[getdns-users] getdns-1.7.0 and stubby-0.4.0 released
Willem Toorop
willem at nlnetlabs.nl
Fri Jun 4 19:38:03 UTC 2021
Dear all,
It's alive! We finally have a new 1.7.0 release of getdns. Sorry that
this has taken so long. We promise that a next release will not take
this long again. In fact, from now on we are committing ourselves to do
new releases at least every three months. You can hold us to that!
This release has a Stubby version 0.4.0 included with updated upstream
servers in the example stubby.yml config file.
*Warning!*: We will retire the dnsovertls*.sinodun.com servers later
this year. The current example stubby.yml config file has
dnsovertls.sinonodun.com and dnsovertls1.sinodun.com as default
DNS-over-TLS upstreams (next to getdnsapi.net), but they will be
excluded from the config in the next release. We are considering other
options as the default upstream servers and we welcome feedback and
input from you in this github issue:
https://github.com/getdnsapi/stubby/issues/286
With the introduction of CMake as our new build system a few bugs have
crept in. This getdns release has those corrected. Most notably:
* TLS1.3 cipher suites can now be configured again, either at context
level with the getdns_context_set_tls_ciphersuites() function, or at
upstream level by specifying a tls_ciphersuites entry.
* The eventloop extension libraries have their old names again:
libgetdns_ext_event, libgetdns_ext_ev and libgetdns_ext_uv.
Besides these (and some other) bugfixes, this release has work included
to improve user experience when falling back to other transports or
upstreams after failure:
* Limiting the time a TLS Handshake may take to 4/5th of the query
timeout.
* Setting of the number of milliseconds send data may remain
unacknowledged by the peer in a TCP connection (when supported by
the OS) with the getdns_context_set_tcp_send_timeout(). Contributed
by maciejsszmigiero. Thanks Maciej!
Also, people that had problems with truncated packets or too large
packets from Stubby, may have less issues because smaller responses are
returned thanks to the name-compression contribution from amialkow.
Thanks Andy!
link : https://getdnsapi.net/dist/getdns-1.7.0.tar.gz
pgp : https://getdnsapi.net/dist/getdns-1.7.0.tar.gz.asc
sha256: ea8713ce5e077ac76b1418ceb6afd25e6d4e39e9600f6f5e81d3a3a13a60f652
web : https://getdnsapi.net/releases/getdns-1-7-0/
github: https://github.com/getdnsapi/getdns/releases/tag/v1.7.0
ChangeLog
=========
* 2021-06-04: Version 1.7.0
* Make TLS Handshake timeout max 4/5th of timeout for the query,
just like connection setup timeout was, so fallback transport
have a chance too when TCP connection setup is less well
detectable (as with TCP_FASTOPEN on MacOS).
* Issue #466: Memory leak with retrying queries (for examples
with search paths). Thanks doublez13.
* Issue #480: Handling of strptime when Cross compiling with CMake.
A new option to FORCE_COMPAT_STRPTIME (default disabled) will
(when disabled) make cmake assume the target platform has a POSIX
compatible strptime when cross-compiling.
* Setting of the number of milliseconds send data may remain
unacknowledged by the peer in a TCP connection (when supported
by the OS) with getdns_context_set_tcp_send_timeout()
Thanks maciejsszmigiero.
* Issue #497: Fix typo in CMAKE included files, so Stubby can use
TLS v1.3 with chipersuites options ON. Thanks har-riz.
* Basic name compression on server replied messages. Thanks amialkow!
This alleviates (but might not completely resolve) issues #495 and
#320 .
* Eventloop extensions back to the old names libgetdns_ext_event,
libgetdns_ext_ev and libgetdns_ext_uv.
* Compilation warning fixes. Thanks Andreas!
Stubby ChangeLog
================
* 2021-06-04: Version 0.4.0
* We announce the intention to remove the dnsovertls*.sinodun.com
servers from the default resolver list in the next release,
see https://github.com/getdnsapi/stubby/issues/286 for details.
* Add ability to run Stubby as a full Windows service
* Update IPs for dot1.applied-privacy.net
* Remove the secure.eu entries in the stubby config file
* Bugfix: Make `run_in_foreground = 1` the default again
* Support yaml config files that do not use quotes
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.getdnsapi.net/pipermail/users/attachments/20210604/f4afa570/attachment.bin>
More information about the Users
mailing list