Comments (9)
Ok, got to the bottom of it. In changing a bunch of interfaces to return Result (due to some of the changes in OpenSSL), I had made overzealous use of try!() and underthought placement in the validation loops for DNSSec. Everything checks out now.
from hickory-dns.
If you want to submit a PR for that, I'd happily accept.
from hickory-dns.
I started work on this to hopefully fix Travis OSX builds, but man, openssl 0.8.0 is quite different from 0.7 :(
from hickory-dns.
It is pretty different. I'd have liked to get to this myself but have been over-loaded with other things.
from hickory-dns.
2b14581 is the conversion to openssl 0.8.
While that's basically complete, of course my integration tests for the proof of a signed example.com are now failing :(
looking into it.
from hickory-dns.
oh, and I have all the warnings related to the futures stuff cleaned up in a different branch. I'll be getting rid of those in a little bit.
from hickory-dns.
Travis is passing again with this patch at least :)
from hickory-dns.
FYI, looking more deeply, not all secure queries are failing, and some parts of the chain are validating properly. I'm not entirely able to say right now that there isn't a bug here. rollernet tests are all passing right now, which tells me that it's only example.com that is having issues.
It validates the www.example.com against example.com's DNSKEY, but then fails to validate the DNSKEY for example.com. But since rollertnet tests are functioning this might not be an issue with the upgrade.
from hickory-dns.
cargo test -- --ignored
will run all of the integration tests for anyone interested in looking at this.
from hickory-dns.
Related Issues (20)
- Failing to read "_acme-challenge" TXT record HOT 3
- Debug assert triggered: record types do not match, DNSKEY <> Some(Unknown(48)) HOT 4
- do not leak and requested domain to the log HOT 21
- trust-dns quic client can not querry trust-dns quic server HOT 11
- RecordType does not implement Deserialize... but it does? HOT 3
- How to run async dynamic update with DNS SEC? HOT 2
- `proto::op::Message` can panic when `dnssec` is not enabled no debug builds HOT 3
- Panic: "bad character in CAA issuer value" HOT 2
- Prometheus metrics HOT 4
- `ClientConfig` and `RootCertStore` improvements HOT 4
- trust-dns only warns instead of returning Err when it has no nameservers listed in /etc/resolv.conf HOT 6
- read_system_conf returns different Error types on unix vs windows HOT 1
- Unable to build without linking against libssl/libcrypt HOT 2
- Revisit maximum request sizes in TCP, DoT, DoH, and DoQ implementations
- Axfr and AxfrStream issues with big zones HOT 3
- Sync client hang HOT 4
- Hickory DNS rebranding HOT 9
- How can AsyncClient be used with UdpStream? HOT 10
- Use AsyncClient across multiple tokio async tasks HOT 2
- Update ring to support s390x and ppc64el HOT 12
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from hickory-dns.