diff options
Diffstat (limited to 'CHANGES')
| -rw-r--r-- | CHANGES | 580 |
1 files changed, 351 insertions, 229 deletions
@@ -1,5 +1,356 @@ Changelog for the c-ares project. Generated with git2changes.pl +Version 1.12.0 (29 Sep 2016) + +Daniel Stenberg (29 Sep 2016) +- RELEASE-NOTES: 1.12.0 + +- [David Drysdale brought this change] + + ares-test-misc: test ares_create_query with escaped trailing dot + +- ares_create_query: avoid single-byte buffer overwrite + + ... when the name ends with an escaped dot. + + CVE-2016-5180 + + Bug: https://c-ares.haxx.se/adv_20160929.html + +- ares_library_initialized.3: added + +- make: bump CARES_VERSION_INFO for release + +David Drysdale (29 Sep 2016) +- man: update ares_init_options.3 + +Daniel Stenberg (29 Sep 2016) +- ares_library_init.3: corrected the ares_library_init_mem proto + +- README.md: remove space from link + +- README: link to the correct c-ares badge! + + Reported-by: David Hotham + + Fixes #63 + +- docs: minor formatting edits + +- ares_destroy.3: formatting polish + +- ares_init.3: split the init docs into two separate man pages + +- SECURITY: point to the vulnerabilities page now + +- RELEASE-NOTES: synced with daa7235b1a5 + +- ares_create_query.3: edit language + + Tried to make the man page more readable. + +David Drysdale (26 Sep 2016) +- test: fix gMock to work with gcc >= 6.x + + Taken from: + https://github.com/google/googletest/issues/705#issuecomment-235067917 + +Daniel Stenberg (26 Sep 2016) +- [Brad House brought this change] + + headers: remove checks for and defines of variable sizes + + ... they're not really used and by avoiding them in the ares_build.h + output we make the public header less dependent on data sizes. + +David Drysdale (24 Sep 2016) +- api: add ARES_OPT_NOROTATE optmask value + + Fix up a couple of problems with configuring whether c-ares rotates + between different name servers between requests. + + Firstly, ares_save_options() returns (in *optmask) the value of + (channel->optmask & ARES_OPT_ROTATE), which doesn't necessarily + indicate whether the channel is or is not actually doing rotation. + This can be confusing/incorrect if: + - the channel was originally configured without ARES_OPT_ROTATE + (so it appears that the channel is not rotating) + - the /etc/resolv.conf file includes the 'rotate' option + (so the channel is actually performing rotation). + + Secondly, it is not possible to reliably configure a channel + to not-rotate; leaving off ARES_OPT_ROTATE is not enough, since + a 'rotate' option in /etc/resolv.conf will turn it on again. + + Therefore: + - add an ARES_OPT_NOROTATE optmask value to allow explicit + configuration of no-rotate behaviour + - in ares_save_options(), report the value of channel->rotate + as exactly one of (optmask & ARES_OPT_ROTATE) or + (optmask & ARES_OPT_NOROTATE). + + In terms of back-compatibility: + - existing apps that set ARES_OPT_ROTATE will continue to rotate, + and to have ARES_OPT_ROTATE reported back from ares_save_options() + - existing apps that don't set ARES_OPT_ROTATE will continue to + use local config/defaults to decide whether to rotate, and will + now get ARES_OPT_ROTATE or ARES_OPT_NOROTATE reported back from + ares_save_options() rather than 0. + +- ares_init_options: only propagate init failures from options + + Commit 46bb820be3a8 ("ares_init_options: don't lose init failure") + changed init behaviour so that earlier errors in initialization + weren't lost. In particular, if the user passes in specific + options but they are not applied (e.g. because of an allocation + failure), that failure needs to be reported back to the user; this + also applies when duplicating a channel with ares_dup(). + + However, other initialization failures can be ignored and + overridden -- in particular, if init_by_resolv_conf() or + init_by_environment() fail, then falling back to default values + is OK. + + So only preserve failures from the init_by_options() stage, not + from all initialization