mirror of
https://github.com/moparisthebest/curl
synced 2024-12-22 16:18:48 -05:00
05b26e7566
something with the ares_save_options() where it would try to do a malloc(0) when no options of that type needed to be saved. On most platforms, this was fine because malloc(0) doesn't actually return NULL, but on AIX it does, so ares_save_options would return ARES_ENOMEM.
576 lines
20 KiB
Plaintext
576 lines
20 KiB
Plaintext
Changelog for the c-ares project
|
||
|
||
* September 22 2007 (Daniel Stenberg)
|
||
|
||
- Brad House provided a fix for ares_save_options():
|
||
|
||
Apparently I overlooked something with the ares_save_options() where it
|
||
would try to do a malloc(0) when no options of that type needed to be saved.
|
||
On most platforms, this was fine because malloc(0) doesn't actually return
|
||
NULL, but on AIX it does, so ares_save_options would return ARES_ENOMEM.
|
||
|
||
* July 14 2007 (Daniel Stenberg)
|
||
|
||
- Vlad Dinulescu fixed two outstanding valgrind reports:
|
||
|
||
1. In ares_query.c , in find_query_by_id we compare q->qid (which is a short
|
||
int variable) with qid, which is declared as an int variable. Moreover,
|
||
DNS_HEADER_SET_QID is used to set the value of qid, but DNS_HEADER_SET_QID
|
||
sets only the first two bytes of qid. I think that qid should be declared as
|
||
"unsigned short" in this function.
|
||
|
||
2. The same problem occurs in ares_process.c, process_answer() . query->qid
|
||
(an unsigned short integer variable) is compared with id, which is an
|
||
integer variable. Moreover, id is initialized from DNS_HEADER_QID which sets
|
||
only the first two bytes of id. I think that the id variable should be
|
||
declared as "unsigned short" in this function.
|
||
|
||
Even after declaring these variables as "unsigned short", the valgrind
|
||
errors are still there. Which brings us to the third problem.
|
||
|
||
3. The third problem is that Valgrind assumes that query->qid is not
|
||
initialised correctly. And it does that because query->qid is set from
|
||
DNS_HEADER_QID(qbuf); Valgrind says that qbuf has unitialised bytes. And
|
||
qbuf has uninitialised bytes because of channel->next_id . And next_id is
|
||
set by ares_init.c:ares__generate_new_id() . I found that putting short r=0
|
||
in this function (instead of short r) makes all Valgrind warnings go away.
|
||
I have studied ares__rc4() too, and this is the offending line:
|
||
|
||
buffer_ptr[counter] ^= state[xorIndex]; (ares_query.c:62)
|
||
|
||
This is what triggers Valgrind.. buffer_ptr is unitialised in this function,
|
||
and by applying ^= on it, it remains unitialised.
|
||
|
||
Version 1.4.0 (June 8, 2007)
|
||
|
||
* June 4 2007 (Daniel Stenberg)
|
||
|
||
- James Bursa reported a major memory problem when resolving multi-IP names
|
||
and I found and fixed the problem. It was added by Ashish Sharma's patch
|
||
two days ago.
|
||
|
||
When I then tried to verify multiple entries in /etc/hosts after my fix, I
|
||
got another segfault and decided this code was not ripe for inclusion and I
|
||
reverted the patch.
|
||
|
||
* June 2 2007
|
||
|
||
- Brad Spencer found and fixed three flaws in the code, found with the new
|
||
gcc 4.2.0 warning: -Waddress
|
||
|
||
- Brad House fixed VS2005 compiler warnings due to time_t being 64bit.
|
||
He also made recent Microsoft compilers use _strdup() instead of strdup().
|
||
|
||
- Brad House's man pages for ares_save_options() and ares_destroy_options()
|
||
were added.
|
||
|
||
- Ashish Sharma provided a patch for supporting multiple entries in the
|
||
/etc/hosts file. Patch edited for coding style and functionality by me
|
||
(Daniel).
|
||
|
||
* May 30 2007
|
||
|
||
- Shmulik Regev brought cryptographically secure transaction IDs:
|
||
|
||
The c-ares library implementation uses a DNS "Transaction ID" field that is
|
||
seeded with a pseudo random number (based on gettimeofday) which is
|
||
incremented (++) between consecutive calls and is therefore rather
|
||
predictable. In general, predictability of DNS Transaction ID is a well
|
||
known security problem (e.g.
