Software update: Knot Resolver 3.2.1




Knot Resolver is an open source dns recursor written in C and LuaJIT. When you run a dns look-up, a recursor initially starts asking the look-up question to a dns root server. This can then refer to other servers, from where it can be redirected to other servers and so on, until finally a server is reached that knows the answer or knows that the look-up is not possible. This can be the case if the name does not exist or the servers do not respond. Knot Resolver is for example used by Cloudflare for their dns service. The developers of CZ NIC have released version 3.2.1 with the following modifications:

Knot Resolver 3.2.1 released

Bug fixes
trust_anchors: respect validity time range during TA bootstrap (! 748)
fix TLS rehandshake handling (! 739)
make TLS_FORWARD compatible with GnuTLS 3.3 (! 741)
special thanks to Grigorii Demidov for his long-term work on Knot Resolver!
improve handling or timeouted outgoing TCP connections (! 734)
trust_anchors: check syntax or public keys in DNSKEY RRs (! 748)
validator: clarify message about bogus non-authoritative data (! 735)
dnssec validation failures contain more verbose reasoning (! 735)
new function trust_anchors.summary () describes state of DNSSEC TAs (! 737), and logs new state of trust anchors after start up and automatic changes
trust anchors: refuse revoked DNSKEY even if specified explicitly, and downgrade missing the SEP bit to a warning
Version number 3.2.1
Release status Final
License type Conditions (GNU / BSD / etc.)


In: A Technology & Gadgets Asked By: [23633 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »