🌌 Pluggable authoritative DNS server. Entries can be added & removed from an HTTP REST API.
x86_64
architecture..deb
packages for Debian 10, Debian 11 and Debian 12 on x86_64
architecture.rocket
to actix
, meaning Constellation now builds on Rust stable.rusqlite
depended upon by trust-dns-server
, so that Constellation builds on latest Rust compilers (note that this is a temporary fix, until substantial work is done to update trust-dns-server
et al to latest).trust-dns-server
to v0.14.0
, from v0.13.0
. This addresses an issue where a remote attacker could put down a target UDP or TCP listener by sending an invalid DNS packet, which would require a full process restart.1/3
of 3s
the time chunk allowance.EXISTS
being sent to the remote store for every such DNS query.2/3
of 3s
time chunks waiting for Redis, otherwise it would SERVFAIL
, effectively defeating those kind of DOS attacks.trust-dns-resolver
to v0.9.1
, which implements a more efficient way to share tokio
reactor cores across resolve calls (less leaky, which helps avoid further file descriptor leaks caused by the trust-dns-resolver
library).trust-dns-resolver
to v0.8.2
, as an attempt to fix file descriptor leaks seen when using Constellation on large-scale deployments.