[dnsdist] dnsdist v2.0..0 alpha1 error on cert rotation
jlongua at wagonut.com
jlongua at wagonut.com
Thu Apr 24 21:24:54 UTC 2025
On 2025-04-24 09:20, Remi Gacogne via dnsdist wrote:
> Hello Jason,
>
> On 4/16/25 03:39, jlong via dnsdist wrote:
>> With dnsdist v2.0.0 alpha1 loading new certs fails in maintenance
>> function using two dnscrypt binds. But works when loading new cert for
>> a single dnscrypt bind.
>
> Thanks a lot for testing alpha1 and reporting this issue! I have been
> able to reproduce it, and Doug Freed correctly spotted that it was
> introduced during the refactoring of how frontends and binds are
> internally registered. The gist of it is that dnsdist has always been
> keeping two separate, internal frontends objects for each DNSCrypt
> bind (one for UDP, one for TCP), but after the refactoring
> getDNSCryptBind() incorrectly counted frontends objects instead of
> binds. This should be fixed once this PR [1] has been merged. I also
> added a regression test so that we don't break again in the future.
>
> [1]: https://github.com/PowerDNS/pdns/pull/15463
>
> Thanks again!
>
> Best regards,
> _______________________________________________
> dnsdist mailing list
> dnsdist at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/dnsdist
Hello Remi,
This is good news, thanks for taking the time to resolve this issue!
Best regards,
Jason
More information about the dnsdist
mailing list