1 Changelog for the c-ares project
3 * December 3 2007 (Daniel Stenberg)
5 - Brad Spencer fixed the configure script to assume that there's no
6 /dev/urandom when built cross-compiled as then the script cannot check for
9 - Erik Kline cleaned up ares_gethostbyaddr.c:next_lookup() somewhat
11 Version 1.5.1 (Nov 21, 2007)
13 * November 21 2007 (Daniel Stenberg)
15 - Robin Cornelius pointed out that ares_llist.h was missing in the release
18 Version 1.5.0 (Nov 21, 2007)
20 * October 2 2007 (Daniel Stenberg)
22 - ares_strerror() segfaulted if the input error number was out of the currently
25 - Yang Tse: Avoid a segfault when generating a DNS "Transaction ID" in
26 internal function init_id_key() under low memory conditions.
28 * September 28 2007 (Daniel Stenberg)
30 - Bumped version to 1.5.0 for next release and soname bumped to 2 due to ABI
31 and API changes in the progress callback (and possibly more coming up from
34 * September 28 2007 (Steinar H. Gunderson)
36 - Don't skip a server if it's the only one. (Bugfix from the Google tree.)
38 - Made the query callbacks receive the number of timeouts that happened during
39 the execution of a query, and updated documentation accordingly. (Patch from
42 - Support a few more socket options: ARES_OPT_SOCK_SNDBUF and
45 - Always register for TCP events even if there are no outstanding queries, as
46 the other side could always close the connection, which is a valid event
47 which should be responded to.
49 * September 22 2007 (Daniel Stenberg)
51 - Steinar H. Gunderson fixed: Correctly clear sockets from the fd_set on in
52 several functions (write_tcp_data, read_tcp_data, read_udp_packets) so that
53 if it fails and the socket is closed the following code doesn't try to use
56 - Steinar H. Gunderson modified c-ares to now also do to DNS retries even when
57 TCP is used since there are several edge cases where it still makes sense.
59 - Brad House provided a fix for ares_save_options():
61 Apparently I overlooked something with the ares_save_options() where it
62 would try to do a malloc(0) when no options of that type needed to be saved.
63 On most platforms, this was fine because malloc(0) doesn't actually return
64 NULL, but on AIX it does, so ares_save_options would return ARES_ENOMEM.
66 * July 14 2007 (Daniel Stenberg)
68 - Vlad Dinulescu fixed two outstanding valgrind reports:
70 1. In ares_query.c , in find_query_by_id we compare q->qid (which is a short
71 int variable) with qid, which is declared as an int variable. Moreover,
72 DNS_HEADER_SET_QID is used to set the value of qid, but DNS_HEADER_SET_QID
73 sets only the first two bytes of qid. I think that qid should be declared as
74 "unsigned short" in this function.
76 2. The same problem occurs in ares_process.c, process_answer() . query->qid
77 (an unsigned short integer variable) is compared with id, which is an
78 integer variable. Moreover, id is initialized from DNS_HEADER_QID which sets
79 only the first two bytes of id. I think that the id variable should be
80 declared as "unsigned short" in this function.
82 Even after declaring these variables as "unsigned short", the valgrind
83 errors are still there. Which brings us to the third problem.
85 3. The third problem is that Valgrind assumes that query->qid is not
86 initialised correctly. And it does that because query->qid is set from
87 DNS_HEADER_QID(qbuf); Valgrind says that qbuf has unitialised bytes. And
88 qbuf has uninitialised bytes because of channel->next_id . And next_id is
89 set by ares_init.c:ares__generate_new_id() . I found that putting short r=0
90 in this function (instead of short r) makes all Valgrind warnings go away.
91 I have studied ares__rc4() too, and this is the offending line:
93 buffer_ptr[counter] ^= state[xorIndex]; (ares_query.c:62)
95 This is what triggers Valgrind.. buffer_ptr is unitialised in this function,
96 and by applying ^= on it, it remains unitialised.
