Comments (5)
I'd be open to a PR that introduces the use of cargo-hack similar to what we have in the rustls repo. Might want a separate job for it since it could be pretty slow?
(If you just want to fix the dnssec-openssl
warnings, that might be a good start, too.)
@bluejekyll I think you've mentioned wanting to just get rid of OpenSSL-based stuff before, how are you feeling about that project now?
from trust-dns.
I keep hesitating on the removal of OpenSSL because of some of the compliance it has that we're still waiting on for Rustle. I think we should just clean it up instead of fixing up testing related to it, but it wouldn't be hard to fix this.
Today we only test these feature flags directly with clippy:
clippy:
find {{justfile_directory()}} -name '*.rs' -exec touch {} \;
just clippy-inner --no-default-features
just clippy-inner
just clippy-inner --all-features
We could add this after --all-features
, just clippy-inner --features=dnssec-openssl
. OpenSSL generally doesn't get caught, because where they conflict, Rustls takes precedent.
from trust-dns.
I keep hesitating on the removal of OpenSSL because of some of the compliance it has that we're still waiting on for Rustle. I think we should just clean it up instead of fixing up testing related to it, but it wouldn't be hard to fix this.
What kind of compliance are we waiting for? I think Rustls is in a pretty good place today.
from trust-dns.
What kind of compliance are we waiting for?
Primarily, FIPS compliance, does this announcement mean that Rustls is FIPS compliant now? https://www.memorysafety.org/blog/rustls-with-aws-crypto-back-end-and-fips/
from trust-dns.
Yes, Rustls from 0.22 onwards supports the aws-lc-rs crypto provider which has a FIPS mode available (on Linux only).
from trust-dns.
Related Issues (20)
- Request for a wildcard with ANY returns nothing HOT 2
- Handle sockets that have been shut down HOT 5
- Make ```hickory_proto::quic::QuicClientStream``` clonable
- why hickory-proto 0.24.1 ring dependencies is still 0.16.20 HOT 4
- Not convenient to call bind_with_addr to make a AsyncResolver HOT 4
- Bind address in ResolverConfig does not take effort for AsyncResolver HOT 10
- `hickory-dns` responds to `dig A doesnotexist.fqdn.com.` with NOERROR instead of with NXDOMAIN HOT 6
- `hickory-dns` resolver does not honor the DO bit in client's queries HOT 2
- [RFC] DNSSEC validation: configuration syntax HOT 11
- [RFC] re-structure `named.toml` syntax to reject invalid configurations HOT 3
- TCP fallback is not always used and forcing it is not ergonomic HOT 3
- 0.25 Release HOT 10
- Static build support (openssl + cross-compile) HOT 6
- `DnssecDnsHandle` does not appear to validate RRSIG's signature {inception,expiration} fields HOT 1
- malformed query can cause assertion failure at encoder.rs:234 HOT 1
- should `proto::rr::resource::Record.rdata` really be an `Option`? HOT 6
- DNS Resolver rotate feature HOT 5
- [Featture] Expose Path Parameter for DoH Client HOT 1
- Allow passing in a custom client UDP socket to send data from HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from trust-dns.