2017-06-28 05:49:55 +00:00
# Change Log: TRust-DNS
2017-07-28 15:11:02 +00:00
2016-03-15 05:37:41 +00:00
All notable changes to this project will be documented in this file.
This project adheres to [Semantic Versioning ](http://semver.org/ ).
2017-10-01 14:56:25 +00:00
## 0.12.1
2017-09-27 05:42:58 +00:00
2017-10-08 19:51:04 +00:00
### Added
- TRust-DNS Proto crate to separate server management from base operations
- TRust-DNS Util crate for dnssec management tools (@briansmith)
- Integration tests for Server to validate all supported DNSSec key types
2017-09-28 06:36:12 +00:00
### Changed
2017-10-01 14:56:25 +00:00
- DNSKEY is now self-signed
2017-10-08 19:51:04 +00:00
- Internal API changes to `client` calling into `proto` for actual implementations
- Large refactoring of internal APIs to more cleanly support \*ring\* and OpenSSL features (@briansmith)
- `ClientHandle::send` moved to `trust_dns_proto::DnsHandle::send` (internal API)
2017-10-08 20:29:37 +00:00
- Many interfaces moved from `ClientStreamHandle` to `trust_dns_proto::DnsStreamHandle`
2017-10-08 19:51:04 +00:00
### Fixed
- Server signing issues when loading from persistence
2017-09-28 06:36:12 +00:00
## 0.12.0
2017-09-27 05:42:58 +00:00
### Fixed
- Server was not properly signing zone after fresh start
2017-09-03 07:41:56 +00:00
### Added
2017-09-24 05:31:40 +00:00
- RSA and ECDSA validation with *ring* for DNSSec, removes dependency on openssl (@briansmith)
2017-09-03 07:41:56 +00:00
- `lookup` to `ClientHandle` , simpler form with `Query`
- `query` to `Query` for ease of Query creation
2017-09-24 05:31:40 +00:00
### Changed
- Large celanup of signing and verification paths in DNSSec (@briansmith)
- *breaking* changed `TrustAnchor::insert_trust_anchor` to more safely consume `PublicKey` rather than `Vec<u8>`
2017-08-20 18:53:44 +00:00
## 0.11.2
(README.md documentation changes for crates.io)
2017-08-20 18:35:06 +00:00
## 0.11.1
### Changed
- Updates to `Name::is_fqdn` for more accuracy (@rushmorem)
### Added
- per project Readme.md for crates.io
2017-08-02 01:50:59 +00:00
## 0.11.0
2017-07-27 20:43:41 +00:00
### Added
2017-07-28 15:11:02 +00:00
2017-07-27 20:43:41 +00:00
- `Name::FromStr` for simpler parsing, specify trailing `.` for FQDN
2017-07-28 15:11:02 +00:00
- `Name::append_label` for clearer usage while appending labels to a Name
- `Name::append_name` for clearer usage while appending one name to another
- `Name::append_domain` alias for append_name and marking as FQDN
2017-07-27 20:43:41 +00:00
### Changed
2017-07-28 15:11:02 +00:00
2017-07-30 14:00:52 +00:00
- *breaking* all `&mut self` methods on `Name` deprecated as unsafe, Name labels are now immutable.
2017-07-27 20:43:41 +00:00
- *breaking* All `ClientHandle` traits now take `&Handle` instead of `Handle` (@rushmorem)
- *warning* `Name` now tracks if it is a fully qualified domain name, slightly changes name parsing rules, allowing `www.example.com` without the trailing `.` , which means that FQDN names are not enforced.
