[getdns-api] getdns 1.0.0 released
Willem Toorop
willem at nlnetlabs.nl
Tue Jan 17 16:38:30 CET 2017
Dear All,
We are pleased to announce release 1.0.0 of our library implementation
of the getdns API. This release implements the "December 2015"
specification of the API. With the exception of namespaces (i.e. mDNS),
everything in the API specification is implemented in this release. This
for us was a clear marker for a 1.0.0 release.
getdns is a modern asynchronous DNS API. It implements DNS entry points
from a design developed and vetted by application developers, in an API
specification. With the implementation of this API, we intend to offer
application developers a modernized and flexible way to access DNS
security (DNSSEC) and other powerful new DNS features; a particular hope
is to inspire application developers towards innovative security
solutions in their applications. The open source C implementation of
getdns is developed and maintained in collaboration by NLnet Labs,
Sinodun, No Mountain Software and others. This implementation is
licensed under the New BSD License.
Since the second beta release of 1.0.0, last July, new functionality has
not been added in this branch. All efforts for the 1.0.0 release have
been focussed towards testing stability and robustness and proper
operation on different platforms.
Alongside this release, we have refactored our website and updated it
with an example (see https://getdnsapi.net/blog/categories/basic/ ).
It is our intention to add more examples illustrating how to use getdns
for common use cases in the future.
Note that this does not mean that we have not worked on new features and
functionality. Also in this time we have worked on new features and
functionality in the develop branch. A new feature release of getdns
will follow shortly (early 2017). It will also contain all the
robustness updates that went into 1.0.0, but will introduce only new
functionality not in the API specification, primarily enhancements of
our implementation of newer DNS specifications such as RFC 7858. and
that perhaps has been less thoroughly tested and covered in our unit tests.
Note: if you are a package maintainer, we recommend that you not pick up
release 1.0.0 but wait for the first non-beta release of 1.1 in early 2017.
Happy new year!
link : https://getdnsapi.net/dist/getdns-1.0.0.tar.gz
pgp : https://getdnsapi.net/dist/getdns-1.0.0.tar.gz.asc
sha256: a0460269c6536501a7c0af9bc97f9339e05a012f8191d5c10f79042aa62f9e96
ChangeLog
=========
* 2017-01-13: Version 1.0.0
* edns0_cookies extension enabled by default (per RFC7873)
* dnssec_roadblock_avoidance enabled by default (per RFC8027)
* bugfix: DSA support with OpenSSL 1.1.0
* Initialize OpenSSL just once in a thread safe way
* Thread safety with arc4random function
* Improvements that came from Visual Studio static analysis
Thanks Christian Huitema
* Conventional RFC3986 IPv6 [address]:port parsing from getdns_query
* bugfix: OpenSSL 1.1.0 style crypto locking
Thanks volkommenheit
* configure tells *which* dependency is missing
* bugfix: Exclude terminating '\0' from bindata's returned by
getdns_get_suffix(). Thanks Jim Hague
* Better README.md. Thanks Andrew Sullivan
* 2016-07-14: Version 1.0.0b2
* Collect coverage information from the unit tests
Thanks Shane Kerr
* pkg-config for the getdns_ext_event library
Thanks Tom Pusateri
* Bugfix: Multiple requests on the same upstream with a transport
that keeps connections open in synchronous stub mode.
* Canonicalized DNSSEC chain with dnssec_return_validation_chain
(when validated)
* A dnssec_return_full_validation_chain extension which includes
then validated resource records.
* Bugfix: Callbacks fired while scheduling (answer from cache)
with the unbound plugable event API
* header extension to set opcode and flags in stub mode
* Unit tests that cover more code
* Static checking with the clang analyzer
* getdns_pretty_print_dict prints dname's as primitives
* Accept just bindata's instead of address dicts.
Allow misshing "address_type" in address dicts.
* TLS session resumption
* -C <config file> option to getdns_query to configure context
from a json like formated file. The output of -i (print API
information) can be used as config file directly.
Settings may also be given in this format as arguments of
the getdns_query command directly.
* DNS server mode for getdns_query. Enable by providing addresses
to listen on, either by giving "-z <listen address>" options or by
providing "listen_addresses" in the config file or settings.
* Bugfixes from deckard testing: CNAME loop protection.
* "srv_addresses" in response dict with getdns_service()
* use libbsd when available
Thanks Guillem Jover
* Bugfix: DNSSEC wildcard validation issue
* Bugfix: TLS timeouts not re-using a connection
* A getdns_context_get_eventloop(), to get the current
(pluggable) eventloop from context
* getdns_query now uses the default event loop (instead of custom)
* Return call_reporting info in case of timeout
Thanks Robert Groenenberg
* Bugfix: Build fails with autoconf 2.63, works with 2.68.
Thanks Robert Groenenberg
* Doxygen output for getdns.h and getdns_extra.h only
* Do not call SSL_library_init() from getdns_context_create() when
the second bit from the set_from_os parameter is set.
* 2016-03-31: Version 1.0.0b1
* openssl 1.1.0 support
* GETDNS_APPEND_NAME_TO_SINGLE_LABEL_FIRST default suffix handling
* getdns_context_set_follow_redirects()
* Read suffix list from registry on Windows
* A dnssec_return_all_statuses extension
* Set root servers without temporary file (libunbound >= 1.5.8 needed)
* Eliminate unit test's ldns dependency
* pkts wireformat <-> getdns_dict <-> string
conversion functions
* Eliminate all side effects when doing sync requests
(libunbound >= 1.5.9 needed)
* Bugfix: Load gost algorithm if digest is seen before key algorithm
Thanks Jelte Janssen
* Bugfix: Respect DNSSEC skew.
* Offline dnssec validation for any given point in time
* Correct return value in documentation for
getdns_pretty_print_dict(). Thanks Linus Nordberg
* Bugfix: Don't treat "domain" or "search" as a nameserver.
Thanks Linus Nordberg
* Use the default CA trust store on Windows (for DNS over TLS).
* Propagate eventloop to unbound when unbound has pluggable event
loops (libunbound >= 1.5.9 needed)
* Replace mini_event extension by default_eventloop
* Bugfix: Segfault on NULL pin
* Bugfix: Correct output of get_api_settings
* Bugfix: Memory leak with getdns_get_api_information()
Thanks Robert Groenenberg.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 829 bytes
Desc: OpenPGP digital signature
URL: <http://getdnsapi.net/pipermail/spec/attachments/20170117/9b0d1440/attachment.bin>
More information about the spec
mailing list