Commits · 25ee7fb6755b0a5ab34d20e1a3b296d4f8063874 · Knot projects / Knot Resolver

Jan 11, 2017
- Merge branch 'travis-gcc-linux' into 'master' · 25ee7fb6
  Ondřej Surý authored 8 years ago
  
  Use gcc on linux See merge request !121
  25ee7fb6
- Use gcc on linux · df81ec00
  Ondřej Surý authored 8 years ago
  
  df81ec00
- Merge branch 'bootstrap-gnutls-fix' into 'master' · 577fcc3a
  Ondřej Surý authored 8 years ago
  
  Actually exit 1 the bootstrap script on a failure See merge request !119
  577fcc3a
- Actually exit 1 the bootstrap script on a failure · c1d62029
  Ondřej Surý authored 8 years ago
  
  c1d62029
- Merge branch 'bootstrap-gnutls-fix' into 'master' · 149a7d3d
  Ondřej Surý authored 8 years ago
  
  scripts/bootstrap-depends.sh: GnuTLS needs --with-included-unistring See merge request !118
  149a7d3d
- scripts/bootstrap-depends.sh: GnuTLS needs --with-included-unistring · 60f8121f
  Ondřej Surý authored 8 years ago
  
  60f8121f
- Merge branch 'travis-dont-set-global-cflags' into 'master' · 98bee240
  Ondřej Surý authored 8 years ago
  
  Don't set CFLAGS globally, just for Knot Resolver build See merge request !117
  98bee240
- Remove .revision on bootstrap failure to force re-bootstrapping next time the build is run · 30b986fc
  Ondřej Surý authored 8 years ago
  
  30b986fc
- Don't set CFLAGS globally, just for Knot Resolver build · ab83da7f
  Ondřej Surý authored 8 years ago
  
  ab83da7f
- Merge branch 'bootstrap-depends-update' into 'master' · 67e18160
  Ondřej Surý authored 8 years ago
  
  Update bootstrap library versions See merge request !116
  67e18160
- Update bootstrap library versions · a361caa3
  Ondřej Surý authored 8 years ago
  
  a361caa3
- Merge branch 'vld-refactoring' into 'master' · 8d173409
  Ondřej Surý authored 8 years ago
  
  layer/validate: refactoring See merge request !96
  8d173409
- layer/validate: DS processing was fixed · 12193103
  Grigorii Demidov authored 8 years ago
  
  12193103
- lib/resolve: some bugfixes for zonecut checking · 0eed92b1
  Grigorii Demidov authored 8 years ago
  
  0eed92b1
- lib/resolve: zonecut check has been refactored · 78446765
  Grigorii Demidov authored 8 years ago
  
  78446765
- layer/iterate: change the order of records in the answer when CNAME refers to... · 63b7f7ca
  Grigorii Demidov authored 8 years ago
  
  layer/iterate: change the order of records in the answer when CNAME refers to the record that we already have
  63b7f7ca
- layer/iterate: cname chain processing has been fixed · 1d5de5b0
  Grigorii Demidov authored 8 years ago
  
  1d5de5b0
- ranked_rr_array*: reorder fields to save memory · 318ed136
  Vladimír Čunát authored 8 years ago and Ondřej Surý committed 8 years ago
  
  On standard 64-bit: 24 -> 16 bytes per element.
  318ed136
- uid fields: remove forgotten field, add comments · 2f59181c
  Vladimír Čunát authored 8 years ago and Ondřej Surý committed 8 years ago
  
  2f59181c
- rrcache: NS glue processing has been fixed · c1956cdf
  Grigorii Demidov authored 8 years ago
  
  c1956cdf
- layer/iterate: use 'old' bechavior in STRICT mode when updating cut · aea4ff55
  Grigorii Demidov authored 8 years ago
  
  aea4ff55
- layer/iterate: authority section processing was fixed · f2e12005
  Grigorii Demidov authored 8 years ago
  
  f2e12005
- remove unused variables and a function (clang warnings) · 80340d89
  Vladimír Čunát authored 8 years ago and Ondřej Surý committed 8 years ago
  
