- Changelog for the c-ares project
+This file no longer holds the changelog. Now you can generate it yourself
+like this:
-* September 22 2007 (Daniel Stenberg)
+ $ git log --pretty=fuller --no-color --date=short --decorate=full -1000 |
+ ./git2changes.pl
-- Brad House provided a fix for ares_save_options():
-
- Apparently I overlooked something with the ares_save_options() where it
- would try to do a malloc(0) when no options of that type needed to be saved.
- On most platforms, this was fine because malloc(0) doesn't actually return
- NULL, but on AIX it does, so ares_save_options would return ARES_ENOMEM.
-
-* July 14 2007 (Daniel Stenberg)
-
-- Vlad Dinulescu fixed two outstanding valgrind reports:
-
- 1. In ares_query.c , in find_query_by_id we compare q->qid (which is a short
- int variable) with qid, which is declared as an int variable. Moreover,
- DNS_HEADER_SET_QID is used to set the value of qid, but DNS_HEADER_SET_QID
- sets only the first two bytes of qid. I think that qid should be declared as
- "unsigned short" in this function.
-
- 2. The same problem occurs in ares_process.c, process_answer() . query->qid
- (an unsigned short integer variable) is compared with id, which is an
- integer variable. Moreover, id is initialized from DNS_HEADER_QID which sets
- only the first two bytes of id. I think that the id variable should be
- declared as "unsigned short" in this function.
-
- Even after declaring these variables as "unsigned short", the valgrind
- errors are still there. Which brings us to the third problem.
-
- 3. The third problem is that Valgrind assumes that query->qid is not
- initialised correctly. And it does that because query->qid is set from
- DNS_HEADER_QID(qbuf); Valgrind says that qbuf has unitialised bytes. And
- qbuf has uninitialised bytes because of channel->next_id . And next_id is
- set by ares_init.c:ares__generate_new_id() . I found that putting short r=0
- in this function (instead of short r) makes all Valgrind warnings go away.
- I have studied ares__rc4() too, and this is the offending line:
-
- buffer_ptr[counter] ^= state[xorIndex]; (ares_query.c:62)
-
- This is what triggers Valgrind.. buffer_ptr is unitialised in this function,
- and by applying ^= on it, it remains unitialised.
-
-Version 1.4.0 (June 8, 2007)
-
-* June 4 2007 (Daniel Stenberg)
-
-- James Bursa reported a major memory problem when resolving multi-IP names
- and I found and fixed the problem. It was added by Ashish Sharma's patch
- two days ago.
-
- When I then tried to verify multiple entries in /etc/hosts after my fix, I
- got another segfault and decided this code was not ripe for inclusion and I
- reverted the patch.
-
-* June 2 2007
-
-- Brad Spencer found and fixed three flaws in the code, found with the new
- gcc 4.2.0 warning: -Waddress
-
-- Brad House fixed VS2005 compiler warnings due to time_t being 64bit.
- He also made recent Microsoft compilers use _strdup() instead of strdup().
-
-- Brad House's man pages for ares_save_options() and ares_destroy_options()
- were added.
-
-- Ashish Sharma provided a patch for supporting multiple entries in the
- /etc/hosts file. Patch edited for coding style and functionality by me
- (Daniel).
-
-* May 30 2007
-
-- Shmulik Regev brought cryptographically secure transaction IDs:
-
- The c-ares library implementation uses a DNS "Transaction ID" field that is
- seeded with a pseudo random number (based on gettimeofday) which is
- incremented (++) between consecutive calls and is therefore rather
- predictable. In general, predictability of DNS Transaction ID is a well
- known security problem (e.g.
- http://bak.spc.org/dms/archive/dns_id_attack.txt) and makes a c-ares based
- implementation vulnerable to DNS poisoning. Credit goes to Amit Klein
- (Trusteer) for identifying this problem.
-
- The patch I wrote changes the implementation to use a more secure way of
- generating unique IDs. It starts by obtaining a key with reasonable entropy
- which is used with an RC4 stream to generate the cryptographically secure
- transaction IDs.
-
- Note that the key generation code (in ares_init:randomize_key) has two
- versions, the Windows specific one uses a cryptographically safe function
- provided (but undocumented :) by the operating system (described at
- http://blogs.msdn.com/michael_howard/archive/2005/01/14/353379.aspx). The
- default implementation is a bit naive and uses the standard 'rand'
- function. Surely a better way to generate random keys exists for other
- platforms.
