upstream/knot-dns
1
0
Fork 0
mirror of https://gitlab.nic.cz/knot/knot-dns.git synced 2026-02-03 18:49:28 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
19669 commits 142 branches 208 tags 63 MiB
Commit graph

974 commits

Author SHA1 Message Date
David Vašek
749d3cde96 tests-extra: dnssec/dnskey_sync -- avoid infinite loop 2025-07-15 11:21:15 +02:00
Daniel Salzman
f678afc03d tests-extra: improve stability of dnssec/keystores 2025-07-02 12:06:45 +02:00
Libor Peltan
34cb1aef7c dnssec/multi-keystore: implemented ksk-only keystore... 
...so that KSKs and ZSKs can be in distinct keystores
 2025-07-01 10:51:18 +02:00
Libor Peltan
415f5bf88e dnssec: implemented multi-keystore option... 
...useful e.g. for hsm-to-pem migration
 2025-07-01 08:42:04 +02:00
Daniel Salzman
d10c345bf3 tests-extra: attempt to fix tls/quic xfr tests 2025-06-26 13:52:06 +02:00
Daniel Salzman
342f4466a1 tests-extra: improve stability of quic/xfr under Valgrind 2025-06-24 10:27:41 +02:00
Daniel Salzman
9f0f79779a server: purge sessticket_pool on server reload if creds changed 2025-06-23 17:55:14 +02:00
Jan Doskočil
261c378b74 conf: implemented certificate hostname validation 2025-06-23 17:55:14 +02:00
Daniel Salzman
1cec5a5fb0 dnskey-sync: use deterministic jitter always if keytag-modulo is configured 2025-05-30 12:44:57 +02:00
Daniel Salzman
b95b792222 dnskey-sync: add jitter to scheduled event to minimize race condition 2025-05-26 10:17:42 +02:00
Libor Peltan
da0e3b0d95 dnskey sync: skip rrs with different keytag modulo 2025-05-26 10:17:42 +02:00
Libor Peltan
31dd087d76 xfr/slave-sign: independent SOA serial series on slave-side 2025-05-21 12:27:22 +02:00
Daniel Salzman
5e34fd81d2 modules: allow zone-reload/reload to fail due to module configuration errors 
Based on https://github.com/CZ-NIC/knot/pull/34
 2025-05-12 16:22:30 +02:00
Libor Peltan
e43440cefc nameserver/XFRout: multi-msg locked by rwlock instead RCU... 
...prevents locking updates to unrelated zones as well
 2025-04-28 08:47:57 +02:00
Jan Doskočil
43fef05180
tests: fix a typo 2025-04-24 15:18:03 +02:00
Libor Peltan
6be870f0bf implemented multi-socket CTL... 
...with each socket handled by a thread
 2025-04-14 18:07:52 +02:00
Daniel Salzman
fed77c1cc7 ctl: add missing rdata canonicalization to zone-(un)set 2025-04-14 13:10:14 +02:00
Libor Peltan
9d5dd57981 fix TLS/0-RTT server-side by removing nonsensial relict +test 2025-04-08 18:06:02 +02:00
Libor Peltan
6ccf2243cf auto-reverse zones: implemented support for multiple... 
...forward zones to be reversed
 2025-04-04 20:41:27 +02:00
Libor Peltan
5e937e081d keymgr: tolerate - versus _ in commands 2025-03-25 10:30:18 +01:00
Libor Peltan
7fd0221374 dnssec: bugfix: block accepting DS submission in manual policy 2025-03-25 08:24:43 +01:00
Libor Peltan
c7e0d925e1 dnssec: moved last_signed_serial from kaspDB to timers... 
...to gain performance with many zones signing at once
 2025-03-17 08:31:29 +01:00
Libor Peltan
dc325e87d5 zone/skip: also applies to zone diff computation 2025-03-12 12:37:59 +01:00
Libor Peltan