### Removed
2017-07-28 15:11:02 +00:00
- *deprecated* `Name::with_labels` see `Name::from_labels`
- *deprecated* `Name::append` wasn't clean, see `Name::append_name`
- *deprecated* `Name::add_label` exposed internal data structure, see `Name::append_label`
- *deprecated* `Name::label` unclear usage/name, see `Name::append_label`
2017-07-30 14:00:52 +00:00
- *deprecated* `Name::prepend_label` exposed internal data structure, unclear usage *no replacement*
- *deprecated* `Record::add_name` unclear usage *no replacement*
2017-07-27 20:43:41 +00:00
2017-07-07 06:49:12 +00:00
## 0.10.5
### Added
2017-07-28 15:11:02 +00:00
2017-07-07 06:49:12 +00:00
- Library documentation, examples for client query and update
### Changed
2017-07-28 15:11:02 +00:00
2017-07-07 06:49:12 +00:00
- ServerFuture now Accepts generic RequestHandler (@Antti)
2017-06-23 14:34:50 +00:00
## 0.10.4
2017-06-28 05:49:55 +00:00
### Added
2017-07-28 15:11:02 +00:00
2017-06-28 05:49:55 +00:00
- Allow more options with Key and KeyUsage
- Initial Resolver implementation
2017-06-23 14:34:50 +00:00
### Fixed
2017-07-28 15:11:02 +00:00
2017-06-28 05:49:55 +00:00
- NSEC coverage bitmap overflow in nightly
- Name::zone_of panic (@SAPikachu)
2017-06-23 14:34:50 +00:00
2017-06-11 04:44:13 +00:00
## 0.10.3
2017-05-30 13:08:47 +00:00
### Fixed
2017-07-28 15:11:02 +00:00
2017-06-11 04:44:13 +00:00
- Proper TCP connection timeout
- Fixed signature format of ECDSA (@SAPikachu) #141
2017-05-30 13:08:47 +00:00
2017-05-17 19:31:32 +00:00
## 0.10.2
### Fixed
2017-07-28 15:11:02 +00:00
2017-05-17 19:31:32 +00:00
- Fixed format of ED25519 keys (@briansmith) #129
### Changed
2017-07-28 15:11:02 +00:00
2017-05-17 19:31:32 +00:00
- Revamped signer and keypair to better deal with public key (possible breaking change)
- Upgraded *ring* to 0.9.x series, requires pkcs8 for key storage
- Dropped support for dangerous private key byte access (possible breaking change)
- Upgraded tokio-rustls and rustls dependencies to support *ring* updates
### Added
2017-07-28 15:11:02 +00:00
2017-05-17 19:31:32 +00:00
- PublicKey and Verifier for verifying with zero copy from KEY and DNSKEY (possible breaking change)
- Pkcs8 as a supported KeyFormat for storage (possible breaking change)
2017-05-09 04:47:17 +00:00
## 0.10.1
2017-07-28 15:11:02 +00:00
2017-03-26 01:42:32 +00:00
### Added
2017-07-28 15:11:02 +00:00
- Added `From<IpAddr>` for Name (reverse DNS) #105
2017-04-16 05:05:00 +00:00
- AppVeyor support #103
2017-07-28 15:11:02 +00:00
- rustls client tls support (separate crate)
2017-04-23 22:38:43 +00:00
- full support for KEY RR in client
2017-05-08 06:55:28 +00:00
- compatibility tests with BIND for SIG0 updates
- Added full implementation of KEY type
2017-04-16 05:05:00 +00:00
2017-03-12 06:29:04 +00:00
### Changed
2017-07-28 15:11:02 +00:00
2017-05-08 06:55:28 +00:00
- Updated TLS documentation, added more elsewhere, docs required; fixes #102
2017-03-26 01:42:32 +00:00
- Upgraded tokio-core and moved to tokio-io
2017-04-16 05:05:00 +00:00
- *Important* Some `Server` types have been migrated to [RFC#344 ](https://github.com/aturon/rfcs/blob/conventions-galore/active/0000-conventions-galore.md#gettersetter-apis ) style. `get_field()` -> `field()` ; `field()` -> `set_field()`
2017-07-28 15:11:02 +00:00
- Moved native-tls client impl to separate crate
2017-04-22 02:11:51 +00:00
- Defaulted to OpenSSL for tls implementation
2017-03-12 06:29:04 +00:00
2017-05-08 06:55:28 +00:00
### Fixed
2017-07-28 15:11:02 +00:00
2017-05-08 06:55:28 +00:00
- key_tag calculation for DNSKEY and KEY now correct #118 (@jannic)
- SIG0 signing fixed to match RFC and BIND #120 (@jannic)
2017-03-10 07:23:06 +00:00
## 0.10.0
2017-07-28 15:11:02 +00:00
2017-01-16 19:40:37 +00:00
### Changed
2017-07-28 15:11:02 +00:00
- *Important* Possible breaking API change, the original Client has been renamed.
