From: Petr Špaček Date: Wed, 5 Dec 2018 14:49:49 +0000 (+0100) Subject: rename experimental dot module to experimental_dot_auth X-Git-Tag: v3.2.0~17^2~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fafecf91cd5b9622325cd277b4738443480e91bd;p=thirdparty%2Fknot-resolver.git rename experimental dot module to experimental_dot_auth --- diff --git a/doc/modules.rst b/doc/modules.rst index 6a9aa349b..ce659408d 100644 --- a/doc/modules.rst +++ b/doc/modules.rst @@ -34,3 +34,4 @@ Knot Resolver modules .. include:: ../modules/prefill/README.rst .. include:: ../modules/serve_stale/README.rst .. include:: ../modules/edns_keepalive/README.rst +.. include:: ../modules/experimental_dot_auth/README.rst diff --git a/modules/dot/dot.mk b/modules/dot/dot.mk deleted file mode 100644 index bc95128d3..000000000 --- a/modules/dot/dot.mk +++ /dev/null @@ -1,2 +0,0 @@ -dot_SOURCES := dot.lua -$(call make_lua_module,dot) diff --git a/modules/dot/README.rst b/modules/experimental_dot_auth/README.rst similarity index 85% rename from modules/dot/README.rst rename to modules/experimental_dot_auth/README.rst index 11cee686e..ddfd51d38 100644 --- a/modules/dot/README.rst +++ b/modules/experimental_dot_auth/README.rst @@ -1,18 +1,12 @@ -.. _mod-dot: +.. _mod-experimental_dot_auth: -DNS-over-TLS (DoT) Auto-discovery ---------------------------------- +Experimental DNS-over-TLS (DoT) Auto-discovery +---------------------------------------------- DoT module enables automatic discovery of authoritative servers' SPKI fingerprint via the use of magic NS names. It is very similar to `dnscurve`_ mechanism. -.. warning:: This module is experimental. - -Requirements -^^^^^^^^^^^^ - -At the time of this writting, this module is to be built on top of the -`cloudflare`_ branch of knot-resolver. +.. warning:: This module is experimental and can be changed or removed at any time. Use at own risk, security properties were not tested! How it works ^^^^^^^^^^^^ @@ -73,15 +67,14 @@ To enable the module, add this stanza to your config: .. code-block:: lua -- Load the module - modules.load('dot') + modules.load('experimental_dot_auth') Caveats ^^^^^^^ The module relies on seeing the reply of the NS query and as such will not work -if knot-resolver use its cache. You may need to delete the cache before starting ``kresd`` to work around this. +if Knot Resolver use its cache. You may need to delete the cache before starting ``kresd`` to work around this. The module also assumes that the NS query answer will return both the NS targets in the Authority section as well as the glue records in the Additional section. .. _dnscurve: https://dnscurve.org/ -.. _cloudflare: https://gitlab.labs.nic.cz/knot/knot-resolver/tree/cloudflare diff --git a/modules/dot/basexx.lua b/modules/experimental_dot_auth/basexx.lua similarity index 100% rename from modules/dot/basexx.lua rename to modules/experimental_dot_auth/basexx.lua diff --git a/modules/dot/dot.lua b/modules/experimental_dot_auth/experimental_dot_auth.lua similarity index 100% rename from modules/dot/dot.lua rename to modules/experimental_dot_auth/experimental_dot_auth.lua diff --git a/modules/experimental_dot_auth/experimental_dot_auth.mk b/modules/experimental_dot_auth/experimental_dot_auth.mk new file mode 100644 index 000000000..dba4d9ee6 --- /dev/null +++ b/modules/experimental_dot_auth/experimental_dot_auth.mk @@ -0,0 +1,2 @@ +experimental_dot_auth_SOURCES := experimental_dot_auth.lua +$(call make_lua_module,experimental_dot_auth) diff --git a/modules/modules.mk b/modules/modules.mk index 1189db830..71c79b12e 100644 --- a/modules/modules.mk +++ b/modules/modules.mk @@ -17,7 +17,7 @@ modules_TARGETS += bogus_log \ nsid \ etcd \ ta_sentinel \ - dot \ + experimental_dot_auth \ graphite \ policy \ view \