index
:
~lukeshu/systemd
elogind/master
eudev/master
notsystemd/master
notsystemd/postmove
notsystemd/premove
notsystemd/wip/cgroup2
notsystemd/wip/nspawn
notsystemd/wip/nspawn-parse
systemd/master
systemd/parabola
Unnamed repository; edit this file 'description' to name the repository.
git-mirror
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
src
/
resolve
/
resolved-dns-dnssec.c
Age
Commit message (
Expand
)
Author
2016-01-17
resolved: some RR types may appear only or not at all in a zone apex
Lennart Poettering
2016-01-13
resolved: implement the full NSEC and NSEC3 postive wildcard proofs
Lennart Poettering
2016-01-13
resolved: refuse validating wildcard RRs for SOA, NSEC3, DNAME
Lennart Poettering
2016-01-13
resolved: properly handles RRs in domains beginning in an asterisk label
Lennart Poettering
2016-01-13
resolved: optimize dnssec_verify_rrset() a bit
Lennart Poettering
2016-01-13
resolved: allocate bounded strings on stack instead of heap, if we can
Lennart Poettering
2016-01-13
resolved: consider inverted RRSIG validity intervals expired
Lennart Poettering
2016-01-11
resolved: properly look for NSEC/NSEC3 RRs when getting a positive wildcard r...
Lennart Poettering
2016-01-11
resolved: split up nsec3_hashed_domain() into two calls
Lennart Poettering
2016-01-11
resolved: drop flags unused parameter from nsec3_is_good
Lennart Poettering
2016-01-11
basic: introduce generic ascii_strlower_n() call and make use of it everywhere
Lennart Poettering
2016-01-11
resolved: use dns_answer_size() where appropriate to handle NULL DnsAnswer
Lennart Poettering
2016-01-11
resolved: rename suffix_rr → zone_rr
Lennart Poettering
2016-01-11
resolved: fix NSEC3 iterations limit to what RFC5155 suggests
Lennart Poettering
2016-01-06
update DNSSEC TODO
Lennart Poettering
2016-01-05
update DNSSEC TODO
Lennart Poettering
2016-01-05
resolved,networkd: add a per-interface DNSSEC setting
Lennart Poettering
2016-01-05
resolved: rename "downgrade-ok" mode to "allow-downgrade"
Lennart Poettering
2016-01-05
resolved: when caching negative responses, honour NSEC/NSEC3 TTLs
Lennart Poettering
2016-01-04
update DNSSEC TODO
Lennart Poettering
2016-01-04
resolved: partially implement RFC5011 Trust Anchor support
Lennart Poettering
2016-01-04
resolved: fix DNSSEC canonical ordering logic
Lennart Poettering
2016-01-03
resolved: never authenticate RRsets with revoked keys
Lennart Poettering
2016-01-03
resolved: print a log message when we ignore an NSEC3 RR with an excessive am...
Lennart Poettering
2016-01-03
Merge pull request #2255 from teg/resolved-fixes-2
Lennart Poettering
2016-01-03
resolved: add negative trust anchro support, and add trust anchor configurati...
Lennart Poettering
2016-01-03
resolved: dnssec - properly take wildcards into account in NESC3 proof
Tom Gundersen
2016-01-03
resolved: dnssec - factor out hashed domain generation
Tom Gundersen
2016-01-03
resolved: don't conclude NODATA if CNAME exists
Tom Gundersen
2016-01-02
resolved: don't accept NSEC3 iteration fields unbounded
Lennart Poettering
2016-01-01
resolved: dnssec - add reference to the algorithm we implement
Tom Gundersen
2016-01-01
resolved: dnssec - prepend hashed labels to zone name
Tom Gundersen
2016-01-01
resolved: dnssec - rename some variables
Tom Gundersen
2016-01-01
resoled: dnssec - don't refuse to verify answer due to too many unrelated RRs
Tom Gundersen
2016-01-01
resolved: dnssec - fix off-by-one in RSA key parsing
Tom Gundersen
2015-12-29
resolved: NSEC3 hash algorithms are distinct from DS digest algorithms
Lennart Poettering
2015-12-29
update DNSSEC TODO
Lennart Poettering
2015-12-29
resolved: add comments referencing various RFCs to various places
Lennart Poettering
2015-12-28
Merge pull request #2231 from phomes/resolve-misc2
Tom Gundersen
2015-12-28
resolved: update DNSSEC TODO
Lennart Poettering
2015-12-28
resolved: use RRSIG expiry and original TTL for cache management
Lennart Poettering
2015-12-28
resolved: only keep a single list of supported signature algorithms
Lennart Poettering
2015-12-28
resolved: add ECDSA signature support
Lennart Poettering
2015-12-28
resolved: split out RSA-specific code from dnssec_verify_rrset()
Lennart Poettering
2015-12-28
resolved: simplify MD algorithm initialization a bit
Lennart Poettering
2015-12-28
resolved: add SHA384 digest support
Lennart Poettering
2015-12-28
resolve: remove unused variables
Thomas Hindoe Paaboel Andersen
2015-12-26
resolved: add an automatic downgrade to non-DNSSEC mode
Lennart Poettering
2015-12-26
resolved: if we accepted unauthenticated NSEC/NSEC3 RRs, use them for proofs
Lennart Poettering
2015-12-26
resolved: be stricter when searching for a DS RR for a DNSKEY RR
Lennart Poettering
[next]