Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Features Merge PR openembedded#317: ZONEMD Zone Verification, with RFC 8976 support. ZONEMD records are checked for zones loaded as auth-zone, with DNSSEC if available. There is an added option zonemd-permissive-mode that makes it log but not fail wrong zones. With zonemd-reject-absence for an auth-zone the presence of a zonemd can be mandated for specific zones. Fix: Resolve interface names on control-interface too. Merge openembedded#470 from edevil: Allow configuration of persistent TCP connections. Fix openembedded#474: always_null and others inside view. Add that log-servfail prints an IP address and more information about one of the last failures for that query. Merge openembedded#478: Allow configuration of TCP timeout while waiting for response. Add ./configure --with-deprecate-rsa-1024 that turns off RSA 1024. Move the NSEC3 max iterations count in line with the 150 value used by BIND, Knot and PowerDNS. This sets the default value for it in the configuration to 150 for all key sizes. zonemd-check: yesno option, default no, enables the processing of ZONEMD records for that zone. Merge openembedded#486 by fobster: Make VAL_MAX_RESTART_COUNT configurable. Merge PR openembedded#491: Add SVCB and HTTPS types and handling according to draft-ietf-dnsop-svcb-https. Introduce 'http-user-agent:' and 'hide-http-user-agent:' options. Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
- Loading branch information
