Consulting djbware Publications


State-of-the-art C routines provided as easy-to-use library for Internet services.

Scope: What are the fehQlibs?

The software of Dan Bernstein (qmail, ucspi-tcp, djbdns) include supplementary C routines which obsoletes the usage of C's STDIO lib while replacing those by some safer implementations, in particular for string handling.

All this material is now public domain and the fehQlibs provide a basic framework for byte, string, I/O, socket, and IPv4/IPv6 handling in addition with the constant database cdb together with dnsstub resolver routines for Internet services applying the same or an even enhanced API.

The approach includes two main archives

simply to be linked (statically) with some IP applications without the hustle to care about the implemtation basics, header files, and potential bugs in here. Applications can focus on their duty and don't need to re-implement the basics.

The fehQlibs don't include any application routines but rather can be compiled and installed on most Unix system; serving as library only. Different from Dan Bernstein's implementation is the IPv6 conformance throughout and the error/log message interface.

The included dnsresolv stub library supports full IPv6 capabilities though without encryption.

History: Some background

Dan Bernstein used a series of own developed C routines as a replacement of the buggy and occassionally bloated C-library. Additional programs were included, providing services for a Constant Database (cdb), IPv4 address parsing and manipulation, IPv4 sockets and a DNS stub resolver.

These programs are kept stable and functioning over several software products Dan released over the years. However, some changes did occure, namely the use of buffer instead of substdio providing some better abstraction.

Felix von Leitner (and probably many others) used those routines as base for own releases, now put under the GNU license scheme (libowfat, djblib) and extending it's functionality significantly while including IPv6 support.

Kai Peter published an own djblib clone qlibs which was the starting point of fehQlibs. Given my previous experiences with Dan's routines, my objectives are to provide a clean socket interface for IPv4/IPv6 without the often needed case decisions. In addition, the dnsstub resolver has been upgraded to support IPv6 Link-local addresses (LLU) together with all the other IPv6 routines; allowing an additional interface-index to be included.

My attempt to use fehQlibs in version 10 for the forthcoming s/qmail based on those, required some additional enhancements, in particular for the dns stub resolver routines. The original qmail code uses the standards BIND API; unlike the more 'modern' SW packages of DJB. The current version of fehQlibs include these changes, though making it slightly incompatibel with previous versions given the DNS return codes.

Given its current '19'th implementation the fehQlibs are 'mature' now to work in any environment; even with disabled IPv6 in the kernel.

Implementation: The details

The fehQlibs - though functionally complete - are in particular suited for devices with little resources only, IoT devices in particular. On the other hand, they perform extremely well for larger projects.

The following is the exhaustive list of '*.c' routines to be compiled provided by scope:

Scope C routines
Storage alloc.c
Byte handling/ manipulation byte.c, uint16p.c, uint32p.c, uint64p.c, uint128p.c
String handling/ manipulation case.c, scan.c, str.c, ,stralloc.c, fmt.c
Input/output handling buffer.c, fd.c, getln.c, getoptb.c, open.c, seek.c, readclose.c
IP address handling/ manipulation ip4.c, ip6.c
Socket routines socket_bind.c, socket_connect.c socket_if.c socket_info.c socket_recv.c socket_send.c, socket_setup.c, socket_tcp.c socket_udp.c
Network communication timeout.c, timoutconn.c
Interprocess communication iopause.c, lock.c ndelay.c pathexec.c, sig,c, wait.c
Databases constmap.c, cdbmake.c, cdbread.c
Time routines tai.c, taia.c
Logging errstr.c, logmsg.c
DNS stub routines dns_ip.c, dns_cname.c, dns_name.c, dns_txt.c, dns_mx.c
DNS low level routines dns_dfd.c, dns_domain.c, dns_dtda.c, dns_ipq.c, dns_nd.c, dns_packet.c, dns_random.c, dns_resolve.c, dns_rcip.c, dns_rcrw.c, dns_sortip.c, dns_transmit.c
System/user interaction prot.c


