Commits · 79af7dea85687fb399ff4654c87876e84451d63d · Knot projects / Knot Resolver

Sep 07, 2024
- python: knot_resolver_manager module renamed to knot_resolver · 79af7dea
  Aleš Mrázek authored 6 months ago
  
  79af7dea
- python: datamodel module moved out of manager module · 5208baa3
  Aleš Mrázek authored 7 months ago
  
  5208baa3
- python: client: commands: text improvements and fixes WIP · 3367ca8c
  Aleš Mrázek authored 7 months ago
  
  3367ca8c
- python: client: minor modules and code refactoring · 6ae29c54
  Aleš Mrázek authored 7 months ago
  
  6ae29c54
- manager: removed nice syntax error on old Python versions · 20553b40
  Aleš Mrázek authored 7 months ago
  
  20553b40
- manager: reorganizing python modules · 19fb522a
  Aleš Mrázek authored 7 months ago
  
  19fb522a
- manager: moved everything out of the directory · 414e1745
  Aleš Mrázek authored 7 months ago
  
  414e1745
Sep 06, 2024
- Merge !1594 : modules/workarounds: fix module initialization · ae7b3e6c
  Vladimír Čunát authored 6 months ago
  
  ae7b3e6c
- modules/workarounds: fix module initialisation. · 18d88a87
  menakite authored 7 months ago and Vladimír Čunát committed 6 months ago
```
Rename config to init, which is called when a module is loaded.
It seems it's been broken for a while.
```
  18d88a87
- Merge !1610 : tests/integration/deckard: update to latest master · 3c5da30a
  Vladimír Čunát authored 6 months ago
  
  3c5da30a
- tests/integration/deckard: update to latest master · a585a4f5
  Vladimír Čunát authored 6 months ago
```
adds libjemalloc-detector
```
  Verified
  
  a585a4f5
- Merge !1590 : resolver,validator: provide more EDE codes · 15f6a00e
  Vladimír Čunát authored 6 months ago
  
  15f6a00e
- validator: fix after fac462e1. · 1ca37a0e
  menakite authored 6 months ago and Vladimír Čunát committed 6 months ago
```
See:
  !1590 (comment 304380)
```
  1ca37a0e
- NEWS: mention the EDE improvements · 8d1b1960
  Vladimír Čunát authored 6 months ago
  
  Verified
  
  8d1b1960
- modules/dns64: change EDE from "Forged Answer" to "Synthesized". · e2742842
  menakite authored 7 months ago and Vladimír Čunát committed 6 months ago
  
  e2742842
- cache: set EDE when synthesizing answer from aggressive cache · 9e0b9d12
  menakite authored 7 months ago and Vladimír Čunát committed 6 months ago
  
  9e0b9d12
- validator: set EDE code if SEP does not match or DNSKEY is revoked. · fd7066d0
  menakite authored 7 months ago and Vladimír Čunát committed 6 months ago
```
If the tag and algorithm of DS and DNSKEY do not correspond, or in case
the DNSKEY is revoked, set EDE code "DNSKEY Missing".
If both match, but the algorithm is not supported, set EDE code
"Unsupported DNSKEY Algorithm".
In case RRSIGs for DNSKEY exist, but can't be validated due to a key
error, set EDE code "RRSIGs Missing".
```
  fd7066d0
- resolver,validator: provide more EDE codes. · 48f57424
  menakite authored 7 months ago and Vladimír Čunát committed 6 months ago
```
dnssec:
  * Provide a way to retrieve whether a DNSKEY has the Zone Key bit set,
    and add bindings for Lua modules (kr_dnssec_key_zonekey_flag), like
    kr_dnssec_key_sep_flag.
  * In kr_ds_algo_support() provide a way to retrieve what is wrong with
    the keys.
  * Check if a RRSIG RR has the signature expired already before
    inception time.

validator:
  * Set EDE "Unsupported NSEC3 Iterations Value" when downgrading.
  * Set EDE "Signature Expired before Valid" when checking RRSIGs.
  * Set EDE "No Zone Key Bit Set" when a DNSKEY with the Zone Key Bit
    set to 0 is discarded.
  * Instead of the generic "Other Error" with extra text
    "unsupported digest/key", set appropriate EDEs
    "Unsupported DNSKEY Algorithm" and "Unsupported DS Digest Type".

resolver:
  * Set EDE "No Reachable Authority" when it is decided that all
    authoritative servers are unreachable or misbehaving.

Some parts adjusted by vcunat, in particular construction of EDE messages.
```
  48f57424
- lib/utils: generalize kr_strcatdup() for mempools · 9215892b
  Vladimír Čunát authored 6 months ago
```
It's trivial really, and I'd like to use it now.
```
  Verified
  