98 Version 1.4.0 (June 8, 2007)
100 * June 4 2007 (Daniel Stenberg)
102 - James Bursa reported a major memory problem when resolving multi-IP names
103 and I found and fixed the problem. It was added by Ashish Sharma's patch
106 When I then tried to verify multiple entries in /etc/hosts after my fix, I
107 got another segfault and decided this code was not ripe for inclusion and I
112 - Brad Spencer found and fixed three flaws in the code, found with the new
113 gcc 4.2.0 warning: -Waddress
115 - Brad House fixed VS2005 compiler warnings due to time_t being 64bit.
116 He also made recent Microsoft compilers use _strdup() instead of strdup().
118 - Brad House's man pages for ares_save_options() and ares_destroy_options()
121 - Ashish Sharma provided a patch for supporting multiple entries in the
122 /etc/hosts file. Patch edited for coding style and functionality by me
127 - Shmulik Regev brought cryptographically secure transaction IDs:
129 The c-ares library implementation uses a DNS "Transaction ID" field that is
130 seeded with a pseudo random number (based on gettimeofday) which is
131 incremented (++) between consecutive calls and is therefore rather
132 predictable. In general, predictability of DNS Transaction ID is a well
133 known security problem (e.g.
134 http://bak.spc.org/dms/archive/dns_id_attack.txt) and makes a c-ares based
135 implementation vulnerable to DNS poisoning. Credit goes to Amit Klein
136 (Trusteer) for identifying this problem.
138 The patch I wrote changes the implementation to use a more secure way of
139 generating unique IDs. It starts by obtaining a key with reasonable entropy
140 which is used with an RC4 stream to generate the cryptographically secure
143 Note that the key generation code (in ares_init:randomize_key) has two
144 versions, the Windows specific one uses a cryptographically safe function
145 provided (but undocumented :) by the operating system (described at
146 http://blogs.msdn.com/michael_howard/archive/2005/01/14/353379.aspx). The
147 default implementation is a bit naive and uses the standard 'rand'
148 function. Surely a better way to generate random keys exists for other
151 The patch can be tested by using the adig utility and using the '-s' option.
153 - Brad House added ares_save_options() and ares_destroy_options() that can be
154 used to keep options for later re-usal when ares_init_options() is used.
156 Problem: Calling ares_init() for each lookup can be unnecessarily resource
157 intensive. On windows, it must LoadLibrary() or search the registry
158 on each call to ares_init(). On unix, it must read and parse
159 multiple files to obtain the necessary configuration information. In
160 a single-threaded environment, it would make sense to only
161 ares_init() once, but in a heavily multi-threaded environment, it is
162 undesirable to ares_init() and ares_destroy() for each thread created
165 Solution: Create ares_save_options() and ares_destroy_options() functions to
166 retrieve and free options obtained from an initialized channel. The
167 options populated can be used to pass back into ares_init_options(),
168 it should populate all needed fields and not retrieve any information
169 from the system. Probably wise to destroy the cache every minute or
170 so to prevent the data from becoming stale.
172 - Daniel S added ares_process_fd() to allow applications to ask for processing
173 on specific sockets and thus avoiding select() and associated
174 functions/macros. This function will be used by upcoming libcurl releases
175 for this very reason. It also made me export the ares_socket_t type in the
176 public ares.h header file, since ares_process_fd() uses that type for two of
181 - Ravi Pratap fixed a flaw in the init_by_resolv_conf() function for windows
182 that could cause it to return a bad return code.
186 - Yang Tse: Provide ares_getopt() command-line parser function as a source
187 code helper function, not belonging to the actual c-ares library.
191 - Vlad Dinulescu added ares_parse_ns_reply().
195 - Yang Tse: Fix failure to get the search sequence of /etc/hosts and
196 DNS from /etc/nsswitch.conf, /etc/host.conf or /etc/svc.conf when
197 /etc/resolv.conf did not exist or was unable to read it.
201 - Install ares_dns.h too
203 - Michael Wallner fixed this problem: When I set domains in the options
204 struct, and there are domain/search entries in /etc/resolv.conf, the domains
205 of the options struct will be overridden.
209 - Yang Tse removed a couple of potential zero size memory allocations.
211 - Andreas Rieke fixed the line endings in the areslib.dsp file that I (Daniel)
212 broke in the 1.3.2 release. We should switch to a system where that file is
213 auto-generated. We could rip some code for that from curl...
215 Version 1.3.2 (November 3, 2006)
219 - Prevent ares_getsock() to overflow if more than 16 sockets are used.
