Gitiles
Code Review
Sign In
gerrit.nordix.org
/
thekelleys
/
dnsmasq
/
604f7598c2265e334de05ed25d8e4e2a01de36cd
604f759
CHANGELOG update.
by Simon Kelley
· 11 years ago
2a7a2b8
Ignore DNS queries from port 0: http://www.ietf.org/mail-archive/web/dnsop/current/msg11441.html
by Simon Kelley
· 11 years ago
3e21a1a
Tidy uid defines.
by Andy
· 11 years ago
2b29191
Fix DNSSEC crash retrying to IPv6 server.
by Simon Kelley
· 11 years ago
03431d6
Initialise uid when creating CNAME cache record.
by Simon Kelley
· 11 years ago
cc1a29e
Make --quiet-dhcp apply to DHCPDISCOVER when client ignored.
by Simon Kelley
· 11 years ago
e62e9b6
Manpage typos.
by Moritz Warning
· 11 years ago
19c51cf
Tidy and fix cache->uid handling.
by Simon Kelley
· 11 years ago
d508215
Ensure next_uid() can never return 0.
by Andy
· 11 years ago
3f7483e
Handle integer overflow in uid counter. Fixes rare crashes in cache code.
by Simon Kelley
· 11 years ago
0c8584e
Warn about non-local queries once only for UDP.
by Simon Kelley
· 11 years ago
f00690f
Typo
by Simon Kelley
· 11 years ago
89b12ed
OPT_LOCAL_SERVICE needs up-to-date interface list too.
by Simon Kelley
· 11 years ago
1a9a348
Set --local-service in Debian package startup.
by Simon Kelley
· 11 years ago
c8a8048
--local-service. Default protection from DNS amplification attacks.
by Simon Kelley
· 11 years ago
4ea8e80
Add --static to pkg-config command when appropriate.
by Simon Kelley
· 11 years ago
c07d30d
Compiler warning.
by Simon Kelley
· 11 years ago
d588ab5
Man page updates for DNSSEC.
by Simon Kelley
· 11 years ago
f8b422a
KEYBLOCK LEN better as a multiple of 8.
by Simon Kelley
· 11 years ago
29fe922
Can have local DS records (trust anchors).
by Simon Kelley
· 11 years ago
8707019
Mass edit of INSECURE->BOGUS returns for server failure/bad input.
by Simon Kelley
· 11 years ago
d1fbb77
Don't cache secure replies which we've messsed with.
by Simon Kelley
· 11 years ago
1fbe4d2
Tweak tuning params.
by Simon Kelley
· 11 years ago
0575610
Handle replies with no answers and no NS in validate_reply.
by Simon Kelley
· 11 years ago
e3f1455
Don't free blockdata for negative DS cache entries.
by Simon Kelley
· 11 years ago
bd9b3cf
Fix off-by-one overwrite.
by Simon Kelley
· 11 years ago
14db421
Tidy.
by Simon Kelley
· 11 years ago
00a5b5d
Check that unsigned replies come from unsigned zones if --dnssec-check-unsigned set.
by Simon Kelley
· 11 years ago
b8eac19
Negative caching for DS records.
by Simon Kelley
· 11 years ago
b47b04c
Return INSECURE when validation fails with proved non-existent DS.
by Simon Kelley
· 11 years ago
613ad15
Strip DNSSEC RRs when query doesn't have DO bit set.
by Simon Kelley
· 11 years ago
2418753
Speeling.
by Simon Kelley
· 11 years ago
a857daa
Code cleanup.
by Simon Kelley
· 11 years ago
f01d7be
An NSEC record cannot attest to its own non-existance!
by Simon Kelley
· 11 years ago
d387380
Check signer name in RRSIGs.
by Simon Kelley
· 11 years ago
f2e4c27
Bugfix for last commit.
by Simon Kelley
· 11 years ago
5107ace
NSEC3 validation. First pass.
by Simon Kelley
· 11 years ago
7b1eae4
Add --servers-file option.
by Simon Kelley
· 11 years ago
c152dc8
Omit ECC from DNSSEC if nettle library is old.
by Simon Kelley
· 11 years ago
7bcca00
More server cleanup.
by Simon Kelley
· 11 years ago
d68c2ca
Cleanup of server reading code, preparation, for dynamic reading from files.
by Simon Kelley
· 11 years ago
de73a49
--rev-server option. Syntactic sugar for PTR queries.
by Simon Kelley
· 11 years ago
e3ec15a
Log BOGUS validation result when upstream sends SERVFAIL.
by Simon Kelley
· 11 years ago
dac7431
TYpo.
by Simon Kelley
· 11 years ago
2ecd9bd
No CD in forwarded queries unless dnssec-debug for TCP too.
by Simon Kelley
· 11 years ago
a0ab18f
Don't mess with the TTL of DNSSEC RRs.
by Simon Kelley
· 11 years ago
ebe95a8
Add RFC-6605 ECDSA DNSSEC verification.
by Simon Kelley
· 11 years ago
ee41586
Use DS records as trust anchors, not DNSKEYs.
by Simon Kelley
· 11 years ago
83349b8
Further tidying of AD and DO bit handling.
