]> git.ipfire.org Git - thirdparty/knot-resolver.git/log
thirdparty/knot-resolver.git
7 years agodetect_time_jump: don't clear cache on suspend-resume
Vladimír Čunát [Fri, 2 Feb 2018 17:07:18 +0000 (18:07 +0100)] 
detect_time_jump: don't clear cache on suspend-resume

This changes more time than anticipated, as the old naming didn't apply
anymore (time of last cache clear).

7 years agoMerge branch 'fedora-symbols-again' into 'master'
Tomas Krizek [Mon, 12 Feb 2018 13:01:00 +0000 (14:01 +0100)] 
Merge branch 'fedora-symbols-again' into 'master'

Fedora symbols again

See merge request knot/knot-resolver!491

7 years agomake: hopefully fix the modules again for Fedora
Vladimír Čunát [Fri, 9 Feb 2018 14:22:47 +0000 (15:22 +0100)] 
make: hopefully fix the modules again for Fedora

- their `cc --version` doesn't start with "gcc"
- modifying CFLAGS at this point doesn't work,
  so we modify BUILD_CFLAGS instead (_vomit_)

7 years agomake: also print the linker command
Vladimír Čunát [Fri, 9 Feb 2018 14:22:12 +0000 (15:22 +0100)] 
make: also print the linker command

7 years agoMerge branch 'tls-push-refactoring' into 'master'
Petr Špaček [Fri, 9 Feb 2018 08:05:59 +0000 (09:05 +0100)] 
Merge branch 'tls-push-refactoring' into 'master'

refactoring of the tls data sending scheme

See merge request knot/knot-resolver!489

7 years agodaemon: tls; cleanup
Grigorii Demidov [Thu, 8 Feb 2018 08:07:00 +0000 (09:07 +0100)] 
daemon: tls; cleanup

7 years agodaemon: unificate tls structures to avod code duplication
Grigorii Demidov [Wed, 7 Feb 2018 16:27:01 +0000 (17:27 +0100)] 
daemon: unificate tls structures to avod code duplication

7 years agodaemon: cleanup errors; avoid discrepancy between declaration and definition of tls_c...
Grigorii Demidov [Tue, 6 Feb 2018 16:52:47 +0000 (17:52 +0100)] 
daemon: cleanup errors; avoid discrepancy between declaration and definition of tls_close()

7 years agodaemon: avoid uv_try_write() usage both in tls-client and tls-server side; bugfixes
Grigorii Demidov [Tue, 6 Feb 2018 16:41:06 +0000 (17:41 +0100)] 
daemon: avoid uv_try_write() usage both in tls-client and tls-server side; bugfixes

7 years agodaemon: server-side tls: use asynchronous network io model
Grigorii Demidov [Mon, 5 Feb 2018 17:02:14 +0000 (18:02 +0100)] 
daemon: server-side tls: use asynchronous network io model

7 years agoMerge branch 'nitpicks' into 'master'
Petr Špaček [Thu, 8 Feb 2018 13:07:15 +0000 (14:07 +0100)] 
Merge branch 'nitpicks' into 'master'

nitpicks, see commits

See merge request knot/knot-resolver!480

7 years agokr_rplan_next: remove prototype
Vladimír Čunát [Thu, 4 May 2017 08:48:55 +0000 (10:48 +0200)] 
kr_rplan_next: remove prototype

It had no implementation for years - since 456e5446ad4.

(cherry picked from commit 59126a772f1908543da68f87d646a1d08b32836f)
The commit was apparently "reverted" unintentionally when resolving
conflicts in a5b14c25b5a1.

7 years agoupdate README.md
Vladimír Čunát [Mon, 5 Feb 2018 15:13:55 +0000 (16:13 +0100)] 
update README.md

- no need to have gitter twice
- update information about modules (one cache, no alternative backends)
- add EPEL 7
- add mailing-list
- link to stable docs instead of latest master

7 years agoresolve write_extra_ranked_records: fix hiding and error
Vladimír Čunát [Mon, 15 Jan 2018 09:05:49 +0000 (10:05 +0100)] 
resolve write_extra_ranked_records: fix hiding and error

Detected by clang as dead store.

