summaryrefslogtreecommitdiffstats
path: root/daemon/bindings (follow)
Commit message (Collapse)AuthorAgeFilesLines
* lib/rules forwarding: per-IP .tlsVladimír Čunát2023-06-121-1/+1
| | | | We planned it that way for the new config schema - and, why not.
* Copyright notices: remove years and replace e-mailOto Šťáva2022-12-148-8/+8
|
* NEWS + doc about TTL: forgotten minor tweaksVladimír Čunát2022-12-131-4/+4
|
* NEWS + doc about TTL: apply changes from previous commitsVladimír Čunát2022-12-131-9/+7
| | | | (and minor other changes)
* cache.max_ttl(): lower the default from six days to one dayVladimír Čunát2022-12-131-1/+1
| | | | | Allowing too much seems to have more risk than benefit. For example, the 2-day TTL on DS records in .com zone (e.g. Slack issue months ago).
* doc nit: tweak the link to dnsflagday.netVladimír Čunát2022-11-071-1/+1
| | | | | As the web is now, combination without www doesn't redirect https (only http). So let's switch to the final URL; apex is problematic.
* doc XDP: update the list of required capabilitiesVladimír Čunát2022-10-271-2/+4
| | | | | | We're the same as knotd in this; it evolved a bit with libknot and kernel versions. Taken from: https://www.knot-dns.cz/docs/3.2/singlehtml/#mode-xdp-pre-requisites
* drop unused #include linesVladimír Čunát2022-06-031-2/+0
| | | | | | https://clangd.llvm.org/design/include-cleaner Though somehow I'm all the time getting false positives for "daemon/bindings/impl.h"
* daemon/http: copy headers to streams instead of ownership transferOto Šťáva2022-05-201-2/+2
|
* daemon/http: documentationOto Šťáva2022-05-201-0/+22
|
* daemon/tls: use GNUTLS_NO_TICKETS_TLS12Oto Šťáva2022-05-201-5/+8
|
* daemon/network: Use trie_t instead of map_t for network endpointsOto Šťáva2022-05-111-4/+13
|
* lib/utils: sockaddr key generationOto Šťáva2022-05-021-13/+1
|
* cache nit: reduce cache.max_ttl limit a bitVladimír Čunát2022-02-281-4/+4
| | | | The new limit is over 68 years, so still completely meaningless.
* Fix defects detected by Coverity ScanOto Šťáva2022-02-281-1/+1
| | | | | | | | | Targeted CIDs: 155456, 155962, 346121, 346123, 346124, 346125, 346126, 346127, 346130, 346131, 346132, 346134, 346135, 346138, 346140, 346145, 346146, 346149, 346152, 346154, 346156, 346157 lib/dnssec/nsec3.c change: apparently cleaning fallout from my (= vcunat's) commit b5cf61325ae
* daemon, lib: document API changes made due to PROXYv2Oto Šťáva2022-02-221-0/+2
|
* daemon/bindings doc: PROXYv2 clarificationsOto Šťáva2022-02-221-1/+13
|
* daemon: allow setting zero netmasks for net.proxy_allowed()Oto Šťáva2022-02-221-14/+31
|
* daemon/bindings: add net.proxy_allowed() + docsOto Šťáva2022-02-222-0/+139
|
* daemon/bindings/net: add interface name to link-local IPv6 addressesOto Šťáva2022-01-311-1/+24
|
* daemon/zimport: rewrite, support ZONEMDVladimír Čunát2021-12-221-76/+0
| | | | | | | | | | | | The approach of the code was rather hacky, simulating some packets arriving from upstream and making the module stack CONSUME that. Instead we take a direct approach now: use the simplified validator API and then insert into cache directly. One effect is improved performance, and consequently roughly halving the lag which happens when prefill module invokes this. (With root zone the lag goes down to 0.1 s from over 0.2 s, on my relatively fast CPU. Fortunately it's just once a day.)
