- Aug 03, 2020
-
-
Vladimír Čunát authored
-
Vladimír Čunát authored
-
Petr Špaček authored
Previous code incorrectly assumed that OPT was last RR in section and this lead to truncating output. https://tools.ietf.org/html/rfc6891#section-6.1.1 clearly states that OPT can be anywhere in Additional section. Printer relies on checks in libknot packet parser: check_rr_constraints() prevents packets with more OPT RRs or OPT outside of additional section from being parsed so the printer cannot see them.
-
- Jul 27, 2020
-
-
Tomas Krizek authored
meson: don't pass libsystemd version to C preprocessor Closes #592 See merge request !1029
-
Vladimír Čunát authored
We don't use it anymore, and on some systems it's apparently not an integer.
-
- Jul 23, 2020
-
-
Petr Špaček authored
validate: don't chase non-sensical signers Closes #587 See merge request knot/knot-resolver!1022
-
When signer name isn't a prefix of owner, the signature does not make sense and it's no use trying to use that signer name in any way. We generally don't force queries on every level of the path, so this signer confusion could "introduce SERVFAILs" if we skip over a transition to insecure.
-
- Jul 16, 2020
-
-
Petr Špaček authored
cache: add percentage usage to cache stats Closes #580 See merge request !1025
-
-
- Jul 15, 2020
-
-
Petr Špaček authored
nitpicks: batch of tiny fixes collected over time See merge request !1024
-
So that the overall pipeline time isn't extended too much.
-
In the past week the Travis runs have been consistently taking much more time than before, usually around 20 minutes, leading to our CI timing out. https://travis-ci.com/github/CZ-NIC/knot-resolver/builds
-
-
- root: deprecated key sudo (The key `sudo` has no effect anymore.) - root: key matrix is an alias for jobs, using jobs
-
There's still frequent issue that documenting some parameters would be mainly noise but doxygen will warn when not doing it. WARN_IF_UNDOCUMENTED apparently doesn't cover this and WARN_IF_DOC_ERROR would probably remove even some useful warnings.
-
-
It's deprecated since 5.0.0.
-
- Jul 14, 2020
-
-
Vladimír Čunát authored
-
Tomas Krizek authored
-
Tomas Krizek authored
-
Tomas Krizek authored
tls: fix compilation to support net.tls_sticket_secret() See merge request !1021
-
- Jul 10, 2020
-
-
Vladimír Čunát authored
The trick there is that it isn't supported (by us) on gnutls < 3.6.3. I checked that the test fails before the fix in parent commit and that it succeeds (is skipped) with gnutls 3.6.2.
-
-
Tomas Krizek authored
treewide: move to our new GitLab URL See merge request !1019
-
s/gitlab\.labs\.nic/gitlab.nic/g Redirects are in place, so it shouldn't be required now, but why not.
-
- Jul 08, 2020
-
-
Petr Špaček authored
test cleanups See merge request !1017
-
I think this eliminates the remaining copies. Most of the places don't need all the features, but it still seems worth to deduplicate.
-
Petr Špaček authored
-
Petr Špaček authored
Old behavior where test definition without "return" was silently skipped was very confusing.
-
Petr Špaček authored
It was only generating noise in test logs, especially when network is not abvailable/is intentionally disabled.
-
- Jul 03, 2020
-
-
Vladimír Čunát authored
-
-
When the effective user is root, no capabilities are dropped. This change has no effect when running as non-privileged user or when switching to non-privileged user via user() in config. Dropping capabilities as a root user resulted in the following unexpected behaviour: 1. When using trust anchor update, r/w access to root keys is neeeded. These are typically owned by knot-resolver user. When kresd is executed as root and capabilities are dropped, this file was no longer writable, because it is owned by knot-resolver, not root. 2. It is impossible to recreate/resize cache due to the same permission issue as above. If you want to drop capabilities when starting kresd as a root user, you can switch the user with the `user()` command. This changes the effective user ID and drops any capabilities as well.
-
- Jul 01, 2020
-
-
Tomas Krizek authored
release 5.1.2 See merge request !1018
-
Tomas Krizek authored
-
Tomas Krizek authored
Add new target doc-strict for development to detect warnings, but avoid failing package builds due to documentation warnings.
-
Tomas Krizek authored
opensuse and fedora/epel use different license strings, but the opensuse value is used in Knot DNS, so let's be consistent. Cherry picked from https://build.opensuse.org/request/show/817870
-
Tomas Krizek authored
-
Petr Špaček authored
policy.rpz: various fixes See merge request !1016
-
- Jun 30, 2020
-
-
Vladimír Čunát authored
-