upstream/knot-dns
1
0
Fork 0
mirror of https://gitlab.nic.cz/knot/knot-dns.git synced 2026-05-04 17:26:34 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
16169 commits 152 branches 210 tags 59 MiB
Commit graph

12176 commits

Author SHA1 Message Date
Daniel Salzman
d371c2e1fb xdp: add XDP mode detection via knot_eth_xdp_mode() 2020-11-03 15:13:32 +01:00
Daniel Salzman
d5730bff8b Merge branch 'import_bind_revoked' into 'master' 
keymgr: import Revoked timer from Bind

See merge request knot/knot-dns!1211
 2020-11-03 13:15:48 +01:00
Libor Peltan
9cc3d346f8 keymgr: import Revoked timer from Bind 2020-11-03 13:09:11 +01:00
Daniel Salzman
31f121d3a0 libdnssec: rename reserved argument name 'explicit' at dnssec_algorithm_reproducible() 2020-11-02 21:34:21 +01:00
Vladimír Čunát
b0c6f0709a libdnssec: respect local GnuTLS policy in dnssec_algorithm_key_support() 2020-11-02 21:34:21 +01:00
Daniel Salzman
5eb734f1cf kxdpgun: remove ARP from common error message 2020-11-02 13:57:49 +01:00
Jan Hák
e3d0dc9137 knotd: send lower-cased zone name 
Signed-off-by: Jan Hák <jan.hak@nic.cz>
 2020-11-02 12:23:36 +01:00
Libor Peltan
50fd78aec8 dnssec: prevent keytag conflict when generating key 2020-10-29 16:34:04 +01:00
Libor Peltan
472ee2e7f4 keymgr: check offline KSK configuration options before doing anything 2020-10-29 14:23:47 +01:00
Daniel Salzman
11744a51c9 keymgr: log errors to stderr 2020-10-29 14:23:47 +01:00
Libor Peltan
9e67a55e80 dnssec: fixes around timer Created: 
1) dont set it to zero when import-bind
2) event if its zero, dont block KSK rollover
 2020-10-26 15:29:57 +01:00
Libor Peltan
7bca3032ca kzonecheck: clarify if the dnssec-checks shall be done 2020-10-26 11:54:56 +01:00
Daniel Salzman
d6254368b2 server: fix resource leak if server_init_iface() fails 2020-10-26 09:58:37 +01:00
Daniel Salzman
27f9bf9928 server: strict server startup (exit if configure_threads() fails) 2020-10-26 08:58:01 +01:00
David Vašek
0079745fa9 server: simplify error reporting when configure_sockets() fails 2020-10-26 08:58:01 +01:00
David Vašek
e25f9c5749 server: strict server startup (exit if any port binding fails) 
Use of NET_BIND_NONLOCAL (i.e. IP*_BINDANY or IP_FREEBIND) is still present
as a fallback when bind() returns EADDRNOTAVAIL.
 2020-10-26 08:58:01 +01:00
Daniel Salzman
76faa30abf Merge branch 'kxdpgun_localip' into 'master' 
kxdpgun: allow override of local IP

See merge request knot/knot-dns!1204
 2020-10-25 19:36:32 +01:00
Libor Peltan
cd73e82757 kxdpgun: allow override of local IP 2020-10-25 19:18:29 +01:00
Daniel Salzman
aa4bac94de Merge branch 'kdig_badcookie_max' into 'master' 
kdig: limit re-tries on BADCOOKIE

See merge request knot/knot-dns!1205
 2020-10-25 17:43:50 +01:00
Jakub Ružička
0095f12beb doc: fix typos found by lintian 2020-10-22 16:10:32 +02:00
Libor Peltan
84e1431203 kdig: limit re-tries on BADCOOKIE 
...this also avoids SIGSEGV after infinite recursion
 2020-10-21 12:13:03 +02:00
Daniel Salzman
e003ef7749 knotc: increase history length to 1000 2020-10-17 20:47:45 +02:00
Daniel Salzman
328888d90a knotc: don't store empty command to history and store before command execution 2020-10-17 20:47:45 +02:00
Daniel Salzman
436a53b922 knotc: don't store adjacent identical commands to history 2020-10-17 20:47:45 +02:00
Daniel Salzman
96e50d57fd EDNS: use EDE abbrevition and knot lookup structure 2020-10-16 17:29:40 +02:00
Libor Peltan
6be37cb892 EDNS: extended error in kdig 2020-10-15 18:20:24 +02:00
Daniel Salzman
b8a3bac40e Revert "server: don't use SO_REUSEADDR socket option" 
Without SO_REUSEADDR re-binding to addresses can fail with e.g.:
knotd: error: cannot bind address ::@53 TCP (address already in use)

