upstream/knot-dns
1
0
Fork 0
mirror of https://gitlab.nic.cz/knot/knot-dns.git synced 2026-02-03 18:49:28 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
19609 commits 142 branches 208 tags 63 MiB
Commit graph

19609 commits

This branch
This branch
All branches
Author SHA1 Message Date
Libor Peltan
7b2442cc0a xfr: finalize timers and master serial only after commit 2025-12-03 11:17:57 +01:00
Daniel Salzman
4c9feb2572 tls: avoid passing NULL to strlen() when generating a certificate 2025-06-03 15:46:53 +02:00
Daniel Salzman
d2a50caaca ctl: add 'parser failed,' prefix to zone-(un)set error messages 2025-06-03 14:44:52 +02:00
Daniel Salzman
bd30258e64 Merge branch 'pkg_rpm_python' into 'master' 
distro/rpm: use modern %pyproject_* macros

See merge request knot/knot-dns!1784
 2025-06-03 13:00:05 +02:00
Jakub Ružička
c88205bf67 distro/rpm: use modern %pyproject_* macros 
Support new %pyproject_* macros where they're supported, otherwise use
older %py3_* macros which work everywhere.

Introduce new %{PYPROJECT} var which is only set on distros supporting
new macros - Fedora >= 40 and EL >= 9.
 2025-06-03 11:52:44 +02:00
Jakub Ružička
43ce8b74af distro/rpm: add knot-exporter and python3-libknot RPM subpackages 2025-06-03 11:52:34 +02:00
Daniel Salzman
a7f614b9b2 zonefile: add libgen.h for basename(), cleanup 2025-06-02 16:33:17 +02:00
Daniel Salzman
6546855b76 Merge branch 'pkt-trailing' into 'master' 
pkt: fix our check for trailing rdata when parsing

See merge request knot/knot-dns!1783
 2025-06-02 16:10:08 +02:00
Vladimír Čunát
f3124e1c4f
pkt: fix our check for trailing rdata when parsing 
- in case the \0 terminator got "compressed", we would get
  a spurious KNOT_EMALF
- if real compression happened, we could miss the fact
  that there are trailing data
 2025-06-02 15:57:23 +02:00
Libor Peltan
51ef3b645f Merge branch 'zonemd_dbus' into 'master' 
zonemd: emit 'dnssec-invalid' dbus event when validation fails

See merge request knot/knot-dns!1782
 2025-06-02 15:55:43 +02:00
Daniel Salzman
aabd7de2db Merge branch 'temp-cert-sanonly' into 'master' 
self-signed cert SANonly

See merge request knot/knot-dns!1778
 2025-06-02 12:33:59 +02:00
Jan Doskočil
ffe6b37715
kdig: support certificates missing Subject field 2025-06-02 11:27:57 +02:00
Jan Doskočil
56979de6f8
knotd: self-signed cert with SAN instead of Subject: CN 2025-06-02 11:27:57 +02:00
Daniel Salzman
d17189c820 ctl: don't log zone-(un)set parser failed, send details to the client instead 2025-06-02 09:17:06 +02:00
Daniel Salzman
c54e0886f0 quic-handler: add check for empty conn to prevent assert 2025-06-01 09:06:44 +02:00
Daniel Salzman
1f3ba914f6 zonefile: fix possible memory leak (Coverity) 2025-06-01 08:56:59 +02:00
Daniel Salzman
423cbe075f zonemd: emit 'dnssec-invalid' dbus event when validation fails 2025-05-30 13:50:19 +02:00
Daniel Salzman
1464b18288 kzonecheck: consider zone file name with origin auto-detection 
Partially revert 38f65806dd
 2025-05-30 13:16:37 +02:00
Daniel Salzman
1cec5a5fb0 dnskey-sync: use deterministic jitter always if keytag-modulo is configured 2025-05-30 12:44:57 +02:00
Daniel Salzman
449e6a6f0a Merge branch 'ngtcp2-update' into 'master' 
libngtcp2 update

See merge request knot/knot-dns!1780
 2025-05-26 18:10:03 +02:00
Jan Doskočil
d8e03d88c8
libngtcp2: update to v1.13.0 2025-05-26 17:59:37 +02:00
Jan Doskočil
ba133a9827
scripts: more robust update_ngtcp2.sh script 2025-05-26 17:56:17 +02:00
Libor Peltan
5468705818 Merge branch 'cat_tpl_check' into 'master' 
conf: call zone checks for catalog-templates