-
- The patch can be tested by using the adig utility and using the '-s' option.
-
-- Brad House added ares_save_options() and ares_destroy_options() that can be
- used to keep options for later re-usal when ares_init_options() is used.
-
- Problem: Calling ares_init() for each lookup can be unnecessarily resource
- intensive. On windows, it must LoadLibrary() or search the registry
- on each call to ares_init(). On unix, it must read and parse
- multiple files to obtain the necessary configuration information. In
- a single-threaded environment, it would make sense to only
- ares_init() once, but in a heavily multi-threaded environment, it is
- undesirable to ares_init() and ares_destroy() for each thread created
- and track that.
-
- Solution: Create ares_save_options() and ares_destroy_options() functions to
- retrieve and free options obtained from an initialized channel. The
- options populated can be used to pass back into ares_init_options(),
- it should populate all needed fields and not retrieve any information
- from the system. Probably wise to destroy the cache every minute or
- so to prevent the data from becoming stale.
-
-- Daniel S added ares_process_fd() to allow applications to ask for processing
- on specific sockets and thus avoiding select() and associated
- functions/macros. This function will be used by upcoming libcurl releases
- for this very reason. It also made me export the ares_socket_t type in the
- public ares.h header file, since ares_process_fd() uses that type for two of
- the arguments.
-
-* May 25 2007
-
-- Ravi Pratap fixed a flaw in the init_by_resolv_conf() function for windows
- that could cause it to return a bad return code.
-
-* April 16 2007
-
-- Yang Tse: Provide ares_getopt() command-line parser function as a source
- code helper function, not belonging to the actual c-ares library.
-
-* February 19 2007
-
-- Vlad Dinulescu added ares_parse_ns_reply().
-
-* February 13 2007
-
-- Yang Tse: Fix failure to get the search sequence of /etc/hosts and
- DNS from /etc/nsswitch.conf, /etc/host.conf or /etc/svc.conf when
- /etc/resolv.conf did not exist or was unable to read it.
-
-* November 22 2006
-
-- Install ares_dns.h too
-
-- Michael Wallner fixed this problem: When I set domains in the options
- struct, and there are domain/search entries in /etc/resolv.conf, the domains
- of the options struct will be overridden.
-
-* November 6 2006
-
-- Yang Tse removed a couple of potential zero size memory allocations.
-
-- Andreas Rieke fixed the line endings in the areslib.dsp file that I (Daniel)
- broke in the 1.3.2 release. We should switch to a system where that file is
- auto-generated. We could rip some code for that from curl...
-
-Version 1.3.2 (November 3, 2006)
-
-* October 12 2006
-
-- Prevent ares_getsock() to overflow if more than 16 sockets are used.
-
-* September 11 2006
-
-- Guilherme Balena Versiani: I noted a strange BUG in Win32 port
- (ares_init.c/get_iphlpapi_dns_info() function): when I disable the network
- by hand or disconnect the network cable in Windows 2000 or Windows XP, my
- application gets 127.0.0.1 as the only name server. The problem comes from
- 'GetNetworkParams' function, that returns the empty string "" as the only
- name server in that case. Moreover, the Windows implementation of
- inet_addr() returns INADDR_LOOPBACK instead of INADDR_NONE.
-
-* August 29 2006
-
-- Brad Spencer did
-
- o made ares_version.h use extern "C" for c++ compilers
- o fixed compiler warnings in ares_getnameinfo.c
- o fixed a buffer position init for TCP reads
-
-* August 3 2006
-
-- Ravi Pratap fixed ares_getsock() to actually return the proper bitmap and
- not always zero!
-
-Version 1.3.1 (June 24, 2006)
-
-* July 23, 2006
-
-- Gisle Vanem added getopt() to the ahost program. Currently accepts
- only [-t {a|aaaa}] to specify address family in ares_gethostbyname().
-
-* June 19, 2006
-
-- (wahern) Removed "big endian" DNS section and RR data integer parser
- macros from ares_dns.h, which break c-ares on my Sparc64. Bit-wise
- operations in C operate on logical values. And in any event the octets are
- already in big-endian (aka network) byte order so they're being reversed
- (thus the source of the breakage).
