Gitiles
Code Review Sign In
gerrit.nordix.org / thekelleys / dnsmasq / cbe379ad6b52a538a4416a7cd992817e5637ccf9 / src / dnssec.c
  1. cbe379a Handle domain names with '.' or /000 within labels. by Simon Kelley · 10 years ago
  2. fe3992f Return INSECURE, rather than BOGUS when DS proved not to exist. by Simon Kelley · 10 years ago
  3. 394ff49 Allow control characters in names in the cache, handle when logging. by Simon Kelley · 10 years ago
  4. 1e15394 DNSSEC fix for non-ascii characters in labels. by Simon Kelley · 10 years ago
  5. 0b8a5a3 Protect against broken DNSSEC upstreams. by Simon Kelley · 10 years ago
  6. 8805283 Don't fail DNSSEC when a signed CNAME dangles into an unsigned zone. by Simon Kelley · 10 years ago
  7. 360f251 Tweak DNSSEC timestamp code to create file later, removing need to chown it. by Simon Kelley · 10 years ago
  8. 9003b50 Fix last commit to not crash if uid changing not configured. by Simon Kelley · 10 years ago
  9. f6e62e2 Add --dnssec-timestamp option and facility. by Simon Kelley · 10 years ago
  10. 6ef15b3 Fix broken ECDSA DNSSEC signatures. by Simon Kelley · 10 years ago
  11. aff3396 Update copyrights for dawn of 2015. by Simon Kelley · 10 years ago
  12. 5e32173 Don't answer from cache RRsets from wildcards, as we don't have NSECs. by Simon Kelley · 10 years ago
  13. 25cf5e3 Add --log-queries=extra option for more complete logging. by Simon Kelley · 10 years ago
  14. 97e618a DNSSEC: do top-down search for limit of secure delegation. by Simon Kelley · 10 years ago
  15. 0b1008d Bad packet protection. by Simon Kelley · 10 years ago
  16. 83d2ed0 Initialise return value. by Simon Kelley · 10 years ago
  17. fbc5205 Fix problems validating NSEC3 and wildcards. by Simon Kelley · 10 years ago
  18. 094b5c3 Fix crash in DNSSEC code when attempting to verify large RRs. by Simon Kelley · 10 years ago
  19. cdb755c Fix FTBFS with Nettle-3.0. by Simon Kelley · 10 years ago
  20. 063efb3 Build config: add -DNO_GMP for use with nettle/mini-gmp by Simon Kelley · 10 years ago
  21. e6096e6 Another filter_rrsigs fix. by Simon Kelley · 11 years ago
  22. 9d1b22a Fix DNSSEC validation of ANY queries. by Simon Kelley · 11 years ago
  23. 50f86ce Need to fixup records in the additional section when removing DNSSEC stuff. by Simon Kelley · 11 years ago
  24. e98bd52 Add --dnssec-no-timecheck by Simon Kelley · 11 years ago
  25. 3f7483e Handle integer overflow in uid counter. Fixes rare crashes in cache code. by Simon Kelley · 11 years ago
  26. c07d30d Compiler warning. by Simon Kelley · 11 years ago
  27. 8707019 Mass edit of INSECURE->BOGUS returns for server failure/bad input. by Simon Kelley · 11 years ago
  28. 1fbe4d2 Tweak tuning params. by Simon Kelley · 11 years ago
  29. 0575610 Handle replies with no answers and no NS in validate_reply. by Simon Kelley · 11 years ago
  30. e3f1455 Don't free blockdata for negative DS cache entries. by Simon Kelley · 11 years ago
  31. bd9b3cf Fix off-by-one overwrite. by Simon Kelley · 11 years ago
  32. 14db421 Tidy. by Simon Kelley · 11 years ago
  33. 00a5b5d Check that unsigned replies come from unsigned zones if --dnssec-check-unsigned set. by Simon Kelley · 11 years ago
  34. b8eac19 Negative caching for DS records. by Simon Kelley · 11 years ago
  35. b47b04c Return INSECURE when validation fails with proved non-existent DS. by Simon Kelley · 11 years ago
  36. 613ad15 Strip DNSSEC RRs when query doesn't have DO bit set. by Simon Kelley · 11 years ago
  37. 2418753 Speeling. by Simon Kelley · 11 years ago
  38. a857daa Code cleanup. by Simon Kelley · 11 years ago
  39. f01d7be An NSEC record cannot attest to its own non-existance! by Simon Kelley · 11 years ago
  40. d387380 Check signer name in RRSIGs. by Simon Kelley · 11 years ago
  41. f2e4c27 Bugfix for last commit. by Simon Kelley · 11 years ago
  42. 5107ace NSEC3 validation. First pass. by Simon Kelley · 11 years ago
  43. 7b1eae4 Add --servers-file option. by Simon Kelley · 11 years ago
  44. c152dc8 Omit ECC from DNSSEC if nettle library is old. by Simon Kelley · 11 years ago
  45. e3ec15a Log BOGUS validation result when upstream sends SERVFAIL. by Simon Kelley · 11 years ago
  46. ebe95a8 Add RFC-6605 ECDSA DNSSEC verification. by Simon Kelley · 11 years ago
  47. 1633e30 Fix Byte-order botch: broke DNSSEC on big-endian platforms. by Simon Kelley · 11 years ago
  48. c8ca33f Fix DNSSEC caching problems: incomplete RRSIG RRsets. by Simon Kelley · 11 years ago
