Commits


* make wildcarddnsd compile and run on NetBSD 6.1.5


we now rely on libressl 2.0.5, one must download this if using linux and make it (takes about an hour on the raspberry pi) this is better though than having to maintain a utility for arc4random which portably is hard to get right, just let libressl take care of that. We also fix the Mac OS X port with this. At least it compiles now.


* add whitelisting * this mode is based on the filter which is a blacklist. * whitelist assumes everything as denied and opens access to listed ip ranges. * while there fix filtering for tcp6 which was broken


* make everything prettier (KNF) * OpenSMTPD is taken as an example here for prototypes * grooming these was a lot of hard work...


* remove old Berkeley DB code, by now we're committed fully to Berkeley DB versions 4.6 and higher (as long as it's below version 6 which has license changes I read).


RFC 1996 (DNS Notify) support, this couldn't be fully tested on IPv6 since I lack a master on IPv6. Tested on FreeBSD 10, OpenBSD 5.5


* yes do free malloc'ed data.


* NAPTR (RFC 2915) support * while there I did some checking against replysize for large packets in reply_* instead of UDP_MAXSIZE * the NAPTR pointers take up 20KB more per record, so if you got 200 records your database will grow by roughly 4 MB


* add a defineable ratelimit between 1 and 127 packets per second per a 16 bit hash of IP (IPv4 and IPv6). * example configuration is in example8.conf where it's 6 packets per second. * this will add memory to the order of 65536 * (((pps * 2) * 8) + 1) so 12 pps would be 12648448 bytes of shared memory added... * also there is a race that I know about in the adding of a packet to the backlog, but I don't use the -n flag in production so it's limited compiles and tested on OpenBSD 5.5


* add filtering capability, this is like recurse and will traverse a singly linked list everytime a connect or received packet is made. I'm hoping on revisiting this some day. Thanks to the guys that were abusing/scanning my dns server. * rename some variables around the queue(3) macros that I used for singly linked lists. They should have less confusing reuse of names. I did this in search for a bug that is possibly caused by OpenBSD-current which I currently use as my main developing workstation. * add a sample filter entry in example8.conf Tested to work on OpenBSD 5.5-stable


* The SSHFP is not a hex representation inside the record, but a binary one This fixes SSHFP


* SSHFP support (RR# 44) RFC 4255 This supports SHA1 and SHA256 fingerprints * instead of replying from an area on the stack, move it to the heap This fixes truncation between udp and tcp queries. Tested on OpenBSD


* SPF (RR 99) rfc 4408 support tested on OpenBSD


* this fixes options that have a newline between them


Configuration file options, these override the commandline options they are: -b option == bind IP; -i option == interface "lo0"; -n option == fork 2; -p option == port 10034; -l option == log; The format of these are the following: options "cute options" { log; } as an example. tested on OpenBSD 5.4


* remove iop from the functiosn get_ip and get_string, this was unused.


* version 1.7 allowed escaped quotes, but it wasn't correct. * this should fix that. Tested on OpenBSD 5.4, FreeBSD 10


* This bug slipped in during last commit, it broke include's. Tested on FreeBSD 10


* allow escaped quotationmarks in quoted strings, TXT records for example


* we only want to print _anything_ in debug mode, do more debug wraps


* Add an $Id$ to parse.y


* deraadt would say "learn C", and I really should! * confusion around pointers tested on FreeBSD 10 in production


* move init_region() to main.c


* clean up #if's and add a debug if we printf Compiles on OpenBSD


* a YACC/Bison parse file * this was on my TODO list and it took me 1 year of off/on-again time to get this to a point where I like it. * it should have all functionality that the old parser had, with some exceptions * TXT records need to be wrapped in a quotation mark now * parsefile version is at 6 and not compatible with previous versions * I'm now able to add more functionality through the parse files. Tested on OpenBSD 5.4, FreeBSD 10, Raspbian Linux