Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Implement a TLS service on a dedicated TLS port 
    • Adds new options in configuration file: 
      • 'tls-service-key:   <path_to_key_file>
      • 'tls-service-pem: <path_to_pem_file>'
      • tls-port:                <port for TLS service> 
  • Add support for DNS-over-TLS (experimental). 
    • Adds new configuration file options:
      • 'do-starttls:             yes/no'                   # enable STARTTLS
    • Adds option to use the TO bit for STARTTLS. Enable with --enable-TObit configure option.
  • Initial attempt to change behaviour of writes over SSL so that the DNS message is sent in a single packet when possible. (Previous behaviour was to send the length and message content separately.) 
  • Adds experimental server support for TCP Fast open (linux only). Enable with --enable-tcp-fastopen configure option.

Installation

  1. apply patch
  2. run 'autoreconf --force'
  3. optionally specify the --enable-tcp-fastopen  and/or --enable-TObit flags and when running 'configure'
  4. make, make install