Changelog for the c-ares project. Generated with git2changes.pl Version 1.28.1 (30 Mar 2024) GitHub (30 Mar 2024) - [Brad House brought this change] release prep for 1.28.1 (#739) Brad House (30 Mar 2024) - ares_search() and ares_getaddrinfo() resolution fails if no search domains Due to an error in creating the list of domains to search, if no search domains were configured, resolution would fail. Fixes Issue: #737 Fix By: Brad House (@bradh352) - typo Version 1.28.0 (28 Mar 2024) GitHub (28 Mar 2024) - [Brad House brought this change] Allow configuration value for NDots to be zero (#735) As per Issue #734 some people use `ndots:0` in their configuration which is allowed by the system resolver but not by c-ares. Add support for `ndots:0` and add a test case to validate this behavior. Fixes Issue: #734 Fix By: Brad House (@bradh352) Brad House (27 Mar 2024) - typo GitHub (27 Mar 2024) - [Brad House brought this change] 1.28.0 release prep (#733) Brad House (27 Mar 2024) - CMake: don't overwrite global required libraries/definitions/includes When chain building c-ares, global settings were being unset which could lead to build problems. Fixes Issue: #729 Fix By: Brad House (@bradh352) - remove tests that have been disabled forever - clang-format - ares_search_dnsrec() takes a const - sonarcloud: clean up some minor codesmells GitHub (26 Mar 2024) - [Brad House brought this change] mark deprecated functions as such (#732) Multiple functions have been deprecated over the years, annotate them with attribute deprecated. When possible show a message about their replacements. This is a continuation/completion of PR #706 Fix By: Cristian Rodríguez (@crrodriguez) Brad House (26 Mar 2024) - silence clang static analyzer - silence coverity - coverity: fix mostly bogus warnings - fix missing doc GitHub (25 Mar 2024) - [Brad House brought this change] Rework internals to pass around `ares_dns_record_t` instead of binary data (#730) c-ares has historically passed around raw dns packets in binary form. Now that we have a new parser, and messages are already parsed internally, lets pass around that parsed message rather than requiring multiple parse attempts on the same message. Also add a new `ares_send_dnsrec()` and `ares_query_dnsrec()` similar to `ares_search_dnsrec()` added with PR #719 that can return the pointer to the `ares_dns_record_t` to the caller enqueuing queries and rework `ares_search_dnsrec()` to use `ares_send_dnsrec()` internally. Fix By: Brad House (@bradh352) Brad House (23 Mar 2024) - tests: mockserver is local, shorten timeouts to make test cases run faster to use less CI resources - appveyor: disable UWP builds until MSVC version is updated in base image GitHub (21 Mar 2024) - [Faraz brought this change] Include netinet6/in6.h (#728) On some platforms, "netinet6/in6.h" is not included by "netinet/in.h" and needs to be included separately. Fix By: Faraz (@farazrbx) - [Oliver Welsh brought this change] Add function ares_search_dnrec() to search for records using the new DNS record parser (#719) This PR adds a new function `ares_search_dnsrec()` to search for records using the new DNS record parser. The function takes an arbitrary DNS record object to search (that must represent a query for a single name). The function takes a new callback type, `ares_callback_dnsrec`, that is invoked with a parsed DNS record object rather than the raw buffer(+length). The original motivation for this change is to provide support for [draft-kaplan-enum-sip-routing-04](https://datatracker.ietf.org/doc/html/draft-kaplan-enum-sip-routing-04); when routing phone calls using an ENUM server, it can be useful to include identifying source information in an OPT RR options value, to help select the appropriate route for the call. The new function allows for more customisable searches like this. **Summary of code changes** A new function `ares_search_dnsrec()` has been added and exposed. Moreover, the entire `ares_search_int()` internal code flow has been refactored to use parsed DNS record objects and the new DNS record parser. The DNS record object is passed through the `search_query` structure by encoding/decoding to/from a buffer (if multiple search domains are used). A helper function `ares_dns_write_query_altname()` is used to re-write the DNS record object with a new query name (used to append search domains). `ares_search()` is now a wrapper around the new internal code, where the DNS record object is created based on the name, class and type parameters. The new function uses a new callback type, `ares_callback_dnsrec`. This is invoked with a parsed DNS record object. For now, we convert from `ares_callback` to this new type using `ares__dnsrec_convert_cb()`. Some functions that are common to both `ares_query()` and `ares_search()` have been refactored using the new DNS record parser. See `ares_dns_record_create_query()` and `ares_dns_query_reply_tostatus()`. **Testing** A new FV has been added to test the new function, which searches for a DNS record containing an OPT RR with custom options value. As part of this, I needed to enhance the mock DNS server to expect request text (and assert that it matches actual request text). This is because the FV needs to check that the request contains the correct OPT RR. **Documentation** The man page docs have been updated to describe the new feature. **Futures** In the future, a new variant of `ares_send()` could be introduced in the same vein (`ares_send_dnsrec()`). This could be used by `ares_search_dnsrec()`. Moreover, we could migrate internal code to use `ares_callback_dnsrec` as the default callback. This will help to make the new DNS record parser the norm in C-Ares. --------- Co-authored-by: Oliver Welsh (@oliverwelsh) - [Brad House brought this change] Replace configuration file parsers with memory-safe parser (#725) Rewrite configuration parsers using new memory safe parsing functions. After CVE-2024-25629 its obvious that we need to prioritize again on getting all the hand written parsers with direct pointer manipulation replaced. They're just not safe and hard to audit. It was yet another example of 20+yr old code having a memory safety issue just now coming to light. Though these parsers are definitely less efficient, they're written with memory safety in mind, and any performance difference is going to be meaningless for something that only happens once a while. Fix By: Brad House (@bradh352) Brad House (12 Mar 2024) - skip ubsan/asan on debian arm64 due to the compiler getting killed - ares_init potential memory leak If initializing using default settings fails, there may be a memory leak of search domains that were set by system configuration. Fixes Issue: #724 Fix By: Brad House (@bradh352) GitHub (12 Mar 2024) - [Faraz Fallahi brought this change] simple implementation for isascii where stdlib isascii is not available (#721) Some platforms don't have the isascii() function. Implement as a macro. Fix By: Faraz Fallahi (@fffaraz) Brad House (11 Mar 2024) - Doxygen: fix typos Fix reported typos in doxygen-style comments. Fixes Issue: #722 Credit: @dzalyalov88 - CI: update freebsd image - CMake: Fix Chain building if CMAKE runtime paths not set This fixes issues created by #708 Fix By: Brad House (@bradh352) - silence benign warnings - Remove acountry completely from code, including manpage Since acountry cannot be restored due to nerd.dk being decommissioned, we should completely remove the manpage and source. This also will resolve issue #718. Fixes Issue: #718 Fix By: Brad House (@bradh352) Version 1.27.0 (22 Feb 2024) GitHub (22 Feb 2024) - [Brad House brought this change] Release 1.27.0 (#715) release prep for 1.27.0 release - [Brad House brought this change] Merge pull request from GHSA-mg26-v6qh-x48q - [Oliver Welsh brought this change] Add flag to not use a default local named server on channel initialization (#713) Hello, I work on an application for Microsoft which uses c-ares to perform DNS lookups. We have made some minor changes to the library over time, and would like to contribute these back to the project in case they are useful more widely. This PR adds a new channel init flag, described below. Please let me know if I can include any more information to make this PR better/easier for you to review. Thanks! **Summary** When initializing a channel with `ares_init_options()`, if there are no nameservers available (because `ARES_OPT_SERVERS` is not used and `/etc/resolv.conf` is either empty or not available) then a default local named server will be added to the channel. However in some applications a local named server will never be available. In this case, all subsequent queries on the channel will fail. If we know this ahead of time, then it may be preferred to fail channel initialization directly rather than wait for the queries to fail. This gives better visibility, since we know that the failure is due to missing servers rather than something going wrong with the queries. This PR adds a new flag `ARES_FLAG_NO_DFLT_SVR`, to indicate that a default local named server should not be added to a channel in this scenario. Instead, a new error `ARES_EINITNOSERVER` is returned and initialization fails. **Testing** I have added 2 new FV tests: - `ContainerNoDfltSvrEmptyInit` to test that initialization fails when no nameservers are available and the flag is set. - `ContainerNoDfltSvrFullInit` to test that initialization still succeeds when the flag is set but other nameservers are available. Existing FVs are all passing. **Documentation** I have had a go at manually updating the docs to describe the new flag/error, but couldn't see any contributing guidance about testing this. Please let me know if you'd like anything more here. --------- Fix By: Oliver Welsh (@oliverwelsh) Brad House (18 Feb 2024) - badge should be only main branch - put logo in readme - clang-format GitHub (17 Feb 2024) - [Brad House brought this change] Add ares_queue_active_queries() (#712) Add a function to request the number of active queries from an ares channel. This will return the number of inflight requests to dns servers. Some functions like `ares_getaddrinfo()` when using `AF_UNSPEC` may enqueue multiple queries which will be reflected in this count. In the future, if we implement support for queuing (e.g. for throttling purposes), and/or implement support for tracking user-requested queries (e.g. for cancelation), we can provide additional functions for inspecting those queues. Fix By: Brad House (@bradh352) - [Vojtěch Vobr brought this change] fix leaking DNS suffix search list on Windows (#711) ares__strsplit provides a newly allocated buffer, so suffix list in line variable isn't referenced anymore. Related ares_free seems to have gone missing during refactoring made in #594 Fix By: Vojtěch Vobr (@vojtechvobr) - [Brad House brought this change] Add ares_queue_wait_empty() for use with EventThreads (#710) It may be useful to wait for the queue to be empty under certain conditions (mainly test cases), expose a function to efficiently do this and rework test cases to use it. Fix By: Brad House (@bradh352) - [Cheng Zhao brought this change] Fix warning about ignoring result of write (#709) Fix the compiler warning from clang: ``` ares_event_wake_pipe.c:120:3: error: ignoring return value of function declared with 'warn_unused_result' attribute [-Werror,-Wunused-result] 120 | write(p->filedes[1], "1", 1); | ^~~~~ ~~~~~~~~~~~~~~~~~~~~~ 1 error generated. ``` Fix By: Cheng Zhao (@zcbenz) Brad House (5 Feb 2024) - CMake: don't override target output locations if not top-level CMake was unconditionally setting output locations globally, but it should not do that if it is not the top-level project (e.g. during chain building). Detect this fact and only set the output location when top level. Fixes Issue: #708 Fix By: Anthony Alayo (@anthonyalayo) - make docs match PR #705 GitHub (31 Jan 2024) - [Cristian Rodríguez brought this change] lower EDNSPACKETSZ to 1232 (#705) In 2020, it was agreed this is optimal maximum size and all major server software was updated to reflect this. see https://www.dnsflagday.net/2020/#faq Fix By: Cristian Rodríguez (@crrodriguez) Brad House (30 Jan 2024) - fix version - fix typo - bad symlink - attempt to fix pkgconfig on windows for static builds GitHub (28 Jan 2024) - [Andriy Utkin brought this change] docs/ares_init_options.3: fix args in analogy (#701) Fix By: Andriy Utkin - [Brad House brought this change] sonarcloud: fix minor codesmells (#702) Fix minor codesmells, mostly related to missing 'const' in the new event system. Fix By: Brad House (@bradh352) Brad House (26 Jan 2024) - remove outdated copyright text - spelling - sanity check GTest includes GMock component GitHub (26 Jan 2024) - [Brad House brought this change] build-time disabled threads breaks c-ares (#700) Regression introduced in 1.26.0, building c-ares with threading disabled results in ares_init{_options}() failing. Also adds a new CI test case to prevent this regression in the future. Fixes Bug: #699 Fix By: Brad House (@bradh352) Version 1.26.0 (25 Jan 2024) Brad House (25 Jan 2024) - clusterfuzz: enforce maximum DNS packet size due to long parser time GitHub (24 Jan 2024) - [Brad House brought this change] Release prep for c-ares 1.26.0 (#698) release prep Brad House (24 Jan 2024) - adig: Differentiate between internal and server error Should not output "Got answer" if there was no answer from the server, instead should just output the internal error. Fix By: Gisle Vanem (@gvanem) GitHub (24 Jan 2024) - [Brad House brought this change] Event Subsystem: No longer require integrators to have their own (#696) This PR implements an event thread to process all events on file descriptors registered by c-ares. Prior to this feature, integrators were required to understand the internals of c-ares and how to monitor file descriptors and timeouts and process events. Implements OS-specific efficient polling such as epoll(), kqueue(), or IOCP, and falls back to poll() or select() if otherwise unsupported. At this point, it depends on basic threading primitives such as pthreads or windows threads. If enabled via the ARES_OPT_EVENT_THREAD option passed to ares_init_options(), then socket callbacks cannot be used. Fixes Bug: #611 Fix By: Brad House (@bradh352) - [Erik Lax brought this change] Added flags to are_dns_parse to force RAW packet parsing (#693) This pull request adds six flags to instruct the parser under various circumstances to skip parsing of the returned RR records so the raw data can be retrieved. Fixes Bug: #686 Fix By: Erik Lax (@eriklax) - [Brad House brought this change] Autotools allow make to override CFLAGS/CPPFLAGS/CXXFLAGS (#695) The previous build system allowed overwriting of CFLAGS/CPPFLAGS/CXXFLAGS on the make command line. Switch to using AM_CFLAGS/AM_CPPFLAGS/AM_CXXFLAGS when we set our own flags for building which ensures they are kept even when a user tries to override. Fixes Bug: #694 Fix By: Brad House (@bradh352) Brad House (16 Jan 2024) - fix doxygen typo GitHub (16 Jan 2024) - [Brad House brought this change] man ares_fds(3): mark as deprecated and add explanation (#691) ares_fds(3) is not safe to use, mark as deprecated. Fixes Issue: #687 Fix By: Brad House (@bradh352) - [Brad House brought this change] autotools: fix building for 32bit windows due to stdcall symbol mangling (#689) Use AC_CHECK_DECL not AC_CHECK_FUNCS, while this doesn't do a linkage test, it just makes sure the headers define it, this is the only thing without a complex workaround on Windows that will do what we need. See: https://github.com/msys2/msys2/wiki/Porting/f87a222118b1008ebc166ad237f04edb759c8f4c#calling-conventions-stdcall-and-autotools and https://lists.gnu.org/archive/html/autoconf/2013-05/msg00085.html and for a more complex workaround, we'd need to use AC_LINK_IFELSE like: https://mailman.videolan.org/pipermail/vlc-devel/2015-March/101802.html which would require we check each individually and provide function arguments for the test. I don't think that is worthwhile. Fixes Issue: #688 Fix By: Brad House (@bradh352) - [Brad House brought this change] Do not sanity check RR Name vs Question (#685) It appears as though we should never sanity check the RR name vs the question name as some DNS servers may return results for alias records. Fixes Bug: #683 Fix By: Brad House (@bradh352) - [Brad House brought this change] no reason to include sys/random.h all the time (#684) External integrations don't need sys/random.h in order to compile, remove the dependency. Try to fix building on legacy MacOS versions. Fixes Issue: #682 Fix By: Brad House (@bradh352) - [Gregor Jasny brought this change] cmake: improve some include related code (#680) * cmake: avoid warning about non-existing include dir In the Debian build logs I noticed the following warning: cc1: warning: /build/c-ares-1.25.0/test/include: No such file or directory [-Wmissing-include-dirs] This happened because ${CMAKE_INSTALL_INCLUDEDIR} had been added to caresinternal. I believe it has been copied from the "real" lib where it's used in the INSTALL_INTERFACE context. But because caresinternal is never installed we don't need that include here. * cmake: drop CARES_TOPLEVEL_DIR variable The CARES_TOPLEVEL_DIR variable is the same as the automatically created PROJECT_SOURCE_DIR variable. Let's stick to the official one. Also because it is already used at places where CARES_TOPLEVEL_DIR is used as well. Fix By: Gregor Jasny (@gjasny) Brad House (5 Jan 2024) - test: fix outdated license headers - RELEASE-NOTES -> RELEASE-NOTES.md - update format slightly - update release notes format Version 1.25.0 (2 Jan 2024) GitHub (2 Jan 2024) - [Brad House brought this change] 1.25.0 release prep (#676) Brad House (31 Dec 2023) - tests: replace google DNS with CloudFlare for reverse lookups as google's servers stopped responding properly - OSSFuzz: it assumes autotools builds a static library by default, which means the old autotools must have done that even though there were comments saying it wasn't. Disable static by default on Windows however since it can't build both simultaneously. - autotools: update logic for building tests to provide more feedback - set winver consistently across build systems GitHub (28 Dec 2023) - [Brad House brought this change] Autotools: rework to simplify and fix recent issues (#674) Completely rework the autotools build system, issues have cropped up due to the complexity and could cause issues on even semi-modern Linux systems (Ubuntu 20.04 for example). Changes include: Remove all curl/xc/cares m4 helper files, they go overboard on detections of functions and datatypes. Go back to more plain autoconf macros as they've come a long way over the years. Use known systems and heuristics to determine datatypes for functions like send() and recv(), rather than the error prone detection which required thousands of permutations and might still get it wrong. Remove unneeded configure arguments like --enable-debug or --enable-optimize, its more common for people to simply pass their own CFLAGS on the command line. Only require CARES_STATICLIB definition on Windows static builds, its not necessary ever for other systems, even when hiding non-public symbols. Remove some function and definition detections that were never used in c-ares The test framework is now embedded into the toplevel configure system, there was no need to chain build the test system as it is never built externally to c-ares. As a side-effect of the changes, a configure run completes in about 25% of the original time. This has been tested on various Linux distributions (of varying age), FreeBSD, MacOS, Windows (via MSYS2 with Mingw), and Solaris10/11 (by @dfandrich), AIX 7.3 (by @dfandrich). It is not unlikely that