A C library for asynchronous DNS requests (grpc依赖)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
Brad House 8d360330a5
Probe for failed servers instead of redirecting query (#877)
4 months ago
.github Fix Sysconfig ndots default value and add test case (#862) 5 months ago
.reuse Move FUZZING.md to the top level 5 months ago
LICENSES Apple: reimplement DNS configuration reading (#750) 9 months ago
ci CI: Make Msys2 builds act more like unix builds (#830) 6 months ago
cmake remove unneeded warning disablement 7 months ago
docs Probe for failed servers instead of redirecting query (#877) 4 months ago
include More modularization for sockets/connections (#876) 4 months ago
m4 Autotools: rework to simplify and fix recent issues (#674) 1 year ago
src Probe for failed servers instead of redirecting query (#877) 4 months ago
test Probe for failed servers instead of redirecting query (#877) 4 months ago
.cirrus.yml CI: Move more to GitHub actions including Containers (#842) 6 months ago
.clang-format clang-format: fix structure alignment 1 year ago
.gitattributes recursive git attributes 1 year ago
.gitignore gitignore: ignore .dirstamp (#868) 5 months ago
AUTHORS Avoid buffer overflow in RC4 loop comparison (#336) 5 years ago
CMakeLists.txt MSVC: Force different PDB names for different targets (#870) 5 months ago
CONTRIBUTING.md update base README 8 months ago
DEVELOPER-NOTES.md update base README 8 months ago
FEATURES.md Probe for failed servers instead of redirecting query (#877) 4 months ago
FUZZING.md Move FUZZING.md to the top level 5 months ago
GIT-INFO Avoid buffer overflow in RC4 loop comparison (#336) 5 years ago
INSTALL.md update some build instructions 7 months ago
LICENSE.md don't put a heading on the license 7 months ago
Makefile.Watcom Expose library/utility functions to tools (#860) 5 months ago
Makefile.am msvc Makefiles: Remove support for MSVC 6 and 7 since we can't target legacy Windows versions supported by those compilers anymore 6 months ago
Makefile.dj Expose library/utility functions to tools (#860) 5 months ago
Makefile.m32 Expose library/utility functions to tools (#860) 5 months ago
Makefile.msvc Expose library/utility functions to tools (#860) 5 months ago
Makefile.netware remove unused SEND_QUAL_ARG2 7 months ago
README.md Feature Documentation (FEATURES.md) 5 months ago
README.msvc remove acountry from built tools as nerd.dk is gone (#554) 1 year ago
RELEASE-NOTES.md release-1.33.1 (#864) 5 months ago
RELEASE-PROCEDURE.md release procedure: make commands cut and paste-able as a whole 6 months ago
SECURITY.md Use gender-neutral language in SECURITY.md (#746) 9 months ago
appveyor.yml Reorganize source tree (#822) 6 months ago
buildconf provide SPDX identifiers and a REUSE CI job to verify 2 years ago
buildconf.bat provide SPDX identifiers and a REUSE CI job to verify 2 years ago
c-ares-config.cmake.in provide SPDX identifiers and a REUSE CI job to verify 2 years ago
configure.ac release-1.33.1 (#864) 5 months ago
libcares.pc.cmake CMake pkg-config windows: fix static library options 5 months ago
libcares.pc.in attempt to fix pkgconfig on windows for static builds 12 months ago
sonar-project.properties SonarCloud: Fix additional code smells 1 year ago

README.md

c-ares logo

Build Status Windows Build Status Coverage Status CII Best Practices Fuzzing Status Bugs Coverity Scan Status

Overview

c-ares is a modern DNS (stub) resolver library, written in C. It provides interfaces for asynchronous queries while trying to abstract the intricacies of the underlying DNS protocol. It was originally intended for applications which need to perform DNS queries without blocking, or need to perform multiple DNS queries in parallel.