2017-01-16 19:40:37 +00:00
In an attempt to reduce the overhead of managing the project. The original
Client has now been revamped to essentially be a synchronous Client over the
ClientFuture implementation. The ClientFuture has proven to be a more stable
and reliable implementation. It was attempted to make the move seamless,
but two new types were introduced, `SyncClient` and `SecureSyncClient` , which
are both synchronous implementations of the old Client function interfaces.
Please read those docs on those new types and the Client trait.
2017-07-28 15:11:02 +00:00
2017-02-09 08:35:44 +00:00
- When EDNS option is present, return only the digest understood matching RRSETs
2017-02-26 00:14:43 +00:00
- All code reformatted with rustfmt
2017-02-28 07:08:16 +00:00
- *Important* breaking change, all `Record` and associated types have been migrated to [RFC#344 ](https://github.com/aturon/rfcs/blob/conventions-galore/active/0000-conventions-galore.md#gettersetter-apis ) style. `get_field()` -> `field()` ; `field()` -> `set_field()`
2017-01-16 19:40:37 +00:00
### Removed
2017-07-28 15:11:02 +00:00
- *Important* The original Server implementation was removed entirely.
Please use the ServerFuture implementation from now on. Sorry for the inconvenience,
2017-01-16 19:40:37 +00:00
but this is necessary to make sure that the software remains at a high quality
and there is no easy way to migrate the original Server to use ServerFuture.
2017-01-08 23:16:42 +00:00
### Added
2017-07-28 15:11:02 +00:00
2017-02-09 08:35:44 +00:00
- Initial support for ECDSAP256SHA256, ECDSAP384SHA384 and ED25519 (client and server)
2017-01-08 23:16:42 +00:00
- additional config options for keys to named, see `tests/named_test_configs/example.toml`
2017-02-09 08:35:44 +00:00
- Added DNS over TLS support, RFC 7858, #38
- Added native-tls with support for macOS and Linux (DNS over TLS)
2017-02-28 07:08:16 +00:00
- matrixed tests for all features to Travis
2017-01-08 23:16:42 +00:00
2016-12-31 21:24:17 +00:00
## 0.9.3
2017-07-28 15:11:02 +00:00
2016-12-31 21:24:17 +00:00
### Changed
2017-07-28 15:11:02 +00:00
2016-12-31 21:24:17 +00:00
- updated to rust-openssl 0.9.x series
- restructured dnssec code to better support alternate key formats
2016-12-21 16:39:25 +00:00
## 0.9.2
2017-07-28 15:11:02 +00:00
2016-12-21 16:39:25 +00:00
### Changed
2017-07-28 15:11:02 +00:00
2016-12-21 16:39:25 +00:00
- mio_client is now an optional feature in favor of the futures-rs ClientFuture
2016-12-19 01:39:09 +00:00
## 0.9.1
2017-07-28 15:11:02 +00:00
2016-12-19 01:39:09 +00:00
### Changed
2017-07-28 15:11:02 +00:00
2016-12-19 01:39:09 +00:00
- OpenSSL is now an optional feature for the client
2016-12-08 12:54:09 +00:00
## 0.9.0
2017-07-28 15:11:02 +00:00
2016-11-23 20:05:09 +00:00
### Added
2017-07-28 15:11:02 +00:00
2016-11-23 20:05:09 +00:00
- new ServerFuture tokio and futures based server, #61
- UdpStream & TcpSteam to support stream of messages with src address
- TimeoutStream to wrap TcpStreams to help guard against malicious clients
2016-12-11 01:54:31 +00:00
- Added Notify support to ClientFuture
2016-12-17 07:48:58 +00:00
- Added IntoRecordSet and conversion impls for RecordSet and Record
2016-11-23 20:05:09 +00:00
2016-11-09 05:28:51 +00:00
### Changed
2017-07-28 15:11:02 +00:00
2016-11-09 05:28:51 +00:00
- Split Server and Client into separate crates, #43
- Moved many integration tests to `tests` from `src` , #52
2016-11-24 07:11:57 +00:00
- Migrated all handles to new futures::sync::mpsc impls
2016-12-17 07:48:58 +00:00
- Modified all requisite client methods for IntoRecordSet.