223 - Guilherme Balena Versiani: I noted a strange BUG in Win32 port
224 (ares_init.c/get_iphlpapi_dns_info() function): when I disable the network
225 by hand or disconnect the network cable in Windows 2000 or Windows XP, my
226 application gets 127.0.0.1 as the only name server. The problem comes from
227 'GetNetworkParams' function, that returns the empty string "" as the only
228 name server in that case. Moreover, the Windows implementation of
229 inet_addr() returns INADDR_LOOPBACK instead of INADDR_NONE.
235 o made ares_version.h use extern "C" for c++ compilers
236 o fixed compiler warnings in ares_getnameinfo.c
237 o fixed a buffer position init for TCP reads
241 - Ravi Pratap fixed ares_getsock() to actually return the proper bitmap and
244 Version 1.3.1 (June 24, 2006)
248 - Gisle Vanem added getopt() to the ahost program. Currently accepts
249 only [-t {a|aaaa}] to specify address family in ares_gethostbyname().
253 - (wahern) Removed "big endian" DNS section and RR data integer parser
254 macros from ares_dns.h, which break c-ares on my Sparc64. Bit-wise
255 operations in C operate on logical values. And in any event the octets are
256 already in big-endian (aka network) byte order so they're being reversed
257 (thus the source of the breakage).
261 - William Ahern handles EAGAIN/EWOULDBLOCK errors in most of the I/O calls
264 TODO: Handle one last EAGAIN for a UDP socket send(2) in
269 - Bram Matthys brought my attention to a libtool peculiarity where detecting
270 things such as C++ compiler actually is a bad thing and since we don't need
271 that detection I added a work-around, much inspired by a previous patch by
272 Paolo Bonzini. This also shortens the configure script quite a lot.
276 - Nick Mathewson added the ARES_OPT_SOCK_STATE_CB option that when set makes
277 c-ares call a callback on socket state changes. A better way than the
278 ares_getsock() to get full control over the socket state.
282 - Alexander Lazic improved the getservbyport_r() configure check.
286 - Alexander Lazic pointed out that the buildconf should use the ACLOCAL_FLAGS
287 variable for easier controlling what it does and how it runs.
291 - James Bursa fixed c-ares to find the hosts file on RISC OS, and made it
292 build with newer gcc versions that no longer defines "riscos".
296 - Daniel Stenberg added ares_getsock() that extracts the set of sockets to
297 wait for action on. Similar to ares_fds() but not restricted to using
298 select() for the waiting.
302 - Yang Tse fixed some send() / recv() compiler warnings
306 - Added constants that will be used by ares_getaddrinfo
308 - Made ares_getnameinfo use the reentrant getservbyport (getservbyport_r) if it
309 is available to ensure it works properly in a threaded environment.
313 - configure fix for detecting a member in the sockaddr_in6 struct which failed
314 on ipv6-enabled HP-UX 11.00
316 Version 1.3.0 (August 29, 2005)
320 - Alfredo Tupone provided a fix for the Windows code in get_iphlpapi_dns_info()
321 when getting the DNS server etc.
325 - Added some checks for the addrinfo structure.
331 Make UDP sockets non-blocking. I've confirmed that at least on Linux 2.4 a
332 read event can come back from poll() on a valid SOCK_DGRAM socket but
333 recv(2) will still block. This patch doesn't ignore EAGAIN in
334 read_udp_packets(), though maybe it should. (This patch was edited by Daniel
335 Stenberg and a new configure test was added (imported from curl's configure)
336 to properly detect what non-blocking socket approach to use.)
338 I'm not quite sure how this was happening, but I've been seeing PTR queries
339 which seem to return empty responses. At least, they were empty when calling
340 ares_expand_name() on the record. Here's a patch which guarantees to
341 NUL-terminate the expanded name. The old behavior failed to NUL-terminate if
342 len was 0, and this was causing strlen() to run past the end of the buffer
343 after calling ares_expand_name() and getting ARES_SUCCESS as the return
344 value. If q is not greater than *s then it's equal and *s is always
345 allocated with at least one byte.
349 - Added ares_getnameinfo which mimics the getnameinfo API (another feature
350 that could use testing).
