trust-dns v0.15.0 Release Notes
-
๐ Fixed
- ๐ Fix two separate integer overflows from subtractions #585 (@oherrala)
- ๐ strictly enforce name and label lengths during label parsing #584
- enforce that only prior labels are used in label expansion, decompression #578 (@oherrala)
- CAA now properly performs case-insensitive compares #587 (@oherrala)
- ๐ overhauled rdata parsers with Restrict type to reduce potential of overflowing operations #586
โ Added
- ๐ feature
dns-over-rustls
totrust-dns-server
(server) andtrust-dns
(client) - feature
dns-over-https-rustls
experimental #557 - โ
new configuration options for tls, see
server/tests/named_test_configs/dns_over_tls_rustls_and_openssl.toml
- ๐ new utility for querying root key-signing-keys,
util/get-root-ksks
- โก๏ธ updated root trust-anchor to include new
20326
RSA root ksk
๐ Changed
- Make trust_dns_server::server::ResponseHandler Send #593 (sticnarf)
- Wrap types in Restrict and force validation before usage from streams #586
- ๐ฅ breaking Overhauled all
ClientFuture
implementations to align with newDnsExchange
andDnsMultiplexer
components in proto. - ๐ฅ breaking
ClientFuture
after construction, now returns a "background"ClientFuture
and a "foreground"BasicClientHandle
- ๐ฅ breaking
Client
has more type parameters, these match with the same types returned by the*ClientConnection
constructors - ๐ฅ breaking all default features, removed: "dns-over-openssl", "dnssec-openssl". Use --features=dns-over-openssl,dnssec-openssl to enable
- ๐ฅ breaking
named
configuration now has AXFR disabled by default. - ๐ฅ breaking Migrated from error_chain to Failure #474 (@silwol)
- ๐ feature
tls
renamed todns-over-openssl
- โฌ๏ธ upgraded
native-tls
andtokio-tls
to 0.2 - โฌ๏ธ upgraded
rusqlite
to 0.15