summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--debian/TODO3
-rw-r--r--debian/changelog1676
-rw-r--r--debian/clean2
-rw-r--r--debian/control290
-rw-r--r--debian/copyright204
-rw-r--r--debian/cz.nic.knotd.conf9
-rw-r--r--debian/docs1
-rw-r--r--debian/gbp.conf30
-rw-r--r--debian/knot-dnssecutils.install3
-rw-r--r--debian/knot-dnssecutils.manpages3
-rw-r--r--debian/knot-dnsutils.install3
-rw-r--r--debian/knot-dnsutils.manpages3
-rw-r--r--debian/knot-doc.doc-base17
-rw-r--r--debian/knot-doc.install2
-rw-r--r--debian/knot-doc.links5
-rw-r--r--debian/knot-host.install1
-rw-r--r--debian/knot-host.manpages1
-rw-r--r--debian/knot-module-dnstap.install1
-rw-r--r--debian/knot-module-geoip.install1
-rw-r--r--debian/knot.default1
-rw-r--r--debian/knot.dirs1
-rw-r--r--debian/knot.init149
-rw-r--r--debian/knot.install8
-rw-r--r--debian/knot.manpages6
-rw-r--r--debian/knot.postinst16
-rw-r--r--debian/knot.postrm21
-rw-r--r--debian/knot.service31
-rw-r--r--debian/libdnssec9.install1
-rw-r--r--debian/libdnssec9.symbols96
-rw-r--r--debian/libknot-dev.install4
-rw-r--r--debian/libknot13.install1
-rw-r--r--debian/libknot13.symbols265
l---------debian/libknot13.symbols.alpha1
l---------debian/libknot13.symbols.arc1
l---------debian/libknot13.symbols.hppa1
-rw-r--r--debian/libknot13.symbols.hurd-i386224
l---------debian/libknot13.symbols.ia641
l---------debian/libknot13.symbols.kfreebsd-amd641
l---------debian/libknot13.symbols.kfreebsd-i3861
l---------debian/libknot13.symbols.m68k1
l---------debian/libknot13.symbols.powerpc1
l---------debian/libknot13.symbols.sh41
l---------debian/libknot13.symbols.sparc641
l---------debian/libknot13.symbols.x321
-rw-r--r--debian/libzscanner4.install1
-rw-r--r--debian/libzscanner4.symbols12
-rw-r--r--debian/not-installed1
-rwxr-xr-xdebian/prepare-environment38
-rwxr-xr-xdebian/rules111
-rw-r--r--debian/salsa-ci.yml4
-rw-r--r--debian/source/format1
-rwxr-xr-xdebian/tests/authoritative-server150
-rw-r--r--debian/tests/control13
-rwxr-xr-xdebian/tests/kdig14
-rw-r--r--debian/ufw/knot4
-rw-r--r--debian/upstream/signing-key.asc51
-rw-r--r--debian/watch4
57 files changed, 3494 insertions, 0 deletions
diff --git a/debian/TODO b/debian/TODO
new file mode 100644
index 0000000..41ec2da
--- /dev/null
+++ b/debian/TODO
@@ -0,0 +1,3 @@
+ * add more autopkgtest tests
+ - set up and run an authoritative resolver
+ - validate the signatures
diff --git a/debian/changelog b/debian/changelog
new file mode 100644
index 0000000..b08fe23
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,1676 @@
+knot (3.2.6-1) unstable; urgency=medium
+
+ * New upstream version 3.2.6
+ * Remove patch included upstream
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Tue, 04 Apr 2023 13:54:46 +0200
+
+knot (3.2.5-2) unstable; urgency=medium
+
+ [ Daniel Salzman ]
+ * Update d/changelog: wrap long lines and fix typos
+ * Update d/*NEWS: remove outdated files
+ * Update d/knot.install: install D-Bus config to /usr/share/dbus-1/system.d/
+ * Update d/control: remove inconsistent 'Multi-Arch: same' hinters
+ * Update d/copyright: update some years
+
+ [ Jakub Ružička ]
+ * Add upstream patch fixing errors on modules load
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Tue, 28 Feb 2023 18:05:42 +0100
+
+knot (3.2.5-1) unstable; urgency=medium
+
+ * New upstream version 3.2.5
+
+ [ Daniel Salzman ]
+ * Update d/control: remove dependencies linux-libc-dev and libelf-dev
+ * Update d/control: update and unify xdp-dependent architecture exceptions
+ * Update d/libknot.symbols: update symbols files for non-xdp architectures
+ * Update d/control,rules: switch to external libngtcp2
+ * Update d/control: switch from obsolete lsb-base to sysvinit-utils
+ * Update d/knot.init: fix RUNDIR creation without knot.tmpfiles
+ * Update d/knot.init: remove explicit knotd configuration specification
+ to be consistent with knotc
+ * Update d/knot.postinst: change ownership and permissions for /var/lib/knot,
+ /etc/knot, and /etc/knot/knot.conf
+ * Update d/knot.postrm: add missing directories to purge list in postrm script
+ * Update d/*.symbols: add Build-Depends-Package to libknot and libdnssec
+
+ [ Jakub Ružička ]
+ * Update Standards-Version to 4.6.2 (no changes)
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Thu, 02 Feb 2023 13:37:42 +0100
+
+knot (3.2.4-1) unstable; urgency=medium
+
+ * New upstream version 3.2.4
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Mon, 12 Dec 2022 11:52:06 +0100
+
+knot (3.2.3-1) unstable; urgency=medium
+
+ * New upstream version 3.2.3
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Mon, 21 Nov 2022 14:31:59 +0100
+
+knot (3.2.2-1) unstable; urgency=medium
+
+ * New upstream version 3.2.2
+ * Update libknot13.symbols
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Tue, 01 Nov 2022 12:40:19 +0000
+
+knot (3.2.1-1) unstable; urgency=medium
+
+ * New upstream version 3.2.1
+ - Compatible with libbpf 1.0 (Closes: #1018911)
+ * Add Build-Depends: libxdp-dev where available
+ * Remove patch included upstream
+ * Update libknot13.symbols
+ * Update knot.service from upstream (Closes: #1019583)
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Mon, 12 Sep 2022 16:06:27 +0000
+
+knot (3.2.0-3) unstable; urgency=medium
+
+ * Add Breaks+Replaces for knot-dnssecutils (Closes: #1018944)
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Fri, 02 Sep 2022 13:31:57 +0000
+
+knot (3.2.0-2) unstable; urgency=medium
+
+ * Update libknot13 symbols for arches without XDP
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Thu, 01 Sep 2022 15:11:32 +0000
+
+knot (3.2.0-1) unstable; urgency=medium
+
+ [ Debian Janitor ]
+ * Avoid explicitly specifying -Wl,--as-needed linker flag.
+ * Remove constraints unnecessary since buster
+
+ [ Jakub Ružička ]
+ * gbp: use upstream/3.2 branch
+ * Bump SONAMEs: libknot13, libdnssec9
+ * New knot-dnssecutils subpackage
+ * Enable QUIC
+ * Update debian/copyright
+ * Sync descriptions with upstream package
+ * Bump Standards-Version to 4.6.1
+ * Add d/patches/0001-tests-xdp-tcp-fix-under-32bit-platform.patch
+ * Update debian/tests
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Wed, 24 Aug 2022 11:22:33 +0000
+
+knot (3.1.8-1) unstable; urgency=medium
+
+ * new upstream version 3.1.8
+
+ [ Daniel Salzman ]
+ * d/tests/kdig: make the test more stable by using 1.1.1.1 resolver
+ * d/tests/kdig: skip the test if no internet access detected
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Thu, 28 Apr 2022 11:40:38 +0000
+
+knot (3.1.7-1) unstable; urgency=medium
+
+ * new upstream version 3.1.7
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Wed, 30 Mar 2022 15:09:49 +0000
+
+knot (3.1.6-1) unstable; urgency=medium
+
+ * new upstream version 3.1.6
+ * d/knot.install: add dbus config file
+ * d/copyright: update copyright for 2022
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Thu, 10 Feb 2022 16:20:00 +0000
+
+knot (3.1.5-1) unstable; urgency=medium
+
+ * new upstream version 3.1.5
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Tue, 04 Jan 2022 14:59:07 +0000
+
+knot (3.1.4-1) unstable; urgency=medium
+
+ * new upstream version 3.1.4
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Thu, 04 Nov 2021 11:27:41 +0000
+
+knot (3.1.3-2) unstable; urgency=medium
+
+ * d/tests: add sleep to ensure the server is reloaded
+
+ -- Daniel Salzman <daniel.salzman@nic.cz> Thu, 21 Oct 2021 13:31:44 +0000
+
+knot (3.1.3-1) unstable; urgency=medium
+
+ * new upstream version 3.1.3
+
+ [ Daniel Salzman ]
+ * tests: remove obsolete test for kasp_json2lmdb
+ * knot.postinst: fix lintian warning 'maintainer-script-supports-ancient-package-version'
+ * kasp_json2lmdb: remove unused and obsolete script
+ * get_kaspdb: remove unused and obsolete script
+ * get_user: remove unused and obsolete script
+ * control: remove no-longer-needed python dependencies
+ * TODO: update
+ * doc: fix lintian warnings 'embedded-javascript-library'
+
+ [ Libor Peltan ]
+ * tests: add simple test of DNSSEC and keymgr
+
+ [ Jakub Ružička ]
+ * d/copyright: add url-parser copyright
+ * d/control: add Multi-Arch: same to libknot-dev
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Tue, 19 Oct 2021 12:02:30 +0000
+
+knot (3.1.2-1) unstable; urgency=medium
+
+ * new upstream version 3.1.2
+ * d/copyright: sync with upstream
+ * d/knot.maintscript: remove obsolete maintscript
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Wed, 08 Sep 2021 15:41:04 +0000
+
+knot (3.1.1-6) unstable; urgency=medium
+
+ * Source-only upload (try #2)
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Wed, 01 Sep 2021 22:44:55 +0000
+
+knot (3.1.1-5) unstable; urgency=medium
+
+ * Source-only upload to allow migration
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Wed, 01 Sep 2021 11:22:33 +0000
+
+knot (3.1.1-4) unstable; urgency=medium
+
+ * Upload to unstable
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Tue, 31 Aug 2021 13:13:13 +0000
+
+knot (3.1.1-3) experimental; urgency=medium
+
+ * Bump min symbol versions to 3.1.1
+ * d/control: bump Standards-Version to 4.6.0
+ * d/control: don't require libmnl-dev on archs without XDP
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Wed, 25 Aug 2021 10:42:42 +0000
+
+knot (3.1.1-2) experimental; urgency=medium
+
+ * Remove XDP-specific symbols from unsupported archs
+ * d/control: improve Multi-Arch hints
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Tue, 24 Aug 2021 11:11:11 +0000
+
+knot (3.1.1-1) experimental; urgency=medium
+
+ * new upstream version 3.1.1
+ * d/tests: replace `which` with `command -v`
+ * d/knot.service: sync upstream improvements
+ * d/control: update Build-Depends
+ * Bump SONAMEs: libknot12, libzscanner4
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Tue, 17 Aug 2021 16:20:00 +0000
+
+knot (3.0.5-1) unstable; urgency=medium
+
+ * new upstream version 3.0.5
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Thu, 25 Mar 2021 13:37:00 +0100
+
+knot (3.0.4-2) unstable; urgency=medium
+
+ * Team upload.
+ * Source-only upload to allow migration.
+
+ -- Santiago Ruano Rincón <santiago@debian.org> Thu, 04 Feb 2021 10:40:06 +0100
+
+knot (3.0.4-1) unstable; urgency=medium
+
+ * new upstream version 3.0.4
+ - Fix segfault when generating new DNSSEC keys on duplicated zones
+ (Closes: #977101)
+ * move dnstap module to subpackage
+ * move geoip module to subpackage
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Thu, 21 Jan 2021 15:51:41 +0000
+
+knot (3.0.3-1) unstable; urgency=medium
+
+ [ Jakub Ružička ]
+ * new upstream version 3.0.3
+ * d/patches: remove makefile patch included upstream
+
+ [ Daniel Salzman ]
+ * Improve XDP mode activation
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Tue, 15 Dec 2020 07:08:10 -0500
+
+knot (3.0.2-3) unstable; urgency=medium
+
+ * Team upload.
+ * Disable xdp on armel. Create d/libknot11.symbols.armel accordingly.
+ * Disable fastparser on sh4.
+ * Add d/patches/0001-xdp-rework-Makefile.am-to-avoid-make-distcheck-issue.patch
+ (Closes: #973815)
+ * Remove build-deps not available on hurd and kfreebsds: libbpf-dev,
+ libelf-dev linux-libc-dev. Create symbols files accordingly.
+
+ -- Santiago Ruano Rincón <santiago@debian.org> Thu, 10 Dec 2020 21:59:10 +0100
+
+knot (3.0.2-2) unstable; urgency=low
+
+ * Team upload.
+ * Add debian/salsa-ci.yml.
+ * d/tests/kdig: Add a fallback option to query on port 443 when 853 is
+ unreachable.
+ * Bump Standards-Version to 4.5.1. No changes needed
+ * Bump d/watch version to 4. No changes needed, but makes lintian happier
+ * Bump debhelper-compat to 13
+
+ -- Santiago Ruano Rincón <santiago@debian.org> Mon, 07 Dec 2020 16:00:37 +0100
+
+knot (3.0.2-1) experimental; urgency=medium
+
+ * New upstream version 3.0.2
+ * debian/libknot11.symbols: add 2 new symbols
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Thu, 12 Nov 2020 09:46:41 -0500
+
+knot (3.0.1-1) experimental; urgency=medium
+
+ * New upstream version 3.0.1
+ * Bump SONAMEs: libknot11, libdnssec8
+ * debian/*.symbols: update symbols
+ * debian/*.install: add new files
+ * debian/docs: README is now README.md
+ * debian/knot.service: update from upstream
+ * debian/copyright: remove obsolete lmdb entry
+ * debian/control: update knot-dnsutils description
+ * debian/control: add build deps for XDP support
+ * debian/control: add build dep for DoH support
+ * debian/control: add myself to Uploaders
+ * debian/gbp.conf: use new upstream/3.0 branch
+ * debian/gbp.conf: use debian/experimental branch
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Thu, 22 Oct 2020 08:56:49 -0400
+
+knot (2.9.6-1) unstable; urgency=medium
+
+ * New upstream version 2.9.6
+
+ -- Jakub Ružička <jakub.ruzicka@nic.cz> Tue, 01 Sep 2020 16:30:41 +0200
+
+knot (2.9.5-1) unstable; urgency=medium
+
+ * New upstream version 2.9.5 (Closes: #961075)
+
+ -- Robert Edmonds <edmonds@debian.org> Mon, 25 May 2020 23:16:17 -0400
+
+knot (2.9.3-1) unstable; urgency=medium
+
+ * new upstream version
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 05 Mar 2020 18:22:48 -0500
+
+knot (2.9.2-5) unstable; urgency=medium
+
+ * move Vcs-Git back to debian/master, since we are not in experimental
+ any more
+ * wrap-and-sort -ast
+ * move kzonecheck into knot-dnsutils (Closes: #925035)
+ * drop unnecessary empty plugin directory (fixed upstream)
+ * debhelper: bump to dh 12
+ * include ${misc:Pre-Depends} for knot, to resolve
+ skip-systemd-native-flag-missing-pre-depends
+ * clean up .pybuild/ as well
+ * drop dbgsym migration
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 28 Feb 2020 17:53:33 -0500
+
+knot (2.9.2-4) unstable; urgency=medium
+
+ [ Robert Edmonds ]
+ * debian/control: Add ">= 5.1" version for python3-yaml build dependency (Closes: #949931)
+
+ [ Ondřej Surý ]
+ * Upload to unstable
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 21 Feb 2020 11:51:46 +0100
+
+knot (2.9.2-3) experimental; urgency=medium
+
+ * debian/rules: Run pybuild's configure step in
+ override_dh_auto_configure-indep
+
+ -- Robert Edmonds <edmonds@debian.org> Sun, 26 Jan 2020 16:31:16 -0500
+
+knot (2.9.2-2) experimental; urgency=medium
+
+ * Build a python3-libknot package containing the libknot Python bindings
+ (Closes: #913701)
+
+ -- Robert Edmonds <edmonds@debian.org> Sat, 25 Jan 2020 15:51:36 -0500
+
+knot (2.9.2-1) experimental; urgency=medium
+
+ * New upstream version 2.9.2
+
+ [ Daniel Kahn Gillmor ]
+ * d/control, d/gbp.conf: pointing to DEP-14 debian/experimental branch
+ (revert before releasing to unstable!)
+
+ [ Robert Edmonds ]
+ * debian/gbp.conf: Set "upstream-branch = upstream/2.9"
+ * debian/patches/0002-zonefile-Verify-mtime-against-full-precision-
+ timesta.patch: Remove, applied upstream
+ * Bump SONAMEs: libknot10, libdnssec7, libzscanner3
+ * debian/control: Drop Replaces/Breaks on knot-libs (<< 2.0.1-4)
+ * debian/control: Drop obsolete Replaces/Breaks on old library packages
+ * debian/rules: Set environment variable KNOT_VERSION_FORMAT=release
+ * debian/patches/0001-avoid-git-version-inclusion-in-debian-
+ packages.patch: Remove
+ * debian/*.symbols: Update symbol files for added/removed symbols in new
+ library SONAMEs
+ * debian/*.symbols: Bump minimum versions to 2.9.2 for all symbols
+ * debian/copyright: Fix path to src/contrib/vpool/* files
+ * debian/knot-doc.doc-base: Remove PDF registration
+
+ -- Robert Edmonds <edmonds@debian.org> Fri, 24 Jan 2020 22:36:09 -0500
+
+knot (2.7.8-1) unstable; urgency=medium
+
+ * New upstream version 2.7.8
+
+ [ Daniel Salzman ]
+ * Remove resolved lintian-overrides
+ * Don't require libcap-ng-dev on kfreebsd-i386, kfreebsd-amd64, and
+ hurd-i386
+ * Update copyright (Closes: #925905)
+ * Fix typo in copyright
+ * Don't include pdf to doc package
+ * Fix unsafe usage of yaml.load() (Closes: #933917)
+
+ [ Diederik de Haas ]
+ * Remove knslookup from description as it is not provided.
+
+ [ Santiago Ruano Rincón ]
+ * Revert changes about excluding pdf files in distro/deb/rules, moving
+ them to debian/rules (Closes: #933285)
+
+ [ Robert Edmonds ]
+ * debian/gbp.conf: Set "upstream-branch = upstream/2.7"
+ * debian/gbp.conf: [import-orig] Also filter config.guess, config.sub
+ * debian/patches/0003-correct-kdig-documentation-about-no-crypto.patch:
+ Remove, applied upstream
+ * debian/control: Add myself to Uploaders
+ * debian/control: Bump Standards-Version to 4.5.0 (no changes)
+ * debian/copyright: Fix path to src/libdnssec/contrib/vpool/ files
+
+ -- Robert Edmonds <edmonds@debian.org> Fri, 24 Jan 2020 19:48:01 -0500
+
+knot (2.7.6-2) unstable; urgency=medium
+
+ * add libsofthsm2 when testing for libdnssec/test_keystore_pkcs11
+ * Check fine-grained timestamps on zonefiles.