-
-* June 18, 2006
-
-- William Ahern handles EAGAIN/EWOULDBLOCK errors in most of the I/O calls
- from area_process.c.
-
- TODO: Handle one last EAGAIN for a UDP socket send(2) in
- ares__send_query().
-
-* May 10, 2006
-
-- Bram Matthys brought my attention to a libtool peculiarity where detecting
- things such as C++ compiler actually is a bad thing and since we don't need
- that detection I added a work-around, much inspired by a previous patch by
- Paolo Bonzini. This also shortens the configure script quite a lot.
-
-* May 3, 2006
-
-- Nick Mathewson added the ARES_OPT_SOCK_STATE_CB option that when set makes
- c-ares call a callback on socket state changes. A better way than the
- ares_getsock() to get full control over the socket state.
-
-* January 9, 2006
-
-- Alexander Lazic improved the getservbyport_r() configure check.
-
-* January 6, 2006
-
-- Alexander Lazic pointed out that the buildconf should use the ACLOCAL_FLAGS
- variable for easier controlling what it does and how it runs.
-
-* January 5, 2006
-
-- James Bursa fixed c-ares to find the hosts file on RISC OS, and made it
- build with newer gcc versions that no longer defines "riscos".
-
-* December 22
-
-- Daniel Stenberg added ares_getsock() that extracts the set of sockets to
- wait for action on. Similar to ares_fds() but not restricted to using
- select() for the waiting.
-
-* November 25
-
-- Yang Tse fixed some send() / recv() compiler warnings
-
-* September 18
-
-- Added constants that will be used by ares_getaddrinfo
-
-- Made ares_getnameinfo use the reentrant getservbyport (getservbyport_r) if it
- is available to ensure it works properly in a threaded environment.
-
-* September 10
-
-- configure fix for detecting a member in the sockaddr_in6 struct which failed
- on ipv6-enabled HP-UX 11.00
-
-Version 1.3.0 (August 29, 2005)
-
-* August 21
-
-- Alfredo Tupone provided a fix for the Windows code in get_iphlpapi_dns_info()
- when getting the DNS server etc.
-
-* June 19
-
-- Added some checks for the addrinfo structure.
-
-* June 2
-
-- William Ahern:
-
- Make UDP sockets non-blocking. I've confirmed that at least on Linux 2.4 a
- read event can come back from poll() on a valid SOCK_DGRAM socket but
- recv(2) will still block. This patch doesn't ignore EAGAIN in
- read_udp_packets(), though maybe it should. (This patch was edited by Daniel
- Stenberg and a new configure test was added (imported from curl's configure)
- to properly detect what non-blocking socket approach to use.)
-
- I'm not quite sure how this was happening, but I've been seeing PTR queries
- which seem to return empty responses. At least, they were empty when calling
- ares_expand_name() on the record. Here's a patch which guarantees to
- NUL-terminate the expanded name. The old behavior failed to NUL-terminate if
- len was 0, and this was causing strlen() to run past the end of the buffer
- after calling ares_expand_name() and getting ARES_SUCCESS as the return
- value. If q is not greater than *s then it's equal and *s is always
- allocated with at least one byte.
-
-* May 16
-
-- Added ares_getnameinfo which mimics the getnameinfo API (another feature
- that could use testing).
-
-* May 14
-
-- Added an inet_ntop function from BIND for systems that do not have it.
-
-* April 9
-
-- Made sortlist support IPv6 (this can probably use some testing).
-
-- Made sortlist support CIDR matching for IPv4.
-
-* April 8
-
-- Added preliminary IPv6 support to ares_gethostbyname. Currently, sortlist
- does not work with IPv6. Also provided an implementation of bitncmp from
- BIND for systems that do not supply this function. This will be used to add
- IPv6 support to sortlist.
-
-- Made ares_gethostbyaddr support IPv6 by specifying AF_INET6 as the family.
- The function can lookup IPv6 addresses both from files (/etc/hosts) and
- DNS lookups.
-
-* April 7
-
-- Tupone Alfredo fixed includes of arpa/nameser_compat.h to build fine on Mac
- OS X.
-
-* April 5
-
-- Dominick Meglio: Provided implementations of inet_net_pton and inet_pton
- from BIND for systems that do not include these functions.