7 years agoversion module: more understandable logging
Vladimír Čunát [Mon, 5 Feb 2018 10:01:03 +0000 (11:01 +0100)] 
version module: more understandable logging

Just loading the module without option was printing that it expected
number of milliseconds, which could've been confusing.

7 years agocache: assume NSEC if ". NS" is missing in cache
Vladimír Čunát [Fri, 2 Feb 2018 10:25:52 +0000 (11:25 +0100)] 
cache: assume NSEC if ". NS" is missing in cache

This happens e.g. after cache.clear(), and currently one can stay
long-term without that record in cache.  That was effectively disabling
aggressive answers from the root zone.

This needs disabling a buggy part of Deckard test.

7 years agomain: fix --forks default
Vladimír Čunát [Thu, 1 Feb 2018 17:47:50 +0000 (18:47 +0100)] 
main: fix --forks default

It mostly worked, just by accident.
I see no use for negative initialization in this case.

7 years agoio: fix a no-return with -DNDEBUG
Vladimír Čunát [Thu, 1 Feb 2018 15:30:26 +0000 (16:30 +0100)] 
io: fix a no-return with -DNDEBUG

7 years agoMerge !486: daemon: more consistent outbound TCP timeout
Vladimír Čunát [Mon, 5 Feb 2018 12:32:17 +0000 (13:32 +0100)] 
Merge !486: daemon: more consistent outbound TCP timeout

There's no real effect, probably.

7 years agodaemon: set timeout for outbound tcp session more consistent
Grigorii Demidov [Mon, 5 Feb 2018 12:15:37 +0000 (13:15 +0100)] 
daemon: set timeout for outbound tcp session more consistent

7 years agoMerge !485: scripts: archive - dereference symlinks
Vladimír Čunát [Mon, 5 Feb 2018 11:36:49 +0000 (12:36 +0100)] 
Merge !485: scripts: archive - dereference symlinks

7 years agoscripts: archive - dereference symlinks
Tomas Krizek [Mon, 5 Feb 2018 10:18:47 +0000 (11:18 +0100)] 
scripts: archive - dereference symlinks

Symlinks are pointing to broken locations with the way we generate
source tarballs. Dereference them to avoid this issue.

7 years agoMerge !484: doc: move kresd.systemd to section 7
Vladimír Čunát [Mon, 5 Feb 2018 09:47:32 +0000 (10:47 +0100)] 
Merge !484: doc: move kresd.systemd to section 7

7 years agodoc: kresd.systemd belongs in section 7 of the manual
Daniel Kahn Gillmor [Mon, 5 Feb 2018 05:20:29 +0000 (00:20 -0500)] 
doc: kresd.systemd belongs in section 7 of the manual

"man man" says that the sections are:

       1   Executable programs or shell commands
       2   System calls (functions provided by the kernel)
       3   Library calls (functions within program libraries)
       4   Special files (usually found in /dev)
       5   File formats and conventions eg /etc/passwd
       6   Games
       7   Miscellaneous  (including  macro  packages  and  conventions), e.g.
           man(7), groff(7)
       8   System administration commands (usually only for root)
       9   Kernel routines [Non standard]

Since there is no command named kresd.system it does not belong in
section 8.

Section 7 includes conventions and useful patterns like gitcli(7),
which seems more similar to the documentation that is supplied in
kresd.systemd.

7 years agoMerge !483: systemd defaults: turn off verbose logging
Vladimír Čunát [Mon, 5 Feb 2018 09:21:55 +0000 (10:21 +0100)] 
Merge !483: systemd defaults: turn off verbose logging

7 years agosystemd defaults: turn off verbose logging
Tomas Krizek [Mon, 5 Feb 2018 09:10:35 +0000 (10:10 +0100)] 
systemd defaults: turn off verbose logging

Verbose logging should be used for debugging purposes, as it generates a
lot of output. It shouldn't be turned on by default for normal mode of
operation.

