1 Changelog for the c-ares project
3 * October 2 2007 (Daniel Stenberg)
4 - ares_strerror() segfaulted if the input error number was out of the currently
7 * September 28 2007 (Daniel Stenberg)
9 - Bumped version to 1.5.0 for next release and soname bumped to 2 due to ABI
10 and API changes in the progress callback (and possibly more coming up from
13 * September 28 2007 (Steinar H. Gunderson)
15 - Don't skip a server if it's the only one. (Bugfix from the Google tree.)
17 - Made the query callbacks receive the number of timeouts that happened during
18 the execution of a query, and updated documentation accordingly. (Patch from
21 - Support a few more socket options: ARES_OPT_SOCK_SNDBUF and
24 - Always register for TCP events even if there are no outstanding queries, as
25 the other side could always close the connection, which is a valid event
26 which should be responded to.
28 * September 22 2007 (Daniel Stenberg)
30 - Steinar H. Gunderson fixed: Correctly clear sockets from the fd_set on in
31 several functions (write_tcp_data, read_tcp_data, read_udp_packets) so that
32 if it fails and the socket is closed the following code doesn't try to use
35 - Steinar H. Gunderson modified c-ares to now also do to DNS retries even when
36 TCP is used since there are several edge cases where it still makes sense.
38 - Brad House provided a fix for ares_save_options():
40 Apparently I overlooked something with the ares_save_options() where it
41 would try to do a malloc(0) when no options of that type needed to be saved.
42 On most platforms, this was fine because malloc(0) doesn't actually return
43 NULL, but on AIX it does, so ares_save_options would return ARES_ENOMEM.
45 * July 14 2007 (Daniel Stenberg)
47 - Vlad Dinulescu fixed two outstanding valgrind reports:
49 1. In ares_query.c , in find_query_by_id we compare q->qid (which is a short
50 int variable) with qid, which is declared as an int variable. Moreover,
51 DNS_HEADER_SET_QID is used to set the value of qid, but DNS_HEADER_SET_QID
52 sets only the first two bytes of qid. I think that qid should be declared as
53 "unsigned short" in this function.
55 2. The same problem occurs in ares_process.c, process_answer() . query->qid
56 (an unsigned short integer variable) is compared with id, which is an
57 integer variable. Moreover, id is initialized from DNS_HEADER_QID which sets
58 only the first two bytes of id. I think that the id variable should be
59 declared as "unsigned short" in this function.
61 Even after declaring these variables as "unsigned short", the valgrind
62 errors are still there. Which brings us to the third problem.
64 3. The third problem is that Valgrind assumes that query->qid is not
65 initialised correctly. And it does that because query->qid is set from
66 DNS_HEADER_QID(qbuf); Valgrind says that qbuf has unitialised bytes. And
67 qbuf has uninitialised bytes because of channel->next_id . And next_id is
68 set by ares_init.c:ares__generate_new_id() . I found that putting short r=0
69 in this function (instead of short r) makes all Valgrind warnings go away.
70 I have studied ares__rc4() too, and this is the offending line:
72 buffer_ptr[counter] ^= state[xorIndex]; (ares_query.c:62)
74 This is what triggers Valgrind.. buffer_ptr is unitialised in this function,
75 and by applying ^= on it, it remains unitialised.
77 Version 1.4.0 (June 8, 2007)
79 * June 4 2007 (Daniel Stenberg)
81 - James Bursa reported a major memory problem when resolving multi-IP names
82 and I found and fixed the problem. It was added by Ashish Sharma's patch
85 When I then tried to verify multiple entries in /etc/hosts after my fix, I
86 got another segfault and decided this code was not ripe for inclusion and I
91 - Brad Spencer found and fixed three flaws in the code, found with the new
92 gcc 4.2.0 warning: -Waddress
94 - Brad House fixed VS2005 compiler warnings due to time_t being 64bit.
