upstream/knot-dns
1
0
Fork 0
mirror of https://gitlab.nic.cz/knot/knot-dns.git synced 2026-05-28 04:02:31 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
20257 commits 146 branches 210 tags 63 MiB
Commit graph

1456 commits

Author SHA1 Message Date
David Vašek
eedf5167f2 tests-extra: dnssec/purge_keys -- remove all concurrent accesses to SoftHSM2 
Contrary the SoftHSM2 specification, it seems that SoftHSM2 doesn't work well
when it's token is accessed two or more times in parallel.
 2026-05-20 09:10:38 +02:00
David Vašek
8cb4369bf1 tests-extra: add a new test dnssec/purge_keys 2026-05-20 09:10:38 +02:00
David Vašek
67c6b42144 tests-extra: add default keystore as a variant of a PEM keystore 2026-05-20 09:10:38 +02:00
David Vašek
e0f3550139 tests-extra: in keystores, allow to list the keys the keystore holds 2026-05-20 09:10:38 +02:00
David Vašek
f13f33300b tests, tests-extra: update SoftHSM2 configuration so that it doesn't complain 
This commit doesn't change SoftHSM2 functionality, configured values are default values.
 2026-05-20 09:10:38 +02:00
David Vašek
e59f13ee43 tests-extra: fix keymgr running 2026-05-20 09:10:38 +02:00
David Vašek
34a47c26c5 tests-extra: allow a keystore to be shared by different zones 2026-05-20 09:10:38 +02:00
Daniel Salzman
aca94c6085 tests-extra: add keystore.has_key() methods 2026-05-20 09:10:38 +02:00
David Vašek
c511a35e43 kaspdb: add a configurable trash-key lifetime option 2026-05-20 09:10:38 +02:00
David Vašek
f0cc1706e2 purge: start using keys purge 2026-05-20 09:10:38 +02:00
Jan Hák
138b959cca tests-extra: line clearing only on atty 2026-05-13 13:08:48 +02:00
Bron Gondwana
2946fe16f2 mod-alias: synthesise ALIAS records from locally-served targets 
Add the `mod-alias` query module which synthesises answers for ALIAS
records (type 65401) at query time by looking up the ALIAS target in
the server's zone database and copying the target's records into the
response with the original query name as the owner.

The module hooks at KNOTD_STAGE_PREANSWER and is attached at zone
scope (typically via a template).  Behaviour:

  * Fires for A/AAAA queries, any others passed through to the
    standard resolver.
  * ALIAS is additive: direct rrsets on the alias node are merged
    with the synthesised target rrsets.
  * Multiple ALIAS rdata on a node are followed and their results
    merged.
  * TTL = min(alias_ttl, all contributing source TTLs).
  * Targets not served by a zone in this server are ignored;
    external resolution is out of scope.
  * Synthesised records are not signed; pair with mod-onlinesign
    if signed answers are required.

The integration test runs in two random modes per invocation
(plain and DNSSEC-via-mod-onlinesign) so both code paths are
exercised over time.

