Announce: udns 0.1 is released
Abhijit Pandey
abhijpandey at gmail.com
Tue Dec 28 02:12:54 MSK 2010
Great to see, it still is being maintained.
Abhijit
On Mon, Dec 27, 2010 at 12:03 PM, Michael Tokarev <mjt at tls.msk.ru> wrote:
> The version 0.1. of small dns client (stub) resolver library
> has been released, after more than 3 years of inactivity.
>
> The library is available at the usual location, see the homepage
> at http://www.corpit.ru/mjt/udns.html .
>
> This is the first "alpha" release, numbered 0.1 - first release
> with just two numbers in the version. All previous versions
> were "preview" releases, with number strings in form 0.0.n.
>
> There isn't many changes between the latest 0.0.9 version
> and the newly announced 0.1 version. Here's the brief of
> the changes, also available in the NEWS document:
>
> 0.1 (Dec 2010)
>
> - bugfix: udns_new(old) - when actually cloning another context -
> makes the new context referencing memory from old, which leads
> to crashes when old is modified later
>
> - use random queue IDs (the 16bit qID) in queries instead of sequentional
> ones, based on simple pseudo-random RNG by Bob Jenkins (udns_jran.[ch]).
> Some people believe that this improves security (CVE-2008-1447). I'm
> still not convinced (see comments in udns_resolver.c), but it isn't
> difficult to add after all.
>
> - deprecate dns_random16() function which was declared in udns.h
> (not anymore) but never documented. In order to keep ABI compatible
> it is still exported.
>
> - library has a way now to set query flags (DNS_SET_DO; DNS_SET_CD).
>
> - dnsget now prints non-printable chars in all strings in DNS RRs using
> decimal escape sequences (\%03u) instead of hexadecimal (\%02x) when
> before - other DNS software does it like this.
>
> - recognize a few more record types in dnsget, notable some DNSSEC RRs;
> add -f option for dnsget to set query flags.
>
> - udns is not a Debian native package anymore (was a wrong idea)
>
>
> The most important and long-discussed change is the queue ID
> randomization. I'm still against this change since it is nothing
> more but a false sense of security, but many users asked for this
> change, and it wasn't a big deal to implement it, so here we go.
>
> I mentioned in the past that I want to change API of the library.
> After some thinking I can now declare that it is easy to implement
> these changes without breaking current API, but by adding the new
> API to be available in parallel with the current one. The API
> change was my main showstopper for the 0.1 release, so now it's
> gone.
>
> As can be seen from the NEWS section above, there's just one
> bugfix change, fixing a very rarely used codepath (cloning an
> existing dns_ctx structure). Other than that, there's no known
> programming bugs in the library, despite the more-than-3-year
> delay between previous 0.0.9 and current 0.1 releases.
>
> So here goes the 0.1 version.
>
> Debian packages for it are available from the home page too.
>
> Enjoy!
>
> /mjt
> _______________________________________________
> udns mailing list
> udns at corpit.ru
> http://www.corpit.ru/mailman/listinfo/udns
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.corpit.ru/pipermail/udns/attachments/20101227/2b034702/attachment.html>
More information about the udns
mailing list