this may have broken more esoteric or legacy systems, and we'll likely need to be ready to accept bug reports and patches, but it has removed over 10k lines of build system code. It is very likely any issues that crop up will add far fewer lines of code to fix such systems. Fixes Bug: #670 Fix By: Brad House (@bradh352) Brad House (22 Dec 2023) - docs: host -> ip fix mismatched documentation stating host instead of ip Fix By: Brad House (@bradh352) GitHub (21 Dec 2023) - [Brad House brought this change] Old MacOS SDKs require you include sys/socket.h before net/if.h (#673) Old MacOS SDKs (like 10.8) require you include `sys/socket.h` before you include `net/if.h` as reported by MacPorts. Using a new SDK but with setting the macos target version does not have the same issue. Fixes Issue: #672 Fix By: Brad House (@bradh352) - [Brad House brought this change] Autotools warning fixes (#671) * get rid of clashes with curl namespace * remove warnings due to deprecated functionality * reorder some macro calls to get rid of warnings due to being called in the wrong order Fix By: Brad House (@bradh352) Brad House (19 Dec 2023) - clang-format - ares_strsplit() rewrite as wrapper around ares__buf_split() We want to limit as much as possible any hand written parsers. ares__buf_split() uses the new memory-safe parsing routines. This adds a couple of additional flags to remove duplicates which the existing split code did. Fix By: Brad House (@bradh352) - clang-format - sonarcloud: const - Connection failure should increment server failure count first In order to be sure a different server is chosen on the next query, a read error should result in the failure count being updated first before requeing the request to a different server. Fix By: Brad House (@bradh352) GitHub (18 Dec 2023) - [Brad House brought this change] ahost should use ares_getaddrinfo() these days (#669) ahost wasn't printing both ipv4 and ipv6 addresses. This day and age, it really should. This PR also adds the ability to specify the servers to use. Fix By: Brad House (@bradh352) Brad House (17 Dec 2023) - Fix bad stub for ares__iface_ips_enumerate() If the ability to enumerate interface ip addresses does not exist on a system, the stub function contained the wrong prototype. Fixes Bug: #668 Fix By: Brad House (@bradh352) GitHub (17 Dec 2023) - [Gregor Jasny brought this change] Fix minor warnings and documentation typos (#666) Build warnings could be seen [here](https://buildd.debian.org/status/fetch.php?pkg=c-ares&arch=arm64&ver=1.24.0-1&stamp=1702826366&raw=0) [origin](https://buildd.debian.org/status/package.php?p=c-ares) Fix By: Gregor Jasny (@gjasny) - [Brad House brought this change] CI: Add Alpine Linux and old Ubuntu (#667) Alpine linux doesn't use glibc but instead musl c, so provides a good alternative test bed. We are also adding the oldest non-EOL ubuntu version so we can test against older linux variants to prevent surprises. This patch also migrates more tests to use cmake and ninja in order to reduce overall build times as we seem to run out of credits on Cirrus-CI pretty quickly. Fix By: Brad House (@bradh352) Brad House (17 Dec 2023) - fix support with older google test versions - getrandom() may require sys/random.h on some systems There is a reported build issue where getrandom() is detected but compile fails due to a missing prototype. This commit attempts to resolve that issue. Fixes Bug: #665 Fix By: Brad House (@bradh352) GitHub (17 Dec 2023) - [Martin Chang brought this change] Use SOCK_DNS extension on socket on OpenBSD (#659) This patch added the `SOCK_DNS` flag when running on OpenBSD. Allowing a reduced set of `pledge(2)` promises. Before this patch. The "stdio rpath inet" promises must be used in order to resolve any records. After the patch inet can be replaced with dns which only allows communication on destination port 53, instead of on all ports. Side note: I checked the OpenBSD kernel source code. Even though the socket document says the DNS port (typically 53)., The OpenBSD 7.4 kernel only allows 53. Fix By: Martin Chang (@marty1885) Brad House (17 Dec 2023) - ci: disable static for symbol hiding tests - ci: add test case for building with hidden symbol visibility - fix test building with symbol hiding New test cases depend on internal symbols for calculating timeouts. Disable those test features if symbol hiding is enabled. Fixes Bug: #664 Fix By: Brad House (@bradh352) Version 1.24.0 (16 Dec 2023) GitHub (16 Dec 2023) - [Brad House brought this change] ares_cancel() could trigger callback with wrong response code (#663) When doing ares_gethostbyname() or ares_getaddrinfo() with AF_UNSPEC, if ares_cancel() was called after one address class was returned but before the other address class, it would return ARES_SUCCESS rather than ARES_ECANCELLED. Test case has been added for this specific condition. Fixes Bug: #662 Fix By: Brad House (@bradh352) - [Brad House brought this change] rand: allow fallback from OS (#661) getrandom() can fail with ENOSYS if the libc supports the function but the kernel does not. Fixes Bug: #660 Fix By: Brad House (@bradh352) - [Brad House brought this change] 1.24.0 release prep (#657) Brad House (11 Dec 2023) - reference alternative to ares_getsock() in docs - tag some functions as deprecated in docs - Coverity: fix allocation size as reported in new code - remove dead code: ares_iphlpapi.h - remove dead code: bitncmp GitHub (9 Dec 2023) - [Brad House brought this change] Use external GoogleTest instead of bundling it (#655) GoogleTest should be unbundled. Google changed their guidance a few years back and modern versions of google test cannot build the bundling code file. This PR also updates to use C++14 as is required by modern GoogleTest versions. Fixes Bug: #506 Fix By: Brad House (@bradh352) Brad House (8 Dec 2023) - use IF_NAMESIZE instead of IFNAMSIZ to avoid warning - remove redundant cast - clang-format and fix one warning GitHub (8 Dec 2023) - [Brad House brought this change] Clean up some Windows-only warnings (#654) Windows was emitting some warnings due to datatype differences. Fix By: Brad House (@bradh352) - [Brad House brought this change] Rewrite sortlist hand parser for memory safety and bugs (#653) The parser for the sortlist has been rewritten to use the ares__buf_*() functions. This also resolves some known bugs in accepting invalid sortlist entries which should have caused parse failures. Fixes Bug: #501 Fix By: Brad House (@bradh352) Brad House (8 Dec 2023) - enhance timeout test case to make sure it will re-use a previously downed server - enhance timeout test case - SonarCloud: make const GitHub (7 Dec 2023) - [Brad House brought this change] increment failures on timeout (#651) As of c-ares 1.22.0, server timeouts were erroneously not incrementing server failures meaning the server in use wouldn't rotate. There was apparently never a test case for this condition. This PR fixes the bug and adds a test case to ensure it behaves properly. Fixes Bug: #650 Fix By: Brad House (@bradh352) - [Brad House brought this change] Windows UBSAN tests (#649) Fix UBSAN error, and enable UBSAN testing in AppVeyor. Fixes Bug #648 Fix By: Gisle Vanem (@gvanem) - [Brad House brought this change] Support ipv6 link-local servers and %iface syntax (#646) Some environments may send router advertisements on a link setting their link-local (fe80::/10) address as a valid DNS server to the remote system. This will cause a DNS entry to be created like `fe80::1%iface`, since all link-local network interfaces are technically part of the same /10 subnet, it must be told what interface to send packets through explicitly if there are multiple physical interfaces. This PR adds support for the %iface modifier when setting DNS servers via `/etc/resolv.conf` as well as via `ares_set_servers_csv()`. For MacOS and iOS it is assumed that libresolve will set the `sin6_scope_id` and should be supported, but my test systems don't seem to read the Router Advertisement for RDNSS link-local. Specifying the link-local dns server on MacOS via adig has been tested and confirmed working. For Windows, this is similar to MacOS in that the system doesn't seem to honor the RDNSS RA, but specifying manually has been tested to work. At this point, Android support does not exist. Fixes Bug #462 Supersedes PR #463 Fix By: Brad House (@bradh352) and Serhii Purik (@sergvpurik) Brad House (4 Dec 2023) - silence openwatcom warning due to qcache_max_ttl being unsigned - ares__round_up_pow2() work around bogus warning On 32bit systems, a codeblock that would intentionally never be executed was emitting a warning. Rework the code to prevent the warning. More code, no behavior difference, but keeps people from complaining about the warning... Fixes Bug: #645 Fix By: Brad House (@bradh352) - try to move AC_USE_SYSTEM_EXTENSIONS - Enable system extensions Certain defines are needed on some systems to enable functionality like pthread recursive mutexes. Fixes #644 Fix By: Brad House (@bradh352) - ares_init_options() with invalid options values should unset the option Apparently nodejs is relying on the above behavior for legacy reasons. Add sanity checks to the various optmask parameters where it makes sense. See https://github.com/nodejs/node/pull/50800 Fix By: Brad House (@bradh352) - SonarCloud: silence bogus reported error - clang-format GitHub (2 Dec 2023) - [Brad House brought this change] Nameserver parsing: replace another hand-written parser (#643) This replaces the nameserver parsing code with code that use ares__buf_*() in the name of memory safety. Fix By: Brad House (@bradh352) Version 1.23.0 (28 Nov 2023) GitHub (28 Nov 2023) - [Brad House brought this change] 1.23.0 release prep (#641) Brad House (28 Nov 2023) - add missing manpage to distribution list - clang-format - remove a simply - fix doc typo - ares_init_options with ARES_OPT_UDP_PORT wrong byte order Regression from c-ares 1.19.1, ARES_OPT_UDP_PORT and ARES_OPT_TCP_PORT are specified from the user in host-byte order, but there was a regression that caused it to be read as if it was network byte order. Fixes Bug: #640 Reported By: @Flow86 Fix By: Brad House (@bradh352) - fix ares_threadsafety() prototype GitHub (28 Nov 2023) - [Brad House brought this change] Basic Thread Safety (#636) c-ares does not have any concept of thread-safety. It has always been 100% up to the implementor to ensure they never call c-ares from more than one thread at a time. This patch adds basic thread-safety support, which can be disabled at compile time if not desired. It uses a single recursive mutex per channel, which should be extremely quick when uncontested so overhead should be minimal. Fixes Bug: #610 Also sets the stage to implement #611 Fix By: Brad House (@bradh352) - [petrvh brought this change] ares_getaddrinfo(): do not use search domains if ARES_FLAG_NOSEARCH is set (#638) c-ares init options defines a flag ARES_FLAG_NOSEARCH that is supposed to prevent search using configured domain suffixes, however when using ares_getaddrinfo() the flag was ignored and domain suffixes were used anyway. Configuring zero domains to search also does not work (if ndomains == 0 default domain search list is loaded regardless of the flag ARES_OPT_DOMAINS being set). This change adds a check for the ARES_FLAG_NOSEARCH in as_is_only() function that is used by ares_getaddrinfo() to decide if to try to query next possible name ( next_dns_lookup() ) Fix By: @petrvh Brad House (25 Nov 2023) - Fix MacOS version test It appears that the Issue #454 wasn't really fixed for some reason. This commit should fix the detection. Fix By: Brad House (@bradh352) Daniel Stenberg (24 Nov 2023) - CI: codespell Closes #635 GitHub (24 Nov 2023) - [Christian Clauss brought this change] Fix typos discovered by codespell (#634) % `codespell --ignore-words-list="aas,aci,acter,atleast,contentss,firey,fo,sais,seh,statics"` * https://pypi.org/project/codespell Fix By: Christian Clauss (@cclauss) Brad House (22 Nov 2023) - environment is meant as an override for sysconfig GitHub (22 Nov 2023) - [Ignat brought this change] Support attempts and timeout options from resolv.conf (#632) c-ares parses only antique version of options for timeout and number of retries from resolv.conf (`retrans` and `retry` are missing in modern documentation https://man7.org/linux/man-pages/man5/resolv.conf.5.html). I add support of `attempts` and `timeout` options Fix By: Ignat (@Kontakter) - [Brad House brought this change] more precise timeout calculation (#633) The timeout calculation was occurring with millisecond precision, but on some systems, there is microsecond precision which could mean we'd tell a user a timeout time prior to the actual timeout. Fixes Bug: #631 Fix By: Brad House (@bradh352) - [Christian Clauss brought this change] INSTALL.md: Fix typo (#630) Fix By: Christian Clauss (@cclauss) Brad House (19 Nov 2023) - SonarCloud: fix minor codesmells - fix test case regression due to missing parens - now that warnings are enabled on test cases, clear a bunch of warnings - CMake: CXXFLAGS environment wasn't being read because C++ compiler was enabled after settings warnings. - fix additional windows test warnings - cleanup some Windows warnings in test - clang-format GitHub (19 Nov 2023) - [Brad House brought this change] Fix Windows UWP (Store) building and add to CI/CD (#627) When building for UWP (WindowsStore), additional headers are needed and some functions are not available. This also adds AppVeyor CI/CD support to catch these issues in the future. Fix By: Deal (@halx99) and Brad House (@bradh352) Brad House (19 Nov 2023) - ares_set_servers_*() should allow an empty server list For historic reasons, we have users depending on ares_set_servers_*() to return ARES_SUCCESS when passing no servers and actually *clear* the server list. It appears they do this for test cases to simulate DNS unavailable or similar. Presumably they could achieve the same effect in other ways (point to localhost on a port that isn't in use). But it seems like this might be wide-spread enough to cause headaches so we just will document and test for this behavior, clearly it hasn't caused "issues" for anyone with the old behavior. See: https://github.com/nodejs/node/pull/50800 Fix By: Brad House (@bradh352) GitHub (19 Nov 2023) - [Brad House brought this change] Query Cache support (#625) This PR implements a query cache at the lowest possible level, the actual dns request and response messages. Only successful and `NXDOMAIN` responses are cached. The lowest TTL in the response message determines the cache validity period for the response, and is capped at the configuration value for `qcache_max_ttl`. For `NXDOMAIN` responses, the SOA record is evaluated. For a query to match the cache, the opcode, flags, and each question's class, type, and name are all evaluated. This is to prevent matching a cached entry for a subtly different query (such as if the RD flag is set on one request and not another). For things like ares_getaddrinfo() or ares_search() that may spawn multiple queries, each individual message received is cached rather than the overarching response. This makes it possible for one query in the sequence to be purged from the cache while others still return cached results which means there is no chance of ever returning stale data. We have had a lot of user requests to return TTLs on all the various parsers like `ares_parse_caa_reply()`, and likely this is because they want to implement caching mechanisms of their own, thus this PR should solve those issues as well. Due to the internal data structures we have these days, this PR is less than 500 lines of new code. Fixes #608 Fix By: Brad House (@bradh352) Version 1.22.1 (17 Nov 2023) GitHub (17 Nov 2023) - [Brad House brought this change] 1.22.1 release prep (#624) Brad House (17 Nov 2023) - ares__htable_strvp should be case-insensitive - optimize: large /etc/hosts files reading profiling found some hot paths that could be optimized to reduce insert times into the cache. Fix By: Brad House (@bradh352) - Fix /etc/hosts processing performance with all entries using same IP address Some users use blacklist files like https://github.com/StevenBlack/hosts which can contain 200k+ host entries all pointing to 0.0.0.0. Due to the merge logic in the new hosts processor, all those entries will be associated as aliases for the same ip address. The first issue is that it attempts to check the status of all the hosts for the merged entry, when it should only be checking the new hosts added to the merged entry, so this caused exponential time as the entries got longer. The next issue is if searching for one of those hosts, it would append all the matches as cnames/aliases, but there is zero use for 200k aliases being appended to a lookup, so we are artificially capping this to 100. Bug report reference: https://bugs.gentoo.org/917400 Fix By: Brad House (@bradh352) - new badges - OpenWatcom: time_t is unsigned, change math using time_t to promote to a 64bit signed integer - fix more docs GitHub (15 Nov 2023) - [Gregor Jasny brought this change] Fix typos and man page whatis entry (#619) Those issues were detected by lintian. Fix By: Gregor Jasny (@gjasny) - [Douglas R. Reno brought this change] Fix building c-ares-1.22.0 and higher under Watcom. (#623) Update config-win32.h to define HAVE_STDINT_H when OpenWatcom is in use. Fix By: Douglas R. Reno (@renodr) Brad House (15 Nov 2023) - OpenWatcom: fix PR building - CI/CD: Add OpenWatcom - CI/CD: Add OpenWatcom - CI/CD: Add OpenWatcom - CI/CD: Add OpenWatcom - CI/CD: Add OpenWatcom - CI/CD: Add OpenWatcom - CI/CD: Add OpenWatcom - warnings: try to prevent warnings due to automatic integer promotion - only push to coverity weekly or on explicit coverity_scan branch commits - try to cleanup bogus compiler warnings - try to cleanup bogus compiler warnings - additional test coverage - Coverity: omit tests - Coverity: more - Coverity: silence false positives Version 1.22.0 (14 Nov 2023) Brad House (14 Nov 2023) - fix workflow - try a different coverity workflow GitHub (14 Nov 2023) - [Brad House brought this change] coverity workflow (#618) Brad House (14 Nov 2023) - typos - getaddrinfo ESERVICE GitHub (14 Nov 2023) - [Brad House brought this change] Release 1.22.0 (#616) Brad House (13 Nov 2023) - SonarCloud: minor codesmells - clang-format - Extended RCODE in OPT RR PsuedoRecord should not be exposed directly, it should be presented as part of the normal rcode - Slight fixes for PR #615 1. the maxtimeout must come at the end of the structure 2. fix comment form to be C style 3. fix timeplus randomness if statement GitHub (13 Nov 2023) - [Brad House brought this change] Add DNS record manpages (#615) The new DNS record parser and writer needs manpages. This PR implements those. Fix By: Brad House (@bradh352) - [Ignat brought this change] Randomize retry penalties to prevent thundering herd type issues (#606) The retry timeout values were using a fixed calculation which could cause multiple simultaneous queries to timeout and retry at the exact same time. If a DNS server is throttling requests, this could cause the issue to never self-resolve due to all requests recurring at the same instance again. This PR also creates a maximum timeout option to make sure the random value selected does not exceed this value. Fix By: Ignat (@Kontakter) Brad House (13 Nov 2023) - fix typos - some simplification and better error handling - SonarCloud: fix some minor codesmells GitHub (12 Nov 2023) - [Brad House brought this change] Implement ares_reinit() to reload system configuration into existing channel (#614) This PR implements ares_reinit() to safely reload a channel's configuration even if there are existing queries. This function can be called