7 years agoMerge branch 'ci-respdiff' into 'master'
Tomas Krizek [Fri, 2 Feb 2018 13:23:58 +0000 (14:23 +0100)] 
Merge branch 'ci-respdiff' into 'master'

ci: respdiff - use ipv4, increase timeout, collect kresd.log

See merge request knot/knot-resolver!473

7 years agoci: decrease respdiff mismatch tolerance back to 1%
Tomas Krizek [Wed, 31 Jan 2018 13:48:32 +0000 (14:48 +0100)] 
ci: decrease respdiff mismatch tolerance back to 1%

This reverts threshold that was bumped in
commit de7a4a9658a769595d952a857d7d0aed066f8b5c.

7 years agoci: increase respdiff timeout to 11s
Tomas Krizek [Wed, 31 Jan 2018 13:44:44 +0000 (14:44 +0100)] 
ci: increase respdiff timeout to 11s

This decreases the amount of timeouts, which become SERVFAILs instead.
Overall, this results in more valid answers.

7 years agoci: run kresd in verbose mode and collect log
Tomas Krizek [Wed, 31 Jan 2018 13:44:11 +0000 (14:44 +0100)] 
ci: run kresd in verbose mode and collect log

7 years agoci: configure servers to use IPv4 in respdiff
Tomas Krizek [Wed, 31 Jan 2018 13:41:45 +0000 (14:41 +0100)] 
ci: configure servers to use IPv4 in respdiff

IPv6 isn't currently supported in our Docker image and using
it during resolution leads to a larger amount of timeouts.

7 years agoMerge !479: scripts: change development's tarball name
Vladimír Čunát [Thu, 1 Feb 2018 14:15:59 +0000 (15:15 +0100)] 
Merge !479: scripts: change development's tarball name

7 years agoscripts: change development's tarball name
Tomas Krizek [Thu, 1 Feb 2018 13:35:28 +0000 (14:35 +0100)] 
scripts: change development's tarball name

To be able to use development version tarballs for creating distro
packages for Fedora/CentOS, the pre-release name can't contain
hyphens.

7 years agoMerge branch 'systemd-fixes' into 'master'
Tomas Krizek [Thu, 1 Feb 2018 10:18:55 +0000 (11:18 +0100)] 
Merge branch 'systemd-fixes' into 'master'

systemd: fixes for unit files

See merge request knot/knot-resolver!476

7 years agosystemd: move Service directive to Socket for kresd-tls, kresd-control
Tomas Krizek [Wed, 31 Jan 2018 18:39:47 +0000 (19:39 +0100)] 
systemd: move Service directive to Socket for kresd-tls, kresd-control

The Service directives belong to the Socket section. Otherwise,
systemd fails to find the associated service and the socket can't start.

7 years agosystemd: remove unnecessary Service directive from kresd@.socket
Tomas Krizek [Wed, 31 Jan 2018 18:38:38 +0000 (19:38 +0100)] 
systemd: remove unnecessary Service directive from kresd@.socket

7 years agosystemd: add missing kresd@1.service symlink
Tomas Krizek [Wed, 31 Jan 2018 18:33:55 +0000 (19:33 +0100)] 
systemd: add missing kresd@1.service symlink

7 years agoMerge branch 'tls-errmsg-fix' into 'master'
Tomas Krizek [Thu, 1 Feb 2018 10:04:08 +0000 (11:04 +0100)] 
Merge branch 'tls-errmsg-fix' into 'master'

tls_client: fix error message logging

See merge request knot/knot-resolver!478

7 years agotls_client: fix error message logging
Tomas Krizek [Thu, 1 Feb 2018 09:44:55 +0000 (10:44 +0100)] 
tls_client: fix error message logging

7 years agoMerge branch 'gnutls-compat' into 'master'
Grigorii Demidov [Thu, 1 Feb 2018 09:16:51 +0000 (10:16 +0100)] 
Merge branch 'gnutls-compat' into 'master'

tls_client: compatibility for older gnutls version

See merge request knot/knot-resolver!475

7 years agotls_client: compatibility for older gnutls version
Tomas Krizek [Wed, 31 Jan 2018 17:16:09 +0000 (18:16 +0100)] 
tls_client: compatibility for older gnutls version

When older gnutls version is used, make sure not to use undeclared
symbols or functions.

