|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%global _hardened_build 1
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%define GPG_CHECK 1
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
%define VERSION 2.4.0
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%define repodir %{_builddir}/%{name}-%{version}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
Name: knot-resolver
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
Version: %{VERSION}
|
|
![](https://seccdn.libravatar.org/avatar/66cca4ddfe914918eb13788577f8ad64d709ccf9f83b384b49228bb9a83a1533?s=16&d=retro) |
c4beec3 |
Release: 2%{?dist}
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
Summary: Caching full DNS Resolver
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
License: GPLv3
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
URL: https://www.knot-resolver.cz/
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
Source0: https://secure.nic.cz/files/%{name}/%{name}-%{version}.tar.xz
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
|
|
![](https://seccdn.libravatar.org/avatar/4e8d68fe76de63043f2c89e9e363e4dc5af5775e488004cc7a8398c86381b072?s=16&d=retro) |
1efd2a2 |
# LuaJIT only on these arches
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
3d4efe3 |
%if 0%{?rhel}
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
3d4efe3 |
# RHEL 7 does not have aarch64 LuaJIT
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
ExclusiveArch: %{ix86} x86_64
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
3d4efe3 |
%else
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
ExclusiveArch: %{arm} aarch64 %{ix86} x86_64
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
3d4efe3 |
%endif
|
|
![](https://seccdn.libravatar.org/avatar/4e8d68fe76de63043f2c89e9e363e4dc5af5775e488004cc7a8398c86381b072?s=16&d=retro) |
1efd2a2 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
Source2: kresd.conf
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
Source3: root.keys
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%if 0%{GPG_CHECK}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
Source1: https://secure.nic.cz/files/%{name}/%{name}-%{version}.tar.xz.asc
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
a77666b |
# PGP keys used to sign upstream releases
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
5648f15 |
# Export with --armor using command from https://fedoraproject.org/wiki/PackagingDrafts:GPGSignatures
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
# Don't forget to update %%prep section when adding/removing keys
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
Source100: gpgkey-B6006460B60A80E782062449E747DF1F9575A3AA.gpg.asc
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
Source101: gpgkey-BE26EBB9CBE059B3910CA35BCE8DD6A1A50A21E4.gpg.asc
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
Source102: gpgkey-4A8BA48C2AED933BD495C509A1FBA5F7EF8C4869.gpg.asc
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
a77666b |
BuildRequires: gnupg2
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%endif
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
a77666b |
|
|
![](https://seccdn.libravatar.org/avatar/522f0859d72d8d86c8d610f3d46a8d3efe6fd2fe35ddd2512e51a8506ba62906?s=16&d=retro) |
3cc696f |
BuildRequires: gcc
|
|
![](https://seccdn.libravatar.org/avatar/522f0859d72d8d86c8d610f3d46a8d3efe6fd2fe35ddd2512e51a8506ba62906?s=16&d=retro) |
3cc696f |
BuildRequires: gcc-c++
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
BuildRequires: pkgconfig(cmocka)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
BuildRequires: pkgconfig(gnutls)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
BuildRequires: pkgconfig(libedit)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
BuildRequires: pkgconfig(libknot) >= 2.6.7
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
c0849b7 |
BuildRequires: pkgconfig(libzscanner) >= 2.4.2
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
BuildRequires: pkgconfig(libdnssec) >= 2.3.1
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
BuildRequires: pkgconfig(libsystemd)
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
8c88fb4 |
BuildRequires: pkgconfig(libuv)
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
BuildRequires: pkgconfig(luajit) >= 2.0
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
BuildRequires: pkgconfig(systemd)
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
dac5294 |
%if 0%{?rhel}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
BuildRequires: lmdb-devel
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
# Lua 5.1 version of the libraries have different package names
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
dac5294 |
Requires: lua-socket
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
dac5294 |
Requires: lua-sec
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
dac5294 |
%else
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
BuildRequires: pkgconfig(lmdb)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
b26d73e |
Requires: lua-socket-compat
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
b26d73e |
Requires: lua-sec-compat
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
dac5294 |
%endif
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
%if 0%{?fedora}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
# dependencies for doc package; disable in EPEL (missing fonts)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
# https://bugzilla.redhat.com/show_bug.cgi?id=1492884
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
BuildRequires: doxygen
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
BuildRequires: python3-breathe
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
BuildRequires: python3-sphinx
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
BuildRequires: python3-sphinx_rtd_theme
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
%endif
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
Requires(pre): shadow-utils
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
Requires(post): systemd
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
Requires(preun): systemd
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
Requires(postun): systemd
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%description
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
The Knot DNS Resolver is a caching full resolver implementation written in C
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
and LuaJIT, including both a resolver library and a daemon. Modular
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
architecture of the library keeps the core tiny and efficient, and provides
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
a state-machine like API for extensions.
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c235144 |
The package is pre-configured as local caching resolver.
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
To start using it, start a single kresd instance:
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
0713c0e |
$ systemctl start kresd@1.service
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c235144 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%package devel
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
Summary: Development headers for Knot DNS Resolver
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
Requires: %{name}%{?_isa} = %{version}-%{release}
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%description devel
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
The package contains development headers for Knot DNS Resolver.
