summaryrefslogtreecommitdiffstats
path: root/daemon/bindings (follow)
Commit message (Collapse)AuthorAgeFilesLines
* doc+NEWS for the buffering changesVladimír Čunát2024-07-221-0/+25
|
* treewide nit: avoid NULL arithmeticsVladimír Čunát2024-07-111-2/+2
| | | | | | | | | (u)intptr_t casts seem the best in terms of compliance: https://stackoverflow.com/q/45220134/587396 Otherwise with clang 18 we can get warnings like ../$path:$line:$col: runtime error: applying non-zero offset $num to null pointer SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../$path:$line:$col
* daemon, lib, modules: trivial fixes for Coverity issuesOto Šťáva2024-05-151-6/+10
|
* Merge 'origin/master' into 6.0 - last merge before renameOto Šťáva2024-05-141-4/+8
|\ | | | | | | | | This is the last commit in `6.0` before it is shifted into `master`, with 5.x support being moved to `master-5`.
| * Silence Clang-TidyOto Šťáva2024-05-131-4/+8
| | | | | | | | | | | | | | | | | | | | This commit makes lots of changes to the C code to appease the Clang-Tidy linter. Some of the less obvious ones are due to C's weird semantics regarding handling of numeric literals. We also disable a bunch of the detections because they are super-pedantic, arguably useless, or we have our own unwritten coding style rules that solve the issues.
* | doc: various fixesOto Šťáva2024-03-152-4/+4
| | | | | | | | Fix cross-references, heading levels, etc.
* | docs: fix padding descriptionsVladimír Čunát2023-08-171-2/+2
| | | | | | | | | | | | | | | | | | | | Mentioning just answers is misleading. Padding is very important for queries as well; for us that applies during forwarding over TLS. Also describe /tls/auto_discovery as experimental in the configuration schema. It's a rather dead experiment from long ago. I hope it can't be confused with more recent things like https://datatracker.ietf.org/doc/draft-ietf-dprive-unilateral-probing/
* | Merge remote-tracking branch 'origin/6.0' into daemon-refactor-2Oto Šťáva2023-06-222-3/+4
|\ \
| * | lib/rules,cache: use transactions, improve assertionsVladimír Čunát2023-06-121-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | When inserting rules from a config file, process everything in a single transaction to avoid using inconsistent sets of rules, especially in a different instance and/or in case some error happens. Also fix some over-eager assertions (CHECK_RET).
| * | lib/rules forwarding: per-IP .tlsVladimír Čunát2023-06-121-1/+1
| |/ | | | | | | We planned it that way for the new config schema - and, why not.
* | daemon: implement TLS with protocol layersOto Šťáva2023-01-261-410/+392
| |
* | daemon: basic implementation of TCP and UDP with protolayersOto Šťáva2023-01-261-392/+410
| |
* | daemon: refactor stage 1Oto Šťáva2023-01-265-110/+86
|/
* Copyright notices: remove years and replace e-mailOto Šťáva2022-12-148-8/+8
|
* NEWS + doc about TTL: forgotten minor tweaksVladimír Čunát2022-12-131-4/+4
|
* NEWS + doc about TTL: apply changes from previous commitsVladimír Čunát2022-12-131-9/+7
| | | | (and minor other changes)
* cache.max_ttl(): lower the default from six days to one dayVladimír Čunát2022-12-131-1/+1
| | | | | Allowing too much seems to have more risk than benefit. For example, the 2-day TTL on DS records in .com zone (e.g. Slack issue months ago).
* doc nit: tweak the link to dnsflagday.netVladimír Čunát2022-11-071-1/+1
| | | | | As the web is now, combination without www doesn't redirect https (only http). So let's switch to the final URL; apex is problematic.
* doc XDP: update the list of required capabilitiesVladimír Čunát2022-10-271-2/+4
| | | | | | We're the same as knotd in this; it evolved a bit with libknot and kernel versions. Taken from: https://www.knot-dns.cz/docs/3.2/singlehtml/#mode-xdp-pre-requisites
* drop unused #include linesVladimír Čunát2022-06-031-2/+0
| | | | | | https://clangd.llvm.org/design/include-cleaner Though somehow I'm all the time getting false positives for "daemon/bindings/impl.h"
* daemon/http: copy headers to streams instead of ownership transferOto Šťáva2022-05-201-2/+2
|
* daemon/http: documentationOto Šťáva2022-05-201-0/+22
|
* daemon/tls: use GNUTLS_NO_TICKETS_TLS12Oto Šťáva2022-05-201-5/+8
|
* daemon/network: Use trie_t instead of map_t for network endpointsOto Šťáva2022-05-111-4/+13
|
* lib/utils: sockaddr key generationOto Šťáva2022-05-021-13/+1
|
* cache nit: reduce cache.max_ttl limit a bitVladimír Čunát2022-02-281-4/+4
| | | | The new limit is over 68 years, so still completely meaningless.