|
||
http://bak.spc.org/dms/archive/dns_id_attack.txt) and makes a c-ares based
|
||
implementation vulnerable to DNS poisoning. Credit goes to Amit Klein
|
||
(Trusteer) for identifying this problem.
|
||
|
||
The patch I wrote changes the implementation to use a more secure way of
|
||
generating unique IDs. It starts by obtaining a key with reasonable entropy
|
||
which is used with an RC4 stream to generate the cryptographically secure
|
||
transaction IDs.
|
||
|
||
Note that the key generation code (in ares_init:randomize_key) has two
|
||
versions, the Windows specific one uses a cryptographically safe function
|
||
provided (but undocumented :) by the operating system (described at
|
||
http://blogs.msdn.com/michael_howard/archive/2005/01/14/353379.aspx). The
|
||
default implementation is a bit naive and uses the standard 'rand'
|
||
function. Surely a better way to generate random keys exists for other
|
||
platforms.
|
||
|
||
The patch can be tested by using the adig utility and using the '-s' option.
|
||
|
||
- Brad House added ares_save_options() and ares_destroy_options() that can be
|
||
used to keep options for later re-usal when ares_init_options() is used.
|
||
|
||
Problem: Calling ares_init() for each lookup can be unnecessarily resource
|
||
intensive. On windows, it must LoadLibrary() or search the registry
|
||
on each call to ares_init(). On unix, it must read and parse
|
||
multiple files to obtain the necessary configuration information. In
|
||
a single-threaded environment, it would make sense to only
|
||
ares_init() once, but in a heavily multi-threaded environment, it is
|
||
undesirable to ares_init() and ares_destroy() for each thread created
|
||
and track that.
|
||
|
||
Solution: Create ares_save_options() and ares_destroy_options() functions to
|
||
retrieve and free options obtained from an initialized channel. The
|
||
options populated can be used to pass back into ares_init_options(),
|
||
it should populate all needed fields and not retrieve any information
|
||
from the system. Probably wise to destroy the cache every minute or
|
||
so to prevent the data from becoming stale.
|
||
|
||
- Daniel S added ares_process_fd() to allow applications to ask for processing
|
||
on specific sockets and thus avoiding select() and associated
|
||
functions/macros. This function will be used by upcoming libcurl releases
|
||
for this very reason. It also made me export the ares_socket_t type in the
|
||
public ares.h header file, since ares_process_fd() uses that type for two of
|
||
the arguments.
|
||
|
||
* May 25 2007
|
||
|
||
- Ravi Pratap fixed a flaw in the init_by_resolv_conf() function for windows
|
||
that could cause it to return a bad return code.
|
||
|
||
* April 16 2007
|
||
|
||
- Yang Tse: Provide ares_getopt() command-line parser function as a source
|
||
code helper function, not belonging to the actual c-ares library.
|
||
|
||
* February 19 2007
|
||
|
||
- Vlad Dinulescu added ares_parse_ns_reply().
|
||
|
||
* February 13 2007
|
||
|
||
- Yang Tse: Fix failure to get the search sequence of /etc/hosts and
|
||
DNS from /etc/nsswitch.conf, /etc/host.conf or /etc/svc.conf when
|
||
/etc/resolv.conf did not exist or was unable to read it.
|
||
|
||
* November 22 2006
|
||
|
||
- Install ares_dns.h too
|
||
|
||
- Michael Wallner fixed this problem: When I set domains in the options
|
||
struct, and there are domain/search entries in /etc/resolv.conf, the domains
|
||
of the options struct will be overridden.
|
||
|
||
* November 6 2006
|
||
|
||
- Yang Tse removed a couple of potential zero size memory allocations.
|
||
|
||
- Andreas Rieke fixed the line endings in the areslib.dsp file that I (Daniel)
|
||
broke in the 1.3.2 release. We should switch to a system where that file is
|
||
auto-generated. We could rip some code for that from curl...
|
||
|
||
Version 1.3.2 (November 3, 2006)
|
||
|
||
* October 12 2006
|
||
|
||
- Prevent ares_getsock() to overflow if more than 16 sockets are used.
