upstream/knot-dns
1
0
Fork 0
mirror of https://gitlab.nic.cz/knot/knot-dns.git synced 2026-04-27 09:06:39 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
19363 commits 153 branches 210 tags 58 MiB
Commit graph

68 commits

Author SHA1 Message Date
Daniel Salzman
edcb6b09f7 conf: change default salt length to 0 2024-11-05 15:12:49 +01:00
Libor Peltan
65d2b862b3 tests: all DDNS: randomize, unify and fix protocols and knsupdate usage... 
...also in interference with XDP
 2024-09-04 15:50:32 +02:00
Libor Peltan
b0a5665ee2 tests/ddns: disable XDP if QUIC as it's the same port and DDNS won't work 2024-08-06 18:20:51 +02:00
Libor Peltan
46b621895a test: ensure distinct random labels 2024-07-31 10:50:17 +02:00
Libor Peltan
121ce227f2 test/ddns: fixed escaping of backslash 2024-07-22 11:23:36 +02:00
Jan Hák
94447d17eb tests-extra: add random knsupdate and protocol selection to some DDNS tests 2024-07-15 22:12:04 +02:00
Daniel Salzman
1d16c453db nameserver: add TSIG key name to event and nameserver logs 2024-06-06 09:47:53 +02:00
Libor Peltan
fb01e0259f DDNS: NSEC3PARAM handling in pre-check... 
both non-apex addition and second-NSEC3PARAM addition handled as REFUSED
and not impacting the update-bulk processing
 2024-01-12 11:57:59 +01:00
Libor Peltan
475f236321 DDNS: unify DNAME semantic errors with CNAME's... 
...by ignoring first RR that introduces the violation...
...without failing the update or whole bulk of updates
 2024-01-11 12:45:21 +01:00
Libor Peltan
ccadfe2926 tests: monitor how a DDNS or whole queue fails... 
...when various failures occur
 2024-01-07 20:36:58 +01:00
Libor Peltan
34a58c037c tests/ddns/forward: use different IPs for servers 2023-09-08 16:13:13 +02:00
Libor Peltan
2441819378 tests/ddns/forward: enhancements 2023-09-08 16:07:33 +02:00
Daniel Salzman
4168328c8b update: if a TSIG secret of client query is known, prefer the remote key if any 2023-09-08 12:56:56 +02:00
Daniel Salzman
b4209d7c22 update: rework the forwarding to be compliant with RFC 8945 2023-09-08 08:24:41 +02:00
Libor Peltan
80b10da862 incr update/bugfix: wildcard glue removal, adjust additional pointer 2023-09-07 09:14:57 +02:00
Libor Peltan
02ba30b998 ddns: allow on-slave ddns within on-slave-signing 2023-06-11 21:40:44 +02:00
Libor Peltan
1f9f05d847 DDNS: don't block DNSSEC-related records... 
...this can still be achieved by ACL/update-type
 2022-04-12 13:49:13 +02:00
Josh Soref
43db89b880 spelling 
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
 2021-11-24 12:55:47 +01:00
Libor Peltan
96d7a9c610 svcb: put nsec covering missing glue if some exist 2021-09-29 15:07:15 +02:00
Libor Peltan
6417f03094 svcb: put targeted svcb into additionals 2021-09-29 15:07:15 +02:00
Libor Peltan
0cc6558339 svcb/https: as regular optional glue with rrsig 2021-09-29 15:07:15 +02:00
David Vašek
7db672619c tests-extra: make flush() wait for the file(s) update completion where it makes sense 2020-05-29 23:52:38 +02:00
Libor Peltan
40385080a5 ANY over TCP returns one random RRSet not all 2020-05-12 15:38:57 +02:00
Daniel Salzman
72865cb0e5 tests-extra: fix ddns/ttl after ANY changes 2020-05-02 08:05:56 +02:00
Libor Peltan
52cd402f15 bugfix: DDNS: reconstruct TTL of removed RR to proper cancelout 2020-04-01 09:33:17 +02:00
Libor Peltan
7ba6cf0b0b zone update commit error states test... 
...related to 63bab4850d
 2020-03-18 14:25:12 +01:00
Libor Peltan
495b7432c7 ddns: refuse if adding grand-child to a node with DNAME 2019-11-27 14:53:47 +01:00
Libor Peltan
4ea63d1c3d bugfix/updates: infinite recursion when changing SOA TTL 2019-11-19 16:29:35 +01:00
Libor Peltan
b26835770f adjust additionals: also changed nodes that aren't referenced by adds_reverse_tree 2019-11-08 14:29:56 +01:00
Libor Peltan
a8a0163f8a test: resistency to timing issues 2019-10-03 10:32:57 +02:00
Libor Peltan
09b6db7325 tests: add test of replacing RRset with different TTL +dnssec 2019-08-08 15:05:41 +02:00
Daniel Salzman
a85bb2891b tests-extra: sometimes enable NSEC3 opt-out for ddns/basic 2019-07-31 13:06:17 +02:00
Libor Peltan
fe71e1d1a4 tests: node change nonauth -> deleg 2019-06-17 14:21:46 +02:00
Libor Peltan
217e70faf8 adjusting: implemented reverse tree for looking up additionals changed in update 
the tree is like a key-value database, with the key being a domain name
of a record which is an additional for a record in the zone
while the name might be not in the zone; the value is a list_t
of pointers to zone nodes, for which it actually is an addiitonal

