summaryrefslogtreecommitdiff
path: root/src/resolve/resolved-dns-transaction.c
AgeCommit message (Expand)Author
2016-01-11resolved: rework server feature level logicLennart Poettering
2016-01-11resolved: log why we use TCP when UDP isn't supported by a serverLennart Poettering
2016-01-11resolved: log about truncated replies before trying again, not afterLennart Poettering
2016-01-11resolved: don't attempt to send queries for DNSSEC RR types to servers not su...Lennart Poettering
2016-01-11resolved: log about reasons for switching to TCPLennart Poettering
2016-01-11resolved: properly handle UDP ICMP errors as lost packetsLennart Poettering
2016-01-11resolved: when we get a TCP connection failure, try againLennart Poettering
2016-01-11resolved: introduce dns_transaction_retry() and use it everywhereLennart Poettering
2016-01-11resolved: set a description on all our event sourcesLennart Poettering
2016-01-11resolved: properly look for NSEC/NSEC3 RRs when getting a positive wildcard r...Lennart Poettering
2016-01-11resolved: when validating, first strip revoked trust anchor keys from validat...Lennart Poettering
2016-01-11resolved: rework trust anchor revoke checkingLennart Poettering
2016-01-11resolved: look for revoked trust anchors before validating a messageLennart Poettering
2016-01-11resolved: remove one level of indentation in dns_transaction_validate_dnssec()Lennart Poettering
2016-01-06resolved: introduce support for per-interface negative trust anchorsLennart Poettering
2016-01-06resolved: count unsupported dnssec algorithm as indeterminate RRsetLennart Poettering
2016-01-05resolved: try to detect fritz.box-style private DNS zones, and downgrade to n...Lennart Poettering
2016-01-05resolved: fix DNSSEC transaction dependency recursion checkLennart Poettering
2016-01-05resolved: rename "downgrade-ok" mode to "allow-downgrade"Lennart Poettering
2016-01-05resolved: when caching negative responses, honour NSEC/NSEC3 TTLsLennart Poettering
2016-01-04resolved: explicitly handle case when the trust anchor is emptyLennart Poettering
2016-01-04resolved: explicitly avoid cyclic transaction dependenciesLennart Poettering
2016-01-04resolved: block transaction GC'ing while dns_transaction_request_dnssec_keys(...Lennart Poettering
2016-01-04resolved: partially implement RFC5011 Trust Anchor supportLennart Poettering
2016-01-04resolved: actually make use of message ID when logging about failed DNSSEC va...Lennart Poettering
2016-01-03Merge pull request #2255 from teg/resolved-fixes-2Lennart Poettering
2016-01-03resolved: add negative trust anchro support, and add trust anchor configurati...Lennart Poettering
2016-01-03resolved: don't conclude NODATA if CNAME existsTom Gundersen
2016-01-02resolved: explain why we don't check IP addresses/ports of incoming DNS UDP t...Lennart Poettering
2015-12-28resolved: clean up dns_transaction_stop()Lennart Poettering
2015-12-27resolved: rename "features" variables to "feature_level"Lennart Poettering
2015-12-27resolved: rework OPT RR generation logicLennart Poettering
2015-12-27resolved: reuse dns_transaction_stop() when destructing transaction objectsLennart Poettering
2015-12-27resolved: add dns_transaction_close_connection()Lennart Poettering
2015-12-27resolved: make sure we reset the DNSSEC result when we accept a response packetLennart Poettering
2015-12-27resolved: improve some log messages a bitLennart Poettering
2015-12-27resolved: never proceed processing truncated packetsLennart Poettering
2015-12-27resolved: remember explicitly whether we already tried a stream connectionLennart Poettering
2015-12-27resolved: make sure we GC stream transactions properlyLennart Poettering
2015-12-27resolved: ignore additional DNS responses we get while validatingLennart Poettering
2015-12-27resolved: introduce dns_transaction_reset_answer()Lennart Poettering
2015-12-26resolved: name TCP and UDP socket calls uniformlyLennart Poettering
2015-12-26resolved: add an automatic downgrade to non-DNSSEC modeLennart Poettering
2015-12-26resolved: generate an explicit transaction error when we cannot reach server ...Lennart Poettering
2015-12-26resolved: deal with unsigned DS/NSEC/NSEC3 properlyLennart Poettering
2015-12-26resolved: log each dnssec failure, in a recognizable wayLennart Poettering
2015-12-26resolved: gather statistics about resolved namesLennart Poettering
2015-12-26resolved: if we accepted unauthenticated NSEC/NSEC3 RRs, use them for proofsLennart Poettering
2015-12-26resolved: don't insist on finding DNSKEYs for RRsets of zones with DNSSEC offLennart Poettering
2015-12-26resolved: tighten search for NSEC3 RRs a bitLennart Poettering