Permalink
Commits on Oct 13, 2015
  1. Expunge redundant definition of getline()

    getline(3) routine used to be a GNU extension and was not
    available across all platforms. It has been standardised since
    POSIX.1-2008, thus another definition of it is not required.
    committed Oct 13, 2015
  2. Avoid calls to memrchr(3) routine

    Replaced calls to memrchr(3) with normal pointer expressions. As
    memrchr(3) is a GNU extension, which is not portable.
    committed Oct 13, 2015
Commits on Jul 9, 2015
  1. Ignore auto-generated compile script

    Update 'gitignore' to ignore auto-generated 'compile' file.
    It was created by $ autoreconf -ivf.
    committed Jul 9, 2015
  2. Update auto-generated files

    autoreconf(1) updated GNU build system's configuration files with
    the latest ones. $ autoreconf -ivf
    committed Jul 9, 2015
Commits on Jul 8, 2015
  1. setrlimit(RLIMIT_DATA...) always fails on Cygwin

    Robert Vincent committed Jul 8, 2015
  2. Cygwin in_pktinfo lacks a ipi_spec_dst element.

    Windows sockets layer does not implement the underlying functionality.
    Bob Vincent committed Jul 8, 2015
  3. Cygwin uses same errno.h as linux.

    Also make "extern int errno" and "#include <errno.h>" mutually exclusive.
    Bob Vincent committed Jul 8, 2015
Commits on Jun 25, 2014
  1. Update tinydns manual

    Updated tinydns(8) manual page to reflect latest changes in reading
    'data.cdb' file, from previous version.
    committed Jun 25, 2014
  2. Update manuscript of the README file

    Updated readme.ms to remove the autoreconf(1) command and
    reflect the latest version information.
    committed Jun 25, 2014
Commits on Apr 15, 2014
  1. Version changed to 1.06.

    Changed version.h, configure.ac and RPM spec file to upgrade version
    to 1.06.
    committed Apr 15, 2014
Commits on Apr 7, 2014
  1. Fix segmentaion fault in tcprules command

    Changed 'tcprules' command to read input via standard input file
    descriptor(STDIN_FILENO), instead of a bad descriptor. Which was
    causing it to crash with a segmentation fault.
    
    Thanks to Mr Daniel Kraemer for reporting this issue.
    committed Apr 7, 2014
Commits on Apr 6, 2014
  1. @fmbiete

    New command line options for tinydns

    Added new command line options to 'tinydns' server to specify
    configuration(-c), log(-l) & pid(-p) files and also the server
    port(-P) number.
    
    These options would help if user wants to run multiple instances
    of the server with different configurations, listening on different
    ports, on the same host.
    fmbiete committed with Apr 6, 2014
Commits on Apr 5, 2014
  1. New command line options for axfrdns

    Added new command line options to 'axfrdns' server to specify
    configuration(-c), log(-l) & pid(-p) files.
    
    These options would help if a user wants to run multiple instances
    of the server with different configurations on the same host.
    committed Apr 5, 2014
  2. New command line options for configuration

    Added new command line options to 'dnscache' server to specify
    configuration(-c), log(-l) & pid(-p) files and also the server
    port(-P) number.
    
    These options would help if user wants to run multiple instances
    of the server with different configurations, listening on different
    ports, on the same host.
    committed Apr 5, 2014
Commits on Apr 4, 2014
  1. Use predefined TZ variable when it is available

    Changed function 'set_timezone' to use existing value of the 'TZ'
    environment variable when it is available. And explicitly set it,
    if it is not already set by an administrator.
    committed Apr 4, 2014
Commits on Apr 3, 2014
  1. New function to read timezone information

    Added a new function 'gettimezone', to read local timezone
    definition from '/etc/localtime'. It returns a POSIX TZ
    environment variable string or NULL in case of an error.
    
