Constellation v1.15.0

• 🎉 Constellation is now fully asynchronous and non blocking!
• Migrated from trust-dns v0.14 to hickory v0.24 (Hickory is the new name for the same library, making the DNS server fully asynchronous).
• Migrated Redis connection pool manager from r2d2 to bb8 (making the Redis client fully asynchronous).
• Added support for CAA DNS records (direct serving and flattening).
• Added an option to configure after how many seconds a failed Redis connection can be used again, with the redis.delinquency_seconds configuration variable.
• Fixed an issue where the MaxMind GeoIP database could not be refreshed anymore (since around April 2024, due to a HTTP 302 redirection from MaxMind update servers).
• Updated GeoDNS country information.
• Bumped dependencies to latest versions: toml, clap, regex, tar, http_req, maxmind, actix-web and actix-web-httpauth.

Constellation v1.14.3

• Fixed packaging for Debian 10, Debian 11 and Debian 12 on x86_64 architecture.

Constellation v1.14.2

• Publish .deb packages for Debian 10, Debian 11 and Debian 12 on x86_64 architecture.

Constellation v1.14.1

• Moved the release pipeline to GitHub Actions.

Constellation v1.14.0

• Moved HTTP server from rocket to actix, meaning Constellation now builds on Rust stable.
• Patched dependency rusqlite depended upon by trust-dns-server, so that Constellation builds on latest Rust compilers (note that this is a temporary fix, until substantial work is done to update trust-dns-server et al to latest).

Constellation v1.13.0

• Bumped trust-dns-server to v0.14.0, from v0.13.0. This addresses an issue where a remote attacker could put down a target UDP or TCP listener by sending an invalid DNS packet, which would require a full process restart.
• Adjusted the guard against DNS server main thread DOS attacks, by lowering to 1/3 of 3s the time chunk allowance.

Constellation v1.12.6

• Fixed an invalid behavior of the store system, where local cache was not fully leveraged for non-existing records for a given query type, resulting in Redis EXISTS being sent to the remote store for every such DNS query.

Constellation v1.12.5

• Implemented a guard against DNS server main thread DOS attacks, due to sending floods of random DNS queries that would poll the Redis store. Constellation now only allows spending 2/3 of 3s time chunks waiting for Redis, otherwise it would SERVFAIL, effectively defeating those kind of DOS attacks.

Constellation v1.12.4

• Multiple CNAME values can now be flattened at once for the same record, and merged together. This feature was omitted in the first CNAME flattener implementation, though it may prove useful in certain use cases.

Constellation v1.12.3

• Bumped trust-dns-resolver to v0.9.1, which implements a more efficient way to share tokio reactor cores across resolve calls (less leaky, which helps avoid further file descriptor leaks caused by the trust-dns-resolver library).