|
||
|
||
* September 11 2006
|
||
|
||
- Guilherme Balena Versiani: I noted a strange BUG in Win32 port
|
||
(ares_init.c/get_iphlpapi_dns_info() function): when I disable the network
|
||
by hand or disconnect the network cable in Windows 2000 or Windows XP, my
|
||
application gets 127.0.0.1 as the only name server. The problem comes from
|
||
'GetNetworkParams' function, that returns the empty string "" as the only
|
||
name server in that case. Moreover, the Windows implementation of
|
||
inet_addr() returns INADDR_LOOPBACK instead of INADDR_NONE.
|
||
|
||
* August 29 2006
|
||
|
||
- Brad Spencer did
|
||
|
||
o made ares_version.h use extern "C" for c++ compilers
|
||
o fixed compiler warnings in ares_getnameinfo.c
|
||
o fixed a buffer position init for TCP reads
|
||
|
||
* August 3 2006
|
||
|
||
- Ravi Pratap fixed ares_getsock() to actually return the proper bitmap and
|
||
not always zero!
|
||
|
||
Version 1.3.1 (June 24, 2006)
|
||
|
||
* July 23, 2006
|
||
|
||
- Gisle Vanem added getopt() to the ahost program. Currently accepts
|
||
only [-t {a|aaaa}] to specify address family in ares_gethostbyname().
|
||
|
||
* June 19, 2006
|
||
|
||
- (wahern) Removed "big endian" DNS section and RR data integer parser
|
||
macros from ares_dns.h, which break c-ares on my Sparc64. Bit-wise
|
||
operations in C operate on logical values. And in any event the octets are
|
||
already in big-endian (aka network) byte order so they're being reversed
|
||
(thus the source of the breakage).
|
||
|
||
* June 18, 2006
|
||
|
||
- William Ahern handles EAGAIN/EWOULDBLOCK errors in most of the I/O calls
|
||
from area_process.c.
|
||
|
||
TODO: Handle one last EAGAIN for a UDP socket send(2) in
|
||
ares__send_query().
|
||
|
||
* May 10, 2006
|
||
|
||
- Bram Matthys brought my attention to a libtool peculiarity where detecting
|
||
things such as C++ compiler actually is a bad thing and since we don't need
|
||
that detection I added a work-around, much inspired by a previous patch by
|
||
Paolo Bonzini. This also shortens the configure script quite a lot.
|
||
|
||
* May 3, 2006
|
||
|
||
- Nick Mathewson added the ARES_OPT_SOCK_STATE_CB option that when set makes
|
||
c-ares call a callback on socket state changes. A better way than the
|
||
ares_getsock() to get full control over the socket state.
|
||
|
||
* January 9, 2006
|
||
|
||
- Alexander Lazic improved the getservbyport_r() configure check.
|
||
|
||
* January 6, 2006
|
||
|
||
- Alexander Lazic pointed out that the buildconf should use the ACLOCAL_FLAGS
|
||
variable for easier controlling what it does and how it runs.
|
||
|
||
* January 5, 2006
|
||
|
||
- James Bursa fixed c-ares to find the hosts file on RISC OS, and made it
|
||
build with newer gcc versions that no longer defines "riscos".
|
||
|
||
* December 22
|
||
|
||
- Daniel Stenberg added ares_getsock() that extracts the set of sockets to
|
||
wait for action on. Similar to ares_fds() but not restricted to using
|
||
select() for the waiting.
|
||
|
||
* November 25
|
||
|
||
- Yang Tse fixed some send() / recv() compiler warnings
|
||
|
||
* September 18
|
||
|
||
- Added constants that will be used by ares_getaddrinfo
|
||
|
||
- Made ares_getnameinfo use the reentrant getservbyport (getservbyport_r) if it
|
||
is available to ensure it works properly in a threaded environment.
|
||
|
||
* September 10
|
||
|
||
- configure fix for detecting a member in the sockaddr_in6 struct which failed
|
||
on ipv6-enabled HP-UX 11.00
|
||
|
||
Version 1.3.0 (August 29, 2005)
|
||
|
||
* August 21
|
||
|
||
- Alfredo Tupone provided a fix for the Windows code in get_iphlpapi_dns_info()
|
||
when getting the DNS server etc.