  9215892b
- Merge !1602: daemon: remove -f/--forks · cabbfd18
  Vladimír Čunát authored 6 months ago
```
Closes #631
```
  cabbfd18
- daemon: remove -f/--forks · a72780a0
  Oto Šťáva authored 6 months ago and Vladimír Čunát committed 6 months ago
```
Closes #631
```
  a72780a0
Sep 04, 2024
- Merge branch 'iss905' into 'master' · 57142c76
  Aleš Mrázek authored 6 months ago
```
datamodel: file permission checks

See merge request !1595
```
  57142c76
- datamodel: types: fix object iteration compatibility for Python < 3.11 · 244c4ae1
  Frantisek Tobias authored 6 months ago and Aleš Mrázek committed 6 months ago
  
  244c4ae1
Sep 03, 2024
- datamodel: use permission types in config · 0c3e5f36
  Aleš Mrázek authored 6 months ago
  
  0c3e5f36
- datamodel: types: files: WritableFilePath added · 4b4567f3
  Aleš Mrázek authored 6 months ago
  
  4b4567f3
Sep 02, 2024
- datamodel: types: files: enum for permission mode added · dc8eef31
  Aleš Mrázek authored 6 months ago
  
  dc8eef31
- datamodel: file permission checks: format files · cdd96e9a
  Frantisek Tobias authored 7 months ago and Aleš Mrázek committed 6 months ago
  
  cdd96e9a
- scripts/poe-tasks/configure: add user and group · 1a3cb860
  Aleš Mrázek authored 7 months ago
  
  1a3cb860
- datamodel: file permission checks: remove left over code, fix linter · 3bcb08e6
  Frantisek Tobias authored 7 months ago and Aleš Mrázek committed 6 months ago
```
formatting ignored for now since the code that is to be formated will likely be moved elsewhere
```
  3bcb08e6
- datamodel: file permission checks: #814 created function to check that... · 5cbc8761
  Frantisek Tobias authored 7 months ago and Aleš Mrázek committed 6 months ago
```
datamodel: file permission checks: #814 created function to check that kresd_user() can access the files and directories
```
  5cbc8761
- datamodel: file permission checks: Created new types to check if files can be opened · 3dd77dbd
  Frantisek Tobias authored 7 months ago and Aleš Mrázek committed 6 months ago
  
  3dd77dbd
- Merge !1601: daemon/tls: log pins and certificates in case of no match · 8e2d9a49
  Vladimír Čunát authored 6 months ago
```
Fixes #813
```
  8e2d9a49
- daemon/tls: bump gnutls version requirement · 279f2a2d
  Vladimír Čunát authored 6 months ago
```
It simplifies a bit.  No need to support ancient versions.
```
  Verified
  
  279f2a2d
- daemon/tls: drop a DEBUG section · 80f9f86f
  Vladimír Čunát authored 6 months ago
```
The new pin logging is better than this.  No need to recompile with -DDEBUG (rare).
```
  Verified
  
  80f9f86f
- daemon/tls: fix a bug that caused empty base64 pins · dac7949d
  Vladimír Čunát authored 6 months ago
  
  Verified
  
  dac7949d
- NEWS for the pin-sha256 changes · 98d14706
  Vladimír Čunát authored 6 months ago
  
  Verified
  
  98d14706
- datamodel/types: fix check for base64 encoded sha256 · cd903846
  Frantisek Tobias authored 6 months ago and Vladimír Čunát committed 6 months ago
```
pin sha256 were used and tested for in incorrect format, refer to: https://www.rfc-editor.org/rfc/rfc7469#section-2.1.5
```
  Verified
  
  cd903846
- daemon/tls: log pins and certificates in case of no match #813 · 01a2cde2
  Frantisek Tobias authored 6 months ago and Vladimír Čunát committed 6 months ago
  
  Verified
  
  01a2cde2
Aug 29, 2024
- Merge !1603 : daemon/session2: comment on event propagation · e377d3dc
  Vladimír Čunát authored 6 months ago
  
  e377d3dc
Aug 28, 2024

daemon/session2: comment on event propagation · 654a60ca

Oto Šťáva authored 6 months ago

Minor, but I believe quite important. I stumbled across this while
writing the protocol layer article and thought it was not emphasized
enough in the docs.

Verified

654a60ca

Admin message

Admin message