GitLab

Formerly keys with invalid public key data were accepted, leading to
negative keytag values in RFC 5011 metadata.

At the moment tests are quite dumb and test only basic HTTPS certificate
validation and XML parsing/error detection.

We need to refactor code first to allow more detailed testing.

FIXME: webserv.lua is not terminated when tests are finished

We are not RFC 7958 compliant and support only XML with just root zone
TA. Full compliance would require either proper Lua XML parser or CMS parser
and both are hard to get packaged in Fedora and elsewhere.

Also timestamps related to TA validity are limited to UTC timezone
because cross-platform timezone parsing is hard.
(Mac OS libc does not have usable strptime(%z).)

Closes: #435

Previously multiple kresd processes might use the same .lock file at
once and thus have a race between writing and renaming.  That could
happen relatively often if starting many instances *at once*.

Config tests now have ability to run daemon with different arguments and
to check exit code.

Arguments --keyfile, -k for managed mode
and
--keyfile-ro, -K for unmanaged (readonly) mode.

Automatic setting based on the file permission is removed because it was
confusing and could easily lead to state where automatic update does not
happen because of unexpected file permissions.

Check if folder is writeable was moved into Lua code.

Default unmanaged keyfile path can be specified at compile
time with option KEYFILE_DEFAULT. This default
configuration can be disabled in configuration file with
trust_anchors.keyfile_default = nil.

Also removed priming query from trust anchor module.
Updated deckard repository.

Also fixed improper promotion of `ffi` to global variable.

```
$ luacheck --codes daemon/lua/
Checking daemon/lua/config.lua                    OK
Checking daemon/lua/kres-gen.lua                  OK
Checking daemon/lua/kres.lua                      OK
Checking daemon/lua/sandbox.lua                   OK
Checking daemon/lua/trust_anchors.lua             OK
Checking daemon/lua/zonefile.lua                  OK

Total: 0 warnings / 0 errors in 6 files
```

function `add_file` is added as an alias to `config`,
but otherwise the interface is almost identical.

- update() had nothing to do in the public interface
- config() implementation moved out of the definition of the main table

Fixes #167.

engine_cmd() doesn't print the error() exceptions thrown from lua;
it only leaves the message on lua stack.

(cherry picked from commit a316b9f7)

The format of TA store is compatible both ways with old kresd.
Note: it requires the parent commit to work, i.e. new libzscanner.

engine_cmd() doesn't print the error() exceptions thrown from lua;
it only leaves the message on lua stack.

trust anchor fixes

Closes #151

See merge request !193

... via trust_anchors.{bootstrap_url,bootstrap_ca}

new trust anchors variables:
* trust_anchors.hold_down_time = 30 * day
* trust_anchors.refresh_time = nil
* trust_anchors.keep_removed = 0

these could be used to control how often should
root trust anchors be checked and how many removed
keys should be kept in log (0 by default)

kresd accepts DS records in root keys if provided,
it will eventually replace them with DNSKEY in
automatic mode

the utility supports most of the 'unbound-host'
functionality except PTR records

when boostrapping root TA, the DNSKEYs are updated
immediately after retrieving DS from the side channel

the quiet mode doesn't print neither intro messages nor prompt
in the interactive mode, which makes it useful for scripted usage

if the root key file doesn’t exist, it will be populated from root DNSKEY query, which will be validated against root trust anchors retrieved over HTTPS with IANA cert verification against built-in current IANA cert CA. it requires luasocket and luasec for it to work. trust anchors XML file signature is not checked, as there’s no facility for PKCS7 checking yet.