  49. 610e782 Fix stack-smashing crash in DNSSEC. Thanks to Henk Jan Agteresch. by Simon Kelley · 11 years ago
  50. bb201c2 Protect against malicious DNS replies with very large RRsets. by Simon Kelley · 11 years ago
  51. b98d22c Linking stuff. Latest Debian/Ubuntu don't automatically link gmp. by Simon Kelley · 11 years ago
  52. 8d718cb Nasty cache failure and memory leak with DNSSEC. by Simon Kelley · 11 years ago
  53. f6a2b79 Validate Ooops. by Simon Kelley · 11 years ago
  54. 6f46810 Code tidy. by Simon Kelley · 11 years ago
  55. 7d23a66 Remove --dnssec-permissive, pointless if we don't set CD upstream. by Simon Kelley · 11 years ago
  56. 703c7ff Fix to last commit. by Simon Kelley · 11 years ago
  57. 8a9be9e Replace CRC32 with SHA1 for spoof detection in DNSSEC builds. by Simon Kelley · 11 years ago
  58. b5dbfd1 RRSIG answer logging. by Simon Kelley · 11 years ago
  59. 5b3bf92 --dnssec-debug by Simon Kelley · 11 years ago
  60. 0744ca6 More DNSSEC caching logic, and avoid repeated validation of DS/DNSKEY by Simon Kelley · 11 years ago
  61. 2d33bda RRSIGS for PTR records from cache. by Simon Kelley · 11 years ago
  62. 824202e More DNSSEC cache readout. by Simon Kelley · 11 years ago
  63. e7829ae Cache RRSIGS. by Simon Kelley · 11 years ago
  64. 51ea3ca Caching of DNSSEC records. by Simon Kelley · 11 years ago
  65. 6fd6dac Fix loop in RR sort. by Simon Kelley · 11 years ago
  66. 979cdf9 Fix to hostname_cmp, and update to canonicalisation table. RFC 4034 LIES. by Simon Kelley · 11 years ago
  67. dbf7212 Rationalise hostname_cmp() by Simon Kelley · 11 years ago
  68. c5f4ec7 NSEC proof-of-non-existence. by Simon Kelley · 11 years ago
  69. 72ae2f3 Don't validate error returns. by Simon Kelley · 11 years ago
  70. e0c0ad3 UDP retries for DNSSEC by Simon Kelley · 11 years ago
  71. 4619d94 Fix SEGV and failure to validate on x86_64. by Simon Kelley · 11 years ago
  72. 86bec2d Swap crypto library from openSSL to nettle. by Simon Kelley · 11 years ago
  73. 1486a9c Furthet tweak to RRset sort. by Simon Kelley · 11 years ago
  74. 5ada888 RFC 4035 5.3.2 wildcard label rules. by Simon Kelley · 11 years ago
  75. 5f8e58f DNSSEC consolidation. by Simon Kelley · 11 years ago
  76. b6e9e7c Handle digest lengths greater than 1 block. by Simon Kelley · 11 years ago
  77. 60b6806 Rationalise DNS packet-buffer size calculations. by Simon Kelley · 11 years ago
  78. 0fc2f31 First functional DNSSEC - highly alpha. by Simon Kelley · 11 years ago
  79. c3e0b9b backup by Simon Kelley · 11 years ago
  80. 3a23715 Commit to allow master merge. by Simon Kelley · 11 years ago
  81. 8d41ebd Add copyright banners by Giovanni Bajo · 13 years ago
  82. 4f9aefc Don't fight over namespace with re-implementation of strchrnul() by Simon Kelley · 13 years ago
  83. 4b52870 Again make errors greppable. by Giovanni Bajo · 13 years ago
  84. ccd1d32 Make testsuite errors greppable. by Giovanni Bajo · 13 years ago
  85. 75ffc9b Implement RSA-MD5. by Giovanni Bajo · 13 years ago
  86. 3af1ea8 Simplify abstraction of verification algorithms (it was too flexible) by Giovanni Bajo · 13 years ago
  87. ed1fc98 Untangle digestalg from verifyalg; better separation, less code duplication. by Giovanni Bajo · 13 years ago
  88. b58fb39 Since extract_name() does not convert to lowercase, do it temporarly within convert_domain_to_wire(). by Giovanni Bajo · 13 years ago
  89. 0304d28 Parse and match DS records. by Giovanni Bajo · 13 years ago
  90. 32b826e Genericize verifyalg_add_data_domain() (rename to convert_domain_to_wire()). by Giovanni Bajo · 13 years ago
  91. 0937692 Add rdata description for MX. by Giovanni Bajo · 13 years ago
  92. 785ee80 Describe SOA rdata section. by Giovanni Bajo · 13 years ago
  93. f119ed3 Simplify verifyalg_add_rdata() with new canonicalization functions. by Giovanni Bajo · 13 years ago
  94. da23c4f Simplify rrset_canonical_order() with new canonicalization functions. by Giovanni Bajo · 13 years ago
  95. 4885d57 Add rdata canonicalization functions. by Giovanni Bajo · 13 years ago
  96. 0db0e0c Fix a bug in rdlen update while decompressing a name by Giovanni Bajo · 13 years ago
  97. ec2962e Fix the macro names. by Giovanni Bajo · 13 years ago
  98. 0ca895f Fix rrset_canonical_order() to correct handle canonicalization of domain names in RDATA. by Giovanni Bajo · 13 years ago
  99. 6299ffb Start refactoring for correct handling of domain wire-format. by Giovanni Bajo · 13 years ago
  100. 7f0485c verifyalg_add_data_domain: fix for root domain (""). by Giovanni Bajo · 13 years ago