Age | Commit message (Expand) | Author |
2017-04-06 | replace some long if/else chains with a switch | Ted Unangst |
2016-10-23 | unbreak by fixing obvious pastos | Christian Weisgerber |
2016-10-23 | listen on inet6 sockets as well. we need this because stolen inet6 sockets | Ted Unangst |
2016-10-16 | switch to a re-exec model instead of plain forking to reduce sharing. | Ted Unangst |
2016-10-15 | refactor the worker and monitor loops a little to make room for re-exec | Ted Unangst |
2016-10-15 | be more cautious about inspecting packets. use integer offsets instead of | Ted Unangst |
2016-10-15 | implement random casing for query names, also known as 0x20 hardening. | Ted Unangst |
2016-10-08 | a little more precision about reloading config. only reopen if it changed | Ted Unangst |
2016-10-08 | too many blank lines | Ted Unangst |
2016-10-07 | kern.dnsjacking -> kern.dnsjackport; | Jason McIntyre |
2016-10-07 | the parent mostly never crashes, but the child might. or the config file | Ted Unangst |
2016-10-07 | several big changes, tied together. | Ted Unangst |
2016-09-01 | naming a union 'sockthing' was a bit silly. sockun will do for now. | Ted Unangst |
2016-09-01 | print regular messages to stdout, not err | Ted Unangst |
2016-09-01 | scan responses for minimum ttl, and cache for min(ttl, 300) instead of | Ted Unangst |
2016-08-21 | introduce a union of sockaddr types and eliminate a lot of casts. | Ted Unangst |
2016-08-06 | reset timeout to null when relooping | Ted Unangst |
2016-07-02 | check cache tree for collisions when inserting replies. | Ted Unangst |
2016-06-05 | previous change (r1.27) converted to using non blocking sockets and | Ted Unangst |
2016-05-31 | with the kernel perm check fixed, we can do this kevent after setuid, | Ted Unangst |
2016-05-13 | fix logging. | Ted Unangst |
2016-05-02 | prepare userland for removing chroot(2) from allowed syscalls under pledge(2). | Sebastien Marie |
2016-01-03 | forgot to call RB_INIT. but yet things mostly worked... | Ted Unangst |
2015-12-17 | add return code to newrequest to distinguish between cache hit and error. | Ted Unangst |
2015-12-12 | correct comment | Ted Unangst |
2015-12-11 | it's not necessary to use a tree to track requests if kevent can do this. | Ted Unangst |
2015-12-08 | more better fake replies. servfail is the correct response. | Ted Unangst |
2015-12-05 | all the signal ignoring can be done in one place | Ted Unangst |
2015-12-05 | pull the config file opening up considerably earlier to fail fast. | Ted Unangst |
2015-12-04 | refine some logging and error messages. errors will now always go to stderr | Ted Unangst |
2015-12-04 | push daemon call a little later so if the address is in use we see the | Ted Unangst |
2015-12-04 | one signal.h should suffice | Ted Unangst |
2015-12-04 | ignore SIGPIPE. i don't see any way for it to happen, but nevertheless we | Ted Unangst |
2015-12-04 | - sync usage | Gleydson Soares |
2015-12-03 | when running on a machine without net, rebound will still receive queries | Ted Unangst |
2015-12-02 | tell readers about config reloads. | Sebastian Benoit |
2015-12-01 | add missing fclose(3) | Gleydson Soares |
2015-11-27 | add getpw to pledge. rpath would normally suffice, but there's some double | Ted Unangst |
2015-11-24 | use canonical pledge argument ordering | Theo de Raadt |
2015-11-16 | improve logging slightly | Ted Unangst |
2015-11-16 | the list insertion needs to occur right after we get a valid socket, | Ted Unangst |
2015-11-10 | kill the whitespace.. kill the whitespace.. | Theo de Raadt |
2015-11-01 | chroot to pw_dir instead of the hard-coded /var/empty. Also make the | Reyk Floeter |
2015-10-30 | it is necessary to call tzset() to get syslog timestamps correct. | Ted Unangst |
2015-10-29 | put timeout nullification in correct spot | Ted Unangst |
2015-10-29 | be a little more precise about checking filters | Ted Unangst |
2015-10-29 | refold a few lines | Ted Unangst |
2015-10-29 | collect some cool stats and print them out with SIGUSR1 | Ted Unangst |
2015-10-28 | impose some limit on the cache size as well. | Ted Unangst |
2015-10-28 | if accept() fails due to fd exhaustion, stop accepting for one second. | Ted Unangst |