354 - Added an inet_ntop function from BIND for systems that do not have it.
358 - Made sortlist support IPv6 (this can probably use some testing).
360 - Made sortlist support CIDR matching for IPv4.
364 - Added preliminary IPv6 support to ares_gethostbyname. Currently, sortlist
365 does not work with IPv6. Also provided an implementation of bitncmp from
366 BIND for systems that do not supply this function. This will be used to add
367 IPv6 support to sortlist.
369 - Made ares_gethostbyaddr support IPv6 by specifying AF_INET6 as the family.
370 The function can lookup IPv6 addresses both from files (/etc/hosts) and
375 - Tupone Alfredo fixed includes of arpa/nameser_compat.h to build fine on Mac
380 - Dominick Meglio: Provided implementations of inet_net_pton and inet_pton
381 from BIND for systems that do not include these functions.
385 - Dominick Meglio added ares_parse_aaaa_reply.c and did various
386 adjustments. The first little steps towards IPv6 support!
390 - Fixed the VC project and makefile to use ares_cancel and ares_version
394 - The released ares_version.h from 1.2.1 says 1.2.0 due to a maketgz flaw.
397 Version 1.2.1 (October 20, 2004)
401 - Henrik Stoerner fix: got a report that Tru64 Unix (the unix from Digital
402 when they made Alpha's) uses /etc/svc.conf for the purpose fixed below for
403 other OSes. He made c-ares check for and understand it if present.
405 - Now c-ares will use local host name lookup _before_ DNS resolving by default
406 if nothing else is told.
410 - Henrik Stoerner: found out that c-ares does not look at the /etc/host.conf
411 file to determine the sequence in which to search /etc/hosts and DNS. So on
412 systems where this order is defined by /etc/host.conf instead of a "lookup"
413 entry in /etc/resolv.conf, c-ares will always default to looking in DNS
414 first, and /etc/hosts second.
418 1) resolv.conf (for the "lookup" line);
419 2) nsswitch.fon (for the "hosts:" line);
420 3) host.conf (for the "order" line).
424 - Dominick Meglio patched: C-ares on Windows assumed that the HOSTS file is
425 located in a static location. It assumed
426 C:\Windows\System32\Drivers\Etc. This is a poor assumption to make. In fact,
427 the location of the HOSTS file can be changed via a registry setting.
429 There is a key called DatabasePath which specifies the path to the HOSTS
431 http://www.microsoft.com/technet/itsolutions/network/deploy/depovg/tcpip2k.mspx
433 The patch will make c-ares correctly consult the registry for the location
438 - Gisle Vanem fixed the MSVC build files.
442 - Gisle Vanem made c-ares build and work with his Watt-32 TCP/IP stack.
446 - Harshal Pradhan made a minor syntax change in ares_init.c to make it build
451 - Made the lib get built static only if --enable-debug is used.
455 Basically in loops like handle_errors(), 'query->next' was assigned a local
456 variable and then query was referenced after the memory was freed by
457 next_server(). I've changed that so next_server() and end_query() returns
458 the next query. So callers should use this ret-value.
460 The next problem was that 'server->tcp_buffer_pos' had a random value at
461 entry to 1st recv() (luckily causing Winsock to return ENOBUFS).
463 I've also added a ares_writev() for Windows to streamline the code a bit
467 - Fixed a few variable return types for some system calls. Made configure
468 check for ssize_t to make it possible to use that when receiving the send()
469 error code. This is necessary to prevent compiler warnings on some systems.
471 - Made configure create config.h, and all source files now include setup.h that
472 might include the proper config.h (or a handicrafted alternative).
474 - Switched to 'ares_socket_t' type for sockets in ares, since Windows don't
477 - automake-ified and libool-ified c-ares. Now it builds libcares as a shared
478 lib on most platforms if wanted. (This bloated the size of the release
479 archive with another 200K!)
481 - Makefile.am now uses Makefile.inc for the c sources, h headers and man
482 pages, to make it easier for other makefiles to use the exact same set of
485 - Adjusted 'maketgz' to use the new automake magic when building distribution
488 - Anyone desires HTML and/or PDF versions of the man pages in the release
492 - Günter Knauf made c-ares build and run on Novell Netware.
