TCP: free buffer when cancelling connection

Closes #76

See merge request !114

Fixes https://gitlab.labs.nic.cz/knot/resolver/issues/76

iterate: answer NOTIMPL to other classes than IN

See merge request !110

Generate RSA certificates with GnuTLS < 3.5.0

See merge request !113

Create and use ephemeral TLS credentials if none are explicitly configured

See merge request !112

If the ephemeral X.509 certificate is due for renewal in less than a
week, regenerate it automatically.

If kresd is configured to listen using TLS, but it has no credentials,
it should fall back to generating ephemeral credentials and using
them.

It stores the ephemerally-generated secret key in the same directory
as the cache, using the name "ephemeral_key.pem".  If the cache
persists, then the key will too, even if the daemon dies.  This means
that any set of daemons that share a cache will also share an
ephemeral secret key.

The ephemeral X.509 certificate that corresponds to the key will be
automatically generated (self-signed), will have a lifetime of about
90 days (matching Let's Encrypt policy).  The ephemeral cert is
never written to disk; it is always dynamically-generated by kresd.

This should make it very easy to get DNS-over-TLS working in
opportunistic mode.

This can be useful for scheduling checks in the future, for logging
when we're using an expired cert, requesting a new cert, refreshing an
ephemeral cert, etc.

hints: don't crash if no file got loaded

See merge request !111

https://forum.turris.cz/t/quick-way-to-crash-kresd-knot-resolver/2470

At least until we implement them properly.

There was (always) a bug in the "normal mode", which complicated
difficult cases like zive.cz in default setting.

Make the build verbose when launching test instance

See merge request !108

Add script to launch separate testing instance

See merge request !107

Before C11, repeating a typedef is forbidden, if taken strictly, and
some compiler versions even reject it.  On the other hand lru.h was
missing it, which wasn't noticed due to glibc's <sys/types.h> defining it.
Fixes https://gitlab.labs.nic.cz/knot/resolver/issues/114.

Before C11, repeating a typedef is forbidden, if taken strictly, and
some compiler versions even reject it.  On the other hand lru.h was
missing it, which wasn't noticed due to glibc's <sys/types.h> defining it.
Fixes https://gitlab.labs.nic.cz/knot/resolver/issues/114.

The problem was missed in !102 d6f79261.  Submitted as:
https://github.com/CZ-NIC/knot-resolver/pull/38

lua-http decided to swap arguments some time ago:
https://github.com/daurnimator/lua-http/commit/507396bb960b4f9d2b666ae7fd1ea441e9cccd2f

See mainly 06b0d3d4; the rest focuses on removing bashisms.

Add tests/test_lru to .gitignore

See merge request !104

Just in case.

Vladimír Čunát authored 8 years ago and Ondřej Surý committed 8 years ago

Motivation: maintaining these by hand in kres.lua is tricky, as just
inserting or reordering the structures can do anything and isn't
detected in general.  For example, `rr_array_t::at` has always
"missed a star".

A couple libknot structure fields have apparently changed name since
the old definitions were written; in most cases I renamed them in *.lua.

The file daemon/lua/kres-gen.lua will be regenerated only if explicitly
deleted.  That requires building with debug symbols and gdb on $PATH.

Remove bashism in gen-root-hints.sh script

See merge request !101

Lua http 0.1

Update module/http to use lua-http 0.1

See merge request !102