1. 14 Aug, 2018 1 commit
  2. 03 Aug, 2018 1 commit
    • Vladimír Čunát's avatar
      lua cache bindings: error out if cache isn't open yet · b1a16801
      Vladimír Čunát authored
      The catch is that during configuration file processing,
      no cache is open (yet), as kresd can't know if the config
      does open it in some later part (with non-default path or size).
      Now we just throw an error.  Exceptions:
       - cache.open() and cache.backends(), of course :-)
       - cache.ns_tout() - not required, it's not really inside cache
       - cache.close() - it sounds reasonable to allow "closing a closed cache"
      
      This immediately caught a typo in cache metatable.
      b1a16801
  3. 02 Aug, 2018 1 commit
  4. 31 Jul, 2018 1 commit
  5. 27 Jul, 2018 1 commit
  6. 24 Jul, 2018 1 commit
  7. 03 Jul, 2018 1 commit
  8. 02 Jul, 2018 4 commits
  9. 29 Jun, 2018 1 commit
  10. 26 Jun, 2018 1 commit
  11. 25 Jun, 2018 1 commit
  12. 21 Jun, 2018 1 commit
  13. 15 Jun, 2018 1 commit
  14. 13 Jun, 2018 1 commit
  15. 01 Jun, 2018 1 commit
  16. 16 May, 2018 2 commits
  17. 23 Apr, 2018 2 commits
  18. 12 Apr, 2018 1 commit
    • Marek Vavruša's avatar
      fixed validation of root DS · b3785d71
      Marek Vavruša authored
      The root DS exists outside of DNS hierarchy, so its NSEC proving non-existence
      always contains the SOA, as that's the root of DNS and there's nothing above it.
      b3785d71
  19. 03 Apr, 2018 1 commit
  20. 28 Mar, 2018 1 commit
  21. 19 Mar, 2018 1 commit
    • Vladimír Čunát's avatar
      make: don't magically -D_FORTIFY_SOURCE=2 · b15476ec
      Vladimír Čunát authored
      This is just annoying for development.  You want -O0 or -Og,
      and consequently you get lots of warnings that are difficult to disable.
      
      I believe hardening options are more of a responsibility/choice of the
      caller, typically distributions have some general policies and pass the
      flags (almost) uniformly to all packages.  I can't see any part of kresd
      being so specific to warrant explicit hardening.
      b15476ec
  22. 23 Feb, 2018 1 commit
  23. 22 Feb, 2018 1 commit
  24. 20 Feb, 2018 1 commit
    • Vladimír Čunát's avatar
      avoid iterating from a too short zone cut · f0da0a35
      Vladimír Čunát authored
      Example: after foo.sk query the bar.sk query started iterating from
      asking the root again for NS sk.  This bug was present on insecure zones,
      and before version 2.0.0 only such that have a secure parent.
      (These two parts of the bug correspond to the two changes in this commit.)
      
      Fixes #246
      f0da0a35
  25. 18 Feb, 2018 1 commit
  26. 16 Feb, 2018 1 commit
  27. 15 Feb, 2018 6 commits
  28. 13 Feb, 2018 2 commits
  29. 05 Feb, 2018 1 commit
    • Daniel Kahn Gillmor's avatar
      doc: kresd.systemd belongs in section 7 of the manual · 23c8ffbf
      Daniel Kahn Gillmor authored
      "man man" says that the sections are:
      
             1   Executable programs or shell commands
             2   System calls (functions provided by the kernel)
             3   Library calls (functions within program libraries)
             4   Special files (usually found in /dev)
             5   File formats and conventions eg /etc/passwd
             6   Games
             7   Miscellaneous  (including  macro  packages  and  conventions), e.g.
                 man(7), groff(7)
             8   System administration commands (usually only for root)
             9   Kernel routines [Non standard]
      
      Since there is no command named kresd.system it does not belong in
      section 8.
      
      Section 7 includes conventions and useful patterns like gitcli(7),
      which seems more similar to the documentation that is supplied in
      kresd.systemd.
      23c8ffbf