95 He also made recent Microsoft compilers use _strdup() instead of strdup().
97 - Brad House's man pages for ares_save_options() and ares_destroy_options()
100 - Ashish Sharma provided a patch for supporting multiple entries in the
101 /etc/hosts file. Patch edited for coding style and functionality by me
106 - Shmulik Regev brought cryptographically secure transaction IDs:
108 The c-ares library implementation uses a DNS "Transaction ID" field that is
109 seeded with a pseudo random number (based on gettimeofday) which is
110 incremented (++) between consecutive calls and is therefore rather
111 predictable. In general, predictability of DNS Transaction ID is a well
112 known security problem (e.g.
113 http://bak.spc.org/dms/archive/dns_id_attack.txt) and makes a c-ares based
114 implementation vulnerable to DNS poisoning. Credit goes to Amit Klein
115 (Trusteer) for identifying this problem.
117 The patch I wrote changes the implementation to use a more secure way of
118 generating unique IDs. It starts by obtaining a key with reasonable entropy
119 which is used with an RC4 stream to generate the cryptographically secure
122 Note that the key generation code (in ares_init:randomize_key) has two
123 versions, the Windows specific one uses a cryptographically safe function
124 provided (but undocumented :) by the operating system (described at
125 http://blogs.msdn.com/michael_howard/archive/2005/01/14/353379.aspx). The
126 default implementation is a bit naive and uses the standard 'rand'
127 function. Surely a better way to generate random keys exists for other
130 The patch can be tested by using the adig utility and using the '-s' option.
132 - Brad House added ares_save_options() and ares_destroy_options() that can be
133 used to keep options for later re-usal when ares_init_options() is used.
135 Problem: Calling ares_init() for each lookup can be unnecessarily resource
136 intensive. On windows, it must LoadLibrary() or search the registry
137 on each call to ares_init(). On unix, it must read and parse
138 multiple files to obtain the necessary configuration information. In
139 a single-threaded environment, it would make sense to only
140 ares_init() once, but in a heavily multi-threaded environment, it is
141 undesirable to ares_init() and ares_destroy() for each thread created
144 Solution: Create ares_save_options() and ares_destroy_options() functions to
145 retrieve and free options obtained from an initialized channel. The
146 options populated can be used to pass back into ares_init_options(),
147 it should populate all needed fields and not retrieve any information
148 from the system. Probably wise to destroy the cache every minute or
149 so to prevent the data from becoming stale.
151 - Daniel S added ares_process_fd() to allow applications to ask for processing
152 on specific sockets and thus avoiding select() and associated
153 functions/macros. This function will be used by upcoming libcurl releases
154 for this very reason. It also made me export the ares_socket_t type in the
155 public ares.h header file, since ares_process_fd() uses that type for two of
160 - Ravi Pratap fixed a flaw in the init_by_resolv_conf() function for windows
161 that could cause it to return a bad return code.
165 - Yang Tse: Provide ares_getopt() command-line parser function as a source
166 code helper function, not belonging to the actual c-ares library.
170 - Vlad Dinulescu added ares_parse_ns_reply().
174 - Yang Tse: Fix failure to get the search sequence of /etc/hosts and
175 DNS from /etc/nsswitch.conf, /etc/host.conf or /etc/svc.conf when
176 /etc/resolv.conf did not exist or was unable to read it.
180 - Install ares_dns.h too
182 - Michael Wallner fixed this problem: When I set domains in the options
183 struct, and there are domain/search entries in /etc/resolv.conf, the domains
184 of the options struct will be overridden.
188 - Yang Tse removed a couple of potential zero size memory allocations.
190 - Andreas Rieke fixed the line endings in the areslib.dsp file that I (Daniel)
191 broke in the 1.3.2 release. We should switch to a system where that file is
192 auto-generated. We could rip some code for that from curl...
194 Version 1.3.2 (November 3, 2006)
198 - Prevent ares_getsock() to overflow if more than 16 sockets are used.
202 - Guilherme Balena Versiani: I noted a strange BUG in Win32 port
203 (ares_init.c/get_iphlpapi_dns_info() function): when I disable the network
204 by hand or disconnect the network cable in Windows 2000 or Windows XP, my
205 application gets 127.0.0.1 as the only name server. The problem comes from
206 'GetNetworkParams' function, that returns the empty string "" as the only
207 name server in that case. Moreover, the Windows implementation of
208 inet_addr() returns INADDR_LOOPBACK instead of INADDR_NONE.