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
395c8b1 |
%if 0%{?fedora}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
867b52d |
%package doc
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
Summary: Documentation for Knot DNS Resolver
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
BuildArch: noarch
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
Requires: %{name} = %{version}-%{release}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
867b52d |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
867b52d |
%description doc
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
867b52d |
Documentation for Knot DNS Resolver
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
395c8b1 |
%endif
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
867b52d |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%prep
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%if 0%{GPG_CHECK}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
66ecb7d |
export GNUPGHOME=./gpg-keyring
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
66ecb7d |
mkdir ${GNUPGHOME}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
gpg2 --import %{SOURCE100} %{SOURCE101} %{SOURCE102}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
66ecb7d |
gpg2 --verify %{SOURCE1} %{SOURCE0}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%endif
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%setup -q -n %{name}-%{version}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
a77666b |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
rm -v scripts/bootstrap-depends.sh
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%build
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%global build_paths PREFIX=%{_prefix} BINDIR=%{_bindir} LIBDIR=%{_libdir} INCLUDEDIR=%{_includedir} ETCDIR=%{_sysconfdir}/knot-resolver
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%global build_flags V=1 CFLAGS="%{optflags}" LDFLAGS="%{__global_ldflags}" %{build_paths} HAS_go=no
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
b2d48e4 |
%make_build %{build_flags}
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
395c8b1 |
%if 0%{?fedora}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
867b52d |
# build documentation
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
867b52d |
make doc
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
395c8b1 |
%endif
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
867b52d |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
%check
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
make %{?_smp_mflags} check
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%install
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%make_install %{build_flags}
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
# move sample configuration files to documentation
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
install -m 0755 -d %{buildroot}%{_pkgdocdir}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
mv %{buildroot}%{_sysconfdir}/knot-resolver/config.* %{buildroot}%{_pkgdocdir}
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
chmod 0644 %{buildroot}%{_pkgdocdir}/config.*
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
# install configuration files
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
mkdir -p %{buildroot}%{_sysconfdir}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
install -m 0755 -d %{buildroot}%{_sysconfdir}/knot-resolver
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
install -m 0644 -p %SOURCE2 %{buildroot}%{_sysconfdir}/knot-resolver/kresd.conf
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
install -m 0664 -p %SOURCE3 %{buildroot}%{_sysconfdir}/knot-resolver/root.keys
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
# install systemd units and doc
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
mkdir -p %{buildroot}%{_unitdir}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
install -m 0644 -p %{repodir}/distro/common/systemd/kresd@.service %{buildroot}%{_unitdir}/kresd@.service
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
install -m 0644 -p %{repodir}/distro/common/systemd/kresd.target %{buildroot}%{_unitdir}/kresd.target
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
install -m 0755 -d %{buildroot}%{_unitdir}/multi-user.target.wants
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
ln -s ../kresd.target %{buildroot}%{_unitdir}/multi-user.target.wants/kresd.target
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
mkdir -p %{buildroot}%{_mandir}/man7
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
install -m 0644 -p %{repodir}/distro/common/systemd/kresd.systemd.7 %{buildroot}%{_mandir}/man7/kresd.systemd.7
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%if 0%{?rhel}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
c0849b7 |
# no socket activation for CentOS 7 (requires systemd.227)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
mkdir -p %{buildroot}%{_unitdir}/kresd@.service.d
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
install -m 0644 -p %{repodir}/distro/common/systemd/drop-in/systemd-compat.conf %{buildroot}%{_unitdir}/kresd@.service.d/override.conf
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%endif
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%if 0%{?fedora}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
install -m 0644 -p %{repodir}/distro/common/systemd/kresd.socket %{buildroot}%{_unitdir}/kresd.socket
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
install -m 0644 -p %{repodir}/distro/common/systemd/kresd-control@.socket %{buildroot}%{_unitdir}/kresd-control@.socket
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
install -m 0644 -p %{repodir}/distro/common/systemd/kresd-tls.socket %{buildroot}%{_unitdir}/kresd-tls.socket
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%endif
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
# install tmpfiles.d
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
mkdir -p %{buildroot}%{_tmpfilesdir}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
install -m 0644 -p %{repodir}/distro/common/tmpfiles/knot-resolver.conf %{buildroot}%{_tmpfilesdir}/knot-resolver.conf
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
mkdir -p %{buildroot}%{_rundir}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
c0849b7 |
install -m 0750 -d %{buildroot}%{_rundir}/knot-resolver
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
# install cache
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
mkdir -p %{buildroot}%{_localstatedir}/cache
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
install -m 0750 -d %{buildroot}%{_localstatedir}/cache/knot-resolver
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
# remove module with unsatisfied dependencies
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
rm -r %{buildroot}%{_libdir}/kdns_modules/{http,http.lua}
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%pre
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
getent group knot-resolver >/dev/null || groupadd -r knot-resolver
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
getent passwd knot-resolver >/dev/null || useradd -r -g knot-resolver -d %{_sysconfdir}/knot-resolver -s /sbin/nologin -c "Knot DNS Resolver" knot-resolver
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%post
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
%systemd_post 'kresd@*.service'
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
/sbin/ldconfig
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
# TODO: can be removed when Fedora 27 is no longer supported and migration is no longer necessary
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
# Migration script
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
if [ -f "/etc/kresd/config" ]; then
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
echo -e '\n\n---------------------------------------------------------'
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
echo ' WARNING: Migrating to knot-resolver 2.0'
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
echo -e '---------------------------------------------------------\n'
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
echo 'Please check your configuration still works, it has been moved to'
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
echo '/etc/knot-resolver/kresd.conf'
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
echo -e "\nTo start or enable the service, please use 'kresd@1.service', e.g.:"
