Michał Kępień c6bf43a821 Make NTAs work with validating forwarders ... If named is configured to perform DNSSEC validation and also forwards all queries ("forward only;") to validating resolvers, negative trust anchors do not work properly because the CD bit is not set in queries sent to the forwarders. As a result, instead of retrieving bogus DNSSEC material and making validation decisions based on its configuration, named is only receiving SERVFAIL responses to queries for bogus data. Fix by ensuring the CD bit is always set in queries sent to forwarders if the query name is covered by an NTA. (cherry picked from commit 5e80488270)		2019-05-09 20:37:37 -07:00
..
bind9	warn about the use of trusted-keys and managed-keys for the same name	2019-05-08 21:59:35 -07:00
dns	Make NTAs work with validating forwarders	2019-05-09 20:37:37 -07:00
irs	documentation changes establishing the 9.14 stable branch	2019-02-27 18:06:35 -05:00
isc	clear pointer before hash table	2019-05-07 11:07:32 +10:00
isccc	improve clang / cmocka integration	2019-03-05 10:42:01 -08:00
isccfg	add the ability to control whether SOA records are added response-policy modified answers	2019-03-07 13:29:11 -08:00
ns	only test provideixfr if the transport is TCP	2019-05-07 13:43:14 +10:00
samples	Add @OPENSSL_LIB@ to Windows project files as needed	2018-08-10 16:45:00 +02:00
win32/bindevt	address win32 build issues	2018-05-22 16:32:21 -07:00
.gitignore	added gitignore, removed cvsignore	2012-03-03 23:10:05 -08:00
Kyuafile	link in lib/isccc/tests/Kyuafile	2018-11-13 07:23:36 +11:00
Makefile.in	remove lib/tests as nothing uses it anymore	2018-03-09 14:12:50 -08:00