1. 30 Jul, 2020 1 commit
    • Michal Nowak's avatar
      Drop $SYSTEMTESTTOP from bin/tests/system/ · 093af1c0
      Michal Nowak authored
      The $SYSTEMTESTTOP shell variable if often set to .. in various shell
      scripts inside bin/tests/system/, but most of the time it is only
      used one line later, while sourcing conf.sh. This hardly improves
      code readability.
      
      $SYSTEMTESTTOP is also used for the purpose of referencing
      scripts/files living in bin/tests/system/, but given that the
      variable is always set to a short, relative path, we can drop it and
      replace all of its occurrences with the relative path without adversely
      affecting code readability.
      093af1c0
  2. 10 May, 2019 1 commit
    • Michał Kępień's avatar
      Make NTAs work with validating forwarders · 5e804882
      Michał Kępień authored
      If named is configured to perform DNSSEC validation and also forwards
      all queries ("forward only;") to validating resolvers, negative trust
      anchors do not work properly because the CD bit is not set in queries
      sent to the forwarders.  As a result, instead of retrieving bogus DNSSEC
      material and making validation decisions based on its configuration,
      named is only receiving SERVFAIL responses to queries for bogus data.
      Fix by ensuring the CD bit is always set in queries sent to forwarders
      if the query name is covered by an NTA.
      5e804882
  3. 19 Mar, 2019 1 commit
  4. 10 Dec, 2018 2 commits
  5. 16 May, 2018 1 commit
  6. 23 Feb, 2018 2 commits
  7. 22 Feb, 2018 1 commit
  8. 24 Apr, 2017 1 commit
  9. 21 Apr, 2017 1 commit
  10. 27 Jun, 2016 1 commit
  11. 06 Feb, 2015 2 commits
    • Tinderbox User's avatar
      update copyright notice / whitespace · 29756974
      Tinderbox User authored
      29756974
    • Evan Hunt's avatar
      [master] 5011 tests and fixes · 591389c7
      Evan Hunt authored
      4056.	[bug]		Expanded automatic testing of trust anchor
      			management and fixed several small bugs including
      			a memory leak and a possible loss of key state
      			information. [RT #38458]
      
      4055.	[func]		"rndc managed-keys" can be used to check status
      			of trust anchors or to force keys to be refreshed,
      			Also, the managed keys data file has easier-to-read
      			comments.  [RT #38458]
      591389c7
  12. 07 Jul, 2014 1 commit
  13. 18 Jun, 2014 1 commit
    • Evan Hunt's avatar
      [master] complete NTA work · b8a96323
      Evan Hunt authored
      3882.	[func]		By default, negative trust anchors will be tested
      			periodically to see whether data below them can be
      			validated, and if so, they will be allowed to
      			expire early. The "rndc nta -force" option
      			overrides this behvaior.  The default NTA lifetime
      			and the recheck frequency can be configured by the
      			"nta-lifetime" and "nta-recheck" options. [RT #36146]
      b8a96323
  14. 30 May, 2014 1 commit
    • Evan Hunt's avatar
      [master] rndc nta · 0cfb2473
      Evan Hunt authored
      3867.	[func]		"rndc nta" can now be used to set a temporary
      			negative trust anchor, which disables DNSSEC
      			validation below a specified name for a specified
      			period of time (not exceeding 24 hours).  This
      			can be used when validation for a domain is known
      			to be failing due to a configuration error on
      			the part of the domain owner rather than a
      			spoofing attack. [RT #29358]
      0cfb2473
  15. 07 May, 2014 1 commit
  16. 10 Apr, 2014 1 commit
  17. 21 Jan, 2014 2 commits
  18. 05 Sep, 2013 1 commit
  19. 04 Sep, 2013 1 commit
  20. 29 Jun, 2012 3 commits
  21. 15 Feb, 2011 1 commit
  22. 04 Jan, 2011 1 commit
  23. 03 Jan, 2011 1 commit
  24. 27 Oct, 2009 1 commit
  25. 02 Mar, 2009 2 commits
  26. 19 Jun, 2007 1 commit
  27. 18 Jun, 2007 1 commit
  28. 10 Mar, 2004 1 commit
  29. 05 Mar, 2004 1 commit
  30. 09 Jan, 2001 1 commit
  31. 08 Aug, 2000 1 commit
  32. 01 Aug, 2000 1 commit
  33. 27 Jul, 2000 1 commit