Version 3.0.6
Wednesday, May 12, 2021
Features:
- mod-probe: new module for simple traffic logging (Python API not yet included)
Improvements:
- keymgr: new mode for listing zones with at least one key stored
- keymgr: the pregenerate command accepts optional timestamp-from parameter
- kzonecheck: accept '-' as substitution for standard input #727
- knotd: print an error when unable to change owner of a logging file
- knotd: new warning log if no interface is configured
- knotd: new signing policy check for NSEC3 iterations higher than 20
- knotd: don't allow backup to/restore from the DB storage directory
- Various code (mostly zone backup/restore), tests, and documentation improvements
Bugfixes:
- knotd: secondary fails to load zone file if HTTPS or SVCB record is present #725
- knotd: (KSK roll-over) new KSK is not signing DNSKEY long enough before DS submission
- knotd: (KSK roll-over) old KSK uselessly published after roll-over finished
- knotd: malformed address in TCP-related logs when listening on a UNIX socket
- knotd: server responds FORMERR instead of BADTIME if TSIG signed time is zero #730
- modules: incorrect local and remote addresses in the XDP mode
- modules: failed to read configuration from a section without identifiers
- mod-synthrecord: queries on synthesized empty-non-terminals not answered with NODATA
- keymgr: confusing error if del-all-old command fails