when system configuration is detected to be changed, however since c-ares isn't thread aware, care must be taken to ensure no other c-ares calls are in progress at the time this function is called. Also, this function may update the open file descriptor list so care must also be taken to wake any event loops and reprocess the list of file descriptors. Fixes Bug #301 Fix By: Brad House (@bradh352) Brad House (11 Nov 2023) - test case ensures tag for caa is not blank - 0-length strings are ok - SonarCloud: fix up codesmells GitHub (11 Nov 2023) - [Brad House brought this change] rewrite adig using new helpers (#607) adig previously performed manual parsing of the DNS records. Now it can focus strictly on formatting of output data for printing. It simply iterates across the parsed DNS packet and queries for the RRs, parameters for each RR, and the datatypes for each parameter. adig will now automatically pick up new RRs from the c-ares library due to the dynamic nature. The adig format also now more closely resembles that of BIND's `dig` output. A few more helpers needed to be added to the c-ares library that were missing. There ware a couple of minor bugs and enhancements also needed. Example: ``` ./adig -t ANY www.google.com ; <<>> c-ares DiG 1.21.0 <<>> www.google.com ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: RCODE, id: 23913 ;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags: 0; udp: 512 ;; QUESTION SECTION: ;www.google.com. IN ANY ;; ANSWER SECTION: www.google.com. 162 IN A 142.251.107.99 www.google.com. 162 IN A 142.251.107.105 www.google.com. 162 IN A 142.251.107.103 www.google.com. 162 IN A 142.251.107.147 www.google.com. 162 IN A 142.251.107.104 www.google.com. 162 IN A 142.251.107.106 www.google.com. 162 IN AAAA 2607:f8b0:400c:c32::93 www.google.com. 162 IN AAAA 2607:f8b0:400c:c32::69 www.google.com. 162 IN AAAA 2607:f8b0:400c:c32::68 www.google.com. 162 IN AAAA 2607:f8b0:400c:c32::6a www.google.com. 21462 IN HTTPS 1 . alpn="h2,h3" ;; MSG SIZE rcvd: 276 ``` Fix By: Brad House (@bradh352) - [Brad House brought this change] make dns parser/writer public (#604) This PR makes the c-ares parser introduced in 1.21, and the new writer, along with associated helpers public. These helpers are contained in a new public header of `ares_dns_record.h` which should _**not**_ be included directly, instead simply including `ares.h` is sufficient. This will address #587, as well as #470. A follow-up PR will be made which will transform `adig` to use the new parsers and helpers. This PR does not currently add man pages for these public functions, that will be in a follow-up PR once the `adig` migration is done which may expose additional needed helpers. The two aforementioned PRs will be done before the 1.22 release. Fix By: Brad House (@bradh352) Brad House (9 Nov 2023) - options helpers: fix dereference to properly return params - clang-format GitHub (9 Nov 2023) - [Brad House brought this change] Add SVCB and HTTPS RR (RFC 9460) (#603) This PR adds parsing and writing support for SVCB and HTTPS RRs as defined in RFC 9460. This should fix #566 Fix By: Brad House (@bradh352) - [Brad House brought this change] OPT RR should support parsing key/value options (#602) The OPT RR record has some seldom used options with a 16bit key and a binary value. The current parser and writer was not supporting this. This PR adds support. The same format is also used for SVCB/HTTPS records, so getting this in there is necessary to support that RR type. Also, we split the Binary record format into BIN and BINP, where BINP is an indicator that the binary data is _likely_ printable and will guarantee a NULL terminator. This is helpful for those attempting to print RRs. Fix By: Brad House (@bradh352) Brad House (8 Nov 2023) - SonarCloud: fix some easy codesmells - clang-format - Mark a couple of parameters as const in the public API GitHub (7 Nov 2023) - [Brad House brought this change] Add TLSA record support (#600) As per #470, c-ares is missing a parser for the TLSA record format (RFC 6698). This PR introduces that parser. Once the new parser interface becomes public and this PR is merged, then #470 can be closed. Fix By: Brad House (@bradh352) Brad House (7 Nov 2023) - memory leak in test case - fix bad variable reference - DNS Write: fix name compression - SonarCloud: fix codesmells - Coverage: add tests for writing and parsing various record formats GitHub (7 Nov 2023) - [Brad House brought this change] DNS Record Write (#598) The `ares_dns_record_t` data structure created in the prior release is capable of holding a complete parsed DNS message and also provides all helpers in order to fill in the data structure. This PR adds write capabilities for this data structure to form a complete message and supports features such as DNS name compression as defined in RFC1035. Though this message writing capability goes further than c-ares internally needs, external users may find it useful ... and we may find it useful for test validation as well. This also replaces the existing message writing code in `ares_create_query()`, as well rewriting the request message without EDNS in ares_process.c's `process_answer()`. Fix By: Brad House (@bradh352) Brad House (6 Nov 2023) - PATH_RESOLV_CONF: use empty string instead of NULL to prevent warnings - build fix - const: fix some usecases - remove tests that depend on randomness GitHub (5 Nov 2023) - [Brad House brought this change] Use EDNS by default (#596) All DNS servers support EDNS, by using this by default, it will allow larger responses without the need to switch to TCP. If by chance a DNS server is hit that doesn't support EDNS, this is detected due to the lack of the OPT RR in the response and will be automatically retried without EDNS. Fix By: Brad House (@bradh352) - [Brad House brought this change] `ares_channel` -> `ares_channel_t *`: don't bury the pointer (#595) `ares_channel` is defined as `typedef struct ares_channeldata *ares_channel;`. The problem with this, is it embeds the pointer into the typedef, which means an `ares_channel` can never be declared as `const` as if you write `const ares_channel channel`, that expands to `struct ares_channeldata * const ares_channel` and not `const struct ares_channeldata *channel`. We will now typedef `ares_channel_t` as `typedef struct ares_channeldata ares_channel_t;`, so if you write `const ares_channel_t *channel`, it properly expands to `const struct ares_channeldata *channel`. We are maintaining the old typedef for API compatibility with existing integrations, and due to typedef expansion this should not even cause any compiler warnings for existing code. There are no ABI implications with this change. I could be convinced to keep existing public functions as `ares_channel` if a sufficient argument exists, but internally we really need make this change for modern best practices. This change will allow us to internally use `const ares_channel_t *` where appropriate. Whether or not we decide to change any public interfaces to use `const` may require further discussion on if there might be ABI implications (I don't think so, but I'm also not 100% sure what a compiler internally does with `const` when emitting machine code ... I think more likely ABI implications would occur going the opposite direction). FYI, This PR was done via a combination of sed and clang-format, the only manual code change was the addition of the new typedef, and a couple doc fixes :) Fix By: Brad House (@bradh352) Brad House (4 Nov 2023) - win32 warnings look good, remove commented out block - more msvc warnings - fix - docs: document setting servers can be done live - SonarCloud: more easy codesmells - clang-format - SonarCloud: fix up codesmells GitHub (3 Nov 2023) - [Brad House brought this change] Dynamic Server List (#594) This PR makes the server list a dynamic sorted list of servers. The sort order is [ consecutive failures, system config index ]. The server list can be updated via ares_set_servers_*(). Any queries currently directed to servers that are no longer in the list will be automatically re-queued to a different server. Also, any time a failure occurs on the server, the sort order of the servers will be updated so that the one with the fewest consecutive failures is chosen for the next query that goes on the wire, this way bad or non-responsive servers are automatically isolated. Since the server list is now dynamic, the tracking of query failures per server has been removed and instead is relying on the server sort order as previously described. This simplifies the logic while also reducing the amount of memory required per query. However, because of this dynamic nature, it may not be easy to determine the server attempt order for enqueued queries if there have been any failures. If using the ARES_OPT_ROTATE, this is now implemented to be a random selection of the configured servers. Since the server list is dynamic, its not possible to go to the next server as configuration could have changed between queries or attempts for the same query. Finally, this PR moved some existing functions into new files to logically separate them. This should address issues #550 and #440, while also setting the framework to implement #301. #301 needs a little more effort since it configures things other than the servers themselves (domains, search, sortlist, lookups), which need to make sure they can be safely updated. Fix By: Brad House (@bradh352) Brad House (1 Nov 2023) - no reason to run LSAN, ASAN already does it GitHub (31 Oct 2023) - [Brad House brought this change] AppVeyor: update compiler versions, use Msys2, and Windows fixes (#593) AppVeyor was using Visual Studio 2015 along with old versions of MinGW. Update to the latest AppVeyor provides and also add an MSYS2 build test using MinGW which will use the bleeding edge version. When researching #590 this also uncovered a bug in cmake not properly detecting if_indextoname() on windows. This has been corrected as well as the underlying issue reported in #590. Fix By: Brad House (@bradh352) and Jonas Kvinge (@jonaski) Brad House (31 Oct 2023) - Coverage: add some code misuse test cases - hosts file parsing should set success at end of loop - fix windows localhost for ares_gethostbyname_file() when /etc/hosts doesn't have an entry - SonarCloud: fix up codesmells (const, unneeded casts, reduce complexity) GitHub (30 Oct 2023) - [Brad House brought this change] Replace hosts parser, add caching capabilities (#591) HOSTS FILE PROCESSING OVERVIEW ============================== The hosts file on the system contains static entries to be processed locally rather than querying the nameserver. Each row is an IP address followed by a list of space delimited hostnames that match the ip address. This is used for both forward and reverse lookups. We are caching the entire parsed hosts file for performance reasons. Some files may be quite sizable and as per Issue #458 can approach 1/2MB in size, and the parse overhead on a rapid succession of queries can be quite large. The entries are stored in forwards and backwards hashtables so we can get O(1) performance on lookup. The file is cached until the file modification timestamp changes (or 60s if there is no implemented stat() capability). The hosts file processing is quite unique. It has to merge all related hosts and ips into a single entry due to file formatting requirements. For instance take the below: ``` 127.0.0.1 localhost.localdomain localhost ::1 localhost.localdomain localhost 192.168.1.1 host.example.com host 192.168.1.5 host.example.com host 2620:1234::1 host.example.com host6.example.com host6 host ``` This will yield 2 entries. 1) ips: `127.0.0.1,::1` hosts: `localhost.localdomain,localhost` 2) ips: `192.168.1.1,192.168.1.5,2620:1234::1` hosts: `host.example.com,host,host6.example.com,host6` It could be argued that if searching for `192.168.1.1` that the `host6` hostnames should not be returned, but this implementation will return them since they are related (both ips have the fqdn of host.example.com). It is unlikely this will matter in the real world. Fix By: Brad House (@bradh352) - [Brad House brought this change] cleanups: split functions out into different files, rename some to be more logical (#589) Brad House (27 Oct 2023) - fix comment - recursive git attributes Version 1.21.0 (26 Oct 2023) Brad House (26 Oct 2023) - SonarCloud: reduce reported complexity that exists for no reason. - SonarCloud: fix some #undef codesmells - formatting - document ARES_RR_* records - no reason to limit on truncation - linguist fixes - don't use test cases to determine language of c-ares - fix grammar - fix count GitHub (25 Oct 2023) - [Brad House brought this change] 1.21.0 release prep (#585) Brad House (25 Oct 2023) - fix build warning GitHub (25 Oct 2023) - [Brad House brought this change] SonarCloud: clean up more codesmells (#584) Brad House (25 Oct 2023) - resolve reported memory leaks - add test vector said to cause a memory leak GitHub (25 Oct 2023) - [Brad House brought this change] sonarcloud: fix more codesmells (#583) - [Brad House brought this change] sonarcloud easy codesmells (#582) Fix By: Brad House (@bradh352) - [Brad House brought this change] Modernization: replace multiple hand-parsers with new memory-safe parser (#581) New DNS record parsing code. The old code was basically just some helper macros and functions for parsing an entire DNS message. The caller had to know the RFCs to use the parsers, except for some pre-made exceptions. The new parsing code parses the entire DNS message into an opaque data structure in a memory safe manner with various accessors for reading and manipulating the data. The existing parser helpers for the various record types were reimplemented as wrappers around the new parser. The accessors allow easy iteration across the DNS record datastructure, and can be used to easily create dig-like output without needing to know anything about the various record types and formats as dynamic helpers are provided for enumeration of values and data types of those values. At some point in the future, this new DNS record structure, accessors, and parser will be exposed publicly. This is not done at this point as we don't want to do that until the API is completely stable. Likely a write() function to output the DNS record back into an actual message buffer will be introduced with the stable API as well. Some subtle bugs in the existing code were uncovered, some which had test cases which turned out to be bogus. Validation with third-party implementations (e.g. BIND9) were performed to validate such cases were indeed bugs. Adding additional RR parsers such as for TLSA (#470) or SVCB/HTTPS (#566) are trivial now since focus can be put on only parsing the data within the RR, not the entire message. That said, as the new parser is not yet public, it isn't clear the best way to expose any new RRs (probably best to wait for the new parser to be public rather than hacking in another legacy function). Some additional RRs that are part of DNS RFC1035 or EDNS RFC6891 that didn't have previously implemented parsers are now also implemented (e.g. HINFO, OPT). Any unrecognized RRs are encapsulated into a "RAW_RR" as binary data which can be inserted or extracted, but are otherwise not interpreted in any way. Fix By: Brad House (@bradh352) - [Gregor Jasny brought this change] feat: use CMake to control symbol visibility (#574) In contrast to #572 this solution does not need any extra headers. But it is also limited to GCC-like compilers. Fix By: Gregor Jasny (@gjasny) - [Brad House brought this change] remove ares_nowarn helpers #580 Now that the code internally is using proper datatypes, there is no longer a need for ares_nowarn helpers. Remove them. Fix By: Brad House (@bradh352) Brad House (16 Oct 2023) - clang-format: fix structure alignment It appears the structure alignment chosen just doesn't work right. Switch to 'left', it appears to be mostly correct. Fix By: Brad House (@bradh352) GitHub (15 Oct 2023) - [Brad House brought this change] Reformat code using clang-format (#579) c-ares uses multiple code styles, standardize on one. Talking with @bagder he feels strongly about maintaining an 80 column limit, but feels less strongly about things I feel strongly about (like alignment). Can re-run the formatter on the codebase via: ``` clang-format -i */*.c */*.h */*/*.c */*/*.h ``` Fix By: Brad House (@bradh352) Brad House (15 Oct 2023) - inet_ntop requires ares_private.h - SonarCloud: Fix additional code smells Fix By: Brad House (@bradh352) - SonarCloud: Ignore codesmells c89 doesn't support C89 doesn't support iterator declaration in for loop, kill warning. Fix By: Brad House (@bradh352) GitHub (15 Oct 2023) - [Brad House brought this change] set compiler standard to ISO C90/ANSI C89 (#577) SonarCloud is outputting some code smells for things that aren't possible for C89. Hopefully setting the code standard to C89/C90 properly will fix those bogus warnings. Fix By: Brad House (@bradh352) Brad House (15 Oct 2023) - fix new ares_strcpy to ensure null termination - build fix GitHub (15 Oct 2023) - [Brad House brought this change] SonarCloud: Fix up codesmells due to strlen(), strcpy(), and strncpy() (#576) Create ares_strlen() and ares_strcpy() in order to resolve SonarCloud codesmells related to their use. ares_strlen() just becomes null-safe. ares_strcpy() is equivalent to strlcpy(), so unlike strncpy() it guarantees NULL termination. Fix By: Brad House (@bradh352) Brad House (15 Oct 2023) - SonarCloud: try to appease it better - SonarCloud: Fix reported bugs SonarCloud reported a few bugs, this commit should fix those reports. Fix By: Brad House (@bradh352) GitHub (15 Oct 2023) - [Brad House brought this change] Fix internal datatype usage and warnings (#573) PR #568 increased the warning levels and c-ares code emitted a bunch of warnings. This PR fixes those warnings and starts transitioning internal data types into more proper forms (e.g. data lengths should be size_t not int). It does, however, have to manually cast back to what the public API needs due to API and ABI compliance (we aren't looking to break integrations, just clean up internals). Fix By: Brad House (@bradh352) Brad House (15 Oct 2023) - SonarCloud: exclude tests - fix source directories GitHub (15 Oct 2023) - [Brad House brought this change] Sonarcloud (#575) - [Brad House brought this change] Increase compiler warnings by default (#568) c-ares was missing a couple of common compiler warnings during building that are widely recognized as a best practice. This PR makes no code changes, only build system changes to increase warning levels. This PR does cause some new warnings to be emitted, a follow-up PR will address those. Fix By: Brad House (@bradh352) - [Brad House brought this change] introduce ares_bool_t datatype (#570) c-ares currently uses int for boolean, which can be confusing as there are some functions which return int but use '0' as the success condition. Some internal variable usage is similar. Lets try to identify the boolean use cases and split them out into their own data type of ares_bool_t. Since we're trying to keep C89 compatibility, we can't rely on stdbool.h or the _Bool C99 data type, so we'll define our own. Also, chose using an enum rather than say unsigned char or int because of the type safety benefits it provides. Compilers should warn if you try to pass, ARES_TRUE on to a ares_status_t enum (or similar) since they are different enums. Fix By: Brad House (@bradh352) Brad House (12 Oct 2023) - Socket callbacks were passed SOCK_STREAM instead of SOCK_DGRAM on udp A regression was introduced in 1.20.0 that would pass SOCK_STREAM on udp connections due to code refactoring. If a client application validated this data, it could cause issues as seen in gRPC. Fixes Issue: #571 Fix By: Brad House (@bradh352) - Enhance test of ares_getsock() In an attempt to see if ares_getsock() was broken as per #571, do further sanity checks of the results of ares_getsock(). It seems as though ares_getsock() is fine. Fix By: Brad House (@bradh352) GitHub (10 Oct 2023) - [Brad House brought this change] Tool: STAYOPEN flag could make tools not terminate (#569) If a flag is set to keep the connections to the DNS servers open even if there are no queries, the tools would not exit until the remote server closed the connection due to the user of ares_fds() to determine if there are any active queries. Instead, rely on ares_timeout() returning NULL if there are no active queries (technically this returns the value passed to max_tv in ares_timeout(), but in our use case, that is always NULL). Fixes Issue: #452 Fix By: Brad House (@bradh352) - [Brad House brought this change] ares_status_t enum for status codes (#567) The list of possible error codes in c-ares was a #define list. This not only doesn't provide for any sort of type safety but it also lacks clarification on what a function may return or what it takes, as an int could be an ares status, a boolean, or possibly even a length in the current code. We are not changing any public APIs as though the C standard states the underlying size and type of an enum is int, there are compiler attributes to override this as well as compiler flags like -fshort-enums. GCC in particular is known to expand an enum's width based on the data values (e.g., it can emit a 64bit integer enum). All internal usages should be changed by this PR, but of course, there may be some I missed. Fix By: Brad House (@bradh352) Daniel Stenberg (9 Oct 2023) - docs: provide better man page references When referring to another c-ares function use \fI function(3) \fP to let the webpage rendering find and cross-link them appropriately. SEE ALSO references should be ".BR name (3),", with a space before the open parenthesis. This helps the manpage to HTML renderer. Closes #565 Version 1.20.1 (8 Oct 2023) GitHub (8 Oct 2023) - [Daniel Stenberg brought this change] ares-test: silence warning (#564) warning: comparison of integer expressions of different signedness Fix By: Daniel Stenberg (@bagder) Brad House (8 Oct 2023) - fix README.md GitHub (8 Oct 2023) - [Brad House brought this change] 1.20.1 release (#563) - [Brad House brought this change] fix reference to freed memory (#562) Issue #561 shows free'd memory could be accessed in some error conditions. Fixes Issue #561 Fix By: Brad House (@bradh352) Brad House (8 Oct 2023) - reported build/test systems may timeout on intensive tests. reduce test case to still be relevant but to reduce false positive errors GitHub (8 Oct 2023) - [Gregor Jasny brought this change] Regression: Fix typo in fuzzcheck target name (#559) This seems to be a vim'esque typo introduced with c1b00c41. Fix By: Gregor Jasny (@gjasny) Version 1.20.0 (6 Oct 2023) Brad House (6 Oct 2023) - fix slist search off by 1 GitHub (6 Oct 2023) - [Brad House brought this change] 1.20.0 release prep (#557) - [Brad House brought this change] ares__buf should return standard error codes. more helpers implemented. (#558) The purpose of this PR is to hopefully make the private API of this set of routines less likely to need to be changed in a future release. While this is not a public API, it could become harder in the future to change usage as it becomes more widely used within c-ares. Fix By: Brad House (@bradh352) - [Brad House brought this change] Update from 1989 MIT license text to modern MIT license text (#556) ares (and thus c-ares) was originally licensed under the 1989 MIT license text: https://fedoraproject.org/wiki/Licensing:MIT#Old_Style_(no_advertising_without_permission) This change updates the license to the modern MIT license as recognized here: https://opensource.org/license/mit/ care has been taken to ensure correct attributions remain for the authors contained within the copyright headers, and all authors with attributions in the headers have been contacted for approval regarding the change. Any authors which were not able to be contacted, the original copyright maintains, luckily that exists in only a single file `ares_parse_caa_reply.c` at this time. Please see PR #556 for the documented approvals by each contributor. Fix By: Brad House (@bradh352) - [Brad House brought this change] Test Harness: use ares_timeout() to calculate the value to pass to select() these days. (#555) The test framework was using 100ms timeout passed to select(), and not using ares_timeout() to calculate the actual recommended value based on the queries in queue. Using ares_timeout() tests the functionality of ares_timeout() itself and will provide more responsive results. Fix By: Brad House (@bradh352) - [Brad House brought this change] Fix for TCP back to back queries (#552) As per #266, TCP queries are basically broken. If we get a partial reply, things just don't work, but unlike UDP, TCP may get fragmented and we need to properly handle that. I've started creating a basic parser/buffer framework for c-ares for memory safety reasons, but it also helps for things like this where we shouldn't be manually tracking positions and fetching only a couple of bytes at a time from a socket. This parser/buffer will be expanded and used more in the future. This also resolves #206 by allowing NULL to be specified for some socket callbacks so they will auto-route to the built-in c-ares functions. Fixes: #206, #266 Fix By: Brad House (@bradh352) - [Brad House brought this change] remove acountry from built tools as nerd.dk is gone (#554) The acountry utility required a third party DNSBL service from nerd.dk in order to operate. That service has been offline for about a year and there is no other comparable service offering. We are keeping the code in the repository as an example, but no longer building it. Fixes: #537 Fix By: Brad House (@bradh352) - [Brad House brought this change] Don't requeue any queries for getaddrinfo() during destruction. (#553) During ares_destroy(), any outstanding queries are terminated, however ares_getaddrinfo() had an ordering issue with status codes which in some circumstances could lead to a new query being enqueued rather than honoring the termination. Fixes #532 Fix By: @Chilledheart and Brad House (@bradh352) - [Brad House brought this change] ares_getaddrinfo(): Fail faster on AF_UNSPEC if we've already received one address class (#551) As per #541, when using AF_UNSPEC with ares_getaddrinfo() (and in turn with ares_gethostbynam()) if we receive a successful response for one address class, we should not allow the other address class to continue on with retries, just return the address class we have. This will limit the overall query time to whatever timeout remains for the pending query for the other address class, it will not, however, terminate the other query as it may still prove to be successful (possibly coming in less than a millisecond later) and we'd want that result still. It just turns off additional error processing to get the result back quicker. Fixes Bug: #541 Fix By: Brad House (@bradh352) - [Sam Morris brought this change] Avoid producing an ill-formed result when qualifying a name with the root domain (#546) This prevents the result of qualifying "name" with "." being "name.." which is ill-formed. Fixes Bug: #545 Fix By: Sam Morris (@yrro) - [Brad House brought this change] Configuration option to limit number of UDP queries per ephemeral port (#549) Add a new ARES_OPT_UDP_MAX_QUERIES option with udp_max_queries parameter that can be passed to ares_init_options(). This value defaults to 0 (unlimited) to maintain existing compatibility, any positive number will cause new UDP ephemeral ports to be created once the threshold is reached, we'll call these 'connections' even though its technically wrong for UDP. Implementation Details: * Each server entry in a channel now has a linked-list of connections/ports for udp and tcp. The first connection in the list is the one most likely to be eligible to accept new queries. * Queries are now tracked by connection rather than by server. * Every time a query is detached from a connection, the connection that it was attached to will be checked to see if it needs to be cleaned up. * Insertion, lookup, and searching for connections has been implemented as O(1) complexity so the number of connections will not impact performance. * Remove is_broken from the server, it appears it would be set and immediately unset, so must have been invalidated via a prior patch. A future patch should probably track consecutive server errors and de-prioritize such servers. The code right now will always try servers in the order of configuration, so a bad server in the list will always be tried and may rely on timeout logic to try the next. * Various other cleanups to remove code duplication and for clarification. Fixes Bug: #444 Fix By: Brad House (@bradh352) - [Brad House brought this change] its not 1991 anymore, lower default timeout and retry count (#542) A lot of time has passed since the original timeouts and retry counts were chosen. We have on and off issues reported due to this. Even on geostationary satellite links, latency is worst case around 1.5s. This PR changes the per-server timeout to 2s and the retry count lowered from 4 to 3. Fix By: Brad House (@bradh352) - [Brad House brought this change] Modernization: Implement base data-structures and replace usage (#540) c-ares currently lacks modern data structures that can make coding easier and more efficient. This PR implements a new linked list, skip list (sorted linked list), and hashtable implementation that are easy to use and hard to misuse. Though these implementations use more memory allocations than the prior implementation, the ability to more rapidly iterate on the codebase is a bigger win than any marginal performance difference (which is unlikely to be visible, modern systems are much more powerful than when c-ares was initially created). The data structure implementation favors readability and audit-ability over performance, however using the algorithmically correct data type for the purpose should offset any perceived losses. The primary motivation for this PR is to facilitate future implementation for Issues #444, #135, #458, and possibly #301 A couple additional notes: The ares_timeout() function is now O(1) complexity instead of O(n) due to the use of a skiplist. Some obscure bugs were uncovered which were actually being incorrectly validated in the test cases. These have been addressed in this PR but are not explicitly discussed. Fixed some dead code warnings in ares_rand for systems that don't need rc4 Fix By: Brad House (@bradh352) - [Jérôme Duval brought this change] fix missing prefix for CMake generated libcares.pc (#530) 'pkg-config grpc --cflags' complains with: Variable 'prefix' not defined in libcares.pc Fix By: Jérôme Duval (@korli) bradh352 (11 Jul 2023) - windows get_DNS_Windows port fix for ipv6 - windows get_DNS_Windows port is in network byte order - backoff to debian 11 due to coverage check failure - extend on PR #534, windows should also honor a port GitHub (11 Jul 2023) - [Brad House brought this change] Support configuration of DNS server ports (#534) As per https://man.openbsd.org/OpenBSD-5.1/resolv.conf.5 we should support bracketed syntax for resolv.conf entries to contain an optional port number. We also need to utilize this format for configuration of MacOS DNS servers as seen when using the Viscosity OpenVPN client, where it starts a private DNS server listening on localhost on a non-standard port. Fix By: Brad House (@bradh352) Daniel Stenberg (9 Jun 2023) - provide SPDX identifiers and a REUSE CI job to verify All files have their licence and copyright information clearly identifiable. If not in the file header, they are set separately in .reuse/dep5. All used license texts are provided in LICENSES/ GitHub (30 May 2023) - [Alexey A Tikhonov brought this change] Remove unreachable code as reported by Coverity (#527) Coverity reported some code as unreachable. A manual inspection confirmed the reports. Fix By: Alexey A Tikhonov (@alexey-tikhonov) - [Ben Noordhuis brought this change] rand: add support for getrandom() (#526) glibc provides arc4random_buf() but musl does not and /dev/urandom is not always available. - [Tim Wojtulewicz brought this change] Replace uses of sprintf with snprintf (#525) sprintf isn't safe even if you think you are using it right. Switch to snprintf(). Fix By: Tim Wojtulewicz (@timwoj) bradh352 (23 May 2023) - update version and release procedure GitHub (22 May 2023) - [Douglas R. Reno brought this change] INSTALL.md: Add Watcom instructions and update Windows documentation URLs (#524) This commit adds instructions on how to use the WATCOM compiler to build c-ares. This was just tested on c-ares-1.19.1 and works well. While going through the links for the C Runtime documentation for Windows systems, I discovered that all three of the KB articles that were linked are now nonexistent. This commit replaces KB94248 with the current replacement available on Microsoft's website, which also makes the other two KB articles obsolete. Fix By: Douglas R. Reno (@renodr) Version 1.19.1 (22 May 2023) bradh352 (22 May 2023) - Makefile.inc Windows requires tabs not spaces for nmake GitHub (22 May 2023) - [Daniel Stenberg brought this change] ares_expand_name: fix compiler warnings (#522) Fix some compiler warnings (not introduced in this release) Fix By: Daniel Stenberg (@bagder) bradh352 (22 May 2023) - windows MSVC compiler fix on 32bit - update security advisory links - minor CI issues fixes for imported inet_net_pton - ares_rand static analysis fixes from CI - windows build fix - security release notes GitHub (22 May 2023) - [Brad House brought this change] Merge pull request from GHSA-9g78-jv2r-p7vc - [Brad House brought this change] Merge pull request from GHSA-x6mf-cxr9-8q6v * Merged latest OpenBSD changes for inet_net_pton_ipv6() into c-ares. * Always use our own IP conversion functions now, do not delegate to OS so we can have consistency in testing and fuzzing. * Removed bogus test cases that never should have passed. * Add new test case for crash bug found. Fix By: Brad House (@bradh352) - [Brad House brought this change] Merge pull request from GHSA-8r8p-23f3-64c2 * segment random number generation into own file * abstract random code to make it more modular so we can have multiple backends * rand: add support for arc4random_buf() and also direct CARES_RANDOM_FILE reading * autotools: fix detection of arc4random_buf * rework initial rc4 seed for PRNG as last fallback * rc4: more proper implementation, simplified for clarity * clarifications bradh352 (20 May 2023) - add public release note information - bump version to 1.19.1 GitHub (6 May 2023) - [Gregor Jasny brought this change] test: fix warning about uninitialized memory (#515) fix warning in tests Fix By: Gregor Jasny (@gjasny) - [lifenjoiner brought this change] Turn off IPV6_V6ONLY on Windows if it is supported (#520) Turn off IPV6_V6ONLY on Windows if it is supported, support for IPv4-mapped IPv6 addresses. IPV6_V6ONLY refs: https://en.wikipedia.org/wiki/IPv6#IPv4-mapped_IPv6_addresses https://github.com/golang/go/blob/master/src/net/ipsock_posix.go https://en.wikipedia.org/wiki/Unix-like off: https://www.kernel.org/doc/html/latest/networking/ip-sysctl.html#proc-sys-net-ipv6-variables https://man.netbsd.org/inet6.4 https://man.freebsd.org/cgi/man.cgi?query=inet6 https://github.com/apple-oss-distributions/xnu/blob/main/bsd/man/man4/inet6.4 on: https://learn.microsoft.com/en-us/windows/win32/winsock/ipproto-ipv6-socket-options acts like off, but returns 1 and dummy setting: https://man.dragonflybsd.org/?command=inet6 https://man.dragonflybsd.org/?command=ip6 unsupported and read-only returns 1: https://man.openbsd.org/inet6.4 default value refs: https://datatracker.ietf.org/doc/html/rfc3493#section-5.3 https://www.kernel.org/doc/html/latest/networking/ip-sysctl.html#proc-sys-net-ipv6-variables - [Brad House brought this change] Merge pull request from GHSA-54xr-f67r-4pc4 * CARES_RANDOM_FILE should always default to /dev/urandom During cross-compilation, CARES_RANDOM_FILE may not be able to be appropriately detected, therefore we should always set it to /dev/urandom and allow the entity requesting compilation override the value. The code does appropriately fall back if CARES_RANDOM_FILE cannot be opened. * use set not option bradh352 (18 Mar 2023) - ares_getaddrinfo using service of "0" should be allowed As per #517 glibc allows a service/servname of "0" to be treated the same as if NULL was provided. Also, add a sanity check to ensure the port number is in range instead of a blind cast. Fixes: #517 Fix By: Brad House (@bradh352) GitHub (10 Feb 2023) - [Nikolaos Chatzikonstantinou brought this change] fix memory leak in ares_send (#511) When the condition channel->nservers < 1 holds, the function returns prematurely, without deallocating query->tcpbuf. We rearrange the check to be done prior to the allocations, avoiding the memory leak. In this way, we also avoid unnecessary allocations if channel->nservers < 1 holds. Fix By: Nikolaos Chatzikonstantinou (@createyourpersonalaccount) - [Nikolaos Chatzikonstantinou brought this change] change comment style to old-style (#513) Following the README.md guidelines, "Comments must be written in the old-style" the comment is changed to the old style. Fix By: Nikolaos Chatzikonstantinou (@createyourpersonalaccount) - [Nikolaos Chatzikonstantinou brought this change] use strncasecmp in ares__strsplit (#512) strncasecmp on platforms that don't already have it is already #define'd to a private implementation. There is no need to have OS-specific logic. Also removes ares__strsplit.h as a header as ares_private.h already includes it. Fix By: Nikolaos Chatzikonstantinou (@createyourpersonalaccount) - [Yijie Ma brought this change] Fix a typo in ares_init_options.3 (#510) that -> than Fix By: Yijie Ma (@yijiem) - [Douglas R. Reno brought this change] Watcom Portability Improvements (#509) - Modify the Watcom Makefile for the source code reorganization (#352) - Add *.map files into .gitignore - Fix build errors with Watcom's builtin Windows SDK (which is rather outdated). It's smart enough to understand Windows Vista, but doesn't have PMIB_UNICASTIPADDRESS_TABLE or MIB_IPFORWARD_ROW2. It may be possible to use a different Windows SDK with the Watcom compiler, such as the most recent Windows 10 SDK. Alternatively the SDK in OpenWatcom 2.0 (which is in development) should fix this. I have no problems testing this Makefile prior to releases, just give me a ping. Tested with Windows Vista, Windows 7, and Windows 10 using 'adig', 'acountry', and 'ahost'. This also seems to work on Windows XP, though this is likely due to the compiler in use. Fix By: Douglas R. Reno (@renodr) Fixes Bug: #352 - [Jay Freeman (saurik) brought this change] ignore aminclude_static.am, as generated by AX_AM_MACROS_STATIC (#508) Fix By: Jay Freeman (@saurik) - [Jay Freeman (saurik) brought this change] sync ax_pthread.m4 with upstream (#507) The version in the repository is many years old so this PR simply pulls in the latest available revision from: http://git.savannah.gnu.org/gitweb/?p=autoconf-archive.git;a=tree;f=m4 Fix By: Jay Freeman (@saurik) - [Chilledheart brought this change] Windows: Invalid stack variable out of scope for HOSTS file path (#502) In some conditions Windows might try to use a stack address that has gone out of scope when determining where to read the hosts data from for file lookups. Fix By: @Chilledheart - [Brad House