Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 18:28:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,638 Commits 8 Branches 0 Tags
25e63f1e56f5acdcf91893a1b92ad1e0f2f552d8
Commit Graph

217 Commits

Author SHA1 Message Date
Simon Kelley
8a8bbad0cf Ensure ->sentto is valid for DNSSEC forwards. Otherwise retries SEGV. 2014-03-27 22:02:17 +00:00
Simon Kelley
4e1fe44428 Terminate DS-search when reaching the root via cache entries. 2014-03-26 12:24:19 +00:00
Simon Kelley
51967f9807 SERVFAIL is an expected error return, don't try all servers. 2014-03-25 21:07:00 +00:00
Tomas Hozza
b37f8b99ae Handle failure of hash_questions() 2014-03-25 20:52:28 +00:00
Tomas Hozza
fc2833f172 Memory leak in error path. 2014-03-25 20:43:21 +00:00
Simon Kelley
490f90758d Reorder sanity checks on UDP packet reception, to cope with failed recvfrom() 2014-03-24 22:04:42 +00:00
Simon Kelley
2a7a2b84ec Ignore DNS queries from port 0: http://www.ietf.org/mail-archive/web/dnsop/current/msg11441.html 2014-03-22 19:18:06 +00:00
Simon Kelley
2b29191e7c Fix DNSSEC crash retrying to IPv6 server. 2014-03-21 11:13:55 +00:00
Simon Kelley
0c8584eabc Warn about non-local queries once only for UDP. 2014-03-12 20:12:56 +00:00
Simon Kelley
c8a80487cd --local-service. Default protection from DNS amplification attacks. 2014-03-05 14:29:54 +00:00
Simon Kelley
00a5b5d477 Check that unsigned replies come from unsigned zones if --dnssec-check-unsigned set. 2014-02-28 18:10:55 +00:00
Simon Kelley
613ad15d02 Strip DNSSEC RRs when query doesn't have DO bit set. 2014-02-25 23:02:28 +00:00
Simon Kelley
dac74312da TYpo. 2014-02-13 16:43:49 +00:00
Simon Kelley
2ecd9bd5c0 No CD in forwarded queries unless dnssec-debug for TCP too. 2014-02-13 16:42:02 +00:00
Simon Kelley
83349b8aa4 Further tidying of AD and DO bit handling. 2014-02-10 21:02:01 +00:00
Simon Kelley
7fa836e105 Handle validation when more one key is needed. 2014-02-10 20:11:24 +00:00
Simon Kelley
e243c072b5 AD bit in queries handled as RFC6840 p5.7 2014-02-06 18:14:09 +00:00
Simon Kelley
610e782a29 Fix stack-smashing crash in DNSSEC. Thanks to Henk Jan Agteresch. 2014-02-06 14:45:17 +00:00
Simon Kelley
81a883fda3 Format tweak. 2014-02-03 21:17:04 +00:00
Simon Kelley
8d718cbb3e Nasty cache failure and memory leak with DNSSEC. 2014-02-03 16:27:37 +00:00
Simon Kelley
97bc798b05 Init ->dependent field in frec allocation. 2014-01-31 10:19:52 +00:00
Simon Kelley
6938f3476e Don't mark answers as DNSEC validated if DNS-doctored. 2014-01-26 22:47:39 +00:00
Simon Kelley
7d23a66ff0 Remove --dnssec-permissive, pointless if we don't set CD upstream. 2014-01-26 09:33:21 +00:00
Simon Kelley
703c7ff429 Fix to last commit. 2014-01-25 23:46:23 +00:00
Simon Kelley
8a9be9e493 Replace CRC32 with SHA1 for spoof detection in DNSSEC builds. 2014-01-25 23:17:21 +00:00
Simon Kelley
5b3bf92101 --dnssec-debug 2014-01-25 17:03:07 +00:00
Simon Kelley
0744ca66ad More DNSSEC caching logic, and avoid repeated validation of DS/DNSKEY 2014-01-25 16:40:15 +00:00
Simon Kelley
39048ad10b bug fix, avoids infinite loop in forwarding code. 2014-01-21 17:33:58 +00:00
Simon Kelley
5d3b87a484 Better handling of truncated DNSSEC replies. 2014-01-20 11:57:23 +00:00
Simon Kelley
6c0cb858c1 Trivial format fix 2014-01-17 14:40:46 +00:00
Simon Kelley
e0c0ad3b5e UDP retries for DNSSEC 2014-01-16 22:42:07 +00:00
Simon Kelley
4619d94622 Fix SEGV and failure to validate on x86_64. 2014-01-16 19:53:06 +00:00
Simon Kelley
a25720a34a protocol handling for DNSSEC 2014-01-14 23:13:55 +00:00
Simon Kelley
795501bc86 AD bit handling when doing validation. 2014-01-08 18:11:55 +00:00
Simon Kelley
c47e3ba446 Update copyright for 2014. 2014-01-08 17:07:54 +00:00
Simon Kelley
f1668d2786 New source port for DNSSEC-originated queries. 2014-01-08 16:53:27 +00:00
Simon Kelley
7d7b7b31e5 DNSSEC for TCP queries. 2014-01-08 15:57:36 +00:00
Simon Kelley
60b68069cf Rationalise DNS packet-buffer size calculations. 2014-01-08 12:10:28 +00:00
Simon Kelley
871417d45d Handle truncated replies in DNSSEC validation. 2014-01-08 11:22:32 +00:00
Simon Kelley
0fc2f31368 First functional DNSSEC - highly alpha. 2014-01-08 10:26:58 +00:00
Simon Kelley
c3e0b9b6e7 backup 2013-12-31 13:50:39 +00:00
Simon Kelley
9d633048fe Saving progress 2013-12-13 15:36:55 +00:00
Simon Kelley
c352dd8f1a Merge branch 'master' into dnssec 2013-12-12 12:16:17 +00:00
Simon Kelley
3a2371527f Commit to allow master merge. 2013-12-12 12:15:50 +00:00
Simon Kelley
2329bef5ba Check arrival interface of IPv6 requests, even in --bind-interfaces. 2013-12-03 13:41:16 +00:00
Vladislav Grishenko
3b19596122 Fix compiler warnings. 2013-11-26 11:08:21 +00:00
Simon Kelley
5a4120dbfb Merge branch 'master' into dnssec 
Conflicts:
	src/dnsmasq.h
	src/forward.c
	src/option.c
 2013-10-25 13:16:27 +01:00
Simon Kelley
6008bdbbc1 Fix botch in determining if auth query is local. 2013-10-21 21:47:03 +01:00
Simon Kelley
19b1689161 Don't filter by subnet when handling local queries for auth-zones. 2013-10-20 10:19:39 +01:00
Simon Kelley
b485ed97aa Always answer queries for authoritative zones locally, never forward. 2013-10-18 22:00:39 +01:00