whenever in an incremental update a record is changed/added
with the name of an additional, all the listed nodes
must be re-adjusted (re-discovered additionals

previously, we always re-discovered additionals for whole zone
 2019-05-14 16:45:59 +02:00
Libor Peltan
297454e3a5 dnssec: incremental sign, avoid signing glue 
also, on normal sign, remove possibly existing RRSIGs on NONAUTH nodes
 2019-04-04 10:59:42 +02:00
Daniel Salzman
ec2112cc11 knot: don't fail if TTL mismatch, unify TTL processing 2017-12-05 15:29:00 +01:00
Libor Peltan
7205c844cd tests: switched ddns/forward to knot_knot scheme 2017-03-20 15:46:12 +01:00
Libor Peltan
65a9b69e90 DDNS: allowed deleting non-apex DNSKEY and NSEC3PARAM records 2016-12-20 12:53:33 +01:00
Dominik Taborsky
578e5b4337 tests-extra: fix ddns/basic command order, first send update then dig 2016-08-09 13:06:33 +02:00
Vítězslav Kříž
12e1f957ef zone-size-limit: limit ddns 2016-07-18 14:16:43 +02:00
Dominik Taborsky
857b3ec8f9 tests: fix missing DDNS update send 2016-07-12 10:23:59 +02:00
Daniel Salzman
5c0d3db5d2 tests-extra: switch to the new DNSSEC configuration 2016-06-27 10:57:00 +02:00
Daniel Salzman
6329238597 tests-extra: remove useless cases from ddns/ttl 2015-08-06 12:13:13 +02:00
Dominik Taborsky
9ec64774d8 RRSets: allow TTL updates over DDNS 2015-08-05 15:58:50 +02:00
Jan Vcelak
a9389703ba functional tests: no DNSSEC changes allowed via DDNS 2015-01-19 17:05:11 +01:00
Jan Vcelak
d3cc205921 tests: DDNS add record into apex 2014-08-14 16:51:01 +02:00
Jan Vcelak
77a31d1400 tests: check DDNS prerequisites in apex 2014-08-14 16:24:00 +02:00
Marek Vavruša
117198ff93 update: UPDATE forwarding 2014-06-25 17:33:50 +02:00
Daniel Salzman
b601c536ae tests-extra: extend xfr and ddns tests with empty record 2014-06-24 10:38:42 +02:00
Jan Kadlec
21f4aa2a34 tests-extra: extend DDNS test with NAPTR addition 2014-06-17 16:27:43 +02:00