|
||
|
||
* June 19
|
||
|
||
- Added some checks for the addrinfo structure.
|
||
|
||
* June 2
|
||
|
||
- William Ahern:
|
||
|
||
Make UDP sockets non-blocking. I've confirmed that at least on Linux 2.4 a
|
||
read event can come back from poll() on a valid SOCK_DGRAM socket but
|
||
recv(2) will still block. This patch doesn't ignore EAGAIN in
|
||
read_udp_packets(), though maybe it should. (This patch was edited by Daniel
|
||
Stenberg and a new configure test was added (imported from curl's configure)
|
||
to properly detect what non-blocking socket approach to use.)
|
||
|
||
I'm not quite sure how this was happening, but I've been seeing PTR queries
|
||
which seem to return empty responses. At least, they were empty when calling
|
||
ares_expand_name() on the record. Here's a patch which guarantees to
|
||
NUL-terminate the expanded name. The old behavior failed to NUL-terminate if
|
||
len was 0, and this was causing strlen() to run past the end of the buffer
|
||
after calling ares_expand_name() and getting ARES_SUCCESS as the return
|
||
value. If q is not greater than *s then it's equal and *s is always
|
||
allocated with at least one byte.
|
||
|
||
* May 16
|
||
|
||
- Added ares_getnameinfo which mimics the getnameinfo API (another feature
|
||
that could use testing).
|
||
|
||
* May 14
|
||
|
||
- Added an inet_ntop function from BIND for systems that do not have it.
|
||
|
||
* April 9
|
||
|
||
- Made sortlist support IPv6 (this can probably use some testing).
|
||
|
||
- Made sortlist support CIDR matching for IPv4.
|
||
|
||
* April 8
|
||
|
||
- Added preliminary IPv6 support to ares_gethostbyname. Currently, sortlist
|
||
does not work with IPv6. Also provided an implementation of bitncmp from
|
||
BIND for systems that do not supply this function. This will be used to add
|
||
IPv6 support to sortlist.
|
||
|
||
- Made ares_gethostbyaddr support IPv6 by specifying AF_INET6 as the family.
|
||
The function can lookup IPv6 addresses both from files (/etc/hosts) and
|
||
DNS lookups.
|
||
|
||
* April 7
|
||
|
||
- Tupone Alfredo fixed includes of arpa/nameser_compat.h to build fine on Mac
|
||
OS X.
|
||
|
||
* April 5
|
||
|
||
- Dominick Meglio: Provided implementations of inet_net_pton and inet_pton
|
||
from BIND for systems that do not include these functions.
|
||
|
||
* March 11, 2005
|
||
|
||
- Dominick Meglio added ares_parse_aaaa_reply.c and did various
|
||
adjustments. The first little steps towards IPv6 support!
|
||
|
||
* November 7
|
||
|
||
- Fixed the VC project and makefile to use ares_cancel and ares_version
|
||
|
||
* October 24
|
||
|
||
- The released ares_version.h from 1.2.1 says 1.2.0 due to a maketgz flaw.
|
||
This is now fixed.
|
||
|
||
Version 1.2.1 (October 20, 2004)
|
||
|
||
* September 29
|
||
|
||
- Henrik Stoerner fix: got a report that Tru64 Unix (the unix from Digital
|
||
when they made Alpha's) uses /etc/svc.conf for the purpose fixed below for
|
||
other OSes. He made c-ares check for and understand it if present.
|
||
|
||
- Now c-ares will use local host name lookup _before_ DNS resolving by default
|
||
if nothing else is told.
|
||
|
||
* September 26
|
||
|
||
- Henrik Stoerner: found out that c-ares does not look at the /etc/host.conf
|
||
file to determine the sequence in which to search /etc/hosts and DNS. So on
|
||
systems where this order is defined by /etc/host.conf instead of a "lookup"
|
||
entry in /etc/resolv.conf, c-ares will always default to looking in DNS
|
||
first, and /etc/hosts second.
|
||
|
||
c-ares now looks at
|
||
|
||
1) resolv.conf (for the "lookup" line);
|
||
2) nsswitch.fon (for the "hosts:" line);
|
||
3) host.conf (for the "order" line).
|
||
|
||
First match wins.
