summaryrefslogtreecommitdiff
path: root/usr.sbin/rebound
AgeCommit message (Expand)Author
2017-08-22Use waitpid()/EINTR idiom for the specific pid, rather than generic wait(),Theo de Raadt
2017-08-12stop pretending that qnames are always strings. treat everything as aTed Unangst
2017-07-20- listening on localhost is now adjustable; ok teduJason McIntyre
2017-07-19there's no nul byte after a name that ends in a crazy compression pointer.Ted Unangst
2017-07-13add an option to listen to an address other than localhost,Ted Unangst
2017-07-04properly adjust the ttl of replies instead of freezing them in timeTed Unangst
2017-07-03don't bother caching invalid or very short lived responsesTed Unangst
2017-07-03check that a cachehit hasn't expired before using it.Ted Unangst
2017-05-31use strerror; from Edgar PettijohnTheo de Raadt
2017-04-27clang warns about some of the strlcpy arguments here, which aren't theTed Unangst
2017-04-13moving some code into a switch meant that break no longer stopped the loop.Ted Unangst
2017-04-06replace some long if/else chains with a switchTed Unangst
2016-10-23unbreak by fixing obvious pastosChristian Weisgerber
2016-10-23listen on inet6 sockets as well. we need this because stolen inet6 socketsTed Unangst
2016-10-16switch to a re-exec model instead of plain forking to reduce sharing.Ted Unangst
2016-10-15refactor the worker and monitor loops a little to make room for re-execTed Unangst
2016-10-15be more cautious about inspecting packets. use integer offsets instead ofTed Unangst
2016-10-15implement random casing for query names, also known as 0x20 hardening.Ted Unangst
2016-10-08a little more precision about reloading config. only reopen if it changedTed Unangst
2016-10-08too many blank linesTed Unangst
2016-10-07kern.dnsjacking -> kern.dnsjackport;Jason McIntyre
2016-10-07the parent mostly never crashes, but the child might. or the config fileTed Unangst
2016-10-07several big changes, tied together.Ted Unangst
2016-09-01naming a union 'sockthing' was a bit silly. sockun will do for now.Ted Unangst
2016-09-01print regular messages to stdout, not errTed Unangst
2016-09-01scan responses for minimum ttl, and cache for min(ttl, 300) instead ofTed Unangst
2016-08-21introduce a union of sockaddr types and eliminate a lot of casts.Ted Unangst
2016-08-06reset timeout to null when reloopingTed Unangst
2016-07-02check cache tree for collisions when inserting replies.Ted Unangst
2016-06-05previous change (r1.27) converted to using non blocking sockets andTed Unangst
2016-05-31with the kernel perm check fixed, we can do this kevent after setuid,Ted Unangst
2016-05-13fix logging.Ted Unangst
2016-05-02prepare userland for removing chroot(2) from allowed syscalls under pledge(2).Sebastien Marie
2016-01-03forgot to call RB_INIT. but yet things mostly worked...Ted Unangst
2015-12-17add return code to newrequest to distinguish between cache hit and error.Ted Unangst
2015-12-12correct commentTed Unangst
2015-12-11it's not necessary to use a tree to track requests if kevent can do this.Ted Unangst
2015-12-08more better fake replies. servfail is the correct response.Ted Unangst
2015-12-05all the signal ignoring can be done in one placeTed Unangst
2015-12-05pull the config file opening up considerably earlier to fail fast.Ted Unangst
2015-12-04refine some logging and error messages. errors will now always go to stderrTed Unangst
2015-12-04push daemon call a little later so if the address is in use we see theTed Unangst
2015-12-04one signal.h should sufficeTed Unangst
2015-12-04ignore SIGPIPE. i don't see any way for it to happen, but nevertheless weTed Unangst
2015-12-04- sync usageGleydson Soares
2015-12-03when running on a machine without net, rebound will still receive queriesTed Unangst
2015-12-02tell readers about config reloads.Sebastian Benoit
2015-12-01add missing fclose(3)Gleydson Soares
2015-11-27add getpw to pledge. rpath would normally suffice, but there's some doubleTed Unangst
2015-11-24use canonical pledge argument orderingTheo de Raadt