brought this change] sync ax_cxx_compile_stdcxx_11.m4 with upstream (#505) It was reported that ax_cxx_compile_stdcxx_11.m4 was not compatible with uclibc. The version in the repository is many years old so this PR simply pulls in the latest available revision from: http://git.savannah.gnu.org/gitweb/?p=autoconf-archive.git;a=tree;f=m4 Fixes Bug: #504 Fix By: Brad House (@bradh352) Version 1.19.0 (18 Jan 2023) bradh352 (18 Jan 2023) - Prep for 1.19.0 release - Fix inverted logic in 25523e2 Fix .localhost. handling in prior commit Fix By: Brad House (@bradh352) - RFC6761 localhost definition includes subdomains RFC6761 6.3 states: The domain "localhost." and any names falling within ".localhost." We were only honoring "localhost". Fixes: #477 Fix By: Brad House (@bradh352) - docs: ARES_OPT_UDP_PORT and ARES_OPT_TCP_PORT docs wrong byte order As per #487, documentation states the port should be in network byte order, but we can see from the test cases using MockServers on different ports that this is not the case, it is definitely in host byte order. Fix By: Brad House (@bradh352) GitHub (18 Jan 2023) - [hopper-vul brought this change] Add str len check in config_sortlist to avoid stack overflow (#497) In ares_set_sortlist, it calls config_sortlist(..., sortstr) to parse the input str and initialize a sortlist configuration. However, ares_set_sortlist has not any checks about the validity of the input str. It is very easy to create an arbitrary length stack overflow with the unchecked `memcpy(ipbuf, str, q-str);` and `memcpy(ipbufpfx, str, q-str);` statements in the config_sortlist call, which could potentially cause severe security impact in practical programs. This commit add necessary check for `ipbuf` and `ipbufpfx` which avoid the potential stack overflows. fixes #496 Fix By: @hopper-vul bradh352 (18 Jan 2023) - Fix build due to str-split sed gone wrong Fix By: Brad House (@bradh352) - cirrus-ci: switch to scan-build-py for MacOS MacOS seems to work better with scan-build-py Fix By: Brad House (@bradh352) - ares_strsplit* -> ares__strsplit* to comply with internal function naming Inspired by #495, but was missing test cases and would failed to build. Fix By: Brad House (@bradh352), Daniel Stenberg (@bagder) - Cirrus-CI: MacOS Homebrew has changed from /usr/local/opt to /opt/homebrew Fix paths for homebrew. Fix By: Brad House (@bradh352) - cirrus-ci: iOS build needs to use ARM MacOS image CirrusCI removed Intel-based MacOS images. Need to switch iOS builds to use new ARM images as well. Fix By: Brad House (@bradh352) - cirrus-ci: new MacOS image Cirrus-CI has recently EOL'd Intel MacOS VMs, switch to the latest ARM-based image. Fix By: Brad House (@bradh352) - acountry was passing stack variable to callback Recent ASAN versions picked up that acountry was passing stack variables to ares_gethostbyname() then leaving the stack context. We will now allocate a buffer for this. Fix By: Brad House (@bradh352) GitHub (13 Dec 2022) - [Daniel Stenberg brought this change] docs: reformat/cleanup man pages SYNOPSIS sections (#494) To make them render "nicer" in both terminals and on the website. - Removes the bold - Removes .PP lines - Indents them more like proper code style Fix By: Daniel Stenberg (@bagder) - [Nikolaos Chatzikonstantinou brought this change] bug fix: new ares_strsplit (#492) * add ares_strsplit unit test The test reveals a bug in the implementation of ares_strsplit when the make_set parameter is set to 1, as distinct domains are confused for equal: out = ares_strsplit("example.com, example.co", ", ", 1, &n); evaluates to n = 1 with out = { "example.com" }. * bugfix and cleanup of ares_strsplit The purpose of ares_strsplit in c-ares is to split a comma-delimited string of unique (up to letter case) domains. However, because the terminating NUL byte was not checked in the substrings when comparing for uniqueness, the function would sometimes drop domains it should not. For example, ares_strsplit("example.com, example.co", ",") would only result in a single domain "example.com". Aside from this bugfix, the following cleanup is performed: 1. The tokenization now happens with the help of strcspn instead of the custom function is_delim. 2. The function list_contains has been inlined. 3. The interface of ares_strsplit has been simplified by removing the parameter make_set since in practice it was always 1. 4. There are fewer passes over the input string. 5. We resize the table using realloc() down to its minimum size. 6. The docstring of ares_strsplit is updated and also a couple typos are fixed. There occurs a single use of ares_strsplit and since the make_set parameter has been removed, the call in ares_init.c is modified accordingly. The unit test for ares_strsplit is also updated. Fix By: Nikolaos Chatzikonstantinou (@createyourpersonalaccount) bradh352 (23 Oct 2022) - CirrusCI: update freebsd image Old FreeBSD image for CirrusCI has issues with newer symbols, update to later one. Fix By: Brad House (@bradh352) GitHub (23 Oct 2022) - [Stephen Sachs brought this change] Fix Intel compiler deprecated options (#485) Options `-we ###` and `-wd ###` should not include a whitespace. They are also deprecated and `-diag-error` and `-diag-disable` are their replacements. Intel compiler 2021.6 is not able to be used in configure without the proposed patch. Fix By: Stephen Sachs (@stephenmsachs) - [Jonathan Ringer brought this change] Allow for CMake to use absolute install paths (#486) Generated libcares.pc could have bad paths when using absolute paths. Fix By: Jonathan Ringer (@jonringer) - [Thomas Dreibholz brought this change] Fix for issue #488: ensure that the number of iovec entries does not exceed system limits. (#489) c-ares could try to exceed maximum number of iovec entries supported by system. Fix By: Thomas Dreibholz (@dreibh) - [bsergean brought this change] Add include guards to ares_data.h (#491) All the other header files in the src/lib folder do have an include guard so it look like an overthought. Fix By: @bsergean - [Brad Spencer brought this change] Fix typo in docs for ares_process_fd (#490) A single letter was missing Fix By: Brad Spencer (@b-spencer) - [lifenjoiner brought this change] tools: refine help (#481) fix invalid help options and documentation typos Fix By: @lifenjoiner - [lifenjoiner brought this change] Git: ignore CMake temporary files (#480) exclude more files from git Fix By: @lifenjoiner - [lifenjoiner brought this change] adig: fix `-T` option (#479) Helper was missing flag to enable TCP mode of operation. Fix By: @lifenjoiner - [Frank brought this change] Add vcpkg installation instructions (#478) Update to include vcpkg installation instructions Fix By: @FrankXie05 - [marc-groundctl brought this change] Convert total timeout to per-query (#467) On Apple platforms, libresolv reports the total timeout in retrans, not the per-query time. This patch undoes that math to get the per-query time, which is what c-ares expects. This is not perfect because libresolv is inconsistent on whether the timeout is multiplied by retry or retry+1, but I don't see any way to distinguish these cases. Fix By: Marc Aldorasi (@marc-groundctl) - [marc-groundctl brought this change] Don't include version info in the static library (#468) The static library should not contain version info, since it would be linked into an executable or dll with its own version info. Fix By: @marc-groundctl - [Ridge Kennedy brought this change] Fix ares_getaddrinfo() numerical address fast path with AF_UNSPEC (#469) The conversion of numeric IPv4 addresses in fake_addrinfo() is broken when the family is AF_UNSPEC. The initial call to ares_inet_pton with AF_INET will succeed, but the subsequent call using AF_INET6 will fail. This results in the fake_addrinfo() fast path failing, and ares_getaddrinfo() making a query when none should be required. Resolve this by only attempting the call to ares_inet_pton with AF_INET6 if the initial call with AF_INET was unsuccessful. Fix By: Ridge Kennedy (@ridgek) - [Manish Mehra brought this change] Configurable hosts path for file_lookup (#465) This changeset adds support for configurable hosts file ARES_OPT_HOSTS_FILE (similar to ARES_OPT_RESOLVCONF). Co-authored-by: Manish Mehra (@mmehra) bradh352 (27 Apr 2022) - CMake: Windows DLLs lack version information The cares.rc was not included in the build for CMake. Conditionally add it when building for Windows. Fix By: Brad House (@bradh352) Fixes Bug: #460 GitHub (27 Apr 2022) - [Kai Pastor brought this change] CMake: Guard target creation in exported config (#464) User projects may call 'find_package(c-ares)' multiple times (e.g. via dependencies), but targets must be created only once. Shared and static target must be treated independently. Fix By: Kai Pastor (@dg0yt) bradh352 (27 Apr 2022) - Honor valid DNS result even if other class returned an error When using ares_getaddrinfo() with PF_UNSPEC, if a DNS server returned good data on an A record, followed by bad data on an AAAA record, the good record would be thrown away and an error returned. If we got a good response from one of the two queries, regardless of the order returned, we should honor that. Fix By: Dmitry Karpov (dkarpov@roku.com) Signed Off By: Brad House (@bradh352) GitHub (2 Apr 2022) - [Sam James brought this change] configure.ac: fix STDC_HEADERS typo (#459) There is no autoconf macro called STDC_HEADERS. AC_HEADER_STDC however does exist and it defines the STDC_HEADERS macro for use. Not clear that STDC_HEADERS from its use in the repo is needed but would rather not meddle with it for now. Fixes an annoying warning on `./configure`: ``` /var/tmp/portage/net-dns/c-ares-1.18.1/work/c-ares-1.18.1/configure: 24546: STDC_HEADERS: not found ``` Signed-off-by: Sam James bradh352 (2 Mar 2022) - Asterisks should be allowed in host validation as CNAMEs may reference wildcard domains CloudFlare appears to use this logic in CNAMEs as per https://github.com/nodejs/node/issues/42171 Fixes: #457 Fix By: Brad House (@bradh352) - Don't return on file lookup failure, set status When resolving a host via /etc/hosts, don't return with a predefined error as there may be other tries. Fix By: Brad House (@bradh352) - 'localhost' special treatment enhancement Since localhost is special-cased, any errors should be ignored when reading /etc/hosts as otherwise we could return an error if there were for instance an invalidly formatted /etc/hosts or if /etc/hosts had a permissions error while reading. This exact behavior appears to have been seen on OS/400 PASE environments which allows AIX binares to run. Fix By: Brad House (@bradh352) - If chain building c-ares as part of another project, detect of res_servicename could fail (#451) If libresolv is already included with the build, c-ares wouldn't properly detect its use. May fix: #451 Fix by: Brad House (@bradh352) - no analyze capability on ios - attempt to use scan-build on ios - disable tests on ios - fix switch statement - code coverage had gotten disabled - looks like shell expansion doesn't work with cirrus-ci, lets do it another way - attempt to autobuild for iOS GitHub (8 Dec 2021) - [Brad House brought this change] Windows: rework/simplify initialization code, drop long EOL systems (#445) There was a lot of windows initialization code specific to the era that predates Windows Vista such as reading DNS configuration from the registry, and dynamically loading libraries to get access to functions that didn't exist in XP or earlier releases. Vista was released in January 2007, and was EOL'd in 2017, and support for Vista is still maintained with this patch set. XP was EOL'd in Apr 8 2014. I believe the last OS based on something earlier than Vista was POSReady 2009, as it was XP based for some reason, and that was EOL'd in January 2019. Considering any POS system falls under the PCI-DSS rules, they aren't allow to run POSReady 2009 any more so there is no reason to try to continue supporting such systems. We have also targeted with our build system Vista support for the last few years, and while developers could change the target, we haven't had any reports that they have. bradh352 (9 Nov 2021) - Fix memory leak in reading /etc/hosts When an /etc/hosts lookup is performed, but fails with ENOTFOUND, and a valid RFC6761 Section 6.3 fallback is performed, it could overwrite variables that were already set and therefore leave the pointers dangling, never to be cleaned up. Clean up explicitly on ENOTFOUND when returning from the file parser. Fixes: #439 Fix By: Brad House (@bradh352) GitHub (2 Nov 2021) - [Bobby Reynolds brought this change] Fix cross-compilation from Windows to Linux due to CPACK logic (#436) When determining value for CPACK_PACKAGE_ARCHITECTURE, prefer to use value from CMAKE_SYSTEM_PROCESSOR before falling back to uname output. Additionally, if building from a Windows host, emit a fatal error instead of attempting to call uname. Fix By: Bobby Reynolds (@reynoldsbd) bradh352 (1 Nov 2021) - fix coveralls link - coveralls needs token - coveralls appears to require git - fix a couple of coveralls vars - more coveralls fixes - add code coverage libs to LDADD instead of _LIBS - make verbose - try to fix code coverage building - need -y for install - try to fix asan/ubsan/lsan when built with clang. try to support code coverage properly. - try another path - fix pip - attempt to enable some other build types that travis supported Version 1.18.1 (26 Oct 2021) bradh352 (26 Oct 2021) - missed version - 1.18.1 release prep - ares_getaddrinfo() was returning the wrong size for ai_addrlen ai_addrlen was erroneously returning 16 bytes instead of the sizeof(struct sockaddr_in6). This is a regression introduced in 1.18.0. Reported by: James Brown Fix By: Brad House (@bradh352) - Windows: autotools force linking to iphlpapi GitHub (26 Oct 2021) - [Gregor Jasny brought this change] Fix typo detected by lintian (#434) typo in docs for ares_parse_uri_reply Fix By: Gregor Jasny (@gjasny) Version 1.18.0 (25 Oct 2021) bradh352 (25 Oct 2021) - replace Travis badge with Cirrus-CI badge - c-ares 1.18.0 release prep GitHub (21 Oct 2021) - [Jérôme Duval brought this change] Haiku: port (#431) Port for Haiku. Slight CMake changes, header changes, and resolv.conf/hosts paths specific to Haiku. Port By: Jérôme Duval (@korli) bradh352 (19 Oct 2021) - valgrind: fix reported invalid read - make sure distcheck runs - detect oddities and skip test if necessary - fix null ptr deref in strlen - bend over backwards for testing file access, something is weird on debian - chmod(fn, 0) is failing on debian - maybe process needs to be called - split test output - clean up a couple of compiler warnings - use helper function for addrinfo to simplify code - INSTANTIATE_TEST_CASE_P -> INSTANTIATE_TEST_SUITE_P as new convention in googletest - gmock: update from 1.8.0 to 1.11.0 - Cirrus-CI: fix debian arm build - Cirrus-CI: more updates for proper testing - install proper packages for asan and analyze - fix crash in tests - try to disable container tests - need g++ for tests on debian - try cirrus-ci again - whitespace - start bringing up cirrus-ci - prep for adding new ci - fix cut and paste error GitHub (18 Oct 2021) - [Brad House brought this change] RFC6761: special case "localhost" (#430) As per RFC6761 Section 6.3, "localhost" lookups need to be special cased to return loopback addresses, and not forward queries to recursive dns servers. We first look up via files (/etc/hosts or equivalent), and if that fails, we then attempt a system-specific address enumeration for loopback addresses (currently Windows-only), and finally fallback to ::1 and 127.0.0.1. Fix By: Brad House (@bradh352) Fixes Bug: #399 - [Brad House brought this change] Reimplement ares_gethostbyname() by wrapping ares_getaddrinfo() (#428) ares_gethostbyname() and ares_getaddrinfo() do a lot of similar things, however ares_getaddrinfo() has some desirable behaviors that should be imported into ares_gethostbyname(). For one, it sorts the address lists for the most likely to succeed based on the current system routes. Next, when AF_UNSPEC is specified, it properly handles search lists instead of first searching all of AF_INET6 then AF_INET, since ares_gethostbyname() searches in parallel. Therefore, this PR should also resolve the issues attempted in #94. A few things this PR does: 1. ares_parse_a_reply() and ares_parse_aaaa_reply() had very similar code to translate struct ares_addrinfo into a struct hostent as well as into struct ares_addrttl/ares_addr6ttl this has been split out into helper functions of ares__addrinfo2hostent() and ares__addrinfo2addrttl() to prevent this duplicative code. 2. ares_getaddrinfo() was apparently never honoring HOSTALIASES, and this was discovered once ares_gethostbyname() was turned into a wrapper, the affected test cases started failing. 3. A slight API modification to save the query hostname into struct ares_addrinfo as the last element of name. Since this is the last element, and all user-level instances of struct ares_addrinfo are allocated internally by c-ares, this is not an ABI-breaking change nor would it impact any API compatibility. This was needed since struct hostent has an h_name element. 