summaryrefslogtreecommitdiff
path: root/src/resolve/resolved-dns-transaction.c
AgeCommit message (Expand)Author
2016-01-26resolved: fix the rcode to SUCCESS if we find at least one matching RR in a D...Lennart Poettering
2016-01-25resolved: don't consider NSEC/NSEC3 RRs as "pimary" for transactionsLennart Poettering
2016-01-25resolved: replace DNS_TRANSACTION_RESOURCES by DNS_TRANSACTION_ERRNOLennart Poettering
2016-01-25resolved: log recognizably about DNSSEC downgradesLennart Poettering
2016-01-25resolved: properly handle LLMNR/TCP connection errorsLennart Poettering
2016-01-25resolved: log each time we increase the DNSSEC verdict countersLennart Poettering
2016-01-25resolved: if we detect a message with incomplete DNSSEC data, consider this a...Lennart Poettering
2016-01-25resolved: also collect statistics about negative DNSSEC proofsLennart Poettering
2016-01-25resolve: generate a nice clean error when clients try to resolve a name when ...Lennart Poettering
2016-01-18resolved: don't try to print error strings, where errno isn't setLennart Poettering
2016-01-18resolved: when restarting a transaction pick a new IDLennart Poettering
2016-01-18resolved: enforce maximum limit on DNS transactionsLennart Poettering
2016-01-18resolved: fix how we detect whether auxiliary DNSSEC transactions are readyLennart Poettering
2016-01-17resolved: when we find a DNAME RR, don't insist in a signed CNAME RRLennart Poettering
2016-01-17resolved: when the server feature level changes between query and response re...Lennart Poettering
2016-01-17resolved: check OPT RR before accepting a reply for verification of server fe...Lennart Poettering
2016-01-17resolved: when restarting a DNS transaction, remove all auxiliary DNSSEC tran...Lennart Poettering
2016-01-17resolved: downgrade server feature level more aggressively when we have reaso...Lennart Poettering
2016-01-17resolved: rename dnssec_verify_dnskey() → dnssec_verify_dnskey_by_ds()Lennart Poettering
2016-01-17resolved: when validating an RRset, store information about the synthesizing ...Lennart Poettering
2016-01-13resolved: implement the full NSEC and NSEC3 postive wildcard proofsLennart Poettering
2016-01-11resolved: refuse doing queries for known-obsolete RR typesLennart Poettering
2016-01-11resolved: rename DnsTransaction's current_features field to current_feature_l...Lennart Poettering
2016-01-11resolved: accept rightfully unsigned NSEC responsesLennart Poettering
2016-01-11resolved: rework how and when we detect whether our chosen DNS server knows D...Lennart Poettering
2016-01-11resolved: rework server feature level logicLennart Poettering
2016-01-11resolved: log why we use TCP when UDP isn't supported by a serverLennart Poettering
2016-01-11resolved: log about truncated replies before trying again, not afterLennart Poettering
2016-01-11resolved: don't attempt to send queries for DNSSEC RR types to servers not su...Lennart Poettering
2016-01-11resolved: log about reasons for switching to TCPLennart Poettering
2016-01-11resolved: properly handle UDP ICMP errors as lost packetsLennart Poettering
2016-01-11resolved: when we get a TCP connection failure, try againLennart Poettering
2016-01-11resolved: introduce dns_transaction_retry() and use it everywhereLennart Poettering
2016-01-11resolved: set a description on all our event sourcesLennart Poettering
2016-01-11resolved: properly look for NSEC/NSEC3 RRs when getting a positive wildcard r...Lennart Poettering
2016-01-11resolved: when validating, first strip revoked trust anchor keys from validat...Lennart Poettering
2016-01-11resolved: rework trust anchor revoke checkingLennart Poettering
2016-01-11resolved: look for revoked trust anchors before validating a messageLennart Poettering
2016-01-11resolved: remove one level of indentation in dns_transaction_validate_dnssec()Lennart Poettering
2016-01-06resolved: introduce support for per-interface negative trust anchorsLennart Poettering
2016-01-06resolved: count unsupported dnssec algorithm as indeterminate RRsetLennart Poettering
2016-01-05resolved: try to detect fritz.box-style private DNS zones, and downgrade to n...Lennart Poettering
2016-01-05resolved: fix DNSSEC transaction dependency recursion checkLennart Poettering
2016-01-05resolved: rename "downgrade-ok" mode to "allow-downgrade"Lennart Poettering
2016-01-05resolved: when caching negative responses, honour NSEC/NSEC3 TTLsLennart Poettering
2016-01-04resolved: explicitly handle case when the trust anchor is emptyLennart Poettering
2016-01-04resolved: explicitly avoid cyclic transaction dependenciesLennart Poettering
2016-01-04resolved: block transaction GC'ing while dns_transaction_request_dnssec_keys(...Lennart Poettering
2016-01-04resolved: partially implement RFC5011 Trust Anchor supportLennart Poettering
2016-01-04resolved: actually make use of message ID when logging about failed DNSSEC va...Lennart Poettering