index
:
~lukeshu/systemd
elogind/master
eudev/master
notsystemd/master
notsystemd/postmove
notsystemd/premove
notsystemd/wip/cgroup2
notsystemd/wip/nspawn
notsystemd/wip/nspawn-parse
systemd/master
systemd/parabola
Unnamed repository; edit this file 'description' to name the repository.
git-mirror
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
src
/
resolve
/
resolved-dns-dnssec.c
Age
Commit message (
Expand
)
Author
2016-01-03
resolved: add negative trust anchro support, and add trust anchor configurati...
Lennart Poettering
2016-01-03
resolved: dnssec - properly take wildcards into account in NESC3 proof
Tom Gundersen
2016-01-03
resolved: dnssec - factor out hashed domain generation
Tom Gundersen
2016-01-03
resolved: don't conclude NODATA if CNAME exists
Tom Gundersen
2016-01-02
resolved: don't accept NSEC3 iteration fields unbounded
Lennart Poettering
2016-01-01
resolved: dnssec - add reference to the algorithm we implement
Tom Gundersen
2016-01-01
resolved: dnssec - prepend hashed labels to zone name
Tom Gundersen
2016-01-01
resolved: dnssec - rename some variables
Tom Gundersen
2016-01-01
resoled: dnssec - don't refuse to verify answer due to too many unrelated RRs
Tom Gundersen
2016-01-01
resolved: dnssec - fix off-by-one in RSA key parsing
Tom Gundersen
2015-12-29
resolved: NSEC3 hash algorithms are distinct from DS digest algorithms
Lennart Poettering
2015-12-29
update DNSSEC TODO
Lennart Poettering
2015-12-29
resolved: add comments referencing various RFCs to various places
Lennart Poettering
2015-12-28
Merge pull request #2231 from phomes/resolve-misc2
Tom Gundersen
2015-12-28
resolved: update DNSSEC TODO
Lennart Poettering
2015-12-28
resolved: use RRSIG expiry and original TTL for cache management
Lennart Poettering
2015-12-28
resolved: only keep a single list of supported signature algorithms
Lennart Poettering
2015-12-28
resolved: add ECDSA signature support
Lennart Poettering
2015-12-28
resolved: split out RSA-specific code from dnssec_verify_rrset()
Lennart Poettering
2015-12-28
resolved: simplify MD algorithm initialization a bit
Lennart Poettering
2015-12-28
resolved: add SHA384 digest support
Lennart Poettering
2015-12-28
resolve: remove unused variables
Thomas Hindoe Paaboel Andersen
2015-12-26
resolved: add an automatic downgrade to non-DNSSEC mode
Lennart Poettering
2015-12-26
resolved: if we accepted unauthenticated NSEC/NSEC3 RRs, use them for proofs
Lennart Poettering
2015-12-26
resolved: be stricter when searching for a DS RR for a DNSKEY RR
Lennart Poettering
2015-12-26
update DNSSEC TODO
Lennart Poettering
2015-12-26
resolved: tighten search for NSEC3 RRs a bit
Lennart Poettering
2015-12-26
resolved: when doing NSEC3 proof, first find right NSEC3 suffix
Lennart Poettering
2015-12-26
resolved: properly implement RRSIG validation of wildcarded RRsets
Lennart Poettering
2015-12-18
resolved: update TODO
Lennart Poettering
2015-12-18
resolved: add support NSEC3 proofs, as well as proofs for domains that are OK...
Lennart Poettering
2015-12-14
resolved: update DNSSEC TODO
Lennart Poettering
2015-12-14
resolved: add basic proof of non-existance support for NSEC+NSEC3
Lennart Poettering
2015-12-14
resolved: initialize libgcrypt before using it
Lennart Poettering
2015-12-14
resolved: rework how we get the gcrypt digest algorithm ID from DNSSEC digest...
Lennart Poettering
2015-12-11
resolved: rework dnssec validation results
Lennart Poettering
2015-12-10
resolved: chase DNSKEY/DS RRs when doing look-ups with DNSSEC enabled
Lennart Poettering
2015-12-10
resolved: when matching up DNSKEY and DS RRs, it's fine if we don't support t...
Lennart Poettering
2015-12-10
resolved: when matching up RRSIG and DNSKEY RRs, use the RRSIG's signer name,...
Lennart Poettering
2015-12-10
resolved: fix sorting of RRsets
Lennart Poettering
2015-12-10
resolved: fix libgcrypt error checking
Lennart Poettering
2015-12-06
resolve: remove unused variable
Thomas Hindoe Paaboel Andersen
2015-12-03
resolved: update DNSSEC TODO list a bit
Lennart Poettering
2015-12-03
resolved: maintain a short TODO list for DNSSEC support in the dnssec C files...
Lennart Poettering
2015-12-03
resolved: introduce a dnssec_mode setting per scope
Lennart Poettering
2015-12-03
resolved: add a limit on the max DNSSEC RRSIG expiry skew we allow
Lennart Poettering
2015-12-03
resolved: make expiration error recognizable
Lennart Poettering
2015-12-03
resolved: support the RSASHA1_NSEC3_SHA1 pseudo-algorithm
Lennart Poettering
2015-12-03
resolved: don't accept expired RRSIGs
Lennart Poettering
2015-12-02
resolved: add basic DNSSEC support
Lennart Poettering
[prev]