interesting
/
getdns
mirror of https://github.com/getdnsapi/getdns.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,038 Commits 58 Branches 69 Tags 14 MiB
Commit Graph

1038 Commits

Author SHA1 Message Date
Willem Toorop 2f16433532 [API 0.396] validate_dnssec signature change 
The record to validate is a list containing the rr-dict of the rr to validate, plus rr-dicts for the rrsigs.
 2014-02-18 14:53:42 +01:00
Willem Toorop 0b520c0f80 [API 0.395] rcodes, opcodes and classes defines 2014-02-18 14:50:27 +01:00
Willem Toorop 16b3c2ba31 [API 0.394] bindata dns_name in convert funcs 2014-02-18 14:47:35 +01:00
Willem Toorop e9d70dc030 Return INVALID_PARAMETER when upstreams is NULL 2014-02-18 14:38:46 +01:00
Willem Toorop 8a2e3937c6 Handle DNSSEC policies on the packet/reply level 
- All DNSSEC extension add the "dnssec_status" to the reply dicts.

- With "dnssec_return_status" and "dnssec_return_only_secure", the
  "status" in the response dict is GETDNS_RESPSTATUS_NO_NAME when all
  replies are NXDOMAIN and/or BOGUS.

- With "dnssec_return_only_secure", the "status" in the response dict
  is GETDNS_RESPSTATUS_NO_SECURE_ANSWERS when non of the replies are
  SECURE, even when all were NXDOMAIN.

- When "dnssec_return_validation_chain" is set, besides the validation
  chain, all replies are returned, even when other DNSSEC extensions
  are set that would otherwise exclude these replies.  This is the only
  modus were one can observe the "dnssec_status" to be
  GETDNS_DNSSEC_BOGUS.

- When the "dnssec_return_status" extension is set (and
  "dnssec_return_validation_chain" is not), only non-bogus replies
  are returned.