Currently, there isn't much documentation about fehQlibs except for the embedded one:

Man pages

alloc buffer byte case constmap
cdbread, cdbmake dns dnsstub env error
fd fmt getln getoptb iopause
ip4 ip6 logmsg pathexec scan
socket_bind socket_connect socket_if socket_info socket_recv
socket_send socket_setup socket_tcp socket_udp str
stralloc taia timeout timeoutconn wait


You may want to read my (little outdated) presentions:

Download & Installation


Version & Download Description Verification
fehQlibs-23 fehQlibs 23 includes a new function stralloc_free() used by djbdnscurve6 for long running services. MD5 (fehQlibs-23.tgz) = e3eb433a40aff16ad1da754c6a0d5261:
Build: 20230916182859
fehQlibs-22a fehQlibs 22 includes a change for ip(x)_bytestring required for djbdnscurve6-44 and a small improvement for IPv4 DNS lookup given special addresses MD5 (fehQlibs-22a.tgz) = 66747dc73361e914aabef58baafbab22
Build: 20230324181356
fehQlibs-21 fehQlibs 21 includes only minor changes and enhancements. MD5 (fehQlibs-21.tgz) = c8034c1436b7f82df700e2f705b9e79d
Build: 20221224164255
fehQlibs-20 fehQlibs 20 incorporates dns_txt.c from djbdnscurv6-43 in order to successfully extract DKIM's pubkey from DNS. MD5 (fehQlibs-20.tgz) = aecd196025f6b316ca311b88113933b7
fehQlibs-19 fehQlibs 19 include now again IPv4 socket calls, which I believed are outdated and additional data types. MD5 (fehQlibs-19.tgz) = 9ab8703dfc510958fb6befa822ed7bad
Build: 20210922113617
fehQlibs-18 fehQlibs 18 provides now better IPv4 compatibility, as required in case the OS does not like IPv6-mapped IPv4 addresses. MD5 (fehQlibs-18.tgz) = 3a0b1efbeb0d2253d4b5b032858dac0b
Build: 20210804101222
fehQlibs-17 fehQlibs 17 takes care of GCC-10 and avoids strong coupling to the socket routines given by ipv4socket which is removed now. MD5 (fehQlibs-17.tgz) = e7c73bb712377d6e9408db77ecaac5b1
Build: 20210402232728 (new!)
fehQlibs-15b fehQlibs 15 coming with an improved DNSStub resolver library and including the Guninski fix for alloc while providing full GCC 10 compliance. MD5 (fehQlibs-15b.tgz) = 521c07eddd9b6d3137d61d7b4c8a788a
Build: 20200913212235
fehQlibs-14 Valentin's fehQlibs 14 is a small enhancement to support SRS in s/qmail and introducing some compiler friendly input arg declarations while supporting Gentoo builds. MD5 (fehQlibs-14.tgz) = 8f41b733f181046d9a56863ed4adda0f
Build: 20200214
fehQlibs-13d fehQlibs with enhanced/changed DNS stub resolver suited for s/qmail and streamlined DNS error return codes with djbdnscurve6-36 and fixed dnsip/dnsmx clients. MD5 (fehQlibs-13d.tgz) = 478da0ad6b2a8cbea7ca7b0e7b007792
Build: 20200202
fehQlibs-10b Previous release of fehQlibs (10); now with fixed str_copy and inclusion of the str_copyb routine. MD5 (fehQlibs-10b.tgz) = e39dfebd72fd7bc8f1055dce823d3239
Build: 20191205

The source code of the current fehQlibs is documented in doxygen.


Installation is pretty easy:

That's it! The fehQlibs are a library. No executables are installed!

Usage with my routines (ucspi-tcp6, ucspi-ssl, djbdnscurve6)

Once you have downloaded and installed the fehQlibs, I expect those to be symlinked to /usr/local/qlibs.

However, if you provide the fehQlibs in a different directory, customize the configuration file conf-qlibs to comply with your settings.

