summaryrefslogtreecommitdiff
path: root/src/resolve
AgeCommit message (Expand)Author
2016-01-03resolved: never authenticate RRsets with revoked keysLennart Poettering
2016-01-03resolved: print a log message when we ignore an NSEC3 RR with an excessive am...Lennart Poettering
2016-01-03Merge pull request #2255 from teg/resolved-fixes-2Lennart Poettering
2016-01-03resolve: add RFC4501 URI support to systemd-resolve-hostLennart Poettering
2016-01-03resolved: add negative trust anchro support, and add trust anchor configurati...Lennart Poettering
2016-01-03resolved: dnssec - properly take wildcards into account in NESC3 proofTom Gundersen
2016-01-03resolved: dnssec - factor out hashed domain generationTom Gundersen
2016-01-03resolved: don't conclude NODATA if CNAME existsTom Gundersen
2016-01-02resolved: fix serialization of the root domainLennart Poettering
2016-01-02resolved: only suffix RR key names with a dot if they don't have one yetLennart Poettering
2016-01-02resolved: don't accept NSEC3 iteration fields unboundedLennart Poettering
2016-01-02resolved: explain why we don't check IP addresses/ports of incoming DNS UDP t...Lennart Poettering
2016-01-02resolved: extend RFCs list a bitLennart Poettering
2016-01-01resolved: dnssec - add reference to the algorithm we implementTom Gundersen
2016-01-01resolved: dnssec - prepend hashed labels to zone nameTom Gundersen
2016-01-01resolved: dnssec - rename some variablesTom Gundersen
2016-01-01resoled: dnssec - don't refuse to verify answer due to too many unrelated RRsTom Gundersen
2016-01-01resolved: dnssec - fix off-by-one in RSA key parsingTom Gundersen
2015-12-29resolved: add a list of DNS-related RFCs and their implementation status in r...Lennart Poettering
2015-12-29resolved: append RFC6975 algorithm data to EDNS OPT RRLennart Poettering
2015-12-29resolved: NSEC3 hash algorithms are distinct from DS digest algorithmsLennart Poettering
2015-12-29update DNSSEC TODOLennart Poettering
2015-12-29resolved: add comments referencing various RFCs to various placesLennart Poettering
2015-12-29resolved: include GOST in list of DNSSEC algorithmsLennart Poettering
2015-12-29resolved: use CLAMP() intsead of MIN(MAX())Lennart Poettering
2015-12-29resolved: don't allow RRs with TTL=0 and TTL!=0 in the same RRsetLennart Poettering
2015-12-29resolved: parse EDNS0 rcode extension bitsLennart Poettering
2015-12-29resolved: reset RR TTL to 0, if MSB is setLennart Poettering
2015-12-29resolved: properly handle SRV RRs with the DNS root as hostnameLennart Poettering
2015-12-28Merge pull request #2231 from phomes/resolve-misc2Tom Gundersen
2015-12-28resolved: update DNSSEC TODOLennart Poettering
2015-12-28resolved: also use RRSIG expiry for negative cachingLennart Poettering
2015-12-28resolved: use RRSIG expiry and original TTL for cache managementLennart Poettering
2015-12-28resolved: clean up dns_transaction_stop()Lennart Poettering
2015-12-28resolved: only keep a single list of supported signature algorithmsLennart Poettering
2015-12-28resolved: add ECDSA signature supportLennart Poettering
2015-12-28resolved: split out RSA-specific code from dnssec_verify_rrset()Lennart Poettering
2015-12-28resolved: simplify MD algorithm initialization a bitLennart Poettering
2015-12-28resolved: add SHA384 digest supportLennart Poettering
2015-12-28resolve: remove unused variablesThomas Hindoe Paaboel Andersen
2015-12-27resolved: rename "features" variables to "feature_level"Lennart Poettering
2015-12-27resolved: rework OPT RR generation logicLennart Poettering
2015-12-27resolved: reuse dns_transaction_stop() when destructing transaction objectsLennart Poettering
2015-12-27resolved: add dns_transaction_close_connection()Lennart Poettering
2015-12-27resolved: make sure we reset the DNSSEC result when we accept a response packetLennart Poettering
2015-12-27resolved: improve some log messages a bitLennart Poettering
2015-12-27resolved: never proceed processing truncated packetsLennart Poettering
2015-12-27resolved: remember explicitly whether we already tried a stream connectionLennart Poettering
2015-12-27resolved: make sure we GC stream transactions properlyLennart Poettering
2015-12-27resolved: ignore additional DNS responses we get while validatingLennart Poettering