Trust Dns Versions Save

Initial Alpha release of 0.23.0

0.23.0

Fixed

• (all) Fix bench errors in rust-analyzer #1777 by jeff-hiner
• (all) Regenerate the test SSL certificates #1781 by ssinger
• (all) Fix some spelling errors #1783 by nhurley3
• (proto) proto: only allow ASCII characters in CAA key/value data #1796 by djc
• (proto) [rfc8659] CAA RR Change references to RFC 6844 to 8659 #1798 by darnuria
• (all) Fixed some clippy warning #1801 by darnuria
• (all) Fix links to client documentation #1808 by clint-white
• (all) fix cleanliness for 1.65 #1821 by bluejekyll
• (proto) Fix stuck of dns over tls with clear text SNI #1826 by mokeyish
• (all) Fix enabling only dns-over-* feature #1833 by NobodyXu
• (proto) OpenSSL 3.0 compliant #1841 by HLFH
• (server) FIX WIP: Zone Parser panics when hostname entry has a leading whitespace. #1842 by wuerges
• (server) Fix $TTL not taken into account with wildcard from zonefile. #1850 by darnuria
• (all) Some cargo clippy fix #1851 by darnuria
• (all) Fix #1835 RUSTSEC-2021-0145 Update clap to 4.0.29. #1853 by darnuria
• (docs) fix DNSSEC typo #1858 by HLFH
• (all) clippy updates for Rust 1.66 #1862 by bluejekyll
• (tests) ignore truncation for fuzz comparison #1872 by bluejekyll
• (tests) fix fuzz build failure #1875 by manunio
• (proto) docs: fix truncated rustdoc TODO on LowerName. #1897 by cpu
• (tests) Fix: invalid benchmark #1900 by XOR-op
• (proto) Fix panics in ClientSubnet conversions #1909 by djc
• (tests) Fix fuzz build #1911 by manunio
• (proto) Fix PTR.to_string() stack overflow #1912 by mokeyish
• (proto) Fix audit upgrade openssl #1914 by mokeyish
• (proto) Fix panic of unexpected close of UDP socket #1915 by mokeyish
• (proto) Lazily reap finished connections in TokioHandle on spawn_bg #1917 by jeff-hiner

Changed

• (resolver) Order name servers by SRTT #1784 by nhurley3
• (resolver) resolver: use errors' Display impl #1785 by hdhoang
• (proto) NameIter use a u8 for start/end. #1787 by darnuria
• (proto) name.rs use DomainNameTooLong in place of Message. #1788 by darnuria
• (proto) Explicit test for label max len and use ProtoErrorKind. #1789 by darnuria
• (cli) Port to clap4 #1791 by darnuria
• (proto) Improve CAA rdata display #1794 by wuerges
• (all) fix #1767 Update tracing-subscriber to 0.3.16 #1797 by darnuria
• (proto) Simplify interface between BinEncoder and MaximalBuf #1802 by djc
• (proto) proto: allow unrestricted length character length in SVCB param values #1806 by djc
• (all) bump MSRV to 1.60 #1813 by bluejekyll
• (all) Lazily reap finished tasks from inner_join_set #1818 by jeff-hiner
• (proto) proto: upgrade to Quinn 0.9 #1822 by djc
• (resolve) Preserve intermediates for TXT records #1828 by schultetwin1
• (all) Feature gate tokio features on mdns crate #1831 by jxs
• (test) python3-ply rather than python-ply #1846 by HLFH
• (docs) Replace http: links with https: #1848 by msrd0
• (docs) Make homepage link simpler for end users #1857 by HLFH
• (resolver) Don't retry authoritative NOERROR with an empty set, from trusted resolvers #1861 by jeff-hiner
• (server) authority: parse with default record class IN. #1874 by cpu
• (resolver) API-breaking change: Deprecate ConnectionProvider with new RuntimeProvider #1876 by XOR-op
• (proto) deps: upgrade Tokio 1.21.0 -> 1.24.1 #1877 by cpu
• (proto) Move client code used by server code down into proto #1879 by djc
• (proto) proto: clean up error logging #1881 by hawkw
• (resolver) Make dns_hostname optional to disable verify #1907 by mokeyish
• (all) Introduce central crate version management #1908 by mokeyish
• (resolver) remove use of time in recursor and client #1918 by zh-jq