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
echo -e ' # systemctl start kresd@1.service\n\n'
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
systemctl stop kresd.service kresd{,-tls,-control}.socket &>/dev/null ||:
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
cp -r /etc/kresd/* /etc/knot-resolver/
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
mv /etc/knot-resolver/config /etc/knot-resolver/kresd.conf
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
chown -R root:knot-resolver /etc/knot-resolver
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
sed -i 's#/etc/kresd#/etc/knot-resolver#' /etc/knot-resolver/kresd.conf
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
fi
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
if [ -d "/run/kresd" ]; then
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
rm -f /run/kresd/control
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
mv /run/kresd/* /var/cache/knot-resolver/ &>/dev/null
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
chown -R knot-resolver:knot-resolver /var/cache/knot-resolver
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
fi
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%preun
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
%systemd_preun 'kresd@*.service' kresd.target kresd.socket kresd-tls.socket
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%postun
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
# NOTE: this doesn't restart the services on CentOS 7
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
%systemd_postun_with_restart 'kresd@*.service'
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
/sbin/ldconfig
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%files
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%license COPYING
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%doc %{_pkgdocdir}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%attr(775,root,knot-resolver) %dir %{_sysconfdir}/knot-resolver
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%attr(644,root,knot-resolver) %config(noreplace) %{_sysconfdir}/knot-resolver/kresd.conf
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%attr(664,root,knot-resolver) %config(noreplace) %{_sysconfdir}/knot-resolver/root.keys
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%attr(644,root,knot-resolver) %config(noreplace) %{_sysconfdir}/knot-resolver/root.hints
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%attr(644,root,knot-resolver) %config(noreplace) %{_sysconfdir}/knot-resolver/icann-ca.pem
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%attr(750,knot-resolver,knot-resolver) %dir %{_localstatedir}/cache/knot-resolver
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%{_unitdir}/kresd*.service
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
%{_unitdir}/kresd.target
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
%{_unitdir}/multi-user.target.wants/kresd.target
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%if 0%{?rhel}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%{_unitdir}/kresd@.service.d/override.conf
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%endif
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%if 0%{?fedora}
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
%{_unitdir}/kresd*.socket
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%endif
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%{_tmpfilesdir}/knot-resolver.conf
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
%{_sbindir}/kresd
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
46ab618 |
%{_sbindir}/kresc
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%{_libdir}/libkres.so.*
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%{_libdir}/kdns_modules
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%{_mandir}/man8/kresd.8.gz
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
%{_mandir}/man7/kresd.systemd.7.gz
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%files devel
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%{_includedir}/libkres
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%{_libdir}/pkgconfig/libkres.pc
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%{_libdir}/libkres.so
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
395c8b1 |
%if 0%{?fedora}
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
867b52d |
%files doc
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
867b52d |
%doc doc/html
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
395c8b1 |
%endif
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
867b52d |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
%changelog
|
|
![](https://seccdn.libravatar.org/avatar/66cca4ddfe914918eb13788577f8ad64d709ccf9f83b384b49228bb9a83a1533?s=16&d=retro) |
c4beec3 |
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.0-2
|
|
![](https://seccdn.libravatar.org/avatar/66cca4ddfe914918eb13788577f8ad64d709ccf9f83b384b49228bb9a83a1533?s=16&d=retro) |
c4beec3 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
|
![](https://seccdn.libravatar.org/avatar/66cca4ddfe914918eb13788577f8ad64d709ccf9f83b384b49228bb9a83a1533?s=16&d=retro) |
c4beec3 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
* Tue Jul 03 2018 Tomas Krizek <tomas.krizek@nic.cz> - 2.4.0-1
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
Knot Resolver 2.4.0 (2018-07-03)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
================================
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
Incompatible changes
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
--------------------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
- minimal libknot version is now 2.6.7 to pull in latest fixes (#366)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
Security
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
--------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
- fix a rare case of zones incorrectly dowgraded to insecure status (!576)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
New features
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
------------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
- TLS session resumption (RFC 5077), both server and client (!585, #105)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
(disabled when compiling with gnutls < 3.5)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
- TLS_FORWARD policy uses system CA certificate store by default (!568)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
- aggressive caching for NSEC3 zones (!600)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
- optional protection from DNS Rebinding attack (module rebinding, !608)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
- module bogus_log to log DNSSEC bogus queries without verbose logging (!613)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
Bugfixes
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
--------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
- prefill: fix ability to read certificate bundle (!578)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
- avoid turning off qname minimization in some cases, e.g. co.uk. (#339)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
- fix validation of explicit wildcard queries (#274)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
- dns64 module: more properties from the RFC implemented (incl. bug #375)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
Improvements
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
------------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
- systemd: multiple enabled kresd instances can now be started using kresd.target
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
- ta_sentinel: switch to version 14 of the RFC draft (!596)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
- support for glibc systems with a non-Linux kernel (!588)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
- support per-request variables for Lua modules (!533)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
- support custom HTTP endpoints for Lua modules (!527)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
399ff66 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
* Mon Apr 23 2018 Tomas Krizek <tomas.krizek@nic.cz> - 2.3.0-1
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
Knot Resolver 2.3.0 (2018-04-23)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
================================
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
Security
