TRust-DNS Resolver 0.9 and Client/Server 0.14

announcements
29

TRust-DNS Resolver 0.9

The big announcement here is DNS-over-TLS is finally in the Resolver! Thank you to cloudflare 1.1.1.1 and quad9 9.9.9.9 for finally giving us some endpoints with which we can use DNS-over-TLS. TRust-DNS Client and Server have supported DNS-over-TLS for over a year, but we never had a recursive resolver we could use for our configuration in the Resolver, so I held of implementing it until there were some 3rd parties to validate with. This requires one of the DNS-over-TLS features to be enabled for use. dns-over-rustls will use the *ring* based rustls library, and if you're also using DNSSec would work best with dnssec-ring for the greatest overlap in library usage. The other feature for suggested use would be to use dns-over-native-tls, which will use the host platforms default TLS implementation. There is dns-over-openssl as well, but that requires a bit more to configure the root CA's, etc, so I don't recommend it's usage unless you know what you're doing. If you have one of those features enabled, then you should see in the docs for the trust_dns_resolver::ResolverConfig these functions: cloudflare_tls and quad9_tls, see config::NameServerConfigGroup if you're interested in a method of combining the NameServers from both into a single NameServerPool.

The next big announcement is that all the libraries have been ported to the new tokio. I had very little to do with this effort, and it was massive. We owe a huge debt of gratitude to @Keruspe and @justinlatimer who did a substantial amount to get this done. Thank you! In the process we noticed many of the internal types in the libraries were not Send, this has been fixed, and should make things a little easier to use.

In the vain of making things a little easier to use, after working through some issues with @zonyitoo it became apparent that there is a gap in the library. We need a global resolver people can address and use statically (probably will require a background thread). Before that lands we put together and example in the library for creating one before a version is added to the library: https://github.com/bluejekyll/trust-dns/blob/master/resolver/examples/global_resolver.rs. Any feedback on this can go into the related issue, https://github.com/bluejekyll/trust-dns/issues/462.

There were many other improvements as well, like TTLs being exposed from Lookups by @hawkw and other fixes and improvements, see below. Thank you to all the trust-dns contributors, https://github.com/bluejekyll/trust-dns/graphs/contributors!

0.9 Resolver

Added

  • DNS-over-TLS configurations (requires one of dns-over-native-tls or dns-over-rustls features) #396
  • Experimental DNS-SD, service discovery (RFC 6763, mdns feature required) #363
  • Experimental mDNS, multicast DNS, known issues persist (RFC 6762, mdns feature required) #337
  • Exposed TTLs on Lookup objects @hawkw #444
  • Added global resolver example #460

Changed

  • Use tokio-timer (part of tokio upgrade) @justinlatimer #411
  • Backtrace now optional @briansmith #416
  • Upgrade to tokio-tcp (tokio upgrade) @Keruspe #426
  • Upgrade to tokio-udp (tokio upgrade) @Keruspe #427
  • Upgrade to tokio-executor (tokio upgrade) @Keruspe and @justinlatimer #438
  • Always reattempt nameserver reconnections regardless of time #457
  • Defaulted type parameter for LookupFuture, removed InnerLookupFuture #459

Fixed

  • BinEncoder panic on record sets of extreme sizes #352
  • Panic when oneshot channel receiver goes away #356
  • Incorrect IPv6 configuration for Google nameservers #358
  • Properly yield on failure to acquire lock #372
  • Correct order of search list with ndots variable #410
  • Send (Sync where applicable) enforced on all DnsHandle::send and other interfaces #460
  • Properly track max query depth as a task_local not thread_local #460, #469
  • IPv4 like name resolution in lookup_ip with search order #467

Removed

  • usage of tokio-core::Core @Keruspe #446

TRust-DNS Client and Server 0.14

The Client and Server libraries have also been updated. There are fewer big things to announce here, but it also benefited from the tokio upgrade. Thanks!

0.14.0

Changed

  • Updated trust-dns-proto to 0.3, which brings in better Name and Label impls
  • rusqlite updated to 0.13 #331 (@oherrala)
  • Many serialization improvements #317
  • Use tokio-timer (part of tokio upgrade) @justinlatimer #411
  • Backtrace now optional @briansmith #416
  • Use tokio-tcp (part of tokio upgrade) @Keruspe #426
  • Use tokio-udp (part of tokio upgrade) @Keruspe #426
  • Upgrade to tokio-executor (tokio upgrade) @Keruspe and @justinlatimer #438
  • Send (Sync where applicable) enforced on all DnsHandle::send and other interfaces #460
  • ClientHandle api return Send @ariwaranosai #465

Added

  • Name and Label now support idna, punycode, see Name::from_str
  • trust_dns::rr::ZoneUsage for detecting restrictions on Names and their associated zones

Fixed

  • octal escapes fixed in Name parsing #330
  • NULL record type incorrectly valued at 0 to proper 10 #329 (@jannic)
  • BinEncoder panic on record sets of extreme sizes #352
  • Panic when oneshot channel receiver goes away #356
  • Hung server on UDP due to bad data #407

Removed

  • usage of tokio-core::Core @Keruspe #446
6 Likes