upstream/knot-dns
1
0
Fork 0
mirror of https://gitlab.nic.cz/knot/knot-dns.git synced 2026-05-28 04:02:31 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
20257 commits 146 branches 210 tags 63 MiB
Commit graph

540 commits

Author SHA1 Message Date
David Vašek
67c6b42144 tests-extra: add default keystore as a variant of a PEM keystore 2026-05-20 09:10:38 +02:00
David Vašek
e0f3550139 tests-extra: in keystores, allow to list the keys the keystore holds 2026-05-20 09:10:38 +02:00
David Vašek
f13f33300b tests, tests-extra: update SoftHSM2 configuration so that it doesn't complain 
This commit doesn't change SoftHSM2 functionality, configured values are default values.
 2026-05-20 09:10:38 +02:00
David Vašek
e59f13ee43 tests-extra: fix keymgr running 2026-05-20 09:10:38 +02:00
David Vašek
34a47c26c5 tests-extra: allow a keystore to be shared by different zones 2026-05-20 09:10:38 +02:00
Daniel Salzman
aca94c6085 tests-extra: add keystore.has_key() methods 2026-05-20 09:10:38 +02:00
Bron Gondwana
2946fe16f2 mod-alias: synthesise ALIAS records from locally-served targets 
Add the `mod-alias` query module which synthesises answers for ALIAS
records (type 65401) at query time by looking up the ALIAS target in
the server's zone database and copying the target's records into the
response with the original query name as the owner.

The module hooks at KNOTD_STAGE_PREANSWER and is attached at zone
scope (typically via a template).  Behaviour:

  * Fires for A/AAAA queries, any others passed through to the
    standard resolver.
  * ALIAS is additive: direct rrsets on the alias node are merged
    with the synthesised target rrsets.
  * Multiple ALIAS rdata on a node are followed and their results
    merged.
  * TTL = min(alias_ttl, all contributing source TTLs).
  * Targets not served by a zone in this server are ignored;
    external resolution is out of scope.
  * Synthesised records are not signed; pair with mod-onlinesign
    if signed answers are required.

The integration test runs in two random modes per invocation
(plain and DNSSEC-via-mod-onlinesign) so both code paths are
exercised over time.