- All client methods now support multiple records per query, update, notify and delete
2016-11-09 05:28:51 +00:00
2016-11-23 20:05:09 +00:00
### Fixed
2017-07-28 15:11:02 +00:00
2016-11-23 20:05:09 +00:00
- Flush TcpStream after fully sending Message
- Recognize no bytes read as closed TcpStream
2016-11-04 02:30:58 +00:00
## 0.8.1
2017-07-28 15:11:02 +00:00
2016-11-04 02:30:58 +00:00
### Fixed
2017-07-28 15:11:02 +00:00
2016-11-04 02:30:58 +00:00
- Fix build on rustc 1.11, #66
2016-11-03 07:17:22 +00:00
## 0.8.0
2017-07-28 15:11:02 +00:00
2016-10-01 14:08:40 +00:00
### Added
2017-07-28 15:11:02 +00:00
2016-10-21 04:49:00 +00:00
- SecureClientHandle, for future based DNSSec validation.
2016-10-01 14:08:40 +00:00
- ClientFuture, futures based client implementation, #32
2016-06-29 06:36:15 +00:00
### Fixed
2017-07-28 15:11:02 +00:00
2016-06-29 06:36:15 +00:00
- Randomized ports for client connections and message ids, #23
2016-10-21 04:49:00 +00:00
- OpCode::From for u8 removed, added OpCode::from_u8(), #36
2016-11-03 06:49:53 +00:00
- Fix for named startup related to ipv6, #56
2016-06-29 06:36:15 +00:00
2016-07-11 05:04:34 +00:00
### Changed
2017-07-28 15:11:02 +00:00
2016-10-21 04:49:00 +00:00
- Upgraded OpenSSL to 0.8.* #50
2016-07-11 05:04:34 +00:00
- Cleaned up the Server implementation to isolate connection handlers
2016-11-03 05:54:58 +00:00
- Deprecated old Client will possibly remove in the future
2016-10-01 14:08:40 +00:00
2016-08-13 06:46:49 +00:00
## 0.7.3 2016-08-12
2017-07-28 15:11:02 +00:00
2016-08-12 06:19:06 +00:00
### Fixed
2017-07-28 15:11:02 +00:00
2016-08-13 06:46:49 +00:00
- Issue #27: label case sensitivity revisited for RRSIG signing, RFC 6840
- TCP reregister on would-block errors
2016-08-12 06:19:06 +00:00
2016-08-11 05:02:33 +00:00
## 0.7.2 2016-08-10
2017-07-28 15:11:02 +00:00
2016-08-11 05:02:33 +00:00
### Fixed
2017-07-28 15:11:02 +00:00
2016-08-11 05:02:33 +00:00
- Issue #28: RRSIG validation of wildcards, label length > wildcard length
## 0.7.1 2016-08-09
2017-07-28 15:11:02 +00:00
2016-08-11 05:02:33 +00:00
### Fixed
2017-07-28 15:11:02 +00:00
2016-08-11 05:02:33 +00:00
- Issue #27: remove implicit case conversion of labels (fixes NSEC validation)
2016-06-21 06:57:18 +00:00
## 0.7.0 2016-06-20
2017-07-28 15:11:02 +00:00
2016-06-17 06:53:29 +00:00
### Added
2017-07-28 15:11:02 +00:00
2016-06-17 06:53:29 +00:00
- Added recovery from journal to named startup
- SQLite journal for dynamic update persistence
2016-06-21 06:28:34 +00:00
- Private Key generation during startup, for dnssec zones
- Read private key from filesystem during start and registers to zone
2016-06-17 06:53:29 +00:00
### Changed
2017-07-28 15:11:02 +00:00
2016-06-17 06:53:29 +00:00
- Removed many of the unwraps in named binary
2016-06-21 06:28:34 +00:00
- Reworked all errors to use error-chain
- Adjusted interface for Signer to use duration
2016-06-21 06:38:34 +00:00
- All `#[cfg(ftest)]` tests now `#[ignore]`
2016-06-17 06:53:29 +00:00
### Fixed
2017-07-28 15:11:02 +00:00
2016-06-17 06:53:29 +00:00
- TXT record case sensitivity
2016-06-02 06:24:25 +00:00
## 0.6.0 2016-06-01
2017-07-28 15:11:02 +00:00
2016-05-10 02:17:43 +00:00
### Added
2017-07-28 15:11:02 +00:00
2016-05-15 08:15:34 +00:00
- Documentation on all modules, and many standard RFC types
- Authority zone signing now complete, still need to load/save private keys
2016-05-19 07:00:40 +00:00
- DNSKEYs auto inserted for added private keys
- New mocked network client tests, to verify zone signing
2016-05-23 06:58:29 +00:00
- NSEC record creation for zone, with tests
2016-05-30 08:28:25 +00:00
- SIG0 validation for Authentication on for dynamic updates
2016-06-01 06:58:23 +00:00
- Client CQADDD operations, delete_by_rdata, delete_rrset, delete_all
- Client compare_and_swap operation... atomics are here!