+ * Correct documentation about key formats
+ * Standards-Version: bump to 4.3.0 (no changes needed)
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 22 Feb 2019 16:51:08 -0500
+
+knot (2.7.6-1) unstable; urgency=medium
+
+ * new upstream release
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 08 Feb 2019 12:53:57 +0000
+
+knot (2.7.4-1) unstable; urgency=medium
+
+ * new upstream release
+ * drop patch applied upstream
+ * d/upstream/signing-key.asc: minimize OpenPGP certificate
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 14 Nov 2018 01:16:27 -0500
+
+knot (2.7.3-3) unstable; urgency=medium
+
+ * update build-deps and autopkgtest deps
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 08 Nov 2018 08:39:43 +0700
+
+knot (2.7.3-2) unstable; urgency=medium
+
+ * postinst: use runuser instead of su for safety and simplicity
+ * fix get_kaspdb and test it against shipped config (Closes: #912210)
+ * added Build-Depends-Package: libknot-dev to symbols files
+ * cleaner diffs: put dh args on separate lines
+ * added authoritative nameserver autopkgtest
+ * Avoid including git version in debian packages
+ * fix broken python
+ * fix up get_user
+ * autopkgtest: test upgrade/conversion tooling
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 07 Nov 2018 22:55:37 +0700
+
+knot (2.7.3-1) unstable; urgency=medium
+
+ * new upstream release
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 15 Oct 2018 17:21:51 -0400
+
+knot (2.7.2-2) unstable; urgency=medium
+
+ * d/rules: try moving DEB_HOST_ARCH check for -latomic
+ * mips and powerpc both appear to build fine without -latomic
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 29 Aug 2018 16:07:02 -0400
+
+knot (2.7.2-1) unstable; urgency=medium
+
+ * new upstream release
+ * try to fix up architecture selection
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 29 Aug 2018 10:34:56 -0400
+
+knot (2.7.1-3) unstable; urgency=medium
+
+ [ Daniel Salzman ]
+ * remove obsolete dependency libjansson-dev
+ * remove obsolete --with-bash-completions
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 27 Aug 2018 19:18:20 -0400
+
+knot (2.7.1-2) unstable; urgency=medium
+
+ * Standards-Version: bump to 4.2.1 (no changes needed)
+ * add -latomic to riscv64 arch as well
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 27 Aug 2018 19:06:08 -0400
+
+knot (2.7.1-1) unstable; urgency=medium
+
+ * new upstream release
+ * SONAME bumps: move to libknot8, libdnssec6, and libzscanner2
+ * adopted pykeymgr from upstream, renaming to
+ /usr/lib/knot/kasp_json2lmdb
+ * ship manpages with dh_installman
+ * kjournalprint is now a shipped as a system administration utility
+ * avoid more autogened files on package import
+ * drop THANKS, no longer shipped upstream
+ * update symbols files
+ * Standards-Version: bump to 4.2.0 (no changes needed)
+ * clean up kdns-utils description
+ * added libcap-ng to build-deps
+ * move to libidn2
+ * d/copyright: correct license of TAP sources
+ * added build-dep on libmaxminddb-dev for GeoIP module
+ * Only conditionally add -latomic based on the platform
+ * record notes about dynamic modules instead of static modules
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 24 Aug 2018 18:02:44 -0400
+
+knot (2.6.8-2) unstable; urgency=medium
+
+ * d/knot.NEWS: fix spelling (thanks, Lintian!)
+ * refresh patches
+ * Standards-Version: bump to 4.1.5 (no changes needed)
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 10 Jul 2018 16:14:48 -0400
+
+knot (2.6.8-1) unstable; urgency=medium
+
+ * New upstream version 2.6.8
+
+ -- Daniel Salzman <daniel.salzman@nic.cz> Tue, 10 Jul 2018 16:23:19 +0200
+
+knot (2.6.7-2) unstable; urgency=medium
+
+ * use knot@packages.debian.org as Maintainer (Closes: #899825)
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 24 May 2018 16:00:33 -0400
+
+knot (2.6.7-1) unstable; urgency=medium
+
+ * New upstream version 2.6.7
+
+ -- Daniel Salzman <daniel.salzman@nic.cz> Thu, 17 May 2018 13:18:22 +0200
+
+knot (2.6.6-2) unstable; urgency=medium
+
+ [ Daniel Salzman ]
+ * Remove already included patches
+ * Add new symbol to libknot7.symbols
+ * Update changelog for 2.6.6-1 release
+
+ [ Daniel Kahn Gillmor ]
+ * standards-version: bump to 4.1.4 (no changes needed)
+ * clean up libknot7.symbols
+ * prepare debian release
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 23 Apr 2018 02:07:36 -0400
+
+knot (2.6.5-3) unstable; urgency=medium
+
+ * accept suggestions from the Multiarch hinter
+ * d/tests/control: rely on ca-certificates to validate the
+ DNS-over-TLS cert
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sun, 25 Feb 2018 15:49:46 -0800
+
+knot (2.6.5-2) unstable; urgency=medium
+
+ * re-ship /usr/lib/$(DEB_HOST_MULTIARCH)/knot" (Closes: #891319)
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sun, 25 Feb 2018 10:17:49 -0800
+
+knot (2.6.5-1) unstable; urgency=medium
+
+ * new upstream release
+
+ [ Daniel Salzman ]
+ * Update uploaders and dependencies in the control file
+ * Downgrade 'Recommends' to 'Suggests' for systemd
+ * Update upstream signing key
+
+ [ Daniel Kahn Gillmor ]
+ * wrap-and-sort -ast
+ * add myself to uploaders
+ * move to debhelper 11
+ * Standards-Version: 4.1.3 (no changes needed)
+ * build-depend on python3-sphinx instead of python-sphinx
+ * d/gbp.conf: clean up, use DEP-14
+ * dh11: apply --fail-missing only to dh_missing
+ * remove doc/modules symlink on clean
+ * Use python3 instead of python2 for helper functions
+ * use python3 for pykeymgr
+ * move knot from python 2 to python 3
+ * Move python3-lmdb to Recommends
+ * d/TODO: note future debian packaging work
+ * knot-doc: use system jquery and underscore javascript
+ * include upstream VCS in git history
+ * d/control: add Rules-Requires-Root: no
+ * d/changelog: strip trailing whitespace
+ * ship upstream ChangeLog
+ * d/copyright: drop hat-trie, removed upstream
+ * d/*.NEWS: stop using asterisks
+ * stop declaring unnecessary dirs
+ * stop shipping /usr/lib/$(DEB_HOST_MULTIARCH)/knot
+ * add doc-base entry for knot-doc
+ * d/gbp.conf: improve cleanup during import-orig
+ * fix spelling errors in manpages
+ * info: fix direntry and category
+ * add really simple autopkgtest
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 22 Feb 2018 23:38:33 -0800
+
+knot (2.6.4-1) unstable; urgency=medium
+
+ * Update Vcs-* links to salsa.d.o
+ * New upstream version 2.6.4
+
+ -- Ondřej Surý <ondrej@debian.org> Thu, 04 Jan 2018 15:02:46 +0000
+
+knot (2.6.3-1) unstable; urgency=medium
+
+ * New upstream version 2.6.3
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 24 Nov 2017 15:33:43 +0000
+
+knot (2.6.1-2) unstable; urgency=medium
+
+ * Add Breaks/Replaces for libdnssec5/libknot7 to remedy botched 2.6.0-1
+ upload (Closes: #881638)
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 13 Nov 2017 19:58:35 +0000
+
+knot (2.6.1-1) unstable; urgency=medium
+
+ * New upstream version 2.6.1
+ * Remove upstream patch for disabling TCP Fastopen
+
+ -- Ondřej Surý <ondrej@debian.org> Sun, 12 Nov 2017 03:11:26 +0000
+
+knot (2.6.0-3) unstable; urgency=medium
+
+ * kdig: disable TCP Fastopen by default as it breaks TLS connection
+ (Closes: #879079)
+
+ -- Ondřej Surý <ondrej@debian.org> Thu, 19 Oct 2017 08:22:18 +0000
+
+knot (2.6.0-2) unstable; urgency=medium
+
+ [ John Bond ]
+ * fix get_kasp and get_user to support unquoted ipv6 addresses
+
+ -- Ondřej Surý <ondrej@debian.org> Thu, 05 Oct 2017 13:08:26 +0000
+
+knot (2.6.0-1) unstable; urgency=medium
+
+ * New upstream version 2.6.0
+ * Enable strict symbols checking
+ * Bump libknot 6->7 and libdnssec 4->5 SONAMEs and update symbols files
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 29 Sep 2017 19:46:41 +0200
+
+knot (2.5.4-2) unstable; urgency=medium
+
+ * Drop conflicting links to dig, nsupdate and host (Closes: #741645)
+ * Build-Depend on latexmk (Closes: #872203)
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 18 Sep 2017 07:11:39 +0200
+
+knot (2.5.4-1) unstable; urgency=medium
+
+ * New upstream version 2.5.4
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 01 Sep 2017 09:03:02 +0200
+
+knot (2.5.3-3) unstable; urgency=medium
+
+ * Simple rebuild to make knot-doc arch:all again.
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 26 Jul 2017 14:41:26 +0200
+
+knot (2.5.3-2) unstable; urgency=medium
+
+ * Disable dh-exec usage as #831786 breaks dh_install --fail-missing
+ (Closes: #869199)
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 24 Jul 2017 10:26:09 +0200
+
+knot (2.5.3-1) unstable; urgency=medium
+
+ * New upstream version 2.5.3
+
+ -- Ondřej Surý <ondrej@debian.org> Sat, 15 Jul 2017 07:26:12 +0200
+
+knot (2.5.2-1) unstable; urgency=medium
+
+ * New upstream version 2.5.2
+ * Remove all patches merged upstream
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 23 Jun 2017 11:46:34 +0200
+
+knot (2.5.1-4) unstable; urgency=medium
+
+ * Create the modules M-A directory to workaround the bug that fails to
+ start knot when modules directory is missing
+
+ -- Ondřej Surý <ondrej@debian.org> Thu, 15 Jun 2017 11:32:09 +0200
+
+knot (2.5.1-3) unstable; urgency=medium
+
+ * Enable dnstap module and set default moduledir to multiarch path
+
+ -- Ondřej Surý <ondrej@debian.org> Thu, 15 Jun 2017 08:32:34 +0200
+
+knot (2.5.1-2) unstable; urgency=medium
+
+ * Explicitly exclude example.com.zone to support older debhelpers
+ * Add patch to fix duplicate section merging in the config
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 09 Jun 2017 13:47:17 +0200
+
+knot (2.5.1-1) unstable; urgency=medium
+
+ * New upstream version 2.5.1
+ * Remove upstream patches released as Knot DNS 2.5.1
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 07 Jun 2017 16:04:16 +0200
+
+knot (2.5.0-2) unstable; urgency=medium
+
+ * Add upstream patches to fix old DNSSEC installations
+ * Skip already converted kasp-db directories
+ * Install pykeymgr from upstream tarball
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 07 Jun 2017 14:20:38 +0200
+
+knot (2.5.0-1) unstable; urgency=medium
+
+ * New upstream version 2.5.0
+ * Update maintscript to use dh-exec and remove obsolete cruft
+ * Bump the package names for libknot and libdnssec to match new
+ SOVERSIONs
+ * Simplify d/rules overrides
+ * Remove not-installed files from d/*.install
+ * Install local copy of pykeymgr (not included in the source
+ distribution)
+ * Add python-lmdb for pykeymgr migration utility
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 07 Jun 2017 11:03:22 +0200
+
+knot (2.4.3-1) unstable; urgency=medium
+
+ * New upstream version 2.4.3
+
+ -- Ondřej Surý <ondrej@debian.org> Tue, 11 Apr 2017 21:17:47 +0200
+
+knot (2.4.2-1) unstable; urgency=medium
+
+ * New upstream version 2.4.2
+
+ -- Ondřej Surý <ondrej@debian.org> Thu, 23 Mar 2017 11:47:52 +0100
+
+knot (2.4.1-2) unstable; urgency=medium
+
+ * Enable dnstap module
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 27 Feb 2017 11:35:15 +0100
+
+knot (2.4.1-1) unstable; urgency=medium
+
+ * New upstream version 2.4.1
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 10 Feb 2017 13:54:24 +0100
+
+knot (2.4.0-3) unstable; urgency=medium
+
+ * Fix timeout call syntax in dh_auto_test invocation
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 25 Jan 2017 15:10:04 +0100
+
+knot (2.4.0-2) unstable; urgency=medium
+
+ * Add -latomic to LDFLAGS to fix FTBFS on platforms that need it
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 23 Jan 2017 11:41:59 +0100
+
+knot (2.4.0-1) unstable; urgency=medium
+
+ * Fix gbp.conf to be readable by git config --file debian/gbp.conf on Jessie
+ * New upstream version 2.4.0
+ * Bump libknot SONAME 4->5
+ * Update symbols files for 2.4.0 release
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 20 Jan 2017 12:15:30 +0100
+
+knot (2.3.3-1) unstable; urgency=medium
+
+ [ Daniel Kahn Gillmor ]
+ * Use secure URLs where possible
+ * Clean up debian/copyright.
+ * Drop duplicate Source: lines (clears lintian binary-control-field-duplicates-source)
+ * Avoid using asterisk in NEWS (clears lintian debian-news-entry-uses-asterisk)
+ * Knot needs a dependency on lsb-base (clears lintian init.d-script-needs-depends-on-lsb-base)
+ * Filter auto-reconfed files out during future gbp import-orig operations
+ * debian/control: clean up Description: lines
+ * Added Documentation= to knot.service
+
+ [ Ondřej Surý ]
+ * Imported Upstream version 2.3.3
+ * Add kjournalprint to knot package
+
+ -- Ondřej Surý <ondrej@debian.org> Thu, 08 Dec 2016 14:49:31 +0100
+
+knot (2.3.2-1) unstable; urgency=medium
+
+ * Imported Upstream version 2.3.2
+ * Add new symbols to libknot4.symbols
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 04 Nov 2016 11:31:33 +0100
+
+knot (2.3.1-1) unstable; urgency=medium
+
+ * Imported Upstream version 2.3.1
+ * Bump libknot3 to libknot4
+ * kzonecheck was moved to /usr/bin
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 10 Oct 2016 12:01:41 +0200
+
+knot (2.3.0-4) unstable; urgency=medium
+
+ * Don't fail if there's no knot user defined
+ * Don't list explicit -c or -C path and let daemon figure it out
+
+ -- Ondřej Surý <ondrej@debian.org> Thu, 15 Sep 2016 12:44:57 +0200
+
+knot (2.3.0-3) unstable; urgency=medium
+
+ * Ignore the test results if they don't finish within 5 minutes
+ * Correctly break/replace libzscanner0 that contained libzscanner.so.1
+
+ -- Ondřej Surý <ondrej@debian.org> Thu, 11 Aug 2016 08:49:25 +0200
+
+knot (2.3.0-2) unstable; urgency=medium
+
+ * Move examples to knot-doc package (fix arch-only FTBFS)
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 10 Aug 2016 10:17:17 +0200
+
+knot (2.3.0-1) unstable; urgency=medium
+
+ * Imported Upstream version 2.3.0
+ + Zone size limit restriction for DDNS, AXFR, and IXFR (CVE-2016-6171)
+ (Closes: #830809)
+ * Restructure d/rules so dh_install --fail-missing works again
+ * Upstream bumped SOVERSION to libknot3, libdnssec2 and libzscanner1
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 10 Aug 2016 09:16:35 +0200
+
+knot (2.2.1-2) unstable; urgency=high
+
+ * Add texlive-generic-extra to B-D for missing iftex.sty
+ (Closes: #829428)
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 11 Jul 2016 11:47:34 +0200
+
+knot (2.2.1-1) unstable; urgency=medium
+
+ * Imported Upstream version 2.2.1
+
+ -- Ondřej Surý <ondrej@debian.org> Tue, 24 May 2016 17:48:16 +0200
+
+knot (2.2.0-3) unstable; urgency=medium
+
+ * knotc checkconf is not knotc conf-check (Closes: #823574)
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 20 May 2016 14:22:11 +0200
+
+knot (2.2.0-2) unstable; urgency=medium
+
+ * Do dbgsym migration of debug symbols
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 27 Apr 2016 17:43:59 +0200
+
+knot (2.2.0-1) unstable; urgency=medium
+
+ * confdb should be in /var/lib/knot/ by default
+ * Imported Upstream version 2.2.0
+ * Add libedit-dev to Build-Depends
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 27 Apr 2016 10:10:10 +0200
+
+knot (2.1.1-2) unstable; urgency=medium
+
+ * Add python to Depends and run wrap-and-sort -a
+ * Parse correct /etc/default/knot instead of /etc/default/knotd
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 15 Apr 2016 17:18:02 +0200
+
+knot (2.1.1-1) unstable; urgency=medium
+
+ * Imported Upstream version 2.1.1
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 10 Feb 2016 20:01:44 +0100
+
+knot (2.1.0-3) unstable; urgency=medium
+
+ * Add small python helper programs to get values from knot.conf
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 25 Jan 2016 12:44:00 +0100
+
+knot (2.1.0-2) unstable; urgency=medium
+
+ * Revert "Run keymgr init on every upgrade (just to be sure it happens)"
+ * Add support for relative directories in kasp-db
+
+ -- Ondřej Surý <ondrej@debian.org> Thu, 14 Jan 2016 11:46:35 +0100
+
+knot (2.1.0-1) unstable; urgency=medium
+
+ * Set knot user home directory to /var/lib/knot
+ * Imported Upstream version 2.1.0
+ * Run keymgr init on every upgrade (just to be sure it happens)
+
+ -- Ondřej Surý <ondrej@debian.org> Thu, 14 Jan 2016 10:55:26 +0100
+
+knot (2.1.0~rc1-55-gf227348-1) unstable; urgency=medium
+
+ * Add libgnutls28-dev and libjansson-dev as dependencies to libknot-dev
+ to satisfy pkg-config requirements
+ * Imported Upstream version 2.1.0~rc1-55-gf227348
+ * Automatically upgrade all KASP databases found in the configuration
+ and restart the server afterwards when upgrading from 2.0.x to 2.1.x
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 13 Jan 2016 14:03:17 +0100
+
+knot (2.1.0~rc1-52-gd80ce77-1) unstable; urgency=medium
+
+ * Imported Upstream version 2.1.0~rc1-52-gd80ce77
+
+ -- Ondřej Surý <ondrej@debian.org> Tue, 12 Jan 2016 16:56:12 +0100
+
+knot (2.0.2-1) unstable; urgency=medium
+
+ * Imported Upstream version 2.0.2
+ * Delete d/p/series as we carry no patches
+
+ -- Ondřej Surý <ondrej@debian.org> Tue, 24 Nov 2015 19:59:56 +0100
+
+knot (2.0.1-4) unstable; urgency=medium
+
+ * Split knot-libs into individual library packages
+ * Add knot.default file and use it from systemd and init.d scripts
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 05 Oct 2015 20:34:02 +0200
+
+knot (2.0.1-3) unstable; urgency=medium
+
+ * The upstart conffile ends with .conf, fix the stale conffile removal
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 21 Sep 2015 13:54:42 +0200
+
+knot (2.0.1-2) unstable; urgency=medium
+
+ * Compile the production version with NDEBUG
+ * Remove stale upstart init script via dpkg-maintscript-helper rm_config
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 14 Sep 2015 13:41:29 +0200
+
+knot (2.0.1-1) unstable; urgency=medium
+
+ * Imported Upstream version 2.0.1
+ * Fix the do_tmpfiles() in sysvrc script (Courtesy of Daniel Baumann)
+ (Closes: #796921)
+ * Disable -pedantic as it causes errors to be thrown in the tests
+
+ -- Ondřej Surý <ondrej@debian.org> Thu, 03 Sep 2015 10:56:16 +0200
+
+knot (2.0.0-1+0) unstable; urgency=medium
+
+ * Bump the version to workaround ~exp* higher than ~bpo*
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 17 Aug 2015 15:05:37 +0200
+
+knot (2.0.0-1) unstable; urgency=medium
+
+ * New upstream version 2.0.0
+ + Bugfixes:
+ - Fix lost NOTIFY message if received during zone transfer
+ - Disable fast zone parser when compiled in Clang (workaround for Clang bug)
+ - kdig: Record correct dnstap SocketProtocol when retrying over TCP
+ - kdig: Hide TSIG section with +noall
+ - Do not set AA flag for AXFR/IXFR queries
+ + Features:
+ - DNSSEC: separate library, switch to GnuTLS, new utilities
+ - DNSSEC: basic KASP support (generate initial keys, ZSK rollover)