- When the "dnssec_return_only_secure" extension is set (and
  "dnssec_return_validation_chain" is not), only secure
  replies are returned.
 2014-02-17 14:54:13 +01:00
W.C.A. Wijngaards bbdf91de9f Use compiler detected by configure (portability test on Minix). 2014-02-14 11:40:23 +01:00
Willem Toorop df32c65c0f Synchronous dnssec_return_validation_chain support 2014-02-13 12:28:55 +01:00
Willem Toorop 703ed14d28 No RETURN_GOOD with uninited rr in create_opt_rr 
rr-dict.c: In function 'priv_getdns_append_opt_rr':
rr-dict.c:1353:28: warning: 'opt_rr' may be used uninitialized in this function [-Wuninitialized]
 2014-02-13 10:23:06 +01:00
Willem Toorop 758b6279b2 GETDNS_RESPSTATUS_NO_NAME only with none NOERROR 
So you can have zero answers and a GETDNS_RESPSTATUS_GOOD return status.
 2014-02-13 10:19:16 +01:00
Willem Toorop 6beb98db62 Merge branch 'develop' of github.com:verisign/getdns into develop 2014-02-12 23:11:29 +01:00
Willem Toorop 7e2bc9771a Pretty print constant names for values 
With the "status", "dnssec_status" and "answer_type" keys.
 2014-02-12 23:10:29 +01:00
Neel Goyal ec7fc42ce0 Merge branch 'develop' of github.com:verisign/getdns into develop 2014-02-12 16:40:10 -05:00
Neel Goyal 22fa1101bb Add OPT Record parsing support 2014-02-12 16:39:55 -05:00
Willem Toorop b6856eb620 Missing things in previous commit 2014-02-12 22:03:28 +01:00
Willem Toorop 80199ecc97 Enable showing text of other codes that return_t 2014-02-12 22:01:53 +01:00
Willem Toorop b6c9b25fc7 dnssec_status & dnssec_return_only_secure exts. 2014-02-12 21:00:58 +01:00
Willem Toorop edf1da405f Only set default trust anchor file when it is good 2014-02-12 14:50:00 +01:00
Willem Toorop 340655330b Re-enabled stub resolution 
Also re-indented the prepare_for_resolution and ub_setup_stub functions
Sorry for that.
 2014-02-12 12:37:05 +01:00
Willem Toorop a3f50a6d86 Test accessibility of trust anchor before adding 2014-02-11 22:53:10 +01:00
Willem Toorop 8fd8c9cf98 Merge branch 'develop' of github.com:verisign/getdns into develop 2014-02-11 22:43:55 +01:00
Nitin Singh c3f4d3f2ce fix return type 2014-02-11 16:43:00 -05:00
Willem Toorop c51e597410 Configure option for trust anchor & dnssec_status 2014-02-11 22:42:21 +01:00
Nitin Singh c9b3ed898e fix merge issue 2014-02-11 16:39:35 -05:00
W.C.A. Wijngaards b84c13748c Review change in configure output messages: dependency libidn. 2014-02-11 15:14:02 +01:00
Willem Toorop 67319659af Merge branch 'develop' of github.com:verisign/getdns into develop 2014-02-11 10:19:26 +01:00
Willem Toorop 7efae028b0 Eliminate use of uninitialized variable warning 2014-02-11 10:18:41 +01:00
W.C.A. Wijngaards 168f76e38a remove bzero usage (portability). 2014-02-11 10:01:23 +01:00
Willem Toorop 563c2a5335 Make time compare portabel + missing includes 2014-02-11 09:57:19 +01:00
Willem Toorop c6bbb5f813 Merge branch 'develop' of github.com:verisign/getdns into develop 2014-02-11 09:37:39 +01:00
Glen Wiley bdff98ffb3 steps toward proper support of namespaces and system files 2014-02-10 19:59:45 -05:00
Willem Toorop 2a6f73ed3c Cleanup programming style in tests_dnssec 2014-02-10 17:00:08 +01:00
Willem Toorop b9bc90a986 event_base_loopexit from callback was fine! 2014-02-10 15:45:07 +01:00
Willem Toorop 90edb54f2b Fix memory leaks and double frees (my own code) 2014-02-10 15:34:18 +01:00
Willem Toorop 7984680e70 Remove last unbound-event.h include 
For stock unbound support
 2014-02-10 14:17:30 +01:00
Willem Toorop 0a4746c92b [API 0.393] Document howto unset context update cb 2014-02-10 09:58:25 +01:00
Willem Toorop b19a536453 [API 0.392] Add missing ANY RRTYPE 2014-02-09 22:08:36 +01:00
Willem Toorop 312d97916d [API 0.391] GETDNS_BAD_CONTEXT for broken contexts 
not for bad values
 2014-02-09 22:07:53 +01:00
Willem Toorop db2556fb5d move to enum types leftovers in tests 2014-02-09 21:58:50 +01:00
Willem Toorop d118ccc31e make setter "child" values const 
Because they're copied and thus not altered
 2014-02-09 21:41:26 +01:00
Willem Toorop 20853601a6 use enum types where possible 
following API 0.387 (commit 13571e02f1)
 2014-02-09 17:46:12 +01:00
Willem Toorop 0bbc6fd8b3 Merge branch 'develop' of github.com:verisign/getdns into develop 2014-02-09 15:17:09 +01:00
Nitin Singh 527b750b7e add some more new test and fix auto merge issue on git pull 2014-02-08 11:42:54 -05:00
Willem Toorop 5946fc7532 [API 0.390] example code dereference bug 2014-02-08 16:08:43 +01:00
Willem Toorop 8fb5ebf10d [API 0.389] timeout in uint64_t millisecs. 
And skew back to seconds (bug)
 2014-02-08 16:07:49 +01:00
Willem Toorop f8ac9132ba Merge branch 'feature/validate_dnssec' into develop 2014-02-07 23:03:54 +01:00
Willem Toorop e6da267b21 Match DS with DNSKEY and return validation status 2014-02-07 23:02:10 +01:00
Willem Toorop 649814f0e3 validate_dnssec does some chasing 
But not completely ...
 2014-02-07 15:00:59 +01:00
Neel Goyal f6760fc94c Add timeout test. 2014-02-06 22:40:36 -05:00
Willem Toorop c5a83047d6 Merge branch 'develop' into feature/validate_dnssec 2014-02-06 22:12:02 +01:00
Willem Toorop 576b81af48 More solid rr-dict to ldns_rr conversion 
First steps in validate_dnssec
 2014-02-06 22:09:00 +01:00