knot-dns

mirror of https://gitlab.nic.cz/knot/knot-dns.git synced 2026-05-28 04:02:31 -04:00

Author	SHA1	Message	Date
Libor Peltan	1b115b3f46	Merge branch 'knotc_output_impr' into 'master' Unify and improve knotc control command outputs See merge request knot/knot-dns!1871	2026-05-27 15:19:35 +02:00
Daniel Salzman	3d26990f69	knotc: refactor, unify, and improve command output processing	2026-05-23 08:57:18 +02:00
Daniel Salzman	62d968c6a5	knotc: allow -- with zone-serial-set and zone-key-rollover	2026-05-23 07:50:36 +02:00
Daniel Salzman	4e46491023	kasp: fix compilation error: initializer element is not constant	2026-05-23 07:40:15 +02:00
Daniel Salzman	1cf8d01468	kdig: fix collision if both +https and +quic are specified	2026-05-21 07:37:20 +02:00
Daniel Salzman	28f46192cf	Merge branch 'purge_keys' into 'master' Keys purge See merge request knot/knot-dns!1832	2026-05-20 10:33:13 +02:00
David Vašek	1ef5facddf	kaspdb: make deletion timestamp a part of a trash-key record	2026-05-20 09:10:38 +02:00
Daniel Salzman	cf8ced36ac	kasp: remove obsolete FIXME	2026-05-20 09:10:38 +02:00
David Vašek	eedf5167f2	tests-extra: dnssec/purge_keys -- remove all concurrent accesses to SoftHSM2 Contrary the SoftHSM2 specification, it seems that SoftHSM2 doesn't work well when it's token is accessed two or more times in parallel.	2026-05-20 09:10:38 +02:00
David Vašek	8cb4369bf1	tests-extra: add a new test dnssec/purge_keys	2026-05-20 09:10:38 +02:00
David Vašek	67c6b42144	tests-extra: add default keystore as a variant of a PEM keystore	2026-05-20 09:10:38 +02:00
David Vašek	e0f3550139	tests-extra: in keystores, allow to list the keys the keystore holds	2026-05-20 09:10:38 +02:00
David Vašek	f13f33300b	tests, tests-extra: update SoftHSM2 configuration so that it doesn't complain This commit doesn't change SoftHSM2 functionality, configured values are default values.	2026-05-20 09:10:38 +02:00
David Vašek	e59f13ee43	tests-extra: fix keymgr running	2026-05-20 09:10:38 +02:00
David Vašek	34a47c26c5	tests-extra: allow a keystore to be shared by different zones	2026-05-20 09:10:38 +02:00
Daniel Salzman	aca94c6085	tests-extra: add keystore.has_key() methods	2026-05-20 09:10:38 +02:00
David Vašek	99964f8de8	libknot/dnssec: p11_load_module() returns KNOT_E* error codes	2026-05-20 09:10:38 +02:00
David Vašek	80b476eedb	kaspdb: properly remove and insert DNSSEC keys in zone-restore	2026-05-20 09:10:38 +02:00
David Vašek	f8f852532a	zone-keys: avoid storing never used shared-keys-to-be in the "trash bin"	2026-05-20 09:10:38 +02:00
David Vašek	3091d0db9b	kaspdb: when adding a key, always remove all trash records of the key	2026-05-20 09:10:38 +02:00
David Vašek	1cbeeceef9	kaspdb: when making a trash key, report a malformed KASP DB key PARAMS record	2026-05-20 09:10:38 +02:00
David Vašek	f06b45424b	kaspdb: purging aside, use key "trash bin" for other key removals too	2026-05-20 09:10:38 +02:00
David Vašek	92b2653ae9	doc/reference: a basic description of 'policy.trash-delay'	2026-05-20 09:10:38 +02:00
David Vašek	c511a35e43	kaspdb: add a configurable trash-key lifetime option	2026-05-20 09:10:38 +02:00
David Vašek	c8200bf62a	dnssec: implement a "trash bin" for unused DNSSEC keys	2026-05-20 09:10:38 +02:00
David Vašek	250454ef07	kaspdb: make flags serialization/deserialization independent functions	2026-05-20 09:10:38 +02:00
David Vašek	5e0e52ba14	kaspdb: add a "trash bin" class for unused DNSSEC keys	2026-05-20 09:10:38 +02:00
David Vašek	f0cc1706e2	purge: start using keys purge	2026-05-20 09:10:38 +02:00
David Vašek	8e391b0f1c	kaspdb: implement keys purge and orphaned keys sweep	2026-05-20 09:10:38 +02:00
David Vašek	bcf6b92845	lmdb: add one swappable database cursor to Knot LMDB transaction	2026-05-20 09:10:38 +02:00
David Vašek	e5b5acd19e	libknot/dnssec/keystore: properly detect GnuTLS analogue of KNOT_ENOENT WARNING: It's still to be verified if the original (r == 0) really equals to KNOT_ENOENT.	2026-05-20 09:10:38 +02:00
David Vašek	68d6595a3f	dnssec: initialize all keystores for orphan keys purging	2026-05-20 09:10:38 +02:00
David Vašek	75d5d48bdf	dnssec: when initializing keystore, make memory allocation optional	2026-05-20 09:10:38 +02:00
David Vašek	3637eb6838	kaspdb: separate key-related classes from zone-related classes Retain backup/restore behavior. kasp_db_delete_all() doesn't delete KASPDBKEY_PARAMS records from the KASP db anymore.	2026-05-20 09:10:38 +02:00
David Vašek	6d6451fbf6	kaspdb: modify keyid_inuse() to count uses rather than just check	2026-05-20 09:10:38 +02:00
David Vašek	38f93e69df	zone-keys: make key remove from keystores a separate function Add thorough keystores cleanup as an option.	2026-05-20 09:10:38 +02:00
David Vašek	b75d47210e	ctl: define a keys purge filter	2026-05-20 09:10:38 +02:00
David Vašek	ed5b17a368	zone: define a keys purge macro	2026-05-20 09:10:38 +02:00
David Vašek	13b734fd39	doc/reference: fix a typo	2026-05-20 09:10:38 +02:00
David Vašek	48a12528d9	doc/appendices: for Luna HSM's, include their manufacturer name	2026-05-20 09:10:38 +02:00
David Vašek	5570e92935	doc/appendices: fix a letter case in EdDSA	2026-05-20 09:10:38 +02:00
David Vašek	c8766b360d	dnssec/zone-sign: fix a typo	2026-05-20 09:10:38 +02:00
David Vašek	afcade7adf	libknot/dnssec: coding style fix	2026-05-20 09:10:38 +02:00
David Vašek	2ac4ed09c8	conf/schema: coding style fix	2026-05-20 09:10:38 +02:00
David Vašek	1412b0b3bb	conf/schema: coding style fix (ordering, white space)	2026-05-20 09:10:38 +02:00
David Vašek	5eb79698d2	zone/purge: improve logging	2026-05-20 09:10:38 +02:00
David Vašek	2d685ba17c	ctl/orphans_purge: avoid creating an empty catalog db when purging orphans	2026-05-20 09:10:38 +02:00
David Vašek	a9d423c8e7	ctl/orphans_purge: remove an error report when there isn't a journal	2026-05-20 09:10:38 +02:00
David Vašek	378b2f742d	fix some comment typos	2026-05-20 09:10:38 +02:00
Daniel Salzman	48b69e88fa	tests-redis: 'make test' depends on 'make env'	2026-05-18 14:00:02 +02:00

1 2 3 4 5 ...

20257 commits