2016-05-10 02:17:43 +00:00
2016-05-03 04:15:32 +00:00
### Fixed
2017-07-28 15:11:02 +00:00
2016-05-03 04:15:32 +00:00
- Added loop on TCP accept requests
- Added loop on UDP reads
2016-05-03 04:54:35 +00:00
- Upgraded to mio 0.5.1 for some bug fixes
2016-05-23 06:58:29 +00:00
- Not returning RRSIGs with SOA records on authoritative answers
2016-05-03 04:15:32 +00:00
2016-04-30 19:09:56 +00:00
### Changed
2017-07-28 15:11:02 +00:00
2016-04-30 19:09:56 +00:00
- Internal representation of record sets now a full data structure
- Better rrset keys for fewer clones
- Removed many excessive clones (should make requests even faster)
- Cleaned up authority upsert and lookup interfaces
- All authorities default to IN DNSCLASS now (none others currently supported)
2016-05-09 04:47:43 +00:00
- Cleaned up the Signer interface to support zone signing
2016-05-11 05:11:45 +00:00
- Simplified RData variant implementations
2016-05-30 08:28:25 +00:00
- Improved ENDS and SIG0 parsing on Message deserialization
2016-04-30 19:09:56 +00:00
2016-04-08 06:46:25 +00:00
## 0.5.3 2016-04-07
2017-07-28 15:11:02 +00:00
2016-04-08 06:46:25 +00:00
### Fixed
2017-07-28 15:11:02 +00:00
2016-04-08 06:46:25 +00:00
- [Linux TCP server mio issues ](https://github.com/bluejekyll/trust-dns/issues/9 )
### Changed
2017-07-28 15:11:02 +00:00
2016-04-08 06:46:25 +00:00
- combined the TCP client and server handlers
- reusing buffer in TCP handler between send and receive (performance)
2016-04-05 04:37:30 +00:00
## 0.5.2 2016-04-04
2017-07-28 15:11:02 +00:00
2016-03-31 06:40:05 +00:00
### Changed
2017-07-28 15:11:02 +00:00
2016-04-30 19:09:56 +00:00
- updated mio to 0.5.0
2016-03-31 06:40:05 +00:00
- updated chrono to 0.2.21
- updated docopt to 0.6.78
- updated log to 0.3.5
- updated openssl to 0.7.8
- updated openssl-sys to 0.7.8
- updated rustc-serialize to 0.3.18
- updated toml to 0.1.28
2016-03-31 06:20:11 +00:00
## 0.5.1 2016-03-30
2017-07-28 15:11:02 +00:00
2016-03-15 05:37:41 +00:00
### Added
2017-07-28 15:11:02 +00:00
2016-03-23 04:36:17 +00:00
- NSEC3 resolver validation
2016-03-31 04:25:18 +00:00
- data-ecoding as a dependency (base32hex)
- trust-dns banner on boot of server
### Changed
2017-07-28 15:11:02 +00:00
2016-03-31 04:25:18 +00:00
- Changed the bin.rs to named.rs, more accurate, allow for other binaries
2016-03-23 04:36:17 +00:00
## 0.5.0 2016-03-22
2017-07-28 15:11:02 +00:00
2016-03-23 04:36:17 +00:00
### Added
2017-07-28 15:11:02 +00:00
2016-03-23 04:48:54 +00:00
- Updated rust-openssl to 0.7.8 which include new RSA creation bindings
2016-03-23 04:36:17 +00:00
- NSEC resolver validation
2016-03-15 06:59:49 +00:00
- NSEC3 parsing support
2016-03-15 05:37:41 +00:00
- DNSSec validation of RRSIG and DNSKEY records back to root cert
- Integration with OpenSSL (depends on fork until rust-openssl 0.7.6+ is cut)
