upstream/knot-dns
1
0
Fork 0
mirror of https://gitlab.nic.cz/knot/knot-dns.git synced 2026-02-03 18:49:28 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
19363 commits 142 branches 208 tags 63 MiB
Commit graph

389 commits

Author SHA1 Message Date
Daniel Salzman
edcb6b09f7 conf: change default salt length to 0 2024-11-05 15:12:49 +01:00
Jan Hák
6055b7c9f6 acl: add protocol option to the configuration 2024-09-27 12:41:36 +02:00
Daniel Salzman
e5ef44ce7c doc: update the acl.deny item description 2024-09-04 14:01:02 +02:00
Daniel Salzman
86ecefafdf doc: fix typos 2024-09-03 19:33:47 +02:00
Jan Doskočil
fad9ce9f34 yparser: new time unit specifiers 
w = week
M = month
y = year
 2024-08-24 15:17:53 +02:00
Daniel Salzman
14a7ba8ab3 conf: add 'zone.default-ttl` configuration option 2024-07-19 16:53:55 +02:00
Jan Hák
ad5b7871a1 knotd: add support for DDNS DoT 2024-07-15 22:12:04 +02:00
David Vašek
4a735a2c29 doc: for ACL, use 'action' as the only synonymum for request type 
In Reference, explicitly mention that normal DNS queries are allowed by default.
 2024-05-18 21:09:44 +02:00
Daniel Salzman
4784c4c601 conf: allow empty value for some zone items (references to remotes) 
This allows overriding of corresponding non-empty template items.
 2024-05-16 16:57:54 +02:00
Libor Peltan
ae1289a8d0 implemented keytag-modulo option 2024-05-14 15:44:55 +02:00
Jan Hák
0b09e5a0ac knotd: update TLS credentials on server reload 2024-05-07 07:52:30 +02:00
Libor Peltan
fdad47e267 implemented DoT for queries and XFR 2024-05-07 07:52:29 +02:00
David Vašek
3dd6702b3e doc/reference: where suitable, specify time units explicitly 
Also, fix some additional errors and typos in reference.rst.
 2024-04-29 18:55:05 +02:00
Daniel Salzman
1e9fbcb8d1 conf: add control.backlog configuration option 2024-04-19 14:21:21 +02:00
Daniel Salzman
f6c1a557d7 conf: add options for XDP preferred busy polling 2024-04-04 10:05:39 +02:00
Daniel Salzman
7d4b53a231 conf: add xdp.ring-size configuration option 2024-04-03 21:40:57 +02:00
Daniel Salzman
f5580a401e conf: allow catalog role member in a catalog template 2024-03-08 21:17:40 +01:00
Daniel Salzman
66ab02cc13 dnssec/validation: add limit on non-matching keys with a duplicate keytag 2024-02-27 13:04:04 +01:00
Daniel Salzman
e508ce180c doc: extend dbus-event note with libdbus 2024-02-20 17:03:36 +01:00
Libor Peltan
0f9e91b0e6 doc/zsk-lifetime: some more pedantics to description 2024-02-15 09:47:59 +01:00
Libor Peltan
22a87e180c doc/ds-push: note that may not have effect for already-running roll-over 2024-02-15 09:47:59 +01:00
Daniel Salzman
fe144cd60e doc: some fixes in the reference 2024-02-03 21:14:17 +01:00
Daniel Salzman
213ec5c475 conf: add 'clear' item for configuration sections clearing 2024-01-16 13:48:11 +01:00
Daniel Salzman
890aa3766c doc: fix ksk-lifetime description 2024-01-04 10:23:38 +01:00
Daniel Salzman
f125dd6671 configure: increase minimal GnuTLS version to 3.6.10 
In this version reproducible signing was introduced.
 2023-12-22 17:12:54 +01:00
Daniel Salzman
b263028c71 dnssec/validation: emit dnssec-invalid signal along with RRSIG expiration warning 2023-12-21 11:59:30 +01:00
Libor Peltan
ce1e335c95 dnssec/validation: consider end of RRSIG validitiy... 
...for dnssec-validate that it is longer than rrsig-refresh
...for keymgr offline-ksk, that it's until the next DNSKEY snapshot
 2023-12-21 11:59:30 +01:00
Libor Peltan
4d5baff487 doc: highlight potential culrpits of zonefile-load and journal-content 2023-12-08 15:55:41 +01:00
Daniel Salzman
e4e2b2503f acl: extend 'update-owner-match' with a 'pattern' mode 2023-12-08 09:29:33 +01:00
Daniel Salzman
dd73dc1fd9 dnssec: increase default for 'policy.rrsig-refresh' 
Adding 0.1 * 'rrsig-lifetime' value to the default ensures a time buffer
to address potential issues with DNSSEC signing.
 2023-12-01 08:24:27 +01:00
Daniel Salzman
9f8ba83231 conf: consider more remote.via addresses with the same address family 2023-11-14 13:14:48 +01:00
Libor Peltan
36453358bc doc: DDNS over QUIC already works 2023-10-31 07:01:35 +01:00
Libor Peltan
5a7a008ed0 IXFR: configurable benevolent IXFR 2023-10-18 21:36:22 +02:00
Libor Peltan
e4a2d10df6 implemented ixfr-from-axfr 2023-10-12 11:05:59 +02:00
Daniel Salzman
14dbad9c2b semchecks: remove check for DS at non-delegation point 
It showed that having DS without NS can be convenient for private zones
with DNSSEC:
"Tuomo Soini: Anybody from internet gets NXDOMAIN because public dns servers
 don't know anything about internal zone."