+ - Configuration: New text format in YAML, binary store in LMDB
+ - Zone parser: Split long TXT/SPF strings into multiple strings
+ - kdig: Add generic dump style option (+generic)
+ - Try all master servers in multi-master environment
+ - Improved remotes and ACLs (multiple addresses, multiple keys)
+ - Basic support for zone file patterns (%s to substitute zone name)
+ - Disable zone file synchronization by setting 'zonefile_sync' to '-1'
+ - knsupdate: Add input prompt in interactive mode and 'quit' command
+ - knsupdate: Allow TSIG algorithm specification in interactive prompt
+ + Improvements:
+ - Zone dump: Do not write class for SOA record (unified with other RR types)
+ - Zone dump: Do not write master server address into the zone file
+ - Documentation: Manual pages are included in HTML and PDF
+ * Install knot1to2 configuration file conversion tool
+ * Automatically convert knot.conf with some safety-checks
+ * Add note about the conversion to debian/knot.NEWS
+ * Make the build libsystem-{daemon,journal}-dev friendly to allow Ubuntu
+ and backported builds
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 17 Aug 2015 11:56:43 +0200
+
+knot (2.0.0-1~exp2) experimental; urgency=medium
+
+ * Update prepare-environment to match the new config file syntax
+
+ -- Ondřej Surý <ondrej@debian.org> Thu, 30 Jul 2015 09:26:52 +0200
+
+knot (2.0.0-1~exp1) experimental; urgency=medium
+
+ * New upstream version 2.0.0
+ + Bugfixes:
+ - Fix lost NOTIFY message if received during zone transfer
+ - Disable fast zone parser when compiled in Clang (workaround for Clang bug)
+ - kdig: Record correct dnstap SocketProtocol when retrying over TCP
+ - kdig: Hide TSIG section with +noall
+ - Do not set AA flag for AXFR/IXFR queries
+ + Features:
+ - DNSSEC: separate library, switch to GnuTLS, new utilities
+ - DNSSEC: basic KASP support (generate initial keys, ZSK rollover)
+ - Configuration: New text format in YAML, binary store in LMDB
+ - Zone parser: Split long TXT/SPF strings into multiple strings
+ - kdig: Add generic dump style option (+generic)
+ - Try all master servers in multi-master environment
+ - Improved remotes and ACLs (multiple addresses, multiple keys)
+ - Basic support for zone file patterns (%s to substitute zone name)
+ - Disable zone file synchronization by setting 'zonefile_sync' to '-1'
+ - knsupdate: Add input prompt in interactive mode and 'quit' command
+ - knsupdate: Allow TSIG algorithm specification in interactive prompt
+ + Improvements:
+ - Zone dump: Do not write class for SOA record (unified with other RR types)
+ - Zone dump: Do not write master server address into the zone file
+ - Documentation: Manual pages are included in HTML and PDF
+ * Install knot1to2 configuration file conversion tool
+ * Automatically convert knot.conf with some safety-checks
+ * Add note about the conversion to debian/knot.NEWS
+ * Make the build libsystem-{daemon,journal}-dev friendly to allow Ubuntu
+ and backported builds
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 29 Jun 2015 10:40:45 +0200
+
+knot (1.6.1-1) unstable; urgency=medium
+
+ * New upstream version 1.6.1
+
+ -- Ondřej Surý <ondrej@debian.org> Tue, 30 Dec 2014 09:50:54 +0100
+
+knot (1.6.0-1) unstable; urgency=medium
+
+ * New upstream version 1.6.0
+ * Switch to network-online.target to mitigate some network not-yet-ready races
+ * Recommend systemd due journald enabled logging (Closes: #766596)
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 24 Oct 2014 12:41:32 +0200
+
+knot (1.6.0~rc2-1) unstable; urgency=medium
+
+ * New upstream version 1.6.0~rc2
+ * Update patches for 1.6.0~rc2 release
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 17 Oct 2014 17:32:30 +0200
+
+knot (1.6.0~rc1-1) unstable; urgency=medium
+
+ * New upstream version 1.6.0~rc1
+ * Knot needs lmdb for persistent timers
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 13 Oct 2014 23:06:56 +0200
+
+knot (1.5.3-1) unstable; urgency=medium
+
+ * Move knot-libs to Section: net (Closes: #760795)
+ * New upstream version 1.5.3
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 15 Sep 2014 17:00:08 +0200
+
+knot (1.5.2-1) unstable; urgency=high
+
+ * Update Vcs-Urls to point to anonscm.debian.org
+ * New upstream version 1.5.2
+ + [CVE-2014-0486]: Fixed remote crash with crafted DNS message
+ * Update patches for 1.5.2 release
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 08 Sep 2014 11:11:56 +0200
+
+knot (1.5.1-3) unstable; urgency=high
+
+ * More arch/indep build rules splitting to fix binary-arch-only builds
+ * Add lintian override to override warning about internal libraries in
+ knot-libs
+
+ -- Ondřej Surý <ondrej@debian.org> Tue, 26 Aug 2014 09:43:05 +0200
+
+knot (1.5.1-2) unstable; urgency=medium
+
+ * Enable full hardening via debhelper >= 9
+ * Enable IDN in knot-dnsutils and knot-host packages
+ * Enable systemd libraries only on linux-any
+ * Split arch and indep builds to build the documentation just once
+ * Drop ragel from build depends to allow arm64 builds
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 25 Aug 2014 15:54:34 +0200
+
+knot (1.5.1-1) unstable; urgency=medium
+
+ * New upstream version 1.5.1
+ * Enable systemd notification mechanism
+ * Enable systemd journal enhanced logging
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 20 Aug 2014 10:45:18 +0200
+
+knot (1.5.0-1) unstable; urgency=medium
+
+ * New upstream version 1.5.0
+ + Features:
+ - Pluggable query processing modules
+ - Synthetic IPv4/IPv6 reverse/forward records (optional module)
+ - dnstap support in both utilities & server (optional module)
+ - NOTIFY message support and new TSIG section in kdig
+ - Multi-master support
+ - edns-client-subnet support in kdig
+ - Optional asynchronous startup (config "asynchronous-start")
+ - DDNS forwarding reimplemented
+ + Improvements:
+ - Query processing and core functionality overhaul
+ - Performance and reduced memory footprint
+ - Faster zone events scheduling
+ - RFC compliant queries/responses in some corner cases
+ - Log messages
+ - New documentation (Sphinx)
+ - Transfer sizes logged in bytes if needed
+ - Logging outgoing NOTIFY messages
+ - Logging unauthorized incoming NOTIFYs
+ - Preempt task queue for faster reload
+ - Lazy zone file write after zone transfer (governed by "zonefile-sync")
+ + Bugfixes:
+ - Close zone transfer after SERVFAIL response
+ - Incremental to full zone transfer fallback, wrong log message
+ - Zone events corner cases, reload replanning
+ - Zone flush planning after bootstrap
+ - Incorrect incoming AXFR message sizes
+ - DDNS signing changes were freed too soon, posibility of stale data
+ - knotc remote control key handling
+ * Debian packaging:
+ + d/control: New documentation is using sphinx
+ + d/control: New knot-libs package containing internal shared libraries
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 09 Jul 2014 13:08:26 +0200
+
+knot (1.4.6+hotfix-1) unstable; urgency=medium
+
+ * New upstream version 1.4.6+hotfix
+
+ -- Ondřej Surý <ondrej@debian.org> Thu, 22 May 2014 15:39:07 +0200
+
+knot (1.4.6-1) unstable; urgency=medium
+
+ * New upstream version 1.4.6
+ * Update patches for 1.4.6 release
+
+ -- Ondřej Surý <ondrej@debian.org> Thu, 22 May 2014 13:15:14 +0200
+
+knot (1.4.5-2) unstable; urgency=high
+
+ * Re-upload to fix botched amd64 upload in 1.4.5-1
+
+ -- Ondřej Surý <ondrej@debian.org> Tue, 22 Apr 2014 14:58:30 +0200
+
+knot (1.4.5-1) unstable; urgency=high
+
+ * New upstream version 1.4.5
+ + Fix possible weakness in TSIG signature checking
+ * Refresh patches for 1.4.5 release
+ * Use dh-autoreconf to regenerate autotools files
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 14 Apr 2014 15:11:12 +0200
+
+knot (1.4.4-1) unstable; urgency=medium
+
+ * New upstream version 1.4.4
+ + Server is logging remote control commands
+ + 'knotc reload' doesn't refresh unchanged zones
+ + 'knotc -f refresh' forces zone retransfer
+ + Fixed missing notifications after DDNS/automatic resign
+ + Zone is rebootstrapped if the zone file is unreadable
+ + Progressive bootstrap retry backoff
+ + Zone file parser now allows asterisk as part of the label
+ + Fix journal maximum entry size
+ + Sign DNSKEYs in non-apex nodes as regular RR sets
+ + Various spelling and typo fixes (Courtesy of Robert Edmonds)
+
+ -- Ondřej Surý <ondrej@debian.org> Thu, 27 Mar 2014 15:49:54 +0100
+
+knot (1.4.3-2) unstable; urgency=medium
+
+ * Add support for autotools-dev and dh-systemd
+ * Enable parallel builds in dh invocation
+
+ -- Ondřej Surý <ondrej@debian.org> Tue, 18 Feb 2014 13:44:13 +0100
+
+knot (1.4.3-1) unstable; urgency=low
+
+ * New upstream version 1.4.3
+
+ -- Ondřej Surý <ondrej@debian.org> Tue, 18 Feb 2014 13:03:42 +0100
+
+knot (1.4.2-1) unstable; urgency=low
+
+ * New upstream version 1.4.2
+ * Update OpenSSL << 1.0.0 compatibility patch
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 27 Jan 2014 16:14:33 +0100
+
+knot (1.4.1-2) unstable; urgency=low
+
+ * Add patch to remove the requirement for OpenSSL 1.0.0 to build on
+ Debian squeeze, be warned though that the OpenSSL before 1.0.0 might
+ manifest some threading errors and crashes, so you really should
+ upgrade your system to Debian wheezy.
+
+ -- Ondřej Surý <ondrej@debian.org> Thu, 23 Jan 2014 16:53:03 +0100
+
+knot (1.4.1-1) unstable; urgency=low
+
+ * New upstream version 1.4.1
+ + Empty APL record support
+ + 'zonestatus' when using immediate zone syncing
+ + Immediate zone syncing after reload
+ + Race condition writing time values to zone file
+ + Require OpenSSL >= 1.0.0
+ * Don't use dh-autoreconf, upstream uses recent enough autotools
+ * Bump standards version to 3.9.5
+ * Run the tests on every arch without the condition, but don't fail
+ anywhere
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 13 Jan 2014 18:00:18 +0100
+
+knot (1.4.0-1) unstable; urgency=low
+
+ * New major upstream version 1.4.0
+ + Experimental automatic DNSSEC signing
+ + Fastest ragel parser enabled by default
+ + Reduced memory usage
+ + Zone SOA SERIAL policies (INCREMENT, UNIXTIME) for DDNS and
+ automatic DNSSEC signing
+ + IDN support in Knot utilities (kdig, knsupdate, ...)
+ + DNSSEC: support for GOST algorithm
+ + Support for DNSSEC key pre-publication
+ * Remove PATH_MAX patch, it's already included in upstream
+ * Run the tests on all archs, but don't fail the build if the tests fail
+ on broken archs
+ * Update watch file to match (alpha|beta|rc)\d* versions
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 06 Jan 2014 11:00:07 +0100
+
+knot (1.4.0~rc2-1) experimental; urgency=low
+
+ * New upstream version 1.4.0~rc2
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 13 Dec 2013 17:53:26 +0100
+
+knot (1.4.0~rc1-1) experimental; urgency=low
+
+ * Disable tests on GNU Hurd
+ * New upstream version 1.4.0~rc1
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 25 Nov 2013 16:19:27 +0100
+
+knot (1.4.0~beta-1) experimental; urgency=low
+
+ * New upstream version 1.4.0~beta
+ * Update patches for 1.4.0~beta release
+ * Disable fastparser since the ragel is broken in one test
+ * Add knsec3hash to knot package
+
+ -- Ondřej Surý <ondrej@debian.org> Tue, 29 Oct 2013 12:25:49 +0100
+
+knot (1.3.4-1) unstable; urgency=low
+
+ * Disable tests on GNU Hurd
+ * New upstream version 1.3.4
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 13 Dec 2013 17:23:52 +0100
+
+knot (1.3.3-1) unstable; urgency=low
+
+ * New upstream version 1.3.3
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 28 Oct 2013 11:40:13 +0100
+
+knot (1.3.2-3) unstable; urgency=low
+
+ * Add ufw applications.d rule for Knot DNS
+ * Disable recvmmsg on GNU Hurd (since recvmmsg is not implemented on GNU
+ Hurd and will always fail)
+ * Enable fastparser (requires Ragel)
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 11 Oct 2013 17:23:35 +0200
+
+knot (1.3.2-2) unstable; urgency=low
+
+ * Define #PATH_MAX to make GNU Hurd happy
+ * Don't enable LTO, it doesn't play well with debugging symbols
+
+ -- Ondřej Surý <ondrej@debian.org> Sun, 06 Oct 2013 01:57:13 +0200
+
+knot (1.3.2-1) unstable; urgency=low
+
+ * New upstream version 1.3.2
+ * Enable link-time-optimizations by default
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 30 Sep 2013 15:04:01 +0200
+
+knot (1.3.1-1) unstable; urgency=low
+
+ * New upstream version 1.3.1
+ * Add new debian/watch file (Courtesy of Debian QA)
+ * Bump standards to 3.9.4
+ * Stop using /lib/init/vars.sh, we don't use $VERBOSE anymore anyway
+ * Drop syslog.target as it is not needed anymore
+ * Remove SSE detection patch as it was merged upstream
+
+ -- Ondřej Surý <ondrej@debian.org> Tue, 27 Aug 2013 14:27:44 +0200
+
+knot (1.3.0-2) unstable; urgency=low
+
+ * Disable SSE detection in the packaged version of Knot DNS
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 16 Aug 2013 13:04:39 +0200
+
+knot (1.3.0-1) unstable; urgency=low
+
+ * New upstream version 1.3.0
+ * Remove upstream patch from 1.3.0~rc5-2 as it is included in
+ this release.
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 05 Aug 2013 17:01:23 +0200
+
+knot (1.3.0~rc5-2) unstable; urgency=low
+
+ * Pull some pre 1.3.0 patches (mainly to test before release):
+ + Initialize secondary groups for user <user>.<group>.
+ + Reworked CH TXT records support (RFC 4892).
+ + Fixed inactive xfers may be disconnected depending on the previous
+ result.
+ + Add server starting information to log.
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 05 Aug 2013 10:39:48 +0200
+
+knot (1.3.0~rc5-1) unstable; urgency=low
+
+ * New upstream version 1.3.0~rc5
+ * Remove last upstream patch, all our changes have been merged. Yay\!
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 29 Jul 2013 17:15:56 +0200
+
+knot (1.3.0~rc4-2) unstable; urgency=low
+
+ * Disable tests on big endian architectures (but the code still needs to
+ be fixed)
+
+ -- Ondřej Surý <ondrej@debian.org> Tue, 23 Jul 2013 14:07:39 +0200
+
+knot (1.3.0~rc4-1) unstable; urgency=low
+
+ * New upstream version 1.3.0~rc4
+ * Add upstream patch to honour CONFIG_DIR
+ * Remove now obsolete patch to run as knot:knot
+ * The knot/ is now added by upstream to @sysconfdir@
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 15 Jul 2013 15:15:05 +0200
+
+knot (1.3.0~rc3-2) unstable; urgency=low
+
+ * Add proper support for upstart and systemd along with sysvinit
+ * Add /usr/lib/knot/prepare-environment script which will parse
+ knot configuration file and properly create rundir and set
+ correct permissions to configured values in /etc/knot/knot.conf
+ * Remove /etc/default/knot since the values are now parsed
+ directly from the configuration file
+ * Add /var/lib/knot to knot.dirs, so it gets created on package
+ install
+ * Drop checking for $VERBOSE variable and properly log start/stop from
+ sysvinit script
+
+ -- Ondřej Surý <ondrej@debian.org> Tue, 02 Jul 2013 13:08:33 +0200
+
+knot (1.3.0~rc3-1) unstable; urgency=low
+
+ * New upstream version 1.3.0~rc3
+ * Packaging changes:
+ + Use --fail-missing to check for all new files
+ + Remove obsolete patches and update installed conffile with latest
+ options
+ + Don't install knot-zcompile as it is no more
+ + Install minimal example configuration file as /etc/knot/knot.conf
+ + Add --disable-silent-rules to configure invocation
+ + Add patch to fix missing $(DESTDIR) in src/Makefile.am
+ + Set --with-rundir and --with-storage to correct locations
+ + Run under knot:knot by default (create and delete knot user)
+ + Add knot-dnsutils and knot-host packages
+ + Add patch to move knot-{host,dnsutils} manpages to correct location
+ + Add samples/knot.{full,keys}.conf and example zone to examples.
+ * Add knot-doc package with generated documentation (PDF and HTML)
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 28 Jun 2013 12:59:55 +0200
+
+knot (1.2.0-2) unstable; urgency=low
+
+ * /etc/init.d/knot now sources /etc/default/knot instead of
+ /etc/init.d/knotd (Closes: #707683)
+ * Pull upstream fix for pidfile creation before dropping priviledges
+ (Closes: #707685)
+ * Enable SSE2 support again (we will simply not support anything older
+ than Pentium M)
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 26 Jun 2013 14:41:04 +0200
+
+knot (1.2.0-1) unstable; urgency=low
+
+ * Imported Upstream version 1.2.0
+ + Final release.
+ + Some small memory leaks fixes.
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 03 Apr 2013 09:16:25 +0200
+
+knot (1.2.0~rc4-1) unstable; urgency=low
+
+ * Imported Upstream version 1.2.0~rc4
+ + knotc 'zonestatus' command
+ + Changing logfile ownership before dropping privileges
+ + knotc respects 'control' section from configuration
+ + RRL: resolved bucket collisions
+ + RRL: updated bucket mapping to conform RRL technical memo
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 22 Mar 2013 15:35:50 +0100
+
+knot (1.2.0~rc3-1) unstable; urgency=low
+
+ * Imported Upstream version 1.2.0~rc3
+ + New functionality: Response Rate Limiting as a response to
+ reflection DNS DDoS attacks in the wild
+ + Add missing RRSIG in ANY queries
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 01 Mar 2013 13:24:28 +0100
+
+knot (1.2~rc2-1) unstable; urgency=low
+
+ * Imported Upstream version 1.2~rc2
+ * Fix git location
+ * Update patches for 1.2 release
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 18 Feb 2013 12:40:01 +0100
+
+knot (1.1.3-1) unstable; urgency=low
+
+ * Imported Upstream version 1.1.3
+
+ -- Ondřej Surý <ondrej@debian.org> Thu, 20 Dec 2012 10:50:41 +0100
+
+knot (1.1.3~rc1-1) unstable; urgency=low
+
+ * Imported Upstream version 1.1.3~rc1
+ + Fixed answering DS queries (RRSIGs not together with DS, AA bit
+ missing).
+ + Fixed setting ARCOUNT in some error responses with EDNS enabled.
+ + Fixed crash when compiling zone zone with NSEC3PARAM but no NSEC3
+ and semantic checks enabled.
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 07 Dec 2012 11:19:35 +0100
+
+knot (1.1.2-1) unstable; urgency=low
+
+ * Imported Upstream version 1.1.2
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 21 Nov 2012 14:45:34 +0100
+
+knot (1.1.2~rc1-1) unstable; urgency=low
+
+ * Imported Upstream version 1.1.2~rc1
+ * Update patches for new release
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 14 Nov 2012 14:04:17 +0100
+
+knot (1.1.1-1) unstable; urgency=low
+
+ * Imported Upstream version 1.1.1
+ * Update and remove obsolete patches for new release
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 31 Oct 2012 10:42:09 +0100
+
+knot (1.1.0-5) unstable; urgency=low
+
+ * Disable SSE2 instruction set, might solve some strange crashes.