214 o made ares_version.h use extern "C" for c++ compilers
215 o fixed compiler warnings in ares_getnameinfo.c
216 o fixed a buffer position init for TCP reads
220 - Ravi Pratap fixed ares_getsock() to actually return the proper bitmap and
223 Version 1.3.1 (June 24, 2006)
227 - Gisle Vanem added getopt() to the ahost program. Currently accepts
228 only [-t {a|aaaa}] to specify address family in ares_gethostbyname().
232 - (wahern) Removed "big endian" DNS section and RR data integer parser
233 macros from ares_dns.h, which break c-ares on my Sparc64. Bit-wise
234 operations in C operate on logical values. And in any event the octets are
235 already in big-endian (aka network) byte order so they're being reversed
236 (thus the source of the breakage).
240 - William Ahern handles EAGAIN/EWOULDBLOCK errors in most of the I/O calls
243 TODO: Handle one last EAGAIN for a UDP socket send(2) in
248 - Bram Matthys brought my attention to a libtool peculiarity where detecting
249 things such as C++ compiler actually is a bad thing and since we don't need
250 that detection I added a work-around, much inspired by a previous patch by
251 Paolo Bonzini. This also shortens the configure script quite a lot.
255 - Nick Mathewson added the ARES_OPT_SOCK_STATE_CB option that when set makes
256 c-ares call a callback on socket state changes. A better way than the
257 ares_getsock() to get full control over the socket state.
261 - Alexander Lazic improved the getservbyport_r() configure check.
265 - Alexander Lazic pointed out that the buildconf should use the ACLOCAL_FLAGS
266 variable for easier controlling what it does and how it runs.
270 - James Bursa fixed c-ares to find the hosts file on RISC OS, and made it
271 build with newer gcc versions that no longer defines "riscos".
275 - Daniel Stenberg added ares_getsock() that extracts the set of sockets to
276 wait for action on. Similar to ares_fds() but not restricted to using
277 select() for the waiting.
281 - Yang Tse fixed some send() / recv() compiler warnings
285 - Added constants that will be used by ares_getaddrinfo
287 - Made ares_getnameinfo use the reentrant getservbyport (getservbyport_r) if it
288 is available to ensure it works properly in a threaded environment.
292 - configure fix for detecting a member in the sockaddr_in6 struct which failed
293 on ipv6-enabled HP-UX 11.00
295 Version 1.3.0 (August 29, 2005)
299 - Alfredo Tupone provided a fix for the Windows code in get_iphlpapi_dns_info()
300 when getting the DNS server etc.
304 - Added some checks for the addrinfo structure.
310 Make UDP sockets non-blocking. I've confirmed that at least on Linux 2.4 a
311 read event can come back from poll() on a valid SOCK_DGRAM socket but
312 recv(2) will still block. This patch doesn't ignore EAGAIN in
313 read_udp_packets(), though maybe it should. (This patch was edited by Daniel
314 Stenberg and a new configure test was added (imported from curl's configure)
315 to properly detect what non-blocking socket approach to use.)
317 I'm not quite sure how this was happening, but I've been seeing PTR queries
318 which seem to return empty responses. At least, they were empty when calling
319 ares_expand_name() on the record. Here's a patch which guarantees to
320 NUL-terminate the expanded name. The old behavior failed to NUL-terminate if
321 len was 0, and this was causing strlen() to run past the end of the buffer
322 after calling ares_expand_name() and getting ARES_SUCCESS as the return
323 value. If q is not greater than *s then it's equal and *s is always
324 allocated with at least one byte.
328 - Added ares_getnameinfo which mimics the getnameinfo API (another feature
329 that could use testing).
333 - Added an inet_ntop function from BIND for systems that do not have it.
337 - Made sortlist support IPv6 (this can probably use some testing).
339 - Made sortlist support CIDR matching for IPv4.
