Age | Commit message (Expand) | Author |
2018-05-08 | some barebones documentation for the record option. | Ted Unangst |
2018-05-01 | Remove extraneous new line from error message. | anton |
2018-05-01 | The length field of a DNS packet must be network byte order encoded; ok tedu@ | anton |
2018-04-30 | allow limited setting of permanent A records. like unbound local-data. | Ted Unangst |
2018-02-11 | sysctl.h is no longer needed | Theo Buehler |
2018-02-10 | Pledge monitoring process; ok tedu@ | anton |
2018-02-07 | Markup SIGHUP. | anton |
2018-02-07 | clarify a bit about config | Ted Unangst |
2018-02-07 | remove the magic dns port hijacking feature. it's complicated and | Ted Unangst |
2018-02-06 | when we get SIGHUP, close conffd so it's reopened (and rewound). | Ted Unangst |
2018-01-12 | Adjust references for sysctl(3) to sysctl(2) | Theo de Raadt |
2017-08-22 | Use waitpid()/EINTR idiom for the specific pid, rather than generic wait(), | Theo de Raadt |
2017-08-12 | stop pretending that qnames are always strings. treat everything as a | Ted Unangst |
2017-07-20 | - listening on localhost is now adjustable; ok tedu | Jason McIntyre |
2017-07-19 | there's no nul byte after a name that ends in a crazy compression pointer. | Ted Unangst |
2017-07-13 | add an option to listen to an address other than localhost, | Ted Unangst |
2017-07-04 | properly adjust the ttl of replies instead of freezing them in time | Ted Unangst |
2017-07-03 | don't bother caching invalid or very short lived responses | Ted Unangst |
2017-07-03 | check that a cachehit hasn't expired before using it. | Ted Unangst |
2017-05-31 | use strerror; from Edgar Pettijohn | Theo de Raadt |
2017-04-27 | clang warns about some of the strlcpy arguments here, which aren't the | Ted Unangst |
2017-04-13 | moving some code into a switch meant that break no longer stopped the loop. | Ted Unangst |
2017-04-06 | replace some long if/else chains with a switch | Ted Unangst |
2016-10-23 | unbreak by fixing obvious pastos | Christian Weisgerber |
2016-10-23 | listen on inet6 sockets as well. we need this because stolen inet6 sockets | Ted Unangst |
2016-10-16 | switch to a re-exec model instead of plain forking to reduce sharing. | Ted Unangst |
2016-10-15 | refactor the worker and monitor loops a little to make room for re-exec | Ted Unangst |
2016-10-15 | be more cautious about inspecting packets. use integer offsets instead of | Ted Unangst |
2016-10-15 | implement random casing for query names, also known as 0x20 hardening. | Ted Unangst |
2016-10-08 | a little more precision about reloading config. only reopen if it changed | Ted Unangst |
2016-10-08 | too many blank lines | Ted Unangst |
2016-10-07 | kern.dnsjacking -> kern.dnsjackport; | Jason McIntyre |
2016-10-07 | the parent mostly never crashes, but the child might. or the config file | Ted Unangst |
2016-10-07 | several big changes, tied together. | Ted Unangst |
2016-09-01 | naming a union 'sockthing' was a bit silly. sockun will do for now. | Ted Unangst |
2016-09-01 | print regular messages to stdout, not err | Ted Unangst |
2016-09-01 | scan responses for minimum ttl, and cache for min(ttl, 300) instead of | Ted Unangst |
2016-08-21 | introduce a union of sockaddr types and eliminate a lot of casts. | Ted Unangst |
2016-08-06 | reset timeout to null when relooping | Ted Unangst |
2016-07-02 | check cache tree for collisions when inserting replies. | Ted Unangst |
2016-06-05 | previous change (r1.27) converted to using non blocking sockets and | Ted Unangst |
2016-05-31 | with the kernel perm check fixed, we can do this kevent after setuid, | Ted Unangst |
2016-05-13 | fix logging. | Ted Unangst |
2016-05-02 | prepare userland for removing chroot(2) from allowed syscalls under pledge(2). | Sebastien Marie |
2016-01-03 | forgot to call RB_INIT. but yet things mostly worked... | Ted Unangst |
2015-12-17 | add return code to newrequest to distinguish between cache hit and error. | Ted Unangst |
2015-12-12 | correct comment | Ted Unangst |
2015-12-11 | it's not necessary to use a tree to track requests if kevent can do this. | Ted Unangst |
2015-12-08 | more better fake replies. servfail is the correct response. | Ted Unangst |
2015-12-05 | all the signal ignoring can be done in one place | Ted Unangst |