[getdns-users] getdns 0.5.0 release candidate

Visweswaran, Gowri gvisweswaran at verisign.com
Thu Oct 29 14:02:00 CET 2015 

The changes have been added to getdns_extra.h Scott. I did a compare of
the files vs V030
To change the node bindings.

Gowri

On 10/29/15, 8:47 AM, "Hollenbeck, Scott" <shollenbeck at verisign.com> wrote:

>> -----Original Message-----
>> From: Users [mailto:users-bounces at getdnsapi.net] On Behalf Of Willem
>> Toorop
>> Sent: Thursday, October 22, 2015 2:00 PM
>> To: libgetdns users list
>> Subject: [getdns-users] getdns 0.5.0 release candidate
>> 
>> Dear All,
>> 
>> We have a release candidate for version 0.5.0 of getdns.
>> 
>> This is mostly a new features release
>> 
>> This release does all crypto operations using OpenSSL directly and has
>> no longer a dependency on libldns. Note however that libldns is still
>> used by the unit tests.
>> 
>> Following the October 2015 release of the API specification, this
>> library release now allows to accesses deeply embeded datastructure
>> members in getdns_dicts by JSON Pointer RFC 6901. This works both for
>> both the getter and setter functions.
>> 
>> DNS over TLS now uses the default IANA assigned port number for
>> domain-s: 853.
>> 
>> This release includes an experimental implementation of upstream
>> server hostname authentication for TLS connections in stub mode (note
>> that the default behaviour has not changed compared to the 0.3
>> release). A new, non-standard function
>> getdns_context_set_tls_authentication() can be used to set the
>> authentication to GETDNS_AUTHENTICATION_ which requires that a server
>> provides a valid certificate (validated using the default CA
>> repository) and that the hostname specified in the "tls_auth_name"
>> field of the upstream dict matches that in the certificate. The
>> authentication setting is only enforced when the transport list
>> contains only GETDNS_TRANSPORT_TLS and in this case if authentication
>> fails for all upstreams, queries will fail. If the transport list
>> contains other clear text transports then opportunistic TLS will be
>> performed which does not require authentication of the TLS connection.
>> Examples of usage using the getdns_query tool can be found in the
>> tests_transports.sh script in the test directory.
>
>Willem, I had some time to look at the release this morning to see what
>needs to be done with the PHP language bindings. I did a git pull and
>checked out the v0.5.0 branch. I see that a new constant
>(GETDNS_RETURN_NOT_IMPLEMENTED) has been added, but I don't see any
>changes to the getdns_dict_get_* and getdns_dict_set_* functions. I don't
>see getdns_context_set_tls_authentication(). What did I miss?
>
>Scott
>
>_______________________________________________
>Users mailing list
>Users at getdnsapi.net
>http://getdnsapi.net/mailman/listinfo/users

More information about the Users mailing list