343 - Added preliminary IPv6 support to ares_gethostbyname. Currently, sortlist
344 does not work with IPv6. Also provided an implementation of bitncmp from
345 BIND for systems that do not supply this function. This will be used to add
346 IPv6 support to sortlist.
348 - Made ares_gethostbyaddr support IPv6 by specifying AF_INET6 as the family.
349 The function can lookup IPv6 addresses both from files (/etc/hosts) and
354 - Tupone Alfredo fixed includes of arpa/nameser_compat.h to build fine on Mac
359 - Dominick Meglio: Provided implementations of inet_net_pton and inet_pton
360 from BIND for systems that do not include these functions.
364 - Dominick Meglio added ares_parse_aaaa_reply.c and did various
365 adjustments. The first little steps towards IPv6 support!
369 - Fixed the VC project and makefile to use ares_cancel and ares_version
373 - The released ares_version.h from 1.2.1 says 1.2.0 due to a maketgz flaw.
376 Version 1.2.1 (October 20, 2004)
380 - Henrik Stoerner fix: got a report that Tru64 Unix (the unix from Digital
381 when they made Alpha's) uses /etc/svc.conf for the purpose fixed below for
382 other OSes. He made c-ares check for and understand it if present.
384 - Now c-ares will use local host name lookup _before_ DNS resolving by default
385 if nothing else is told.
389 - Henrik Stoerner: found out that c-ares does not look at the /etc/host.conf
390 file to determine the sequence in which to search /etc/hosts and DNS. So on
391 systems where this order is defined by /etc/host.conf instead of a "lookup"
392 entry in /etc/resolv.conf, c-ares will always default to looking in DNS
393 first, and /etc/hosts second.
397 1) resolv.conf (for the "lookup" line);
398 2) nsswitch.fon (for the "hosts:" line);
399 3) host.conf (for the "order" line).
403 - Dominick Meglio patched: C-ares on Windows assumed that the HOSTS file is
404 located in a static location. It assumed
405 C:\Windows\System32\Drivers\Etc. This is a poor assumption to make. In fact,
406 the location of the HOSTS file can be changed via a registry setting.
408 There is a key called DatabasePath which specifies the path to the HOSTS
410 http://www.microsoft.com/technet/itsolutions/network/deploy/depovg/tcpip2k.mspx
412 The patch will make c-ares correctly consult the registry for the location
417 - Gisle Vanem fixed the MSVC build files.
421 - Gisle Vanem made c-ares build and work with his Watt-32 TCP/IP stack.
425 - Harshal Pradhan made a minor syntax change in ares_init.c to make it build
430 - Made the lib get built static only if --enable-debug is used.
434 Basically in loops like handle_errors(), 'query->next' was assigned a local
435 variable and then query was referenced after the memory was freed by
436 next_server(). I've changed that so next_server() and end_query() returns
437 the next query. So callers should use this ret-value.
439 The next problem was that 'server->tcp_buffer_pos' had a random value at
440 entry to 1st recv() (luckily causing Winsock to return ENOBUFS).
442 I've also added a ares_writev() for Windows to streamline the code a bit
446 - Fixed a few variable return types for some system calls. Made configure
447 check for ssize_t to make it possible to use that when receiving the send()
448 error code. This is necessary to prevent compiler warnings on some systems.
450 - Made configure create config.h, and all source files now include setup.h that
451 might include the proper config.h (or a handicrafted alternative).
453 - Switched to 'ares_socket_t' type for sockets in ares, since Windows don't
456 - automake-ified and libool-ified c-ares. Now it builds libcares as a shared
457 lib on most platforms if wanted. (This bloated the size of the release
458 archive with another 200K!)
460 - Makefile.am now uses Makefile.inc for the c sources, h headers and man
461 pages, to make it easier for other makefiles to use the exact same set of
464 - Adjusted 'maketgz' to use the new automake magic when building distribution
467 - Anyone desires HTML and/or PDF versions of the man pages in the release
471 - Günter Knauf made c-ares build and run on Novell Netware.
474 - Gisle Vanem provided Makefile.dj to build with djgpp, added a few more djgpp
475 fixes and made ares not use 'errno' to provide further info on Windows.
