mirror of https://github.com/getdnsapi/getdns.git
Sara Dickinson
parent
133426b7db
commit
1ba2e5bf4d
21
README.md
21
README.md
|
|
@ -19,6 +19,8 @@ Traditional access to DNS data from applications has several limitations:
|
|||
|
||||
* Sophisticated uses of the DNS (things like IDNA and DNSSEC validation) require considerable application work, possibly by application developers with little experience with the vagaries of DNS.
|
||||
|
||||
getdns also provides a prototype DNS Privacy enabled client called 'stubby' - see below for more details.
|
||||
|
||||
## Motivation for providing the API
|
||||
|
||||
The developers are of the opinion that DNSSEC offers a unique global infrastructure for establishing and enhancing cryptographic trust relations. With the development of this API we intend to offer application developers a modern and flexible interface that enables end-to-end trust in the DNS architecture, and which will inspire application developers to implement innovative security solutions in their applications.
|
||||
|
|
@ -73,9 +75,13 @@ If you want to make use of the configuration files that utilise a JSON-like form
|
|||
|
||||
before building.
|
||||
|
||||
If you want to use the getdns_query command line wrapper script for testing or to enable getdns as a daemon then you must build it using
|
||||
As well as building the getdns library 2 other tools are installed by default by the above process:
|
||||
|
||||
* getdns_query: a command line test script wrapper for getdns
|
||||
* stubby: a DNS Privacy enabled client
|
||||
|
||||
Note: If you only want to build stubby, then use the `--enable-stub-only` and `--without-libidn` options when running 'configure'.
|
||||
|
||||
# make getdns_query
|
||||
|
||||
## Minimizing dependencies
|
||||
|
||||
|
|
@ -91,6 +97,17 @@ The implementation works with a variety of event loops, each built as a separate
|
|||
* [libuv](https://github.com/joyent/libuv)
|
||||
* [libev](http://software.schmorp.de/pkg/libev.html)
|
||||
|
||||
## Stubby
|
||||
|
||||
* Stubby is a prototype implementation of a DNS Privacy enabled stub resolver. Feedback is welcome!
|
||||
* A default configuration file is available here uses a 'Strict' privacy usage profile using some of the available test DNS Privacy servers to resolve queries. Note these servers are test servers that offer no service guarantees. An alternative file can be specified with the '-C' flag
|
||||
* If you would like minimal logging output from Stubby (which servers are used and connection level statistics) then also use the '--enable-debug-daemon' flag when running 'configure'.
|
||||
|
||||
To use stubby
|
||||
* Start stubby from the command line
|
||||
* Test it by doing, for example, 'dig @127.0.0.1 www.example.com'
|
||||
* Alter the default DNS resolvers on your system to point at localhost (127.0.0.1, ::1)
|
||||
|
||||
## Regression Tests
|
||||
|
||||
A suite of regression tests are included with the library, if you make changes or just
|
||||
|
|
|
|||
|
|
@ -720,16 +720,15 @@ _getdns_upstream_shutdown(getdns_upstream *upstream)
|
|||
STUB_DEBUG_DAEMON, upstream->addr_str,
|
||||
(int)upstream->responses_received, (int)upstream->responses_timeouts,
|
||||
getdns_auth_str_array[upstream->tls_auth_state], (int)upstream->keepalive_timeout);
|
||||
DEBUG_DAEMON("%s %s : Upstream stats - Resp=%d,Timeouts=%d,Best_auth=%s,Conns=%d\n",
|
||||
DEBUG_DAEMON("%s %s : Upstream stats - Resp=%d,Timeouts=%d,Transport=%s,Best_auth=%s\n",
|
||||
STUB_DEBUG_DAEMON, upstream->addr_str,
|
||||
(int)upstream->total_responses, (int)upstream->total_timeouts,
|
||||
getdns_auth_str_array[upstream->best_tls_auth_state],
|
||||
(int)upstream->conn_completed);
|
||||
DEBUG_DAEMON("%s %s : Upstream stats - Conn_fails=%d,Conn_shutdowns=%d,Backoffs=%d\n",
|
||||
(upstream->transport == GETDNS_TRANSPORT_TLS ? "TLS" : "UDP/TCP"),
|
||||
getdns_auth_str_array[upstream->best_tls_auth_state]);
|
||||
DEBUG_DAEMON("%s %s : Upstream stats - Conns=%d,Conn_fails=%d,Conn_shutdowns=%d,Backoffs=%d\n",
|
||||
STUB_DEBUG_DAEMON, upstream->addr_str,
|
||||
(int)upstream->conn_setup_failed,
|
||||
(int)upstream->conn_completed, (int)upstream->conn_setup_failed,
|
||||
(int)upstream->conn_shutdowns, (int)upstream->conn_backoffs);
|
||||
|
||||
#endif
|
||||
|
||||
/* Back off connections that never got up service at all (probably no
|
||||
|
|
|
|||
Loading…
Reference in New Issue