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
--------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
- fix CVE-2018-1110: denial of service triggered by malformed DNS messages
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
(!550, !558, security!2, security!4)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
- increase resilience against slow lorris attack (security!5)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
Bugfixes
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
--------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
- validation: fix SERVFAIL in case of CNAME to NXDOMAIN in a single zone (!538)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
- validation: fix SERVFAIL for DS . query (!544)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
- lib/resolve: don't send unecessary queries to parent zone (!513)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
- iterate: fix validation for zones where parent and child share NS (!543)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
- TLS: improve error handling and documentation (!536, !555, !559)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
Improvements
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
------------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
- prefill: new module to periodically import root zone into cache
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
(replacement for RFC 7706, !511)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
- network_listen_fd: always create end point for supervisor supplied file descriptor
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
- use CPPFLAGS build environment variable if set (!547)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
cb122c5 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
3ee2f38 |
* Wed Mar 28 2018 Tomas Krizek <tomas.krizek@nic.cz> - 2.2.0-1
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
3ee2f38 |
Knot Resolver 2.2.0 (2018-03-28)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
3ee2f38 |
================================
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
3ee2f38 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
3ee2f38 |
New features
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
3ee2f38 |
------------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
3ee2f38 |
- cache server unavailability to prevent flooding unreachable servers
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
3ee2f38 |
(Please note that caching algorithm needs further optimization
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
3ee2f38 |
and will change in further versions but we need to gather operational
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
3ee2f38 |
experience first.)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
3ee2f38 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
3ee2f38 |
Bugfixes
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
3ee2f38 |
--------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
3ee2f38 |
- don't magically -D_FORTIFY_SOURCE=2 in some cases
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
3ee2f38 |
- allow large responses for outbound over TCP
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
3ee2f38 |
- fix crash with RR sets with over 255 records
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
3ee2f38 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
3ee2f38 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
c202d17 |
* Mon Feb 26 2018 Tomas Krizek <tomas.krizek@nic.cz> - 2.1.1-1
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
c202d17 |
Knot Resolver 2.1.1 (2018-02-23)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
c202d17 |
================================
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
c202d17 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
c202d17 |
Bugfixes
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
c202d17 |
--------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
c202d17 |
- when iterating, avoid unnecessary queries for NS in insecure parent.
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
c202d17 |
This problem worsened in 2.0.0. (#246)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
c202d17 |
- prevent UDP packet leaks when using TLS forwarding
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
c202d17 |
- fix the hints module also on some other systems, e.g. Gentoo.
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
c202d17 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
* Fri Feb 16 2018 Tomas Krizek <tomas.krizek@nic.cz> - 2.1.0-1
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- New upstream release 2.1.0
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
Knot Resolver 2.1.0 (2018-02-16)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
================================
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
Incompatible changes
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
--------------------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- stats: remove tracking of expiring records (predict uses another way)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- systemd: more chages in default unit files (TODO)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- ta_sentinel: implement protocol draft-ietf-dnsop-kskroll-sentinel-01
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
(our draft-ietf-dnsop-kskroll-sentinel-00 implementation had inverted logic)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- libknot: require version 2.6.4 or newer to get bugfixes for DNS-over-TLS
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
Bugfixes
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
--------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- detect_time_jump module: don't clear cache on suspend-resume (#284)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- stats module: fix stats.list() returning nothing, regressed in 2.0.0
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- policy.TLS_FORWARD: refusal when configuring with multiple IPs (#306)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- cache: fix broken refresh of insecure records that were about to expire
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- fix the hints module on some systems, e.g. Fedora (came back on 2.0.0)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- build with older gnutls (conditionally disable features)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- fix the predict module to work with insecure records & cleanup code
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
Knot Resolver 2.0.0 (2018-01-31)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
================================
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
Incompatible changes
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
--------------------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- systemd: change unit files to allow running multiple instances,
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
deployments with single instance now must use `kresd@1.service`
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
instead of `kresd.service`; see kresd.systemd(8) for details
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- systemd: the directory for cache is now /var/cache/knot-resolver
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- unify default directory and user to `knot-resolver`
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- directory with trust anchor file specified by -k option must be writeable
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- policy module is now loaded by default to enforce RFC 6761;
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
see documentation for policy.PASS if you use locally-served DNS zones
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- drop support for alternative cache backends memcached, redis,
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
and for Lua bindings for some specific cache operations
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- REORDER_RR option is not implemented (temporarily)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
New features
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
------------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- aggressive caching of validated records (RFC 8198) for NSEC zones;
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
thanks to ICANN for sponsoring this work.
