I am very pleased to announce that we have a beta release for version 1.0.0 of getdns
We are now 100% spec complete. The last remaining function from the specification,
getdns_context_set_follow_redirects(), is functional with this release. This release also contains the following improvements and non-spec features:
Use this extension if you want to know about DNSSEC status, but you don't want the DNSSEC protection. When this extension is set, all replies will always be included in the response dict, regardless their dnssec status.
When used on its own or in combination with just
dnssec_return_status, it will return BOGUS replies, but those replies will have
"dnssec_status": GETDNS_DNSSEC_BOGUS. The response dict
When used on in combination with
dnssec_return_only_secure,it will return BOGUS and INSECURE replies (shown in their
"dnssec_status"). The response dict
"status"can be any of the status that the
dnssec_return_only_secureextenstion returns, so
GETDNS_RESPSTATUS_GOODwhen at least one reply was secure,
GETDNS_RESPSTATUS_NO_SECURE_ANSWERSwhen all replies were insecure, or
GETDNS_RESPSTATUS_ALL_BOGUS_ANSWERSwhen all replies were bogus.
With these the unit tests could be adapted so they are not dependent on ldns anymore
GETDNS_APPEND_NAME_TO_SINGLE_LABEL_FIRSTdefault suffix handling *
This makes suffix handling more like what is conventional with system stub behaviour. Suffixes are appended to a name before trying it without suffixes, but only if the name consists of a single label.
Besides these new features and improvements, a few bugs have been fixed. For a complete overview see the ChangeLog below.
We would kindly ask you to review and try out this bete release thoroughly. The 1.0.0 release will follow as soon as we are confident we haven't missed anything and it is ready for production
* 2016-??-??: Version 1.0.0 * openssl 1.1.0 support * GETDNS_APPEND_NAME_TO_SINGLE_LABEL_FIRST default suffix handling * getdns_context_set_follow_redirects() * Read suffix list from registry on Windows * A dnssec_return_all_statuses extension * Set root servers without temporary file (libunbound >= 1.5.8 needed) * Eliminate unit test's ldns dependency * pkts wireformat <-> getdns_dict <-> string conversion functions * Eliminate all side effects when doing sync requests (libunbound >= 1.5.9 needed) * Bugfix: Load gost algorithm if digest is seen before key algorithm Thanks Jelte Janssen * Bugfix: Respect DNSSEC skew. * Offline dnssec validation for any given point in time * Correct return value in documentation for getdns_pretty_print_dict(). Thanks Linus Nordberg * Bugfix: Don't treat "domain" or "search" as a nameserver. Thanks Linus Nordberg * Use the default CA trust store on Windows (for DNS over TLS). * Propagate eventloop to unbound when unbound has pluggable event loops (libunbound >= 1.5.9 needed) * Replace mini_event extension by default_eventloop * Bugfix: Segfault on NULL pin * Bugfix: Correct output of get_api_settings * Bugfix: Memory leak with getdns_get_api_information() Thanks Robert Groenenberg.