  80340d89
- layer/rrcache: nitpick · 79369511
  Grigorii Demidov authored 8 years ago
  
  79369511
- layer/iterate: authority processing fixed · c97d3f8e
  Grigorii Demidov authored 8 years ago
  
  c97d3f8e
- kr_*_print: don't include them in release builds · 5945013b
  Vladimír Čunát authored 8 years ago and Ondřej Surý committed 8 years ago
  
  5945013b
- layer/validate: refactoring · 435c50b6
  Grigorii Demidov authored 8 years ago
  
  435c50b6
- Merge branch 'tcp-leaks' into 'master' · 7daf9ecc
  Ondřej Surý authored 8 years ago
  
  TCP: free buffer when cancelling connection Closes #76 See merge request !114
  7daf9ecc
Jan 09, 2017
- TCP: free buffer when cancelling connection · f50a9cc9
  Vladimír Čunát authored 8 years ago
  
  Fixes https://gitlab.labs.nic.cz/knot/resolver/issues/76
  f50a9cc9
- add comments around TCP buffering · 0ed8f089
  Vladimír Čunát authored 8 years ago
  
  0ed8f089
Jan 06, 2017

Merge branch 'chaos' into 'master' · d821b0d2
Ondřej Surý authored 8 years ago
```
iterate: answer NOTIMPL to other classes than IN

See merge request !110
```
d821b0d2
Merge branch 'generate-rsa-with-older-gnutls' into 'master' · 943abb23
Ondřej Surý authored 8 years ago
```
Generate RSA certificates with GnuTLS < 3.5.0

See merge request !113
```
943abb23
Generate RSA certificates with GnuTLS < 3.5.0 · 7780a96a
Ondřej Surý authored 8 years ago

7780a96a

Merge branch 'ephemeral-tls-2' into 'master' · c5ad975f

Ondřej Surý authored 8 years ago

Create and use ephemeral TLS credentials if none are explicitly configured

See merge request !112

c5ad975f

Kill if (0) { construct · 15a57ea3
Ondřej Surý authored 8 years ago

15a57ea3
Fix log level when printing ephemeral certificates · a38b2b8b
Ondřej Surý authored 8 years ago

a38b2b8b
Auto-regenerate ephemeral certificate on hostname change · ce0b8f11
Daniel Kahn Gillmor authored 8 years ago

ce0b8f11

Auto-renew ephemeral X.509 certificate. · 598408bb

Daniel Kahn Gillmor authored 8 years ago

If the ephemeral X.509 certificate is due for renewal in less than a
week, regenerate it automatically.

598408bb

Use ephemeral X.509 credentials if none are configured · a405b874

Daniel Kahn Gillmor authored 8 years ago

If kresd is configured to listen using TLS, but it has no credentials,
it should fall back to generating ephemeral credentials and using
them.

It stores the ephemerally-generated secret key in the same directory
as the cache, using the name "ephemeral_key.pem".  If the cache
persists, then the key will too, even if the daemon dies.  This means
that any set of daemons that share a cache will also share an
ephemeral secret key.

The ephemeral X.509 certificate that corresponds to the key will be
automatically generated (self-signed), will have a lifetime of about
90 days (matching Let's Encrypt policy).  The ephemeral cert is
never written to disk; it is always dynamically-generated by kresd.

This should make it very easy to get DNS-over-TLS working in
opportunistic mode.

a405b874

Record expiration date of our certificate. · 4c4ff26f

Daniel Kahn Gillmor authored 8 years ago

This can be useful for scheduling checks in the future, for logging
when we're using an expired cert, requesting a new cert, refreshing an
ephemeral cert, etc.

4c4ff26f

Admin message