Co-authored-by: Daniel Salzman <daniel.salzman@nic.cz>
 2026-05-10 23:36:27 -04:00
Libor Peltan
9b7b149b75 nameserver+signer: implemented DELEG-un/aware answering 2026-05-06 12:14:06 +02:00
Daniel Salzman
29445907d5 tests-extra: make QUIC detection more universal 2026-04-30 09:57:00 +02:00
Daniel Salzman
c9fc403bdb tests-extra: add check for Redis without ASAN 2026-04-27 08:38:05 +02:00
Libor Peltan
89121cb36f tests: support for calling kdig and its validation 2026-04-16 12:20:09 +02:00
Daniel Salzman
bbca9e402c tests-extra: fix NOTIFY over TLS from Bind 2026-04-04 18:52:43 +02:00
Jan Hák
69784550cf knotd: add module for EDNS error reporting, RFC 9567 2026-03-31 17:32:16 +02:00
Libor Peltan
e14a364cbc tests: offlineKSK interoperability with Bind9 2026-03-18 18:04:02 +01:00
Libor Peltan
ee8938bd7c tests-extra: facility for calling server.key_gen/set() also for Bind 2026-03-18 18:04:02 +01:00
Jan Hák
64f888c401 scripts: add script to resolve ALIASes in Redis backed zone 2026-03-06 14:30:04 +01:00
Daniel Salzman
96d47cda17 tests-extra: avoid 'journal-content: None' in catalog templates 2026-02-24 12:53:04 +01:00
Daniel Salzman
7eb0ebe70a zonedb-load: fix updates of generated catalogs upon reload, overall improvements 2026-02-24 12:53:04 +01:00
Jan Hák
7bd76242b2 tests-extra: change the symbol that displays the number of repetitions from # to : 
SoftHSM interprets # as the beginning of a comment in the configuration file.
 2026-01-06 14:19:49 +01:00
Libor Peltan
657eda9464 zone/events: dont send NOTIFY before server starts answering 2026-01-05 10:48:35 +01:00
Daniel Salzman
5fce005d97 tests-extra: stabilize test zone/external_vldt 2026-01-04 17:01:40 +01:00
Daniel Salzman
c96598db2d tests-extra: increase valgrind attempts to stabilize ixfr/many_zones 2025-12-25 21:26:15 +01:00
Jan Hák
f752c64094 tests-extra: add SoftHSM backend support 2025-12-12 15:32:49 +00:00
Libor Peltan
6cbb99183f tests: less start attempts in order to speedup when unable to start 2025-12-09 10:55:54 +01:00
Libor Peltan
8a97086ebb tests: shorter timeout for zone(s)_wait 2025-12-09 10:55:54 +01:00
Libor Peltan
132553577c tests/redis: improvements in test infra 2025-11-26 16:06:08 +01:00
Jan Hák
a3f44a47e9 tests-extra: add support for multiple redis backends 2025-11-26 16:06:08 +01:00
Daniel Salzman
a71b1925ba tests-extra: set number of threads to 1 for dnssec-signzone 2025-11-25 20:26:00 +01:00
Libor Peltan
3f9b634dab timers: implemented configurable periodic dump 2025-11-24 10:53:08 +01:00
Libor Peltan
251fcf5317 tests: refactor server configuration routines 2025-10-29 09:22:50 +01:00
Daniel Salzman
7bb86cbe19 zonedb-load: fix zone loading which were included by conf-set include 2025-10-09 10:39:30 +02:00
Libor Peltan
9e30320c7e knotd: implement update-delay 2025-09-16 14:59:43 +02:00
Libor Peltan
7e184a4bd5 tests-extra: initial support for testing Knot with Redis backend 2025-09-12 16:50:41 +02:00
Daniel Salzman
78f65198bd tests-extra: fix response.check() to check both rdata and nordata 2025-09-12 09:37:57 +02:00
Libor Peltan
6408e6493e zone: implemented including records from subzone(s) 2025-09-12 09:37:57 +02:00
Daniel Salzman
a8d0b47d9f tests-extra: adjust random tsig parameters to be less annoying 2025-08-11 15:51:52 +02:00
Libor Peltan
3900b8cbd7 external-validation: implemented configurable timeout 2025-08-01 17:31:18 +02:00
Libor Peltan
97f8c41a24 external validation: implemented zone/diff dump 2025-08-01 17:31:18 +02:00
Libor Peltan
8ccc39d8dc external validation: implemented basic functionality 2025-07-31 16:42:14 +02:00
Daniel Salzman
8c59b46adb conf: rework notify-delay to be more practical and consistent with Bind 2025-07-14 07:53:48 +02:00
Libor Peltan
34cb1aef7c dnssec/multi-keystore: implemented ksk-only keystore... 
...so that KSKs and ZSKs can be in distinct keystores
 2025-07-01 10:51:18 +02:00
Libor Peltan
415f5bf88e dnssec: implemented multi-keystore option... 
...useful e.g. for hsm-to-pem migration
 2025-07-01 08:42:04 +02:00
Jan Doskočil
261c378b74 conf: implemented certificate hostname validation 2025-06-23 17:55:14 +02:00
Daniel Salzman
9c0e8c43f6 Merge branch 'tests_fix_startup' into 'master' 
fix tests-extra server startup routines

See merge request knot/knot-dns!1774
 2025-05-22 13:15:55 +02:00
Jan Doskočil
b753ba3ca5 conf: implement notify-delay option 2025-05-22 08:16:44 +02:00
David Vašek
cec7fd4527 tests-extra: allow lower number of server start retries for recoverable start failures 2025-05-21 14:20:58 +02:00
David Vašek
06f46233aa tests-extra: when ports are busy, really allow a retry with a different configuration 2025-05-21 14:20:58 +02:00
David Vašek
140200c489 tests-extra: if a servers doesn't start during test startup, restart the startup process 
In the past, knotd server continued running even after binding of some ports failed.
This is no longer true for some time. The tests didn't reflect it.
 2025-05-21 14:20:58 +02:00
David Vašek
de158da5bc tests-extra: fix the repeated server startup 
A workaround of already fixed flaw doesn't apply anymore.
 2025-05-21 14:20:58 +02:00
Libor Peltan
e43440cefc nameserver/XFRout: multi-msg locked by rwlock instead RCU... 
...prevents locking updates to unrelated zones as well
 2025-04-28 08:47:57 +02:00