Removed

• (server) remove named binary #1859 by HLFH
• (docs) project: remove refs. to removed 'named' binary #1873 by cpu

Added

• (resolve) Add --reverse, --file and --interval to util/resolve #1807 by cunha
• (client) TSIG documenting client tsig code + update rfc link #1810 by darnuria
• (client) Create dedicated Errors types for Tsig error case #1811 by darnuria
• (all) Also declare MSRV in Cargo.toml #1820 by glts
• (proto) Add wireformat buffer to DnsResponse #1855 by mattias-p #1885 by cpu
• (client) client: rm zone parse optional class arg.
• (proto) Implement EDNS Client Subnet ECS reading and writing #1906 by mokeyish

0.22.0

Removed

• (deps) don't pull in env_logger if we aren't actually a binary #1701 by @Noah-Kennedy

Added

• (resolver) Add option to use a provided name server order #1766 by @nhurley3
• (proto) Add invalid utf8 output test for TXT::fmt. #1755 by @darnuria
• (proto) Support 0-RTT in DNS over QUIC #1716 by @msoxzw
• (recursor) new A Trust DNS based Recursor!!! #1710 by @bluejekyll
• (resolver) Allow customizing the static hosts configuration #1705 by @fantix
• (proto/server) Support loading pkcs#1 private key as well #1704 by @lisongmin
• (util) Trust dns client cli (like dig) #1680 by @bluejekyll

Fixed

• (proto) Only retry UDP socket bind if it returned EADDRINUSE #1761 by @peterthejohnston
• (all) Add necessary conditional compilation cfgs #1752 by @trevor-crypto
• (server) Populate name_pointers correctly via MessageResponseBuilder request #1744 by @jeff-hiner
• (resolver) Do not fail parse_resolv_conf on invalid hostname #1740 by @schultetwin1
• (all) doc: Fix warnings reported by cargo doc #1737 by @wiktor-k
• (proto) Use u16::*_be_bytes represent length field (fixes DoQ) #1715 by @msoxzw
• (proto) Prevent invalid 0-length labels via from_raw_bytes #1700 by @jonasbb
• (proto/server) Drop UDP packets on send failure #1696 by @jeff-hiner
• (all) removed .max(0), unnecessary with u32's #1691 by @bluejekyll
• (server) sanitize all addresses received by the server before attempting any r… #1690 by @bluejekyll
• (server) Remove forced (unecessary) Mutex from handler #1679 by @jeff-hiner
• (proto) Fix SvcParamKey::Unknown parsing #1678 by @jeff-hiner

Changed

• (all) Minimum Rust Version now 1.59 #1771 by @bluejekyll
• (client) Parser panic to result #1758 by @darnuria
• (client) Avoid 3 unwrap() call inc Parser::flush_record. #1757 by @darnuria
• (client) Cleanup lex #1756 by @darnuria
• (resovler) Make maximum request depth configurable #1749 by @wiktor-k
• (server) Clean up ForwardAuthority api #1748 by @chotchki
• (resolver) Relax mut requirements for resolver.clear_cache() and add cache flushing example #1747 by @dns2utf8
• (resolver) Lookup access Records list directly #1746 by @izissise
• (proto) Pass DnsRequestOptions to DNSSEC validating routines #1742 by @wiktor-k
• (proto) Increase the maximum request depth to 26 #1736 by @wiktor-k
• (server) Mark ForwardLookup as public #1729 by @chotchki
• (all) upgrade windows openssl version to 1_1_1p #1728 by @bluejekyll
• (all) Converted to tracing from log #1706 by @erikh and @bluejekyll
• (server) Move logger setup code into binary #1703 by @djc
• (proto) ignore errors when disconnected #1695 by @edevil
• (server) RequestInfo derives Clone trait. #1693 by @humb1t
• (proto/server) make doq transport settings more consistent with RFC #1682 by @bluejekyll
• (all) Included githubactions in the dependabot config #1681 by @naveensrinivasan
• (proto) deprecated edns methods on request and replaced with extensions and better scemantics #1675 by @leshow

