Wed 18 Nov 2015  

getdns-0.5.1 release

273659b3a9236e8f9ae1e69dd37cd2f11554b156f33162c952f40221c1feeaa3

Announcement:



Packaging status

Dear All,

We have special RIPE71 release, version 0.5.1 of getdns.

This release contains all contributions added during the hackathon helt at the IETF94 in Yokahama; carefully reviewed and polished.

The included contributions are:

  • EDNS(0) padding option

    With this option, the query size will be padded to be a multiple of a block size when queried over GETDNS_TRANSPORT_TLS transport, to eliminate guessing the query by analyzing query sizes. The block size can be set with getdns_context_set_tls_query_padding_blocksize() function.

  • An EDNS client subnet private option

    With this option EDNS client subnet aware upstreams are asked to not reveal the originating network of the query.

  • The return_call_debugging extensions

    This extension was already in the API, but had not been implemented yet. It returns "meta" information about a query in the response dict (under the name "call_debugging". On top of the returned information which was already described in the API spec, this version also returns information about the transport eventually used to perform the query, and (if applicable) whether authentication succeeded.

  • A dnssec_roadblock_avoidance extension

    When set, the library will work in stub resolution mode and try to get a by DNSSEC validation assessed answer. On BOGUS answers the library will retry recursive resolution mode. This is the simplest form of passive roadblock detection and avoidance. For a very extensive overview of the types of roadblock, see: draft-ietf-dnsop-dnssec-roadblock-avoidance. Use the --enable-draft-dnssec-roadblock-avoidance option to configure to compile with this extension.

Besides these additions contains a few bugfixes too. For an complete overview see the ChangeLog.


ChangeLog:
* 2015-11-18: Version 0.5.1
  * Bugfix: growing upstreams arrow.
  * Bugfix: Segfault on timeout in specific conditions
  * Bugfix: install getdns_extra.h from build location
  * Bugfix: Don't let cookies overwrite existing EDNS0 options
  * Don't link libdl
  * The EDNS(0) Padding Option (draft-mayrhofer-edns0-padding).
    When using DNS over TLS, query sizes will be padded to multiples
    of a block size given with:
    getdns_context_set_tls_query_padding_blocksize()
  * An EDNS client subnet private option, that will ask a EDNS client
    subnet aware resolver to not reveal any details about the 
    originating network.  See: draft-ietf-dnsop-edns-client-subnet
    Set with: getdns_context_set_edns_client_subnet_private()
  * The return_call_debugging extension.  The extension will also return
    the transport used on top of the information about the request which
    is described in the API spec.
  * A dnssec_roadblock_avoidance extension.  When set, the library will
    work in stub resolution mode and try to get a by DNSSEC validation
    assessed answer.  On BOGUS answers the library will retry rescursive
    resolution mode.  This is the simplest form of passive roadblock
    detection and avoidance: draft-ietf-dnsop-dnssec-roadblock-avoidance.
    Use the --enable-draft-dnssec-roadblock-avoidance option to configure
    to compile with this extension.