478 - Gisle Vanem made it build with djgpp and run fine with the Watt-32 stack.
481 - Gisle Vanem's init patch for Windows:
483 The init_by_resolv_conf() function fetches the DNS-server(s)
484 from a series of registry branches.
486 This can be wrong in the case where DHCP has assigned nameservers, but the
487 user has overridden these servers with other prefered settings. Then it's
488 wrong to use the DHCPNAMESERVER setting in registry.
490 In the case of no global DHCP-assigned or fixed servers, but DNS server(s)
491 per adapter, one has to query the adapter branches. But how can c-ares know
492 which adapter is valid for use? AFAICS it can't. There could be one adapter
493 that is down (e.g. a VPN adapter).
495 So it's better to leave this to the IP Helper API (iphlapi) available in
496 Win-98/2000 and later. My patch falls-back to the old way if not available.
499 - James Bursa fixed an init issue for RISC OS.
502 - Nico Stappenbelt reported that when processing domain and search lines in
503 the resolv.conf file, the first entry encountered is processed and used as
504 the search list. According to the manual pages for both Linux, Solaris and
505 Tru64, the last entry of either a domain or a search field is used.
507 This is now adjusted in the code
509 Version 1.2.0 (April 13, 2004)
512 - Updated various man pages to look nicer when converted to HTML on the web
516 - Dirk Manske provided a new function that is now named ares_cancel(). It is
517 used to cancel/cleanup a resolve/request made using ares functions on the
518 given ares channel. It does not destroy/kill the ares channel itself.
520 - Dominick Meglio cleaned up the formatting in several man pages.
523 - Dominick Meglio's new ares_expand_string. A helper function when decoding
524 incoming DNS packages.
526 - Daniel Stenberg modified the Makefile.in to use a for loop for the man page
527 installation to improve overview and make it easier to add man pages.
529 Version 1.1.0 (March 11, 2004)
532 - Gisle Vanem improved build on Windows.
535 - Dan Fandrich found a flaw in the Feb 22 fix.
537 - Added better configure --enable-debug logic (taken from the curl configure
538 script). Added acinclude.m4 to the tarball.
541 - Removed ares_free_errmem(), the function, the file and the man page. It was
542 not used and it did nothing.
544 - Fixed a lot of code that wasn't "64bit clean" and thus caused a lot of
545 compiler warnings on picky compilers.
548 - Dominick Meglio made ares init support multiple name servers in the
549 NameServer key on Windows.
552 - Modified ares_private.h to include libcurl's memory debug header if
553 CURLDEBUG is set. This makes all the ares-functions supervised properly by
554 the curl test suite. This also forced me to add inclusion of the
555 ares_private.h header in a few more files that are using some kind of
556 memory-related resources.
558 - Made the makefile only build ahost and adig if 'make demos' is used.
561 - Dirk Manske made ares_version.h installed with 'make install'
564 - ares_free_errmem() is subject for removal, it is simply present for future
565 purposes, and since we removed the extra parameter in strerror() it won't
567 - configure --enable-debug now enables picky compiler options if gcc is used
568 - fixed several compiler warnings --enable-debug showed and Joerg Mueller-Tolk
571 Version 1.0.0 (February 3, 2004)
574 - now we produce the libcares.a library instead of the previous libares.a
575 since we are no longer compatible
579 - ares_strerror() has one argument less. This is the first official
580 modification of the existing provided ares API.
584 - Dirk Manske fixed how the socket is set non-blocking.
588 - Dominick Meglio made the private gettimeofday() become ares_gettimeofday()
589 instead in order to not pollute the name space and risk colliding with
590 other libraries' versions of this function.
592 * October 24, 2003. Daniel Stenberg
594 Added ares_version().
596 Version 1.0-pre1 (8 October 2003)
598 - James Bursa made it run on RISC OS
600 - Dominick Meglio made it run fine on NT4
602 - Duncan Wilcox made it work fine on Mac OS X
604 - Daniel Stenberg adjusted the windows port
606 - liren at vivisimo.com made the initial windows port
608 * Imported the sources from ares 1.1.1