0.21.2

Added

• (proto) add PartialEq+Hash derives, #1661 by @leshow

Fixed

• (server) fix panic when tcp connect goes away before handling, #1668
• (server) crates/server, InMemoryStore: Use a RwLock instead of a Mutex to manage inner storage, #1665 by @erikh
• (all) fix audit regex failure, #1658
• (resolver) Stop searching for additional records when encountering a name already seen, #1657 by @Mossop
• (proto) fix time txt parsing in SOA records, #1656

Removed

• (all) remove old crates (the ones moved into proto, tag v0.21.1 can get if needed for crates.io), #1655

Changed

• (resolver) keep any address records included in the response to an NS query, #1672 by @db48x
• (resolver) force forwarder to preserve_intermediates, #1660 by @vlmutolo
• (resolver) make constructors for AsyncResolver with custom providers public, #1654 by @Noah-Kennedy

0.21.1

Fixed

• (util) fixed feature build issue in resolve #1649

0.21.0

Added

• (client) Parse DS records (@kmkaplan) #1635
• (fuzz) Added fuzzing configuration (@saethlin) #1626
• (resolver) Add resolver.clear_cache() sync and async (dns2utf8) #1611
• (proto) Add CDS/CDNSKEY records from RFC7344 (frelon) #1595
• (resolver) Configuration of outbound bind address for resolver (@surban) #1586
• (proto) Add CSYNC record from RFC7477 (@frelon) #1583
• (proto) trust_dns_proto::rr::Record now serializable (@mvforell) #1536
• (client) new zone_transfer method for AXFR and IXFR use cases, client only (@trinity-1686a) #1478
• (client) Flag for use_edns configuration on AsyncClient (@astro) #1492
• (client) support for TSIG authentication (@trinity-1686a) #1459

Changed

• (util) openssl is no longer default enabled in trust-dns-utils, bins marked as required as necessary #1644
• (proto) deprecate outdated dnssec algorithms #1640
• (server) pass RequestInfo into Authority on search #1620
• (proto) SSHFP: Ed448 is assigned algorithm 6 in RFC 8709 #1604
• (resolver) Do not retry the same name server on a negative response (@peterthejohnston) #1589
• (all) with-backtrace feature renamed to backtrace (@pinkisemils) #1577
• (resolver) TCP for truncated message responses, but not for other failures on responses (switch for old behavior try_tcp_on_error) ( @peterthejohnston) #1562
• (server) Multiple queries in a message will always result in a FormError now #1554
• (server) ServerFuture and other Catalog related API changes #1554
• (server) By default, the server will now only log a single log line based for a given request (debug will be needed for more details) #1554
• (server) ResponseHandler now must return a ResponseInfo to allow for more consistent logging #1554
• (resolver) Correct behavior around trust_nx_responses (@peterthejohnston) #1556
• (server) ResponseHandler trait is now async_trait, requires all impls to be annotated with #[async_trait] #1550
• (server) Authority impls required to be internally modifiable and Send + Sync #1550
• (server) Most Authority methods changes to async fn rather than returning custom Future impls #1550
• (server) Authority trait is now async_trait, requires all impls to be annotated with #[async_trait] #1550
• (proto) Header now stores ResponseCode instead of just u8 #1537
• (client) improved async client example documentation (@ErwanDL) #1539
• (resolver) on REFUSED (and other negative) response(s), fall back to other nameservers (@peterthejohnston) #1513 #1526
• (client) the feature dnssec is no longer enabled by default, use dnssec-ring or dnssec-openssl #1506
• (server) dnssec functions of Authority moved into DnsSecAuthority #1506
• (all) Most public enum types are now marked #[non_exaustive] #1426
• (resolver) DnsRequestOptions and ResolverOpts now #[non_exaustive] #1426
• (proto) all I/O Streams now use BufDnsStreamHandle rather than generic DnsStreamHandle #1433
• (proto) DnsResponse response now contains only a single Response #1433
• (proto) Name::append_name and Name::append_domain now properly fallible when name is too long #1448
• (resolver) special handling of the onion. TLD added to static resolution with negative responses (@trinity-1686a) #1479
• (proto) internal Futures converted to Streams to support multiple responses, e.g. AXFR (@trinity-1686a) #1478
• (proto) renamed Signer to SigSigner to differentiate from TSigner #1498