-
-* March 11, 2005
-
-- Dominick Meglio added ares_parse_aaaa_reply.c and did various
- adjustments. The first little steps towards IPv6 support!
-
-* November 7
-
-- Fixed the VC project and makefile to use ares_cancel and ares_version
-
-* October 24
-
-- The released ares_version.h from 1.2.1 says 1.2.0 due to a maketgz flaw.
- This is now fixed.
-
-Version 1.2.1 (October 20, 2004)
-
-* September 29
-
-- Henrik Stoerner fix: got a report that Tru64 Unix (the unix from Digital
- when they made Alpha's) uses /etc/svc.conf for the purpose fixed below for
- other OSes. He made c-ares check for and understand it if present.
-
-- Now c-ares will use local host name lookup _before_ DNS resolving by default
- if nothing else is told.
-
-* September 26
-
-- Henrik Stoerner: found out that c-ares does not look at the /etc/host.conf
- file to determine the sequence in which to search /etc/hosts and DNS. So on
- systems where this order is defined by /etc/host.conf instead of a "lookup"
- entry in /etc/resolv.conf, c-ares will always default to looking in DNS
- first, and /etc/hosts second.
-
- c-ares now looks at
-
- 1) resolv.conf (for the "lookup" line);
- 2) nsswitch.fon (for the "hosts:" line);
- 3) host.conf (for the "order" line).
-
- First match wins.
-
-- Dominick Meglio patched: C-ares on Windows assumed that the HOSTS file is
- located in a static location. It assumed
- C:\Windows\System32\Drivers\Etc. This is a poor assumption to make. In fact,
- the location of the HOSTS file can be changed via a registry setting.
-
- There is a key called DatabasePath which specifies the path to the HOSTS
- file:
- http://www.microsoft.com/technet/itsolutions/network/deploy/depovg/tcpip2k.mspx
-
- The patch will make c-ares correctly consult the registry for the location
- of this file.
-
-* August 29
-
-- Gisle Vanem fixed the MSVC build files.
-
-* August 20
-
-- Gisle Vanem made c-ares build and work with his Watt-32 TCP/IP stack.
-
-* August 13
-
-- Harshal Pradhan made a minor syntax change in ares_init.c to make it build
- fine with MSVC 7.1
-
-* July 24
-
-- Made the lib get built static only if --enable-debug is used.
-
-- Gisle Vanem fixed:
-
- Basically in loops like handle_errors(), 'query->next' was assigned a local
- variable and then query was referenced after the memory was freed by
- next_server(). I've changed that so next_server() and end_query() returns
- the next query. So callers should use this ret-value.
-
- The next problem was that 'server->tcp_buffer_pos' had a random value at
- entry to 1st recv() (luckily causing Winsock to return ENOBUFS).
-
- I've also added a ares_writev() for Windows to streamline the code a bit
- more.
-
-* July 20
-- Fixed a few variable return types for some system calls. Made configure
- check for ssize_t to make it possible to use that when receiving the send()
- error code. This is necessary to prevent compiler warnings on some systems.
-
-- Made configure create config.h, and all source files now include setup.h that
- might include the proper config.h (or a handicrafted alternative).
-
-- Switched to 'ares_socket_t' type for sockets in ares, since Windows don't
- use 'int' for that.
-
-- automake-ified and libool-ified c-ares. Now it builds libcares as a shared
- lib on most platforms if wanted. (This bloated the size of the release
- archive with another 200K!)
-
-- Makefile.am now uses Makefile.inc for the c sources, h headers and man
- pages, to make it easier for other makefiles to use the exact same set of
- files.
-
-- Adjusted 'maketgz' to use the new automake magic when building distribution
- archives.
-
-- Anyone desires HTML and/or PDF versions of the man pages in the release
- archives?
-
-* July 3
-- Günter Knauf made c-ares build and run on Novell Netware.
-
-* July 1
-- Gisle Vanem provided Makefile.dj to build with djgpp, added a few more djgpp
- fixes and made ares not use 'errno' to provide further info on Windows.
-
-* June 30
-- Gisle Vanem made it build with djgpp and run fine with the Watt-32 stack.
-
-* June 10
-- Gisle Vanem's init patch for Windows:
-
- The init_by_resolv_conf() function fetches the DNS-server(s)
- from a series of registry branches.