General usage

Using fehQlibs requires just two steps:

Assuming your source code calls any of the routines

  1. include the location of the header files while calling the compiler; typically I use: cc -O2 -Wall -I/usr/local/qlibs/include
  2. tell the linker to use the qlibs and potentially dnsresolv libraries: cc -s -L/usr/local/qlibs -lqlibs -ldnsresolv

In case, you have projects based on Dan's strerr messages you need to include those as source code.


fehQlibs are known to install well and work under Linux (32/64 bit) on x86, FreeBSD, OmniOs, RasPi (Raspbian/FreeBSD 12), MacOS X (x86, PPC).

Tickets, Change Requests, Changelog & Communication

An EZMLM mailing list keeps you updated with current developments, bug fixes, and features discussed. This list also can be used to file

To inscribe use: fehQlib's mailing list

As usual, I can't guarantee a certain response level; but reasonable issues will be answered.

Errata & Changelog

Version Changes
fehQlibs-23 Small enhancement for long running serivces to free stralloc() allocated strings.
fehQlibs-22a Includes a fix not to recognize a FQDN given in the form as IPv4 address.
fehQlibs-22 ip(x)_bytestring returns now the number of bytes processes for CIDR addresses and avoids double written termination.
fehQlibs-21 Minor corrections for documentation mainly.
fehQlibs-20 Added provissional uint8p support and enhanced dns_txt.c to extract labels in RDATA section correctly.
fehQlibs-19 To provide better IPv4 compatibility, outdated IPv4 socket calls included plus uint8 as data type.
fehQlibs-18 Decision whether to use UDP/TCP over IPv4 or IPv6 connections is now based on the remote IP.
fehQlibs-17 Removed 'external' variable ipv4socket in order to be GCC-10 compliant. This means, one has to care about IPv4 and IPv6 sockets on call and can't delegate it to socket routines by means of a common global variable.
fehQlibs-16 Added constmap.c/.h from qmail to support mess822x. dnsip accepts now bracketed IP addresses. Minor docu fixes. Renamed 'ipv4|6-looback' and 'ipv4|6-localhoast' to 'ip4|4-loopback' and 'ip4|6-localhost' to be compliant with Ubuntu.
fehQlibs-15b Convenience release fixing all GCC 10 compatibility issues and defining DNS TLSA records with correct value.
fehQlibs-15a Convenience release to cope with 'external' settings as required by GCC-10 and streamlining some DNS return codes.
fehQlibs-15 Improved and enhanced dns_ip[4|6]_qualify. Included fix for Guninski's CVE 2005-1513.
fehQlibs-14 Added byte_fill and case_upper. Declared most input args 'const'. Gentoo build friendly now.
fehQlibs-13d Fixed integration bug for dns_ip/dns_mx client functions not returning IPv6 addresses.
fehQlibs-13c DNS stub resolver error return codes adjusted and aligned with djbdnscurve6-36.
fehQlibs-13b During integration, the function str_copyb was lost, though the internal documention says it was included for str.c.
This function is required for SRS in s/qmail (only).
fehQlibs-13a Fixed potential wrong 'negative' evalution of DNSCACHEIP in dns_rcip.c
Improved man pages.
fehQlibs-13 New dnsstub resolver routines finished.
Version used for s/qmail and ucspi-X-y.11.* and the djbdnscurve6 > 35.
fehQlibs-12/a/b/c Experimental versions with enhanced dnsstub resolver routines.
fehQlibs-11 Unpublished and never used version of fehQlibs.
fehQlibs-10b Included missing str_copyb function.
fehQlibs-10a Improved handling of poll and select calls while using their return codes in addition.
Fixed wrong nesting of paranthesis in str_copy.
Added functions socket_dualstack and socket_nodualstack (providing better compatibility for OS which use socket option IPV6_V6ONLY).
For some backgrund on poll and IPV6_V6ONLY check
(a) Marek's (totally not insane) idea of the day
(b) Re: Disabling IPV6_V6ONLY a bad idea?

Added the 'shared object' (PIC) and libraries upon generation.

Attached LICENSE and CHANGELOG file.