4. Test Framework: MockServer tests via TCP would fail if more than 1 request was received at a time which is common when ares_getaddrinfo() queries for both A and AAAA records simultaneously. Infact, this was a long standing issue in which the ares_getaddrinfo() test were bypassing TCP alltogether. This has been corrected, the message is now processed in a loop. 5. Some tests had to be updated for overall correctness as they were invalid but somehow passing prior to this change. Change By: Brad House (@bradh352) bradh352 (9 Oct 2021) - ares_getaddrinfo() missing sanity check to fix #426 - ares_getaddrinfo(): continue to next domain in search if query returns ARES_ENODATA Some DNS servers may behave badly and return a valid response with no data, in this case, continue on to the next search domain, but cache the result. Fixes Bug: #426 Fix By: Brad House (@bradh352) - Allow '/' as a valid character for a returned name As of c-ares 1.17.2, a CNAME an in-addr.arpa delegation broke due to not allowing '/'. This needs to be allowed to not break valid functionality. Fixes Bug: #427 Reported By: Adrian (@leftshift) Fix By: Brad House (@bradh352) Daniel Stenberg (5 Oct 2021) - libcares.pc.in: update the URL bradh352 (8 Sep 2021) - ares_expand_name should allow underscores (_) as SRV records legitimately use them c-ares 1.17.2 introduced response validation to prevent a security issue, however it did not have (_) listed as a valid character for domain name responses which caused issues when a CNAME referenced a SRV record which contained underscores. While RFC2181 section 11 does explicitly state not to do validation, that applies to servers not clients. Fixes: #424 Fix By: Brad House (@bradh352) Daniel Stenberg (7 Sep 2021) - domain: update to use c-ares.org Closes #423 - mailing list: moved to lists.haxx.se GitHub (3 Sep 2021) - [Biswapriyo Nath brought this change] CMake: Fix build in cygwin (#422) As cygwin environment has both socket.h and winsock2.h headers check WIN32 not to include the later one here Fix By: Biswapriyo Nath (@Biswa96) bradh352 (23 Aug 2021) - make building more verbose - add appveyor cmake/mingw static-only build GitHub (17 Aug 2021) - [Sinan Kaya brought this change] CMake: lower case advapi32 for cross-building with mingw (#420) When cross compiling with yocto's meta-mingw layer, getting a dependency error. This is caused by the fact that advapi32 is lower case in mingw builds. Fix By: Sinan Kaya bradh352 (17 Aug 2021) - autotools: add ax_check_gnu_make.m4 - autotools: add ax_require_defined.m4 - autotools: dont use newer AC_CHECK_INCLUDES_DEFAULT, don't quote AC_ERROR_MSG - import more files needed by newer ax_code_coverage.m4 - import more files needed by newer ax_code_coverage.m4 - work around autoreconf -fiv first call returning 'error: too many loops' - restore zz40-xc-ovr.m4 - autotools: processed configure.ac through autoupdate - autotools. update ax_code_coverage.m4 to latest. don't use deprecated AC_HELP_STRING - pull out some old autotools cruft GitHub (17 Aug 2021) - [Felix Yan brought this change] Provide ares_nameser.h as a public interface (#417) NodeJS needs ares_nameser.h as a pubic header. Fixes: #415 Fix By: Felix Yan (@felixonmars) - [Felix Yan brought this change] Fix building when latest ax_code_coverage.m4 is imported (#418) ax_code_coverage.m4 dropped the @CODE_COVERAGE_RULES@ macro, so we need to switch to the latest recommendation from the m4 file. This requires updates to Makefile.am. Fix By: Felix Yan (@felixonmars) bradh352 (12 Aug 2021) - bump version to match current release GitHub (12 Aug 2021) - [dhrumilrana brought this change] z/OS minor update, add missing semicolon in ares_init.c (#414) Build fix for z/OS Fix by: Dhrumil Rana (@dhrumilrana) - [Daniel Bevenius brought this change] add build to .gitignore (#410) This commit adds the build directory to be ignored by git. The motivation for adding this to .gitignore as opposed to .git/info/exclude is that the CMake example in INSTALL.md uses build as the name of the directory to be used by CMake. This will cause git to report build as an untracked file. Fix By: Daniel Bevenius (@danbev) - [Martin Holeš brought this change] Add support for URI(Uniform Resource Identifier) records. (#411) Add ares_parse_uri_reply() for parsing URI DNS replies. Fix By: Martin Holeš (@martin-256) Daniel Stenberg (10 Aug 2021) - ares_getaddrinfo.3: available since 1.16.0 - README.md: use https:// links Version 1.17.2 (24 Jul 2021) bradh352 (24 Jul 2021) - fix typo - prep for 1.17.2 release GitHub (30 Jun 2021) - [jeanpierrecartal brought this change] Replace strdup() with ares_strdup() (#408) strdup() is used in src/lib/ares_parse_a_reply.c and src/lib/ares_parse_aaaa_reply.c whereas allocated memory is freed using ares_free(). Bug: 407 Fix By: Jean-pierre Cartal (@jeanpierrecartal) - [Brad House brought this change] Validate hostnames in DNS responses and discard from malicious servers (#406) To prevent possible users having XSS issues due to intentionally malformed DNS replies, validate hostnames returned in responses and return EBADRESP if they are not valid. It is not clear what legitimate issues this may cause at this point. Bug Reported By: philipp.jeitner@sit.fraunhofer.de Fix By: Brad House (@bradh352) bradh352 (11 Jun 2021) - ares_expand_name(): fix formatting and handling of root name response Fixes issue introduced in prior commit with formatting and handling of parsing a root name response which should not be escaped. Fix By: Brad House - ares_expand_name() should escape more characters RFC1035 5.1 specifies some reserved characters and escaping sequences that are allowed to be specified. Expand the list of reserved characters and also escape non-printable characters using the \DDD format as specified in the RFC. Bug Reported By: philipp.jeitner@sit.fraunhofer.de Fix By: Brad House (@bradh352) GitHub (15 Apr 2021) - [HALX99 brought this change] Fix can't get dns server on macos and ios (#401) If DNS configuration didn't include search domains on MacOS (or iOS) it would throw an error instead of ignoring. Fix By: @halx99 - [catalinh-bd brought this change] Bugfix/crash in ares sortaddrinfo (#400) The bug was generated because there was no check for the number of items in the list and invalid memory was accesed when the list was empty. There is a check for null after calling malloc but on some systems it always returns a valid address for size equals 0. Relates To: #392, 0903dcecabca283d0fa771632892dc7592b7a66d Fix By: @catalinh-bd bradh352 (2 Mar 2021) - Null deref if ares_getaddrinfo() is terminated with ares_destroy() ares_freeaddrinfo() was not checking for a Null ptr during cleanup of an aborted query. Once that was resolved it uncovered another possible issue with multiple simultaneous underlying queries being outstanding and possibly prematurely cleaning up the handle. Reported By: Michael Kourlas Fix By: Brad House (@bradh352) GitHub (18 Feb 2021) - [Brad House brought this change] CMake: RANDOM_FILE not defined #397 RANDOM_FILE was never defined by cmake, causing RC4 key generation to use the less secure rand() method. Also, due to clashes with chain-building from other projects (e.g. curl) that may define RANDOM_FILE, this was renamed to CARES_RANDOM_FILE. This is the proposed change for #396 Fix By: Brad House (@bradh352) - [Anton Danielsson brought this change] CMake: fix Make install for iOS/MacOS (#395) INSTALL TARGETS were missing the BUNDLE DESTINATION Fix By: Anton Danielsson (@anton-danielsson) - [František Dvořák brought this change] Fix build with autotools out of source tree (#394) Add missing include directory, which fixes the build with autotools in separated build directory. Fix By: František Dvořák (@valtri) bradh352 (15 Jan 2021) - fuzzing: HAVE_CONFIG_H may not be defined so cannot include ares_setup.h. Its not needed even though we include ares_nameser.h - remove redundant header checks - properly detect netinet/tcp.h on openbsd - more portability updates - renamed nameser.h to ares_nameser.h requires Makefile.inc update for distributed files - more portability updates - remove bad files - portability updates for test cases - Portability Updates for arpa/nameser.h (#388) There is too much inconsistency between platforms for arpa/nameser.h and arpa/nameser_compat.h for the way the current files are structured. Still load the respective system files but make our private nameser.h more forgiving. Fixes: #388 Fix By: Brad House (@bradh352) - ares_parse_ptr_reply() handle NULL for addr/addr_len. Fixes #392 NodeJS passes NULL for addr and 0 for addrlen parameters to ares_parse_ptr_reply(). On systems where malloc(0) returned NULL, this would cause the function to return ARES_ENOMEM, but the cleanup wasn't handled properly and would crash. This patche fixes that bug, and also hardens ares_free_hostent() to not leak memory during cleanup. Fixes: #392 Fix By: Brad House (@bradh352) - Define behavior of malloc(0) Some systems may return either NULL or a valid pointer on malloc(0). c-ares should never call malloc(0) so lets return NULL so we're more likely to find an issue if it were to occur. GitHub (24 Dec 2020) - [dhrumilrana brought this change] z/OS: port (#390) Port c-ares to z/OS. Fix By: Dhrumil Rana (@dhrumilrana) - [vburdo brought this change] Use unbuffered stdio for /dev/urandom to read only requested data (#391) Buffered fread() reads 4096 bytes which is completely unnecessary and potentially may cause problems. I discovered this on private linux configuration where custom /dev/urandom implementation has poor performance. Fix By: @vburdo - [Jay Freeman (saurik) brought this change] This relative header #include needs to use quotes. (#386) Fix By: Jay Freeman (@saurik) bradh352 (23 Nov 2020) - Win32: Fix tools build with autotools static library When c-ares is being built as static on Win32, CARES_STATICLIB must be defined, but it wasn't being pulled in for the tools. Fixes: #384 Fix By: Brad House (@bradh352) - Loosen requirements for static c-ares library when building tests It appears that when building tests, it would hardcode enabling building of the c-ares static library. This was probably due to Windows limitations in symbol visibility. This change will use the static library if it exists for tests, always. Otherwise, it will only forcibly enable static libraries for tests on Windows. Fixes: #380 Fix By: Brad House (@bradh352) - Remove legacy comment about ahost/acountry/adig targets - Distribute fuzzinput/fuzznames for fuzz tests The fuzz test files were not being distributed. This doesn't appear to be a regression, it looks like they have never been distributed. Fixes: #379 Fix By: Brad House (@bradh352) Version 1.17.1 (19 Nov 2020) GitHub (19 Nov 2020) - [Brad House brought this change] Travis: add iOS target built with CMake (#378) Issue #377 suggested that CMake builds for iOS with c-ares were broken. This PR adds an automatic Travis build for iOS CMake. Fix By: Brad House (@bradh352) bradh352 (18 Nov 2020) - fix build GitHub (18 Nov 2020) - [Fabrice Fontaine brought this change] External projects were using non-public header ares_dns.h, make public again (#376) It appears some outside projects were relying on macros in ares_dns.h, even though it doesn't appear that header was ever meant to be public. That said, we don't want to break external integrators so we should distribute this header again. Fix By: Fabrice Fontaine (@ffontaine) bradh352 (17 Nov 2020) - note that so versioning has moved to configure.ac - note about 1.17.1 - fix sed gone wrong GitHub (17 Nov 2020) - [Daniel Stenberg brought this change] autotools cleanup (#372) * remove: install-sh mkinstalldirs They're generated when needed, no need to store in it. * buildconf: remove custom logic with autoreconf Fix By: Daniel Stenberg (@bagder) bradh352 (17 Nov 2020) - attempt to fix 1.17.0 release distribution issues Version 1.17.0 (16 Nov 2020) bradh352 (16 Nov 2020) - 1.17.0 release prep - ares_getaddrinfo(): duplicate hints ai_socktype and ai_protocol into output ai_socktype and ai_protocol were ignored from the hints input. They are now duplicated into the output as expected. Currently no sanity checks on proper values are taking place. Fixes: #317 Fix By: Brad House (@bradh352) - ares_parse_{a,aaaa}_reply could return larger *naddrttls than passed in If there are more ttls returned than the maximum provided by the requestor, then the *naddrttls response would be larger than the actual number of elements in the addrttls array. This bug could lead to invalid memory accesses in applications using c-ares. This behavior appeared to break with PR #257 Fixes: #371 Reported By: Momtchil Momtchev (@mmomtchev) Fix By: Brad House (@bradh352) GitHub (5 Nov 2020) - [Dustin Lundquist brought this change] docs: ares_set_local_ip4() uses host byte order (#368) Properly document brain-dead behavior of ares_set_local_ip4() using host byte order instead of expected network byte order. Fix By: Dustin Lundquist - [Łukasz Marszał brought this change] empty hquery->name could lead to invalid memory access (#367) If hquery->name is empty (=="\0"), &hquery->name[strlen(hquery->name)-1] would point to "random" place in memory. This is causing some of my address sanitizer tests to fail. Fix By: Łukasz Marszał (@lmarszal) bradh352 (28 Sep 2020) - Fix OSSFuzz reported issue in CAA reply parsing OSS-Fuzz is reporting a use-of-uninitialized-value: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26012 Reported By: David Drysdale (@daviddrysdale) GitHub (26 Sep 2020) - [David Hotham brought this change] fuzz CAA parsing (#363) Add fuzz support for CAA parsing Fix By: David Hotham (@dimbleby) - [Daniela Sonnenschein brought this change] Allow parsing of CAA Resource Record (#360) CAA (Certification Authority Authorization) was introduced in RFC 6844. This has been obsoleted by RFC 8659. This commit added the possibility to query CAA resource records with adig and adds a parser for CAA records, that can be used in conjunction with ares_query(3). Closes Bug: #292 Fix By: Daniela Sonnenschein (@lxdicted) Daniel Stenberg (17 Sep 2020) - docs: remove the html and pdf make targets They're rarely used in our daily work flow and mostly just add friction, Closes #362 bradh352 (14 Sep 2020) - ares_process needs to always include nameser.h as it has compat - Define T_OPT if system doesn't provide it GitHub (12 Sep 2020) - [Gisle Vanem brought this change] Change the mailman links (#358) Links when wrapping become misleading. Insert newline to prevent wrapping. Fix By: Gisle Vanem (@gvanem) - [Gisle Vanem brought this change] [adig] Update man-page for the '-x' option (#357) Fix By: Gisle Vanem (@gvanem) - [Gisle Vanem brought this change] [adig] add '-x' option. (#356) Added a 'dig-style' '-x' option. Also support '-xx' for a IPv6 bit-string PTR query. Fix By: Gisle Vanem (@gvanem) bradh352 (12 Sep 2020) - fix indentation - ns_t_opt -> T_OPT GitHub (12 Sep 2020) - [Gisle Vanem brought this change] Fixes for Watt-32 on djgpp + Windows (#355) No longer any relation to libcurl since '/packages/DOS/common.dj' is dropped. This Makefile.dj has been tested on Win-10 only (using the Windows hosted djgpp cross compiler). Fix By: Gisle Vanem (@gvanem) - [Gisle Vanem brought this change] Fixes for Watt-32 on Windows and MSDOS (#354) Move the prototype to 'ares_private.h'. Fix By: Gisle Vanem (@gvanem) bradh352 (11 Sep 2020) - update path for include - remove stale information - remove stale information Brad House (9 Sep 2020) - silence compiler warnings - Remove stale msvc files from makefile GitHub (9 Sep 2020) - [Brad House brought this change] Reorganize source tree (#349) Originally started by Daniel Stenberg (@bagder) with #123, this patch reorganizes the c-ares source tree to have a more modern layout. It also fixes out of tree builds for autotools, and automatically builds the tests if tests are enabled. All tests are passing which tests each of the supported build systems (autotools, cmake, nmake, mingw gmake). There may be some edge cases that will have to be caught later on for things I'm not aware of. Fix By: Brad House (@bradh352) Brad House (1 Sep 2020) - remove CURLDEBUG as per #82 GitHub (1 Sep 2020) - [Erik Lax brought this change] Detect remote DNS server does not support EDNS as per RFC 6891 (#244) EDNS retry should be based on FORMERR returned without an OPT RR record as per https://tools.ietf.org/html/rfc6891#section-7 rather than just treating any unexpected error condition as a reason to disable EDNS on the channel. Fix By: Erik Lax (@eriklax) Brad House (27 Aug 2020) - Fix for #345, don't use 'true' use 1 GitHub (27 Aug 2020) - [Seraphime Kirkovski brought this change] ares_gethostbyname: Fix AF_UNSPEC support when using an ip address (#204) fake_hostent() was not supporting AF_UNSPEC, so when an ip address was specified when using AF_UNSPEC it would attempt to do a DNS lookup rather than returning a fake hostent using the ip address. Fix By: Seraphime Kirkovski (@Seraphime) - [apenn-msft brought this change] Tests should use dynamic system-assigned ports rather than static port (#346) The c-ares test suite was hardcoded to use port 5300 (and possibly 5301, 5302) for the test suite. Especially in containers, there may be no guarantee these ports are available and cause tests to fail when they could otherwise succeed. Instead, request the system to assign a port to use dynamically. This is now the default. To override, the test suite still takes the "-p " option as it always has and will honor that. Fix By: Anthony Penniston (@apenn-msft) Brad House (25 Aug 2020) - Unset members of the addr struct contain garbage values (#343) When generating the ares_sockaddr data by getaddrinfo() it was only filling in certain members while leaving others uninitialized. This left garbage data if a user tried to use the unset values. memset() the ares_sockaddr to 0 prior to filling in the values to prevent this. Reported By: @SmorkalovG Fix By: Brad House (@bradh352) GitHub (24 Aug 2020) - [Jonathan Maye-Hobbs brought this change] FQDN with trailing period should be queried first with larger ndot value (#345) If a query is performed for dynamodb.us-east-1.amazonaws.com. with ndots=5, it was attempting to search the search domains rather than just attempting the FQDN that was passed it. This patch now at least attempts the FQDN first. We may need to determine if we should abort any further searching, however as is probably intended. Fix by: Jonathan Maye-Hobbs (@wheelpharoah) - [Gisle Vanem brought this change] Update acountry.c country code list (#341) Updated country_list[]: * 2-letter ISO-3166 country-codes. * Add, rename some names + codes in accordance with latest table at https://en.wikipedia.org/wiki/ISO_3166-1. Fix By: Gisle Vanem (@gvanem) - [Bulat Gaifullin brought this change] Test case should honor flag HAVE_WRITEV rather than WIN32 (#344) Test cases where not honoring the HAVE_WRITEV flag but instead using WIN32 to determine if WRITEV was available or not. This patch fixes that. Fix By: Bulat Gaifullin (@bgaifullin) Brad House (18 Jul 2020) - Ensure c89 support A couple of for loops in Mac-specific code were using integer declarations inside a for loop. Move the declaration to the top of the preceding code block to retain c89 compliance. Reported By: Jeffrey Walton GitHub (2 Jul 2020) - [Fionn Fitzmaurice brought this change] Avoid buffer overflow in RC4 loop comparison (#336) The rc4 function iterates over a buffer of size buffer_len who's maximum value is INT_MAX with a counter of type short that is not guaranteed to have maximum size INT_MAX. In circumstances where short is narrower than int and where buffer_len is larger than the maximum value of a short, it may be possible to loop infinitely as counter will overflow and never be greater than or equal to buffer_len. The solution is to make the comparison be between types of equal width. This commit defines counter as an int. Fix By: Fionn Fitzmaurice (@fionn) - [anonymoushelpishere brought this change] Updated help information for adig, acountry, and ahost. (#334) Provide more descriptive help information for various utilities. Fix By: @anonymoushelpishere - [lutianxiong brought this change] avoid read-heap-buffer-overflow (#332) Fix invalid read in ares_parse_soa_reply.c found during fuzzing Fixes Bug: #333 Fix By: lutianxiong (@ltx2018) - [Ivan Baidakou brought this change] Fix: sizeof(sizeof(addr.saX)) -> sizeof(addr.saX) in readaddrinfo (#331) Looks like a sed-gone-wrong, a sizeof inside of a sizeof. Fix By: Ivan Baidakou (@basiliscos) Version 1.16.1 (11 May 2020) Brad House (11 May 2020) - c-ares 1.16.1 release prep - update travis to use xcode11.4 - Prevent possible double-free in ares_getaddrinfo() if ares_destroy() is called In the event that ares_destroy() is called prior to ares_getaddrinfo() completing, it would result in an invalid read and double-free due to calling end_hquery() twice. Reported By: Jann Horn @ Google Project Zero GitHub (30 Apr 2020) - [shelley vohr brought this change] fix: windows UNICODE incompatibilities with ares_getaddrinfo (#328) Fixes the following compatibility issues: * Use RegQueryValueExA instead of RegQueryValueEx * Use ExpandEnvironmentStringsA instead of ExpandEnvironmentStrings * Use RegOpenKeyExA instead of RegOpenKeyExA * Use GetWindowsDirectoryA instead of GetWindowsDirectoryA Fix By: Shelley Vohr (@codebytere) Closes: #327 Brad House (13 Apr 2020) - travis: CloudFlare does not allow T_ANY requests, so live tests that use it fail. Disable. - travis: bump macos image to the latest - cast-align warnings are false for struct sockaddr, silence Create a macro to silence false cast-align warnings when casting struct sockaddr * to struct sockaddr_in * and struct sockaddr_in6 *. Fix By: Brad House (@bradh352) - MacOS: Enable libresolv support for retrieving DNS servers like iOS does. GitHub (10 Apr 2020) - [Dmitry Igrishin brought this change] CMake: Populate the INCLUDE_DIRECTORIES property of installed targets (#323) Populate the INCLUDE_DIRECTORIES property of installed targets Fix By: Dmitry Igrishin (@dmitigr) Brad House (10 Apr 2020) - travis: make valgrind use cmake for tests - dont try to use libtool to run valgrind - valgrind requires libtool installed to wrap tests - scan build 7 - fix travis live test - add debug for travis - try without