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- forwarding over TLS, authenticated by SPKI pin or certificate.
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
policy.TLS_FORWARD pipelines queries out-of-order over shared TLS connection
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
Beware: Some resolvers do not support out-of-order query processing.
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
TLS forwarding to such resolvers will lead to slower resolution or failures.
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- trust anchors: you may specify a read-only file via -K or --keyfile-ro
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- trust anchors: at build-time you may set KEYFILE_DEFAULT (read-only)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- ta_sentinel module implements draft ietf-dnsop-kskroll-sentinel-00,
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
enabled by default
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- serve_stale module is prototype, subject to change
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- extended API for Lua modules
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
Bugfixes
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
--------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- fix build on osx - regressed in 1.5.3 (different linker option name)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
|
|
![](https://seccdn.libravatar.org/avatar/66cca4ddfe914918eb13788577f8ad64d709ccf9f83b384b49228bb9a83a1533?s=16&d=retro) |
8d47931 |
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.3-1.1
|
|
![](https://seccdn.libravatar.org/avatar/66cca4ddfe914918eb13788577f8ad64d709ccf9f83b384b49228bb9a83a1533?s=16&d=retro) |
8d47931 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
|
![](https://seccdn.libravatar.org/avatar/66cca4ddfe914918eb13788577f8ad64d709ccf9f83b384b49228bb9a83a1533?s=16&d=retro) |
8d47931 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
* Tue Jan 23 2018 Tomas Krizek <tomas.krizek@nic.cz> - 1.5.3-1
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
- New upstream release 1.5.3
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
Knot Resolver 1.5.3 (2018-01-23)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
================================
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
Bugfixes
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
--------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
- fix the hints module on some systems, e.g. Fedora.
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
Symptom: `undefined symbol: engine_hint_root_file`
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
Knot Resolver 1.5.2 (2018-01-22)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
================================
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
Security
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
--------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
- fix CVE-2018-1000002: insufficient DNSSEC validation, allowing
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
attackers to deny existence of some data by forging packets.
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
Some combinations pointed out in RFC 6840 sections 4.1 and 4.3
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
were not taken into account.
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
Bugfixes
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
--------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
- memcached: fix fallout from module rename in 1.5.1
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
Knot Resolver 1.5.1 (2017-12-12)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
================================
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
Incompatible changes
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
--------------------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
- script supervisor.py was removed, please migrate to a real process manager
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
- module ketcd was renamed to etcd for consistency
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
- module kmemcached was renamed to memcached for consistency
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
Bugfixes
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
--------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
- fix SIGPIPE crashes (#271)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
- tests: work around out-of-space for platforms with larger memory pages
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
- lua: fix mistakes in bindings affecting 1.4.0 and 1.5.0 (and 1.99.1-alpha),
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
potentially causing problems in dns64 and workarounds modules
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
- predict module: various fixes (!399)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
Improvements
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
------------
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
- add priming module to implement RFC 8109, enabled by default (#220)
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
- add modules helping with system time problems, enabled by default;
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
for details see documentation of detect_time_skew and detect_time_jump
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
ca845e1 |
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
867b52d |
* Fri Jan 05 2018 Tomas Krizek <tomas.krizek@nic.cz> - 1.5.0-2
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
867b52d |
- add doc package
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
867b52d |
- configure tarball signature verification
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
5648f15 |
- add root.hints file
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- use upstream systemd unit files, paths and user name
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- migrate configuration to /etc/knot-resolver
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- use user knot-resolver
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- store cache in /var/cache/knot-resolver
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
75c2d93 |
- use systemd alias knot-resolver -> kresd
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
867b52d |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
* Mon Nov 06 2017 Petr Špaček <petr.spacek@nic.cz> - 1.5.0-1
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
- New upstream release 1.5.0
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
Knot Resolver 1.5.0 (2017-11-02)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
================================
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
Bugfixes
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
--------
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
- fix loading modules on Darwin
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
Improvements
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
------------
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
- new module ta_signal_query supporting Signaling Trust Anchor Knowledge
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
using Keytag Query (RFC 8145 section 5); it is enabled by default
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
- attempt validation for more records but require it for fewer of them
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
(e.g. avoids SERVFAIL when server adds extra records but omits RRSIGs)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
Knot Resolver 1.4.0 (2017-09-22)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
================================
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
Incompatible changes
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
--------------------
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
- lua: query flag-sets are no longer represented as plain integers.
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
kres.query.* no longer works, and kr_query_t lost trivial methods
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
'hasflag' and 'resolved'.
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
You can instead write code like qry.flags.NO_0X20 = true.
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
Bugfixes
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
--------
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
- fix exiting one of multiple forks (#150)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
- cache: change the way of using LMDB transactions. That in particular
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
fixes some cases of using too much space with multiple kresd forks (#240).
