Benjamin Fry
Benjamin Fry
Thank you for the report, and the investigation into the root cause. I’ll try and figure out what’s going on here.
This might be related to #692
@carllerche are you aware of any potential leaks in regards to tokio-timer usage? I think we have two related issues in trust-dns now, not sure if it’s how these libraries...
Which version of rustls is needed? Can you check if the 0.21.0-alpha has that? If so, we’re probably going to release that branch next week.
@Lukas1818, can you see if `0.21.1` meets your needs? Recently released.
ping @Lukas1818, did this resolve the issue for you?
If rustls supports pkcs12, this is probably just a gap in support in trust-dns. We just need to add it to the logic for reading keys.
This is where we read the key: https://github.com/bluejekyll/trust-dns/blob/df82c60b341115e5b9117959cd022d5172461377/crates/server/src/config/dnssec.rs#L397-L401 So if you specify pkcs12, we will bail directly. It looks like based on the code in the linked issue you showed,...
> Short-term, we'd like name server sorting to be configurable (at least able to turn on/off) Yes, that sounds like a good idea. > I need to do some more...
@nhurley3, I really like your proposal on improving the existing algorithm. That is inline with where I was trying to get to, but never completed. This would be really useful...