dns
src
Our great sponsors
dns | src | |
---|---|---|
8 | 745 | |
7,740 | 3,036 | |
- | 1.2% | |
7.7 | 10.0 | |
about 13 hours ago | about 22 hours ago | |
Go | C | |
BSD 3-clause "New" or "Revised" License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
dns
-
Wrote a CLI tool to check DNS configurations quickly (an alternative to dig)
The heavylifting is done by this package: https://github.com/miekg/dns.
-
Why do clients ask the authoritive nameserver what is NS-records are?
Apart from `dig`, clients like https://github.com/miekg/dns show the same behavior.
-
Book recommendations for network programming
For the DNS i wrote a PiHole clone, which on the core it uses github.com/miekg/dns, to upstream queries and also to handle the custom entries, i've been wanting to publish that project but haven't done so cause the code is a bit messy since i did it as a PoC mostly, when comparing it to pihole it has the advantage that its really resource light mostly on the admin features, the dns resolving performs pretty much the same.
- DNS Library in Go
-
fastdns - fast dns server for go (alpha stage)
coredns uses github.com/miekg/dns under the hood
-
How to unit test net.Resolver?
You can do the same with net.Resolver, either by just setting it's Dial function (and PreferGo=true). You can use https://pkg.go.dev/golang.org/x/net/dns/dnsmessage or https://github.com/miekg/dns to implement an in-process server, either over TCP/UDP or skipping real networking completely, just like you can do with https://golang.org/pkg/net/http/httptest
-
Go 1.16 will make system calls through Libc on OpenBSD
Had a similar problem a couple years ago where I needed to use alternative DNS libraries to troubleshoot issues in a company's infrastructure.
Golang's rules for what implementation to use are found here: https://golang.org/pkg/net/#hdr-Name_Resolution
A really solid alternative DNS client implementation can be found here: https://github.com/miekg/dns. Real easy to read and vet compared to a few other libraries I ran into when working on this problem.
src
-
OpenBSD Upgrade 7.3 to 7.4
The OpenBSD project released 7.4 of their OS on 16 Oct 2023 as their 55th release 💫
-
OpenBSD System-Call Pinning
Well since https://www.openbsd.org/ still says
> Only two remote holes in the default install, in a heck of a long time!
I'm assuming not, but I could always be mistaken.
- Project Bluefin: an immutable, developer-focused, Cloud-native Linux
-
From Nand to Tetris: Building a Modern Computer from First Principles
> building a cat from scratch
> That would be an interesting project.
Here is the source code of the OpenBSD implementation of cat:
> https://github.com/openbsd/src/blob/master/bin/cat/cat.c
and here of the GNU coreutils implementation:
> https://github.com/coreutils/coreutils/blob/master/src/cat.c
Thus: I don't think building a cat from scratch or creating a tutorial about that topic is particularly hard (even though the HN audience would likely be interested in it). :-)
-
OpenBSD – pinning all system calls
> I don't know how they define `MAX`, but I'm guessing it's a typical "a>b?a:b"
Indeed: https://github.com/openbsd/src/blob/master/sys/sys/param.h#L...
> Then `SYS_kbind` seems to be a signed int.
It's an untyped #define: https://github.com/openbsd/src/blob/master/sys/sys/syscall.h...
I believe your whole analysis is correct, that running an elf file with an openbsd.syscalls entry with .sysno > INT_MAX will allow an out-of-bounds write.
- Une nouvelle mise à jour de Systemd permettra à Linux de bénéficier de l'infâme "écran bleu de la mort" de Windows, mais la fonctionnalité a reçu un accueil très mitigé
-
tmux causing ANSI color-response garbage on attaching?
I can reproduce it. And this is the commit that causes the issue: https://github.com/openbsd/src/commit/d21788ce70be80e9c4ed0c52c149e01147c4a823
-
Sudo-rs' first security audit
This doesn’t really change your conclusion, but I think that’s the wrong file. This is the real doas afaict: https://github.com/openbsd/src/blob/master/usr.bin/doas/doas...
Still just a tidy 1072 lines in that folder though.
I spent 5 minutes staring at your file trying to understand how on earth it does the things in the man page, but of course it doesn’t.
-
OpenBSD: Removing syscall(2) from libc and kernel
OpenBSD developers are making serious effort to kill off indirect syscalls, the base system is completely clean, take a look at the work Andrew Fresh did to adapt Perl. He write a complete syscall "dispatcher" or emulator for the Perl syscall function so that it calls the libc stubs.
https://github.com/openbsd/src/commit/312e26c80be876012ae979...
The ports tree is also being cleansed of syscall(2) usage, until they're all gone.
msyscall, pinsyscall, recent mandatory IBT/BTI, xonly. OpenBSD is making waves, but people aren't really seeing them yet.
-
"<ESC>[31M"? ANSI Terminal security in 2023 and finding 10 CVEs
Actually, I got it wrong, too many vulnerabilities in flight. They did fix it: https://github.com/openbsd/src/commit/375ccafb2eb77de6cf240e...
What are some alternatives?
gopacket - Provides packet processing capabilities for Go
cosmopolitan - build-once run-anywhere c library
llb
bastille - Bastille is an open-source system for automating deployment and management of containerized applications on FreeBSD.
arp - Package arp implements the ARP protocol, as described in RFC 826. MIT Licensed.
buttersink - Buttersink is like rsync for btrfs snapshots
ftp - FTP client package for Go
PHPT - The PHP Interpreter
quic-go - A QUIC implementation in pure Go
Joomla! - Home of the Joomla! Content Management System
kcptun - A Stable & Secure Tunnel based on KCP with N:M multiplexing and FEC. Available for ARM, MIPS, 386 and AMD64。N:M 多重化と FEC を備えた KCP に基づく安定した安全なトンネル。 N:M 다중화 및 FEC를 사용하는 KCP 기반의 안정적이고 안전한 터널입니다. Un tunnel stable et sécurisé basé sur KCP avec multiplexage N:M et FEC.
ctl - The C Template Library