by Simon Kelley
· 11 years ago
7fa836e
Handle validation when more one key is needed.
by Simon Kelley
· 11 years ago
1633e30
Fix Byte-order botch: broke DNSSEC on big-endian platforms.
by Simon Kelley
· 11 years ago
c8ca33f
Fix DNSSEC caching problems: incomplete RRSIG RRsets.
by Simon Kelley
· 11 years ago
e243c07
AD bit in queries handled as RFC6840 p5.7
by Simon Kelley
· 11 years ago
da4f372
Add trust-anchors file to Debian package.
by Simon Kelley
· 11 years ago
610e782
Fix stack-smashing crash in DNSSEC. Thanks to Henk Jan Agteresch.
by Simon Kelley
· 11 years ago
854cf26
DNSSEC config in example file.
by Simon Kelley
· 11 years ago
bb201c2
Protect against malicious DNS replies with very large RRsets.
by Simon Kelley
· 11 years ago
12fae49
Make RR work when returning A/AAAA records and an RRSIG.
by Simon Kelley
· 11 years ago
fd37227
Updated version of contrib/try-all-ns
by Jesse Glick
· 11 years ago
b98d22c
Linking stuff. Latest Debian/Ubuntu don't automatically link gmp.
by Simon Kelley
· 11 years ago
160f650
Make DNSEC default, add build-depends for same, bump version.
by Simon Kelley
· 11 years ago
613d6c5
CHANGLEOG for DNSSEC.
by Simon Kelley
· 11 years ago
81a883f
Format tweak.
by Simon Kelley
· 11 years ago
40b695c
Log NXDOMAIN correctly.
by Simon Kelley
· 11 years ago
5f93853
Return configured DNSKEYs even though we don't have RRSIGS for them.
by Simon Kelley
· 11 years ago
8d718cb
Nasty cache failure and memory leak with DNSSEC.
by Simon Kelley
· 11 years ago
f6a2b79
Validate Ooops.
by Simon Kelley
· 11 years ago
82e3f45
Blockdata fixes and tuning.
by Simon Kelley
· 11 years ago
072e81b
Blockdata leak.
by Simon Kelley
· 11 years ago
1d97ac4
copy-n-paste error.
by Simon Kelley
· 11 years ago
db73746
Anounce DNSSEC at startup.
by Simon Kelley
· 11 years ago
97bc798
Init ->dependent field in frec allocation.
by Simon Kelley
· 11 years ago
edc231b
Compiler warning.
by Simon Kelley
· 11 years ago
b85e092
Add a file containing current root trust anchors, for convenience.
by Simon Kelley
· 11 years ago
583043f
Crash in cache code when compiled with HAVE_DNSSEC.
by Simon Kelley
· 11 years ago
8f6213c
Allow use of COPTS in Debian rules invokation for nefarious purposes.
by Simon Kelley
· 11 years ago
00ec693
Debian package with DNSSEC now possible.
by Simon Kelley
· 11 years ago
70b4a81
Man page entries for DNSSEC flags.
by Simon Kelley
· 11 years ago
7c28612
Trivial format fix.
by Simon Kelley
· 11 years ago
6f46810
Code tidy.
by Simon Kelley
· 11 years ago
6938f34
Don't mark answers as DNSEC validated if DNS-doctored.
by Simon Kelley
· 11 years ago
17fb9ea
Exclude CRC code in DNSSEC build - replaced with SHA1.
by Simon Kelley
· 11 years ago
7d23a66
Remove --dnssec-permissive, pointless if we don't set CD upstream.
by Simon Kelley
· 11 years ago
703c7ff
Fix to last commit.
by Simon Kelley
· 11 years ago
8a9be9e
Replace CRC32 with SHA1 for spoof detection in DNSSEC builds.
by Simon Kelley
· 11 years ago
c92f008
Get AA flag right in DNSSEC answers from cache.
by Simon Kelley
· 11 years ago
b5dbfd1
RRSIG answer logging.
by Simon Kelley
· 11 years ago
cbf13a2
Class specifier in --dnskey, instead of hardwiring C_IN.
by Simon Kelley
· 11 years ago
5b3bf92
--dnssec-debug
by Simon Kelley
· 11 years ago
0744ca6
More DNSSEC caching logic, and avoid repeated validation of DS/DNSKEY
by Simon Kelley
· 11 years ago
2d33bda
RRSIGS for PTR records from cache.
by Simon Kelley
· 11 years ago
32f90c0
Tweak.
by Simon Kelley
· 11 years ago
bce6e1b
RRSIGs in DS and DNSKEY cached answers.
by Simon Kelley
· 11 years ago
824202e
More DNSSEC cache readout.
by Simon Kelley
· 11 years ago
9ebfca1
Compiler warning.
by Simon Kelley
· 11 years ago
6429e42
Compiler warning.
by Simon Kelley
· 11 years ago
c9bfa94
remove redundant headerage
by Simon Kelley
· 11 years ago
e7829ae
Cache RRSIGS.
by Simon Kelley
· 11 years ago
51ea3ca
Caching of DNSSEC records.
by Simon Kelley
· 11 years ago
57ab36e
Tweak definition of a permanent IPv6 address on Linux.
by Jonas Gorski
· 11 years ago
Next »