index
:
~lukeshu/systemd
elogind/master
eudev/master
notsystemd/master
notsystemd/postmove
notsystemd/premove
notsystemd/wip/cgroup2
notsystemd/wip/nspawn
notsystemd/wip/nspawn-parse
systemd/master
systemd/parabola
Unnamed repository; edit this file 'description' to name the repository.
git-mirror
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
src
/
resolve
Age
Commit message (
Expand
)
Author
2016-01-05
resolved: also skip built-in trust anchor addition of there's a DNSKEY RR for...
Lennart Poettering
2016-01-05
resolved: move trust anchor files to /etc/dnssec-trust-anchors.d/
Lennart Poettering
2016-01-05
resolved: when caching negative responses, honour NSEC/NSEC3 TTLs
Lennart Poettering
2016-01-04
update DNSSEC TODO
Lennart Poettering
2016-01-04
resolved: explicitly handle case when the trust anchor is empty
Lennart Poettering
2016-01-04
resolved: introduce a proper bus error for DNSSEC validation errors
Lennart Poettering
2016-01-04
resolved: explicitly avoid cyclic transaction dependencies
Lennart Poettering
2016-01-04
resolved: block transaction GC'ing while dns_transaction_request_dnssec_keys(...
Lennart Poettering
2016-01-04
update RFCs
Lennart Poettering
2016-01-04
resolved: partially implement RFC5011 Trust Anchor support
Lennart Poettering
2016-01-04
resolved: fix DNSSEC canonical ordering logic
Lennart Poettering
2016-01-04
resolved: actually make use of message ID when logging about failed DNSSEC va...
Lennart Poettering
2016-01-03
resolved: refuse revoked DNSKEYs in trust anchor
Lennart Poettering
2016-01-03
resolved: never authenticate RRsets with revoked keys
Lennart Poettering
2016-01-03
resolved: print a log message when we ignore an NSEC3 RR with an excessive am...
Lennart Poettering
2016-01-03
Merge pull request #2255 from teg/resolved-fixes-2
Lennart Poettering
2016-01-03
resolve: add RFC4501 URI support to systemd-resolve-host
Lennart Poettering
2016-01-03
resolved: add negative trust anchro support, and add trust anchor configurati...
Lennart Poettering
2016-01-03
resolved: dnssec - properly take wildcards into account in NESC3 proof
Tom Gundersen
2016-01-03
resolved: dnssec - factor out hashed domain generation
Tom Gundersen
2016-01-03
resolved: don't conclude NODATA if CNAME exists
Tom Gundersen
2016-01-02
resolved: fix serialization of the root domain
Lennart Poettering
2016-01-02
resolved: only suffix RR key names with a dot if they don't have one yet
Lennart Poettering
2016-01-02
resolved: don't accept NSEC3 iteration fields unbounded
Lennart Poettering
2016-01-02
resolved: explain why we don't check IP addresses/ports of incoming DNS UDP t...
Lennart Poettering
2016-01-02
resolved: extend RFCs list a bit
Lennart Poettering
2016-01-01
resolved: dnssec - add reference to the algorithm we implement
Tom Gundersen
2016-01-01
resolved: dnssec - prepend hashed labels to zone name
Tom Gundersen
2016-01-01
resolved: dnssec - rename some variables
Tom Gundersen
2016-01-01
resoled: dnssec - don't refuse to verify answer due to too many unrelated RRs
Tom Gundersen
2016-01-01
resolved: dnssec - fix off-by-one in RSA key parsing
Tom Gundersen
2015-12-29
resolved: add a list of DNS-related RFCs and their implementation status in r...
Lennart Poettering
2015-12-29
resolved: append RFC6975 algorithm data to EDNS OPT RR
Lennart Poettering
2015-12-29
resolved: NSEC3 hash algorithms are distinct from DS digest algorithms
Lennart Poettering
2015-12-29
update DNSSEC TODO
Lennart Poettering
2015-12-29
resolved: add comments referencing various RFCs to various places
Lennart Poettering
2015-12-29
resolved: include GOST in list of DNSSEC algorithms
Lennart Poettering
2015-12-29
resolved: use CLAMP() intsead of MIN(MAX())
Lennart Poettering
2015-12-29
resolved: don't allow RRs with TTL=0 and TTL!=0 in the same RRset
Lennart Poettering
2015-12-29
resolved: parse EDNS0 rcode extension bits
Lennart Poettering
2015-12-29
resolved: reset RR TTL to 0, if MSB is set
Lennart Poettering
2015-12-29
resolved: properly handle SRV RRs with the DNS root as hostname
Lennart Poettering
2015-12-28
Merge pull request #2231 from phomes/resolve-misc2
Tom Gundersen
2015-12-28
resolved: update DNSSEC TODO
Lennart Poettering
2015-12-28
resolved: also use RRSIG expiry for negative caching
Lennart Poettering
2015-12-28
resolved: use RRSIG expiry and original TTL for cache management
Lennart Poettering
2015-12-28
resolved: clean up dns_transaction_stop()
Lennart Poettering
2015-12-28
resolved: only keep a single list of supported signature algorithms
Lennart Poettering
2015-12-28
resolved: add ECDSA signature support
Lennart Poettering
2015-12-28
resolved: split out RSA-specific code from dnssec_verify_rrset()
Lennart Poettering
[next]