| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
This allows us to use the newest versions of linter tools.
|
| |\
| |
| |
| |
| | |
This is the last commit in `6.0` before it is shifted into `master`,
with 5.x support being moved to `master-5`.
|
| | |
| |
| |
| |
| |
| |
| | |
It used to just throw BrokenPipeError, but newer versions of Python have
a separate exception for when the connection is closed in violation of
TLS rules, which Knot Resolver does deliberately so as to not waste time
on properly closing TLS connections with misbehaving peers.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Knot Resolver disables resumption on TLS <=1.2 as it is vulnerable to
replay attacks, so the test makes no sense, as that one was specifically
disabled for TLS >=1.3 (Python had no support for it at the time).
We should make a new test for this with TLS 1.3 support.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is the bulk of the CI/CD overhaul.
Most of the changes are to the `.gitlab-ci.yml` file, where the build
images used are replaced with the ones provided by the
`knot-resolver-ci` repository. Some cleanups have also been done.
The commit also adds unit testing with Knot Resolver built against
multiple versions of Knot DNS, including the `master` branch. The
`master` branch image is built nightly in the `knot-resolver-ci` repo.
We have also removed `scan-build`, as its tests change frequently, with
lots of false-positives, which are very different on each version, and
there is no good way to ignore some detections. Clang-Tidy covers some
of the same issues, and we also have Coverity Scan. Should be more than
enough.
A few config tests were also excluded in the AddressSanitizer tests,
because they produce false-positives.
|
| | |
| |
| |
| |
| |
| | |
- Do `go mod tidy` before running the test, even in CI
- Add `go.sum` to `.gitignore`
- Compatibility with Go 1.15 (Debian 11)
|
| |\| |
|
| | | |
|
| |\| |
|
| | |
| |
| |
| |
| | |
This is so that it is more obvious that the PyPI package actually has
the `python-` prefix.
|
| | |
| |
| |
| | |
Fix cross-references, heading levels, etc.
|
| |\| |
|
| | | |
|
| |\ \
| |/
|/| |
|
| | |\ |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Cleanup before introduction of new packaging tests.
See: https://gitlab.nic.cz/knot/knot-resolver/-/issues/612
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Dependabot reported that we have some vulnerable dependencies. The
problem is that the ones it wants to bump to do not support older Go
versions, which we need to use due to some distros not having the most
recent Go packages available.
The `go.sum` file contains the outdated ones (because I tried with an
older Go), but as far as I can tell, from Go docs and other places, it
is actually not a lockfile, so newer Go should update the packages
regardless of what is in `go.sum`.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
New version of pylint removed the disabled `bad-continuation` check. It
also added a parens check that we were violating in
`test_random_close.py`, which is now fixed as well.
|
| | | | |
|
| | | |
| | |
| | |
| | | |
Adds just https://gitlab.nic.cz/knot/deckard/-/merge_requests/220
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Added the option to run `kresd` inside `pytests` under `valgrind` and
`rr`, which can help with debugging. Also added a clarifying note that I
personally would have liked to have while exploring this.
|
| | | |
| | |
| | |
| | | |
Since commit a0cbbde1 we don't ignore trailing bytes in queries.
|
| | |/
|/| |
|
| |/ |
|
| |
|
|
|
| |
That option isn't supported there, so the test wouldn't work.
Now the config tests work for me on x86 macOS.
|
| |
|
|
|
|
|
| |
The `check_uri()` function now only checks that the endpoint is either
`/doh` or `/dns-query`. Parameter checks were moved into
`process_uri_path()` so that the check only takes place for GET
requests. POST requests now do not care about parameters at all.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
WARNING: You should add the boolean check kwarg to the run_command call.
It currently defaults to false,
but it will default to true in future releases of meson.
See also: https://github.com/mesonbuild/meson/issues/9300
In almost all cases we already check the return code explicitly
and throw a more descriptive message than what would be the default.
|
| | |
|
| |
|
|
|
| |
The nghttp2 documentation states that we must not send data from inside
of its callbacks. It may result in crashes.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
The NSEC validation code has been written very mechanically
according to RFC 4033..4035, but those explain wildcard-related
topics in a way that's hard to understand right.
So here I rewrite it with a different philosophy, so it should be
easier to understand, a bit faster, and less buggy and bug-prone.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
I didn't feel like adding it to every test, so I picked a mix.
I confirmed this would fail before the parent commit.
|
| | |
|
| | |
|
| |
|
|
|
| |
On some platforms in CI, even 8s doesn't seem sufficient enough to
guarantee stability. Hopefully this improves the situation.
|
| |
|
|
| |
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
|
| |
|
|
| |
It was a bit weird that the API had mempool creation but no deletion.
|
| | |
|
| | |
|
| | |
|