sudo - attempt to modernize travis build environment GitHub (6 Apr 2020) - [Teemu R brought this change] Allow TXT records on CHAOS qclass (#321) Some DNS servers intentionally "misuse" the obsoleted CHAOS (CH) qclass to provide things like `version.bind`, `version.server`, `authors.bind`, `hostname.bind` and `id.server`. C-ares was not allowing such use cases. Fix By: Teemu R. (@rytilahti) Brad House (5 Apr 2020) - Remove warnings from ares_getaddrinfo.3 man page As reported in #319, non-standard macros of .IN were used. Replace with .RS/.RE. Fixes: #319 Fix By: Brad House (@bradh352) - ares_getaddrinfo man page render better for man2html - update man pages to render better for man2html Version 1.16.0 (12 Mar 2020) Brad House (12 Mar 2020) - 1.16.0 release notes draft - attempt to fix double-free introduced in e0517f9 GitHub (12 Mar 2020) - [David Drysdale brought this change] test: fuzzer input triggering double free (#315) OSS-Fuzz has reported a double-free with the fuzzer input file included here; run with: ./test/aresfuzz test/fuzzinput/clusterfuzz-5637790584012800 Bisecting the failure points to commit e0517f97d988 ("Parse SOA records from ns_t_any response (#103)") - [Brad House brought this change] CMake: Install Manpages (#314) CMake wasn't installing manpages. Fixes #297 Fix By: Brad House (@bradh352) - [Brad House brought this change] Enable cmake tests for AppVeyor (#313) Tests require linking against the static library on Windows otherwise the symbols are not exported for internals being tested. Fix By: Brad House (@bradh352) Brad House (11 Mar 2020) - Add AppVeyor badge - bump c-ares version to 1.16.0. test AppVeyor integration. GitHub (11 Mar 2020) - [Brad House brought this change] replace all usages of inet_addr() with ares_inet_pton() which is more proper (#312) Replace usage of inet_addr() with ares_inet_pton() which is more appropriate and fixes issues with legitimate addresses like 255.255.255.0. IPv6 already used this. Fixes #309 Fix By: Brad House (@bradh352) - [Brad House brought this change] CMake: Generate WinPDB files during build (#311) Build and Install PDB (Windows Debug Symbol) files if supported by underlying system. Also update AppVeyor to test cmake builds. Fixes #245 Fix By: Piotr Pietraszkiewicz (@ppietrasa) and Brad House (@bradh352) - [Brad House brought this change] CMake: Rework library function checking (#310) CHECK_LIBRARY_EXISTS(), while it takes a function name, does not actually verify the function exists in the library being evaluated. Instead, if the function is found in any dependent library, and the referenced library also exists, it returns true. This is not desirable. Wrap with a Macro to change the behavior. Fixes: #307 Fix By: Brad House (@bradh352) - [Dron Rathore brought this change] Parse SOA records from ns_t_any response (#103) Added the capability of parsing SOA record from a response buffer of ns_t_any type query, this implementation doesn't interfere with existing T_SOA query's response as that too is treated as a list of records. The function returns ARES_EBADRESP if no SOA record is found(as per RFC). The basic idea of sticking to RFC that a ns_t_any too should return an SOA record is something open for discussion but I have kept the functionality intact as it was previously i.e the function returns ARES_EBADRESP if it doesn't find a SOA record regardless of which response it is parsing i.e. T_SOA or T_ANY. Note that asking for T_ANY is generally a bad idea: - https://blog.cloudflare.com/what-happened-next-the-deprecation-of-any/ - https://tools.ietf.org/html/draft-ietf-dnsop-refuse-any Bug: #102 Fix By: Dron Rathore (@DronRathore) - [Stephen Bryant brought this change] Added CPack functionality for generating RPM or DEB packages (#283) Added CPack functionality for generating RPM or DEB packages ie: run `cpack -G RPM` (or "DEB") after building with CMake. The current configuration creates 3 separate packages for the shared library, the development files and the tools. Fix By: Stephen Bryant (@bf-bryants) - [tjwalton brought this change] ares_gethostbyname: Return ENODATA if no valid A or AAAA record found (#304) ares_gethostbyname() was returning ESUCCESS when no A or AAAA record was found but a CNAME pointing nowhere was present. ENODATA should be returned instead, however the hosts pointer will still be present to provide the alias list. * Return ENODATA if no valid A or AAAA record found * Fix and update test ParseAReplyNoData. * Add test for new ENODATA behaviour in ares_gethostbyname. Fixes Bug #303 Fix By: @tjwalton - [Michal Rostecki brought this change] test: Separate live tests from SetServers* tests (#299) Before this change, SetServers, SetServersPorts and SetServersCSV contained test cases trying to make DNS queries with the google.com hostname, which requires Internet connectivity. Tests with that requirement should be defined in the ares-test-live.cc file and contain "Live" prefix to filter them out with `--gtest_filter=-*.Live*` on machines without Internet connectivity. Fix By: Michal Rostecki (@mrostecki) - [Adam Majer brought this change] Only count valid addresses when response parsing (#302) When ares_parse_a_reply or ares_parse_aaaa_reply is called in case where another AAAA and A responses exist, the resulting ares_addrttl count is invalid and the structure points to gibberish. This is a regression since 1.15. Issue: https://github.com/c-ares/c-ares/issues/300 Fix By: Adam Majer (@AdamMajer) Brad House (24 Dec 2019) - [Kyle Edwards brought this change] CMake: Provide c-ares version in package export file (#296) The CMake package export file should provide version information. Fix By: Kyle Edwards (@KyleFromKitware) - [Ben Noordhuis brought this change] Accept invalid /etc/resolv.conf lookup values, ability to build container tests (#274) * Add CARES_BUILD_CONTAINER_TESTS CMake option to add ability to build the Linux-only containerized tests. * Accept invalid /etc/resolv.conf lookup values Before this commit invalid `lookup` values resulted in c-ares not using any lookups without any clear indication why. After this commit it uses the default "fb". Fix By: Ben Noordhuis (@bnoordhuis) - [Christian Ammer brought this change] Parallel A and AAAA lookups in `ares_getaddrinfo` (#290) A and AAAA lookups for ares_getaddrinfo() are now performed in parallel. For this change `ares_search` was removed from `ares_getaddrinfo`. Instead `ares_query` in combination with `next_dns_lookup` are doing the suffix search. Adding support for `.onion` addresses which are tested by `TEST_F(DefaultChannelTest, GetAddrinfoOnionDomain)` Fix By: Christian Ammer (@ChristianAmmer) - [Vy Nguyen brought this change] Move variables into the block where it is used to avoid unused-vars (#281) Warning uncovered with [-Werror, -Wunused-variables] Fix By: Vy Nguyen (@oontvoo) - [Vy Nguyen brought this change] Rename local macros to avoid conflicting with system ones and remove unsed variables. (Otherwise code will break once compiled with [-Werror,-Wmacro-redefined,-Wunused-variable] ) (#280) Fix new getaddrinfo code to not redefine macros on some systems. Fix By: Vy Nguyen (@oontvoo) - [Egor Pugin brought this change] [ares_getenv] Return NULL in all cases. (#279) if ares_getenv is defined, it must return a value on all platforms. Fix By: Egor Pugin (@egorpugin) - [Abhishek Arya brought this change] Add OSS-Fuzz fuzzing badge (#278) Adds based on instructions at https://google.github.io/oss-fuzz/getting-started/new-project-guide/#status-badge Patch By: Abhishek Arya (@inferno-chromium) - [Peter Eisentraut brought this change] ares_init_options.3: Fix layout (#275) 7e6af8e inserted the documentation of resolvconf_path in the middle of the item for ednspsz, leading to broken layout. Fix that. Fix By: Peter Eisentraut (@petere) - [Gregor Jasny brought this change] manpages: Fix typos detected by lintian (#269) Fix By: Gregor Jasny (@gjasny) - [lifenjoiner brought this change] keep command line usage up to date (#256) adig and ahost built-in help did not match args taken. Fix-By: @lifenjoiner - [Dan Noé brought this change] ares-test.cc: Handle nullptr in AddrInfo ostream. (#268) The const AddrInfo& argument to operator<< overload for AddrInfo can be a nullptr unique_ptr. Handle this explicitly by printing {nullptr} if the rest of the function cannot be safely executed. Fix-by: Dan Noé - [Dan Noé brought this change] Add missing limits.h include from ares_getaddrinfo.c (#267) This files references INT_MAX, but does not include limits.h. This can cause a build failure on some platforms. Include limits.h if we have it. Fix-by: Dan Noé - [Andrew Selivanov brought this change] fix fuzzer docs and add missing getaddrinfo docs (#265) There is a fix for a bit outdated clang fuzzer docs and ares_getaddrinfo docs. Fix By: Andrew Selivanov (@ki11roy) - [Andrew Selivanov brought this change] Fix leak and crash in ares_parse_a/aaaa_reply (#264) * fix leak if naddress of particular type found * fix segfault when wanted ttls count lesser than count of result records * add fuzzer input files that trigger problems (from #263) Reported-By: David Drysdale (@daviddrysdale) Fix-By: Andrew Selivanov (@ki11roy) - [Andrew Selivanov brought this change] fix segfault when parsing wrong type of record (#262) Fixes segfault when trying to ares_parse_aaaa with AF_INET and vise versa. Fix By: Andrew Selivanov (@ki11roy) - work around mingw compile failure - c++ requires explicit casts - support EnvValue on Windows by implementing setenv/unsetenv - [Andrew Selivanov brought this change] getaddrinfo enhancements (#257) * Service support has been added to getaddrinfo. * ares_parse_a/aaaa_record now share code with the addrinfo parser. * Private ares_addrinfo structure with useful extensions such as ttls (including cname ttls), as well as the ability to list multiple cnames in chain of lookups Work By: Andrew Selivanov @ki11roy - [Andrew Selivanov brought this change] fix ares__sortaddrinfo, use wrappers for sock_funcs (#258) Some socket functions weren't exposed for use by other areas of the library. Expose those and make use of them in ares__sortaddrinfo(). Fix By: Andrew Selivanov (@ki11roy) - Fix c89 compilation support broken by .onion rejection changes Move .onion check lower after all variables have been declared. Bug: #246 - [kedixa brought this change] getaddrinfo: callback must be called on bad domain (#249) Due to an order of incrementing the remaining queries and calling ares_query, on a bad domain the registered callback wouldn't be called. Bug: #248 Fixed-By: @kedixa - [Darrin W. Cullop brought this change] Windows ARM/ARM64 requires AdvApi32 (#252) Fix link issues caused by missing library that appears to only be required on ARM (though docs don't list this restriction). Doesn't hurt to require it everywhere. Bug: #251 Fixed-By: Darrin Cullop (@dwcullop) - [kedixa brought this change] getaddrinfo: avoid infinite loop in case of NXDOMAIN(#240) (#242) There are two possible causes for infinite loops fo NXDOMAIN, based on how many dots are in the domain name (one for < ARES_OPT_NDOTS and one for >= ARES_OPT_NDOTS), where it will repeat the same query over and over as the hquery->next_domain doesn't increment. Fix By: @kedixa - Portability fix for ares__sortaddrinfo() replace uint32_t with unsigned int and socklen_t with ares_socklen_t By: Brad House - [Khaidi Chu brought this change] fix: init bufp before reject .onion to make it can be free correctly (#241) When querying a .onion domain, it returns directly without setting bufp to NULL. A subsequent free() that occurs can cause a segmentation fault. Fix By: Khaidi Chu (@XadillaX) - [Andrew Selivanov brought this change] Add ares__sortaddrinfo() to support getaddrinfo() sorted results (#239) This is a port of RFC 6724 compliant sorting function from Android Bionic project: https://android.googlesource.com/platform/bionic/+/e919b116d35aa7deb24ddece69c491e24c3b0d6f/libc/netbsd/net/getaddrinfo.c The latest version is essentially the same, except two additional parameters to test connection with (mark/uid): https://android.googlesource.com/platform/bionic/+/master/libc/dns/net/getaddrinfo.c Please note that even that version has some restrictions. It doesn't support some rules from RFC 6724: Rule 3 (Avoid deprecated addresses) Rule 4 (Prefer home addresses) Rule 7 (Prefer native transport) Submitted By: Andrew Selivanov (@ki11roy) - [Christian Ammer brought this change] Increase portability of `ares-test-mock-ai.cc` (#235) * using portable ares_inet_pton and updated includes in ares-test-mock-ai * forgot to remove deleted ares-test-ai.cc in Makefile.inc Fix By: Christian Ammer (@ChristianAmmer) - [Fabrice Fontaine brought this change] m4/xc-cc-check.m4: use XC_CHECK_BUILD_FLAGS (#236) Use XC_CHECK_BUILD_FLAGS instead of XC_CHECK_USER_FLAGS. Otherwise it complains of CPPFLAGS in CFLAGS. [Retrieved from: https://git.buildroot.net/buildroot/tree/package/c-ares/0001-use_check_build_instead_of_check_user.patch] Signed-off-by: Gustavo Zacarias Signed-off-by: Fabrice Fontaine Submitted by: Fabrice Fontaine - [Christian Ammer brought this change] Bugfix for `ares_getaddrinfo` and additional unit tests (#234) This PullRequest fixes a bug in the function add_to_addrinfo which task is to add new addrinfo items to the ai_next linked list. Also additional unit tests for testing ares_getaddrinfo will be added: Additional mock server test classes (ares-test-mock-ai.cc): MockTCPChannelTestAI MockExtraOptsTestAI MockNoCheckRespChannelTestAI MockEDNSChannelTestAI RotateMultiMockTestAI NoRotateMultiMockTestAI Additional live tests (ares-test-live-ai.cc): LiveGetHostByNameV4 LiveGetHostByNameV6 LiveGetHostByNameV4AndV6 Fix By: Christian Ammer (@ChristianAmmer) - [Christian Ammer brought this change] Remaining queries counter fix, additional unit tests for `ares_getaddrinfo` (#233) Remaining queries counter fix, added tests (ParallelLookups, SearchDomains, SearchDomainsServFailOnAAAA). Removed unnecessary if and commented code in test. Fix By: Christian Ammer (@ChristianAmmer) - [Christian Ammer brought this change] Add initial implementation for ares_getaddrinfo (#112) Initial implementation for ares_getaddrinfo(). It is NOT compliant with RFC6724, though it is expected to come closer to conformance prior to the next release. Features not supported include sorted addresses and honoring of service and hints parameters. Implementation by: Christian Ammer (@ChristianAmmer) - [Ben Noordhuis brought this change] test: fix bad expectation in ipv6 localhost test (#227) The LiveGetLocalhostByAddrV6 test expected to see "localhost" in the result when doing an address-to-name lookup for ::1 but on my system that resolves to "ip6-loopback" because of this stanza in /etc/hosts: $ grep ^::1 /etc/hosts ::1 ip6-localhost ip6-loopback Fix By: Ben Noordhuis (@bnoordhuis) Bug: #85 - [Ben Noordhuis brought this change] ares_version.h: bump version (#230) Version change not committed from maketgz.sh Bug: #229 Daniel Stenberg (24 Oct 2018) - ares_library_init_android.3: minor syntax edits, fixed AVAILABILITY Version 1.15.0 (23 Oct 2018) Brad House (23 Oct 2018) - last minute 1.15.0 addition - [Ben Noordhuis brought this change] Report ARES_ENOTFOUND for .onion domain names as per RFC7686. (#228) Quoting RFC 7686: Name Resolution APIs and Libraries (...) MUST either respond to requests for .onion names by resolving them according to [tor-rendezvous] or by responding with NXDOMAIN. A legacy client may inadvertently attempt to resolve a .onion name through the DNS. This causes a disclosure that the client is attempting to use Tor to reach a specific service. Malicious resolvers could be engineered to capture and record such leaks, which might have very adverse consequences for the well-being of the user. Bug: #196 Fix By: Ben Noordhuis @bnoordhuis - prepare for c-ares 1.15.0 release - AIX Build Fix AIX attempts to include both nameser_compat.h and onameser_compat.h. It appears the proper fix is to define _USE_IRS so that only nameser_compat.h is used. Bug: #224 Fix By: Brad House (@bradh352) - Fix crash in ares_dup() due to new ARES_OPT_RESOLVCONF ares_dup() calls ares_init_options() by making its own fake option mask since the original mask isn't stored but ARES_OPT_RESOLVCONF was always set, instead of conditionally set. This caused a crash because ares_strdup() isn't NULL-safe if no custom path was set. Made ares_dup() set ARES_OPT_RESOLVCONF conditionally. Fix By: Brad House (@bradh352) - [Sarat Addepalli brought this change] Add ares_init_options() configurability for path to resolv.conf file Add resolvconf_path to end of struct ares_options with ARES_OPT_RESOLVCONF option so on Unix-like systems a custom path can be specified. If no path is specified, /etc/resolv.conf is used like normal. Fix By: Sarat Addepalli @SirR4T Fixes Bug: #220 Review By: Brad House @bradh352 - remove stale variables - fix prototype name for ares_strsplit_free() - add missing prototype - simplify ares_strsplit() and create ares_strsplit_free() helper function - missing ares_strsplit.h from HHEADERS for inclusion in distribution - [Ruslan Baratov brought this change] Add CARES_BUILD_TOOLS CMake option (#214) Add ability to exclude building of tools (adig, ahost, acountry) in CMake. This should also close #200. Fix By: Ruslan Baratov (@ruslo) Bug: #200 - [flyingdutchman23 brought this change] Style. Whitespace cleanup. (#213) Small whitespace cleanups. Fix By: @flyingdutchman23 - [John Schember brought this change] Android: Support for domain search suffix (#211) Fixes issue #207. Uses LinkProperties.getDomains() to get a list of search domains and adds them to the suffix list. This also adds a new helper function to split strings into an array based on multiple delimiters replacing multiple other functions for dealing with string splitting. Submitter: John Schember (@user-none) Fixes: #207 Approved-by: Brad House (@bradh352) - [afalin brought this change] Improve DNS suffixes extracting from WinNT registry (#202) Join all global and connection specific suffix lists. Use 'HKLM\Software\Policies\Microsoft\Windows NT\DNSClient\SearchList', 'HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Domain' as global suffix lists. Fix By: @afalin - Be consistent with indention in CMakeLists.txt The imported TRANSFORM_MAKEFILE_INC function from curl used space indention but the rest of the file used tabs. Go ahead and make it tabs for consistency as well. Committed By: Brad House - [flyingdutchman23 brought this change] Fix modern gcc warning: argument to 'sizeof' in 'strncpy' call is the same expression as the source Silence warning about using src to determine number of bytes to copy. In this case it doesn't matter whether it is `src` or `dest`. So there is no functionality change. Bug: #210 Fix By: @flyingdutchman23 - [Andi Schnebinger brought this change] fix stringop-overflow warning of GCC (#201) When using a modern GCC to compile c-ares, there is a stringop-overflow warning. This patch simply silences the false-positive warning, there is no actual code flaw. Bug: https://github.com/c-ares/c-ares/pull/201 Fixed By: Andi Schnebinger @Iniesta8 GitHub (18 May 2018) - [David Drysdale brought this change] travis: do coverage in "coverage" build (#195) Fixes #194, a mistake from commit a255081f2c3c ("travis: Only do coverage/distcheck on normal build") Brad House (17 May 2018) - [Brad Spencer brought this change] Apply the IPv6 server blacklist to all nameserver sources, not just Windows (#193) For #164, I mentioned that it seemed like the IPv6 nameserver blacklist should apply to all OSes. In a mailing list post, @bradh352 agreed and suggested that I file a PR to make it so. This moves the blacklist check from being Windows-specific to being a general feature of