we now rely on libressl 2.0.5, one must download this if using linux and make it (takes about an hour on the raspberry pi) this is better though than having to maintain a utility for arc4random which portably is hard to get right, just let libressl take care of that. We also fix the Mac OS X port with this. At least it compiles now.

* make everything prettier (KNF) * OpenSMTPD is taken as an example here for prototypes * grooming these was a lot of hard work...

* remove old Berkeley DB code, by now we're committed fully to Berkeley DB versions 4.6 and higher (as long as it's below version 6 which has license changes I read).

* add filtering capability, this is like recurse and will traverse a singly linked list everytime a connect or received packet is made. I'm hoping on revisiting this some day. Thanks to the guys that were abusing/scanning my dns server. * rename some variables around the queue(3) macros that I used for singly linked lists. They should have less confusing reuse of names. I did this in search for a bug that is possibly caused by OpenBSD-current which I currently use as my main developing workstation. * add a sample filter entry in example8.conf Tested to work on OpenBSD 5.5-stable

* reflect the year 2014 in the Copyright

* add a debug and verbose flag (-d and -v) * document these along with -r which is recursive mode, which is still broken * add a dolog() function which replaces syslog and printf. In debug mode messages will be printed in the foreground and with verbose option show the parsing logic of the configfile. * replace all syslog() with dolog() tested in debug mode on OpenBSD/amd64

* update my copyright to include the year 2013

* bump copyright to include 2012

Change to berkeley db 4.6+, this allows us to use shared sysv memory needed to have multiple server instances that do recursing. The database is now on disk with this change, with a 260KB (default) SYSV shared memory cache. The cache size can be tweaked with the newly added -c flag. The OS has upper limits for SYSV shared memory though and the -c value must account for 25% more for internal purposes. Revert db.h struct domain to static arrays instead of pointers, this is necessary because we want to use shared memory between the database. This reverts revision 1.13 of db.h which was commited on Sun Mar 28 20:18:26 2010 UTC. So far wildcarddnsd has been extremely stable with the pointers, I'm hoping we'll get this much stability back. Added passive AXFR code. The axfr server does NOT bind to port 53 but rather another port, luckily that is configurable with other nameservers like BIND9. BIND nameservers wanting to make use of a wildcarddnsd master should turn IXFR queries off. Fix a small error that would bring wildcarddnsd to a SIGSEGV due to doing an FD_ISSET() on a non-descriptor. This only happens when one doesn't have the logging system turned on so it took a while for me to find it. Added the -n flag which allows multiple forked copies of wdnsd to be started. This is similar to how apache 1.3 web server does it.

* make netbsd happy

* when a slave dies it will signal to the master that it died which then will bring all the other slaves down. It polls every second for this via shared memory (anonymous mmap).

* this fix is needed because this function is based on compress_label() in main.c which was recently fixed.

* bump copyright date to include 2011

* forgot a "break" in a switch, for some reason it worked on OpenBSD 4.7 and not on OpenBSD 4.8, coulda been the difference in compiler although the logic of this fix is right. * added example6.conf for recursive testing tested on OpenBSD 4.8

* res_random.c for better random number generators, taken from OpenBSD BSD license.

* when we receive an IPv6 reply, do check it as well whether it is from the right address, otherwise we may have just gotten lucky that it went through the IPv4 check. tested on OpenBSD

* make linux compile with the new IPv6 code compiles on OpenSuse 10.3

* make IPv6 queries work tested on OpenBSD

* fix a double free problem tested on openbsd

* IPv6 recurse code, broken at the moment compiles on OpenBSD Wildcarddnsd has surpassed 10,000 lines of C code with this commit.

* use a "lookrecord" field to see from what we're looking up stuff in parse_recurse, basically this protects us from inheriting bad glue tested on OpenBSD

* finish all the remaining RR's for recursion * this finishes AF_INET/udp functionality of recursion tested on OpenBSD

* mx recurse support tested on OpenBSD

* parse ptr responses * expire recurses struct that has lived for more than 10 seconds * catch errors on close() * make query NONBLOCKing now this may catch a problem where we block in recvfrom() possibly * close descriptor if it exists in netlookup() this cleans "zombie" descriptors that haven't seen an answer unfortunately..clobber clobber tested and compiles on OpenBSD

* add a packetcount to struct recurses, this should in theory prevent a flood of requests if there is a bug in the code. The server will abort() when 50 packets have gone out. This should save me from always having a packet dump next to me looking over this baby. compiles on OpenBSD.