]> git.ipfire.org Git - thirdparty/systemd.git/commit - src/resolve/resolved-dns-dnssec.c
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 96bb767) | patch
resolved: on negative NODATA replies, properly deal with empty non-terminals
authorLennart Poettering <lennart@poettering.net>
Thu, 14 Jan 2016 19:12:29 +0000 (20:12 +0100)
committerLennart Poettering <lennart@poettering.net>
Sun, 17 Jan 2016 19:47:46 +0000 (20:47 +0100)
commitb9282bc12840aff500a334836226f6b8df24926d
treec39fcee6f4a68f984107df899639e88a718776bbtree | snapshot
parent96bb76734d8e1c8520a2456901079610813eac6dcommit | diff
resolved: on negative NODATA replies, properly deal with empty non-terminals

empty non-terminals generally lack NSEC RRs, which means we can deduce their existance only from the fact that there
are other RRs that contain them in their suffix. Specifically, the NSEC proof for NODATA on ENTs works by sending the
NSEC whose next name is a suffix of the queried name to the client. Use this information properly.
src/resolve/resolved-dns-dnssec.c diff | blob | blame | history
src/shared/dns-domain.c diff | blob | blame | history
src/shared/dns-domain.h diff | blob | blame | history
src/test/test-dns-domain.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.