stages. + + Fixes issue 60. + +- test: Force reinstall of libtool on OSX + + Travis build environment appears to have changed. + +- test: Add valgrind build variant + +- test: Add null pointer to gtest args + + GoogleTest assumes that there is a null pointer in argv[argc], + so make it look like that. Without this change, tests run with + command-line arguments get memory errors under valgrind/ASAN. + +Daniel Stenberg (21 Aug 2016) +- AUTHOR: maybe gitgub isn't really an author =) + +- AUTHORS: added contributors from the git log + +- LICENSE.md: add a stand-alone license file + + Just the MIT license used in the top the source files moved out to a + stand-alone file for easier reference and discovery. + +- README: added "CII best practices" badge + +- SECURITY.md: suggested "security process" for the project + +David Drysdale (17 Aug 2016) +- test: Add Clang static analysis build to Travis + + Run scan-build over the library source code, but skip the + tests. Needs a later Clang install in Travis + +- test: more info on how to run fuzz testing + +- test: make fuzzer driver code C not C++ + +- test: fuzzer mode for AFL's persistent mode + + When fuzzing with AFL, if the LLVM-based instrumentation is + used (via the afl-clang-fast wrapper), then it is possible to + have a single execution of the fuzzer program iterate multiple + times over the fuzzing entrypoint (similar to libFuzzer's normal + mode of execution) with different data. This is much (e.g. 10x) + faster. + + Add code to support this, by checking whether __AFL_LOOP is + defined at compile-time. + + Also, shift the code to effectively be C rather than C++. + +- test: simplify deps for fuzzer entrypoint + + No need to depend on the rest of the test code (ares-test.h) for + the fuzzer entrypoint; this makes the entrypoint slightly simpler + to build with LLVM's libFuzzer. + + Also shift the code to effectively be C rather than C++ + +- test: disable MinGW tests + + The test binary built in the MinGW build is failing for some + reason. It works for me when I build locally, so I'm guessing + it's down to some sort of AppVeyor environment issue. + + Disable for now. + +Daniel Stenberg (16 Aug 2016) +- read_tcp_data: remove superfluous NULL check + + CID 56884 by Coverity. The pointer is already derefenced before this + point so it can't be NULL here anyway. + +- web: http => https + +GitHub (20 Jul 2016) +- [David Drysdale brought this change] + + Merge pull request #59 from fuze/master + + Update msvc_ver.inc for VS2015 Update 3 + +- [Chris Araman brought this change] + + Update msvc_ver.inc + + support Visual Studio 2015 Update 3 + +David Drysdale (2 May 2016) +- Fix trailing comment for #endif + +Daniel Stenberg (30 Apr 2016) +- email: use Gisle's "new" address + +David Drysdale (18 Apr 2016) +- test: drop superfluous fuzz inputs + + Where there are multiple fuzz input files that only differ in + the first two bytes (the query ID), just keep the first such + file. + +svante karlsson (15 Apr 2016) +- Update msvc_ver.inc + + support Visual Studio 2015 Update 2 + +David Drysdale (31 Mar 2016) +- test: Run fuzzcheck.sh in Travis build + +- test: add fuzzing check script to tests + + Add a test script that runs the fuzzing command over the + corpus of DNS packets. This doesn't actually do any fuzzing + (it just runs them as inputs without generating any variations) + but it does ensure that the fuzzing entrypoint is still working. + +- test: allow multiple files in aresfuzz command line + + If no arguments are specified, use stdin as input. + Otherwise treat each argument as a filename and feed + its contents to the fuzz entrypoint. + +- test: Add corpus of DNS packets + + For fuzz testing it is useful to start from a corpus of valid + packets, so fill out the test/fuzzinput/ directory with a bunch + of inputs. + + These packets were generated by temporarily modifying the c-ares + process_answer() function to save off any incoming response messages. + +- test: Add utility to show DNS packet