This reverts commit 43c4c513d3.
 2020-10-13 11:43:15 +02:00
Daniel Salzman
2c13f01496 Merge branch 'axfr_16kib' into 'master' 
Axfr 16kib

See merge request knot/knot-dns!1173
 2020-10-13 09:41:58 +02:00
Libor Peltan
f86bbcf7b5 axfr: force AXFR from just one master, rest normally 2020-10-12 15:49:01 +02:00
Libor Peltan
0ca60b170d backup: create dir path when restoring zonefile 2020-10-09 17:38:50 +02:00
Libor Peltan
7a166f528e kzonecheck: option to skip DNSSEC checks 2020-10-09 14:35:41 +02:00
David Vašek
a99f40b650 backup: unify spelling of the words "backup" and "back up" 
The rule for Knot DNS documentation is:
- verb is "back up"
- noun and adjective are "backup".
 2020-10-08 13:48:29 +02:00
Daniel Salzman
44a4ccae33 backup: keep original zone file if zonefile-sync is -1 2020-10-08 13:48:29 +02:00
David Vašek
2477b6196c backup: add a missing required parameter as a new error code 2020-10-08 13:48:29 +02:00
Libor Peltan
24ac9f7c09 backup: promote init error to knotc 2020-10-08 13:48:29 +02:00
Libor Peltan
e50fd9e98f backup: prevent simultaneous independent backups to same directory 2020-10-08 13:48:29 +02:00
Libor Peltan
54d51a2f09 offline KSK: keymgr command to validate SKR RRSIGs 2020-10-06 18:49:00 +02:00
Libor Peltan
0a14707af3 offline KSK: validate SKR RRSIGs before import 2020-10-06 18:49:00 +02:00
Libor Peltan
f0dab81e93 libdnssec: fix sideefect closing file#0 
this caused various errors like Bad file descriptor
if zone backup/restore performed on many zones in parallel
 2020-10-06 12:35:29 +02:00
Libor Peltan
1ff9344474 Merge branch 'confdb_empty_check' into 'master' 
Don't consider empty confdb directory as existing confdb

See merge request knot/knot-dns!1188
 2020-10-05 14:04:00 +02:00
Daniel Salzman
0c647b1395 Merge branch 'validate_redundant_rrsigs' into 'master' 
dnssec validate: search for invalid redundant RRSIGs

See merge request knot/knot-dns!1189
 2020-10-05 13:16:27 +02:00
Jan Hak
3d8b888125 mod-noudp: add 'udp-truncate-rate' configuration option 2020-10-05 12:41:20 +02:00
Libor Peltan
55c218675f dnssec validate: search for invalid redundant RRSIGs 2020-10-05 12:12:24 +02:00
Daniel Salzman
9bb733a3f0 knotc: increase default control timeout to 60 seconds 2020-10-05 09:48:02 +02:00
Daniel Salzman
3f663075c4 Revert "debug: zone tree print function" 
This reverts commit 1e4827b691.
 2020-10-05 09:43:16 +02:00
Daniel Salzman
5c0cbea906 conf: don't consider empty confdb directory as existing confdb 2020-10-04 19:53:45 +02:00
Libor Peltan
563fcdd886 bugfix: don't crash if error in sign ctx initialization 2020-10-01 12:06:17 +02:00
Libor Peltan
5be6bb5ab1 bugfix: remake adds_tree from scratch if NSEC3PARAM changed 2020-09-30 21:04:24 +02:00
Libor Peltan
98e377016a bugfix: update NSEC3 hashes before updating additionals_tree 2020-09-30 21:04:24 +02:00
Libor Peltan
1e4827b691 debug: zone tree print function 2020-09-30 21:04:24 +02:00