7 years agoMerge branch 'systemd-run-permissions' into 'master'
Petr Špaček [Thu, 1 Feb 2018 08:00:40 +0000 (09:00 +0100)] 
Merge branch 'systemd-run-permissions' into 'master'

drop world-executable permissions on /run/knot-resolver

See merge request knot/knot-resolver!477

7 years agodrop world-executable permissions on /run/knot-resolver
Daniel Kahn Gillmor [Thu, 1 Feb 2018 05:52:07 +0000 (00:52 -0500)] 
drop world-executable permissions on /run/knot-resolver

It's not clear why anyone other that the superuser needs to be able to
descend into /run/knot-resolver, so we should drop this extra
permission.

it appears to have been added
e0f33604fac3bdd6f105ed0c50a4a08f562c72f8, but the log message for that
commit doesn't explain why the permission needs to be loosened.

The main situation that calls for executable but not readable
directories is when a directory contains something at a known location
that everyone must be able to reach, but also contains some sensitive
file with a name that itself is unguessable (i.e. high entropy
string).  That doesn't appear to be the case here.

By principle of least privilege, we should leave it locked down unless
there's a clear justification for opening it up.

7 years agoMerge !474: misc nitpicks (see commits)
Vladimír Čunát [Wed, 31 Jan 2018 15:54:10 +0000 (16:54 +0100)] 
Merge !474: misc nitpicks (see commits)

7 years agoresolve: verbose-log dropping AD because of opt-out
Vladimír Čunát [Wed, 31 Jan 2018 15:42:43 +0000 (16:42 +0100)] 
resolve: verbose-log dropping AD because of opt-out

7 years agomain: indentation in `parse_args()`
Vladimír Čunát [Wed, 31 Jan 2018 15:41:29 +0000 (16:41 +0100)] 
main: indentation in `parse_args()`

7 years agoresolve: document some fields
Vladimír Čunát [Wed, 31 Jan 2018 15:37:44 +0000 (16:37 +0100)] 
resolve: document some fields

7 years agoMerge !472: release 2.0.0 v2.0.0
Vladimír Čunát [Wed, 31 Jan 2018 13:25:52 +0000 (14:25 +0100)] 
Merge !472: release 2.0.0

7 years agorelease 2.0.0
Vladimír Čunát [Wed, 31 Jan 2018 11:53:18 +0000 (12:53 +0100)] 
release 2.0.0

7 years agoMerge !470: daemon: restart client's tcp session timer after answer
Vladimír Čunát [Wed, 31 Jan 2018 13:15:07 +0000 (14:15 +0100)] 
Merge !470: daemon: restart client's tcp session timer after answer

7 years agodaemon: restart client's tcp session timeout timer right after answer
Grigorii Demidov [Wed, 31 Jan 2018 08:30:17 +0000 (09:30 +0100)] 
daemon: restart client's tcp session timeout timer right after answer

7 years agoMerge !471: doc: fix the build on readthedocs.org
Vladimír Čunát [Wed, 31 Jan 2018 09:42:50 +0000 (10:42 +0100)] 
Merge !471: doc: fix the build on readthedocs.org

7 years agodoc: fix the build on readthedocs.org
Vladimír Čunát [Wed, 31 Jan 2018 09:24:07 +0000 (10:24 +0100)] 
doc: fix the build on readthedocs.org

The version restricion has remained way too long, apparently.

7 years agoMerge !468: Add serve_stale module (demo)
Vladimír Čunát [Wed, 31 Jan 2018 08:50:59 +0000 (09:50 +0100)] 
Merge !468: Add serve_stale module (demo)

7 years agonew serve_stale module
Vladimír Čunát [Mon, 15 Jan 2018 16:22:01 +0000 (17:22 +0100)] 
new serve_stale module

Decision function is separated out.

7 years agodaemon: decrease timeouts
Vladimír Čunát [Mon, 29 Jan 2018 15:37:41 +0000 (16:37 +0100)] 
daemon: decrease timeouts

Let's allow 4 UDP + 4 TCP attempts, within 2+2 seconds,
and then start also using stale cache.

7 years agolua: regenerate bindings
Vladimír Čunát [Mon, 29 Jan 2018 15:34:48 +0000 (16:34 +0100)] 
lua: regenerate bindings

Some parts were hand-written, apparently.

