upstream/knot-dns
1
0
Fork 0
mirror of https://gitlab.nic.cz/knot/knot-dns.git synced 2026-02-03 18:49:28 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
19669 commits 142 branches 208 tags 63 MiB
Commit graph

1410 commits

Author SHA1 Message Date
Daniel Salzman
6d79f78d3b doc: improve description of reverse-generate 2025-07-25 13:32:20 +02:00
Daniel Salzman
103e315fb1 keymgr: update help and documentation 2025-07-21 14:24:21 +02:00
Libor Peltan
a47773cfe6 keymgr: implement key for-auto key pregeneration 2025-07-21 14:20:48 +02:00
Libor Peltan
6169020ec3 Merge branch 'notify-delay-new' into 'master' 
Rework notify-delay to be more practical and consistent with Bind

See merge request knot/knot-dns!1789
 2025-07-16 20:51:02 +02:00
Daniel Salzman
8c59b46adb conf: rework notify-delay to be more practical and consistent with Bind 2025-07-14 07:53:48 +02:00
David Vašek
6d628be655 doc/operation: update the XDP section to TCP and QUIC protocols 2025-07-10 13:40:49 +02:00
Libor Peltan
34cb1aef7c dnssec/multi-keystore: implemented ksk-only keystore... 
...so that KSKs and ZSKs can be in distinct keystores
 2025-07-01 10:51:18 +02:00
Libor Peltan
415f5bf88e dnssec: implemented multi-keystore option... 
...useful e.g. for hsm-to-pem migration
 2025-07-01 08:42:04 +02:00
Daniel Salzman
6dce07a796 refresh: establish a new TCP connection for XFR if no-edns is set 2025-06-27 14:29:19 +02:00
Daniel Salzman
342f4466a1 tests-extra: improve stability of quic/xfr under Valgrind 2025-06-24 10:27:41 +02:00
Daniel Salzman
326525dbbe Merge branch 'knotd-cert-ca' into 'master' 
remote/acl TLS certificate validation

See merge request knot/knot-dns!1779
 2025-06-23 18:19:04 +02:00
Jan Doskočil
261c378b74 conf: implemented certificate hostname validation 2025-06-23 17:55:14 +02:00
Daniel Salzman
0182d2b687 kdig: add an example for RFC4892 to documentation 2025-06-14 20:48:18 +02:00
Daniel Salzman
423cbe075f zonemd: emit 'dnssec-invalid' dbus event when validation fails 2025-05-30 13:50:19 +02:00
Daniel Salzman
1464b18288 kzonecheck: consider zone file name with origin auto-detection 
Partially revert 38f65806dd
 2025-05-30 13:16:37 +02:00
Libor Peltan
b26610e0ee logging: alg/ksk roll: inform about pre-scheduled retirement after DS TTL 2025-05-26 10:17:42 +02:00
Libor Peltan
da0e3b0d95 dnskey sync: skip rrs with different keytag modulo 2025-05-26 10:17:42 +02:00
Jan Doskočil
b753ba3ca5 conf: implement notify-delay option 2025-05-22 08:16:44 +02:00
Daniel Salzman
b07bb63d20 tls: DEBUG: print Subject Alternative Name 
Based on https://github.com/CZ-NIC/knot/pull/31
 2025-05-19 14:57:04 +02:00
Daniel Salzman
38f65806dd kzonecheck: use SOA owner from zone file as origin if not specified 2025-05-12 16:33:49 +02:00
Libor Peltan
8f06214d68 doc: zone/reverse: some more description 2025-05-06 15:35:49 +02:00
Jan Hák
fc8e95e5ec kzonecheck: support specified job count 2025-05-05 14:19:50 +02:00
Daniel Salzman
dfa9a21a9f docker: add knotd restart to the example 2025-04-23 11:31:23 +02:00
Libor Peltan
6be870f0bf implemented multi-socket CTL... 
...with each socket handled by a thread
 2025-04-14 18:07:52 +02:00
Libor Peltan
e82d2618da kdig: implemented message read delay... 
...in order to debug slow XFRs and their interferences
 2025-04-14 17:31:02 +02:00
Jan Doskočil
929aa4325d doc/knot.conf: cert-key doesnt rule out TLS 2025-04-14 12:25:09 +02:00
David Vašek
3afa58d3a9 doc/kdig: mark options enabled by default with (*) only 2025-04-11 07:09:42 +02:00
David Vašek
64d5c14d31 kdig: document in man and in in-line help what options are turned on by default 2025-04-08 15:27:23 +02:00
Daniel Salzman
39f95aa70e kdig: change +[no]dnssec as alias to new +[no]doflag option 2025-04-07 12:32:16 +02:00
Libor Peltan
6ccf2243cf auto-reverse zones: implemented support for multiple... 
...forward zones to be reversed
 2025-04-04 20:41:27 +02:00
Daniel Salzman
59e67d4e39 knotd: don't use SO_REUSEPORT on a listening UNIX socket 
As it fails with kernels ~6.11.0-21. It doesn't make sense anyway.
 2025-04-03 10:19:36 +02:00
Daniel Salzman
4d36046987 conf: set 'hmac-sha256' as the default TSIG key algorithm 2025-03-31 12:30:03 +02:00
Daniel Salzman
a4da7526eb doc: update links to samples 2025-03-25 11:44:35 +01:00
Daniel Salzman
d3beffbd73 doc: add missing value list in cds-digest-type reference 2025-03-25 11:36:44 +01:00
Daniel Salzman
9dba50a1c2 doc: update keymgr algorithm specification 2025-03-25 11:36:09 +01:00
Daniel Salzman
d391668485 doc: relicense to GPL-2.0-or-later 2025-03-24 09:53:50 +01:00
Daniel Salzman
4d71cadc22 doc: update copyright 2025-03-24 09:53:50 +01:00
David Vašek
8b66a92ea2 doc/operation: in logging section, change the text highlight type to avoid possible confusion 2025-03-20 07:36:39 +01:00
Libor Peltan
dc325e87d5 zone/skip: also applies to zone diff computation 2025-03-12 12:37:59 +01:00
Libor Peltan
f8472acb5f implemented zonefile-skip option 2025-03-12 08:43:36 +01:00
Libor Peltan
f66c2b7c74 doc: serial modulo/shift enhancements 2025-02-08 13:57:56 +01:00
David Vašek
0e2ef5e061 doc/knotc: highlight recently added keywords as others are 2025-02-04 17:17:26 +01:00
Daniel Salzman
9ba1e7e93b doc: update features 2025-02-04 13:12:38 +01:00
Daniel Salzman
f3df7da21d kdig: add +[no]zoneversion support 2025-01-20 12:43:04 +01:00
Hynek Šabacký
f5f1e4d063 doc: update network adapters in XDP pre-requisities 2025-01-17 11:13:43 +01:00
Daniel Salzman
29a3c46f97 doc: update year to 2025 2025-01-08 14:25:36 +01:00
Jan Doskočil
4ef89231a7 doc: knotc: describe the force option for zone-flush 2025-01-02 14:28:32 +01:00
Libor Peltan
3497020765 doc: improvements in key management section 2024-12-04 15:20:53 +01:00
David Vašek
363f9282ba doc/operation: mention the use of the force option for overwriting failed backup 2024-11-18 15:04:22 +01:00
Daniel Salzman
edcb6b09f7 conf: change default salt length to 0 2024-11-05 15:12:49 +01:00