* Fix defects detected by Coverity ScanOto Šťáva2022-02-281-1/+1
| | | | | | | | | Targeted CIDs: 155456, 155962, 346121, 346123, 346124, 346125, 346126, 346127, 346130, 346131, 346132, 346134, 346135, 346138, 346140, 346145, 346146, 346149, 346152, 346154, 346156, 346157 lib/dnssec/nsec3.c change: apparently cleaning fallout from my (= vcunat's) commit b5cf61325ae
* daemon, lib: document API changes made due to PROXYv2Oto Šťáva2022-02-221-0/+2
|
* daemon/bindings doc: PROXYv2 clarificationsOto Šťáva2022-02-221-1/+13
|
* daemon: allow setting zero netmasks for net.proxy_allowed()Oto Šťáva2022-02-221-14/+31
|
* daemon/bindings: add net.proxy_allowed() + docsOto Šťáva2022-02-222-0/+139
|
* daemon/bindings/net: add interface name to link-local IPv6 addressesOto Šťáva2022-01-311-1/+24
|
* daemon/zimport: rewrite, support ZONEMDVladimír Čunát2021-12-221-76/+0
| | | | | | | | | | | | The approach of the code was rather hacky, simulating some packets arriving from upstream and making the module stack CONSUME that. Instead we take a direct approach now: use the simplified validator API and then insert into cache directly. One effect is improved performance, and consequently roughly halving the lag which happens when prefill module invokes this. (With root zone the lag goes down to 0.1 s from over 0.2 s, on my relatively fast CPU. Fortunately it's just once a day.)
* lib/utils: rename union inaddr to union kr_sockaddrOto Šťáva2021-12-201-3/+3
|
* spellingJosh Soref2021-11-196-9/+9
| | | | Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* log: use kr_log_debug instead kr_log_verboseLukáš Ježek2021-07-291-4/+2
|
* log: shortening LOG_GRP_<SOMETHING> to <SOMETHING>Lukáš Ježek2021-07-293-7/+7
|
* log: remove hard-coded prefix from log messagesLukáš Ježek2021-07-293-7/+7
|
* log: split to groupsLukáš Ježek2021-07-293-7/+7
|
* rename kind="doh" to kind="doh_legacy"Tomas Krizek2021-05-312-3/+2
| | | | | | The purpose of this change is to make it harder to accidentally use the legacy DoH implementation and free up the "doh" kind which may be used as an alias to a modern implementation in the future.
* treewide: rename assumptions to kr_assert() / kr_fails_assert()Tomas Krizek2021-05-252-12/+12
| | | | | | | | | | | | | To (hopefully) improve readability, rename the typical macro usage of: if (!kr_assume(x)) y; // to if (kr_fails_assert(x)) y; As a convenience, replace the assert without a return value to a more simple version: (void)!kr_assume(x); // becomes kr_assert(x);
* daemon/bindings/net.c: replace assertsTomas Krizek2021-05-251-20/+11
|
* daemon/bindings/impl.h: replace assertsTomas Krizek2021-05-251-1/+1
|
* daemon/bindings/cache.c: replace assertsTomas Krizek2021-05-251-7/+4
|
* doc: add DoH configuration net.doh_headersLukáš Ježek2021-05-241-2/+25
|
* nitpick: fix lint:tidy warningsTomas Krizek2021-05-241-1/+1
|
* bindings/net: rename to doh_headers()Tomas Krizek2021-05-241-7/+7
|
* daemon/worker: add doh_headers_in listTomas Krizek2021-05-241-0/+50
|
* doc/net.tls(): update command example outputTomas Krizek2021-05-241-1/+2
| | | | | | Technically, we return an actual lua table instead of this pretty-printed representation, but I chose it to be consistent with the rest of the docs.
* lib/selection: add simple detection of IPv6 being brokenVladimír Čunát2021-02-251-1/+1
| | | | Details are described in code comments.
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-30 09:17:15 +0100