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
Improvements
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
------------
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
- policy.suffix: update the aho-corasick code (#200)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
- root hints are now loaded from a zonefile; exposed as hints.root_file().
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
You can override the path by defining ROOTHINTS during compilation.
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
- policy.FORWARD: work around resolvers adding unsigned NS records (#248)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
- reduce unneeded records previously put into authority in wildcarded answers
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
Knot Resolver 1.3.3 (2017-08-09)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
================================
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
Security
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
--------
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
- Fix a critical DNSSEC flaw. Signatures might be accepted as valid
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
even if the signed data was not in bailiwick of the DNSKEY used to
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
sign it, assuming the trust chain to that DNSKEY was valid.
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
Bugfixes
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
--------
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
- iterate: skip RRSIGs with bad label count instead of immediate SERVFAIL
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
- utils: fix possible incorrect seeding of the random generator
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
- modules/http: fix compatibility with the Prometheus text format
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
Improvements
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
------------
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
- policy: implement remaining special-use domain names from RFC6761 (#205),
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
and make these rules apply only if no other non-chain rule applies
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
c502924 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
* Tue Aug 01 2017 Petr Spacek <petr.spacek@nic.cz> - 1.3.2-1
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
New upstream release:
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
Knot Resolver 1.3.2 (2017-07-28)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
================================
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
Security
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
--------
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
- fix possible opportunities to use insecure data from cache as keys
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
for validation
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
Bugfixes
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
--------
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
- daemon: check existence of config file even if rundir isn't specified
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
- policy.FORWARD and STUB: use RTT tracking to choose servers (#125, #208)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
- dns64: fix CNAME problems (#203) It still won't work with policy.STUB.
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
- hints: better interpretation of hosts-like files (#204)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
also, error out if a bad entry is encountered in the file
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
- dnssec: handle unknown DNSKEY/DS algorithms (#210)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
- predict: fix the module, broken since 1.2.0 (#154)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
Improvements
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
------------
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
- embedded LMDB fallback: update 0.9.18 -> 0.9.21
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
43d3a58 |
|
|
![](https://seccdn.libravatar.org/avatar/66cca4ddfe914918eb13788577f8ad64d709ccf9f83b384b49228bb9a83a1533?s=16&d=retro) |
d5833e9 |
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.1-1.1
|
|
![](https://seccdn.libravatar.org/avatar/66cca4ddfe914918eb13788577f8ad64d709ccf9f83b384b49228bb9a83a1533?s=16&d=retro) |
d5833e9 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
|
![](https://seccdn.libravatar.org/avatar/66cca4ddfe914918eb13788577f8ad64d709ccf9f83b384b49228bb9a83a1533?s=16&d=retro) |
d5833e9 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
8a62324 |
* Tue Jul 11 2017 Petr Spacek <petr.spacek@nic.cz> - 1.3.1-2
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
8a62324 |
- build experimental command line interface "kresc"
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
8a62324 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
* Tue Jul 11 2017 Petr Spacek <petr.spacek@nic.cz> - 1.3.1-1
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
New upstream release:
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
Knot Resolver 1.3.1 (2017-06-23)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
================================
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
Bugfixes
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
--------
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
- modules/http: fix finding the static files (bug from 1.3.0)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
- policy.FORWARD: fix some cases of CNAMEs obstructing search for zone cuts
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
Knot Resolver 1.3.0 (2017-06-13)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
================================
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
Security
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
--------
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
- Refactor handling of AD flag and security status of resource records.
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
In some cases it was possible for secure domains to get cached as
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
insecure, even for a TLD, leading to disabled validation.
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
It also fixes answering with non-authoritative data about nameservers.
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
Improvements
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
------------
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
- major feature: support for forwarding with validation (#112).
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
The old policy.FORWARD action now does that; the previous non-validating
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
mode is still avaliable as policy.STUB except that also uses caching (#122).
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
- command line: specify ports via @ but still support # for compatibility
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
- policy: recognize 100.64.0.0/10 as local addresses
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
- layer/iterate: *do* retry repeatedly if REFUSED, as we can't yet easily
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
retry with other NSs while avoiding retrying with those who REFUSED
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
- modules: allow changing the directory where modules are found,
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
and do not search the default library path anymore.