7 years agoMerge branch 'ci-respdiff' into 'master'
Tomas Krizek [Tue, 30 Jan 2018 18:21:02 +0000 (19:21 +0100)] 
Merge branch 'ci-respdiff' into 'master'

ci: respdiff - update config

See merge request knot/knot-resolver!469

7 years agoci: increase respdiff mismatch tolerance to 3%
Tomas Krizek [Tue, 30 Jan 2018 17:29:34 +0000 (18:29 +0100)] 
ci: increase respdiff mismatch tolerance to 3%

Since we've added the `timeout` metric to respdiff, it uncovered
an issue when running in Docker, where a large amount of queries
(~2% / resolver) end with a timeout.

Until the issue is investigated and fixed, temporarily bump the CI's
tolerance for the test to pass to 3%.

7 years agoci: respdiff - add timeout field to config
Tomas Krizek [Tue, 30 Jan 2018 16:31:57 +0000 (17:31 +0100)] 
ci: respdiff - add timeout field to config

7 years agoMerge branch 'systemd-multiprocess' into 'master'
Tomas Krizek [Tue, 30 Jan 2018 14:54:50 +0000 (15:54 +0100)] 
Merge branch 'systemd-multiprocess' into 'master'

systemd: enable multiple processes with socket activation

See merge request knot/knot-resolver!464

7 years agosystemd: enable multiple processes with socket activation
Tomas Krizek [Thu, 25 Jan 2018 17:17:09 +0000 (18:17 +0100)] 
systemd: enable multiple processes with socket activation

In order to be able to spawn multiple processes with socket activation,
systemd template (see systemd.unit(5)) is used. This allows the user to
create any amount of instances by simply providing a unique name for
each of them. The most sensible instance identifiers are natural
numbers, but any convention could be used.

The default recommended service name becomes kresd@1.service, replacing
the older kresd.service. Sockets are renamed in a similar way. Users are
able to take advantage of bash expansion to spawn/control multiple
processes, e.g. "systemctl start kresd@{1..16}.service"

The socket-activated service can now be launched directly with
"systemctl start kresd@1.service", which will request the associated
sockets without the need for any extra priviledges or capabilities.

Stopping the kresd service now also stops the associated sockets.
Stopping any individual socket is an isolated opration now (stopping
kresd@1.socket no longer stop kresd-tls@1.socket and
kresd-control@1.socket).

Users and packagers are also encouraged to use drop-in files for extra
configuration or modifications to ensure compatibility with their
distribution.

7 years agoconfig.lua: exit if kresd isn't listening on any interface
Tomas Krizek [Thu, 25 Jan 2018 17:16:34 +0000 (18:16 +0100)] 
config.lua: exit if kresd isn't listening on any interface

7 years agoMerge !422: aggressive use of cache DNSSEC-validated cache
Vladimír Čunát [Tue, 30 Jan 2018 14:30:45 +0000 (15:30 +0100)] 
Merge !422: aggressive use of cache DNSSEC-validated cache

It's not for NSEC3, etc.  We'll fill NEWS soon.

7 years agolint:c nitpicks
Vladimír Čunát [Tue, 30 Jan 2018 14:18:08 +0000 (15:18 +0100)] 
lint:c nitpicks

7 years agodoc: fixup after moving files around
Vladimír Čunát [Tue, 30 Jan 2018 14:17:04 +0000 (15:17 +0100)] 
doc: fixup after moving files around

7 years agoMerge tag 'v1.99.1-alpha' into cache-aggr-wip
Vladimír Čunát [Tue, 30 Jan 2018 14:14:11 +0000 (15:14 +0100)] 
Merge tag 'v1.99.1-alpha' into cache-aggr-wip

It's just to have the tag in history.  The files are unchanged.

7 years agomove files: all cache stuff is in lib/cache/ now
Vladimír Čunát [Tue, 30 Jan 2018 14:07:20 +0000 (15:07 +0100)] 
move files: all cache stuff is in lib/cache/ now

Almost.  A trivial lib/layer/cache.c remains.
I put all lib/generic/*.h into libkres_HEADERS, to be sure.
They rarely change anyway.