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 10 Oct 2012 13:09:54 +0200
+
+knot (1.1.0-4) unstable; urgency=low
+
+ * Disable extra hardening via dpkg-buildflags, which is not needed
+ by debhelper 9, but breaks builds on squeeze
+ * Install man5 and knot.info documentation
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 03 Sep 2012 16:43:26 +0200
+
+knot (1.1.0-3) unstable; urgency=low
+
+ * Bump dependency on debhelper >= 9
+ * Bump standards version to 3.9.3
+ * Fix installation of manpages to correct directories
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 03 Sep 2012 16:02:11 +0200
+
+knot (1.1.0-2) unstable; urgency=low
+
+ * Disable AM_MAINTAINER_MODE and re-run autoreconf -fi
+ * Enable hardening build by default
+ * Update pidfile patch to 1.1.0
+ * Cope with default MultiArch in dh_compat==9 and don't install
+ unittests* binaries
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 03 Sep 2012 15:32:53 +0200
+
+knot (1.1.0-1) unstable; urgency=low
+
+ * Imported Upstream version 1.1.0
+ - User manual now available.
+ - Optionally disable ANY queries for authoritative answers.
+ - Dropping identical records in zone and incoming transfers.
+ - Support for '/' in zone names.
+ - Generating journal from reloaded zone (EXPERIMENTAL).
+ - Outgoing-only interfaces in configuration file.
+ - Following DNAME if the synthetized name is in the same zone.
+ - IXFR-in optimized.
+ - Many zones loading optimized.
+ - Signing SOA with TSIG queries when checking zone version with master.
+ * Enable maintainer mode to generate version.texi as a workaround.
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 31 Aug 2012 16:27:07 +0200
+
+knot (1.0.6-1) unstable; urgency=low
+
+ * Imported Upstream version 1.0.6
+ - Add NSEC/NSEC3 for all wildcard CNAMEs in the response.
+ - Fixed potential problems with RCU synchronization.
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 13 Jun 2012 15:31:52 +0200
+
+knot (1.0.5-1) unstable; urgency=low
+
+ * Imported Upstream version 1.0.5
+ - Fixed bug with creating journal files which didn't get merged
+ by accident
+
+ -- Ondřej Surý <ondrej@debian.org> Thu, 17 May 2012 12:25:27 +0200
+
+knot (1.0.4-1) unstable; urgency=low
+
+ * Imported Upstream version 1.0.4
+ - Speed-up loading of many zones due parallelization
+ - Support for TLSA resource record (Type 52)
+ - New commands knotc checkzone and knotc refresh (forced update)
+ - Fixed responses to CNAME queries if the canonical name was also
+ an alias
+ - Fixed crash when NS or MX points to an alias
+ - Fixed crash when bootstraping/compiling a lot of zones
+ - Significant speed-up and memory usage reduction of IXFR-in
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 16 May 2012 09:33:26 +0200
+
+knot (1.0.3-1) unstable; urgency=low
+
+ * Imported Upstream version 1.0.3
+ - Fixed bug in non-EDNS0 queries over TCP
+ - Zone compilation time regression fixed
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 18 Apr 2012 09:06:57 +0200
+
+knot (1.0.2-1) unstable; urgency=low
+
+ * Imported Upstream version 1.0.2
+ - Bugfix release
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 13 Apr 2012 16:09:11 +0200
+
+knot (1.0.1-1) unstable; urgency=low
+
+ * Imported Upstream version 1.0.1
+ - Implemented jitter to REFRESH/RETRY timers
+ - Fixed problem with creating IXFR journal for bootstrapped zone
+ - Fixed race condition in processing NOTIFY/SOA queries
+ - Fixed improper assignment of TSIG algorithm type
+
+ -- Ondřej Surý <ondrej@debian.org> Fri, 09 Mar 2012 20:18:37 +0100
+
+knot (1.0.0-1) unstable; urgency=low
+
+ * Imported Upstream version 1.0.0
+ * Update pidfile patch
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 29 Feb 2012 18:46:13 +0100
+
+knot (1.0~rc1-1) unstable; urgency=low
+
+ * Imported Upstream version 1.0~rc1
+ * Move knotd.pid to /var/run where it belongs
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 15 Feb 2012 21:12:56 +0100
+
+knot (0.9.1-3) unstable; urgency=low
+
+ * Install files into knot package (broken build after added debug
+ package)
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 23 Jan 2012 15:01:42 +0100
+
+knot (0.9.1-2) unstable; urgency=low
+
+ * Build knot-dbg package with debug symbols
+
+ -- Ondřej Surý <ondrej@debian.org> Mon, 23 Jan 2012 13:27:20 +0100
+
+knot (0.9.1-1) unstable; urgency=low
+
+ * Imported Upstream version 0.9.1
+ + RRSet rotation functionality added
+ + New pseudo-random number generator (new BSD licensed)
+ + Fixed build on BSD
+ + Fixes in parsing and dumping of some RR types
+ * Add correct git-buildpackage configuration
+ * Update copyright for new PRNG
+
+ -- Ondřej Surý <ondrej@debian.org> Sat, 21 Jan 2012 15:47:30 +0100
+
+knot (0.9-1) unstable; urgency=low
+
+ * Imported Upstream version 0.9
+ + Add TSIG support
+ + Several smaller bugfixes
+ * Add correct git-buildpackage configuration
+ * Imported Upstream version 0.9.1
+ * Update copyright for new PRNG
+
+ -- Ondřej Surý <ondrej@debian.org> Sat, 21 Jan 2012 15:46:54 +0100
+
+knot (0.8.1-1) unstable; urgency=low
+
+ * Imported Upstream version 0.8.1
+ + Correctly handle SPF resource records
+ + Fix wrong text dumping of unknown records.
+
+ -- Ondřej Surý <ondrej@debian.org> Thu, 01 Dec 2011 16:27:44 +0100
+
+knot (0.8-1) unstable; urgency=low
+
+ * Initial release (Closes: #647461)
+ * Add some dependencies in the init.d script
+ * Add flex and bison to b-d
+ * Add versioned dependency on liburcu
+ * Daemonize on the start
+ * Update copyright file to include all licenses
+
+ -- Ondřej Surý <ondrej@debian.org> Wed, 16 Nov 2011 07:14:55 +0100
diff --git a/debian/clean b/debian/clean
new file mode 100644
index 0000000..b2a9f3f
--- /dev/null
+++ b/debian/clean
@@ -0,0 +1,2 @@
+doc/modules
+.pybuild/
diff --git a/debian/control b/debian/control
new file mode 100644
index 0000000..a6b805f
--- /dev/null
+++ b/debian/control
@@ -0,0 +1,290 @@
+Source: knot
+Section: net
+Priority: optional
+Maintainer: knot packagers <knot@packages.debian.org>
+Uploaders:
+ Ondřej Surý <ondrej@debian.org>,
+ Daniel Salzman <daniel.salzman@nic.cz>,
+ Daniel Kahn Gillmor <dkg@fifthhorseman.net>,
+ Robert Edmonds <edmonds@debian.org>,
+ Jakub Ružička <jakub.ruzicka@nic.cz>,
+Build-Depends-Indep:
+ python3-setuptools,
+ python3-sphinx,
+ texinfo,
+Build-Depends:
+ autoconf,
+ automake,
+ debhelper-compat (= 13),
+ dh-python,
+ libbpf-dev [!kfreebsd-i386 !kfreebsd-amd64 !hurd-i386 !alpha !arc !hppa !ia64 !m68k !powerpc !sh4 !sparc64 !x32],
+ libcap-ng-dev [!kfreebsd-i386 !kfreebsd-amd64 !hurd-i386],
+ libedit-dev,
+ libfstrm-dev,
+ libgnutls28-dev,
+ libidn2-dev,
+ liblmdb-dev,
+ libmaxminddb-dev,
+ libmnl-dev [!kfreebsd-i386 !kfreebsd-amd64 !hurd-i386 !alpha !arc !hppa !ia64 !m68k !powerpc !sh4 !sparc64 !x32],
+ libnghttp2-dev,
+ libngtcp2-crypto-gnutls-dev [!kfreebsd-i386 !kfreebsd-amd64 !hurd-i386 !alpha !arc !hppa !ia64 !m68k !powerpc !sh4 !sparc64 !x32],
+ libngtcp2-dev [!kfreebsd-i386 !kfreebsd-amd64 !hurd-i386 !alpha !arc !hppa !ia64 !m68k !powerpc !sh4 !sparc64 !x32],
+ libprotobuf-c-dev,
+ libsofthsm2 <!nocheck>,
+ libsystemd-dev [linux-any] | libsystemd-daemon-dev [linux-any],
+ libsystemd-dev [linux-any] | libsystemd-journal-dev [linux-any],
+ libtool,
+ liburcu-dev,
+ libxdp-dev [!kfreebsd-i386 !kfreebsd-amd64 !hurd-i386 !alpha !arc !hppa !ia64 !m68k !powerpc !sh4 !sparc64 !x32],
+ pkg-config,
+ protobuf-c-compiler,
+ python3-all,
+Standards-Version: 4.6.2
+Homepage: https://www.knot-dns.cz/
+Vcs-Browser: https://salsa.debian.org/dns-team/knot-dns
+Vcs-Git: https://salsa.debian.org/dns-team/knot-dns.git
+Rules-Requires-Root: no
+
+Package: knot
+Architecture: any
+Depends:
+ adduser,
+ libdnssec9 (= ${binary:Version}),
+ libknot13 (= ${binary:Version}),
+ libzscanner4 (= ${binary:Version}),
+ ${misc:Depends},
+ ${shlibs:Depends},
+Pre-Depends:
+ ${misc:Pre-Depends},
+Breaks:
+ knot-dnsutils (<< 2.9.2-5),
+Suggests:
+ systemd,
+Description: Authoritative domain name server
+ Knot DNS is a fast, authoritative only, high performance, feature
+ full and open source name server.
+ .
+ Knot DNS is developed by CZ.NIC Labs, the R&D department of .CZ
+ registry and hence is well suited to run anything from the root
+ zone, the top-level domain, to many smaller standard domain names.
+
+Package: libknot13
+Architecture: any
+Depends:
+ ${misc:Depends},
+ ${shlibs:Depends},
+Section: libs
+Description: Authoritative domain name server (shared library)
+ Knot DNS is a fast, authoritative only, high performance, feature
+ full and open source name server.
+ .
+ Knot DNS is developed by CZ.NIC Labs, the R&D department of .CZ
+ registry and hence is well suited to run anything from the root
+ zone, the top-level domain, to many smaller standard domain names.
+ .
+ This package provides libknot shared library used by Knot DNS and
+ Knot Resolver.
+
+Package: libzscanner4
+Architecture: any
+Depends:
+ ${misc:Depends},
+ ${shlibs:Depends},
+Section: libs
+Description: DNS zone-parsing shared library from Knot DNS
+ Knot DNS is a fast, authoritative only, high performance, feature
+ full and open source name server.
+ .
+ Knot DNS is developed by CZ.NIC Labs, the R&D department of .CZ
+ registry and hence is well suited to run anything from the root
+ zone, the top-level domain, to many smaller standard domain names.
+ .
+ This package provides a fast zone parser shared library used by Knot
+ DNS and Knot Resolver.
+
+Package: libdnssec9
+Architecture: any
+Depends:
+ ${misc:Depends},
+ ${shlibs:Depends},
+Section: libs
+Description: DNSSEC shared library from Knot DNS
+ Knot DNS is a fast, authoritative only, high performance, feature
+ full and open source name server.
+ .
+ Knot DNS is developed by CZ.NIC Labs, the R&D department of .CZ
+ registry and hence is well suited to run anything from the root
+ zone, the top-level domain, to many smaller standard domain names.
+ .
+ This package provides common DNSSEC shared library used by Knot DNS
+ and Knot Resolver.
+
+Package: libknot-dev
+Architecture: any
+Depends:
+ libdnssec9 (= ${binary:Version}),
+ libgnutls28-dev,
+ libknot13 (= ${binary:Version}),
+ libzscanner4 (= ${binary:Version}),
+ ${misc:Depends},
+ ${shlibs:Depends},
+Section: libdevel
+Description: Knot DNS shared library development files
+ Knot DNS is a fast, authoritative only, high performance, feature
+ full and open source name server.
+ .
+ Knot DNS is developed by CZ.NIC Labs, the R&D department of .CZ
+ registry and hence is well suited to run anything from the root
+ zone, the top-level domain, to many smaller standard domain names.
+ .
+ This package provides development files for internal common shared
+ libraries.
+
+Package: knot-dnsutils
+Architecture: any
+Depends:
+ libdnssec9 (= ${binary:Version}),
+ libknot13 (= ${binary:Version}),
+ libzscanner4 (= ${binary:Version}),
+ ${misc:Depends},
+ ${shlibs:Depends},
+Breaks:
+ knot (<< 2.9.2-5),
+Replaces:
+ knot (<< 2.9.2-5),
+Description: Clients provided with Knot DNS (kdig, knsupdate, kxdpgun)
+ Knot DNS is a fast, authoritative only, high performance, feature
+ full and open source name server.
+ .
+ Knot DNS is developed by CZ.NIC Labs, the R&D department of .CZ
+ registry and hence is well suited to run anything from the root
+ zone, the top-level domain, to many smaller standard domain names.
+ .
+ This package delivers various client programs related to DNS that are
+ derived from the Knot DNS source tree.
+ .
+ - kdig - query a DNS server in various ways
+ - knsupdate - perform dynamic updates (See RFC2136)
+ - kxdpgun - send a DNS query stream over UDP to a DNS server
+ .
+ Those clients were designed to be 1:1 compatible with BIND dnsutils,
+ but they provide some enhancements, which are documented in respective
+ manpages.
+ .
+ WARNING: knslookup is not provided as it is considered obsolete.
+
+Package: knot-dnssecutils
+Architecture: any
+Depends:
+ libdnssec9 (= ${binary:Version}),
+ libknot13 (= ${binary:Version}),
+ libzscanner4 (= ${binary:Version}),
+ ${misc:Depends},
+ ${shlibs:Depends},
+Breaks:
+ knot (<< 3.2.0-1),
+ knot-dnsutils (<< 3.2.0-1),
+Replaces:
+ knot (<< 3.2.0-1),
+ knot-dnsutils (<< 3.2.0-1),
+Description: DNSSEC tools provided with Knot DNS (kzonecheck, kzonesign, knsec3hash)
+ Knot DNS is a fast, authoritative only, high performance, feature
+ full and open source name server.
+ .
+ Knot DNS is developed by CZ.NIC Labs, the R&D department of .CZ
+ registry and hence is well suited to run anything from the root
+ zone, the top-level domain, to many smaller standard domain names.
+ .
+ This package delivers various DNSSEC tools from Knot DNS.
+ .
+ - kzonecheck
+ - kzonesign
+ - knsec3hash
+
+Package: knot-host
+Architecture: any
+Depends:
+ libdnssec9 (= ${binary:Version}),
+ libknot13 (= ${binary:Version}),
+ libzscanner4 (= ${binary:Version}),
+ ${misc:Depends},
+ ${shlibs:Depends},
+Description: Version of 'host' bundled with Knot DNS
+ Knot DNS is a fast, authoritative only, high performance, feature
+ full and open source name server.
+ .
+ Knot DNS is developed by CZ.NIC Labs, the R&D department of .CZ
+ registry and hence is well suited to run anything from the root
+ zone, the top-level domain, to many smaller standard domain names.
+ .
+ This package provides the 'host' program in the form that is bundled
+ with the Knot DNS. The 'host' command is designed to be 1:1
+ compatible with BIND 9.x 'host' program.
+
+Package: knot-module-dnstap
+Architecture: any
+Depends:
+ knot (= ${binary:Version}),
+ ${misc:Depends},
+ ${shlibs:Depends},
+Description: dnstap module for Knot DNS
+ Knot DNS is a fast, authoritative only, high performance, feature
+ full and open source name server.
+ .
+ Knot DNS is developed by CZ.NIC Labs, the R&D department of .CZ
+ registry and hence is well suited to run anything from the root
+ zone, the top-level domain, to many smaller standard domain names.
+ .
+ This package contains dnstap module for logging DNS traffic.
+
+Package: knot-module-geoip
+Architecture: any
+Depends:
+ knot (= ${binary:Version}),
+ ${misc:Depends},
+ ${shlibs:Depends},
+Description: geoip module for Knot DNS
+ Knot DNS is a fast, authoritative only, high performance, feature
+ full and open source name server.
+ .
+ Knot DNS is developed by CZ.NIC Labs, the R&D department of .CZ
+ registry and hence is well suited to run anything from the root
+ zone, the top-level domain, to many smaller standard domain names.
+ .
+ This package contains geoip module for geography-based responses.
+
+Package: knot-doc
+Architecture: all
+Multi-Arch: foreign
+Depends:
+ libjs-jquery,
+ libjs-sphinxdoc,
+ libjs-underscore,
+ ${misc:Depends},
+Section: doc
+Description: Documentation for Knot DNS
+ Knot DNS is a fast, authoritative only, high performance, feature
+ full and open source name server.
+ .
+ Knot DNS is developed by CZ.NIC Labs, the R&D department of .CZ
+ registry and hence is well suited to run anything from the root
+ zone, the top-level domain, to many smaller standard domain names.
+ .
+ This package provides various documents that are useful for
+ maintaining a working Knot DNS installation.
+
+Package: python3-libknot
+Architecture: all
+Depends:
+ ${misc:Depends},
+ ${python3:Depends},
+Section: python
+Description: Python bindings for libknot
+ Knot DNS is a fast, authoritative only, high performance, feature
+ full and open source name server.
+ .
+ Knot DNS is developed by CZ.NIC Labs, the R&D department of .CZ
+ registry and hence is well suited to run anything from the root
+ zone, the top-level domain, to many smaller standard domain names.
+ .
+ This package provides Python bindings for the libknot shared library.
diff --git a/debian/copyright b/debian/copyright
new file mode 100644
index 0000000..4991fba
--- /dev/null
+++ b/debian/copyright
@@ -0,0 +1,204 @@
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: Knot DNS
+Upstream-Contact: knot-dns@labs.nic.cz
+Source: https://secure.nic.cz/files/knot-dns/
+
+Files: *
+Copyright: 2011-2023 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
+License: GPL-3+
+
+Files: m4/*
+Copyright: 2011-2022 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
+ 1996-2001, 2003-2015 Free Software Foundation, Inc.
+License: GPL-3+
+
+Files: install-sh
+Copyright: 1994 X Consortium
+License: MIT
+
+Files: debian/* distro/pkg/deb/*
+Copyright: 2011-2023 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
+ 2011 Ondřej Surý <ondrej@debian.org>
+License: GPL-3+
+
+Files: tests/tap/*
+Copyright: 2000-2001, 2004, 2006-2012 Russ Allbery <rra@stanford.edu>
+ 2006, 2007, 2008, 2013 The Board of Trustees of the Leland Stanford Junior University
+License: MIT
+
+Files: tests/tap/files.*
+Copyright: 2011-2019 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
+License: GPL-3+
+
+Files: src/contrib/dnstap/*
+Copyright: 2014, Farsight Security, Inc. <software@farsightsecurity.com>
+ 2011-2022 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
+License: GPL-3+
+
+Files: src/contrib/libbpf/*
+Copyright: 2013-2015 Alexei Starovoitov <ast@kernel.org>
+ 2015 Wang Nan <wangnan0@huawei.com>
+ 2015 Huawei Inc.
+ 2017 Nicira, Inc.
+ 2019 Isovalent, Inc.
+ 2019 Netronome Systems, Inc.
+ 2003-2013 Thomas Graf <tgraf@suug.ch>
+ 2018-2019 Intel Corporation.
