DelphinusDNS Blog

(the latest about delphinusdnsd)

Previous Page

Delphinusdnsd 1.4.1 released

February 4th, 2020

This is a fix for Linux platform. From the commit log on the STABLE_1.4 branch:

This is the first STABLE_1_4 commit leading to release 1.4.1, changes:

-replace linux's TAILQ macros with libbsd's
-replace TAILQ_FOREACH for linux with libbsd's TAILQ_FOREACH_SAFE
-increase buffer buf in struct tcpentry by 1 more byte to prevent possible
-change lookup_zone to take another argument to indicate size of buffer
-remove length variable in tcploop to squelch warning
-replace a casting pointer with an unpack16() in tcploop
-fix formatting of serial log in raxfr.c (this fixes my output in linux).

This effort fixes formatting and crashes on Linux/arm and fixes a general
off-by-one (not sure if it's exploitable).
Hope this will be OK, the downloads are available all I have left to do is signify the SHA256.sig file (will be done shortly). Enjoy.


Self Interview: An Open Source Project after 2005 AD

January 31st, 2020

What tools did I use? What experience did I have to have?
When I started writing wildcarddnsd/delphinusdnsd I had 10 years of experience with the UN*X Operating System. I had a lot of sysadmin experience and some C programming experience. I started in 2005 (it was autumn) originally the source code was checked in at sourceforge I believe. I personally felt I was "ready" to lay down this code.

UNIX tools I used to write and debug delphinusdnsd

  • vi - to enter the code from scratch (lots of fun!)
  • tcpdump - to debug answers that delphinusdnsd gives
  • hexdump - to debug dddctl's signing functions
  • less/more - to paginate outputs and to look at zonefiles and code
  • gdb - to debug crashes
  • irssi - to share my enjoyment of writing on a DNS server on IRC and to get support from people who have already done so.
  • BSD - what I started using to write delphinusdnsd, up to this day
  • Linux - what I ported delphinusdnsd to, up to this day
  • make - to execute the makefiles which executed the compiler, assembler and linker.
  • dig - used mostly to query the server
  • drill - used on FreeBSD instead of dig
  • ldns-tools - helped a lot finding problems with the DNSSEC code
  • Other DNS servers (BIND,nsd) - to compare their output from mine.

Literature used
Countless books about DNS, Unix network programming and YACC guided me along the way, 10 years experience with UN*X OS's in 2005 started me on this journey.

It's 2020 now, why did I decide to keep doing this?
I have put 15 years under my belt with this, I intend to do another 15 (god willing). It is a lot of fun steering my own project.

If I could turn back time would I do it again?


Why was 1.3.0 an oddball release?

January 31st, 2020

1.3.0 was an oddball release because I applied to funding from the federal german government in a program called, shifting the release date early by half a year. I didn't get selected with delphinusdnsd. Meaning, I paid out of my own pocket to work on version 1.4.0 and 1.4.1 (January 2019 through February 2020). In 2018 between summer and christmas I had another project (OpenBSD powerpc64 port which ultimately failed) while waiting on the selection results of prototypefund. All releases before 1.3.0 were also constructed from my spare time as I could find it. I'm glad 1.4.X is out and I'm looking forward to programming on 1.5.0 (expected to be released in late December). Someone I met is working on an OpenBSD port for me and I'm looking forward to featuring him on the Credits section of the site once the work is committed at OpenBSD. The porting work is no easy feat and I'm glad someone is doing this for me.


Delphinusdnsd 1.4.1 to be released in February

January 26th, 2020

I believe the fixes I made to delphinusdnsd (on linux) were good. I'm going to backport the code to the STABLE_1_4 branch soon and then tag it RELEASE_1_4_1. I'm gonna run the code as it is now for another week on the particular Linux computer that had problems throughout december and early january and if I don't see any more crashes then it's a done deal. Sorry for inconveniences. This I believe did not affect BSD versions of this code, only Linux although and off-by-one was fixed (I think), that should have impact on all platforms.


Something is wrong with delphinusdnsd 1.4 (on linux)

January 9th, 2020

Sorry to bring these bad news... I have noticed segfaults on Linux but not on OpenBSD, in the TCP engine (tcploop()). I have for the time being reinstalled nsd on the linux replicant and I'll have to see what's causing this. I know of one possible off-by-one buffer overflow but I couldn't exploit it with my test program. I'm still looking. I suspect that the problem may be with the linux TAILQ macros as I remove a member from the tailq and it wasn't _SAFE (which is only found in libbsd) so there is some room for corruption there. I'll look at replacing the TAILQ macros with their libbsd equivalents for 1.5.0 and possibly backport it to 1.4.1. Still deciding what to do and how to it correctly. I haven't seen the OpenBSD delphinusdnsd with this behaviour, and that is what I care most about.


Delphinusdnsd 1.4.0 Released

January 2nd, 2020

I have released delphinusdnsd 1.4.0. More info is found in the news.html entry. I'd like to thank everyone that contributed to this release (special thanks to FreeLogic and PiRATA).


Recent modification fixes answers for PowerDNS recursors

December 27th, 2019

Revision 1.98 of reply.c does more reply length checks and truncates when appropriate. Before it gave weird answers because it excluded RRSIG's and fit NSEC3's which was bogus. PowerDNS recursor noticed this as bogus and would mark all zones on those nameserver as bogus (as tested). Of course PowerDNS was right in this, and my code was wrong. Much thanks to Peng_ in #dns on freenode who helped me debug this problem.


1.4.0 Release in January after all

December 26th, 2019

I found some problems with delphinusdnsd and I'd like a week of testing before tagging it a release. I'm hoping for a release around or on January 2nd, 2020.


Last patch was wrong

December 22th, 2019

Sorry to bother you again, the last patch was wrong, I had edited the article directly but you wouldn't see it if you didn't reload it. Here it is again.

1 comment

Security problem identified

December 22nd, 2019

Here is a patch, if you're using the daemon. Unfortunately this won't be available until the release day. I'm mindsearching if I'm going to put this release off until next year (2020).


Next Page


RSS Feed

Click here for RSS

On this day in

Other links

Have feedback?

By clicking on the header of an article you will be served a cookie. If you do not agree to this do not click on the header. Thanks!

Using a text-based webbrowser?

... such as lynx? Welcome back it's working again for the time being.

Older Blog Entries

Powered by BCHS