Removed

• (all) removed structopt dependency #1644
• (all) removed chrono dependency #1569
• (client) Remove AsyncClientConnect and AsyncSecureClientConnect (future impls) in favor of async constructors (@ErwanDL) #1541
• (proto) removed RecordType::DNSSEC and moved all variants of DNSSECRecordType into RecordType #1506
• (proto) removed BufStreamHandle and StreamHandle #1433
• (response) disabled mdns to work on a new solution #1433

Fixed

• (proto) fix CAA .to_string() crash and format (@hartshorne) #1631
• (proto) fix DoubleEndedIterator impl for Name #1639
• (client) Fix AsyncClient::clone always setting use_edns (@ecton) #1598
• (resolver) Use stream connections if datagram connections are not available (@pinkisemils) #1592
• (server) Release resources when a server future is dropped (@pinkisemils) #1587
• (proto) Panic when name exceeds maximal domain name length during display #1447

0.21.0 (unreleased)

Added

• (fuzz) Added fuzzing configuration (@saethlin) #1626
• (resolver) Add resolver.clear_cache() sync and async (dns2utf8) #1611
• (proto) Add CDS/CDNSKEY records from RFC7344 (frelon) #1595
• (resolver) Configuration of outbound bind address for resolver (@surban) #1586
• (proto) Add CSYNC record from RFC7477 (@frelon) #1583
• (proto) trust_dns_proto::rr::Record now serializable (@mvforell) #1536
• (client) new zone_transfer method for AXFR and IXFR use cases, client only (@trinity-1686a) #1478
• (client) Flag for use_edns configuration on AsyncClient (@astro) #1492
• (client) support for TSIG authentication (@trinity-1686a) #1459

Changed

• (server) pass RequestInfo into Authority on search #1620
• (proto) SSHFP: Ed448 is assigned algorithm 6 in RFC 8709 #1604
• (resolver) Do not retry the same name server on a negative response (@peterthejohnston) #1589
• (all) with-backtrace feature renamed to backtrace (@pinkisemils) #1577
• (resolver) TCP for truncated message responses, but not for other failures on responses (switch for old behavior try_tcp_on_error) ( @peterthejohnston) #1562
• (server) Multiple queries in a message will always result in a FormError now #1554
• (server) ServerFuture and other Catalog related API changes #1554
• (server) By default, the server will now only log a single log line based for a given request (debug will be needed for more details) #1554
• (server) ResponseHandler now must return a ResponseInfo to allow for more consistent logging #1554
• (resolver) Correct behavior around trust_nx_responses (@peterthejohnston) #1556
• (server) ResponseHandler trait is now async_trait, requires all impls to be annotated with #[async_trait] #1550
• (server) Authority impls required to be internally modifiable and Send + Sync #1550
• (server) Most Authority methods changes to async fn rather than returning custom Future impls #1550
• (server) Authority trait is now async_trait, requires all impls to be annotated with #[async_trait] #1550
• (proto) Header now stores ResponseCode instead of just u8 #1537
• (client) improved async client example documentation (@ErwanDL) #1539
• (resolver) on REFUSED (and other negative) response(s), fall back to other nameservers (@peterthejohnston) #1513 #1526
• (client) the feature dnssec is no longer enabled by default, use dnssec-ring or dnssec-openssl #1506
• (server) dnssec functions of Authority moved into DnsSecAuthority #1506
• (all) Most public enum types are now marked #[non_exaustive] #1426
• (resolver) DnsRequestOptions and ResolverOpts now #[non_exaustive] #1426
• (proto) all I/O Streams now use BufDnsStreamHandle rather than generic DnsStreamHandle #1433
• (proto) DnsResponse response now contains only a single Response #1433
• (proto) Name::append_name and Name::append_domain now properly fallible when name is too long #1448
• (resolver) special handling of the onion. TLD added to static resolution with negative responses (@trinity-1686a) #1479
• (proto) internal Futures converted to Streams to support multiple responses, e.g. AXFR (@trinity-1686a) #1478
• (proto) renamed Signer to SigSigner to differentiate from TSigner #1498