+ 2018-2019 Facebook
+License: LGPL-2.1
+
+Files: src/contrib/libngtcp2/*
+Copyright: 2016-2023 ngtcp2 contributors
+ 2012-2017 nghttp2 contributors
+License: MIT
+
+Files: src/contrib/openbsd/siphash.*
+Copyright: 2013 Andre Oppermann <andre@FreeBSD.org>
+License: BSD-3-Clause
+
+Files: src/contrib/openbsd/strl*
+Copyright: 1998 Todd C. Miller <Todd.Miller@courtesan.com>
+License: 0BSD
+
+Files: src/contrib/proxyv2/*
+Copyright: 2022 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
+ 2021 Fastly, Inc.
+License: GPL-3+
+
+Files: src/contrib/qp-trie/*
+Copyright: 2011-2019 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
+ 2018 Tony Finch <dot@dotat.at>
+License: GPL-3+
+
+Files: src/contrib/ucw/*
+Copyright: 2011-2022 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
+ 1997-2017 Martin Mares <mj@ucw.cz>
+ 2007 Pavel Charvat <pchar@ucw.cz>
+ 2012 Ondrej Filip <feela@network.cz>
+License: LGPL-2.0
+
+Files: src/contrib/ucw/heap.h
+Copyright: 2011-2022 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
+License: GPL-3+
+
+Files: src/contrib/url-parser/*
+Copyright: 2020 Igor Sysoev
+ 2020 Nginx, Inc.
+ 2020 Joyent, Inc.
+License: MIT
+
+Files: src/contrib/vpool/*
+Copyright: 2006, 2008 Alexey Vatchenko <av@bsdua.org>
+License: 0BSD
+
+Files: tests-fuzz/main.c
+Copyright: 2011-2019 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
+ 2017 Tim Ruehsen
+License: MIT
+
+License: GPL-3+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+ .
+ This program is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <https://www.gnu.org/licenses/>.
+ .
+ On Debian systems, the full text of the GNU General Public License
+ version 3 can be found in the file `/usr/share/common-licenses/GPL-3'.
+
+License: LGPL-2.0
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Library General Public
+ License as published by the Free Software Foundation; either
+ version 2 of the License, or (at your option) any later version.
+ .
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+ .
+ You should have received a copy of the GNU Library General Public
+ License along with this library; if not, write to the
+ Free Software Foundation, Inc., 51 Franklin St, Fifth Floor,
+ Boston, MA 02110-1301, USA.
+
+License: LGPL-2.1
+ This program is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+ .
+ This program is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+ .
+ You should have received a copy of the GNU Lesser General Public License
+ along with this program; If not, see <http://www.gnu.org/licenses/>.
+ .
+ On Debian systems, the complete text of the GNU Lesser General Public
+ License version 2.1 can be found in `/usr/share/common-licenses/LGPL-2.1'.
+
+License: 0BSD
+ Permission to use, copy, modify, and distribute this software for any
+ purpose with or without fee is hereby granted, provided that the above
+ copyright notice and this permission notice appear in all copies.
+ .
+ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+License: BSD-3-Clause
+ Redistribution and use in source and binary forms, with or without modification,
+ are permitted provided that the following conditions are met:
+ 1. Redistributions of source code must retain the above copyright notice, this
+ list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+ 3. Neither the name of the copyright holder nor the names of its contributors
+ may be used to endorse or promote products derived from this software without
+ specific prior written permission.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ OF THE POSSIBILITY OF SUCH DAMAGE.
+
+License: MIT
+ Permission is hereby granted, free of charge, to any person obtaining
+ a copy of this software and associated documentation files (the
+ "Software"), to deal in the Software without restriction, including
+ without limitation the rights to use, copy, modify, merge, publish,
+ distribute, sublicense, and/or sell copies of the Software, and to
+ permit persons to whom the Software is furnished to do so, subject to
+ the following conditions:
+ .
+ The above copyright notice and this permission notice shall be
+ included in all copies or substantial portions of the Software.
+ .
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+ BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+ ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ SOFTWARE.
diff --git a/debian/cz.nic.knotd.conf b/debian/cz.nic.knotd.conf
new file mode 100644
index 0000000..50af87a
--- /dev/null
+++ b/debian/cz.nic.knotd.conf
@@ -0,0 +1,9 @@
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+ <policy user="knot">
+ <allow own="cz.nic.knotd" />
+ </policy>
+ <policy context="default">
+ <allow receive_sender="cz.nic.knotd" />
+ </policy>
+</busconfig>
diff --git a/debian/docs b/debian/docs
new file mode 100644
index 0000000..b43bf86
--- /dev/null
+++ b/debian/docs
@@ -0,0 +1 @@
+README.md
diff --git a/debian/gbp.conf b/debian/gbp.conf
new file mode 100644
index 0000000..c84f441
--- /dev/null
+++ b/debian/gbp.conf
@@ -0,0 +1,30 @@
+[DEFAULT]
+debian-branch = debian/master
+pristine-tar = True
+upstream-branch = upstream/3.2
+upstream-vcs-tag = v%(version)s
+
+[dch]
+meta = 1
+
+[import-orig]
+filter = [
+ 'configure',
+ '*/Makefile.in',
+ '*/*/Makefile.in',
+ '*/*/*/Makefile.in',
+ 'install-sh',
+ 'ltmain.sh',
+ 'm4/libtool.m4',
+ '/src/lib*/version.h',
+ 'INSTALL',
+ 'aclocal.m4',
+ 'ar-lib',
+ 'depcomp',
+ 'compile',
+ 'missing',
+ 'test-driver',
+ 'config.guess',
+ 'config.sub',
+ ]
+filter-pristine-tar = False
diff --git a/debian/knot-dnssecutils.install b/debian/knot-dnssecutils.install
new file mode 100644
index 0000000..20009e8
--- /dev/null
+++ b/debian/knot-dnssecutils.install
@@ -0,0 +1,3 @@
+usr/bin/knsec3hash
+usr/bin/kzonecheck
+usr/bin/kzonesign
diff --git a/debian/knot-dnssecutils.manpages b/debian/knot-dnssecutils.manpages
new file mode 100644
index 0000000..913c4cb
--- /dev/null
+++ b/debian/knot-dnssecutils.manpages
@@ -0,0 +1,3 @@
+usr/share/man/man1/knsec3hash.1
+usr/share/man/man1/kzonecheck.1
+usr/share/man/man1/kzonesign.1
diff --git a/debian/knot-dnsutils.install b/debian/knot-dnsutils.install
new file mode 100644
index 0000000..e2f2a8a
--- /dev/null
+++ b/debian/knot-dnsutils.install
@@ -0,0 +1,3 @@
+usr/bin/kdig
+usr/bin/knsupdate
+usr/sbin/kxdpgun
diff --git a/debian/knot-dnsutils.manpages b/debian/knot-dnsutils.manpages
new file mode 100644
index 0000000..67254d9
--- /dev/null
+++ b/debian/knot-dnsutils.manpages
@@ -0,0 +1,3 @@
+usr/share/man/man1/kdig.1
+usr/share/man/man1/knsupdate.1
+usr/share/man/man8/kxdpgun.8
diff --git a/debian/knot-doc.doc-base b/debian/knot-doc.doc-base
new file mode 100644
index 0000000..bcd4e0f
--- /dev/null
+++ b/debian/knot-doc.doc-base
@@ -0,0 +1,17 @@
+Document: knot
+Title: Documentation for the Knot authoritative DNS server
+Author: Knot DNS authors at CZ.NIC Labs (https://www.knot-dns.cz)
+Abstract: Knot DNS is a high-performance open-source authoritative DNS server
+Section: Network/Communication
+
+Format: HTML
+Index: /usr/share/doc/knot-doc/index.html
+Files: /usr/share/doc/knot-doc
+
+Format: Info
+Files: /usr/share/info/knot.info.gz
+Index: /usr/share/info/knot.info.gz
+
+Format: Text
+Index: /usr/share/doc/knot-doc/_sources/index.rst.txt
+Files: /usr/share/doc/knot-doc/_sources/
diff --git a/debian/knot-doc.install b/debian/knot-doc.install
new file mode 100644
index 0000000..c19da52
--- /dev/null
+++ b/debian/knot-doc.install
@@ -0,0 +1,2 @@
+usr/share/doc/knot/* /usr/share/doc/knot-doc/
+usr/share/info
diff --git a/debian/knot-doc.links b/debian/knot-doc.links
new file mode 100644
index 0000000..1376b3a
--- /dev/null
+++ b/debian/knot-doc.links
@@ -0,0 +1,5 @@
+usr/share/javascript/jquery/jquery.min.js usr/share/doc/knot-doc/_static/jquery.js
+usr/share/javascript/sphinxdoc/1.0/doctools.js usr/share/doc/knot-doc/_static/doctools.js
+usr/share/javascript/sphinxdoc/1.0/language_data.js usr/share/doc/knot-doc/_static/language_data.js
+usr/share/javascript/sphinxdoc/1.0/searchtools.js usr/share/doc/knot-doc/_static/searchtools.js
+usr/share/javascript/underscore/underscore.min.js usr/share/doc/knot-doc/_static/underscore.js
diff --git a/debian/knot-host.install b/debian/knot-host.install
new file mode 100644
index 0000000..51bacf0
--- /dev/null
+++ b/debian/knot-host.install
@@ -0,0 +1 @@
+usr/bin/khost
diff --git a/debian/knot-host.manpages b/debian/knot-host.manpages
new file mode 100644
index 0000000..4891e2c
--- /dev/null
+++ b/debian/knot-host.manpages
@@ -0,0 +1 @@
+usr/share/man/man1/khost.1
diff --git a/debian/knot-module-dnstap.install b/debian/knot-module-dnstap.install
new file mode 100644
index 0000000..983455e
--- /dev/null
+++ b/debian/knot-module-dnstap.install
@@ -0,0 +1 @@
+usr/lib/*/knot/modules-*/dnstap.so
diff --git a/debian/knot-module-geoip.install b/debian/knot-module-geoip.install
new file mode 100644
index 0000000..16d87c3
--- /dev/null
+++ b/debian/knot-module-geoip.install
@@ -0,0 +1 @@
+usr/lib/*/knot/modules-*/geoip.so
diff --git a/debian/knot.default b/debian/knot.default
new file mode 100644
index 0000000..12d6cc5
--- /dev/null
+++ b/debian/knot.default
@@ -0,0 +1 @@
+KNOTD_ARGS=""
diff --git a/debian/knot.dirs b/debian/knot.dirs
new file mode 100644
index 0000000..6e937aa
--- /dev/null
+++ b/debian/knot.dirs
@@ -0,0 +1 @@
+var/lib/knot
diff --git a/debian/knot.init b/debian/knot.init
new file mode 100644
index 0000000..3f8fcae
--- /dev/null
+++ b/debian/knot.init
@@ -0,0 +1,149 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: knot
+# Required-Start: $network $local_fs $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: authoritative domain name server
+# Description: Knot DNS is a authoritative-only domain name server
+### END INIT INFO
+
+# Author: Ondřej Surý <ondrej@debian.org>
+
+# PATH should only include /usr/* if it runs after the mountnfs.sh script
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="Knot DNS server" # Introduce a short description here
+NAME=knotd # Introduce the short server's name here
+DAEMON=/usr/sbin/$NAME # Introduce the server's location here
+PIDFILE=/run/knot/knot.pid
+SCRIPTNAME=/etc/init.d/knot
+KNOTC=/usr/sbin/knotc
+RUNDIR=/run/knot
+
+# Exit if the package is not installed
+[ -x $DAEMON ] || exit 0
+
+KNOTD_ARGS=""
+
+# Read configuration variable file if it is present
+[ -r /etc/default/knot ] && . /etc/default/knot
+
+DAEMON_ARGS="-d $KNOTD_ARGS"
+
+# Define LSB log_* functions.
+# Depend on sysvinit-utils (>= 2.96) to ensure that this file is present.
+. /lib/lsb/init-functions
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+
+ $KNOTC status >/dev/null 2>/dev/null \
+ && return 1
+
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
+ || return 1
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+ $DAEMON_ARGS \
+ || return 2
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+
+ $KNOTC status >/dev/null 2>/dev/null \
+ || return 1
+
+ $KNOTC stop >/dev/null
+ RETVAL="$?"
+ [ $? = 1 ] && return 2
+
+ # Many daemons don't delete their pidfiles when they exit.
+ rm -f $PIDFILE
+ return 0
+}
+
+do_reload() {
+ $KNOTC reload >/dev/null
+ return $?
+}
+
+do_mkrundir() {
+ mkdir -p $RUNDIR
+ chmod 0755 $RUNDIR
+ chown knot:knot $RUNDIR
+}
+
+case "$1" in
+ start)
+ do_mkrundir
+ log_daemon_msg "Starting $DESC " "$NAME"
+ do_start
+ case "$?" in
+ 0|1) log_end_msg 0 ;;
+ 2) log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) log_end_msg 0 ;;
+ 2) log_end_msg 1 ;;
+ esac
+ ;;
+ status)
+ STATUS=$($KNOTC status 2>&1 >/dev/null)
+ RETVAL=$?
+ if [ $RETVAL = 0 ]; then
+ log_success_msg "$NAME is running"
+ else
+ log_failure_msg "$NAME is not running ($STATUS)"
+ fi
+ exit $RETVAL
+ ;;
+ reload|force-reload)
+ log_daemon_msg "Reloading $DESC" "$NAME"
+ do_reload
+ log_end_msg $?
+ ;;
+ restart)
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|status|restart|reload|force-reload}" >&2
+ exit 3
+ ;;
+esac
+
+:
diff --git a/debian/knot.install b/debian/knot.install
new file mode 100644
index 0000000..5c716fc
--- /dev/null
+++ b/debian/knot.install
@@ -0,0 +1,8 @@
+debian/cz.nic.knotd.conf usr/share/dbus-1/system.d/
+debian/ufw/knot etc/ufw/applications.d/
+etc/knot/knot.conf
+usr/sbin/kcatalogprint
+usr/sbin/keymgr
+usr/sbin/kjournalprint
+usr/sbin/knotc
+usr/sbin/knotd
diff --git a/debian/knot.manpages b/debian/knot.manpages
new file mode 100644
index 0000000..5d23e9f
--- /dev/null
+++ b/debian/knot.manpages
@@ -0,0 +1,6 @@
+usr/share/man/man5/knot.conf.5
+usr/share/man/man8/kcatalogprint.8
+usr/share/man/man8/keymgr.8
+usr/share/man/man8/kjournalprint.8
+usr/share/man/man8/knotc.8
+usr/share/man/man8/knotd.8
diff --git a/debian/knot.postinst b/debian/knot.postinst
new file mode 100644
index 0000000..da747c8
--- /dev/null
+++ b/debian/knot.postinst
@@ -0,0 +1,16 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "configure" ]; then
+ if ! getent passwd knot > /dev/null; then
+ adduser --quiet --system --group --no-create-home --home /var/lib/knot knot
+ fi
+
+ dpkg-statoverride --list /var/lib/knot >/dev/null 2>&1 || dpkg-statoverride --update --add root knot 0770 /var/lib/knot
+ dpkg-statoverride --list /etc/knot/knot.conf >/dev/null 2>&1 || dpkg-statoverride --update --add root knot 0640 /etc/knot/knot.conf
+ dpkg-statoverride --list /etc/knot >/dev/null 2>&1 || dpkg-statoverride --update --add root knot 0750 /etc/knot
+fi
+
+#DEBHELPER#
+
+exit 0
diff --git a/debian/knot.postrm b/debian/knot.postrm
new file mode 100644
index 0000000..14b3d69
--- /dev/null
+++ b/debian/knot.postrm
@@ -0,0 +1,21 @@
+#!/bin/sh
+set -e
+
+if test "$1" = "purge"; then
+ state_dir=/var/lib/knot
+ for db_name in "catalog" "confdb" "journal" "keys" "timers"; do
+ rm -rf $state_dir/$db_name >/dev/null 2>&1 || true
+ done
+ rmdir $state_dir >/dev/null 2>&1 || true
+ [ -e $state_dir/* ] && echo "Notice: there are still data in ${state_dir}, please check."
