Hello Jason, On 4/16/25 03:39, jlong via dnsdist wrote:
With dnsdist v2.0.0 alpha1 loading new certs fails in maintenance function using two dnscrypt binds. But works when loading new cert for a single dnscrypt bind.
Thanks a lot for testing alpha1 and reporting this issue! I have been able to reproduce it, and Doug Freed correctly spotted that it was introduced during the refactoring of how frontends and binds are internally registered. The gist of it is that dnsdist has always been keeping two separate, internal frontends objects for each DNSCrypt bind (one for UDP, one for TCP), but after the refactoring getDNSCryptBind() incorrectly counted frontends objects instead of binds. This should be fixed once this PR [1] has been merged. I also added a regression test so that we don't break again in the future.
[1]: https://github.com/PowerDNS/pdns/pull/15463 Thanks again! Best regards, -- Remi Gacogne PowerDNS.COM BV - https://www.powerdns.com/
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ dnsdist mailing list dnsdist@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/dnsdist
