ago
  57. c49778d Update copyright notices. Happy new year! by Simon Kelley · 9 years ago
  58. 1d03016 Split EDNS0 stuff into its own source file. by Simon Kelley · 9 years ago
  59. fa14bec Major tidy up of EDNS0 handling and computation/use of udp packet size. by Simon Kelley · 9 years ago
  60. dd4ad9a Tweaks to EDNS0 handling in DNS replies. by Simon Kelley · 9 years ago
  61. 93be5b1 Abandon caching RRSIGs and returning them from cache. by Simon Kelley · 9 years ago
  62. 90477fb Update list of subnet for --bogus-priv by Simon Kelley · 9 years ago
  63. a7369be Enhance --add-subnet to allow arbitary subnet addresses. by Ed Bardsley · 9 years ago
  64. d2aa7df Include 0.0.0.0/8 in DNS rebind checks. by Simon Kelley · 9 years ago
  65. 06568c6 Remove support for DNS Extended Label Types. by Simon Kelley · 10 years ago
  66. 5d07d77 Fix buffer overflow introduced in 2.73rc6. by Simon Kelley · 10 years ago
  67. b059c96 Check IPv4-mapped IPv6 addresses with --stop-rebind. by Simon Kelley · 10 years ago
  68. a77cec8 Handle UDP packet loss when fragmentation of large packets is broken. by Simon Kelley · 10 years ago
  69. 2ed162a Don't remove RRSIG RR from answers to ANY queries when the do bit is not set. by Simon Kelley · 10 years ago
  70. b8f1655 Tweaks to previous, DNS label charset commit. by Simon Kelley · 10 years ago
  71. cbe379a Handle domain names with '.' or /000 within labels. by Simon Kelley · 10 years ago
  72. ad4a8ff Fix crash on receipt of certain malformed DNS requests. by Simon Kelley · 10 years ago
  73. 394ff49 Allow control characters in names in the cache, handle when logging. by Simon Kelley · 10 years ago
  74. 1e15394 DNSSEC fix for non-ascii characters in labels. by Simon Kelley · 10 years ago
  75. aff3396 Update copyrights for dawn of 2015. by Simon Kelley · 10 years ago
  76. ae4624b Logs for DS records consistent. by Simon Kelley · 10 years ago
  77. 32fc6db Add --ignore-address option. by Glen Huang · 10 years ago
  78. 4766936 Eliminate IPv6 privacy addresses from --interface-name answers. by Simon Kelley · 10 years ago
  79. 288df49 Fix bug when resulted in NXDOMAIN answers instead of NODATA. by Simon Kelley · 10 years ago
  80. b7639d5 Fix ipsets logging patch. by Simon Kelley · 11 years ago
  81. 49752b9 Log IPSET actions. by Wang Jian · 11 years ago
  82. fec216d Cache stats availble in CHAOS .bind domain. by Simon Kelley · 11 years ago
  83. 3e21a1a Tidy uid defines. by Andy · 11 years ago
  84. 03431d6 Initialise uid when creating CNAME cache record. by Simon Kelley · 11 years ago
  85. 3f7483e Handle integer overflow in uid counter. Fixes rare crashes in cache code. by Simon Kelley · 11 years ago
  86. 29fe922 Can have local DS records (trust anchors). by Simon Kelley · 11 years ago
  87. d1fbb77 Don't cache secure replies which we've messsed with. by Simon Kelley · 11 years ago
  88. 1fbe4d2 Tweak tuning params. by Simon Kelley · 11 years ago
  89. 00a5b5d Check that unsigned replies come from unsigned zones if --dnssec-check-unsigned set. by Simon Kelley · 11 years ago
  90. b8eac19 Negative caching for DS records. by Simon Kelley · 11 years ago
  91. 613ad15 Strip DNSSEC RRs when query doesn't have DO bit set. by Simon Kelley · 11 years ago
  92. 5107ace NSEC3 validation. First pass. by Simon Kelley · 11 years ago
  93. ee41586 Use DS records as trust anchors, not DNSKEYs. by Simon Kelley · 11 years ago
  94. 83349b8 Further tidying of AD and DO bit handling. by Simon Kelley · 11 years ago
  95. c8ca33f Fix DNSSEC caching problems: incomplete RRSIG RRsets. by Simon Kelley · 11 years ago
  96. e243c07 AD bit in queries handled as RFC6840 p5.7 by Simon Kelley · 11 years ago
  97. 610e782 Fix stack-smashing crash in DNSSEC. Thanks to Henk Jan Agteresch. by Simon Kelley · 11 years ago
  98. 12fae49 Make RR work when returning A/AAAA records and an RRSIG. by Simon Kelley · 11 years ago
  99. 5f93853 Return configured DNSKEYs even though we don't have RRSIGS for them. by Simon Kelley · 11 years ago
  100. 7c28612 Trivial format fix. by Simon Kelley · 11 years ago