Age | Commit message (Expand) | Author |
2016-01-17 | resolved: check OPT RR before accepting a reply for verification of server fe... | Lennart Poettering |
2016-01-17 | resolved: when restarting a DNS transaction, remove all auxiliary DNSSEC tran... | Lennart Poettering |
2016-01-17 | resolved: when we receive an reply which is OPT-less or RRSIG-less, downgrade... | Lennart Poettering |
2016-01-17 | resolved: downgrade server feature level more aggressively when we have reaso... | Lennart Poettering |
2016-01-17 | resolved: ignore invalid OPT RRs in incoming packets | Lennart Poettering |
2016-01-17 | resolved: update RFCs list and TODO list | Lennart Poettering |
2016-01-17 | resolved: add complex test case | Lennart Poettering |
2016-01-17 | resolved: complete NSEC non-existance proofs | Lennart Poettering |
2016-01-17 | resolved: make sure the NSEC proof-of-non-existance check also looks for wild... | Lennart Poettering |
2016-01-17 | resolved: on negative NODATA replies, properly deal with empty non-terminals | Lennart Poettering |
2016-01-17 | resolved: rename dnssec_verify_dnskey() → dnssec_verify_dnskey_by_ds() | Lennart Poettering |
2016-01-17 | resolved: be stricter when using NSEC3 | Lennart Poettering |
2016-01-17 | resolved: when validating an RRset, store information about the synthesizing ... | Lennart Poettering |
2016-01-17 | resolved: do not use NSEC RRs from the wrong zone for proofs | Lennart Poettering |
2016-01-17 | resolved: ignore DS RRs without generating an error if they use an unsupporte... | Lennart Poettering |
2016-01-17 | resolved: some RR types may appear only or not at all in a zone apex | Lennart Poettering |
2016-01-13 | resolved: implement the full NSEC and NSEC3 postive wildcard proofs | Lennart Poettering |
2016-01-13 | resolved: refuse validating wildcard RRs for SOA, NSEC3, DNAME | Lennart Poettering |
2016-01-13 | resolved: properly handles RRs in domains beginning in an asterisk label | Lennart Poettering |
2016-01-13 | resolved: optimize dnssec_verify_rrset() a bit | Lennart Poettering |
2016-01-13 | resolved: allocate bounded strings on stack instead of heap, if we can | Lennart Poettering |
2016-01-13 | resolved: consider inverted RRSIG validity intervals expired | Lennart Poettering |
2016-01-11 | resolved: improve query RR type error wording a bit | Lennart Poettering |
2016-01-11 | resolved: don#t allow explicit queries for RRSIG RRs | Lennart Poettering |
2016-01-11 | resolved: refuse doing queries for known-obsolete RR types | Lennart Poettering |
2016-01-11 | resolved: rename DnsTransaction's current_features field to current_feature_l... | Lennart Poettering |
2016-01-11 | resolved: split out resetting of DNS server counters into a function call of ... | Lennart Poettering |
2016-01-11 | resolved: accept rightfully unsigned NSEC responses | Lennart Poettering |
2016-01-11 | resolved: rework how and when we detect whether our chosen DNS server knows D... | Lennart Poettering |
2016-01-11 | resolved: cache formatted server string in DnsServer structure | Lennart Poettering |
2016-01-11 | resolved: rework server feature level logic | Lennart Poettering |
2016-01-11 | resolved: add missing case to switch statement | Lennart Poettering |
2016-01-11 | resolved: log why we use TCP when UDP isn't supported by a server | Lennart Poettering |
2016-01-11 | resolved: log about truncated replies before trying again, not after | Lennart Poettering |
2016-01-11 | resolved: don't attempt to send queries for DNSSEC RR types to servers not su... | Lennart Poettering |
2016-01-11 | resolved: log about reasons for switching to TCP | Lennart Poettering |
2016-01-11 | resolved: when we get a packet failure from a server, don't downgrade UDP to ... | Lennart Poettering |
2016-01-11 | resolved: properly handle UDP ICMP errors as lost packets | Lennart Poettering |
2016-01-11 | resolved: when we get a TCP connection failure, try again | Lennart Poettering |
2016-01-11 | resolved: when DNS/TCP doesn't work, try DNS/UDP again | Lennart Poettering |
2016-01-11 | resolved: introduce dns_transaction_retry() and use it everywhere | Lennart Poettering |
2016-01-11 | resolved: set a description on all our event sources | Lennart Poettering |
2016-01-11 | resolved: fix error propagation | Lennart Poettering |
2016-01-11 | shared: make sure foo.bar and foobar result in different domain name hashes | Lennart Poettering |
2016-01-11 | resolved: properly look for NSEC/NSEC3 RRs when getting a positive wildcard r... | Lennart Poettering |
2016-01-11 | resolved: split up nsec3_hashed_domain() into two calls | Lennart Poettering |
2016-01-11 | resolved: drop flags unused parameter from nsec3_is_good | Lennart Poettering |
2016-01-11 | resolved: when validating, first strip revoked trust anchor keys from validat... | Lennart Poettering |
2016-01-11 | basic: introduce generic ascii_strlower_n() call and make use of it everywhere | Lennart Poettering |
2016-01-11 | resolved: rework trust anchor revoke checking | Lennart Poettering |