1. 06 Apr, 2016 1 commit
    • Marek Vavrusa's avatar
      trust_anchors: added custom timers, limit history · 5e7591f0
      Marek Vavrusa authored
      new trust anchors variables:
      * trust_anchors.hold_down_time = 30 * day
      * trust_anchors.refresh_time = nil
      * trust_anchors.keep_removed = 0
      
      these could be used to control how often should
      root trust anchors be checked and how many removed
      keys should be kept in log (0 by default)
      5e7591f0
  2. 30 Mar, 2016 1 commit
  3. 29 Mar, 2016 5 commits
  4. 08 Mar, 2016 1 commit
    • Marek Vavrusa's avatar
      daemon: track case when all upstreams fail · 8700f00d
      Marek Vavrusa authored
      previously full timeout led to reset of the evaluated
      address list and no upstream server was penalised
      for not answering the query, this penalises all of
      tried servers with TIMEOUT
      8700f00d
  5. 03 Feb, 2016 3 commits
  6. 30 Jan, 2016 3 commits
  7. 23 Jan, 2016 2 commits
  8. 22 Jan, 2016 5 commits
  9. 21 Jan, 2016 2 commits
  10. 11 Jan, 2016 3 commits
  11. 23 Dec, 2015 1 commit
  12. 17 Dec, 2015 2 commits
  13. 10 Dec, 2015 3 commits
  14. 09 Dec, 2015 2 commits
  15. 08 Dec, 2015 2 commits
  16. 06 Dec, 2015 2 commits
  17. 05 Dec, 2015 1 commit
    • Marek Vavruša's avatar
      daemon: root trust anchors automatically bootstrapped from IANA · 1af623da
      Marek Vavruša authored
      if the root key file doesn’t exist, it will be populated from root DNSKEY query, which will be validated against root trust anchors retrieved over HTTPS with IANA cert verification against built-in current IANA cert CA. it requires luasocket and luasec for it to work. trust anchors XML file signature is not checked, as there’s no facility for PKCS7 checking yet.
      1af623da
  18. 03 Dec, 2015 1 commit