Version 3.4.1

Monday, October 14, 2024

Features:

  • knotd: ACL configuration allows protocol specification (see 'acl.protocol')
  • knotc: support for benevolent zone updates (see zone-begin with '+benevolent')
  • knotd: implemented TLS session resumption
  • kjournalprint: added print merged changesets mode (see '-M')
  • libknot: added NXNAME meta type (Thanks to Jan Včelák)

Improvements:

  • knotd: DNSKEY synchronization event logs removed/added CDS and (C)DNSKEYs
  • knotd: control command log message contains filters and flags in the debug mode
  • knotc: zone status prints running, pending, and frozen duration
  • knotd,knotc: unification of control flags and filters
  • keymgr: key listing reports configured keys that are inaccessible
  • libs: upgraded embedded libngtcp2 to 1.8.0
  • doc: various fixes and updates

Bugfixes:

  • knotd: missing support for IPv6 link local address configuration
  • knotd: zone reload occasionally causes a core dump #939 (Thanks to solidcc2)
  • knotd: race condition in DDNS over QUIC processing
  • knotd: imperfect signal handling on some auxiliary threads
  • knotd: EDNS EXPIRE not updated when zone signing results in up-to-date
  • knotd: failed to reload autogenerated QUIC/TLS key after process ownership change
  • knotc: zone backup filter +keysonly doesn't disable other defaults
  • kxdpgun: failed to receive more data over QUIC until 1-RTT handshake is done
  • knsupdate: memory leak if rdata parsing fails
  • doc: failed to install manual pages from a tarball
  • Dockerfile: TCP port 853 not exposed for DoT