7 years agoMerge branch 'master' into cache-aggr-wip
Vladimír Čunát [Tue, 30 Jan 2018 13:05:58 +0000 (14:05 +0100)] 
Merge branch 'master' into cache-aggr-wip

7 years agoMerge !466: osx and other fixes
Vladimír Čunát [Tue, 30 Jan 2018 13:04:11 +0000 (14:04 +0100)] 
Merge !466: osx and other fixes

7 years agomain: fix exiting with --help etc.
Vladimír Čunát [Tue, 30 Jan 2018 10:45:41 +0000 (11:45 +0100)] 
main: fix exiting with --help etc.

7 years agomain: fix build without CAN_FORK_EARLY
Vladimír Čunát [Tue, 30 Jan 2018 10:30:02 +0000 (11:30 +0100)] 
main: fix build without CAN_FORK_EARLY

7 years agomake: fixup passing export-dynamic flags
Vladimír Čunát [Tue, 30 Jan 2018 10:19:17 +0000 (11:19 +0100)] 
make: fixup passing export-dynamic flags

It was breaking on Darwin, and clang was throwing warnings.
Problem since ddb699d364.

7 years agoMerge branch 'organize-doc' into 'master'
Petr Špaček [Tue, 30 Jan 2018 12:24:02 +0000 (13:24 +0100)] 
Merge branch 'organize-doc' into 'master'

documentation: reorganize chapters

See merge request knot/knot-resolver!467

7 years agodocumentation: reorganize chapters
Tomas Krizek [Tue, 30 Jan 2018 11:52:59 +0000 (12:52 +0100)] 
documentation: reorganize chapters

The manual page discusses basic usage of kresd, but completely lacks
configuration description. Users are pointed to
https://knot-resolver.readthedocs.io for reference. When visiting this
page, the most important information they don't have yet, is how to
configure kresd. This should be the first chapter in the documentation
to make it easier to find.

7 years agologging: fix bad whitespace (newline inside message)
Vladimír Čunát [Tue, 30 Jan 2018 09:43:58 +0000 (10:43 +0100)] 
logging: fix bad whitespace (newline inside message)

7 years agodoc: fixup after removing other cache modules
Vladimír Čunát [Mon, 29 Jan 2018 16:01:53 +0000 (17:01 +0100)] 
doc: fixup after removing other cache modules

7 years agoMerge branch 'clang-scan' into 'master'
Petr Špaček [Mon, 29 Jan 2018 08:02:05 +0000 (09:02 +0100)] 
Merge branch 'clang-scan' into 'master'

fix two nitpicks from clang-scan

See merge request knot/knot-resolver!465

7 years agofix two nitpicks from clang-scan
Vladimír Čunát [Mon, 29 Jan 2018 07:38:33 +0000 (08:38 +0100)] 
fix two nitpicks from clang-scan

- utils.c: overflowing size_t is basically impossible, but well...
- stats.c: NULL would probably not cause a problem with zero length passed

7 years agoMerge !454: daemon/worker: fix regression from e7c5c102d0eb8
Vladimír Čunát [Mon, 29 Jan 2018 07:26:34 +0000 (08:26 +0100)] 
Merge !454: daemon/worker: fix regression from e7c5c102d0eb8

7 years agodaemon/worker: cleanup errors; missed packet source
Grigorii Demidov [Mon, 22 Jan 2018 12:42:29 +0000 (13:42 +0100)] 
daemon/worker: cleanup errors; missed packet source

7 years agocache: avoid leaking memory
Vladimír Čunát [Fri, 26 Jan 2018 16:31:52 +0000 (17:31 +0100)] 
cache: avoid leaking memory

Also guard all allocations in cache against this, via assert.
(Except in cases that would segfault anyway.)

7 years agocache: *always* store and retrieve RRSIGs
Vladimír Čunát [Fri, 26 Jan 2018 13:27:53 +0000 (14:27 +0100)] 
cache: *always* store and retrieve RRSIGs

7 years agocache: skip NSEC stype, instead of failing assertion
Vladimír Čunát [Thu, 25 Jan 2018 17:48:24 +0000 (18:48 +0100)] 
cache: skip NSEC stype, instead of failing assertion

7 years agocache: try also CNAME wildcard
Vladimír Čunát [Thu, 25 Jan 2018 16:39:10 +0000 (17:39 +0100)] 
cache: try also CNAME wildcard

I somehow forgot that case.  Unfortunately the cache optimization for
CNAMEs doesn't help this case, so we just do (up to) two probes.