One of the goals of c-ares is to be a better DNS resolver than is provided by your system, regardless of which system you use. We recommend using the c-ares library in all network applications even if the initial goal of asynchronous resolution is not necessary to your application.

c-ares will build with any C89 compiler and is MIT licensed, which makes it suitable for both free and commercial software. c-ares runs on Linux, FreeBSD, OpenBSD, MacOS, Solaris, AIX, Windows, Android, iOS and many more operating systems.

c-ares has a strong focus on security, implementing safe parsers and data builders used throughout the code, thus avoiding many of the common pitfalls of other C libraries. Through automated testing with our extensive testing framework, c-ares is constantly validated with a range of static and dynamic analyzers, as well as being constantly fuzzed by OSS Fuzz.

While c-ares has been around for over 20 years, it has been actively maintained both in regards to the latest DNS RFCs as well as updated to follow the latest best practices in regards to C coding standards.

Code

The full source code and revision history is available in our GitHub repository. Our signed releases are available in the release archives.

See the INSTALL.md file for build information.

Communication

Issues and Feature Requests should be reported to our GitHub Issues page.

Discussions around c-ares and its use, are held on GitHub Discussions or the Mailing List. Mailing List archive here. Please, do not mail volunteers privately about c-ares.

Security vulnerabilities are treated according to our Security Procedure, please email c-ares-security at haxx.se if you suspect one.

Release keys

Primary GPG keys for c-ares Releasers (some Releasers sign with subkeys):

To import the full set of trusted release keys (including subkeys possibly used to sign releases):

gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 27EDEAF22F3ABCEB50DB9A125CC908FDB71E12C2 # Daniel Stenberg
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys DA7D64E4C82C6294CB73A20E22E3D13B5411B7CA # Brad House

Verifying signatures

For each release c-ares-X.Y.Z.tar.gz there is a corresponding c-ares-X.Y.Z.tar.gz.asc file which contains the detached signature for the release.

After fetching all of the possible valid signing keys and loading into your keychain as per the prior section, you can simply run the command below on the downloaded package and detached signature:

% gpg -v --verify c-ares-1.29.0.tar.gz.asc c-ares-1.29.0.tar.gz
gpg: enabled compatibility flags:
gpg: Signature made Fri May 24 02:50:38 2024 EDT
gpg:                using RSA key 27EDEAF22F3ABCEB50DB9A125CC908FDB71E12C2
gpg: using pgp trust model
gpg: Good signature from "Daniel Stenberg <daniel@haxx.se>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 27ED EAF2 2F3A BCEB 50DB  9A12 5CC9 08FD B71E 12C2
gpg: binary signature, digest algorithm SHA512, key algorithm rsa2048

Features

See Features

Supported RFCs and Proposals

  • RFC1035. Initial/Base DNS RFC
  • RFC2671, RFC6891. EDNS0 option (meta-RR)
  • RFC3596. IPv6 Address. AAAA Record.
  • RFC2782. Server Selection. SRV Record.
  • RFC3403. Naming Authority Pointer. NAPTR Record.
  • RFC6698. DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol. TLSA Record.
  • RFC9460. General Purpose Service Binding, Service Binding type for use with HTTPS. SVCB and HTTPS Records.
  • RFC7553. Uniform Resource Identifier. URI Record.
  • RFC6844. Certification Authority Authorization. CAA Record.
  • RFC2535, RFC2931. SIG0 Record. Only basic parser, not full implementation.
  • RFC7873, RFC9018. DNS Cookie off-path dns poisoning and amplification mitigation.
  • draft-vixie-dnsext-dns0x20-00. DNS 0x20 query name case randomization to prevent cache poisioning attacks.
  • RFC7686. Reject queries for .onion domain names with NXDOMAIN.
  • RFC2606, RFC6761. Special case treatment for localhost/.localhost.
  • RFC2308, RFC9520. Negative Caching of DNS Resolution Failures.
  • RFC6724. IPv6 address sorting as used by ares_getaddrinfo().
  • RFC7413. TCP FastOpen (TFO) for 0-RTT TCP Connection Resumption.