summaryrefslogtreecommitdiff
path: root/src/resolve/resolved-dns-dnssec.h
Commit message (Expand)AuthorAgeFilesLines
* tree-wide: remove Emacs lines from all filesDaniel Mack2016-02-101-2/+0
* resolved: make dnssec_nsec_test_enclosed() staticMichael Olbrich2016-01-311-1/+0
* resolved: log each time we increase the DNSSEC verdict countersLennart Poettering2016-01-251-1/+14
* resolved: rename dnssec_verify_dnskey() → dnssec_verify_dnskey_by_ds()Lennart Poettering2016-01-171-2/+2
* resolved: implement the full NSEC and NSEC3 postive wildcard proofsLennart Poettering2016-01-131-1/+4
* resolved: properly look for NSEC/NSEC3 RRs when getting a positive wildcard r...Lennart Poettering2016-01-111-4/+6
* resolved,networkd: add a per-interface DNSSEC settingLennart Poettering2016-01-051-21/+0
* resolved: rename "downgrade-ok" mode to "allow-downgrade"Lennart Poettering2016-01-051-1/+1
* resolved: when caching negative responses, honour NSEC/NSEC3 TTLsLennart Poettering2016-01-051-1/+1
* resolved: partially implement RFC5011 Trust Anchor supportLennart Poettering2016-01-041-5/+5
* resolved: print a log message when we ignore an NSEC3 RR with an excessive am...Lennart Poettering2016-01-031-1/+1
* resolved: dnssec - factor out hashed domain generationTom Gundersen2016-01-031-1/+1
* resolved: don't conclude NODATA if CNAME existsTom Gundersen2016-01-031-0/+1
* resolved: add an automatic downgrade to non-DNSSEC modeLennart Poettering2015-12-261-1/+10
* resolved: if we accepted unauthenticated NSEC/NSEC3 RRs, use them for proofsLennart Poettering2015-12-261-1/+1
* resolved: add support NSEC3 proofs, as well as proofs for domains that are OK...Lennart Poettering2015-12-181-4/+5
* resolved: add basic proof of non-existance support for NSEC+NSEC3Lennart Poettering2015-12-141-0/+15
* resolved: rework dnssec validation resultsLennart Poettering2015-12-111-2/+8
* resolved: chase DNSKEY/DS RRs when doing look-ups with DNSSEC enabledLennart Poettering2015-12-101-4/+13
* resolved: introduce a dnssec_mode setting per scopeLennart Poettering2015-12-031-1/+19
* resolved: don't accept expired RRSIGsLennart Poettering2015-12-031-2/+3
* resolved: add basic DNSSEC supportLennart Poettering2015-12-021-0/+48