from file + +- [nordsturm brought this change] + + Fix nsort initialization + + Author: Alexander Drachevskiy + http://c-ares.haxx.se/mail/c-ares-archive-2014-07/0004.shtml + http://c-ares.haxx.se/mail/c-ares-archive-2014-07/0014.shtml + +- test: Check setting nsort=0 option is respected + +- test: Update fuzzing function prototype + + libFuzzer changed expected return type from void to int + in LLVM 3.8. + +- Explicitly clear struct servent before use + + On a build where MSAN has been manually set up (which involves + using an MSAN-instrumented version of the standard C++ library, see + https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo) + there's a warning about use of uninitialized memory here. It + might be a false positive, but the fix is trivial so include it. + +- test: for AF_UNSPEC, return CNAME only for AAAA, but valid A record + + Also shuffle expected responses rsp6/rsp4 into the order they will occur. + +- [Chris Araman brought this change] + + msvc_ver.inc: support Visual Studio 2015 Update 1 + +- build: commonize MSVC version detection + + Remove the need to copy/paste version number mapping between + Makefile.msvc and test/Makefile.msvc. + +- test: Use different name in live test + +- test: Only pass unused args to GoogleTest + +- ahost.c: add cast to fix C++ compile + + If ahost.c is force-compiled as C++ the missing cast from + (void *) to (char **) is problematic. + +- ares_library_cleanup: reset ares_realloc too + + Otherwise a subsequent use of the library might use a previous + incarnation's realloc() implementation. + +Daniel Stenberg (9 Mar 2016) +- [Brad House brought this change] + + configure: check if tests can get built before enabled + + The current approach for disabling tests is not a good solution because + it forces you to pass --disable-tests, rather than auto-detect if your + system can support the tests in the first place. Many (most?) systems + do not have C++11. This also causes issues when chain-building c-ares, + the hosting system needs to be updated to support passing this + additional flag if necessary, it doesn't seem reasonable to add this + requirement which breaks compatibility. + + This change auto-detects if the system can build the tests and + automatically disable them if it cannot. If you pass --enable-tests to + configure and the system cannot build them either due to lack of system + support, or because cross-compilation is being used, it will throw an + appropriate error since the user indicated they really did want the + tests. + +David Drysdale (3 Mar 2016) +- [Viktor Szakats brought this change] + + Makefile.m32: add support for CROSSPREFIX + +- [Viktor Szakats brought this change] + + Makefile.m32: add support for extra flags + + Allow specification of CARES_{LD,C}FLAG_EXTRAS envvars + for mingw + +- test: Build with MinGW on AppVeyor + +- test: avoid in6addr_* constants + + These aren't available on MinGW, so use explicit addresses instead. + +- test: add missing #includes for dns-proto.cc + +- [Gregor Jasny brought this change] + + Fix man page typos detected by Lintian + +Daniel Stenberg (19 Feb 2016) +- configure: acknowledge --disable-tests + + Fixes #44 + +- AUTHORS: added contributors from the 1.11.0 release + +- bump: start working on the next version + Version 1.11.0 (19 Feb 2016) Daniel Stenberg (19 Feb 2016) @@ -3615,232 +3966,3 @@ Yang Tse (4 Aug 2008) that other package's underquoted m4 function definitions have on ours. - Add a 3 argument check for getprotobyname_r - -- move reentrant.m4 to the m4 subdirectory to avoid infinite loop inclusion problem - -- add checks for strtok_r and getprotobyname_r - -- Another step towards detecting if _REENTRANT is already defined or actually - needed, and being able to define it if appropriate for further configure tests - as well as for the generated config file. - - Introduced reentrant.m4 intended for our reentrant related autotools/m4 macros. - -- reorder argument number detection for getservbyport_r to - actually verify if the test is properly working - -- Make sure that configure process tests are done with the same _REENTRANT - setting as the one actually used when finally building the library. - -- Change recvfrom's sixth argument data type to the 'historically standard' 'int' - data type for systems where this sixth argument is prototyped as a void pointer. - - Start of thread: http://curl.haxx.se/mail/lib-2008-07/0153.html - -- use prototypes to improve getservbyport_r detection - -- Adjust recvfrom's sixth arg data type definition for NetWare (LIBC) - -- Use the sreadfrom() wrapper to replace recvfrom() in our code. - -- when recvfrom prototype uses a void pointer for arguments 2, 5 or 6 this will - now cause the definition of RECVFROM_TYPE_ARG2_IS_VOID, RECVFROM_TYPE_ARG5_IS_VOID - or RECVFROM_TYPE_ARG6_IS_VOID, as appropriate. - -- Adjust DEC/Compaq C compiler settings - -- Added "pointer to void" as another data type to check for the sixth argument of - function recvfrom as a result of the info additionally logged when running on a - Solaris system. - - The compiler error showed that the prototype being used on Solaris was the one - declared in line 427 of "/usr/include/sys/socket.h" as: - - function(int, - pointer to void, - unsigned int, - int, - pointer to struct sockaddr, - pointer to void) returning int - -- Adjust DEC/Compaq C compiler settings - -- RECVFROM_TYPE_ARG2, RECVFROM_TYPE_ARG5 and RECVFROM_TYPE_ARG6 are now defined - to the data type pointed by its respective argument and not the pointer type. - -- Configure process now checks availability of recvfrom() socket function and - finds out its return type and the types of its arguments. Added definitions - for non-configure systems config files, and introduced macro sreadfrom which - will be used on udp sockets as a recvfrom() wrapper. - -- Initial DEC/Compaq C compiler detection and flags - -- Improved configure detection of number of arguments for getservbyport_r - -- Allow --enable-largefile and --disable-largefile configurations. - Configure process no longer needs nor checks size of curl_off_t. - Library will now be built with _REENTRANT symbol defined. - -- fix compiler warning - -- since Jun 30 2008 MAXHOSTNAMELEN define is no longer used - -- fix c-ares version reported in generated libcares.pc file when building - from CVS tree. - -- egrep and ar are also mandatory - -Daniel Stenberg (3 Jul 2008) -- just to clarify that c-ares actually have some ipv6 support - -- ares_gethostbyname() fallback from AAA to A records with CNAME present - -- - Phil Blundell: If you ask ares_gethostbyname() to do an AF_INET6 lookup and - the target host has only A records, it automatically falls back to an - AF_INET lookup and gives you the A results. However, if the target host has - a CNAME record, this behaviour is defeated since the original query does - return some data even though ares_parse_aaa_reply() doesn't consider it - relevant. Here's a small patch to make it behave the same with and without - the CNAME. - -Yang Tse (2 Jul 2008) -- The configure process will now halt when sed or grep are unavailable - -- fallback to gettimeofday when monotonic clock is unavailable at run-time - -- IBM C/C++ compiler predefined macro check - -- set earlier in configure process IBM compilers optimization flags - -- make check message wording more precise - -Daniel Stenberg (30 Jun 2008) -- - As was pointed out to me by Andreas Schuldei, the MAXHOSTNAMELEN define is - not posix or anything and thus c-ares failed to build on hurd (and possibly - elsewhere). The define was also somewhat artificially used in the windows - port. Now, I instead rewrote the use of gethostbyname to enlarge the host - name buffer in case of need and totally avoid the use of the MAXHOSTNAMELEN - define. I thus also removed the defien from the namser.h file where it was - once added for the windows build. - - I also fixed init_by_defaults() function to not leak memory in case if - error. - -Yang Tse (29 Jun 