index
:
~lukeshu/systemd
elogind/master
eudev/master
notsystemd/master
notsystemd/postmove
notsystemd/premove
notsystemd/wip/cgroup2
notsystemd/wip/nspawn
notsystemd/wip/nspawn-parse
systemd/master
systemd/parabola
Unnamed repository; edit this file 'description' to name the repository.
git-mirror
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
src
/
resolve
/
resolved-dns-dnssec.c
Age
Commit message (
Expand
)
Author
2016-01-25
resolve: use different bitmap checking rules when we find an exact NSEC3 matc...
Lennart Poettering
2016-01-18
update DNSSEC TODO
Lennart Poettering
2016-01-18
resolved: rework IDNA logic
Lennart Poettering
2016-01-17
resolved: update DNSSEC TODO
Lennart Poettering
2016-01-17
resolved: update RFCs list and TODO list
Lennart Poettering
2016-01-17
resolved: complete NSEC non-existance proofs
Lennart Poettering
2016-01-17
resolved: make sure the NSEC proof-of-non-existance check also looks for wild...
Lennart Poettering
2016-01-17
resolved: on negative NODATA replies, properly deal with empty non-terminals
Lennart Poettering
2016-01-17
resolved: rename dnssec_verify_dnskey() → dnssec_verify_dnskey_by_ds()
Lennart Poettering
2016-01-17
resolved: be stricter when using NSEC3
Lennart Poettering
2016-01-17
resolved: when validating an RRset, store information about the synthesizing ...
Lennart Poettering
2016-01-17
resolved: do not use NSEC RRs from the wrong zone for proofs
Lennart Poettering
2016-01-17
resolved: ignore DS RRs without generating an error if they use an unsupporte...
Lennart Poettering
2016-01-17
resolved: some RR types may appear only or not at all in a zone apex
Lennart Poettering
2016-01-13
resolved: implement the full NSEC and NSEC3 postive wildcard proofs
Lennart Poettering
2016-01-13
resolved: refuse validating wildcard RRs for SOA, NSEC3, DNAME
Lennart Poettering
2016-01-13
resolved: properly handles RRs in domains beginning in an asterisk label
Lennart Poettering
2016-01-13
resolved: optimize dnssec_verify_rrset() a bit
Lennart Poettering
2016-01-13
resolved: allocate bounded strings on stack instead of heap, if we can
Lennart Poettering
2016-01-13
resolved: consider inverted RRSIG validity intervals expired
Lennart Poettering
2016-01-11
resolved: properly look for NSEC/NSEC3 RRs when getting a positive wildcard r...
Lennart Poettering
2016-01-11
resolved: split up nsec3_hashed_domain() into two calls
Lennart Poettering
2016-01-11
resolved: drop flags unused parameter from nsec3_is_good
Lennart Poettering
2016-01-11
basic: introduce generic ascii_strlower_n() call and make use of it everywhere
Lennart Poettering
2016-01-11
resolved: use dns_answer_size() where appropriate to handle NULL DnsAnswer
Lennart Poettering
2016-01-11
resolved: rename suffix_rr → zone_rr
Lennart Poettering
2016-01-11
resolved: fix NSEC3 iterations limit to what RFC5155 suggests
Lennart Poettering
2016-01-06
update DNSSEC TODO
Lennart Poettering
2016-01-05
update DNSSEC TODO
Lennart Poettering
2016-01-05
resolved,networkd: add a per-interface DNSSEC setting
Lennart Poettering
2016-01-05
resolved: rename "downgrade-ok" mode to "allow-downgrade"
Lennart Poettering
2016-01-05
resolved: when caching negative responses, honour NSEC/NSEC3 TTLs
Lennart Poettering
2016-01-04
update DNSSEC TODO
Lennart Poettering
2016-01-04
resolved: partially implement RFC5011 Trust Anchor support
Lennart Poettering
2016-01-04
resolved: fix DNSSEC canonical ordering logic
Lennart Poettering
2016-01-03
resolved: never authenticate RRsets with revoked keys
Lennart Poettering
2016-01-03
resolved: print a log message when we ignore an NSEC3 RR with an excessive am...
Lennart Poettering
2016-01-03
Merge pull request #2255 from teg/resolved-fixes-2
Lennart Poettering
2016-01-03
resolved: add negative trust anchro support, and add trust anchor configurati...
Lennart Poettering
2016-01-03
resolved: dnssec - properly take wildcards into account in NESC3 proof
Tom Gundersen
2016-01-03
resolved: dnssec - factor out hashed domain generation
Tom Gundersen
2016-01-03
resolved: don't conclude NODATA if CNAME exists
Tom Gundersen
2016-01-02
resolved: don't accept NSEC3 iteration fields unbounded
Lennart Poettering
2016-01-01
resolved: dnssec - add reference to the algorithm we implement
Tom Gundersen
2016-01-01
resolved: dnssec - prepend hashed labels to zone name
Tom Gundersen
2016-01-01
resolved: dnssec - rename some variables
Tom Gundersen
2016-01-01
resoled: dnssec - don't refuse to verify answer due to too many unrelated RRs
Tom Gundersen
2016-01-01
resolved: dnssec - fix off-by-one in RSA key parsing
Tom Gundersen
2015-12-29
resolved: NSEC3 hash algorithms are distinct from DS digest algorithms
Lennart Poettering
2015-12-29
update DNSSEC TODO
Lennart Poettering
[next]