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
Bugfixes
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
--------
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
- validate: fix insufficient caching for some cases (relatively rare)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
- avoid putting "duplicate" record-sets into the answer (#198)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
Knot Resolver 1.2.6 (2017-04-24)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
================================
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
Security
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
--------
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
- dnssec: don't set AD flag for NODATA answers if wildcard non-existence
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
is not guaranteed due to opt-out in NSEC3
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
Improvements
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
------------
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
- layer/iterate: don't retry repeatedly if REFUSED
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
Bugfixes
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
--------
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
- lib/nsrep: revert some changes to NS reputation tracking that caused
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
severe problems to some users of 1.2.5 (#178 and #179)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
- dnssec: fix verification of wildcarded non-singleton RRsets
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
- dnssec: allow wildcards located directly under the root
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
- layer/rrcache: avoid putting answer records into queries in some cases
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
239782e |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
46ab618 |
* Thu Apr 06 2017 Petr Spacek <petr.spacek@nic.cz> - 1.2.5-1
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
46ab618 |
- new upstream relase
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
46ab618 |
+ security: layer/validate: clear AD if closest encloser proof has opt-outed NSEC3 (#169)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
46ab618 |
+ security: layer/validate: check if NSEC3 records in wildcard expansion proof has an opt-out
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
46ab618 |
+ security: dnssec/nsec: missed wildcard no-data answers validation has been implemented
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
46ab618 |
+ fix: trust anchors: Improve trust anchors storage format (#167)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
46ab618 |
+ fix: trust anchors: support non-root TAs, one domain per file
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
46ab618 |
+ fix: policy.DENY: set AA flag and clear AD flag
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
46ab618 |
+ fix: lib/resolve: avoid unnecessary DS queries
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
46ab618 |
+ fix: lib/nsrep: don't treat servers with NOIP4 + NOIP6 flags as timeouted
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
46ab618 |
+ fix: layer/iterate: During packet classification (answer vs. referral) don't analyze
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
46ab618 |
AUTHORITY section in authoritative answer if ANSWER section contains records
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
46ab618 |
that have been requested
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
46ab618 |
+ enhancement: modules/dnstap: a DNSTAP support module (Contributed by Vicky Shrestha)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
46ab618 |
+ enhancement: modules/workarounds: a module adding workarounds for known DNS protocol violators
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
46ab618 |
+ enhancement: layer/iterate: fix logging of glue addresses
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
46ab618 |
+ enhancement: kr_bitcmp: allow bits=0 and consequently 0.0.0.0/0 matches in view and renumber modules.
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
46ab618 |
+ enhancement: modules/padding: Improve default padding of responses (Contributed by Daniel Kahn Gillmor)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
46ab618 |
+ enhancement: New kresc client utility (experimental; don't rely on the API yet)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
46ab618 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
* Thu Mar 09 2017 Petr Spacek <petr.spacek@nic.cz> - 1.2.4-1
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
- new upstream release
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
+ security: Knot Resolver 1.2.0 and higher could return AD flag for insecure
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
answer if the daemon received answer with invalid RRSIG several
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
times in a row.
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
+ fix: layer/iterate: some improvements in cname chain unrolling
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
+ fix: layer/validate: fix duplicate records in AUTHORITY section in case
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
+ fix: of WC expansion proof
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
+ fix: lua: do *not* truncate cache size to unsigned
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
+ fix: forwarding mode: correctly forward +cd flag
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
+ fix: fix a potential memory leak
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
+ fix: don't treat answers that contain DS non-existance proof as insecure
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
+ fix: don't store NSEC3 and their signatures in the cache
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
+ fix: layer/iterate: when processing delegations,
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
check if qname is at or below new authority
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
+ enhancement: modules/policy: allow QTRACE policy to be chained
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
with other policies
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
+ enhancement: hints.add_hosts(path): a new property
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
+ enhancement: module: document the API and simplify the code
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
+ enhancement: policy.MIRROR: support IPv6 link-local addresses
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
+ enhancement: policy.FORWARD: support IPv6 link-local addresses
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
+ enhancement: add net.outgoing_{v4,v6} to allow specifying address
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
to use for connections
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
62060c9 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
f05d307 |
* Mon Feb 27 2017 Petr Spacek <petr.spacek@nic.cz> - 1.2.3-1
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
f05d307 |
- new upstream release
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
f05d307 |
+ security: a cached negative answer from a CD query would be reused
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
f05d307 |
to construct response for non-CD queries, resulting in Insecure status
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
f05d307 |
instead of Bogus.
