Releases: hickory-dns/hickory-dns
Client and Server 0.13, CAA and TLSA support
0.13.0 Client and Server
Added
- TRust-DNS Proto crate to separate server management from base operations #222
- TRust-DNS Util crate for dnssec management tools (@briansmith)
- Integration tests for Server to validate all supported DNSSec key types
- breaking Common features
dnssec-ring
,dnssec-openssl
, anddnssec
across all crates (replacesopenssl
andring
features) - Clarified
tls
feature withtls-openssl
, andtls
in server (in preperation fortls-rustls
) - Support for rfc6844, CAA record type #234
- Support for rfc6698, TLSA record type #285
- Clippy validation in CI #288 (@little-dude)
Changed
- DNSKEY is now self-signed
- Internal API changes to
client
calling intoproto
for actual implementations - Large refactoring of internal APIs to more cleanly support *ring* and OpenSSL features (@briansmith)
ClientHandle::send
moved totrust_dns_proto::DnsHandle::send
(internal API)- Many interfaces moved from
client::ClientStreamHandle
totrust_dns_proto::DnsStreamHandle
Message::sign
has been renamed and change to the more general methodMessage::finalize
- Some
io::Error
s have been converted totrust_dns_proto::ProtoError
SyncClient
andSecureSyncClient
are nowSend + Sync
#245- Unknown RecordTypes and RDatas will no longer error #294
Fixed
- Server: signing issues when loading from persistence
- Server: When SupportedAlgorithms (rfc6975) not supplied default to returning all signatures #215
- Proto: u16::from(DNSClass) now enforces OPT is greater than/or 512 per spec #303
- Improve usage of Rand for message ids and port assignment #291 & #292
- NxDomain and empty NoData responses to be compliant #286 (lots of help from @Darkspirit)
Removed
- Removed the
NativeTls
andOpenSSL
ClientConnection
variants, use the Rustls impls or the tokio basedTlsClientStream
instead. This was required forSyncClient
beingSend + Sync
- Server: no longer auto-generate keys on startup #218
- All deprecated APIs removed from -proto #262
- Server: removed deprated RSA config loading options, see reference test cargo.tomls #276 (@briansmith)
Resolver 0.7.0
0.7.0
Changed
- Resolver no longer depends on Client
- breaking Resolver no longer returns io:Errors, use
From<ResolveError>
forio::Error
- Resolver is now
Send
- DNSSec now disabled by default in Resolver, see
dnssec-ring
ordnssec-openssl
features #268 - CNAME chaining was cleaned up #271 (@briansmith)
- On hostname parsing to IpAddr, return without lookup #302 (@cssivision)
- Change default
LookupIpStrategy
fromIpv4AndIpv6
toIpv4thenIpv6
#301 (@cssivision)
Added
- ResolveError and associated types
Fixed
- Cleaned up CNAME chained lookups, better TTL enforcement, etc #298
Resolver 0.6.0
0.6.0
Changed
- Split UDP and TCP into different NS pools, prefer UDP lookups first
Added
- 64bit Windows support for reading DNS configuration! (@liranringel)
- CNAME chain resolution (where CNAME results are not returned in the same query)
- Resolution prefers
/etc/hosts
before querying (@cssivision)
Client & Server 0.12.0
0.12.0
Fixed
- Server was not properly signing zone after fresh start
Added
- RSA and ECDSA validation with ring for DNSSec, removes dependency on openssl (@briansmith)
lookup
toClientHandle
, simpler form withQuery
query
toQuery
for ease of Query creation
Changed
- Large celanup of signing and verification paths in DNSSec (@briansmith)
- breaking changed
TrustAnchor::insert_trust_anchor
to more safely consumePublicKey
rather thanVec<u8>
Resolver 0.5.0
Resolver 0.5.0
Changed
- breaking
LookupIp
now returns an iterator over owned data (IpAddr is Copy + Clone ref not necessary) - breaking
Resolver::lookup
will now return an Err on NxDomain and NoData responses - rewrote much of the caching and lookup functionality for generic RecordType lookups
- removed &mut from resolver fn interfaces, make it easier to use
Added
- Generic record type lookup
- reverse_lookup for IP to Name lookups
- ipv4_lookup for looking up only ipv4 (lookup_ip has options for dual-stack)
- ipv6_lookup for looking up only ipv6 (lookup_ip has options for dual-stack)
- mx_lookup for querying mail exchanges
- srv_lookup for service records and also a specialized form for ease of use lookup_service
- txt_lookup for text record lookups
Client 0.11.3
Added
lookup
toClientHandle
, simpler form withQuery
query
toQuery
for ease of Query creation
Resolver 0.4.0
0.4.0
Removed
- breaking impl
Iterator
removed fromIpLookup
result type, seeLookupIp::iter
for replacement
Added
- Support for DNSSec validation
- LRU Cache
Resolv.conf parsing for Resolver
This release mainly brings the support for reading the resolv.conf on Unix like systems. Many other improvements were made as well. See the notes below. There were additional changes made to the client library. These include a lot of deprecation of some bad interfaces in Name and some changes to the underlying protocol implementations in the Tokio interface usage.
