* * Remove STARTTLS implementation (no change to SPEC) * Enable TCP Fast Open when possible. Add OSX support for TFO. * Rename return_call_debugging to return_call_reporting * 2015-11-18: Version 0.5.1 * Bugfix: growing upstreams arrow. * Bugfix: Segfault on timeout in specific conditions * Bugfix: install getdns_extra.h from build location * Bugfix: Don't let cookies overwrite existing EDNS0 options * Don't link libdl * The EDNS(0) Padding Option (draft-mayrhofer-edns0-padding). When using DNS over TLS, query sizes will be padded to multiples of a block size given with: getdns_context_set_tls_query_padding_blocksize() * An EDNS client subnet private option, that will ask a EDNS client subnet aware resolver to not reveal any details about the originating network. See: draft-ietf-dnsop-edns-client-subnet Set with: getdns_context_set_edns_client_subnet_private() * The return_call_debugging extension. The extension will also return the transport used on top of the information about the request which is described in the API spec. * A dnssec_roadblock_avoidance extension. When set, the library will work in stub resolution mode and try to get a by DNSSEC validation assessed answer. On BOGUS answers the library will retry rescursive resolution mode. This is the simplest form of passive roadblock detection and avoidance: draft-ietf-dnsop-dnssec-roadblock-avoidance. Use the --enable-draft-dnssec-roadblock-avoidance option to configure to compile with this extension. * 2015-10-29: Version 0.5.0 * Native crypto. No ldns dependency anymore. (ldns still necessary to be able to run tests though) * JSON pointer arguments to getdns_dict_get_* and getdns_dict_set_* to dereference nested dicts and lists. * Bugfix: DNSSEC code finding zone cut with redirects + pursuing unsigned DS answers close to the root. Thanks Theogene Bucuti! * Default port for TLS changed to 853 * Unofficial extension to the API to allow TLS hostname verification to be required for stub mode when using only TLS as a transport. When required a hostname must be supplied in the 'hostname' field of the upstream_list dict and the TLS cipher suites are restricted to the 4 AEAD suites recommended in RFC7525. * 2015-09-09: Version 0.3.3 * Fix clearing upstream events on shutdown * Fix dnssec validation of direct CNAME queries. Thanks Simson L. Garfinkel. * Fix get_api_information():version_string also for release candidates * 2015-09-04: Version 0.3.2 * Fix returned upstreams list by getdns_context_get_api_information() * Fix some autoconf issues when srcdir != builddir * Fix remove build date from manpage version for reproducable builds * Fix transport fallback issues plus transport fallback unit test script * Fix string bindata's need not contain trailing zero byte * --enable-stub-only configure option for stub only operation. Stub mode will be the default. Removes the dependency on libunbound * --with-getdns_query compiles and installs the getdns_query tool too * Fix assert on context destruction from a callback in stub mode too. * Use a thread instead of a process for running the unbound event loop. * 2015-07-18: Version 0.3.1 * Fix repeating rdata fields * 2015-07-17: Version 0.3.0 * Unit test for spurious execute bits. Thanks Paul Wouters. * Added new transport list options in API. The option is now an ordered list of GETDNS_TRANSPORT_UDP, GETDNS_TRANSPORT_TCP, GETDNS_TRANSPORT_TLS, GETDNS_TRANSPORT_STARTTLS. * Added new context setting for idle_timeout * CSYNC RR type * EDNS0 COOKIE option code set to 10 * dnssec_return_validation_chain for negative and insecure responses. * dnssec_return_validation_chain return a single RRSIG on each RRSET (whenever possible) * getdns_validate_dnssec() accept replies from the replies_tree * getdns_validate_dnssec() asses negative and insecure responses. * Native stub dnssec validation * Implemented getdns_context_set_dnssec_trust_anchors() * Switch freely between stub and recursive mode * getdns_query -k shows default trust anchors * functions and defines to get library and API versions in string and numeric values: getdns_get_version(), getdns_get_version_number(), getdns_get_api_version() and getdns_get_api_version_number() * 2015-05-21: Version 0.2.0 * Fix libversion numbering: Thanks Daniel Kahn Gillmor * run_once method for the libevent extension * autoreconf -fi on FreeBSD always, because of newer libtool version suitable for FreeBSD installs too. Thanks Robert Edmonds * True asynchronous processing of the new TLS transport options * GETDNS_TRANSPORT_STARTTLS_FIRST_AND_FALL_BACK_TO_TCP_KEEP_CONNECTIONS_OPEN transport option. * Manpage fixes: Thanks Anthony Kirby * 2015-04-19: Version 0.1.8 * The GETDNS_TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN and GETDNS_TRANSPORT_TLS_FIRST_AND_FALL_BACK_TO_TCP_KEEP_CONNECTIONS_OPEN DNS over TLS transport options. * 2015-04-08: Version 0.1.7 * Individual getter functions for context settings * Fix: --with-current-date function to make build deterministically reproducible (i.e. the GETDNS_COMPILATION_COMMENT define from getdns.h contains a date value). Thanks Ondřej Surý * Fix: Include m4 dir in distribution tarball * Fix: Link build requirements in tests too. Thanks Ondřej Surý * Fix: Remove executable flags on source files. Thanks Paul Wouters * Fix: Return "just_address_answers" only when queried for addresses * Eliminate ldns intermediate wireformat parsing * The CSYNC RR