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
f05d307 |
+ fix: lua: make the map command check its arguments
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
f05d307 |
+ fix: -k argument processing to avoid out-of-bounds memory accesses
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
f05d307 |
+ fix: lib/resolve: fix zonecut fetching for explicit DS queries
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
f05d307 |
+ fix: hints: more NULL checks
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
f05d307 |
+ fix: TA bootstrapping for multiple TAs in the IANA XML file
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
f05d307 |
+ fix: Disable storing GLUE records into the cache even in the
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
f05d307 |
+ fix: (non-default) QUERY_PERMISSIVE mode
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
f05d307 |
+ fix: iterate: skip answer RRs that don't match the query
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
f05d307 |
+ fix: layer/iterate: some additional processing for referrals
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
f05d307 |
+ fix: lib/resolve: zonecut fetching error was fixed
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
f05d307 |
|
|
![](https://seccdn.libravatar.org/avatar/66cca4ddfe914918eb13788577f8ad64d709ccf9f83b384b49228bb9a83a1533?s=16&d=retro) |
b8d5646 |
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.0-2.1
|
|
![](https://seccdn.libravatar.org/avatar/66cca4ddfe914918eb13788577f8ad64d709ccf9f83b384b49228bb9a83a1533?s=16&d=retro) |
b8d5646 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
|
![](https://seccdn.libravatar.org/avatar/66cca4ddfe914918eb13788577f8ad64d709ccf9f83b384b49228bb9a83a1533?s=16&d=retro) |
b8d5646 |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
3709d6c |
* Fri Jan 27 2017 Petr Spacek <petr.spacek@nic.cz> - 1.2.0-2
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
3709d6c |
- rebuild against knot-2.4.0
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
3709d6c |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
1f4067a |
* Fri Jan 27 2017 Petr Spacek <petr.spacek@nic.cz> - 1.2.0
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
1f4067a |
- new upstream release:
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
1f4067a |
+ fix: reworked DNSSEC Validation, that fixes several know problems with less standard DNS configurations
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
1f4067a |
+ fix: the resolver was setting AD flag when running in a forwarding mode
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
1f4067a |
+ fix: correctly return RCODE=NOTIMPL on meta-queries and non IN class queries
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
1f4067a |
+ fix: crash in hints module when hints file was empty
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
1f4067a |
+ fix: non-lowercase hints
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
1f4067a |
+ features: optional EDNS(0) Padding support for DNS over TLS
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
1f4067a |
+ features: support for debugging DNSSEC with CD bit
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
1f4067a |
+ features: DNS over TLS is now able to create ephemeral certs on the runtime (Thanks Daniel Kahn Gilmore for contributing to DNS over TLS implementation in Knot Resolver.)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
1f4067a |
+ features: configurable minimum and maximum TTL (default 6 days)
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
1f4067a |
+ features: configurable pseudo-random reordering of RR sets
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
1f4067a |
+ features: new module 'version' that can call home and report new versions and security vulnerabilities to the log file
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
1f4067a |
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
35ce4ae |
* Mon Jan 23 2017 Petr Spacek <petr.spacek@nic.cz> - 1.2.0-rc1
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
35ce4ae |
- Update to latest upstream version
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
35ce4ae |
- Fix packaging bug: depend on proper Lua library versions
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
35ce4ae |
- Allow automatic trust anchor management to work
|
|
![](https://seccdn.libravatar.org/avatar/0fe9f62e63f45be8a8cfc709a3eb47fd880189ccbe6417dc14c7b1fcc22825ad?s=16&d=retro) |
35ce4ae |
|
|
![](https://seccdn.libravatar.org/avatar/4e8d68fe76de63043f2c89e9e363e4dc5af5775e488004cc7a8398c86381b072?s=16&d=retro) |
1efd2a2 |
* Sat Nov 19 2016 Peter Robinson <pbrobinson@fedoraproject.org> 1.1.1-3
|
|
![](https://seccdn.libravatar.org/avatar/4e8d68fe76de63043f2c89e9e363e4dc5af5775e488004cc7a8398c86381b072?s=16&d=retro) |
1efd2a2 |
- Add ExclusiveArch for architectures with LuaJIT
|
|
![](https://seccdn.libravatar.org/avatar/4e8d68fe76de63043f2c89e9e363e4dc5af5775e488004cc7a8398c86381b072?s=16&d=retro) |
1efd2a2 |
|
|
Igor Gnatenko |
360be18 |
* Mon Aug 29 2016 Igor Gnatenko <ignatenko@redhat.com> - 1.1.1-2
|
|
Igor Gnatenko |
360be18 |
- Rebuild for LuaJIT 2.1.0
|
|
Igor Gnatenko |
360be18 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
b6eb3ba |
* Wed Aug 24 2016 Jan Vcelak <jvcelak@fedoraproject.org> - 1.1.1-1
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
b6eb3ba |
- new upstream release:
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
b6eb3ba |
+ fix name server fallback in case some of the servers are unreachable
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
b6eb3ba |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
* Fri Aug 12 2016 Jan Vcelak <jvcelak@fedoraproject.org> - 1.1.0-1
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
- new upstream release:
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
+ RFC7873 DNS Cookies
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
+ RFC7858 DNS over TLS
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
+ Metrics exported in Prometheus
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
+ DNS firewall module
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
+ Explicit CNAME target fetching in strict mode
|
|
![](https://seccdn.libravatar.org/avatar/96bfa277510476de258a6b00c99d51b6d474738eff0596b9165a711256afdbf4?s=16&d=retro) |
5648f15 |
+ Query minimisation improvements
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
+ Improved integration with systemd
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
fd4eae6 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
c865a09 |
* Tue May 31 2016 Jan Vcelak <jvcelak@fedoraproject.org> - 1.0.0-1
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
c865a09 |
- final release
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
c865a09 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
* Thu May 05 2016 Jan Vcelak <jvcelak@fedoraproject.org> - 1.0.0-0.3.4f463d7
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
- update to latest git version
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
- re-enable unit-test
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
* Sat Apr 09 2016 Jan Vcelak <jvcelak@fedoraproject.org> - 1.0.0-0.2.79a8440
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
- update to latest git version
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
- fix package review issues
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
* Tue Feb 02 2016 Jan Vcelak <jvcelak@fedoraproject.org> - 1.0.0-0.1.beta3
|
|
![](https://seccdn.libravatar.org/avatar/c354ca9948ff021466e0d36728331d589b83255094ca2b53e1556f5a7daa49fe?s=16&d=retro) |
e977454 |
- initial package
|