Co-authored-by: Daniel Salzman <daniel.salzman@nic.cz>
 2026-05-10 23:36:27 -04:00
Libor Peltan
5de6f107c1 DELEG: conf knob to enforce/override DELEG-awareness... 
...manually, e.g. even for unsigned zones
 2026-05-06 12:14:06 +02:00
Libor Peltan
eb97f3aa31 dnssec/DELEG: conf knob in policy triggers ADT 2026-05-06 12:14:06 +02:00
Libor Peltan
756dcce25e DNSKEY: implemented ADT bit signalling DELEG-awareness 2026-05-06 12:14:06 +02:00
Libor Peltan
9b7b149b75 nameserver+signer: implemented DELEG-un/aware answering 2026-05-06 12:14:06 +02:00
Libor Peltan
f4fd884ae5 libknot: support for DELEG+DELEGPARAM rrtypes, SIDE-EFFECT: 
invalid commas and quotes in any domain names in zone files are
no longer reported as "invalid domain name character" but as
"owner is invalid" or "invalid record data" etc
 2026-05-06 12:14:06 +02:00
Daniel Salzman
29445907d5 tests-extra: make QUIC detection more universal 2026-04-30 09:57:00 +02:00
Jan Hák
fc82e70515 tests-extra: add progress information 2026-04-29 14:45:53 +02:00
Daniel Salzman
c9fc403bdb tests-extra: add check for Redis without ASAN 2026-04-27 08:38:05 +02:00
Libor Peltan
89121cb36f tests: support for calling kdig and its validation 2026-04-16 12:20:09 +02:00
Daniel Salzman
bbca9e402c tests-extra: fix NOTIFY over TLS from Bind 2026-04-04 18:52:43 +02:00
Libor Peltan
97c5328ff1 tests: workaround for Bind9 bug #5824 2026-04-01 14:18:33 +02:00
Jan Hák
69784550cf knotd: add module for EDNS error reporting, RFC 9567 2026-03-31 17:32:16 +02:00
Libor Peltan
23372fb4a6 zonefile+ctl+redis: prevent malformed RRs in generic format 2026-03-31 12:33:14 +02:00
Daniel Salzman
df4815fb6c libknot/descriptor: add minimum rdata sizes where appropriate 2026-03-30 16:46:02 +02:00
Libor Peltan
856c881340 tests: extended RR lower-casing test 2026-03-30 16:44:37 +02:00
Libor Peltan
0a4767af3a zonefile-load + ctl/zone-set: canonicalize only generic... 
...as non-generic textual format is canonicalized already in
zscanner
 2026-03-30 16:06:55 +02:00
Libor Peltan
ee336e373b zone/load/difference-no-serial: enforce serial policy already upon initial zonefile load 2026-03-27 14:58:25 +01:00
Libor Peltan
e9d57c12f4 tests: Bind9 in OfflineKSK: detection if available and new enough 2026-03-18 18:04:02 +01:00
Libor Peltan
e14a364cbc tests: offlineKSK interoperability with Bind9 2026-03-18 18:04:02 +01:00
Libor Peltan
ee8938bd7c tests-extra: facility for calling server.key_gen/set() also for Bind 2026-03-18 18:04:02 +01:00
Jan Hák
64f888c401 scripts: add script to resolve ALIASes in Redis backed zone 2026-03-06 14:30:04 +01:00
Daniel Salzman
7bf148c8bb tests-extra: add zone reload checks to catalog/generate_reconf 2026-02-24 12:53:04 +01:00
Daniel Salzman
96d47cda17 tests-extra: avoid 'journal-content: None' in catalog templates 2026-02-24 12:53:04 +01:00
Daniel Salzman
7eb0ebe70a zonedb-load: fix updates of generated catalogs upon reload, overall improvements 2026-02-24 12:53:04 +01:00
Libor Peltan
a12808a46d redis/commit: store incrementally only when continuous SOA serials (like for journal) 2026-02-05 14:28:38 +01:00
Daniel Salzman
146d90c03b ctl: avoid unrecoverable situation after semcheck error from conf-commit 2026-02-03 17:26:41 +01:00
Jan Hák
8458300a50 tests-extra: force forking in multiprocessing library to avoid serialization problems with multiprocessing.Process 2026-01-30 10:40:18 +01:00
Daniel Salzman
c8cb333d16 tests-extra: change the separator that displays the number of repetitions from : to __ 2026-01-15 10:35:48 +01:00
Daniel Salzman
e378de7c77 server: force zone reload from database if RDB_EVENT_ZONE 2026-01-13 17:25:05 +01:00
Jan Hák
7bd76242b2 tests-extra: change the symbol that displays the number of repetitions from # to : 
SoftHSM interprets # as the beginning of a comment in the configuration file.
 2026-01-06 14:19:49 +01:00
Libor Peltan
657eda9464 zone/events: dont send NOTIFY before server starts answering 2026-01-05 10:48:35 +01:00
Daniel Salzman
5fce005d97 tests-extra: stabilize test zone/external_vldt 2026-01-04 17:01:40 +01:00
Libor Peltan
02b4e4e765 tests: fix and improvement of ZSK roll test 2025-12-29 15:08:48 +01:00
Libor Peltan
a59276c107 Merge branch 'server_reconfig' into 'master' 
Zone db listen reconfiguration

See merge request knot/knot-dns!1838
 2025-12-27 17:42:57 +01:00
Libor Peltan
40666cf57a tests/redis/reconfig: randomly change addr and/or instance 2025-12-27 09:48:19 +01:00
Daniel Salzman
d168af0b8b tests-extra: disable XDP in dnssec/ds_push 2025-12-26 18:02:42 +01:00
Daniel Salzman
c96598db2d tests-extra: increase valgrind attempts to stabilize ixfr/many_zones 2025-12-25 21:26:15 +01:00
Daniel Salzman
b0bd75ef81 tests-extra: stabilize redis/basic 2025-12-25 20:02:18 +01:00