Age | Commit message (Expand) | Author |
2016-01-25 | resolved: log recognizably about DNSSEC downgrades | Lennart Poettering |
2016-01-25 | resolved: properly handle LLMNR/TCP connection errors | Lennart Poettering |
2016-01-25 | resolved: log each time we increase the DNSSEC verdict counters | Lennart Poettering |
2016-01-25 | resolved: if we detect a message with incomplete DNSSEC data, consider this a... | Lennart Poettering |
2016-01-25 | resolved: also collect statistics about negative DNSSEC proofs | Lennart Poettering |
2016-01-25 | resolve: generate a nice clean error when clients try to resolve a name when ... | Lennart Poettering |
2016-01-18 | resolved: don't try to print error strings, where errno isn't set | Lennart Poettering |
2016-01-18 | resolved: when restarting a transaction pick a new ID | Lennart Poettering |
2016-01-18 | resolved: enforce maximum limit on DNS transactions | Lennart Poettering |
2016-01-18 | resolved: fix how we detect whether auxiliary DNSSEC transactions are ready | Lennart Poettering |
2016-01-17 | resolved: when we find a DNAME RR, don't insist in a signed CNAME RR | Lennart Poettering |
2016-01-17 | resolved: when the server feature level changes between query and response re... | Lennart Poettering |
2016-01-17 | resolved: check OPT RR before accepting a reply for verification of server fe... | Lennart Poettering |
2016-01-17 | resolved: when restarting a DNS transaction, remove all auxiliary DNSSEC tran... | Lennart Poettering |
2016-01-17 | resolved: downgrade server feature level more aggressively when we have reaso... | Lennart Poettering |
2016-01-17 | resolved: rename dnssec_verify_dnskey() → dnssec_verify_dnskey_by_ds() | Lennart Poettering |
2016-01-17 | resolved: when validating an RRset, store information about the synthesizing ... | Lennart Poettering |
2016-01-13 | resolved: implement the full NSEC and NSEC3 postive wildcard proofs | Lennart Poettering |
2016-01-11 | resolved: refuse doing queries for known-obsolete RR types | Lennart Poettering |
2016-01-11 | resolved: rename DnsTransaction's current_features field to current_feature_l... | Lennart Poettering |
2016-01-11 | resolved: accept rightfully unsigned NSEC responses | Lennart Poettering |
2016-01-11 | resolved: rework how and when we detect whether our chosen DNS server knows D... | Lennart Poettering |
2016-01-11 | resolved: rework server feature level logic | Lennart Poettering |
2016-01-11 | resolved: log why we use TCP when UDP isn't supported by a server | Lennart Poettering |
2016-01-11 | resolved: log about truncated replies before trying again, not after | Lennart Poettering |
2016-01-11 | resolved: don't attempt to send queries for DNSSEC RR types to servers not su... | Lennart Poettering |
2016-01-11 | resolved: log about reasons for switching to TCP | Lennart Poettering |
2016-01-11 | resolved: properly handle UDP ICMP errors as lost packets | Lennart Poettering |
2016-01-11 | resolved: when we get a TCP connection failure, try again | Lennart Poettering |
2016-01-11 | resolved: introduce dns_transaction_retry() and use it everywhere | Lennart Poettering |
2016-01-11 | resolved: set a description on all our event sources | Lennart Poettering |
2016-01-11 | resolved: properly look for NSEC/NSEC3 RRs when getting a positive wildcard r... | Lennart Poettering |
2016-01-11 | resolved: when validating, first strip revoked trust anchor keys from validat... | Lennart Poettering |
2016-01-11 | resolved: rework trust anchor revoke checking | Lennart Poettering |
2016-01-11 | resolved: look for revoked trust anchors before validating a message | Lennart Poettering |
2016-01-11 | resolved: remove one level of indentation in dns_transaction_validate_dnssec() | Lennart Poettering |
2016-01-06 | resolved: introduce support for per-interface negative trust anchors | Lennart Poettering |
2016-01-06 | resolved: count unsupported dnssec algorithm as indeterminate RRset | Lennart Poettering |
2016-01-05 | resolved: try to detect fritz.box-style private DNS zones, and downgrade to n... | Lennart Poettering |
2016-01-05 | resolved: fix DNSSEC transaction dependency recursion check | Lennart Poettering |
2016-01-05 | resolved: rename "downgrade-ok" mode to "allow-downgrade" | Lennart Poettering |
2016-01-05 | resolved: when caching negative responses, honour NSEC/NSEC3 TTLs | Lennart Poettering |
2016-01-04 | resolved: explicitly handle case when the trust anchor is empty | Lennart Poettering |
2016-01-04 | resolved: explicitly avoid cyclic transaction dependencies | Lennart Poettering |
2016-01-04 | resolved: block transaction GC'ing while dns_transaction_request_dnssec_keys(... | Lennart Poettering |
2016-01-04 | resolved: partially implement RFC5011 Trust Anchor support | Lennart Poettering |
2016-01-04 | resolved: actually make use of message ID when logging about failed DNSSEC va... | Lennart Poettering |
2016-01-03 | Merge pull request #2255 from teg/resolved-fixes-2 | Lennart Poettering |
2016-01-03 | resolved: add negative trust anchro support, and add trust anchor configurati... | Lennart Poettering |
2016-01-03 | resolved: don't conclude NODATA if CNAME exists | Tom Gundersen |