+
+ dpkg-statoverride --remove /var/lib/knot >/dev/null 2>&1 || true
+ dpkg-statoverride --remove /etc/knot/knot.conf >/dev/null 2>&1 || true
+ dpkg-statoverride --remove /etc/knot >/dev/null 2>&1 || true
+
+ deluser --quiet knot >/dev/null 2>&1 || true
+fi
+
+#DEBHELPER#
+
+exit 0
diff --git a/debian/knot.service b/debian/knot.service
new file mode 100644
index 0000000..54ab197
--- /dev/null
+++ b/debian/knot.service
@@ -0,0 +1,31 @@
+[Unit]
+Description=Knot DNS server
+Wants=network-online.target
+After=network-online.target
+Documentation=man:knotd(8) man:knot.conf(5) man:knotc(8)
+
+[Service]
+EnvironmentFile=/etc/default/knot
+Type=notify
+User=knot
+Group=knot
+CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_SETPCAP
+AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_SETPCAP
+ExecStartPre=/usr/sbin/knotc conf-check
+ExecStart=/usr/sbin/knotd -m "$KNOT_CONF_MAX_SIZE" $KNOTD_ARGS
+ExecReload=/bin/kill -HUP $MAINPID
+Restart=on-abort
+LimitNOFILE=1048576
+TimeoutStopSec=300
+# Extend the systemd startup timeout by this value (seconds) for each zone
+Environment="KNOT_ZONE_LOAD_TIMEOUT_SEC=180"
+# Maximum size (MiB) of a configuration database
+Environment="KNOT_CONF_MAX_SIZE=512"
+
+# Expected systemd >= v239
+RuntimeDirectory=knot
+StateDirectory=knot
+NoNewPrivileges=yes
+
+[Install]
+WantedBy=multi-user.target
diff --git a/debian/libdnssec9.install b/debian/libdnssec9.install
new file mode 100644
index 0000000..17a9fe6
--- /dev/null
+++ b/debian/libdnssec9.install
@@ -0,0 +1 @@
+usr/lib/*/libdnssec.so.*
diff --git a/debian/libdnssec9.symbols b/debian/libdnssec9.symbols
new file mode 100644
index 0000000..c3ab2ed
--- /dev/null
+++ b/debian/libdnssec9.symbols
@@ -0,0 +1,96 @@
+libdnssec.so.9 libdnssec9 #MINVER#
+* Build-Depends-Package: libknot-dev
+ dnssec_algorithm_digest_support@Base 3.2.0
+ dnssec_algorithm_key_size_check@Base 3.2.0
+ dnssec_algorithm_key_size_default@Base 3.2.0
+ dnssec_algorithm_key_size_range@Base 3.2.0
+ dnssec_algorithm_key_support@Base 3.2.0
+ dnssec_algorithm_reproducible@Base 3.2.0
+ dnssec_binary_alloc@Base 3.2.0
+ dnssec_binary_cmp@Base 3.2.0
+ dnssec_binary_dup@Base 3.2.0
+ dnssec_binary_free@Base 3.2.0
+ dnssec_binary_from_base64@Base 3.2.0
+ dnssec_binary_resize@Base 3.2.0
+ dnssec_binary_to_base64@Base 3.2.0
+ dnssec_crypto_cleanup@Base 3.2.0
+ dnssec_crypto_init@Base 3.2.0
+ dnssec_crypto_reinit@Base 3.2.0
+ dnssec_digest@Base 3.2.0
+ dnssec_digest_finish@Base 3.2.0
+ dnssec_digest_init@Base 3.2.0
+ dnssec_key_can_sign@Base 3.2.0
+ dnssec_key_can_verify@Base 3.2.0
+ dnssec_key_clear@Base 3.2.0
+ dnssec_key_create_ds@Base 3.2.0
+ dnssec_key_dup@Base 3.2.0
+ dnssec_key_free@Base 3.2.0
+ dnssec_key_get_algorithm@Base 3.2.0
+ dnssec_key_get_dname@Base 3.2.0
+ dnssec_key_get_flags@Base 3.2.0
+ dnssec_key_get_keyid@Base 3.2.0
+ dnssec_key_get_keytag@Base 3.2.0
+ dnssec_key_get_protocol@Base 3.2.0
+ dnssec_key_get_pubkey@Base 3.2.0
+ dnssec_key_get_rdata@Base 3.2.0
+ dnssec_key_get_size@Base 3.2.0
+ dnssec_key_load_pkcs8@Base 3.2.0
+ dnssec_key_new@Base 3.2.0
+ dnssec_key_set_algorithm@Base 3.2.0
+ dnssec_key_set_dname@Base 3.2.0
+ dnssec_key_set_flags@Base 3.2.0
+ dnssec_key_set_protocol@Base 3.2.0
+ dnssec_key_set_pubkey@Base 3.2.0
+ dnssec_key_set_rdata@Base 3.2.0
+ dnssec_keyid_copy@Base 3.2.0
+ dnssec_keyid_equal@Base 3.2.0
+ dnssec_keyid_is_valid@Base 3.2.0
+ dnssec_keyid_normalize@Base 3.2.0
+ dnssec_keystore_close@Base 3.2.0
+ dnssec_keystore_deinit@Base 3.2.0
+ dnssec_keystore_generate@Base 3.2.0
+ dnssec_keystore_get_private@Base 3.2.0
+ dnssec_keystore_import@Base 3.2.0
+ dnssec_keystore_init@Base 3.2.0
+ dnssec_keystore_init_pkcs11@Base 3.2.0
+ dnssec_keystore_init_pkcs8@Base 3.2.0
+ dnssec_keystore_open@Base 3.2.0
+ dnssec_keystore_remove@Base 3.2.0
+ dnssec_keystore_set_private@Base 3.2.0
+ dnssec_keytag@Base 3.2.0
+ dnssec_nsec3_hash@Base 3.2.0
+ dnssec_nsec3_hash_length@Base 3.2.0
+ dnssec_nsec3_params_free@Base 3.2.0
+ dnssec_nsec3_params_from_rdata@Base 3.2.0
+ dnssec_nsec3_params_match@Base 3.2.0
+ dnssec_nsec_bitmap_add@Base 3.2.0
+ dnssec_nsec_bitmap_clear@Base 3.2.0
+ dnssec_nsec_bitmap_contains@Base 3.2.0
+ dnssec_nsec_bitmap_free@Base 3.2.0
+ dnssec_nsec_bitmap_new@Base 3.2.0
+ dnssec_nsec_bitmap_size@Base 3.2.0
+ dnssec_nsec_bitmap_write@Base 3.2.0
+ dnssec_pem_from_privkey@Base 3.2.0
+ dnssec_pem_from_x509@Base 3.2.0
+ dnssec_pem_to_privkey@Base 3.2.0
+ dnssec_pem_to_x509@Base 3.2.0
+ dnssec_random_binary@Base 3.2.0
+ dnssec_random_buffer@Base 3.2.0
+ dnssec_sign_add@Base 3.2.0
+ dnssec_sign_free@Base 3.2.0
+ dnssec_sign_init@Base 3.2.0
+ dnssec_sign_new@Base 3.2.0
+ dnssec_sign_verify@Base 3.2.0
+ dnssec_sign_write@Base 3.2.0
+ dnssec_strerror@Base 3.2.0
+ dnssec_tsig_add@Base 3.2.0
+ dnssec_tsig_algorithm_from_dname@Base 3.2.0
+ dnssec_tsig_algorithm_from_name@Base 3.2.0
+ dnssec_tsig_algorithm_size@Base 3.2.0
+ dnssec_tsig_algorithm_to_dname@Base 3.2.0
+ dnssec_tsig_algorithm_to_name@Base 3.2.0
+ dnssec_tsig_free@Base 3.2.0
+ dnssec_tsig_new@Base 3.2.0
+ dnssec_tsig_optimal_key_size@Base 3.2.0
+ dnssec_tsig_size@Base 3.2.0
+ dnssec_tsig_write@Base 3.2.0
diff --git a/debian/libknot-dev.install b/debian/libknot-dev.install
new file mode 100644
index 0000000..54f2635
--- /dev/null
+++ b/debian/libknot-dev.install
@@ -0,0 +1,4 @@
+usr/include/
+usr/lib/*/*.a
+usr/lib/*/*.so
+usr/lib/*/pkgconfig/*
diff --git a/debian/libknot13.install b/debian/libknot13.install
new file mode 100644
index 0000000..f9b9f93
--- /dev/null
+++ b/debian/libknot13.install
@@ -0,0 +1 @@
+usr/lib/*/libknot.so.*
diff --git a/debian/libknot13.symbols b/debian/libknot13.symbols
new file mode 100644
index 0000000..d4b2b45
--- /dev/null
+++ b/debian/libknot13.symbols
@@ -0,0 +1,265 @@
+libknot.so.13 libknot13 #MINVER#
+* Build-Depends-Package: libknot-dev
+ KNOT_DB_LMDB_DUPSORT@Base 3.2.0
+ KNOT_DB_LMDB_INTEGERKEY@Base 3.2.0
+ KNOT_DB_LMDB_MAPASYNC@Base 3.2.0
+ KNOT_DB_LMDB_NOSYNC@Base 3.2.0
+ KNOT_DB_LMDB_NOTLS@Base 3.2.0
+ KNOT_DB_LMDB_RDONLY@Base 3.2.0
+ KNOT_DB_LMDB_WRITEMAP@Base 3.2.0
+ KNOT_DUMP_STYLE_DEFAULT@Base 3.2.0
+ knot_ctl_accept@Base 3.2.0
+ knot_ctl_alloc@Base 3.2.0
+ knot_ctl_bind@Base 3.2.0
+ knot_ctl_close@Base 3.2.0
+ knot_ctl_connect@Base 3.2.0
+ knot_ctl_free@Base 3.2.0
+ knot_ctl_receive@Base 3.2.0
+ knot_ctl_send@Base 3.2.0
+ knot_ctl_set_timeout@Base 3.2.0
+ knot_ctl_unbind@Base 3.2.0
+ knot_db_lmdb_api@Base 3.2.0
+ knot_db_lmdb_del_exact@Base 3.2.0
+ knot_db_lmdb_get_mapsize@Base 3.2.0
+ knot_db_lmdb_get_path@Base 3.2.0
+ knot_db_lmdb_get_usage@Base 3.2.0
+ knot_db_lmdb_iter_del@Base 3.2.0
+ knot_db_lmdb_txn_begin@Base 3.2.0
+ knot_db_trie_api@Base 3.2.0
+ knot_dname_cmp@Base 3.2.0
+ knot_dname_copy@Base 3.2.0
+ knot_dname_copy_lower@Base 3.2.0
+ knot_dname_free@Base 3.2.0
+ knot_dname_from_str@Base 3.2.0
+ knot_dname_in_bailiwick@Base 3.2.0
+ knot_dname_is_case_equal@Base 3.2.0
+ knot_dname_is_equal@Base 3.2.0
+ knot_dname_labels@Base 3.2.0
+ knot_dname_lf@Base 3.2.0
+ knot_dname_matched_labels@Base 3.2.0
+ knot_dname_prefixlen@Base 3.2.0
+ knot_dname_realsize@Base 3.2.0
+ knot_dname_replace_suffix@Base 3.2.0
+ knot_dname_size@Base 3.2.0
+ knot_dname_store@Base 3.2.0
+ knot_dname_to_lower@Base 3.2.0
+ knot_dname_to_str@Base 3.2.0
+ knot_dname_to_wire@Base 3.2.0
+ knot_dname_unpack@Base 3.2.0
+ knot_dname_wire_check@Base 3.2.0
+ knot_dnssec_alg_names@Base 3.2.0
+ knot_edns_add_option@Base 3.2.0
+ knot_edns_alignment_size@Base 3.2.0
+ knot_edns_chain_parse@Base 3.2.0
+ knot_edns_chain_size@Base 3.2.0
+ knot_edns_chain_write@Base 3.2.0
+ knot_edns_client_subnet_get_addr@Base 3.2.0
+ knot_edns_client_subnet_parse@Base 3.2.0
+ knot_edns_client_subnet_set_addr@Base 3.2.0
+ knot_edns_client_subnet_size@Base 3.2.0
+ knot_edns_client_subnet_write@Base 3.2.0
+ knot_edns_cookie_client_check@Base 3.2.0
+ knot_edns_cookie_client_generate@Base 3.2.0
+ knot_edns_cookie_parse@Base 3.2.0
+ knot_edns_cookie_server_check@Base 3.2.0
+ knot_edns_cookie_server_generate@Base 3.2.0
+ knot_edns_cookie_size@Base 3.2.0
+ knot_edns_cookie_write@Base 3.2.0
+ knot_edns_ede_names@Base 3.2.0
+ knot_edns_get_ext_rcode@Base 3.2.0
+ knot_edns_get_option@Base 3.2.0
+ knot_edns_get_options@Base 3.2.0
+ knot_edns_get_version@Base 3.2.0
+ knot_edns_init@Base 3.2.0
+ knot_edns_keepalive_parse@Base 3.2.0
+ knot_edns_keepalive_size@Base 3.2.0
+ knot_edns_keepalive_write@Base 3.2.0
+ knot_edns_reserve_option@Base 3.2.0
+ knot_edns_set_ext_rcode@Base 3.2.0
+ knot_edns_set_version@Base 3.2.0
+ knot_error_from_libdnssec@Base 3.2.0
+ knot_eth_mtu@Base 3.2.0
+ knot_eth_name_from_addr@Base 3.2.0
+ knot_eth_queues@Base 3.2.0
+ knot_eth_rss@Base 3.2.0
+ knot_eth_vlans@Base 3.2.2
+ knot_eth_xdp_mode@Base 3.2.0
+ knot_get_obsolete_rdata_descriptor@Base 3.2.0
+ knot_get_rdata_descriptor@Base 3.2.0
+ knot_naptr_header_size@Base 3.2.0
+ knot_opcode_names@Base 3.2.0
+ knot_opt_code_to_string@Base 3.2.0
+ knot_pkt_begin@Base 3.2.0
+ knot_pkt_clear@Base 3.2.0
+ knot_pkt_copy@Base 3.2.0
+ knot_pkt_ext_rcode@Base 3.2.0
+ knot_pkt_ext_rcode_name@Base 3.2.0
+ knot_pkt_free@Base 3.2.0
+ knot_pkt_init_response@Base 3.2.0
+ knot_pkt_new@Base 3.2.0
+ knot_pkt_parse@Base 3.2.0
+ knot_pkt_parse_question@Base 3.2.0
+ knot_pkt_put_question@Base 3.2.0
+ knot_pkt_put_rotate@Base 3.2.0
+ knot_pkt_reclaim@Base 3.2.0
+ knot_pkt_reserve@Base 3.2.0
+ knot_probe_alloc@Base 3.2.0
+ knot_probe_consume@Base 3.2.0
+ knot_probe_data_set@Base 3.2.0
+ knot_probe_fd@Base 3.2.0
+ knot_probe_free@Base 3.2.0
+ knot_probe_produce@Base 3.2.0
+ knot_probe_set_consumer@Base 3.2.0
+ knot_probe_set_producer@Base 3.2.0
+ knot_probe_tcp_rtt@Base 3.2.0
+ knot_rcode_names@Base 3.2.0
+ knot_rdataset_add@Base 3.2.0
+ knot_rdataset_at@Base 3.2.0
+ knot_rdataset_clear@Base 3.2.0
+ knot_rdataset_copy@Base 3.2.0
+ knot_rdataset_eq@Base 3.2.0
+ knot_rdataset_intersect@Base 3.2.0
+ knot_rdataset_intersect2@Base 3.2.0
+ knot_rdataset_member@Base 3.2.0
+ knot_rdataset_merge@Base 3.2.0
+ knot_rdataset_subset@Base 3.2.0
+ knot_rdataset_subtract@Base 3.2.0
+ knot_rrclass_from_string@Base 3.2.0
+ knot_rrclass_to_string@Base 3.2.0
+ knot_rrset_add_rdata@Base 3.2.0
+ knot_rrset_clear@Base 3.2.0
+ knot_rrset_copy@Base 3.2.0
+ knot_rrset_equal@Base 3.2.0
+ knot_rrset_free@Base 3.2.0
+ knot_rrset_is_nsec3rel@Base 3.2.0
+ knot_rrset_new@Base 3.2.0
+ knot_rrset_rr_from_wire@Base 3.2.0
+ knot_rrset_rr_to_canonical@Base 3.2.0
+ knot_rrset_size@Base 3.2.0
+ knot_rrset_to_wire_extra@Base 3.2.0
+ knot_rrset_txt_dump@Base 3.2.0
+ knot_rrset_txt_dump_data@Base 3.2.0
+ knot_rrset_txt_dump_header@Base 3.2.0
+ knot_rrtype_additional_needed@Base 3.2.0
+ knot_rrtype_from_string@Base 3.2.0
+ knot_rrtype_is_dnssec@Base 3.2.0
+ knot_rrtype_is_metatype@Base 3.2.0
+ knot_rrtype_should_be_lowercased@Base 3.2.0
+ knot_rrtype_to_string@Base 3.2.0
+ knot_strerror@Base 3.2.0
+ knot_svcb_param_names@Base 3.2.0
+ knot_tcp_cleanup@Base 3.2.0
+ knot_tcp_inbuf_update@Base 3.2.0
+ knot_tcp_outbufs_ack@Base 3.2.0
+ knot_tcp_outbufs_add@Base 3.2.0
+ knot_tcp_outbufs_can_send@Base 3.2.0
+ knot_tcp_outbufs_usage@Base 3.2.0
+ knot_tcp_recv@Base 3.2.0
+ knot_tcp_reply_data@Base 3.2.0
+ knot_tcp_send@Base 3.2.0
+ knot_tcp_sweep@Base 3.2.0
+ knot_tcp_table_free@Base 3.2.0
+ knot_tcp_table_new@Base 3.2.0
+ knot_tsig_add@Base 3.2.0
+ knot_tsig_append@Base 3.2.0
+ knot_tsig_client_check@Base 3.2.0
+ knot_tsig_client_check_next@Base 3.2.0
+ knot_tsig_create_rdata@Base 3.2.0
+ knot_tsig_key_copy@Base 3.2.0
+ knot_tsig_key_deinit@Base 3.2.0
+ knot_tsig_key_init@Base 3.2.0
+ knot_tsig_key_init_file@Base 3.2.0
+ knot_tsig_key_init_str@Base 3.2.0
+ knot_tsig_rcode_names@Base 3.2.0
+ knot_tsig_rdata_alg@Base 3.2.0
+ knot_tsig_rdata_alg_name@Base 3.2.0
+ knot_tsig_rdata_error@Base 3.2.0
+ knot_tsig_rdata_fudge@Base 3.2.0
+ knot_tsig_rdata_is_ok@Base 3.2.0
+ knot_tsig_rdata_mac@Base 3.2.0
+ knot_tsig_rdata_mac_length@Base 3.2.0
+ knot_tsig_rdata_orig_id@Base 3.2.0
+ knot_tsig_rdata_other_data@Base 3.2.0
+ knot_tsig_rdata_other_data_length@Base 3.2.0
+ knot_tsig_rdata_set_fudge@Base 3.2.0
+ knot_tsig_rdata_set_mac@Base 3.2.0
+ knot_tsig_rdata_set_orig_id@Base 3.2.0
+ knot_tsig_rdata_set_other_data@Base 3.2.0
+ knot_tsig_rdata_set_time_signed@Base 3.2.0
+ knot_tsig_rdata_time_signed@Base 3.2.0
+ knot_tsig_rdata_tsig_timers_length@Base 3.2.0
+ knot_tsig_rdata_tsig_variables_length@Base 3.2.0
+ knot_tsig_server_check@Base 3.2.0
+ knot_tsig_sign@Base 3.2.0
+ knot_tsig_sign_next@Base 3.2.0
+ knot_tsig_wire_maxsize@Base 3.2.0
+ knot_tsig_wire_size@Base 3.2.0
+ knot_xdp_deinit@Base 3.2.0
+ knot_xdp_info@Base 3.2.0
+ knot_xdp_init@Base 3.2.0
+ knot_xdp_recv@Base 3.2.0
+ knot_xdp_recv_finish@Base 3.2.0
+ knot_xdp_reply_alloc@Base 3.2.0
+ knot_xdp_send@Base 3.2.0
+ knot_xdp_send_alloc@Base 3.2.0
+ knot_xdp_send_finish@Base 3.2.0
+ knot_xdp_send_free@Base 3.2.0
+ knot_xdp_send_prepare@Base 3.2.0
+ knot_xdp_socket_fd@Base 3.2.0
+ knot_xquic_cleanup@Base 3.2.1
+ knot_xquic_client@Base 3.2.0
+ knot_xquic_conn_get_stream@Base 3.2.0
+ knot_xquic_conn_rtt@Base 3.2.0
+ knot_xquic_free_creds@Base 3.2.0
+ knot_xquic_handle@Base 3.2.0
+ knot_xquic_init_creds@Base 3.2.0
+ knot_xquic_send@Base 3.2.0
+ knot_xquic_session_load@Base 3.2.0
+ knot_xquic_session_save@Base 3.2.0
+ knot_xquic_stream_add_data@Base 3.2.0
+ knot_xquic_stream_get_process@Base 3.2.0
+ knot_xquic_table_free@Base 3.2.0
+ knot_xquic_table_new@Base 3.2.0
+ knot_xquic_table_rem@Base 3.2.0
+ knot_xquic_table_sweep@Base 3.2.0
+ yp_addr@Base 3.2.0
+ yp_addr_noport@Base 3.2.0
+ yp_addr_noport_to_bin@Base 3.2.0
+ yp_addr_noport_to_txt@Base 3.2.0
+ yp_addr_range_to_bin@Base 3.2.0
+ yp_addr_range_to_txt@Base 3.2.0
+ yp_addr_to_bin@Base 3.2.0
+ yp_addr_to_txt@Base 3.2.0
+ yp_base64_to_bin@Base 3.2.0
+ yp_base64_to_txt@Base 3.2.0
+ yp_bool_to_bin@Base 3.2.0
+ yp_bool_to_txt@Base 3.2.0
+ yp_deinit@Base 3.2.0
+ yp_dname_to_bin@Base 3.2.0
+ yp_dname_to_txt@Base 3.2.0
+ yp_format_id@Base 3.2.0
+ yp_format_key0@Base 3.2.0
+ yp_format_key1@Base 3.2.0
+ yp_hex_to_bin@Base 3.2.0
