Online DNSSEC Signing

Initial version of the online DNSSEC signing module.

Added 120 commits:

• 91cc29ec...e3baf8d3 - 94 commits from branch master
• a71cad5b - processing: fix code sample in documentation
• c7dd7bb9 - modules: add zone name parameter to load callback
• f6c340ee - move rrset-sign from libknotd to libknot
• f66d9593 - online signing: module for NSEC computation
• 19b0d795 - dnssec: add dnssec_key_dup() to copy public key
• 76f2b3d2 - online signing: sign context initialization
• a88e0868 - online signing: NSEC synthesis for NXDOMAIN
• 0c8f404d - online signing: disallow global instantiation
• bbdfeb9d - online signing: API for context initialization
• 69812c57 - online signing: synthesis of DNSKEY record
• fdc9317c - knot_rrset_sign: add memory context
• b438ac64 - online signing: add signatures for all RRs in the answer
• af476787 - online signing: correct check for empty answer
• 7812cbfb - online signing: put NSEC prove into authority
• a3fa5041 - online signing: set correct RCODE for NODATA response
• f7e2a035 - online signing: cleanup naming
• 0f3746cb - online signing: synthesize NSEC bitmap for NODATA
• c4f516d8 - online signing: set NSEC TTL from SOA minimum
• e5941234 - pkt: add knot_pkt_rr_offset() to get RR position in wire
• 09d89f76 - online signing: set DNSKEY TTL from SOA TTL
• 04eea846 - online signing: query for NSEC type
• 877dae13 - online signing: allow ANY query
• ded3d156 - online signing: implement wildcard signing
• 6892e64a - online signing: exact NSEC bitmap for ANY query
• 3ea9e35d - online signing: fix NSEC bitmap for CNAME RRs
• 2ae9b644 - online signing: documentation

Rebased. You can pre-review already.

Added 149 commits:

• 2ae9b644...669c10b8 - 123 commits from branch master
• d9b3c608 - processing: fix code sample in documentation
• 8a9cba7b - modules: add zone name parameter to load callback
• 8c9ea1b4 - move rrset-sign from libknotd to libknot
• 53033853 - online signing: module for NSEC computation
• 7cd3e46d - dnssec: add dnssec_key_dup() to copy public key
• 2c286017 - online signing: sign context initialization
• 3c6c46d3 - online signing: NSEC synthesis for NXDOMAIN
• cb872dab - online signing: disallow global instantiation
• 27b466d2 - online signing: API for context initialization
• abeea969 - online signing: synthesis of DNSKEY record
• 28c26d71 - knot_rrset_sign: add memory context
• 76941f6a - online signing: add signatures for all RRs in the answer
• 6c857714 - online signing: correct check for empty answer
• 59d2624f - online signing: put NSEC prove into authority
• 8e008335 - online signing: set correct RCODE for NODATA response
• f0c417bb - online signing: cleanup naming
• f3501124 - online signing: synthesize NSEC bitmap for NODATA
• 00125fdd - online signing: set NSEC TTL from SOA minimum
• 51cd4e59 - pkt: add knot_pkt_rr_offset() to get RR position in wire
• ac3d46d1 - online signing: set DNSKEY TTL from SOA TTL
• 12b8a2c7 - online signing: query for NSEC type
• b995c79d - online signing: allow ANY query
• c213493d - online signing: implement wildcard signing
• 0eaf792d - online signing: exact NSEC bitmap for ANY query
• 80128808 - online signing: fix NSEC bitmap for CNAME RRs
• 30a2fbb6 - online signing: documentation

Another rebase.

Reassigned to @dsalzman

Title changed from WIP: Online DNSSEC Signing to Online DNSSEC Signing

Added 4 commits:

• 35c7cce0 - online signing: remove unused variables
• 06171734 - online signing: module scope is now checked by config
• ff9a991a - online signing: common logging prefix
• 1543a82e - online signing: add TODO with known issues

Added 67 commits:

• 1543a82e...fd735507 - 37 commits from branch master
• a3c094aa - processing: fix code sample in documentation
• 52179fa9 - modules: add zone name parameter to load callback
• 618883af - move rrset-sign from libknotd to libknot
• 753debb4 - online signing: module for NSEC computation
• a9cbc8d2 - dnssec: add dnssec_key_dup() to copy public key
• 0c70fff1 - online signing: sign context initialization
• c6bab3c9 - online signing: NSEC synthesis for NXDOMAIN
• 8c2f1bc8 - online signing: disallow global instantiation
• 1ca163f8 - online signing: API for context initialization
• 8111b702 - online signing: synthesis of DNSKEY record
• 00dd38bc - knot_rrset_sign: add memory context
• 566d15d6 - online signing: add signatures for all RRs in the answer
• e77dc09e - online signing: correct check for empty answer
• 42d77b52 - online signing: put NSEC prove into authority
• 33f63d6b - online signing: set correct RCODE for NODATA response
• e7083a97 - online signing: cleanup naming
• 06b2a9f7 - online signing: synthesize NSEC bitmap for NODATA
• 4718d143 - online signing: set NSEC TTL from SOA minimum
• bbcf0f92 - pkt: add knot_pkt_rr_offset() to get RR position in wire
• 645903eb - online signing: set DNSKEY TTL from SOA TTL
• f1df3f9d - online signing: query for NSEC type
• b9aff9ee - online signing: allow ANY query
• 48afa8db - online signing: implement wildcard signing
• a99cf015 - online signing: exact NSEC bitmap for ANY query
• 87d24de8 - online signing: fix NSEC bitmap for CNAME RRs
• fedd69e3 - online signing: documentation
• 17318821 - online signing: remove unused variables
• 81590e23 - online signing: module scope is now checked by config
• c32383a0 - online signing: common logging prefix
• 53b9905e - online signing: add TODO with known issues

For consistency and possible reference reasons, there should also be some id description.

You don't like libknot.h? :-)

I don't. I prefer to include just what is needed.

Indentation?

Added 4 commits:

• f6c8f1e2 - online signing: unified use of 'wildcard' in documentation
• 8b8e4bf3 - online signing: remove needless include
• 36fce746 - online signing: unified logging in the module
• 600547f8 - fix indentation

mentioned in commit 7711ddac

Status changed to merged