|
||
|
||
- Dominick Meglio patched: C-ares on Windows assumed that the HOSTS file is
|
||
located in a static location. It assumed
|
||
C:\Windows\System32\Drivers\Etc. This is a poor assumption to make. In fact,
|
||
the location of the HOSTS file can be changed via a registry setting.
|
||
|
||
There is a key called DatabasePath which specifies the path to the HOSTS
|
||
file:
|
||
http://www.microsoft.com/technet/itsolutions/network/deploy/depovg/tcpip2k.mspx
|
||
|
||
The patch will make c-ares correctly consult the registry for the location
|
||
of this file.
|
||
|
||
* August 29
|
||
|
||
- Gisle Vanem fixed the MSVC build files.
|
||
|
||
* August 20
|
||
|
||
- Gisle Vanem made c-ares build and work with his Watt-32 TCP/IP stack.
|
||
|
||
* August 13
|
||
|
||
- Harshal Pradhan made a minor syntax change in ares_init.c to make it build
|
||
fine with MSVC 7.1
|
||
|
||
* July 24
|
||
|
||
- Made the lib get built static only if --enable-debug is used.
|
||
|
||
- Gisle Vanem fixed:
|
||
|
||
Basically in loops like handle_errors(), 'query->next' was assigned a local
|
||
variable and then query was referenced after the memory was freed by
|
||
next_server(). I've changed that so next_server() and end_query() returns
|
||
the next query. So callers should use this ret-value.
|
||
|
||
The next problem was that 'server->tcp_buffer_pos' had a random value at
|
||
entry to 1st recv() (luckily causing Winsock to return ENOBUFS).
|
||
|
||
I've also added a ares_writev() for Windows to streamline the code a bit
|
||
more.
|
||
|
||
* July 20
|
||
- Fixed a few variable return types for some system calls. Made configure
|
||
check for ssize_t to make it possible to use that when receiving the send()
|
||
error code. This is necessary to prevent compiler warnings on some systems.
|
||
|
||
- Made configure create config.h, and all source files now include setup.h that
|
||
might include the proper config.h (or a handicrafted alternative).
|
||
|
||
- Switched to 'ares_socket_t' type for sockets in ares, since Windows don't
|
||
use 'int' for that.
|
||
|
||
- automake-ified and libool-ified c-ares. Now it builds libcares as a shared
|
||
lib on most platforms if wanted. (This bloated the size of the release
|
||
archive with another 200K!)
|
||
|
||
- Makefile.am now uses Makefile.inc for the c sources, h headers and man
|
||
pages, to make it easier for other makefiles to use the exact same set of
|
||
files.
|
||
|
||
- Adjusted 'maketgz' to use the new automake magic when building distribution
|
||
archives.
|
||
|
||
- Anyone desires HTML and/or PDF versions of the man pages in the release
|
||
archives?
|
||
|
||
* July 3
|
||
- G<>nter Knauf made c-ares build and run on Novell Netware.
|
||
|
||
* July 1
|
||
- Gisle Vanem provided Makefile.dj to build with djgpp, added a few more djgpp
|
||
fixes and made ares not use 'errno' to provide further info on Windows.
|
||
|
||
* June 30
|
||
- Gisle Vanem made it build with djgpp and run fine with the Watt-32 stack.
|
||
|
||
* June 10
|
||
- Gisle Vanem's init patch for Windows:
|
||
|
||
The init_by_resolv_conf() function fetches the DNS-server(s)
|
||
from a series of registry branches.
|
||
|
||
This can be wrong in the case where DHCP has assigned nameservers, but the
|
||
user has overridden these servers with other prefered settings. Then it's
|
||
wrong to use the DHCPNAMESERVER setting in registry.
|
||
|
||
In the case of no global DHCP-assigned or fixed servers, but DNS server(s)
|
||
per adapter, one has to query the adapter branches. But how can c-ares know
|
||
which adapter is valid for use? AFAICS it can't. There could be one adapter
|
||
that is down (e.g. a VPN adapter).
|
||
|
||
So it's better to leave this to the IP Helper API (iphlapi) available in
|
||
Win-98/2000 and later. My patch falls-back to the old way if not available.
|
||
|
||
* June 8
|
||
- James Bursa fixed an init issue for RISC OS.
