Neil Jerram
2fd5bc952d
Allow router advertisements to have the "off-link" bit set.
2015-06-10 22:13:06 +01:00
Neil Jerram
0ddb8769bb
Extend --bridge-interface aliasing to DHCPv6.
2015-06-10 22:11:06 +01:00
Neil Jerram
654f59e762
Fix logging of unknown interface in --bridge-interface, DHPCv4.
2015-06-10 22:06:33 +01:00
Simon Kelley
d91b1fd402
Add a couple of missed logging strings to the catalogue.
2015-06-09 20:45:07 +01:00
Nicolas Cavallari
c6d82c9ba6
Add Dbus methods to create and delete DHCP leases.
2015-06-09 20:42:20 +01:00
Simon Kelley
4d25cf89d5
Handle corner cases in NSEC coverage checks.
2015-06-06 23:13:57 +01:00
Simon Kelley
24e9207e13
More reproducibility fixes for Debian package.
2015-06-04 22:32:43 +01:00
Simon Kelley
89130d91d6
DHCPv6: DHCPCONFIRM should be OK for any address on link, not just dynamic addresses.
2015-06-03 22:34:14 +01:00
Simon Kelley
d644b2a17d
Close Debian bug for bug fixed upstream.
2015-06-01 21:00:16 +01:00
swigger
bd7bfa21c4
Correctly sanitise DNS header bits in answer when recreating query for retry.
2015-06-01 20:54:59 +01:00
Simon Kelley
403de05925
Merge branch 'master' of ssh://thekelleys.org.uk/var/cache/git/dnsmasq
2015-05-26 22:12:01 +01:00
John Hanks
46c89f2bd0
Add infiniband to example config file.
2015-05-26 22:07:57 +01:00
Christian Demsar
23facf0d77
Man page typo.
2015-05-20 20:26:23 +01:00
Simon Kelley
549b1a478c
Tweak immediately previous patch.
2015-05-20 20:20:24 +01:00
Simon Kelley
7f8565b94c
Select correct DHCP context when in PXE bootserver mode.
2015-05-19 23:01:27 +01:00
Simon Kelley
06568c6636
Remove support for DNS Extended Label Types.
...
The support was only partial, and the whole concept is
now deprecated in the standards.
2015-05-15 20:43:48 +01:00
Simon Kelley
5d07d77e75
Fix buffer overflow introduced in 2.73rc6.
...
Fix off-by-one in code which checks for over-long domain names
in received DNS packets. This enables buffer overflow attacks
which can certainly crash dnsmasq and may allow for arbitrary
code execution. The problem was introduced in commit b8f16556d
2015-05-15 18:13:06 +01:00
Simon Kelley
62018e1f72
Use correct DHCP context for PXE-proxy server-id.
2015-05-14 21:30:00 +01:00
Simon Kelley
7c0f2543a7
Tweak last commit.
2015-05-14 21:16:18 +01:00
Simon Kelley
ca85a28241
Allow T1 and T2 DHCPv4 options to be set.
2015-05-13 22:33:04 +01:00
Simon Kelley
585840b033
Pointer to mail-archive mailing list mirror in doc.html.
2015-05-13 12:35:57 +01:00
Simon Kelley
dec180ac00
Tweak Debian systemd unit file.
2015-05-13 12:16:13 +01:00
Simon Kelley
86fa104692
Tweak EDNS timeout code.
2015-05-10 14:04:06 +01:00
Simon Kelley
b059c96dc6
Check IPv4-mapped IPv6 addresses with --stop-rebind.
2015-05-08 20:25:51 +01:00
Simon Kelley
a77cec8d58
Handle UDP packet loss when fragmentation of large packets is broken.
2015-05-08 16:25:38 +01:00
Nicolas Cavallari
64bcff1c7c
Constify some DHCP lease management functions.
2015-04-28 21:55:18 +01:00
Simon Kelley
2ed162ac20
Don't remove RRSIG RR from answers to ANY queries when the do bit is not set.
2015-04-28 21:26:35 +01:00
Simon Kelley
e66b4dff3c
Fix argument-order botch which broke DNSSEC for TCP queries.
2015-04-28 20:45:57 +01:00
Johnny S. Lee
8efd731cc4
Make get-version work when repo is a git submodule.
2015-04-26 22:23:57 +01:00
Simon Kelley
a5ae1f8587
Logs in DHCPv6 not suppressed by dhcp6-quiet.
2015-04-25 21:46:10 +01:00
Simon Kelley
b8f16556d3
Tweaks to previous, DNS label charset commit.
2015-04-22 21:14:31 +01:00
Simon Kelley
cbe379ad6b
Handle domain names with '.' or /000 within labels.
...
Only in DNSSEC mode, where we might need to validate or store
such names. In none-DNSSEC mode, simply don't cache these, as before.
2015-04-21 22:57:06 +01:00
Simon Kelley
338b340be9
Revert 61b838dd57 and just quieten log instead.
2015-04-20 21:34:05 +01:00
Moshe Levi
a006eb7e14
Check IP address command line arg in dhcp_release.c
2015-04-19 22:10:40 +01:00
Simon Kelley
554b580e97
Log domain when reporting DNSSEC validation failure.
2015-04-17 22:50:20 +01:00
Simon Kelley
0df29f5e23
Note CVE-2015-3294
2015-04-16 15:24:52 +01:00
Stefan Tomanek
b4c0f092d8
Fix (srk induced) crash in new tftp_no_fail code.
2015-04-16 15:20:59 +01:00
Simon Kelley
78c6184752
Auth: correct replies to NS and SOA in .arpa zones.
2015-04-16 15:05:30 +01:00
Simon Kelley
38440b204d
Fix crash in auth code with odd configuration.
2015-04-12 21:52:47 +01:00
Simon Kelley
ad4a8ff7d9
Fix crash on receipt of certain malformed DNS requests.
2015-04-09 21:48:00 +01:00
Simon Kelley
04b0ac0537
Fix crash caused by looking up servers.bind when many servers defined.
2015-04-06 17:19:13 +01:00
Simon Kelley
982faf4024
Fix compiler warning when not including DNSSEC.
2015-04-03 21:42:30 +01:00
Simon Kelley
fe3992f9fa
Return INSECURE, rather than BOGUS when DS proved not to exist.
...
Return INSECURE when validating DNS replies which have RRSIGs, but
when a needed DS record in the trust chain is proved not to exist.
It's allowed for a zone to set up DNSKEY and RRSIG records first, then
add a DS later, completing the chain of trust.
Also, since we don't have the infrastructure to track that these
non-validated replies have RRSIGS, don't cache them, so we don't
provide answers with missing RRSIGS from the cache.
2015-04-03 21:25:05 +01:00
Stefan Tomanek
7aa970e2c7
Whitespace fixes.
2015-04-01 17:55:07 +01:00
Stefan Tomanek
30d0879ed5
add --tftp-no-fail to ignore missing tftp root
2015-03-31 22:32:11 +01:00
Simon Kelley
fd6ad9e481
Merge message translations.
2015-03-30 07:52:21 +01:00
Simon Kelley
794fccca7f
Fix crash in last commit.
2015-03-29 22:35:44 +01:00
Simon Kelley
394ff492da
Allow control characters in names in the cache, handle when logging.
2015-03-29 22:17:14 +01:00
Simon Kelley
1e153945de
DNSSEC fix for non-ascii characters in labels.
2015-03-28 21:34:07 +00:00
Simon Kelley
0b8a5a30a7
Protect against broken DNSSEC upstreams.
2015-03-27 11:44:55 +00:00