+ yp_hex_to_txt@Base 3.2.0
+ yp_init@Base 3.2.0
+ yp_int_to_bin@Base 3.2.0
+ yp_int_to_txt@Base 3.2.0
+ yp_item_to_bin@Base 3.2.0
+ yp_item_to_txt@Base 3.2.0
+ yp_option_to_bin@Base 3.2.0
+ yp_option_to_txt@Base 3.2.0
+ yp_parse@Base 3.2.0
+ yp_schema_check_deinit@Base 3.2.0
+ yp_schema_check_init@Base 3.2.0
+ yp_schema_check_parser@Base 3.2.0
+ yp_schema_check_str@Base 3.2.0
+ yp_schema_copy@Base 3.2.0
+ yp_schema_find@Base 3.2.0
+ yp_schema_free@Base 3.2.0
+ yp_schema_merge@Base 3.2.0
+ yp_schema_purge_dynamic@Base 3.2.0
+ yp_set_input_file@Base 3.2.0
+ yp_set_input_string@Base 3.2.0
+ yp_str_to_bin@Base 3.2.0
+ yp_str_to_txt@Base 3.2.0
diff --git a/debian/libknot13.symbols.alpha b/debian/libknot13.symbols.alpha
new file mode 120000
index 0000000..a709262
--- /dev/null
+++ b/debian/libknot13.symbols.alpha
@@ -0,0 +1 @@
+libknot13.symbols.hurd-i386 \ No newline at end of file
diff --git a/debian/libknot13.symbols.arc b/debian/libknot13.symbols.arc
new file mode 120000
index 0000000..a709262
--- /dev/null
+++ b/debian/libknot13.symbols.arc
@@ -0,0 +1 @@
+libknot13.symbols.hurd-i386 \ No newline at end of file
diff --git a/debian/libknot13.symbols.hppa b/debian/libknot13.symbols.hppa
new file mode 120000
index 0000000..a709262
--- /dev/null
+++ b/debian/libknot13.symbols.hppa
@@ -0,0 +1 @@
+libknot13.symbols.hurd-i386 \ No newline at end of file
diff --git a/debian/libknot13.symbols.hurd-i386 b/debian/libknot13.symbols.hurd-i386
new file mode 100644
index 0000000..45117e0
--- /dev/null
+++ b/debian/libknot13.symbols.hurd-i386
@@ -0,0 +1,224 @@
+libknot.so.13 libknot13 #MINVER#
+* Build-Depends-Package: libknot-dev
+ KNOT_DB_LMDB_DUPSORT@Base 3.2.0
+ KNOT_DB_LMDB_INTEGERKEY@Base 3.2.0
+ KNOT_DB_LMDB_MAPASYNC@Base 3.2.0
+ KNOT_DB_LMDB_NOSYNC@Base 3.2.0
+ KNOT_DB_LMDB_NOTLS@Base 3.2.0
+ KNOT_DB_LMDB_RDONLY@Base 3.2.0
+ KNOT_DB_LMDB_WRITEMAP@Base 3.2.0
+ KNOT_DUMP_STYLE_DEFAULT@Base 3.2.0
+ knot_ctl_accept@Base 3.2.0
+ knot_ctl_alloc@Base 3.2.0
+ knot_ctl_bind@Base 3.2.0
+ knot_ctl_close@Base 3.2.0
+ knot_ctl_connect@Base 3.2.0
+ knot_ctl_free@Base 3.2.0
+ knot_ctl_receive@Base 3.2.0
+ knot_ctl_send@Base 3.2.0
+ knot_ctl_set_timeout@Base 3.2.0
+ knot_ctl_unbind@Base 3.2.0
+ knot_db_lmdb_api@Base 3.2.0
+ knot_db_lmdb_del_exact@Base 3.2.0
+ knot_db_lmdb_get_mapsize@Base 3.2.0
+ knot_db_lmdb_get_path@Base 3.2.0
+ knot_db_lmdb_get_usage@Base 3.2.0
+ knot_db_lmdb_iter_del@Base 3.2.0
+ knot_db_lmdb_txn_begin@Base 3.2.0
+ knot_db_trie_api@Base 3.2.0
+ knot_dname_cmp@Base 3.2.0
+ knot_dname_copy@Base 3.2.0
+ knot_dname_copy_lower@Base 3.2.0
+ knot_dname_free@Base 3.2.0
+ knot_dname_from_str@Base 3.2.0
+ knot_dname_in_bailiwick@Base 3.2.0
+ knot_dname_is_case_equal@Base 3.2.0
+ knot_dname_is_equal@Base 3.2.0
+ knot_dname_labels@Base 3.2.0
+ knot_dname_lf@Base 3.2.0
+ knot_dname_matched_labels@Base 3.2.0
+ knot_dname_prefixlen@Base 3.2.0
+ knot_dname_realsize@Base 3.2.0
+ knot_dname_replace_suffix@Base 3.2.0
+ knot_dname_size@Base 3.2.0
+ knot_dname_store@Base 3.2.0
+ knot_dname_to_lower@Base 3.2.0
+ knot_dname_to_str@Base 3.2.0
+ knot_dname_to_wire@Base 3.2.0
+ knot_dname_unpack@Base 3.2.0
+ knot_dname_wire_check@Base 3.2.0
+ knot_dnssec_alg_names@Base 3.2.0
+ knot_edns_add_option@Base 3.2.0
+ knot_edns_alignment_size@Base 3.2.0
+ knot_edns_chain_parse@Base 3.2.0
+ knot_edns_chain_size@Base 3.2.0
+ knot_edns_chain_write@Base 3.2.0
+ knot_edns_client_subnet_get_addr@Base 3.2.0
+ knot_edns_client_subnet_parse@Base 3.2.0
+ knot_edns_client_subnet_set_addr@Base 3.2.0
+ knot_edns_client_subnet_size@Base 3.2.0
+ knot_edns_client_subnet_write@Base 3.2.0
+ knot_edns_cookie_client_check@Base 3.2.0
+ knot_edns_cookie_client_generate@Base 3.2.0
+ knot_edns_cookie_parse@Base 3.2.0
+ knot_edns_cookie_server_check@Base 3.2.0
+ knot_edns_cookie_server_generate@Base 3.2.0
+ knot_edns_cookie_size@Base 3.2.0
+ knot_edns_cookie_write@Base 3.2.0
+ knot_edns_ede_names@Base 3.2.0
+ knot_edns_get_ext_rcode@Base 3.2.0
+ knot_edns_get_option@Base 3.2.0
+ knot_edns_get_options@Base 3.2.0
+ knot_edns_get_version@Base 3.2.0
+ knot_edns_init@Base 3.2.0
+ knot_edns_keepalive_parse@Base 3.2.0
+ knot_edns_keepalive_size@Base 3.2.0
+ knot_edns_keepalive_write@Base 3.2.0
+ knot_edns_reserve_option@Base 3.2.0
+ knot_edns_set_ext_rcode@Base 3.2.0
+ knot_edns_set_version@Base 3.2.0
+ knot_error_from_libdnssec@Base 3.2.0
+ knot_get_obsolete_rdata_descriptor@Base 3.2.0
+ knot_get_rdata_descriptor@Base 3.2.0
+ knot_naptr_header_size@Base 3.2.0
+ knot_opcode_names@Base 3.2.0
+ knot_opt_code_to_string@Base 3.2.0
+ knot_pkt_begin@Base 3.2.0
+ knot_pkt_clear@Base 3.2.0
+ knot_pkt_copy@Base 3.2.0
+ knot_pkt_ext_rcode@Base 3.2.0
+ knot_pkt_ext_rcode_name@Base 3.2.0
+ knot_pkt_free@Base 3.2.0
+ knot_pkt_init_response@Base 3.2.0
+ knot_pkt_new@Base 3.2.0
+ knot_pkt_parse@Base 3.2.0
+ knot_pkt_parse_question@Base 3.2.0
+ knot_pkt_put_question@Base 3.2.0
+ knot_pkt_put_rotate@Base 3.2.0
+ knot_pkt_reclaim@Base 3.2.0
+ knot_pkt_reserve@Base 3.2.0
+ knot_probe_alloc@Base 3.2.0
+ knot_probe_consume@Base 3.2.0
+ knot_probe_data_set@Base 3.2.0
+ knot_probe_fd@Base 3.2.0
+ knot_probe_free@Base 3.2.0
+ knot_probe_produce@Base 3.2.0
+ knot_probe_set_consumer@Base 3.2.0
+ knot_probe_set_producer@Base 3.2.0
+ knot_probe_tcp_rtt@Base 3.2.0
+ knot_rcode_names@Base 3.2.0
+ knot_rdataset_add@Base 3.2.0
+ knot_rdataset_at@Base 3.2.0
+ knot_rdataset_clear@Base 3.2.0
+ knot_rdataset_copy@Base 3.2.0
+ knot_rdataset_eq@Base 3.2.0
+ knot_rdataset_intersect@Base 3.2.0
+ knot_rdataset_intersect2@Base 3.2.0
+ knot_rdataset_member@Base 3.2.0
+ knot_rdataset_merge@Base 3.2.0
+ knot_rdataset_subset@Base 3.2.0
+ knot_rdataset_subtract@Base 3.2.0
+ knot_rrclass_from_string@Base 3.2.0
+ knot_rrclass_to_string@Base 3.2.0
+ knot_rrset_add_rdata@Base 3.2.0
+ knot_rrset_clear@Base 3.2.0
+ knot_rrset_copy@Base 3.2.0
+ knot_rrset_equal@Base 3.2.0
+ knot_rrset_free@Base 3.2.0
+ knot_rrset_is_nsec3rel@Base 3.2.0
+ knot_rrset_new@Base 3.2.0
+ knot_rrset_rr_from_wire@Base 3.2.0
+ knot_rrset_rr_to_canonical@Base 3.2.0
+ knot_rrset_size@Base 3.2.0
+ knot_rrset_to_wire_extra@Base 3.2.0
+ knot_rrset_txt_dump@Base 3.2.0
+ knot_rrset_txt_dump_data@Base 3.2.0
+ knot_rrset_txt_dump_header@Base 3.2.0
+ knot_rrtype_additional_needed@Base 3.2.0
+ knot_rrtype_from_string@Base 3.2.0
+ knot_rrtype_is_dnssec@Base 3.2.0
+ knot_rrtype_is_metatype@Base 3.2.0
+ knot_rrtype_should_be_lowercased@Base 3.2.0
+ knot_rrtype_to_string@Base 3.2.0
+ knot_strerror@Base 3.2.0
+ knot_svcb_param_names@Base 3.2.0
+ knot_tcp_inbuf_update@Base 3.2.0
+ knot_tcp_outbufs_ack@Base 3.2.0
+ knot_tcp_outbufs_add@Base 3.2.0
+ knot_tcp_outbufs_can_send@Base 3.2.0
+ knot_tcp_outbufs_usage@Base 3.2.0
+ knot_tsig_add@Base 3.2.0
+ knot_tsig_append@Base 3.2.0
+ knot_tsig_client_check@Base 3.2.0
+ knot_tsig_client_check_next@Base 3.2.0
+ knot_tsig_create_rdata@Base 3.2.0
+ knot_tsig_key_copy@Base 3.2.0
+ knot_tsig_key_deinit@Base 3.2.0
+ knot_tsig_key_init@Base 3.2.0
+ knot_tsig_key_init_file@Base 3.2.0
+ knot_tsig_key_init_str@Base 3.2.0
+ knot_tsig_rcode_names@Base 3.2.0
+ knot_tsig_rdata_alg@Base 3.2.0
+ knot_tsig_rdata_alg_name@Base 3.2.0
+ knot_tsig_rdata_error@Base 3.2.0
+ knot_tsig_rdata_fudge@Base 3.2.0
+ knot_tsig_rdata_is_ok@Base 3.2.0
+ knot_tsig_rdata_mac@Base 3.2.0
+ knot_tsig_rdata_mac_length@Base 3.2.0
+ knot_tsig_rdata_orig_id@Base 3.2.0
+ knot_tsig_rdata_other_data@Base 3.2.0
+ knot_tsig_rdata_other_data_length@Base 3.2.0
+ knot_tsig_rdata_set_fudge@Base 3.2.0
+ knot_tsig_rdata_set_mac@Base 3.2.0
+ knot_tsig_rdata_set_orig_id@Base 3.2.0
+ knot_tsig_rdata_set_other_data@Base 3.2.0
+ knot_tsig_rdata_set_time_signed@Base 3.2.0
+ knot_tsig_rdata_time_signed@Base 3.2.0
+ knot_tsig_rdata_tsig_timers_length@Base 3.2.0
+ knot_tsig_rdata_tsig_variables_length@Base 3.2.0
+ knot_tsig_server_check@Base 3.2.0
+ knot_tsig_sign@Base 3.2.0
+ knot_tsig_sign_next@Base 3.2.0
+ knot_tsig_wire_maxsize@Base 3.2.0
+ knot_tsig_wire_size@Base 3.2.0
+ yp_addr@Base 3.2.0
+ yp_addr_noport@Base 3.2.0
+ yp_addr_noport_to_bin@Base 3.2.0
+ yp_addr_noport_to_txt@Base 3.2.0
+ yp_addr_range_to_bin@Base 3.2.0
+ yp_addr_range_to_txt@Base 3.2.0
+ yp_addr_to_bin@Base 3.2.0
+ yp_addr_to_txt@Base 3.2.0
+ yp_base64_to_bin@Base 3.2.0
+ yp_base64_to_txt@Base 3.2.0
+ yp_bool_to_bin@Base 3.2.0
+ yp_bool_to_txt@Base 3.2.0
+ yp_deinit@Base 3.2.0
+ yp_dname_to_bin@Base 3.2.0
+ yp_dname_to_txt@Base 3.2.0
+ yp_format_id@Base 3.2.0
+ yp_format_key0@Base 3.2.0
+ yp_format_key1@Base 3.2.0
+ yp_hex_to_bin@Base 3.2.0
+ yp_hex_to_txt@Base 3.2.0
+ yp_init@Base 3.2.0
+ yp_int_to_bin@Base 3.2.0
+ yp_int_to_txt@Base 3.2.0
+ yp_item_to_bin@Base 3.2.0
+ yp_item_to_txt@Base 3.2.0
+ yp_option_to_bin@Base 3.2.0
+ yp_option_to_txt@Base 3.2.0
+ yp_parse@Base 3.2.0
+ yp_schema_check_deinit@Base 3.2.0
+ yp_schema_check_init@Base 3.2.0
+ yp_schema_check_parser@Base 3.2.0
+ yp_schema_check_str@Base 3.2.0
+ yp_schema_copy@Base 3.2.0
+ yp_schema_find@Base 3.2.0
+ yp_schema_free@Base 3.2.0
+ yp_schema_merge@Base 3.2.0
+ yp_schema_purge_dynamic@Base 3.2.0
+ yp_set_input_file@Base 3.2.0
+ yp_set_input_string@Base 3.2.0
+ yp_str_to_bin@Base 3.2.0
+ yp_str_to_txt@Base 3.2.0
diff --git a/debian/libknot13.symbols.ia64 b/debian/libknot13.symbols.ia64
new file mode 120000
index 0000000..a709262
--- /dev/null
+++ b/debian/libknot13.symbols.ia64
@@ -0,0 +1 @@
+libknot13.symbols.hurd-i386 \ No newline at end of file
diff --git a/debian/libknot13.symbols.kfreebsd-amd64 b/debian/libknot13.symbols.kfreebsd-amd64
new file mode 120000
index 0000000..a709262
--- /dev/null
+++ b/debian/libknot13.symbols.kfreebsd-amd64
@@ -0,0 +1 @@
+libknot13.symbols.hurd-i386 \ No newline at end of file
diff --git a/debian/libknot13.symbols.kfreebsd-i386 b/debian/libknot13.symbols.kfreebsd-i386
new file mode 120000
index 0000000..a709262
--- /dev/null
+++ b/debian/libknot13.symbols.kfreebsd-i386
@@ -0,0 +1 @@
+libknot13.symbols.hurd-i386 \ No newline at end of file
diff --git a/debian/libknot13.symbols.m68k b/debian/libknot13.symbols.m68k
new file mode 120000
index 0000000..a709262
--- /dev/null
+++ b/debian/libknot13.symbols.m68k
@@ -0,0 +1 @@
+libknot13.symbols.hurd-i386 \ No newline at end of file
diff --git a/debian/libknot13.symbols.powerpc b/debian/libknot13.symbols.powerpc
new file mode 120000
index 0000000..a709262
--- /dev/null
+++ b/debian/libknot13.symbols.powerpc
@@ -0,0 +1 @@
+libknot13.symbols.hurd-i386 \ No newline at end of file
diff --git a/debian/libknot13.symbols.sh4 b/debian/libknot13.symbols.sh4
new file mode 120000
index 0000000..a709262
--- /dev/null
+++ b/debian/libknot13.symbols.sh4
@@ -0,0 +1 @@
+libknot13.symbols.hurd-i386 \ No newline at end of file
diff --git a/debian/libknot13.symbols.sparc64 b/debian/libknot13.symbols.sparc64
new file mode 120000
index 0000000..a709262
--- /dev/null
+++ b/debian/libknot13.symbols.sparc64
@@ -0,0 +1 @@
+libknot13.symbols.hurd-i386 \ No newline at end of file
diff --git a/debian/libknot13.symbols.x32 b/debian/libknot13.symbols.x32
new file mode 120000
index 0000000..a709262
--- /dev/null
+++ b/debian/libknot13.symbols.x32
@@ -0,0 +1 @@
+libknot13.symbols.hurd-i386 \ No newline at end of file
diff --git a/debian/libzscanner4.install b/debian/libzscanner4.install
new file mode 100644
index 0000000..a8dc226
--- /dev/null
+++ b/debian/libzscanner4.install
@@ -0,0 +1 @@
+usr/lib/*/libzscanner.so.*
diff --git a/debian/libzscanner4.symbols b/debian/libzscanner4.symbols
new file mode 100644
index 0000000..d918fb0
--- /dev/null
+++ b/debian/libzscanner4.symbols
@@ -0,0 +1,12 @@
+libzscanner.so.4 libzscanner4 #MINVER#
+* Build-Depends-Package: libknot-dev
+ zs_deinit@Base 3.1.1
+ zs_errorname@Base 3.1.1
+ zs_init@Base 3.1.1
+ zs_parse_all@Base 3.1.1
+ zs_parse_record@Base 3.1.1
+ zs_set_input_file@Base 3.1.1
+ zs_set_input_string@Base 3.1.1
+ zs_set_processing@Base 3.1.1
+ zs_set_processing_comment@Base 3.1.1
+ zs_strerror@Base 3.1.1
diff --git a/debian/not-installed b/debian/not-installed
new file mode 100644
index 0000000..c928be1
--- /dev/null
+++ b/debian/not-installed
@@ -0,0 +1 @@
+etc/knot/example.com.zone
diff --git a/debian/prepare-environment b/debian/prepare-environment
new file mode 100755
index 0000000..7176f5e
--- /dev/null
+++ b/debian/prepare-environment
@@ -0,0 +1,38 @@
+#!/bin/sh
+
+set -eu
+
+CONFFILE=${1:-/etc/knot/knot.conf}
+
+if [ ! -r $CONFFILE ]; then
+ echo "$CONFFILE doesn't exist or has wrong permissions."
+ exit 1;
+fi
+
+KNOT_RUNDIR=$(sed -ne "s/#.*$//;s/.*rundir: \"*\([^\";]*\\).*/\\1/p;" $CONFFILE)
+[ -z "$KNOT_RUNDIR" ] && KNOT_RUNDIR=/run/knot
+
+mkdir --parents "$KNOT_RUNDIR";
+
+KNOT_USER=$(sed -ne "s/#.*$//;s/.*user:[ \"]*\\([^\\:\"]*\\)[ \"]*/\\1/p;" $CONFFILE)
+
+if [ -n "$KNOT_USER" ]; then
+ if ! getent passwd $KNOT_USER >/dev/null; then
+ echo "Configured user '$KNOT_USER' doesn't exist."
+ exit 1
+ fi
+
+ KNOT_GROUP=$(sed -ne "s/#.*$//;s/.*user:[ \"]*[^\\:\"]*\\:\\([^\"]*\\)[ \"]*/\\1/p;" $CONFFILE)
+ if [ -z "$KNOT_GROUP" ]; then
+ KNOT_GROUP=$(getent group $(getent passwd "$KNOT_USER" | cut -f 4 -d :) | cut -f 1 -d :)
+ fi
+
+ if ! getent group $KNOT_GROUP >/dev/null; then
+ echo "Configured group '$KNOT_GROUP' doesn't exist."
+ exit 1
+ fi
+ chown --silent "$KNOT_USER:$KNOT_GROUP" "$KNOT_RUNDIR"
+ chmod 775 "$KNOT_RUNDIR"
+fi
+
+:
diff --git a/debian/rules b/debian/rules
new file mode 100755
index 0000000..c1eed95
--- /dev/null
+++ b/debian/rules
@@ -0,0 +1,111 @@
+#!/usr/bin/make -f
+
+export DEB_BUILD_MAINT_OPTIONS = hardening=+all
+export DEB_CFLAGS_MAINT_APPEND = -Wall -DNDEBUG
+
+export DPKG_GENSYMBOLS_CHECK_LEVEL := 4
+export KNOT_SOFTHSM2_DSO = /usr/lib/softhsm/libsofthsm2.so
+export KNOT_VERSION_FORMAT = release
+
+ifeq ($(DEB_HOST_ARCH),$(filter $(DEB_HOST_ARCH),riscv64))
+ export DEB_LDFLAGS_MAINT_APPEND += -latomic
+endif
+
+include /usr/share/dpkg/default.mk
+
+ifeq (maint,$(filter $(DEB_BUILD_OPTIONS),maint))
+ FASTPARSER := --disable-fastparser
+else
+ FASTPARSER := --enable-fastparser
+endif
+
+# To make it build on sh4.
