system/systemd
system/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd synced 2024-10-02 22:37:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
24209 commits 3 branches 389 tags 508 MiB
C 89%
Python 5.3%
Shell 4.4%
Meson 1.2%
Find a file
Lennart Poettering 0c7bff0acc resolved: properly look for NSEC/NSEC3 RRs when getting a positive wildcard response 
This implements RFC 5155, Section 8.8 and RFC 4035, Section 5.3.4:

When we receive a response with an RRset generated from a wildcard we
need to look for one NSEC/NSEC3 RR that proves that there's no explicit RR
around before we accept the wildcard RRset as response.

This patch does a couple of things: the validation calls will now
identify wildcard signatures for us, and let us know the RRSIG used (so
that the RRSIG's signer field let's us know what the wildcard was that
generate the entry). Moreover, when iterating trough the RRsets of a
response we now employ three phases instead of just two.

a) in the first phase we only look for DNSKEYs RRs
b) in the second phase we only look for NSEC RRs
c) in the third phase we look for all kinds of RRs

Phase a) is necessary, since DNSKEYs "unlock" more signatures for us,
hence we shouldn't assume a key is missing until all DNSKEY RRs have
been processed.

Phase b) is necessary since NSECs need to be validated before we can
validate wildcard RRs due to the logic explained above.

Phase c) validates everything else. This phase also handles RRsets that
cannot be fully validated and removes them or lets the transaction fail.
2016-01-11 19:39:59 +01:00
catalog Add initial Hungarian message catalog translation 2016-01-02 23:17:27 +01:00
coccinelle coccinelle: additional errno.cocci hunk 2015-11-09 20:01:06 +01:00
docs docs: add .gitignore 2015-07-06 17:47:38 +02:00
factory/etc factory: remove broken pam_limits 2014-07-30 15:21:54 +02:00
hwdb keymap: remap microphone mute keycode for Lenovo Thinkcentre M800z 2016-01-06 04:02:32 +01:00
m4 build-sys: Check behavior of -Werror=shadow before deciding to use it 2015-09-22 09:54:33 -07:00
man doc typo, src: systemd/src/journal-remote/journal-gatewayd.c 2016-01-11 16:38:35 +01:00
network networkd: emit DNS/NTP/Timezone info via DHCP server by default 2015-08-27 16:47:26 +02:00
po Updated Ukrainian translation 2016-01-11 13:55:48 +02:00
rules rfkill: rework and make it listen on /dev/rfkill 2015-10-01 16:21:09 +02:00
shell-completion importd: drop dkr support 2015-12-10 16:54:41 +01:00
src resolved: properly look for NSEC/NSEC3 RRs when getting a positive wildcard response 2016-01-11 19:39:59 +01:00
sysctl.d sysctl: use %P instead of %p in core pattern 2015-11-17 17:32:49 +01:00
system-preset preset: enable machines.target by default 2014-12-29 17:36:57 +01:00
sysusers.d build: fix systemd-journal-upload installation 2015-12-09 03:48:56 +00:00
test tests: add regression test for systemctl restart systemd-journald 2015-12-30 05:00:14 +00:00
tmpfiles.d tmpfiles: set acls on system.journal explicitly 2015-11-29 23:38:09 -05:00
tools man: include the target name when linking to man pages in html output 2015-11-22 23:54:29 -05:00
units kmod-static-nodes: don't run if module list is empty 2016-01-11 16:26:17 +01:00
xorg login: support user-bus on dbus1 2015-08-31 18:12:37 +02:00
.dir-locals.el Keep emacs configuration in one configuration file. 2011-03-08 01:53:46 +01:00
.editorconfig add editorconfig configuration 2015-11-23 12:32:59 +01:00
.gitattributes git: indicate that tabs are never OK in the systemd tree 2013-10-30 02:25:38 +01:00
.gitignore Merge pull request #2115 from dvdhrm/rbtree 2015-12-08 17:31:09 +01:00
.mailmap NEWS: add more stuff, and reorder things a bit 2015-11-13 13:59:50 +01:00
.travis.yml remove gudev and gtk-doc 2015-06-03 00:22:53 +02:00
.vimrc vimrc: add warning about dangerous exrc mode 2015-11-23 19:31:00 +01:00
.ycm_extra_conf.py ycm: update flag blacklist 2014-06-04 15:41:10 -04:00
autogen.sh terminal: drop unfinished code 2015-07-27 20:15:34 +02:00
CODING_STYLE CODING_STYLE: elaborate on usage of C99 fixed size integer types 2015-11-10 17:31:30 +01:00
configure.ac build-sys: refactor have_smack detection 2015-12-12 06:08:25 +00:00
DISTRO_PORTING build-sys: warn if people don't change the default NTP servers when building systemd 2015-07-11 14:24:29 -03:00
LICENSE.GPL2 relicense to LGPLv2.1 (with exceptions) 2012-04-12 00:24:39 +02:00
LICENSE.LGPL2.1 licence: remove references to old FSF address 2012-12-17 11:41:31 +01:00
Makefile-man.am man: add documentation for dnssec-trust-anchors.d(5) 2016-01-05 14:20:27 +01:00
Makefile.am Merge pull request #2276 from poettering/dnssec12 2016-01-07 15:05:58 +01:00
NEWS NEWS: add in missing NEWS entry for 228 feature RemainAfterElapse= 2015-11-18 17:04:04 +01:00
README README: Recommend kinvolk regarding engineering services 2015-12-10 11:57:08 +01:00
README.md README.md: add Coverity scan status badge 2015-06-08 13:26:54 +02:00
TODO Merge pull request #2096 from teg/resolved-cache 2015-12-10 20:48:42 +01:00

README.md

systemd - System and Service Manager

Build Status
Coverity Scan Status

Details

  • General information about systemd can be found in the systemd Wiki
  • Information about build requirements are provided in the README file