-
- This can be wrong in the case where DHCP has assigned nameservers, but the
- user has overridden these servers with other prefered settings. Then it's
- wrong to use the DHCPNAMESERVER setting in registry.
-
- In the case of no global DHCP-assigned or fixed servers, but DNS server(s)
- per adapter, one has to query the adapter branches. But how can c-ares know
- which adapter is valid for use? AFAICS it can't. There could be one adapter
- that is down (e.g. a VPN adapter).
-
- So it's better to leave this to the IP Helper API (iphlapi) available in
- Win-98/2000 and later. My patch falls-back to the old way if not available.
-
-* June 8
-- James Bursa fixed an init issue for RISC OS.
-
-* May 11
-- Nico Stappenbelt reported that when processing domain and search lines in
- the resolv.conf file, the first entry encountered is processed and used as
- the search list. According to the manual pages for both Linux, Solaris and
- Tru64, the last entry of either a domain or a search field is used.
-
- This is now adjusted in the code
-
-Version 1.2.0 (April 13, 2004)
-
-* April 2, 2004
-- Updated various man pages to look nicer when converted to HTML on the web
- site.
-
-* April 1, 2004
-- Dirk Manske provided a new function that is now named ares_cancel(). It is
- used to cancel/cleanup a resolve/request made using ares functions on the
- given ares channel. It does not destroy/kill the ares channel itself.
-
-- Dominick Meglio cleaned up the formatting in several man pages.
-
-* March 30, 2004
-- Dominick Meglio's new ares_expand_string. A helper function when decoding
- incoming DNS packages.
-
-- Daniel Stenberg modified the Makefile.in to use a for loop for the man page
- installation to improve overview and make it easier to add man pages.
-
-Version 1.1.0 (March 11, 2004)
-
-* March 9, 2004
-- Gisle Vanem improved build on Windows.
-
-* February 25, 2004
-- Dan Fandrich found a flaw in the Feb 22 fix.
-
-- Added better configure --enable-debug logic (taken from the curl configure
- script). Added acinclude.m4 to the tarball.
-
-* February 23, 2004
-- Removed ares_free_errmem(), the function, the file and the man page. It was
- not used and it did nothing.
-
-- Fixed a lot of code that wasn't "64bit clean" and thus caused a lot of
- compiler warnings on picky compilers.
-
-* February 22, 2004
-- Dominick Meglio made ares init support multiple name servers in the
- NameServer key on Windows.
-
-* February 16, 2004
-- Modified ares_private.h to include libcurl's memory debug header if
- CURLDEBUG is set. This makes all the ares-functions supervised properly by
- the curl test suite. This also forced me to add inclusion of the
- ares_private.h header in a few more files that are using some kind of
- memory-related resources.
-
-- Made the makefile only build ahost and adig if 'make demos' is used.
-
-* February 10, 2004
-- Dirk Manske made ares_version.h installed with 'make install'
-
-* February 4, 2004
-- ares_free_errmem() is subject for removal, it is simply present for future
- purposes, and since we removed the extra parameter in strerror() it won't
- be used by c-ares!
-- configure --enable-debug now enables picky compiler options if gcc is used
-- fixed several compiler warnings --enable-debug showed and Joerg Mueller-Tolk
- reported
-
-Version 1.0.0 (February 3, 2004)
-
-* February 3, 2004
-- now we produce the libcares.a library instead of the previous libares.a
- since we are no longer compatible
-
-* February 2, 2004
-
-- ares_strerror() has one argument less. This is the first official
- modification of the existing provided ares API.
-
-* January 29, 2004
-
-- Dirk Manske fixed how the socket is set non-blocking.
-
-* January 4, 2004
-
-- Dominick Meglio made the private gettimeofday() become ares_gettimeofday()
- instead in order to not pollute the name space and risk colliding with
- other libraries' versions of this function.
-
-* October 24, 2003. Daniel Stenberg
-
- Added ares_version().
-
-Version 1.0-pre1 (8 October 2003)
-
-- James Bursa made it run on RISC OS
-
-- Dominick Meglio made it run fine on NT4
-
-- Duncan Wilcox made it work fine on Mac OS X
-
-- Daniel Stenberg adjusted the windows port
-
-- liren at vivisimo.com made the initial windows port
-
-* Imported the sources from ares 1.1.1
+The older, manually edited, changelog is found in git named CHANGES.0