+# See https://buildd.debian.org/status/fetch.php?pkg=knot&arch=sh4&ver=3.0.2-2&stamp=1607372581&raw=0
+ifeq ($(DEB_HOST_ARCH),$(filter $(DEB_HOST_ARCH),sh4))
+ FASTPARSER := --disable-fastparser
+else
+ FASTPARSER := --enable-fastparser
+endif
+
+ifeq ($(DEB_HOST_ARCH),$(filter $(DEB_HOST_ARCH),hurd-i386))
+ RECVMMSG:=--enable-recvmmsg=no
+else
+ RECVMMSG:=--enable-recvmmsg=yes
+endif
+
+ifeq ($(DEB_HOST_ARCH),$(filter $(DEB_HOST_ARCH),amd64 i386))
+ RUN_TEST :=
+else
+ RUN_TEST := -timeout --kill-after=5s 5m
+endif
+
+# MAJOR.MINOR version part
+BASE_VERSION := $(shell echo $(DEB_VERSION) | sed 's/^\([^.]\+\.[^.]\+\).*/\1/')
+
+PYBUILD = pybuild --dir python --dest-dir debian/python3-libknot
+
+%:
+ dh $@ \
+ --exclude=.la --exclude=example.com.zone \
+ --with python3
+
+override_dh_auto_configure:
+ echo confirming architecture...
+ echo 'arch:' $(DEB_HOST_ARCH)
+ echo 'filtered arch:' $(filter $(DEB_HOST_ARCH),mips powerpc riscv64)
+ echo 'DEB_LDFLAGS_MAINT_APPEND:' $(DEB_LDFLAGS_MAINT_APPEND)
+ echo done
+ dh_auto_configure -- \
+ --sysconfdir=/etc \
+ --localstatedir=/var/lib \
+ --libexecdir=/usr/lib/knot \
+ --with-rundir=/run/knot \
+ --with-moduledir=/usr/lib/$(DEB_HOST_MULTIARCH)/knot/modules-$(BASE_VERSION) \
+ --with-storage=/var/lib/knot \
+ --enable-systemd=auto \
+ --enable-dnstap \
+ --with-module-dnstap=shared \
+ --with-module-geoip=shared \
+ $(RECVMMSG) \
+ $(FASTPARSER) \
+ --disable-silent-rules \
+ --enable-quic
+
+override_dh_auto_configure-indep:
+ $(PYBUILD) --configure
+
+override_dh_auto_build-indep:
+ dh_auto_build -- info html
+ $(PYBUILD) --build
+
+override_dh_auto_install-arch:
+ dh_auto_install -- install
+ # rename knot.sample.conf to knot.conf
+ mv $(CURDIR)/debian/tmp/etc/knot/knot.sample.conf $(CURDIR)/debian/tmp/etc/knot/knot.conf
+ # Some workarounds where XDP is unavailable
+ @if [ -f "$(CURDIR)/debian/tmp/usr/sbin/kxdpgun" ]; then \
+ echo "XDP enabled"; \
+ else \
+ echo "XDP disabled"; \
+ touch $(CURDIR)/debian/tmp/usr/share/man/man8/kxdpgun.8; \
+ printf '#!/bin/sh\n\necho "kxdpgun not available"\n' > $(CURDIR)/debian/tmp/usr/sbin/kxdpgun; \
+ fi
+
+override_dh_auto_install-indep:
+ dh_auto_install -- install-info install-html
+ # rename knot.sample.conf to knot.conf
+ mv $(CURDIR)/debian/tmp/etc/knot/knot.sample.conf $(CURDIR)/debian/tmp/etc/knot/knot.conf
+ $(PYBUILD) --install
+
+override_dh_auto_test-indep:
+override_dh_auto_test-arch:
+ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS)))
+ $(RUN_TEST) dh_auto_test
+ $(MAKE) -C samples knot.sample.conf
+endif
+
+override_dh_missing:
+ dh_missing --fail-missing
+
+override_dh_installchangelogs:
+ dh_installchangelogs NEWS
diff --git a/debian/salsa-ci.yml b/debian/salsa-ci.yml
new file mode 100644
index 0000000..33c3a64
--- /dev/null
+++ b/debian/salsa-ci.yml
@@ -0,0 +1,4 @@
+---
+include:
+ - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/salsa-ci.yml
+ - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/pipeline-jobs.yml
diff --git a/debian/source/format b/debian/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)
diff --git a/debian/tests/authoritative-server b/debian/tests/authoritative-server
new file mode 100755
index 0000000..028dfbf
--- /dev/null
+++ b/debian/tests/authoritative-server
@@ -0,0 +1,150 @@
+#!/bin/bash
+
+# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+# 2018-11-02
+# License: GPLv3+
+
+# error on exit
+set -e
+# for handling jobspecs:
+set -m
+
+if [ -z "$AUTOPKGTEST_ARTIFACTS" ]; then
+ d="$(mktemp -d)"
+ remove="$d"
+else
+ d="$AUTOPKGTEST_ARTIFACTS"
+fi
+ip="${TESTIP:-127.$(( $RANDOM % 256 )).$(( $RANDOM % 256 )).$(( $RANDOM % 256 ))}"
+port="${PORT:-8123}"
+knotc="${KNOTC:-/usr/sbin/knotc}"
+knotd="${KNOTD:-/usr/sbin/knotd}"
+keymgr="${KEYMGR:-/usr/sbin/keymgr}"
+kdig="${KDIG:-$(command -v kdig)}"
+kzonecheck="${KZONECHECK:-$(command -v kzonecheck)}"
+test_address="${TEST_ADDRESS:-192.0.2.199}"
+
+declare -a knot_conf="--config=$d/knot.conf"
+declare -a knot_args=("$knot_conf" --verbose)
+
+printf "%s + %s roundtrip tests\n------------\n workdir: %s\n IP addr: %s\n knot args: %s\n" "$knotd" "$kdig" "$d" "$ip" "${knot_args[*]}"
+
+section() {
+ printf "\n%s\n" "$1"
+ sed 's/./-/g' <<<"$1"
+}
+
+cleanup () {
+ section "cleaning up"
+ find "$d" -ls
+ "${knotc}" "${knot_args[@]}" stop
+ wait %1
+ tail -n +1 -v "$d"/*.err
+ if [ "$remove" ]; then
+ printf "\ncleaning up working directory %s\n" "$remove"
+ rm -rf "$remove"
+ fi
+}
+trap cleanup EXIT
+
+section "set up config file and zonefile"
+
+user=$(id -nu)
+group=$(id -ng)
+cat > "$d/knot.conf" <<EOF
+server:
+ rundir: "$d"
+ listen: $ip@$port
+ user: $user:$group
+database:
+ storage: "$d"
+template:
+ - id: default
+ storage: "$d"
+ file: "%s.zone"
+zone:
+ - domain: example.net
+ dnssec-signing: on
+EOF
+
+cat > "$d/example.net.zone" <<EOF
+@ 1D IN SOA a.ns hostmaster 2018103100 3h 15m 1w 1d
+@ 1D IN NS a.ns.example.net.
+@ 1D IN NS b.ns.example.net.
+a.ns 1D IN A 192.0.2.1
+b.ns 1D IN A 192.0.2.2
+test 1D IN A $test_address
+EOF
+
+find "$d" -maxdepth 1 -type f -print0 | xargs -0 tail -n +1 -v
+
+mkdir -p "${d}"
+
+section "kzonecheck'ing zonefile"
+"${kzonecheck}" -v "$d/example.net.zone"
+
+section "launching knot"
+"${knotd}" "${knot_args[@]}" 2> "$d/knotd.err" &
+
+# FIXME: this is an annoying poll -- would be better if we could be
+# alerted when the daemon is done setting up the socket, but i don't
+# want to "--daemonize" if i can avoid it because i want the shell to
+# remain in direct supervision of all its processes
+tried=0
+while [ $tried -lt 10 ] ; do
+ if "${knotc}" "${knot_args[@]}" status 2>&1; then
+ break;
+ fi
+ sleep 0.5
+ tried=$(( $tried + 1 ))
+done
+if [ $tried -ge 10 ]; then
+ printf "failed to use %s\n" "${knotc}" >&2
+ exit 1
+fi
+
+section "querying knot"
+"${kdig}" -p "${port}" @"${ip}" -t A test.example.net test2.example.net
+answer="$("${kdig}" +short -p "${port}" @"${ip}" -t A test.example.net)"
+if ! [ "$answer" = "$test_address" ]; then
+ printf "test.example.net mismatch!\nexpected: %s\n got: %s\n" "$test_address" "$answer" >&2
+ exit 1
+fi
+answer2="$("${kdig}" +short -p "${port}" @"${ip}" -t A test2.example.net)"
+if ! [ "$answer2" = "" ]; then
+ printf "test2.example.net gave unexpected answer!\n got: %s\n" "$answer2" >&2
+ exit 1
+fi
+
+section "modifying zone"
+printf "test2 1D IN A $test_address\n" >>"$d/example.net.zone"
+sed -i 's/^@ 1D IN SOA.*/@ 1D IN SOA a.ns hostmaster 2018110100 3h 15m 1w 1d/' "$d/example.net.zone"
+"${knotc}" "${knot_args[@]}" reload
+sleep 1
+
+section "querying again"
+"${kdig}" -p "${port}" @"${ip}" -t A test.example.net test2.example.net
+answer="$("${kdig}" +short -p "${port}" @"${ip}" -t A test.example.net)"
+if ! [ "$answer" = "$test_address" ]; then
+ printf "test.example.net mismatch!\nexpected: %s\n got: %s\n" "$test_address" "$answer" >&2
+ exit 1
+fi
+answer2="$("${kdig}" +short -p "${port}" @"${ip}" -t A test2.example.net)"
+if ! [ "$answer2" = "$test_address" ]; then
+ printf "test2.example.net mismatch!\nexpected: %s\n got: %s\n" "$test_address" "$answer2" >&2
+ exit 1
+fi
+
+section "querying DNSSEC"
+"${kdig}" -p "${port}" @"${ip}" -t DNSKEY example.net. +dnssec
+if ! "${kdig}" -p "${port}" @"${ip}" -t DNSKEY example.net. +dnssec 2>&1 | grep -q "RRSIG[[:space:]]*DNSKEY"; then
+ printf "DNSSEC query not successful" >&2
+ exit 1
+fi
+
+section "listing keys with keymgr"
+"${keymgr}" "$knot_conf" -e example.net. list
+if ! "${keymgr}" "$knot_conf" -e example.net. list 2>&1 | grep -q "ksk=yes"; then
+ printf "keymgr did not list KSK as expected" >&2
+ exit 1
+fi
diff --git a/debian/tests/control b/debian/tests/control
new file mode 100644
index 0000000..e8b3dcb
--- /dev/null
+++ b/debian/tests/control
@@ -0,0 +1,13 @@
+Tests: kdig
+Restrictions: skippable
+Depends:
+ ca-certificates,
+ iputils-ping,
+ knot-dnsutils,
+
+Tests: authoritative-server
+Depends:
+ findutils,
+ knot,
+ knot-dnsutils,
+ knot-dnssecutils,
diff --git a/debian/tests/kdig b/debian/tests/kdig
new file mode 100755
index 0000000..f1dbe5a
--- /dev/null
+++ b/debian/tests/kdig
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+set -e
+
+# Skip the test if no internet access
+ping -c1 1.1.1.1 2>&1 || exit 77
+
+expected=198.41.0.4
+answer=$(kdig +short +tls-ca @1.1.1.1 -q a.root-servers.net. -t A 2>&1 || true)
+
+if [ "$answer" != "$expected" ]; then
+ printf "expected: %s\ngot: %s\n" "$expected" "$answer" >&2
+ kdig -d +tls-ca @1.1.1.1 -q a.root-servers.net. -t A
+fi
diff --git a/debian/ufw/knot b/debian/ufw/knot
new file mode 100644
index 0000000..ee36916
--- /dev/null
+++ b/debian/ufw/knot
@@ -0,0 +1,4 @@
+[Knot]
+title=Internet Domain Name Server
+description=The Knot DNS implements an Internet domain name server.
+ports=53
diff --git a/debian/upstream/signing-key.asc b/debian/upstream/signing-key.asc
new file mode 100644
index 0000000..7935cee
--- /dev/null
+++ b/debian/upstream/signing-key.asc
@@ -0,0 +1,51 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBFljlBcBEACuCSBlN1vTS9eEDqowZcLAAF8NytcTlRjXTLWMQtjU+fXkz9Vz
+10n9TIFj9Kcec0p0+8F+SowybecwhmYoUzhKI7S9M1ziUmaIhFs2KvZ1GzigE/W5
+L448P/7pugh875e1tIrkrbbcIp6+SxaLbgvXlFl630ILZl/gbYOa/Wk21sLu4RjQ
+Y39oHb0WTiwPnKhdMdwlnxm6HeWkHzlvI9N8tlDc6oVnUfqVI8gUyExLnEYjDpZf
+orTVgHRq6RNyfTRZkh8zRsXSTnJlk/bVEDW5i/VgIQugzkgpuTGWlCstryi/MRhe
+NxU1YEUenT69okb96QStfr1J00n8L4VAs8V5IuFUcSc8UqSpB+LgERRTMRFo9IrE
+XAW/gEKlEVR+501BvJ0/Qggxbgz4PEnKNaxXmAnykJzot2VDKTzrr26a9LnrT0GW
+om9rg89Ih876PA53vUXBB+FWP9QOFDcOfz3nMjCrLbMzhTsAzrNFXxchzLq+66CL
+qsQQytDVFpLI+X++sKRTOHkq6vV1bAPjlljrannLnn1y/DvkOOkiHOdYyjmR7Dfk
+vxgcWh/3Gx4J9gipxZITOr7LamEYgHfElY/UWCtc1Vjt8Xvgt4dofDpvSwY9YzgR
+WxJKC5ewYdqTCI+zxL1f0fjkeiRYNi959UMMjgdcY7Zpi8oPPQmlyBw15QARAQAB
+tCZEYW5pZWwgU2Fsem1hbiA8ZGFuaWVsLnNhbHptYW5AbmljLmN6PokCPQQTAQoA
+JwUCWWOUFwIbAwUJA8JnAAULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRAQu3r2
+/rvWq1+eEAClhOEK2MZOz+nwJSeX7iINKbw477Y+LSvYkKG81pve+xtblQEn7rI3
+cYnDrqlUb3bXdbMHujYrg1fPoccpCvf6d/JvlN6WXCE25R+GR6vxr6v7jycHdSOb
+Fe4sTcwce6IViwiWiSizh4UCkz8285LjLcf3AnT2v6GJwHiZbPOeMQUNIRj6PEYL
+SQsq0ZlqEx8LGKLTc5Ukrkoi4lN44SI1rzSwDPIqvlvrVnDXcDB8M7E2Ii51zU8/
+TVk920KeayUeCPxpmgQW3USI45NrE/jEgyodyxMGp5lg3OqzHT2wu9BVLWkQvTjF
+fLfEsTay4K4kUSbYzbpS93b33J+I20rYLGBBYlTrN5417IgF6Bb8NzyrfVy1Wdqh
+cggAEKX5EkOmZM8oduRxsHqiRLC/xKF8GqTo6t3GMS5i8RClNvmdq0WUkQUvld4b
+OnXBCZ2QLbjV7sXjcr56ee+qdpiuRQjEidjHzpibcIBN8LVupVgXAZl9lsiBtoJX
+OHsvSdU3VgGWnRGtzFjSHzl3TRPIsaVVqD7aCzQDfXDjrGlmhzgDfMwkqmBGgsku
+8tSR3Ag0MRAouJFXiZrcM3XGeYVbHT6dt7UMAB27Xc5foc0kGRo5tzlK6rWG2sJI
+lcQB7tKvwI/tE9lwJDjw+XNekEdIpcdcQ7mWa1COYkcYTre3oPmN+7kCDQRZY5QX
+ARAA6RnxYG82/X+A49srgHR9yIxlHqSq6IhNn+iJQ5lpVpfeBItOG4NDu4Aq5X41
+pAJ3NKxsCPV62gEald/C7gJrTI5rag/87GYFFo6QRrwGsWVGORGs9G1pBF7ZZwhP
+JwD3MeagGZNfWZzRxXefL1P3mrpO3etSEEwENHtCqEMP6x/JHh3SKonKAlL4xfj3
+F54aKj4upIcjxGBAJH8u66bN1GmYjstBzzbD4TWNTwfKgp15XxjrTgbThFy7CBoO
+gcaApiYTPE7D5nB1+AyhGjnO3ZlNgy1ZIHVDFk6HEakaqKM9QlkJnZsB2+cTqXlV
+0etmFQsedCg2sUier0hhIrEOOtGQbY1P+0vv+VRoaNym3ritl+70RG8WgrHNLMRH
+VGeLRq3gOFnt+d/3h7meAKbORW/ZY30UpwthtlZYgciFzoDJCW8Be1i1X4toiUaM
+kFh79jd7YTvZ87+P4DllC9MNsoq5cY/bHBNZYtXf7y6XqVqYo2IbFUR3VXKtzSN5
+eYm5YpFPczzmg1bNgl3i6WBcOF4EPEJEVjZ+u1r59NvfVLQ8XVh/QmLoG7x8oFcv
+hWctMy17Vdm4qZjpSA+B1sQocehdra+xT+PWV0kcrYpsqwkYeFRQnJGqIupWHnot
+qGOBNAyQWIcjK6K5y0CeioJZpNN5Oe5XloMXsYmgXsR+gTUAEQEAAYkCJQQYAQoA
+DwUCWWOUFwIbDAUJA8JnAAAKCRAQu3r2/rvWq+IQD/9ikZ5MtdDOVLtULPqXXeP3
+6Oss2Ie4/4IQ7xkUZZ/Ujig0x1rW+d21o92VryH1s4K+nyCIW31rbtexK/0a54/w
+Zyyjbqfh6Tgo9n3f5bMV9qyubb49cfTSKfgzoOkG8Xdc/TIO1IjWHy1NBDl8GWKJ
+0QPYz78SCCkEFiVCAFBjuIQsoPqDKcZTs7k661w0A75ken88JJLgUgffZJRQK0i1
+dCw8kS4c2pqm24Q6d0AF5EdqXn2IFH82p49Pp5bRMY3LnibRL3Sq0xvXs7i5vY+o
+JLuPAdomiGbdEbxcLytqQ2KitVdrGvrnZJxPs16m0uuTeM06krorDlgGBXFp5+Z9
+JbQpViHkVpLo+vf/GuT9WOWWH8gG0r14ZLVQTvCGXiAR4Aju7W5jPMPmVDJ+wMrD
+cLta1Jv0U0+AnVe67mRXb0n5E/7kVshB3rfGzunPSlqT5kEiOXq6fJWB2l0lzCv0
+WtNuINmU9U3ap1oZBGSYl83vyuRUIlx61/tlnJvwseBL1FmASXOgfedCsxjHIlgF
+SUeScLxnOSyap/4ePqZ0C76Nkvzx43SfM1LJUeCHwon0o+LZv2GlBmlEp6PbekRQ
+Tz1hewLBbfAeXZRnwxvmkRqTP4DJCIVu2AE47+rbqVEjJZuEO4ORlkKoBdLOV3HN
+xWbfbG7+n/h2cnUw3pqbHw==
+=4CxJ
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/debian/watch b/debian/watch
new file mode 100644
index 0000000..7cf9ea1
--- /dev/null
+++ b/debian/watch
@@ -0,0 +1,4 @@
+version=4
+opts=uversionmangle=s/-((alpha|beta|rc)\d*)$/~$1/,pgpsigurlmangle=s/$/.asc/,dversionmangle=s/\+hotfix// \
+https://secure.nic.cz/files/knot-dns/ \
+(?:|.*/)knot(?:[_\-]v?|)(\d\S*)\.(?:tar\.xz|txz|tar\.bz2|tbz2|tar\.gz|tgz)