0.11.0 Client
Added
Name::FromStr
for simpler parsing, specify trailing.
for FQDNName::append_label
for clearer usage while appending labels to a NameName::append_name
for clearer usage while appending one name to anotherName::append_domain
alias for append_name and marking as FQDN
Changed
- breaking all
&mut self
methods onName
deprecated as unsafe, Name labels are now immutable. - breaking All
ClientHandle
traits now take&Handle
instead ofHandle
(@rushmorem) - warning
Name
now tracks if it is a fully qualified domain name, slightly changes name parsing rules, allowingwww.example.com
without the trailing.
, which means that FQDN names are not enforced.
Removed
- deprecated
Name::with_labels
seeName::from_labels
- deprecated
Name::append
wasn't clean, seeName::append_name
- deprecated
Name::add_label
exposed internal data structure, seeName::append_label
- deprecated
Name::label
unclear usage/name, seeName::append_label
- deprecated
Name::prepend_label
exposed internal data structure, unclear usage no replacement - deprecated
Record::add_name
unclear usage no replacement
0.3.0 Resolver
Added
- Added
options attempts:N
akaResolverOpts::attempts
support, aka retries - Added Google IPv6 nameservers as defaults for
ResolverConfig::default
- Added support for domain name search in
ResolverConfig
andLookupIpFuture
- Added support for search names in
ResolverConfig
andLookupIpFuture
- Added
LookupIpFuture
type alias toInnerLookupIpFuture<NameServerPool>
compatibility
Changed
- breaking
LookupIpFuture
renamed toInnerLookupIpFuture
- breaking
InnerLookupIpFuture
now takes a generic parameter, generally<NameServerPool>
Resolver gains Ipv6 resolution
0.2.0 Resolver
Added
- ipv6 parallel lookup
- multiple ipv4 and ipv6 lookup strategies
- library documentation examples
- test coverage for resolver
0.10.5 Client and Server
Added
- Library documentation, examples for client query and update
Changed
- ServerFuture now Accepts generic RequestHandler (@Antti)
Initial release of the Resolver
Right now only A (IPv4) requests are issued. I'll be added AAAA (IPv6) soon. Also note that this release currently does not perform recursive lookups, e.g. following CNAME chains, though many upstream resolvers will do this by default, so shouldn't matter in most cases. The lookup_ip
interface is the only supported option at the moment. I will be adding others over time. It also does not read the system /etc/resolv.conf
, again a future feature. Search paths are also not yet supported, so only a FQDN, with the final .
, will work.
0.1.0 - trust-dns-resolver
Added
- Initial release of the TRust-DNS Resolver
0.10.4 - trust-dns
Added
- Allow more options with Key and KeyUsage
- Initial Resolver implementation
Fixed
- NSEC coverage bitmap overflow in nightly
- Name::zone_of panic (@SAPikachu)