summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Add forgotten destdir to install command.baserock/morphMark Doffman2014-03-101-1/+1
|
* Add morph file.Mark Doffman2014-03-101-0/+6
|
* OPT_LOCAL_SERVICE needs up-to-date interface list too.Simon Kelley2014-03-061-1/+2
|
* Set --local-service in Debian package startup.Simon Kelley2014-03-053-0/+17
|
* --local-service. Default protection from DNS amplification attacks.Simon Kelley2014-03-056-2/+133
|
* Add --static to pkg-config command when appropriate.Simon Kelley2014-03-051-1/+4
|
* Compiler warning.Simon Kelley2014-03-031-2/+2
|
* Man page updates for DNSSEC.Simon Kelley2014-03-021-2/+13
|
* KEYBLOCK LEN better as a multiple of 8.Simon Kelley2014-03-021-1/+1
|
* Can have local DS records (trust anchors).v2.69test11Simon Kelley2014-03-011-1/+1
|
* Mass edit of INSECURE->BOGUS returns for server failure/bad input.v2.69test10Simon Kelley2014-03-011-84/+73
|
* Don't cache secure replies which we've messsed with.Simon Kelley2014-03-011-5/+4
|
* Tweak tuning params.Simon Kelley2014-03-013-4/+5
|
* Handle replies with no answers and no NS in validate_reply.Simon Kelley2014-03-011-0/+4
|
* Don't free blockdata for negative DS cache entries.Simon Kelley2014-03-012-2/+2
|
* Fix off-by-one overwrite.Simon Kelley2014-03-011-1/+2
|
* Tidy.Simon Kelley2014-03-011-4/+3
|
* Check that unsigned replies come from unsigned zones if ↵Simon Kelley2014-02-286-110/+469
| | | | --dnssec-check-unsigned set.
* Negative caching for DS records.Simon Kelley2014-02-273-48/+104
|
* Return INSECURE when validation fails with proved non-existent DS.Simon Kelley2014-02-251-5/+9
|
* Strip DNSSEC RRs when query doesn't have DO bit set.Simon Kelley2014-02-254-94/+327
|
* Speeling.Simon Kelley2014-02-241-7/+7
|
* Code cleanup.v2.69test9Simon Kelley2014-02-241-47/+34
|
* An NSEC record cannot attest to its own non-existance!Simon Kelley2014-02-241-4/+8
|
* Check signer name in RRSIGs.Simon Kelley2014-02-231-6/+32
|
* Bugfix for last commit.Simon Kelley2014-02-231-4/+4
|
* NSEC3 validation. First pass.Simon Kelley2014-02-235-113/+505
|
* Add --servers-file option.Simon Kelley2014-02-208-27/+92
|
* Omit ECC from DNSSEC if nettle library is old.Simon Kelley2014-02-192-6/+17
|
* More server cleanup.Simon Kelley2014-02-191-29/+24
|
* Cleanup of server reading code, preparation, for dynamic reading from files.Simon Kelley2014-02-184-176/+145
|
* --rev-server option. Syntactic sugar for PTR queries.Simon Kelley2014-02-173-52/+102
|
* Log BOGUS validation result when upstream sends SERVFAIL.Simon Kelley2014-02-131-0/+3
|
* TYpo.Simon Kelley2014-02-131-1/+1
|
* No CD in forwarded queries unless dnssec-debug for TCP too.Simon Kelley2014-02-131-1/+4
|
* Don't mess with the TTL of DNSSEC RRs.Simon Kelley2014-02-131-5/+7
|
* Add RFC-6605 ECDSA DNSSEC verification.Simon Kelley2014-02-131-6/+80
|
* Use DS records as trust anchors, not DNSKEYs.v2.69test8Simon Kelley2014-02-118-119/+84
| | | | | This allows us to query for the root zone DNSKEY RRset and validate it, thus automatically handling KSK rollover.
* Further tidying of AD and DO bit handling.Simon Kelley2014-02-103-37/+44
|
* Handle validation when more one key is needed.Simon Kelley2014-02-103-119/+142
|
* Fix Byte-order botch: broke DNSSEC on big-endian platforms.Simon Kelley2014-02-101-2/+2
|
* Fix DNSSEC caching problems: incomplete RRSIG RRsets.Simon Kelley2014-02-103-62/+59
|
* AD bit in queries handled as RFC6840 p5.7Simon Kelley2014-02-062-13/+10
|
* Add trust-anchors file to Debian package.v2.69test7Simon Kelley2014-02-061-0/+2
|
* Fix stack-smashing crash in DNSSEC. Thanks to Henk Jan Agteresch.Simon Kelley2014-02-065-22/+44
|
* DNSSEC config in example file.Simon Kelley2014-02-061-0/+4
|
* Protect against malicious DNS replies with very large RRsets.Simon Kelley2014-02-061-0/+5
|
* Make RR work when returning A/AAAA records and an RRSIG.Simon Kelley2014-02-043-26/+31
|
* Updated version of contrib/try-all-nsv2.69test6Jesse Glick2014-02-041-0/+29
|
* Linking stuff. Latest Debian/Ubuntu don't automatically link gmp.Simon Kelley2014-02-043-16/+22
|
View Lorry Controller Status