Removed

• (all) removed chrono dependency #1569
• (client) Remove AsyncClientConnect and AsyncSecureClientConnect (future impls) in favor of async constructors (@ErwanDL) #1541
• (proto) removed RecordType::DNSSEC and moved all variants of DNSSECRecordType into RecordType #1506
• (proto) removed BufStreamHandle and StreamHandle #1433
• (response) disabled mdns to work on a new solution #1433

Fixed

• (clien) Fix AsyncClient::clone always setting use_edns (ecton) #1598
• (resolver) Use stream connections if datagram connections are not available (@pinkisemils) #1592
• (server) Release resources when a server future is dropped (@pinkisemils) #1587
• (proto) Panic when name exceeds maximal domain name length during display #1447

0.20.4

Fixed

• (all) updated tokio dependencies to 1.16 #1623
• (all) removed audit chrono due to rustsec audit failure (backport) #1623

Changed

• (all) Increased MSRV to 1.51

0.21.0 (unreleased)

Added

• (proto) trust_dns_proto::rr::Record now serializable (@mvforell) #1536
• (client) new zone_transfer method for AXFR and IXFR use cases, client only (@trinity-1686a) #1478
• (client) Flag for use_edns configuration on AsyncClient (@astro) #1492
• (client) support for TSIG authentication (@trinity-1686a) #1459

Changed

• (resolver) TCP for truncated message responses, but not for other failures on responses (switch for old behavior try_tcp_on_error) ( @peterthejohnston) #1562
• (server) Multiple queries in a message will always result in a FormError now #1554
• (server) ServerFuture and other Catalog related API changes #1554
• (server) By default, the server will now only log a single log line based for a given request (debug will be needed for more details) #1554
• (server) ResponseHandler now must return a ResponseInfo to allow for more consistent logging #1554
• (resolver) Correct behavior around trust_nx_responses (@peterthejohnston) #1556
• (server) ResponseHandler trait is now async_trait, requires all impls to be annotated with #[async_trait] #1550
• (server) Authority impls required to be internally modifiable and Send + Sync #1550
• (server) Most Authority methods changes to async fn rather than returning custom Future impls #1550
• (server) Authority trait is now async_trait, requires all impls to be annotated with #[async_trait] #1550
• (proto) Header now stores ResponseCode instead of just u8 #1537
• (client) improved async client example documentation (@ErwanDL) #1539
• (resolver) on REFUSED (and other negative) response(s), fall back to other nameservers (@peterthejohnston) #1513 #1526
• (client) the feature dnssec is no longer enabled by default, use dnssec-ring or dnssec-openssl #1506
• (server) dnssec functions of Authority moved into DnsSecAuthority #1506
• (all) Most public enum types are now marked #[non_exaustive] #1426
• (resolver) DnsRequestOptions and ResolverOpts now #[non_exaustive] #1426
• (proto) all I/O Streams now use BufDnsStreamHandle rather than generic DnsStreamHandle #1433
• (proto) DnsResponse response now contains only a single Response #1433
• (proto) Name::append_name and Name::append_domain now properly fallible when name is too long #1448
• (resolver) special handling of the onion. TLD added to static resolution with negative responses (@trinity-1686a) #1479
• (proto) internal Futures converted to Streams to support multiple responses, e.g. AXFR (@trinity-1686a) #1478
• (proto) renamed Signer to SigSigner to differentiate from TSigner #1498

Removed

• (client) Remove AsyncClientConnect and AsyncSecureClientConnect (future impls) in favor of async constructors (@ErwanDL) #1541
• (proto) removed RecordType::DNSSEC and moved all variants of DNSSECRecordType into RecordType #1506
• (proto) removed BufStreamHandle and StreamHandle #1433
• (response) disabled mdns to work on a new solution #1433

Fixed

• (proto) Panic when name exceeds maximal domain name length during display #1447

0.21.0 (unreleased)

Added

• (proto) trust_dns_proto::rr::Record now serializable (@mvforell) #1536
• (client) new zone_transfer method for AXFR and IXFR use cases, client only (@trinity-1686a) #1478
• (client) Flag for use_edns configuration on AsyncClient (@astro) #1492
• (client) support for TSIG authentication (@trinity-1686a) #1459