type * Fix: canonical_name in response dict returns the canonical name found after following all CNAMEs * Implementation of the section 6 and 7 version of draft-ietf-dnsop-cookies-01.txt for stub resolution. Enable with the --enable-draft-edns-cookies option to configure. Use it by setting the edns_cookies extension to GETDNS_EXTENSION_TRUE. * Pretty printing of lists with: char *getdns_pretty_print_list(getdns_list *list) * Output to json format with: char * getdns_print_json_dict(const getdns_dict *some_dict, int pretty); char * getdns_print_json_list(const getdns_list *some_list, int pretty); * snprintf style versions of the dict, list and json print functions. * Better random number generation with OpenBSD's arc4random * Let getdns_address schedule the AAAA query first. This results in AAAA being the first in the just_address_answers sections of the response dict. * New context update callback function to also return a user given argument along with the context and which item was changed. Thanks Scott Hollenbeck. * Demotivate use of getdns_strerror and expose getdns_get_errorstr_by_id. Thanks Scott Hollenbeck. * A getter for context update callback, to allow for chaining update callbacks. * 2015-01-16: Version 0.1.6 * Fix: linking against libev on FreeBSD * Fix: Let configure report problem on FreeBSD when configuring with libevent and libunbound <= 1.4.22 is not compiled with libevent. * Fix: Build on Mac OS-X * Fix: Lintian errors in manpages * Better libcheck detection * Better portability with UNIX systems * 2014-10-31: Version 0.1.5 * Unit tests for transport settings * Fix: adhere to set maximum UDP payload size * API change: when no maximum UDP payload size is set, outgoing values will adhere to the suggestions in RFC 6891 and may follow a scheme that uses multiple values to maximize receptivity. * Stub mode use 1232 maximum UDP payload size when connecting to an IPv6 upstreams and 1432 with an IPv4 upstream. * Evaluate namespaces (or not) on a per query basis * GETDNS_NAMESPACE_LOCALNAMES namespace now gives just_address_answers only and does not mimic a DNS packet answer anymore * The add_opt_parameters extension * IPv6 scope_id support with link-local addresses. Both with parsing /etc/resolv.conf and by providing them explicitly via getdns_context_set_upstream_recursive_servers * Query for A and AAAA simultaneously with return_both_v4_and_v6 * GETDNS_TRANSPORT_TCP_ONLY_KEEP_CONNECTIONS_OPEN DNS transport * Fix: Answers without RRs in query secion (i.e. REFUSED) * Fix: Return empty response dict on timeout in async mode too * Move spec examples to spec subdirectory * Fix issue#76: Setting UDP Payload size below 512 should not error * Fix: Include OPT RR in response dict always (even without options) * TCP Fast open support (linux only). Enable with the --enable-tcp-fastopen configure option * Bump library version because of binary API change * 2014-09-03: Version 0.1.4 * Synchronous resolves now respect timeout setting, * On timeout *_sync functions now return GETDNS_RETURN_GOOD and a response dict with "status" GETDNS_RESPSTATUS_ALL_TIMEOUT> * Fix issue#50: getdns_dict_remove_name returns GETDNS_RETURN_GOOD on success. * Fix Issue#54: set_ub_dns_transport() not working * Fix Issue#49: Typo in documentation (thanks Stephane Bortzmeyer) * getdns_context_set_limit_outstanding_queries(), getdns_context_set_dnssec_allowed_skew() and getdns_context_set_edns_maximum_udp_payload_size() now working * _unknown rdata field for unknown or unsupported RR types * Temporarily disable timeout unit test 3 because of unpredictable results * Spec updated to version 0.507 * Renamed "resolver_type" to "resolution_type" in dict returned from getdns_context_get_api_information() * Added GETDNS_RESPSTATUS_ALL_BOGUS_ANSWERS return code for with the dnssec_return_only_secure extension * Added support for CDS and CDNSKEY RR types, but needs ldns > 1.6.17 to be able to parse the wire format (not released yet at time of writing) * Added OPENPGPKEY RR type, but no rdata fields implementation yet * Updated spec to version 0.508 (September 2014) * Also chase NSEC and NSEC3 RRSIGs with dnssec_return_validation_chain * 2014-06-25: Version 0.1.3 * libtool chage, remove -release, added -version-info * Update specification to the June 2014 version (0.501) * 2014-06-02: Version 0.1.2 * Fixed rdata fields for MX * Expose only public API symbols * Updated manpages * specify_class extension * Build from separate build directory * Anticipate libunbound not returning the answer packet * Pretty print bindata's representing IP addresses * Anticipate absense of implicit DSO linking * Mention getdns specific options to configure in INSTALL Thanks Paul Hoffman * Mac OSX package built instructions for generic user in README.md Thanks Joel Purra * Fixed build problems on RHEL/CentOS due using libevent 1.x * 2014-03-24 : Version 0.1.1 * default to NOT build extensions (libev, libuv, libevent), handle --with/--without options to configure for them * Fixed some build/make nits * respect configure --docdir=X * Documentation/man page updates * Fix install and cpp guards in getdns_extra.h * Add method to switch between threads and fork mode for unbound * Fixes for libuv integration (saghul) * Fixes for calling getdns_destroy_context within a callback * Fixed signal related defines/decls * 2014-02-25 : Version 0.1.0 * Initial public release of the getdns API