|
||
|
||
* May 11
|
||
- Nico Stappenbelt reported that when processing domain and search lines in
|
||
the resolv.conf file, the first entry encountered is processed and used as
|
||
the search list. According to the manual pages for both Linux, Solaris and
|
||
Tru64, the last entry of either a domain or a search field is used.
|
||
|
||
This is now adjusted in the code
|
||
|
||
Version 1.2.0 (April 13, 2004)
|
||
|
||
* April 2, 2004
|
||
- Updated various man pages to look nicer when converted to HTML on the web
|
||
site.
|
||
|
||
* April 1, 2004
|
||
- Dirk Manske provided a new function that is now named ares_cancel(). It is
|
||
used to cancel/cleanup a resolve/request made using ares functions on the
|
||
given ares channel. It does not destroy/kill the ares channel itself.
|
||
|
||
- Dominick Meglio cleaned up the formatting in several man pages.
|
||
|
||
* March 30, 2004
|
||
- Dominick Meglio's new ares_expand_string. A helper function when decoding
|
||
incoming DNS packages.
|
||
|
||
- Daniel Stenberg modified the Makefile.in to use a for loop for the man page
|
||
installation to improve overview and make it easier to add man pages.
|
||
|
||
Version 1.1.0 (March 11, 2004)
|
||
|
||
* March 9, 2004
|
||
- Gisle Vanem improved build on Windows.
|
||
|
||
* February 25, 2004
|
||
- Dan Fandrich found a flaw in the Feb 22 fix.
|
||
|
||
- Added better configure --enable-debug logic (taken from the curl configure
|
||
script). Added acinclude.m4 to the tarball.
|
||
|
||
* February 23, 2004
|
||
- Removed ares_free_errmem(), the function, the file and the man page. It was
|
||
not used and it did nothing.
|
||
|
||
- Fixed a lot of code that wasn't "64bit clean" and thus caused a lot of
|
||
compiler warnings on picky compilers.
|
||
|
||
* February 22, 2004
|
||
- Dominick Meglio made ares init support multiple name servers in the
|
||
NameServer key on Windows.
|
||
|
||
* February 16, 2004
|
||
- Modified ares_private.h to include libcurl's memory debug header if
|
||
CURLDEBUG is set. This makes all the ares-functions supervised properly by
|
||
the curl test suite. This also forced me to add inclusion of the
|
||
ares_private.h header in a few more files that are using some kind of
|
||
memory-related resources.
|
||
|
||
- Made the makefile only build ahost and adig if 'make demos' is used.
|
||
|
||
* February 10, 2004
|
||
- Dirk Manske made ares_version.h installed with 'make install'
|
||
|
||
* February 4, 2004
|
||
- ares_free_errmem() is subject for removal, it is simply present for future
|
||
purposes, and since we removed the extra parameter in strerror() it won't
|
||
be used by c-ares!
|
||
- configure --enable-debug now enables picky compiler options if gcc is used
|
||
- fixed several compiler warnings --enable-debug showed and Joerg Mueller-Tolk
|
||
reported
|
||
|
||
Version 1.0.0 (February 3, 2004)
|
||
|
||
* February 3, 2004
|
||
- now we produce the libcares.a library instead of the previous libares.a
|
||
since we are no longer compatible
|
||
|
||
* February 2, 2004
|
||
|
||
- ares_strerror() has one argument less. This is the first official
|
||
modification of the existing provided ares API.
|
||
|
||
* January 29, 2004
|
||
|
||
- Dirk Manske fixed how the socket is set non-blocking.
|
||
|
||
* January 4, 2004
|
||
|
||
- Dominick Meglio made the private gettimeofday() become ares_gettimeofday()
|
||
instead in order to not pollute the name space and risk colliding with
|
||
other libraries' versions of this function.
|
||
|
||
* October 24, 2003. Daniel Stenberg
|
||
|
||
Added ares_version().
|
||
|
||
Version 1.0-pre1 (8 October 2003)
|
||
|
||
- James Bursa made it run on RISC OS
|
||
|
||
- Dominick Meglio made it run fine on NT4
|
||
|
||
- Duncan Wilcox made it work fine on Mac OS X
|
||
|
||
- Daniel Stenberg adjusted the windows port
|
||
|
||
- liren at vivisimo.com made the initial windows port
|
||
|
||
* Imported the sources from ares 1.1.1
|