7 years agoMerge branch 'policy_polish' into 'master'
Petr Špaček [Thu, 25 Jan 2018 16:43:51 +0000 (17:43 +0100)] 
Merge branch 'policy_polish' into 'master'

policy: polish policy module up

See merge request knot/knot-resolver!462

7 years agoCI: test doc build
Petr Špaček [Thu, 25 Jan 2018 12:53:17 +0000 (13:53 +0100)] 
CI: test doc build

7 years agodoc: fix Sphinx warnings
Petr Špaček [Thu, 25 Jan 2018 13:12:13 +0000 (14:12 +0100)] 
doc: fix Sphinx warnings

7 years agopolicy: polish policy module documentation
Petr Špaček [Thu, 25 Jan 2018 12:50:22 +0000 (13:50 +0100)] 
policy: polish policy module documentation

7 years agopolicy: fix generated SOA RR so it can be cached
Petr Špaček [Thu, 25 Jan 2018 11:46:53 +0000 (12:46 +0100)] 
policy: fix generated SOA RR so it can be cached

RFC 6303 section 3 explains that

   The SOA RR is needed to support negative caching [RFC2308] of name
   error responses and to point clients to the primary master for DNS
   dynamic updates.

Now SOA RR owner name matches query name so it can be cached.
Using zone name as owner would be more difficult so it is left for
further optimizations.

I've verified that nsupdate correctly determines that master name
does not exist and stops update process.

7 years agopolicy: add explanatory TXT record to zones blocked by default
Petr Špaček [Thu, 25 Jan 2018 11:26:50 +0000 (12:26 +0100)] 
policy: add explanatory TXT record to zones blocked by default

7 years agopolicy: refactor policy and view modules
Petr Špaček [Thu, 25 Jan 2018 09:14:28 +0000 (10:14 +0100)] 
policy: refactor policy and view modules

I've removed couple layers of indirection to make it easier to follow.
This should make it easier to extend the policy module.

7 years agoMerge branch 'respdiff-debug' into 'master'
Petr Špaček [Thu, 25 Jan 2018 15:45:45 +0000 (16:45 +0100)] 
Merge branch 'respdiff-debug' into 'master'

CI: store respdiff database for debuging purposes

See merge request knot/knot-resolver!443

7 years agoCI: store respdiff database for debuging purposes
Petr Špaček [Mon, 15 Jan 2018 11:46:14 +0000 (12:46 +0100)] 
CI: store respdiff database for debuging purposes

7 years agoMerge branch 'dockerfile' into 'master'
Petr Špaček [Thu, 25 Jan 2018 14:38:15 +0000 (15:38 +0100)] 
Merge branch 'dockerfile' into 'master'

Dockefile: fix TLS server in demo container

See merge request knot/knot-resolver!463

7 years agoDockefile: fix TLS server in demo container
Petr Špaček [Thu, 25 Jan 2018 14:29:25 +0000 (15:29 +0100)] 
Dockefile: fix TLS server in demo container

Related: #297

7 years agotreewide: compiler warnings for printf-style functions
Vladimír Čunát [Thu, 25 Jan 2018 13:24:24 +0000 (14:24 +0100)] 
treewide: compiler warnings for printf-style functions

7 years agoreduce verbosity of cache-related logs
Vladimír Čunát [Thu, 25 Jan 2018 13:17:22 +0000 (14:17 +0100)] 
reduce verbosity of cache-related logs

It was just too noisy for default --verbose.

7 years agocache: fix logging after parent merge
Vladimír Čunát [Thu, 25 Jan 2018 12:25:57 +0000 (13:25 +0100)] 
cache: fix logging after parent merge

7 years agoMerge master into cache-aggr-wip
Vladimír Čunát [Thu, 25 Jan 2018 08:32:11 +0000 (09:32 +0100)] 
Merge master into cache-aggr-wip

... to start fixing conflicts with changes in logging