summaryrefslogtreecommitdiff
Commit message (Expand)AuthorAgeFilesLines
* Add forgotten destdir to install command.baserock/morphMark Doffman2014-03-101-1/+1
* Add morph file.Mark Doffman2014-03-101-0/+6
* OPT_LOCAL_SERVICE needs up-to-date interface list too.Simon Kelley2014-03-061-1/+2
* Set --local-service in Debian package startup.Simon Kelley2014-03-053-0/+17
* --local-service. Default protection from DNS amplification attacks.Simon Kelley2014-03-056-2/+133
* Add --static to pkg-config command when appropriate.Simon Kelley2014-03-051-1/+4
* Compiler warning.Simon Kelley2014-03-031-2/+2
* Man page updates for DNSSEC.Simon Kelley2014-03-021-2/+13
* KEYBLOCK LEN better as a multiple of 8.Simon Kelley2014-03-021-1/+1
* Can have local DS records (trust anchors).v2.69test11Simon Kelley2014-03-011-1/+1
* Mass edit of INSECURE->BOGUS returns for server failure/bad input.v2.69test10Simon Kelley2014-03-011-84/+73
* Don't cache secure replies which we've messsed with.Simon Kelley2014-03-011-5/+4
* Tweak tuning params.Simon Kelley2014-03-013-4/+5
* Handle replies with no answers and no NS in validate_reply.Simon Kelley2014-03-011-0/+4
* Don't free blockdata for negative DS cache entries.Simon Kelley2014-03-012-2/+2
* Fix off-by-one overwrite.Simon Kelley2014-03-011-1/+2
* Tidy.Simon Kelley2014-03-011-4/+3
* Check that unsigned replies come from unsigned zones if --dnssec-check-unsign...Simon Kelley2014-02-286-110/+469
* Negative caching for DS records.Simon Kelley2014-02-273-48/+104
* Return INSECURE when validation fails with proved non-existent DS.Simon Kelley2014-02-251-5/+9
* Strip DNSSEC RRs when query doesn't have DO bit set.Simon Kelley2014-02-254-94/+327
* Speeling.Simon Kelley2014-02-241-7/+7
* Code cleanup.v2.69test9Simon Kelley2014-02-241-47/+34
* An NSEC record cannot attest to its own non-existance!Simon Kelley2014-02-241-4/+8
* Check signer name in RRSIGs.Simon Kelley2014-02-231-6/+32
* Bugfix for last commit.Simon Kelley2014-02-231-4/+4
* NSEC3 validation. First pass.Simon Kelley2014-02-235-113/+505
* Add --servers-file option.Simon Kelley2014-02-208-27/+92
* Omit ECC from DNSSEC if nettle library is old.Simon Kelley2014-02-192-6/+17
* More server cleanup.Simon Kelley2014-02-191-29/+24
* Cleanup of server reading code, preparation, for dynamic reading from files.Simon Kelley2014-02-184-176/+145
* --rev-server option. Syntactic sugar for PTR queries.Simon Kelley2014-02-173-52/+102
* Log BOGUS validation result when upstream sends SERVFAIL.Simon Kelley2014-02-131-0/+3
* TYpo.Simon Kelley2014-02-131-1/+1
* No CD in forwarded queries unless dnssec-debug for TCP too.Simon Kelley2014-02-131-1/+4
* Don't mess with the TTL of DNSSEC RRs.Simon Kelley2014-02-131-5/+7
* Add RFC-6605 ECDSA DNSSEC verification.Simon Kelley2014-02-131-6/+80
* Use DS records as trust anchors, not DNSKEYs.v2.69test8Simon Kelley2014-02-118-119/+84
* Further tidying of AD and DO bit handling.Simon Kelley2014-02-103-37/+44
* Handle validation when more one key is needed.Simon Kelley2014-02-103-119/+142
* Fix Byte-order botch: broke DNSSEC on big-endian platforms.Simon Kelley2014-02-101-2/+2
* Fix DNSSEC caching problems: incomplete RRSIG RRsets.Simon Kelley2014-02-103-62/+59
* AD bit in queries handled as RFC6840 p5.7Simon Kelley2014-02-062-13/+10
* Add trust-anchors file to Debian package.v2.69test7Simon Kelley2014-02-061-0/+2
* Fix stack-smashing crash in DNSSEC. Thanks to Henk Jan Agteresch.Simon Kelley2014-02-065-22/+44
* DNSSEC config in example file.Simon Kelley2014-02-061-0/+4
* Protect against malicious DNS replies with very large RRsets.Simon Kelley2014-02-061-0/+5
* Make RR work when returning A/AAAA records and an RRSIG.Simon Kelley2014-02-043-26/+31
* Updated version of contrib/try-all-nsv2.69test6Jesse Glick2014-02-041-0/+29
* Linking stuff. Latest Debian/Ubuntu don't automatically link gmp.Simon Kelley2014-02-043-16/+22
View Lorry Controller Status