* lib/utils: rename union inaddr to union kr_sockaddrOto Šťáva2021-12-201-3/+3
|
* spellingJosh Soref2021-11-196-9/+9
| | | | Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* log: use kr_log_debug instead kr_log_verboseLukáš Ježek2021-07-291-4/+2
|
* log: shortening LOG_GRP_<SOMETHING> to <SOMETHING>Lukáš Ježek2021-07-293-7/+7
|
* log: remove hard-coded prefix from log messagesLukáš Ježek2021-07-293-7/+7
|
* log: split to groupsLukáš Ježek2021-07-293-7/+7
|
* rename kind="doh" to kind="doh_legacy"Tomas Krizek2021-05-312-3/+2
| | | | | | The purpose of this change is to make it harder to accidentally use the legacy DoH implementation and free up the "doh" kind which may be used as an alias to a modern implementation in the future.
* treewide: rename assumptions to kr_assert() / kr_fails_assert()Tomas Krizek2021-05-252-12/+12
| | | | | | | | | | | | | To (hopefully) improve readability, rename the typical macro usage of: if (!kr_assume(x)) y; // to if (kr_fails_assert(x)) y; As a convenience, replace the assert without a return value to a more simple version: (void)!kr_assume(x); // becomes kr_assert(x);
* daemon/bindings/net.c: replace assertsTomas Krizek2021-05-251-20/+11
|
* daemon/bindings/impl.h: replace assertsTomas Krizek2021-05-251-1/+1
|
* daemon/bindings/cache.c: replace assertsTomas Krizek2021-05-251-7/+4
|
* doc: add DoH configuration net.doh_headersLukáš Ježek2021-05-241-2/+25
|
* nitpick: fix lint:tidy warningsTomas Krizek2021-05-241-1/+1
|
* bindings/net: rename to doh_headers()Tomas Krizek2021-05-241-7/+7
|
* daemon/worker: add doh_headers_in listTomas Krizek2021-05-241-0/+50
|
* doc/net.tls(): update command example outputTomas Krizek2021-05-241-1/+2
| | | | | | Technically, we return an actual lua table instead of this pretty-printed representation, but I chose it to be consistent with the rest of the docs.
* lib/selection: add simple detection of IPv6 being brokenVladimír Čunát2021-02-251-1/+1
| | | | Details are described in code comments.
* fix trivial lint:tidy warningsVladimír Čunát2021-01-121-1/+1
| | | | | These do not make the CI job fail, but better avoid them anyway. I suspect they got added when we updated the CI docker image.
* selection: server selection rewriteŠtěpán Balážik2020-12-311-2/+0
| | | | | Design discussion: #447 Code discussion: !1030
* typo: fix occured -> occurredJakub Ružička2020-12-041-1/+1
| | | | | | In English, the final letter is doubled when a word of two or more syllables has stress on the final syllable so a correct form is "occurred".
* doc: mention DoT/DoH blogpostTomas Krizek2020-11-251-1/+5
|
* doc: add certificate reload tip to net.tls()Tomas Krizek2020-11-251-1/+9
|
* fix map() command on 32-bit platforms; regressed in 5.2.0Vladimír Čunát2020-11-161-0/+27
| | | | | | | | | LuaJIT FFI was using opendir() (etc.) variants with 32-bit inodes but the C parts was using them as 64-bit inode variants. Consequently the `struct dirent` layout didn't match and we were getting filenames shifted by eight bytes. Now the whole dir-listing lua function is written in C.
* doc: add warning that XDP is experimentalTomas Krizek2020-11-111-7/+11
|
* doc: mention possible issues with XDP emulationTomas Krizek2020-11-111-2/+3
|
* lua net.listen(): default freebind = falseVladimír Čunát2020-11-101-1/+1
| | | | It's unclear why it defaulted to true in TLS cases.
* XDP: add documentationVladimír Čunát2020-11-102-0/+138
|
* XDP: add lua interfacesVladimír Čunát2020-11-102-20/+78
|
* daemon/bindings net_listen_addrs(): pack parametersVladimír Čunát2020-11-101-26/+26
| | | | They're starting to be too many. Also improve comments.
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-19 05:53:53 +0100