Changed

• (resolver) Correct behavior around trust_nx_responses (@peterthejohnston) #1556
• (server) ResponseHandler trait is now async_trait, requires all impls to be annotated with #[async_trait] #1550
• (server) Authority impls required to be internally modifiable and Send + Sync #1550
• (server) Most Authority methods changes to async fn rather than returning custom Future impls #1550
• (server) Authority trait is now async_trait, requires all impls to be annotated with #[async_trait] #1550
• (proto) Header now stores ResponseCode instead of just u8 #1537
• (client) improved async client example documentation (@ErwanDL) #1539
• (resolver) on REFUSED (and other negative) response(s), fall back to other nameservers (@peterthejohnston) #1513 #1526
• (client) the feature dnssec is no longer enabled by default, use dnssec-ring or dnssec-openssl #1506
• (server) dnssec functions of Authority moved into DnsSecAuthority #1506
• (all) Most public enum types are now marked #[non_exaustive] #1426
• (resolver) DnsRequestOptions and ResolverOpts now #[non_exaustive] #1426
• (proto) all I/O Streams now use BufDnsStreamHandle rather than generic DnsStreamHandle #1433
• (proto) DnsResponse response now contains only a single Response #1433
• (proto) Name::append_name and Name::append_domain now properly fallible when name is too long #1448
• (resolver) special handling of the onion. TLD added to static resolution with negative responses (@trinity-1686a) #1479
• (proto) internal Futures converted to Streams to support multiple responses, e.g. AXFR (@trinity-1686a) #1478
• (proto) renamed Signer to SigSigner to differentiate from TSigner #1498

Removed

• (client) Remove AsyncClientConnect and AsyncSecureClientConnect (future impls) in favor of async constructors (@ErwanDL) #1541
• (proto) removed RecordType::DNSSEC and moved all variants of DNSSECRecordType into RecordType #1506
• (proto) removed BufStreamHandle and StreamHandle #1433
• (response) disabled mdns to work on a new solution #1433

Fixed

• (proto) Panic when name exceeds maximal domain name length during display #1447

0.21.0 (unreleased)

Added

• (proto) trust_dns_proto::rr::Record now serializable (@mvforell) #1536
• (client) new zone_transfer method for AXFR and IXFR use cases, client only (@trinity-1686a) #1478
• (client) Flag for use_edns configuration on AsyncClient (@astro) #1492
• (client) support for TSIG authentication (@trinity-1686a) #1459

Changed

• (proto) Header now stores ResponseCode instead of just u8 #1537
• (client) improved async client example documentation (@ErwanDL) #1539
• (resolver) on REFUSED (and other negative) response(s), fall back to other nameservers (@peterthejohnston) #1513 #1526
• (client) the feature dnssec is no longer enabled by default, use dnssec-ring or dnssec-openssl #1506
• (server) dnssec functions of Authority moved into DnsSecAuthority #1506
• (all) Most public enum types are now marked #[non_exaustive] #1426
• (resolver) DnsRequestOptions and ResolverOpts now #[non_exaustive] #1426
• (proto) all I/O Streams now use BufDnsStreamHandle rather than generic DnsStreamHandle #1433
• (proto) DnsResponse response now contains only a single Response #1433
• (proto) Name::append_name and Name::append_domain now properly fallible when name is too long #1448
• (resolver) special handling of the onion. TLD added to static resolution with negative responses (@trinity-1686a) #1479
• (proto) internal Futures converted to Streams to support multiple responses, e.g. AXFR (@trinity-1686a) #1478
• (proto) renamed Signer to SigSigner to differentiate from TSigner #1498

Removed

• (client) Remove AsyncClientConnect and AsyncSecureClientConnect (future impls) in favor of async constructors (@ErwanDL) #1541
• (proto) removed RecordType::DNSSEC and moved all variants of DNSSECRecordType into RecordType #1506
• (proto) removed BufStreamHandle and StreamHandle #1433
• (response) disabled mdns to work on a new solution #1433

Fixed

• (proto) Panic when name exceeds maximal domain name length during display #1447