This partially reverts:
 b0da0e1182
 f7b0793f07
 2023-10-04 11:03:31 +02:00
Daniel Salzman
6cd21e6659 doc: add note to quic-outbuf-max-size reference 2023-08-26 09:51:06 +02:00
Daniel Salzman
112682df18 log: replace 'xdp.quic-log' with new 'quic' log module 2023-08-25 12:03:23 +02:00
David Vašek
2a1db05547 doc/reference: add a reference to the PKCS #11 URI Scheme (RFC 7512) 
Changing current <pkcs11-url> to <pkcs11-uri>.
 2023-08-24 17:35:50 +02:00
Daniel Salzman
b85061f2da doc: remove square brackets from 'ddns-master' reference 2023-08-23 12:33:00 +02:00
Libor Peltan
92e6be3cc2 knot: implement dnskey-sync for multi-signer 2023-08-10 10:45:35 +02:00
Libor Peltan
0c475eae4a knot: implemented serial-modulo 2023-07-25 17:58:51 +02:00
Libor Peltan
6043d063e4 quic/requestor: implemented remote pool for session tickets... 
...remote pool refactored t be more general
...saving QUIC(TLS) session tickets into it for faster
outgoing QUIC handshakes
 2023-07-19 19:24:36 +02:00
Daniel Salzman
cb78c175f2 Merge branch 'master_pin_tolerance' into 'master' 
xfr: implement master pinning with tolerance timeout

See merge request knot/knot-dns!1522
 2023-07-18 12:38:39 +02:00
Libor Peltan
e711423f4f xfr: implement master pinning with tolerance timeout 2023-07-18 11:27:49 +02:00
Libor Peltan
be9eecbba1 doc: note again that DDNS does not work over XDP 2023-07-18 08:30:42 +02:00
Libor Peltan
a2feccafa5 quic: block attempts to DDNS over QUIC... 
...as it doesnt work anyway
 2023-07-18 08:30:42 +02:00
Daniel Salzman
2d983bc5c5 doc: add note about zonefile-load to catalog-role reference 2023-07-13 12:49:26 +02:00
Libor Peltan
77f11176b8 dbus: new option keys_updated 2023-06-29 14:19:32 +02:00
David Vašek
1b544988cf doc/reference: make sure relative paths are always clear 2023-06-25 19:32:35 +02:00
David Vašek
98422e90d8 doc/reference: list defaults always in the same place 2023-06-25 19:26:16 +02:00