495 - Gisle Vanem provided Makefile.dj to build with djgpp, added a few more djgpp
496 fixes and made ares not use 'errno' to provide further info on Windows.
499 - Gisle Vanem made it build with djgpp and run fine with the Watt-32 stack.
502 - Gisle Vanem's init patch for Windows:
504 The init_by_resolv_conf() function fetches the DNS-server(s)
505 from a series of registry branches.
507 This can be wrong in the case where DHCP has assigned nameservers, but the
508 user has overridden these servers with other prefered settings. Then it's
509 wrong to use the DHCPNAMESERVER setting in registry.
511 In the case of no global DHCP-assigned or fixed servers, but DNS server(s)
512 per adapter, one has to query the adapter branches. But how can c-ares know
513 which adapter is valid for use? AFAICS it can't. There could be one adapter
514 that is down (e.g. a VPN adapter).
516 So it's better to leave this to the IP Helper API (iphlapi) available in
517 Win-98/2000 and later. My patch falls-back to the old way if not available.
520 - James Bursa fixed an init issue for RISC OS.
523 - Nico Stappenbelt reported that when processing domain and search lines in
524 the resolv.conf file, the first entry encountered is processed and used as
525 the search list. According to the manual pages for both Linux, Solaris and
526 Tru64, the last entry of either a domain or a search field is used.
528 This is now adjusted in the code
530 Version 1.2.0 (April 13, 2004)
533 - Updated various man pages to look nicer when converted to HTML on the web
537 - Dirk Manske provided a new function that is now named ares_cancel(). It is
538 used to cancel/cleanup a resolve/request made using ares functions on the
539 given ares channel. It does not destroy/kill the ares channel itself.
541 - Dominick Meglio cleaned up the formatting in several man pages.
544 - Dominick Meglio's new ares_expand_string. A helper function when decoding
545 incoming DNS packages.
547 - Daniel Stenberg modified the Makefile.in to use a for loop for the man page
548 installation to improve overview and make it easier to add man pages.
550 Version 1.1.0 (March 11, 2004)
553 - Gisle Vanem improved build on Windows.
556 - Dan Fandrich found a flaw in the Feb 22 fix.
558 - Added better configure --enable-debug logic (taken from the curl configure
559 script). Added acinclude.m4 to the tarball.
562 - Removed ares_free_errmem(), the function, the file and the man page. It was
563 not used and it did nothing.
565 - Fixed a lot of code that wasn't "64bit clean" and thus caused a lot of
566 compiler warnings on picky compilers.
569 - Dominick Meglio made ares init support multiple name servers in the
570 NameServer key on Windows.
573 - Modified ares_private.h to include libcurl's memory debug header if
574 CURLDEBUG is set. This makes all the ares-functions supervised properly by
575 the curl test suite. This also forced me to add inclusion of the
576 ares_private.h header in a few more files that are using some kind of
577 memory-related resources.
579 - Made the makefile only build ahost and adig if 'make demos' is used.
582 - Dirk Manske made ares_version.h installed with 'make install'
585 - ares_free_errmem() is subject for removal, it is simply present for future
586 purposes, and since we removed the extra parameter in strerror() it won't
588 - configure --enable-debug now enables picky compiler options if gcc is used
589 - fixed several compiler warnings --enable-debug showed and Joerg Mueller-Tolk
592 Version 1.0.0 (February 3, 2004)
595 - now we produce the libcares.a library instead of the previous libares.a
596 since we are no longer compatible
600 - ares_strerror() has one argument less. This is the first official
601 modification of the existing provided ares API.
605 - Dirk Manske fixed how the socket is set non-blocking.
609 - Dominick Meglio made the private gettimeofday() become ares_gettimeofday()
610 instead in order to not pollute the name space and risk colliding with
611 other libraries' versions of this function.
613 * October 24, 2003. Daniel Stenberg
615 Added ares_version().
617 Version 1.0-pre1 (8 October 2003)
619 - James Bursa made it run on RISC OS
621 - Dominick Meglio made it run fine on NT4
623 - Duncan Wilcox made it work fine on Mac OS X
625 - Daniel Stenberg adjusted the windows port
627 - liren at vivisimo.com made the initial windows port
629 * Imported the sources from ares 1.1.1