Vladimír Čunát [Wed, 7 Jun 2023 08:30:33 +0000 (10:30 +0200)]
meson: add more warnings from the C compiler
I tested this still builds with gcc 6, gcc 13, clang 7, clang 16.
Our CI additionally does `-Werror`, so that the properties
will get maintained (on some Debian's default compiler and clang).
Warnings with gcc 13 seem clear for me now, too.
Oto Šťáva [Wed, 7 Jun 2023 13:04:10 +0000 (15:04 +0200)]
tests/dnstap: let Go handle its transitive dependencies
Dependabot reported that we have some vulnerable dependencies. The
problem is that the ones it wants to bump to do not support older Go
versions, which we need to use due to some distros not having the most
recent Go packages available.
The `go.sum` file contains the outdated ones (because I tried with an
older Go), but as far as I can tell, from Go docs and other places, it
is actually not a lockfile, so newer Go should update the packages
regardless of what is in `go.sum`.
Oto Šťáva [Wed, 7 Jun 2023 06:15:41 +0000 (08:15 +0200)]
tests/pytests: adapt to new pylint
New version of pylint removed the disabled `bad-continuation` check. It
also added a parens check that we were violating in
`test_random_close.py`, which is now fixed as well.
Vladimír Čunát [Mon, 29 May 2023 11:59:00 +0000 (13:59 +0200)]
lib/cache pkt_renew(): fix an edge-case bug
It could happen that this condition didn't get triggered,
but the structures weren't completely clear. In particular,
the current section could be past KNOT_ANSWER already.
Let's be more conservative here; pkt_recycle() shouldn't be expensive.
I'm not sure why I only ran into this on the new-policy branch,
but it really seems like bug here on master already.
I can't see why not. Also avoid unnecessary /usr/bin/env
kresd doesn't work well without `ninja install` anyway.
bindir: maybe we should install the python binaries into sbin instead.
We're also being slightly inconsistent - allowing to override some
directories by meson but not respecting it for the python stuff.
Vladimír Čunát [Wed, 26 Apr 2023 09:16:34 +0000 (11:16 +0200)]
hints docs: explain root hints better
The removed tip seemed especially misleading;
I don't think our root hints could've ever been used that way.
And latency to root servers has practically no impact on latency
of replies to reasonable answers (just like... once per day and TLD).
Vladimír Čunát [Mon, 8 May 2023 08:39:41 +0000 (10:39 +0200)]
ci: drop debian 9
It looks like downloads won't work anymore:
https://gitlab.nic.cz/knot/knot-resolver/-/jobs/890201
https://gitlab.nic.cz/knot/knot-resolver/-/jobs/890312
which is probably because long-term support ended last summer.
Oto Šťáva [Tue, 21 Mar 2023 06:35:19 +0000 (07:35 +0100)]
daemon/session2: rename http flag to custom_emalf_handling
The session2 API as well as everything that uses it should be as
independent of the underlying protocols as possible, providing
functionality through firing different events. There was a left-over
`struct session2::http` flag, which allowed the DoH layer to return a
Bad Request reply. This has been renamed so that it does not mention
HTTP apart from the example in the doc comments, in case another
protocol needs to use this functionality at some point.
Oto Šťáva [Wed, 15 Mar 2023 07:19:42 +0000 (08:19 +0100)]
daemon: use a struct member for 'inheritance' to avoid aliasing issues
It has been brought to my attention that using a macro to put an
identical member sequence at the beginning of multiple structs to
simulate OOP-like inheritance (the way libUV does it) may violate strict
aliasing rules. The standards-compliant way to do this should be to use
a single common struct member, as opposed to a common sequence of
members. This commit fixes this potential problem on our side.
Side note: even without this measure, it should not be causing any
problems for us, since we have '-fno-strict-aliasing' in our
meson.build. But in case libUV fixes their side at some point, let us
just have one less thing to worry about on our side.
Oto Šťáva [Fri, 10 Mar 2023 12:15:16 +0000 (13:15 +0100)]
daemon: improve session closure readability
Until now, sessions were closed by explicitly sending `_CLOSE` events
via the `session2_event()` function to them, which I think is not
signalling the intent very well. It might look as though the session
has been/is being closed by some part of the code that contains the
`session2_event()` call and a relevant event is being fired now. This
commit introduces `session2_close()` and `session2_force_close()` inline
functions, which do the same thing, but I think the intent behind
calling them is slightly clearer.
Vladimír Čunát [Wed, 8 Mar 2023 16:18:16 +0000 (17:18 +0100)]
improve handling of SERVFAIL from forwarders
- selection: utilize address_state::broken also when forwarding
- selection: drop fallbacks that don't make sense when forwarding
- iterate: copy EDE codes on DNSSEC SERVFAILs
Vladimír Čunát [Tue, 21 Feb 2023 14:35:14 +0000 (15:35 +0100)]
view: fix destination-based matching
Apparently it's never worked since its introduction.
.addr is non-nil exactly when .dst_addr is non-nil
(which hapens iff the query originated externally).
Now we have semantics which was probably intended by the original code
(982162956a from 2016) but that semantics is still problematic
if you need both kinds of matching in a single request from client.
This matching by destination has never made it to docs,
so let's just add this simple fixup for now, and later
we'll steer users to new policy configuration anyway.
projects / thirdparty / knot-resolver.git / log