    Reading this definitions ensures that DNS servers always
    follow local system time, accounting for Daylight Savings Time
    whenever applicable.
    committed Apr 3, 2014
Commits on Mar 27, 2014
  1. Account for daylight savings time in timestamps

    DNS servers depend on the 'TZ' environment variable for local
    time-zone information, as file '/etc/localtime' is inaccessible.
    Earlier 'TZ' variable's value did not account for the daylight
    savings time. Because of it, the timestamps in log files were off
    by one hour, in countries where DST applies.(see [1])
    
    This patch updates the 'set_timezone' routine to add DST identifier
    to the 'TZ' environment variable. Now it follows the format
    
        TZ = "<STD><offset><DST>"
    
    Where
    
        STD = standard time-zone name
     Offset = offset from UTC, ex: +5:30 hrs.
        DST = daylight savings time-zone name.
    
    Absence of DST offset implies the default offset of one hour.
    --
    [1] http://www.timeanddate.com/time/dst/
    committed Mar 27, 2014
Commits on Feb 12, 2014
  1. Read tinydns data file every 5 seconds

    commit 'e3e067cb9764' merged the one-second.patch. It modified
    tinydns(8) server to read its data file every one second. But every
    second read seems too often and unnecessary.
    
    This patch updates that interval to 5 seconds. So the data file is
    read every 5 seconds. It is still more frequent than required, but
    intervals longer than it could prove troublesome to the users who
    need to verify & validate changes to their data file.
    committed Feb 12, 2014
  2. Read longer buffer over TCP connections

    Changed 'dnscache' server to read longer buffers over TCP
    connections. Earlier it used to read 1 byte at a time. That is
    slower, plus for long messages(ex: 65535 bytes), that means
    those many read(2) calls. Thus unnecessarily burning CPU cycles.
    It could also lead to potential denial of service.
    
       $ drill -t PTR 29.240.156.69.in-addr.arpa
       ...
       ;; MSG SIZE  rcvd: 53570
    
    Reading longer buffers accelerates the reading, making slight
    gain in performance.
    
    Thanks to Mr Frank Denis for creating this patch and for making it
    available for all.
      -> http://download.pureftpd.org/misc/dnscache-dos.c
    committed Feb 12, 2014
Commits on Feb 8, 2014
  1. Remove dnscache-conf program

    Removed the 'dnscache-conf' tool as it is no longer required; thus
    not useful. Also removed various other sources which were earlier
    used by all the configuration '*-conf' tools.
    committed Feb 8, 2014
  2. Remove tinydns-conf program

    Removed the 'tinydns-conf' tool as it is no longer required; thus
    not useful.
    committed Feb 8, 2014
  3. Remove rbldns-conf program

    Removed the 'rbldns-conf' tool as it is no longer required; thus
    not useful.
    committed Feb 8, 2014
  4. Remove walldns-conf program

    Removed the 'walldns-conf' tool as it is no longer required; thus
    not useful.
    committed Feb 8, 2014
  5. Remove axfrdns-conf program

    Removed the 'axfrdns-conf' tool as it is no longer required; thus
    not used.
    committed Feb 8, 2014
  6. Format sources for better readability and editing

    Changed 'axfr-get' to format it for better readability and editing.
    Introduced support of an option parser. It helps to have a
    consistent user interface across all 'ndjbdns' tools. Also helps
    to suppress compiler warning about unused 'argc' parameter.
    committed Feb 8, 2014
  7. Add option parser to rbldns-data

    Introduced option parsing support in 'rbldns-data' tool. This helps
    to have a consistent user interface across all 'ndjbdns' tools.
    Also enables us to add new options if required and suppresses
    compiler warning about unused parameter - 'argc'.
    
    Did minor change to 'rbldns' server to suppress compiler warning
    about an unused parameter: 'ip'.
    committed Feb 8, 2014
  8. Bye bye libgetopt.a

    Removed 'libgetopt.a' option parser library, as it is no longer in
    use. It was linked to the dnsfilter(1) program which has been using
    the standard getopt_long(3) for quite long.
    committed Feb 8, 2014
Commits on Feb 7, 2014
  1. Merge dnscache siphash patch

    This patch adds support for a new 'SipHash' hashing algorithm which
    is less prone to the hash collisions than the earlier deterministic
    'djb33' function. 'SipHash' is a fast, pseudo random function. It
    uses 128 bit key and outputs 64 bit values. It provides protection
    against intentional hash flooding and DoS via hash collision attacks.
    
