1. 20 Nov, 2018 1 commit
    • Daniel Kahn Gillmor's avatar
      doc: draw date in kresd.8 from NEWS · 22fbe477
      Daniel Kahn Gillmor authored
      Ideally, we'll just use the datestamp in the first line of NEWS directly.
      
      if we can't find that, then fall back to the timestamp of the file
      (which might be different on different machines because of how git
      applies updates).  In any event, choose the datestamp using UTC, to
      avoid building a different kresd.8 depending on the TZ of the machine.
      22fbe477
  2. 12 Oct, 2018 1 commit
  3. 13 Jun, 2018 1 commit
  4. 11 May, 2018 1 commit
  5. 18 Apr, 2018 1 commit
  6. 23 Jan, 2018 1 commit
    • Vitezslav Kriz's avatar
      keyfile argument distiguish managed and unmanaged mode · 6c2db2b5
      Vitezslav Kriz authored
      Arguments --keyfile, -k for managed mode
      and
      --keyfile-ro, -K for unmanaged (readonly) mode.
      
      Automatic setting based on the file permission is removed because it was
      confusing and could easily lead to state where automatic update does not
      happen because of unexpected file permissions.
      
      Check if folder is writeable was moved into Lua code.
      
      Default unmanaged keyfile path can be specified at compile
      time with option KEYFILE_DEFAULT. This default
      configuration can be disabled in configuration file with
      trust_anchors.keyfile_default = nil.
      6c2db2b5
  7. 12 Jan, 2018 1 commit
  8. 09 Jan, 2018 1 commit
  9. 08 Jan, 2018 1 commit
  10. 01 Dec, 2017 1 commit
  11. 24 Nov, 2017 1 commit
  12. 29 Sep, 2017 2 commits
  13. 11 Sep, 2017 1 commit
    • Vladimír Čunát's avatar
      roothints: various changes · 8fa8f214
      Vladimír Čunát authored
      - expose the function as hints.root_file
      - use the same filename as Debian
      - remove the unneeded script
      - docs and some nitpicks
      8fa8f214
  14. 07 Sep, 2017 1 commit
  15. 26 May, 2017 1 commit
  16. 02 May, 2017 1 commit
  17. 04 Apr, 2017 1 commit
  18. 15 Mar, 2017 1 commit
  19. 28 Feb, 2017 2 commits
  20. 27 Feb, 2017 1 commit
  21. 16 Feb, 2017 1 commit
  22. 10 Feb, 2017 1 commit
  23. 09 Feb, 2017 1 commit
  24. 03 Feb, 2017 3 commits
  25. 27 Jan, 2017 1 commit
  26. 25 Jan, 2017 1 commit
  27. 06 Jan, 2017 1 commit
    • Daniel Kahn Gillmor's avatar
      Use ephemeral X.509 credentials if none are configured · a405b874
      Daniel Kahn Gillmor authored
      If kresd is configured to listen using TLS, but it has no credentials,
      it should fall back to generating ephemeral credentials and using
      them.
      
      It stores the ephemerally-generated secret key in the same directory
      as the cache, using the name "ephemeral_key.pem".  If the cache
      persists, then the key will too, even if the daemon dies.  This means
      that any set of daemons that share a cache will also share an
      ephemeral secret key.
      
      The ephemeral X.509 certificate that corresponds to the key will be
      automatically generated (self-signed), will have a lifetime of about
      90 days (matching Let's Encrypt policy).  The ephemeral cert is
      never written to disk; it is always dynamically-generated by kresd.
      
      This should make it very easy to get DNS-over-TLS working in
      opportunistic mode.
      a405b874
  28. 19 Dec, 2016 1 commit
    • Vladimír Čunát's avatar
      allow generating most cdefs for lua · 06b0d3d4
      Vladimír Čunát authored
      Motivation: maintaining these by hand in kres.lua is tricky, as just
      inserting or reordering the structures can do anything and isn't
      detected in general.  For example, `rr_array_t::at` has always
      "missed a star".
      
      A couple libknot structure fields have apparently changed name since
      the old definitions were written; in most cases I renamed them in *.lua.
      
      The file daemon/lua/kres-gen.lua will be regenerated only if explicitly
      deleted.  That requires building with debug symbols and gdb on $PATH.
      06b0d3d4
  29. 30 Nov, 2016 1 commit
    • Vladimír Čunát's avatar
      Revert "lua: embed bytecode instead of stripped source" · 4237b587
      Vladimír Čunát authored
      This reverts commit 64f80706.
      TL;DR: it brought almost no benefits AFAIK and potential for problems.
      
      The "portable bytecode" produced by luajit isn't compatible when
      (lib)luajit version changes or when some build-time configuration of it
      changes.  If you mix these up, kresd fails to start.
      4237b587
  30. 14 Nov, 2016 1 commit
    • Vladimír Čunát's avatar
      lua: embed bytecode instead of stripped source · 64f80706
      Vladimír Čunát authored
      It seems a bit cleaner, though impact on size and load speed should not
      be noticeable.  We simply install most of the lua code, as before, and I
      assume that we *do* want to keep that visibility, at least by default.
      Suggested on !57.
      64f80706
  31. 21 Oct, 2016 1 commit
  32. 20 Oct, 2016 2 commits
  33. 08 Sep, 2016 1 commit
  34. 05 Aug, 2016 2 commits