Fixes #147.

I believe it was unused, so no risk was caused, but better remove it.
There's the complication that its signature has changed since libknot-2.4.0.
Fixes https://gitlab.labs.nic.cz/knot/resolver/issues/146

These shouldn't make any problems:
- the verbose messages don't print any scope, and
- reputation cache doesn't consider scope.

Vladimír Čunát authored 8 years ago and Ondřej Surý committed 8 years ago

On standard 64-bit: 24 -> 16 bytes per element.

Fixes https://gitlab.labs.nic.cz/knot/resolver/issues/76

If the ephemeral X.509 certificate is due for renewal in less than a
week, regenerate it automatically.

If kresd is configured to listen using TLS, but it has no credentials,
it should fall back to generating ephemeral credentials and using
them.

It stores the ephemerally-generated secret key in the same directory
as the cache, using the name "ephemeral_key.pem".  If the cache
persists, then the key will too, even if the daemon dies.  This means
that any set of daemons that share a cache will also share an
ephemeral secret key.

The ephemeral X.509 certificate that corresponds to the key will be
automatically generated (self-signed), will have a lifetime of about
90 days (matching Let's Encrypt policy).  The ephemeral cert is
never written to disk; it is always dynamically-generated by kresd.

This should make it very easy to get DNS-over-TLS working in
opportunistic mode.

This can be useful for scheduling checks in the future, for logging
when we're using an expired cert, requesting a new cert, refreshing an
ephemeral cert, etc.

Vladimír Čunát authored 8 years ago and Ondřej Surý committed 8 years ago

Motivation: maintaining these by hand in kres.lua is tricky, as just
inserting or reordering the structures can do anything and isn't
detected in general.  For example, `rr_array_t::at` has always
"missed a star".

A couple libknot structure fields have apparently changed name since
the old definitions were written; in most cases I renamed them in *.lua.

The file daemon/lua/kres-gen.lua will be regenerated only if explicitly
deleted.  That requires building with debug symbols and gdb on $PATH.

Now that we renamed "debug" to "verbose", the old name didn't seem very
suitable anymore; this new identifier haven't got to master yet.

Split NDEBUG to NDEBUG (asserts) and NOVERBOSELOG (verbose logging); rename all related symbols to use VERBOSE instead of DEBUG

... but don't raise any kind of error.
The lua function `verbose()` behaved reasonably already.
It doesn't warn, but docs for the function do mention `NLOGDEBUG`.

In particular, don't require to call an externally defined function to
find if in --verbose mode or not.  Now it's just an extern bool.
I'm confident the performance impact of not using -DNLOGDEBUG should be
negligible now.

This comes with a small incompatible API+ABI change, but that shouldn't
matter as we've had a couple of those already since the last release.

Fixes https://github.com/CZ-NIC/knot-resolver/issues/35.

This reverts commit 64f80706.
TL;DR: it brought almost no benefits AFAIK and potential for problems.

The "portable bytecode" produced by luajit isn't compatible when
(lib)luajit version changes or when some build-time configuration of it
changes.  If you mix these up, kresd fails to start.