    Thanks to Mr Frank Denis for creating this patch and for making it
    available for all.
      -> https://00f.net/2012/06/26/dnscache-poisoning-and-siphash/
    committed Feb 7, 2014
Commits on Feb 5, 2014
  1. Merge one second patch

    This patch reverses the changes made by commits f7ac43f and
    5954968. In these, the tinydns(8) server was made to read its
    data file ones during initialisation and later when signalled via
    SIGUSR1.
    
    Though it improved performance, it proved to be problematic for
    some users who could not signal(SIGUSR1) to a server that its data
    file has changed and needs to be reloaded into memory.
    
    Now with the one-second-path, server would reload its data file at
    every one second. Thus leaving no need for any signal or restarting
    the service.
    
    Thanks to Mr Lennert Buytenhek for creating this patch and for making
    it available for all.
        -> http://tinydns.org/one-second.patch
    committed Feb 5, 2014
Commits on Dec 30, 2013
  1. Replace include guards with pragma once

    Replaced include guards, used to prevent multiple inclusion of
    header files, with the '#pragma once' compiler directive. It is
    better optimised and helps to reduces the build time.
    Rahul Sundaram committed with Dec 30, 2013
Commits on Dec 26, 2013
  1. Update dnscache manual

    Updated dnscache(8) manual to add details about the new DNS Block
    List feature.
    committed Dec 26, 2013
Commits on Dec 16, 2013
  1. Version changed to 1.05.9.

    Changed version.h, configure.ac and RPM spec file to upgrade version
    to 1.05.9.
    committed Dec 16, 2013
  2. Fix a null pointer dereference issue

    Updated the 'socket_send4' routine to fix an unlikely, yet possible
    null pointer dereference issue. It could occur if the two macros
    below are undefined
    
       struct cmsghdr *cmsg = NULL;
    
       #ifdef IP_PKTINFO
            ...
            cmsg = CMSG_FIRSTHDR (&msgh);
    
       #elif defined IP_SENDSRCADDR
            ...
            cmsg = CMSG_FIRSTHDR (&msgh);
    
       #endif
    
       msgh.msg_controllen = cmsg->cmsg_len;
    
    It was caught by a cppcheck(1) run. Thanks to Rahul Sundaram for
    reporting this issue.
    committed Dec 16, 2013
Commits on Dec 14, 2013
  1. New error code - error_blockedbydbl

    Defined a new error code 'error_blockedbydbl' to identify the
    queries that were dropped by the dnscache(8) resolver. The resolver
    logs this error code along with an error message, for each dropped
    (or blocked) client request.
    committed Dec 14, 2013
  2. Introduce DNS block list in dnscache(8)

    Introduced support for a DNS block list in dnscache(8) resolver.
    DNS block list is a list of domain names which are to be blocked
    by the resolver. Client requests querying for such domain names
    are dropped by the resolver. This would add an additional layer
    of security for DNS clients and would also help reduce malicious
    traffic.
    
    DNS block list is a 'cdb' database created using tinydns-data(1).
    tinydns-data(1) creates the 'cdb' database by reading a 'data' file.
    User should list the malicious domain names into this 'data' file,
    as generic domain records, one on each line, as:
    
        :bad.domain.com:284::::
    
    Number '284' is not used, it can be anything > 255. tinydns-data(1)
    would create a 'data.cdb' database from the 'data' file. Rename this
    'data.cdb' to 'dnsbl.cdb', for that is the file read by dnscache(8)
    resolver.
    
        $ mv data.cdb dnsbl.cdb
    
    dnscache(8) would read 'dnsbl.cdb' from its working($ROOT) directory
    defined by the /etc/ndjbdns/dnscache.conf file.
    committed Dec 14, 2013