f8472acb5f implemented zonefile-skip option 2025-03-12 08:43:36 +01:00
Daniel Salzman
0473328611 tests-extra: increase robustness of edns/nsid 2025-02-14 12:39:32 +01:00
Libor Peltan
58c25f944a tests: fixing slow run with all valgrind flags 2025-02-11 12:11:13 +01:00
Libor Peltan
daf9f6d0f5 implemented SOA serial shift for backup-signer op 2025-02-08 13:57:56 +01:00
Daniel Salzman
c476ed6cb7 ddns: allow initial update to empty zone 2025-02-06 21:28:36 +01:00
Daniel Salzman
0be611ae41 sem-checks: fix DNAME at the zone apex check if active NSEC3 2025-01-16 10:51:34 +01:00
Daniel Salzman
020c84e622 ctl: improve error detection and send an error message to the client 2025-01-08 14:14:31 +01:00
Libor Peltan
5b457116db ctl: fix ctl stuck when abort sent to nonexisting conf txn... 
...this appeared as a regression when implementing concurrent CTL
 2025-01-08 12:30:01 +01:00
David Vašek
1cc5bdba00 tests-extra: remove superfluous C-style semicolons from Python code 2024-12-26 01:13:42 +01:00
Libor Peltan
f884b63c9e tests: added max TTL test with signing and incremental realod 2024-12-19 09:57:08 +01:00
David Vašek
5238477dcb tests-extra: zone/expire -- fix a typo 2024-12-18 09:35:12 +01:00
Libor Peltan
1c8518a337 tests: compatibility with new Bind9 2024-11-25 10:15:45 +01:00
Daniel Salzman
1ffe8d5db9 zone: don't purge times.catalog_member if still a member zone 2024-11-22 13:02:13 +01:00
Jan Hák
556a19cf07 knotd: expiration aborts transaction in progress 2024-11-18 15:55:49 +01:00
Libor Peltan
d6c68c9d41 nameserver: add check for \0 bytes in QNAME labels and respond it as NXDOMAIN ... 
if it doens't exactly match a node owner.
 2024-11-15 08:07:25 +01:00
Daniel Salzman
edcb6b09f7 conf: change default salt length to 0 2024-11-05 15:12:49 +01:00
Daniel Salzman
3808bf265d nameserver: add explicit check for root's DS queries 2024-10-29 14:36:43 +01:00
Jan Hák
1483e4414e mod-cookies: secondary cookie secret 2024-10-26 15:57:22 +02:00
Libor Peltan
e4aa69fe67 tests: add XoT (XFR over TLS) interop with Bind9 2024-10-23 13:42:43 +02:00
Libor Peltan
474eb83d82 log/dnssec: warn upon every incremental if full had failed 2024-10-18 08:18:21 +02:00
Daniel Salzman
a0ad3de5e6 tests-extra: stabilize dnssec/expire 2024-10-10 10:36:49 +02:00
Daniel Salzman
4d6d4f8ece dnssec: fix zone expiration based on EXPIRE if zone signing results in up-to-date 2024-10-07 13:19:17 +02:00
Daniel Salzman
40e188ab62 tests-extra: add test for ACL configuration 2024-09-27 12:44:40 +02:00
Libor Peltan
42f3d8522f tests: flush before random_ddns() to ensure clean zonefile format 2024-09-12 15:04:15 +02:00
David Vašek
977851111d tests-extra: zone/backup_lock -- check '+keysonly' backup/restore 2024-09-12 11:40:37 +02:00
Daniel Salzman
c55625adf8 Merge branch 'tests_ddns_unify' into 'master' 
tests: all DDNS: randomize, unify and fix protocols and knsupdate usage...

See merge request knot/knot-dns!1708
 2024-09-06 09:52:05 +02:00
Libor Peltan
ce059162d7 ctl/zone-status: print since when event is running/pending/frozen 2024-09-04 15:52:38 +02:00