Willem Toorop
276e9fa5f3
Zero size only allowed for non repeating rdfs
2015-07-18 16:59:00 +02:00
Willem Toorop
4f0cf62d37
Set release date
2015-07-17 18:10:57 +02:00
Willem Toorop
433daf7f53
0.3.0 in configure
2015-07-17 18:10:02 +02:00
Willem Toorop
7c83d0f295
{API 0.604] July 2015 release
2015-07-17 18:07:36 +02:00
Willem Toorop
9daaa1638c
One more event callback setting before clearance
2015-07-14 13:42:40 +02:00
Willem Toorop
d4e932890a
Do not reset event callbacks before clearing
2015-07-14 11:54:25 +02:00
Willem Toorop
3c80a8a1af
Check destruction of upstreams in correct way
2015-07-14 11:11:06 +02:00
Willem Toorop
587b320d95
DNS tree was upside down (wording in comments)
...
According to RFC1034 Section 4.2.1., the zone's apex is at the top and delegations at the bottom.
2015-07-14 10:49:00 +02:00
Willem Toorop
554f015931
Deschedule idle_timeouts on context destroy
2015-07-14 10:44:15 +02:00
Willem Toorop
6f21d89e2a
Lookup DS only, for no sigs INSECURE
2015-07-14 10:22:42 +02:00
Willem Toorop
a8adf662d1
Fix memory leak setting transports
2015-07-13 16:39:43 +02:00
Willem Toorop
5c61954427
Fix geting recursive_upstream_servers
2015-07-13 16:22:39 +02:00
Willem Toorop
17faffa664
Ignore 2 more autoconf generated files
2015-07-13 15:42:48 +02:00
Willem Toorop
c7d40e2cbc
Strings in bindata's without '\0' byte
2015-07-13 15:41:40 +02:00
Willem Toorop
12567f5338
Fix compiling with --enable-debug-sched
2015-07-13 11:09:56 +02:00
Willem Toorop
431415bd3d
rm debugging fprintf leftover
2015-07-10 10:18:00 +02:00
Willem Toorop
0d2f3a5bd9
functions and defines to get versions
...
About the library and the API
In both strings and in numbers
2015-07-10 00:57:58 +02:00
Willem Toorop
2884abe870
Allow alternative trust anchors + ...
...
Switch freely between stub and recursive resolving
2015-07-10 00:05:26 +02:00
Willem Toorop
4987a27264
Pretty print TLDs
2015-07-10 00:04:14 +02:00
Willem Toorop
2dab8dd4d6
Fix handling of non specific trust anchors and ...
...
unsported DS digest types
2015-07-09 23:11:56 +02:00
Willem Toorop
254699ad8b
Constants must be in searchable order
2015-07-09 23:11:28 +02:00
Willem Toorop
cacd8951ff
getdns_query -k to test for root trust anchor
...
has exit status 0 on success, 1 otherwise.
2015-07-09 23:10:22 +02:00
Willem Toorop
70857ccc74
Proper handling of system stub query timeouts
2015-07-09 23:09:39 +02:00
Willem Toorop
4135f633ac
Fix invalid memory reads
2015-07-09 15:40:00 +02:00
Willem Toorop
d9fca20f18
Update consts, symbols and dependencies
2015-07-09 14:40:13 +02:00
Willem Toorop
bb20de43bd
Update EDNS0 COOKIE option code
2015-07-09 14:30:11 +02:00
Willem Toorop
c30f64497e
Update ChangeLog
2015-07-09 14:27:22 +02:00
Willem Toorop
423fbdf546
Prepare for 0.3.0 release
2015-07-09 14:05:45 +02:00
Willem Toorop
cea8ae4d11
[API 0.602] getdns_context_set_dns_transport_list
...
And the getdns_context_set_idle_timeout() functions.
2015-07-09 14:00:26 +02:00
Willem Toorop
ec476a9129
getdns_root_trust_anchor up in getdns.h.in
...
So it is on the same spot as where it is in the original specification.
This to ease comparing getdns.h with the API's getdns_code_only.h
2015-07-09 10:37:02 +02:00
Willem Toorop
098e0f19c4
Don't skip points zone cuts with trusted keys
...
A new keyset must be authenticated at every zone cut.
A keyset from an ancecter of the immediate zone may never be used
to authenticate RRsets within a zone.
(Review from Wouter)
2015-07-09 08:15:38 +02:00
Willem Toorop
d87d951874
set ds_signer only when actually signed
2015-07-08 17:15:27 +02:00
Willem Toorop
d4849dc0ba
Fix read of uninitialized memory
...
Not a dangerous one though, but still...
2015-07-08 15:36:39 +02:00
Willem Toorop
e8030b34d2
query_len not used
2015-07-08 15:05:40 +02:00
Willem Toorop
201b6af9a2
clang compiler warnings + 1 bug!
...
Bug is countring insecure answers in util-internal.c
found by clang warning reporting
2015-07-08 13:07:24 +02:00
Willem Toorop
2918c8b472
DSes with best digest + INSECURE on unsupportd alg
...
Adaptations to function ds_authenticates_keys.
With multiple DSes, only the ones with the highest (supported)
digest type will be used to authenticate DNSKEYs.
NO_SUPPORTED_ALGORITHMS will be returned if there were
DSes for a key in the DNSKEY set, but none of them has a supported
digest or algorithm. This leads to dnssec_status INSECURE.
2015-07-08 12:21:04 +02:00
Willem Toorop
a5bacfefcf
memory leak fixes
2015-07-08 11:07:44 +02:00
Willem Toorop
51a04f8f6c
RSAMD5 is deprecated
2015-07-08 00:18:19 +02:00
Willem Toorop
3b45255d1e
Try only closest trust anchors
2015-07-08 00:10:10 +02:00
Willem Toorop
e48b0c7fd7
INSECURE when NSEC3 iteration count too high
...
Fix from Wouter's review
2015-07-07 22:33:53 +02:00
Willem Toorop
4b53d70199
Review from Wouter minor issues
2015-07-07 14:52:32 +02:00
Willem Toorop
e571883811
Fix test for NODATA address_sync lookup
...
hampster.com no longer suitable anymore.
2015-07-07 11:46:52 +02:00
Willem Toorop
83425f959e
Review comments from Wouter
...
Thanks!
2015-07-07 11:15:38 +02:00
Willem Toorop
43980e9020
[API 0.601] CSYNC RR type
2015-07-06 14:14:46 +02:00
Willem Toorop
af23930725
CSYNC rr type
2015-07-06 12:45:08 +02:00
Willem Toorop
55444d07a2
Documentation in comments as a review guideline
2015-07-06 11:57:16 +02:00
Willem Toorop
70edb60f09
Some comment about google public dns
2015-07-04 13:14:16 +02:00
Willem Toorop
0e977ee4fb
rearrangements for documentational reasons
...
+ a fix for opt_out bug
2015-07-04 13:01:16 +02:00
Willem Toorop
7e3fbe547a
Check NSEC3 CE to be without delegations
...
(no DNAME, no NS or, if NS then also SOA)
2015-07-04 10:53:31 +02:00
Willem Toorop
f59b32414c
Three NSEC3 related things:
...
- Better checking for type bits
- NSEC3 Insecure proofs for opt-out on head's
- NSEC3 wildcard NODATA proof
2015-07-04 10:23:02 +02:00