See merge request knot/knot-dns!1772
 2025-05-26 13:19:54 +02:00
Daniel Salzman
dd0a5a2c4f conf: call zone checks for catalog-templates 
Note that these checks cannot be called for normal templates as templates
can be combined with zone-specific options (i.e. a template itself can be
invalid)!
 2025-05-26 11:43:40 +02:00
Daniel Salzman
4d20b7a0ee conf: move checks to more context-logical places 2025-05-26 10:46:28 +02:00
Daniel Salzman
6c0a1eb4f6 Merge branch 'dnskey_sync_keytag' into 'master' 
DNSKEY sync keytag

See merge request knot/knot-dns!1777
 2025-05-26 10:45:29 +02:00
Daniel Salzman
b95b792222 dnskey-sync: add jitter to scheduled event to minimize race condition 2025-05-26 10:17:42 +02:00
Libor Peltan
b26610e0ee logging: alg/ksk roll: inform about pre-scheduled retirement after DS TTL 2025-05-26 10:17:42 +02:00
Libor Peltan
da0e3b0d95 dnskey sync: skip rrs with different keytag modulo 2025-05-26 10:17:42 +02:00
Libor Peltan
c67d8ddfbb benevolent IXFR: bugfix: when ignoring rem/add, dont skip whole rrset 2025-05-26 10:17:42 +02:00
Daniel Salzman
5d3ff7c749 utils: mute Coverity (invalid type) 2025-05-25 10:59:38 +02:00
Daniel Salzman
8e9e021ff5 distro: adapt authoritative-server test for kzonecheck to autodetection 2025-05-23 17:35:29 +02:00
Daniel Salzman
6362f1df63 python3-libknot: improve README example 2025-05-23 13:31:50 +02:00
Daniel Salzman
45b2bce1fd knot-exporter: remove return within a finally block 
fixes #957
 2025-05-23 13:30:13 +02:00
Daniel Salzman
3bd95d57d4 CI: add fedora-42 and alma-10 2025-05-22 18:17:50 +02:00
Daniel Salzman
9c0e8c43f6 Merge branch 'tests_fix_startup' into 'master' 
fix tests-extra server startup routines

See merge request knot/knot-dns!1774
 2025-05-22 13:15:55 +02:00
Daniel Salzman
d22f646a64 Merge branch 'notify-delay' into 'master' 
Notify delay

See merge request knot/knot-dns!1776
 2025-05-22 08:57:57 +02:00
Jan Doskočil
b753ba3ca5 conf: implement notify-delay option 2025-05-22 08:16:44 +02:00
David Vašek
cec7fd4527 tests-extra: allow lower number of server start retries for recoverable start failures 2025-05-21 14:20:58 +02:00
David Vašek
06f46233aa tests-extra: when ports are busy, really allow a retry with a different configuration 2025-05-21 14:20:58 +02:00
David Vašek
140200c489 tests-extra: if a servers doesn't start during test startup, restart the startup process 
In the past, knotd server continued running even after binding of some ports failed.
This is no longer true for some time. The tests didn't reflect it.
 2025-05-21 14:20:58 +02:00
David Vašek
de158da5bc tests-extra: fix the repeated server startup 
A workaround of already fixed flaw doesn't apply anymore.
 2025-05-21 14:20:58 +02:00
Daniel Salzman
9862b09f07 Merge branch 'slavesign_serial_indep' into 'master' 
xfr/slave-sign: independent SOA serial series on slave-side

See merge request knot/knot-dns!1775
 2025-05-21 14:14:33 +02:00
Libor Peltan
31dd087d76 xfr/slave-sign: independent SOA serial series on slave-side 2025-05-21 12:27:22 +02:00
Libor Peltan
26edd7a308 Merge branch 'catalog_check' into 'master' 
Check if member zone configured with non-generated catalog

See merge request knot/knot-dns!1771
 2025-05-20 14:17:49 +02:00
Daniel Salzman
b07bb63d20 tls: DEBUG: print Subject Alternative Name 
Based on https://github.com/CZ-NIC/knot/pull/31
 2025-05-19 14:57:04 +02:00
Daniel Salzman
ce047a4c46 libzscanner: use _public_ from libknot/attribute.h 2025-05-19 08:23:05 +02:00
Daniel Salzman
fb9b2cc102 libknot: extend TLS API to be used for non-DNS communication 2025-05-19 08:19:15 +02:00
Daniel Salzman
e7c73564f4 catalog: check if member zone configured with non-generated catalog 2025-05-13 09:37:29 +02:00
Daniel Salzman
c7b11a74c9 Fix zs_init() callings with empty origin which newly enables autodetection 2025-05-12 19:15:25 +02:00