2008) -- fix C style comment - -- John Lightsey filed bug report #1999181: "CLOCK_MONOTONIC always fails on - some systems" (http://curl.haxx.se/bug/view.cgi?id=1999181). The problem was - that the configure script did not use the _POSIX_MONOTONIC_CLOCK feature test - macro when checking monotonic clock availability. This is now fixed and the - monotonic clock will not be used unless the feature test macro is defined - with a value greater than zero indicating always supported. - -- Modified configuration script to actually verify if the compiler is good - enough at detecting compilation errors or at least it has been properly - configured to do so. Configuration heavily depends on this capability, so - if this compiler sanity check fails the configuration process will now fail. - -- No longer break out of a shell "for" statement from inside - AC_FOO_IFELSE macros, otherwise temp files are not removed. - - Identation adjustment. - -Gunter Knauf (11 Jun 2008) -- enable additional CFLAGS from commandline. - -Yang Tse (9 Jun 2008) -- fix pkg-config reporting of private libraries needed for static linking - -- MSVC does build Windows native targets - -- Brad House fixed a missing header file inclusion in adig sample program - -Daniel Stenberg (29 May 2008) -- start working on 1.5.3 - -Version 1.5.2 (29 May 2008) - -Daniel Stenberg (29 May 2008) -- 1.5.2 - -Yang Tse (26 May 2008) -- fix compiler warning: unreferenced formal parameter - -Daniel Stenberg (23 May 2008) -- list all local sources the (demo) tools need, add a few missing scripts to - the dist tarball and remove a two duplicate file names from EXTRA_DIST - (most of it pointed out by Yang Tse) - -- this is not used (anymore) - -- make sure the configure.ac file with the correct version number is shipped - in the tarball - -Yang Tse (22 May 2008) -- MSVC6+ clean-up targets must also remove acountry.exe - -- sync with reality - -- fix: [action-if-found] part of AC_CHECK_TYPE macro cannot be quoted when empty - -- fix: remove need and definition of HAVE_SOCKLEN_T symbol - -- fix: socklen_t definition comment - -- update several macros using AC_TRY_LINK with AC_LINK_IFELSE - -- fix underquoting of AC_LANG_PROGRAM arguments - -- if'def out private function ares__tvdiff(), it is not in use yet. - -- update several macros using AC_TRY_LINK with AC_LINK_IFELSE - -- fix socklen_t equivalent detection when cross compiling Windows target - -- if WINSOCK2 API is used link with 'ws2_32', else - - if WINSOCK API is used under WinCE link with 'winsock', else - - if WINSOCK API is used link with 'wsock32'. - -- on winsock systems linking is done using library 'ws2_32' when - winsock2.h is available, and library 'winsock' is used when only - winsock.h is available. - -- minor change for wince-cegcc and wince-mingw32ce support - -- millisecond resolution support followup - -Gisle Vanem (15 May 2008) -- Replaced "-DHAVE_FIONBIO" with "-DHAVE_IOCTLSOCKET". - Added "-DHAVE_GETTIMEOFDAY". Trimmed lines. - -Yang Tse (15 May 2008) -- sync with reality - -- remove compilation time generated files - -- use same time source for timeout initialization and processing - -- Improve toolchain detection for WinCE cross compilation: - - When cross compiling WinCE with the arm-wince-cegcc-gcc C compiler - symbol __CEGCC__ is defined and the unix-like compatibility layer - is used. For our purposes this is not a native Windows build. - - When cross compiling WinCE with the arm-wince-mingw32ce-gcc C compiler - symbol __MINGW32CE__ is defined and the unix-like compatibility layer - is not used. For our purposes this _is_ a native Windows build. - -- skip checks for Windows specific header files - when build target is not a native Windows one - -- WinCE cross compilation adjustments: - - HAVE_WINSOCK2_H shall not be defined. - HAVE_WS2TCPIP_H shall not be defined. - -Daniel Stenberg (13 May 2008) -- - Introducing millisecond resolution support for the timeout option. See - ares_init_options()'s ARES_OPT_TIMEOUTMS. |