Age | Commit message (Expand) | Author |
2016-01-17 | resolved: on negative NODATA replies, properly deal with empty non-terminals | Lennart Poettering |
2016-01-17 | resolved: rename dnssec_verify_dnskey() → dnssec_verify_dnskey_by_ds() | Lennart Poettering |
2016-01-17 | resolved: be stricter when using NSEC3 | Lennart Poettering |
2016-01-17 | resolved: when validating an RRset, store information about the synthesizing ... | Lennart Poettering |
2016-01-17 | resolved: do not use NSEC RRs from the wrong zone for proofs | Lennart Poettering |
2016-01-17 | resolved: ignore DS RRs without generating an error if they use an unsupporte... | Lennart Poettering |
2016-01-17 | resolved: some RR types may appear only or not at all in a zone apex | Lennart Poettering |
2016-01-13 | resolved: implement the full NSEC and NSEC3 postive wildcard proofs | Lennart Poettering |
2016-01-13 | resolved: refuse validating wildcard RRs for SOA, NSEC3, DNAME | Lennart Poettering |
2016-01-13 | resolved: properly handles RRs in domains beginning in an asterisk label | Lennart Poettering |
2016-01-13 | resolved: optimize dnssec_verify_rrset() a bit | Lennart Poettering |
2016-01-13 | resolved: allocate bounded strings on stack instead of heap, if we can | Lennart Poettering |
2016-01-13 | resolved: consider inverted RRSIG validity intervals expired | Lennart Poettering |
2016-01-11 | resolved: improve query RR type error wording a bit | Lennart Poettering |
2016-01-11 | resolved: don#t allow explicit queries for RRSIG RRs | Lennart Poettering |
2016-01-11 | resolved: refuse doing queries for known-obsolete RR types | Lennart Poettering |
2016-01-11 | resolved: rename DnsTransaction's current_features field to current_feature_l... | Lennart Poettering |
2016-01-11 | resolved: split out resetting of DNS server counters into a function call of ... | Lennart Poettering |
2016-01-11 | resolved: accept rightfully unsigned NSEC responses | Lennart Poettering |
2016-01-11 | resolved: rework how and when we detect whether our chosen DNS server knows D... | Lennart Poettering |
2016-01-11 | resolved: cache formatted server string in DnsServer structure | Lennart Poettering |
2016-01-11 | resolved: rework server feature level logic | Lennart Poettering |
2016-01-11 | resolved: add missing case to switch statement | Lennart Poettering |
2016-01-11 | resolved: log why we use TCP when UDP isn't supported by a server | Lennart Poettering |
2016-01-11 | resolved: log about truncated replies before trying again, not after | Lennart Poettering |
2016-01-11 | resolved: don't attempt to send queries for DNSSEC RR types to servers not su... | Lennart Poettering |
2016-01-11 | resolved: log about reasons for switching to TCP | Lennart Poettering |
2016-01-11 | resolved: when we get a packet failure from a server, don't downgrade UDP to ... | Lennart Poettering |
2016-01-11 | resolved: properly handle UDP ICMP errors as lost packets | Lennart Poettering |
2016-01-11 | resolved: when we get a TCP connection failure, try again | Lennart Poettering |
2016-01-11 | resolved: when DNS/TCP doesn't work, try DNS/UDP again | Lennart Poettering |
2016-01-11 | resolved: introduce dns_transaction_retry() and use it everywhere | Lennart Poettering |
2016-01-11 | resolved: set a description on all our event sources | Lennart Poettering |
2016-01-11 | resolved: fix error propagation | Lennart Poettering |
2016-01-11 | shared: make sure foo.bar and foobar result in different domain name hashes | Lennart Poettering |
2016-01-11 | resolved: properly look for NSEC/NSEC3 RRs when getting a positive wildcard r... | Lennart Poettering |
2016-01-11 | resolved: split up nsec3_hashed_domain() into two calls | Lennart Poettering |
2016-01-11 | resolved: drop flags unused parameter from nsec3_is_good | Lennart Poettering |
2016-01-11 | resolved: when validating, first strip revoked trust anchor keys from validat... | Lennart Poettering |
2016-01-11 | basic: introduce generic ascii_strlower_n() call and make use of it everywhere | Lennart Poettering |
2016-01-11 | resolved: rework trust anchor revoke checking | Lennart Poettering |
2016-01-11 | resolved: look for revoked trust anchors before validating a message | Lennart Poettering |
2016-01-11 | resolved: use dns_answer_size() where appropriate to handle NULL DnsAnswer | Lennart Poettering |
2016-01-11 | resolved: remove one level of indentation in dns_transaction_validate_dnssec() | Lennart Poettering |
2016-01-11 | resolved: be less strict where the OPT pseudo-RR is placed | Lennart Poettering |
2016-01-11 | resolved: rename suffix_rr → zone_rr | Lennart Poettering |
2016-01-11 | resolved: fix NSEC3 iterations limit to what RFC5155 suggests | Lennart Poettering |
2016-01-07 | Merge pull request #2284 from teg/resolved-cname-2 | Lennart Poettering |
2016-01-07 | resolved: query_process_cname - make fully recursive | Tom Gundersen |
2016-01-06 | update DNSSEC TODO | Lennart Poettering |