2016-03-15 06:59:49 +00:00
- Binary serialization and deserialization of all DNSSec RFC4034 record types
- EDNS support
2016-03-15 05:37:41 +00:00
- Coveralls support added
- Partial implementation of SIG0 support for dynamic update
- SRV record support
### Changed
2017-07-28 15:11:02 +00:00
2016-03-15 05:37:41 +00:00
- Dual licensed with MIT (and Apache 2.0)
- Abstracted Client over TCP and UDP for common implementation of queries
### Fixed
2017-07-28 15:11:02 +00:00
2016-03-15 05:37:41 +00:00
- Binary Serialization and Deserialization of NSEC3
- AXFR SOA ordering
- Travis build failing
### Deprecated
2017-07-28 15:11:02 +00:00
2016-03-15 06:59:49 +00:00
- See updated trust_dns::client::Client API
2016-03-15 05:37:41 +00:00
## 0.4.0 2015-10-17
2017-07-28 15:11:02 +00:00
2016-03-15 05:37:41 +00:00
### Added
2017-07-28 15:11:02 +00:00
2016-03-15 05:37:41 +00:00
- Added AXFR support
- Dynamic update support
### Fixed
2017-07-28 15:11:02 +00:00
2016-03-15 05:37:41 +00:00
- Name pointer support
## 0.3.1 2015-10-04
2017-07-28 15:11:02 +00:00
2016-03-15 05:37:41 +00:00
### Fixed
2017-07-28 15:11:02 +00:00
2016-03-15 05:37:41 +00:00
- Removed buffer clone during label pointer decoding (speed/memory)
2016-03-15 06:59:49 +00:00
- Removed a lot of unnecessary clones, heavier use of Rc
2016-03-15 05:37:41 +00:00
- Binary server bugs (fully functional)
## 0.3.0 2015-09-27
2017-07-28 15:11:02 +00:00
2016-03-15 05:37:41 +00:00
### Added
2017-07-28 15:11:02 +00:00
2016-03-15 05:37:41 +00:00
- Master zone files support BIND time formats, e.g. #h#d
- Toml config file support (not compatible with BIND)
## 0.2.1 2015-09-17
2017-07-28 15:11:02 +00:00
2016-03-15 05:37:41 +00:00
### Added
2017-07-28 15:11:02 +00:00
2016-03-15 05:37:41 +00:00
- Functional tests to verify against other DNS servers
### Changed
2017-07-28 15:11:02 +00:00
2016-03-15 05:37:41 +00:00
- mio replaced std::net operators
## 0.2.0 2015-09-07
2017-07-28 15:11:02 +00:00
2016-03-15 05:37:41 +00:00
### Added
2017-07-28 15:11:02 +00:00
2016-03-15 05:37:41 +00:00
- Server support with catalog and tests for example.com
- Parsing example rfc1035 master file
- new lexer for master zone files with simplified FSM
- Travis CI testing support
- Supported Client with operational query
- Writers for Record Data
- All RFC1035 fields parsing!
- label parsing with UTF8 support
- DNS Class and RecordType enums
### Fixed
2017-07-28 15:11:02 +00:00
2016-03-15 05:37:41 +00:00
- Crates.io keywords, etc.
### Changed
2017-07-28 15:11:02 +00:00
2016-03-15 05:37:41 +00:00
- Cleaned up binary encoders and decoders with objects
## 0.1.0 2015-08-07
2017-07-28 15:11:02 +00:00
2016-03-15 05:37:41 +00:00
### Added
2017-07-28 15:11:02 +00:00
2016-03-15 05:37:41 +00:00
- Started parsing resource records
- Initial Commit!