[getdns-api] getdns 1.0.0b1 release
Willem Toorop
willem at nlnetlabs.nl
Thu Mar 31 12:17:23 UTC 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Dear All,
I am very pleased to announce that we have a beta release for version
1.0.0 of getdns
We are now 100% spec complete. The last remaining function from the
specification, getdns_context_set_follow_redirects(), is functional
with this release. This release also contains the following
improvements and non-spec features:
* A dnssec_return_all_statuses extension
Use this extension if you want to know about DNSSEC status, but
you don't want the DNSSEC protection. When this extension is
set, all replies will always be included in the response dict,
regardless their dnssec status.
When used on its own or in combination with just
dnssec_return_status, it will return BOGUS replies, but those
replies will have "dnssec_status": GETDNS_DNSSEC_BOGUS. The
response dict "status" will be GETDNS_RESPSTATUS_GOOD then.
When used on in combination with dnssec_return_only_secure, it
will return BOGUS and INSECURE replies (shown in their
"dnssec_status"). The response dict "status" can be any of the
status that the dnssec_return_only_secure extenstion returns,
so GETDNS_RESPSTATUS_GOOD when at least one reply was secure,
GETDNS_RESPSTATUS_NO_SECURE_ANSWERS when all replies were
insecure, or GETDNS_RESPSTATUS_ALL_BOGUS_ANSWERS when all
replies were bogus.
* Conversion functions for DNS messages.
With these the unit tests could be adapted so they are not
dependent on ldns anymore
* GETDNS_APPEND_NAME_TO_SINGLE_LABEL_FIRST default suffix
This makes suffix handling more like what is conventional with
system stub behaviour. Suffixes are appended to a name before
trying it without suffixes, but only if the name consists of a
single label.
* MS Windows version in 100% working
The default event loop, that is also used for synchronous
calls, has been renewed. With it, TCP and TLS transports are
now also possible on MS Windows.
The event loop extension (custom or not) will now also be used
in recursive lookups (the yet unrelease libunbound >= 1.5.9 is
needed for this). Because of this it is now also possible to
do recursive requests in MS Windows.
The MS Windows native certificate store will be used with TLS
transport and also suffixes are initialized as the system stub
is.
Besides these new features and improvements, a few bugs have been
fixed. For a complete overview see the ChangeLog below.
We would kindly ask you to review and try out this beta release
thoroughly. The 1.0.0 release will follow as soon as we are confident
we haven't missed anything and it is ready for production
link: https://getdnsapi.net/dist/getdns-1.0.0b1.tar.gz.asc
md5 : eb7f6d78499e5d21b7e67b2e6704e7d7
sha1: b8b21d8676dc29bfe61c70b490ec0842cf987012
pgp : https://getdnsapi.net/dist/getdns-1.0.0b1.tar.gz.asc
* 2016-??-??: Version 1.0.0
* openssl 1.1.0 support
* GETDNS_APPEND_NAME_TO_SINGLE_LABEL_FIRST default suffix handling
* getdns_context_set_follow_redirects()
* Read suffix list from registry on Windows
* A dnssec_return_all_statuses extension
* Set root servers without temporary file (libunbound >= 1.5.8 needed)
* Eliminate unit test's ldns dependency
* pkts wireformat <-> getdns_dict <-> string
conversion functions
* Eliminate all side effects when doing sync requests
(libunbound >= 1.5.9 needed)
* Bugfix: Load gost algorithm if digest is seen before key algorithm
Thanks Jelte Janssen
* Bugfix: Respect DNSSEC skew.
* Offline dnssec validation for any given point in time
* Correct return value in documentation for
getdns_pretty_print_dict().
Thanks Linus Nordberg
* Bugfix: Don't treat "domain" or "search" as a nameserver.
Thanks Linus Nordberg
* Use the default CA trust store on Windows (for DNS over TLS).
* Propagate eventloop to unbound when unbound has pluggable event
loops (libunbound >= 1.5.9 needed)
* Replace mini_event extension by default_eventloop
* Bugfix: Segfault on NULL pin
* Bugfix: Correct output of get_api_settings
* Bugfix: Memory leak with getdns_get_api_information()
Thanks Robert Groenenberg.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJW/RVTAAoJEOX4+CEvd6SYJx8P/RPzQpkN5vGf0d+9fH7Q4WuA
h5ERoEPf5womzP2Eug284ISNBza+9n/YvlMCaP9dHouVhaSRIjxd6uuopULwbWK5
WZ/R5d6Nmg0h0t6R6j4x+fbzUXjAKo47x8MbTVaon5HFUOtpiTdIsn3uqdng2/ib
Yebt3f6TSX319ykl4mGvm+NDV94c5jLNHw1/RWbNO0vWUfnXVb4Lta0PJ1e0DNHr
Y/DyDaCREnau7zTBD1V49t7FYrBbzxScAahrLItHiS91vx9CA7EzPf5Y38kPPO4b
LyZsorhj6RR1ZxYcwoN51pmk5/l4hUo7A9TBfk5nyHq9swWa0W4fUmN1xre8z2JV
AiQc536jKelPYuePkAzZ5RBdxYC2battwmKAbu09Typs3myCOU6R9/DPBc0XSB63
S1dCcWtjwp4y/n8U+IvDPwcG86/BFyo1NlQGit6NWjr6dO1meq31QWqP6Q9F23fY
7Gs2Y04NAqc1hZfIrbS+XlsbJ2H973jS8xXJtJ5mDq8S6irTA0ltWD9CoxtNon6Q
aSDNTqRxRR86Ud1HViO0atetHHf1WKSFCBv9E/yGopor6lxqo2efIkSBAg4XE6IA
GZur/AmfJdMdvonVOADvTabER9AkeKs56OFEeXEpc3gwFDiDqpjOF0ZWDGDnRwym
Ww02CVYJ0i3gVX7vDBkE
=oiuB
-----END PGP SIGNATURE-----
More information about the spec
mailing list