summaryrefslogtreecommitdiff
AgeCommit message (Expand)Author
2016-01-05man: add documentation for dnssec-trust-anchors.d(5)Lennart Poettering
2016-01-05resolved: also skip built-in trust anchor addition of there's a DNSKEY RR for...Lennart Poettering
2016-01-05resolved: move trust anchor files to /etc/dnssec-trust-anchors.d/Lennart Poettering
2016-01-05resolved: when caching negative responses, honour NSEC/NSEC3 TTLsLennart Poettering
2016-01-05man: add basic documentation for resolved.conf's DNSSEC= switchLennart Poettering
2016-01-04update DNSSEC TODOLennart Poettering
2016-01-04resolved: explicitly handle case when the trust anchor is emptyLennart Poettering
2016-01-04resolved: introduce a proper bus error for DNSSEC validation errorsLennart Poettering
2016-01-04resolved: explicitly avoid cyclic transaction dependenciesLennart Poettering
2016-01-04resolved: block transaction GC'ing while dns_transaction_request_dnssec_keys(...Lennart Poettering
2016-01-04update RFCsLennart Poettering
2016-01-04resolved: partially implement RFC5011 Trust Anchor supportLennart Poettering
2016-01-04resolved: fix DNSSEC canonical ordering logicLennart Poettering
2016-01-04resolved: actually make use of message ID when logging about failed DNSSEC va...Lennart Poettering
2016-01-03resolved: refuse revoked DNSKEYs in trust anchorLennart Poettering
2016-01-03resolved: never authenticate RRsets with revoked keysLennart Poettering
2016-01-03resolved: print a log message when we ignore an NSEC3 RR with an excessive am...Lennart Poettering
2016-01-03Merge pull request #2245 from ssahani/socket1Lennart Poettering
2016-01-03Merge pull request #2254 from kelemeng/masterLennart Poettering
2016-01-03Merge pull request #2255 from teg/resolved-fixes-2Lennart Poettering
2016-01-03Merge pull request #2256 from poettering/dnssec10Tom Gundersen
2016-01-03resolve: add RFC4501 URI support to systemd-resolve-hostLennart Poettering
2016-01-03resolved: add negative trust anchro support, and add trust anchor configurati...Lennart Poettering
2016-01-03resolved: dnssec - properly take wildcards into account in NESC3 proofTom Gundersen
2016-01-03resolved: dnssec - factor out hashed domain generationTom Gundersen
2016-01-03resolved: don't conclude NODATA if CNAME existsTom Gundersen
2016-01-02Add initial Hungarian message catalog translationGabor Kelemen
2016-01-02Update Hungarian translationGabor Kelemen
2016-01-02resolved: fix serialization of the root domainLennart Poettering
2016-01-02resolved: only suffix RR key names with a dot if they don't have one yetLennart Poettering
2016-01-02resolved: don't accept NSEC3 iteration fields unboundedLennart Poettering
2016-01-02basic: modernize conf-files.c a bitLennart Poettering
2016-01-02resolved: explain why we don't check IP addresses/ports of incoming DNS UDP t...Lennart Poettering
2016-01-02resolved: extend RFCs list a bitLennart Poettering
2016-01-01resolved: dnssec - add reference to the algorithm we implementTom Gundersen
2016-01-01resolved: dnssec - prepend hashed labels to zone nameTom Gundersen
2016-01-01resolved: dnssec - rename some variablesTom Gundersen
2016-01-01resoled: dnssec - don't refuse to verify answer due to too many unrelated RRsTom Gundersen
2016-01-01resolved: dnssec - fix off-by-one in RSA key parsingTom Gundersen
2016-01-01Merge pull request #2241 from poettering/dnssec9Tom Gundersen
2015-12-31core: socket options fix SCTP_NODELAYSusant Sahani
2015-12-30Merge pull request #2229 from cjmayo/m500Martin Pitt
2015-12-29resolved: add a list of DNS-related RFCs and their implementation status in r...Lennart Poettering
2015-12-29resolved: append RFC6975 algorithm data to EDNS OPT RRLennart Poettering
2015-12-29resolved: NSEC3 hash algorithms are distinct from DS digest algorithmsLennart Poettering
2015-12-29update DNSSEC TODOLennart Poettering
2015-12-29resolved: add comments referencing various RFCs to various placesLennart Poettering
2015-12-29resolved: include GOST in list of DNSSEC algorithmsLennart Poettering
2015-12-29resolved: use CLAMP() intsead of MIN(MAX())Lennart Poettering
2015-12-29resolved: don't allow RRs with TTL=0 and TTL!=0 in the same RRsetLennart Poettering