config_nameservers(), no matter the nameserver source. It also simplifies the ares_ipv6_server_blacklisted() implementation to not parse and re-parse the blacklisted IPv6 addresses from strings on every check. I think they're almost as easy to read as a sequence of hex bytes in an array initializer, and it's definitely less work on each trip through the code. Fix By: Brad Spencer @b-spencer PR: https://github.com/c-ares/c-ares/pull/193 - [Brad Spencer brought this change] Fix warnings emitted by MSVC when using -W4 (#192) These changes fix a few warnings emitted by recent versions of MSVC when compiling with -W4. Half of the changes are in Windows-specific code, and the other half should be safe no matter the compiler or OS. The allocation function change is probably the only one that needs explanation. MSVC gives warnings about the function pointers not being stable across DLL boundaries or something to that effect, so for Windows, I've made them be called indirectly, which at least made the compiler happy. I can't say I've tested every linking combination on Windows with them before or after the change, but it seems harmless. Fix By: Brad Spencer @b-spencer PR: https://github.com/c-ares/c-ares/pull/192 - [David Hotham brought this change] Prevent changing name servers while queries are outstanding (#191) Changing name servers doesn't work, per #41. Better to return an error code than to crash. Fix-by: David Hotham @dimbleby David Drysdale (15 May 2018) - [Tobias Nießen brought this change] Fix comment in ares_rules.h (#189) Brad House (6 May 2018) - [Brad Spencer brought this change] Harden and rationalize c-ares timeout computation (#187) * Harden and rationalize c-ares timeout computation * Remove the rand() part of the timeout calculation completely. When c-ares sends a DNS query, it computes the timeout for that request as follows: timeplus = channel->timeout << (query->try_count / channel->nservers); timeplus = (timeplus * (9 + (rand () & 7))) / 16; I see two issues with this code. Firstly, when either try_count or channel->timeout are large enough, this can end up as an illegal shift. Secondly, the algorithm for adding the random timeout (added in 2009) is surprising. The original commit that introduced this algorithm says it was done to avoid a "packet storm". But, the algorithm appears to only reduce the timeout by an amount proportional to the scaled timeout's magnitude. It isn't clear to me that, for example, cutting a 30 second timeout almost in half to roughly 17 seconds is appropriate. Even with the default timeout of 5000 ms, this algorithm computes values between 2812 ms and 5000 ms, which is enough to cause a slightly latent DNS response to get spuriously dropped. If preventing the timers from all expiring at the same time really is desirable, then it seems better to extend the timeout by a small factor so that the application gets at least the timeout it asked for, and maybe a little more. In my experience, this is common practice for timeouts: applications expect that a timeout will happen at or after the designated time (but not before), allowing for delay in detecting and reporting the timeout. Furthermore, it seems like the timeout shouldn't be extended by very much (we don't want a 30 second timeout changing into a 45 second timeout, either). Consider also the documentation of channel->timeout in ares_init_options(): The number of milliseconds each name server is given to respond to a query on the first try. (After the first try, the timeout algorithm becomes more complicated, but scales linearly with the value of timeout.) The default is five seconds. In the current implementation, even the first try does not use the value that the user supplies; it will use anywhere between 56% and 100% of that value. The attached patch attempts to address all of these concerns without trying to make the algorithm much more sophisticated. After performing a safe shift, this patch simply adds a small random timeout to the computed value of between 0 ms and 511 ms. I could see limiting the random amount to be no greater than a proportion of the configured magnitude, but I can't see scaling the random with the overall computed timeout. As far as I understand, the goal is just to schedule retries "not at the same exact time", so a small difference seems sufficient. UPDATE: randomization removed. Closes PR #187 Fix by: Brad Spencer - distribute ares_android.h Distribute ares_android.h when a release distribution package is created. Reported By: Andrey Khranovsky Bug: https://c-ares.haxx.se/mail/c-ares-archive-2018-04/0000.shtml - ares_set_servers_csv() on failure should not leave channel in a bad state If bad data is passed to ares_set_servers_csv() or ares_set_servers_ports_csv() it will clear the existing channel configured DNS servers, then a call to ares_send() will fail due to a bad malloc which may have undefined behavior. The fix now only clears existing servers on success. An additional sanity check was added in ares_send() to ensure nservers >= 1 or will result in ARES_ESERVFAIL. Bug: https://c-ares.haxx.se/mail/c-ares-archive-2018-03/0000.shtml Reported-by: Francisco Sedano Crippa - docs: Not all manpages are listed Some docs aren't installed or not showing up on https://c-ares.haxx.se/docs.html due to not being listed in Makefile.inc. Add missing docs and ensure docs are alphabetized. Version 1.14.0 (16 Feb 2018) Daniel Stenberg (16 Feb 2018) - ares_android.c: fix warning: ISO C forbids an empty translation unit - RELEASE-NOTES: some more work we did and people who helped Brad House (16 Feb 2018) - travis: skip Autotools style testing for cmake Fix cmake test build by skipping autotools portion of test script. - travis: standardize CMake test off of Autotools tests Instead of running 'make test', run the tests directly like autotools does. It provides more verbose output. - travis: Enable building tests for CMake Travis should auto-build and run tests for cmake builds now that PR #168 is merged. - fix version in pkgconfig - Add version update to CMakeLists in maketgz - Release prep. Add support for pkgconfig in cmake, set versions appropriately Gregor Jasny (15 Feb 2018) - CMake: Add tests Brad House (14 Feb 2018) - [Gregor Jasny brought this change] Use cmake3 package provided by Ubuntu (#182) - Cmake 3.1 instead of 3.2.1 should be the minimum - Update RELEASE-NOTES and RELEASE-PROCEDURE.md to prepare for next release - get rid of c++ style comments - Use trusty for all builds, precise is EOL. Update clang and cmake versions. - Current CMakeLists.txt doesn't support 2.8.12 anymore, we need to bump the version to 3.2.1 minimum - Re-organize sections in INSTALL.md and add CMake section - [Sergey Kolomenkin brought this change] remove compilation warnings in MSVC (#47) - document handling of timeouts for ares_process and ares_process_fd to close PR #57 - As per Issue #155, since we do not require gethostname() during init, if it fails, there's no reason for init to fail as it is only used to populate the domain GitHub (7 Feb 2018) - [David Drysdale brought this change] Document WSAStartup requirement (#180) David Drysdale (6 Feb 2018) - [Antonio Tajuelo brought this change] Added coderelease.io badge to readme.md for letting people subscribe to new versions (#174) - [Sheel Bedi brought this change] Update year in LICENSE.md to 2018 (#170) GitHub (4 Feb 2018) - [David Drysdale brought this change] travis: use VM not container for {L,A}SAN builds (#177) As per https://github.com/travis-ci/travis-ci/issues/9033, container based builds do not currently allow ptrace, which is used by LSAN and ASAN. Brad House (3 Feb 2018) - [acthompson-google-com brought this change] Android JNI code leaks local references in some cases (#175) * Add Google LLC to AUTHORS. * android: Explicitly delete all JNI local references, and cache JNI method IDs at initialization. * android: Only return ARES_ENOTINITIALIZED on failures in initialization code. Gregor Jasny (2 Jan 2018) - Embed fused Google Test 1.8.0 Brad House (21 Dec 2017) - [John Schember brought this change] android: Check returns for obj and classes are not NULL. Document API levels for various Android functions and objects used. (#166) - CARES_CHECK_TYPE should reference variable so a warning is not produced for -Werror compatibility - [Brad Spencer brought this change] Fix computation of IPv6 blacklist mask for values of netmask > 8. (#164) David Drysdale (14 Dec 2017) - travis: Only do coverage/distcheck on normal build - travis: only do pip install on Linux - travis: only test in IPv4 mode Travis' Trusty environment does not support IPv6. - test: allow restriction to one IP address family - [Roman Teterin brought this change] Fix a typo in init_by_resolv_conf (#160) Brad House (11 Dec 2017) - @gvanem says MSVC -RTCc option fails, looks erroneous to me, but the additional mask is harmless - Fix some other mingw warnings - Issue #143, get rid of windows build warning due to passing 'char **' to argument expecting 'const char **' - [Gregor Jasny brought this change] Distribute CMake files (#130) - Android variants may not have __system_property_get Some android systems like ARM64 may not have the __system_property_get symbol in libc (but still have it in the public headers). Detect this condition at build time. The __system_property_get method of retrieving name servers is deprecated as of Oreo so should strictly be a fallback mechanism anyhow. David Drysdale (9 Nov 2017) - [David Hotham brought this change] Wrong function name throughout man page (#154) - ares_data.c: iterate through substructs when freeing Previous code recursed into substructures, which makes it more likely that large/heavily-nested responses could use up lots of stack. - test: test ares_free_data on long chain of structs - [Felix Yan brought this change] Fix a typo in inet_ntop.c (#151) Daniel Stenberg (29 Sep 2017) - ares_gethostbyname.3: fix callback status values - ARES_ENOTFOUND means the _name_ wasn't found - ARES_ENODATA can be returned when a resolve fails Reported-by: Jakub Hrozek Bug: https://c-ares.haxx.se/mail/c-ares-archive-2011-06/0012.shtml Brad House (28 Sep 2017) - [John Schember brought this change] Fix DNS server lookup breaking with Android O due to Android removing access to net.dns# system properties. (#148) As of Android 8 (Oreo) access to net.dns# has been removed (https://developer.android.com/about/versions/oreo/android-8.0-changes.html). The reasoning given is that it, "improves privacy on the platform". Currently c-ares uses this to get the list of DNS servers. Now the only way to access the DNS server list is by using the Connectivity Manager though Java. This adds the necessary JNI code to use the Connectivity Manager and pull the DNS server list. The old way using __system_property_get with net.dns# remains for compatibilty. Using the Connectivity Manager requires the ACCESS_NETWORK_STATE permission to be set on the app. Existing applications most likely are not setting this and keeping the previous method as a fallback will at the very least ensure those apps don't break on older versions of Android. They will need to add this permission for Android 8 compatibility. Included in the patch are two initalization functions which are required. The JVM must be registered as well as the Connectivity Manager itself. There is no way to get the Connectivity Manager except though Java. Either being passed down to C directly or by passing in an Android Context which can be used to get the Connectivity Manager. Examples are provided in the documentation. - [Konstantinos Sofokleous brought this change] allow linking against the static msvc runtime library (#133) allow linking against the static msvc runtime library - [Gergely Nagy brought this change] Force using the ANSI versions of WinAPI functions (#142) When compiling c-ares with a build system that defines UNICODE, bad versions of WinAPI functions are used causing failures or even crashes. When windows.h is included in MBCS mode (like in the default build system), the ..A versions are the same as using the one without any suffix. - [cmake] build fix on Solaris GitHub (11 Sep 2017) - [Brad House brought this change] Win32 exclude legacy ipv6 subnets (#144) win32 ipv6: add infrastructure to exclude ipv6 subnets that are known to cause issues - [David Drysdale brought this change] windows: only look for ancient compilers (#146) Also drop the use of a versioned output directory; just use .\msvc - [David Drysdale brought this change] ares_init_options.3: match up sock_state_cb args (#141) Fixes #140 Daniel Stenberg (25 Aug 2017) - [Anna Henningsen brought this change] gethostbyaddr: fail with `ECANCELLED` for `ares_cancel()` When `ares_cancel()` was invoked, `ares_gethostbyaddr()` queries would fail with `ENOTFOUND` instead of `ECANCELLED`. It seems appropriate to treat `ares_cancel()` like `ares_destroy()`, but I would appreciate review of the correctness of this change. Ref: https://github.com/nodejs/node/issues/14814 Closes #138 David Drysdale (18 Aug 2017) - [David Hotham brought this change] support most recent Visual Studio 2017 Brad House (26 Jul 2017) - Preserve original DNS server order on Windows for equal metrics. qsort is not stable, in order to make it stable we need to record the original index and add it as a secondary sort value when the metrics are equal to prevent using DNS servers that may not work at all as reported by some users. David Drysdale (15 Jul 2017) - [Anna Henningsen brought this change] ares_parse_naptr_reply: make buffer length check more accurate 9478908a490a6bf009ba58d81de8c1d06d50a117 introduced a length check for records parsed by `ares_parse_naptr_reply()`. However, that function is designed to parse replies which also contain non-NAPTR records; for A records, the `rr_len > 7` check will fail as there are only 4 bytes of payload. In particular, parsing ANY replies for NAPTR records was broken by that patch. Fix that by moving the check into the case in which it is already known that the record is a NAPTR record. - appveyor: run dnsdump as a sanity check - travis: run dnsdump as a sanity check - test: use ares_free_string() throughout As pointed out by Gisle Vanem in #125. Daniel Stenberg (3 Jul 2017) - RELEASE-PROCEDURE.md: how to release Fixes #115 Closes #116 David Drysdale (2 Jul 2017) - test: Build dnsdump on Windows too Thanks to Gisle Vanem for showing the way: https://github.com/c-ares/c-ares/commit/b701af8a24cf9d173b1dbe5faedcea34642e92da#commitcomment-22830845 Brad House (26 Jun 2017) - [Christian Ammer brought this change] fix statement like #define - ares ssize_t define had a trailing semicolon (#120) David Drysdale (21 Jun 2017) - test: distribute the fuzzcheck.sh script The TESTS target runs fuzzcheck.sh so make sure it is included in the distributed tarball. (The test itself will be pointless when run on a distribution, because the fuzzing corpus directories are not shipped, but at least this means that `make -C test test` should work.) - test: run the name-parsing corpus check too Daniel Stenberg (21 Jun 2017) - dist: don't build/ship PDF versions in release archives ... experience says very few read them and they can still get build by those who want them.a - ares_version.h: bump version Version 1.13.0 (20 Jun 2017) Daniel Stenberg (20 Jun 2017) - RELEASE-NOTES: 1.13.0 - ares_set_socket_functions.3: added in 1.13.0 David Drysdale (18 Jun 2017) - ares_parse_naptr_reply: check sufficient data Check that there is enough data for the required elements of an NAPTR record (2 int16, 3 bytes for string lengths) before processing a record. - test: Feed in short NAPTR - test: Add fuzz input with short NAPTR - test: add ares_parse_naptr_reply to fuzzer - [noiz brought this change] Update ares.h to support compiling with QNX - [Dionna Glaze brought this change] Simple changes to appease stricter compilers. ares_process.c uses htonl, which needs included. ares_getnameinfo.c uses a dynamically selected format string for sprintf, which -Wformat-literal doesn't like. Usually one would use inttypes.h and a format string "%" PRIu32, but C99 is too new for some supported platforms. GitHub (16 Jun 2017) - [Gregor Jasny brought this change] CMake: Emulate interface library on import (#108) Closes: #104 Signed-off-by: Gregor Jasny Brad House (6 Jun 2017) - [ChristianAmmer brought this change] Added support for Windows DNS Suffix Search List (#93) This change solves issue #53. Support for suffix search lists was already built in for Linux. The search list could be set via set_search. With this change the suffix search list from Windows is read from the registry and then set into the ares configuration via set_search. There are two sources for the search list: The global DNS suffix search list. The primary and connection specific DNS suffixes if the global is not available. Contributed by @ChristianAmmer Daniel Stenberg (25 May 2017) - [Thomas Köckerbauer brought this change] configure: do not heck for ar if specified manually Closes #62 David Drysdale (23 May 2017) - ares_expand_name: limit number of indirections - test: fuzz input file that takes a while to process - test: copy data in fuzz regression driver Oops. GitHub (23 May 2017) - [David Drysdale brought this change] Convert char from ISO-8859-1 to UTF-8 (#99) Fixes #97 - [Gregor Jasny brought this change] travis: Use trusty for cmake builds (#109) kubuntu-backports dropped the CMake package for Precise David Drysdale (2 May 2017) - [David Hotham brought this change] msvc_ver.inc support most recent Visual Studio 2017 (#101) - test: use io.h not unistd.h for Windows - test: try building fuzz binaries on Windows - test: stick to int in ares-fuzz.c Using int rather than ares_ssize_t means this file needs no c-ares dependency - it's a general driver for any libFuzzer-style entrypoint. - test: force ARES_OPT_NOROTATE for no-rotate tests - test: check expected NOROTATE value - ares_create_query: use ares_free not naked free Accidentally added in commit 65c71be1cbe5 ("ares_create_query: avoid single-byte buffer overwrite") Brad House (17 Mar 2017) - Need ares.h for ares_ssize_t - tests should not use ssize_t, use ares_ssize_t GitHub (16 Mar 2017) - [Brad House brought this change] Portability updates for legacy systems. (#92) Socklen_t should not be used in code, instead ares_socklen_t should be used. Convert ssize_t to ares_ssize_t for portability since the public API now exposes this. David Drysdale (14 Mar 2017) - [Michael Osei brought this change] Update msvc_ver.inc (#91) For Visual Studio 2017 builds Daniel Stenberg (13 Mar 2017) - [Brad House brought this change] Windows DNS server sorting (#81) Original Patch From Brad Spencer: https://c-ares.haxx.se/mail/c-ares-archive-2016-04/0000.shtml My modifications include: * Dynamically find GetBestRoute2 since it is a Windows Vista+ symbol, and will fall back to prior behavior when not available. * Prefer get_DNS_AdaptersAddresses as the modifications should alleviate the concerns which caused us to prefer get_DNS_NetworkParams * Update AppVeyor to use MinGW-w64 instead of the legacy MinGW * Fix compile error in test suite for Windows. Original message from patch below: From: Brad Spencer Date: Fri, 29 Apr 2016 14:26:23 -0300 On Windows, the c-ares DNS resolver tries first to get a full list of DNS server addresses by enumerating the system's IPv4/v6 interfaces and then getting the per-interface DNS server lists from those interfaces and joining them together. The OS, at least in the way the c-ares prefers to query them (which also may be the only or best way in some environments), does not provide a unified list of DNS servers ordered according to "current network conditions". Currently, c-ares will then try to use them in whatever order the nested enumeration produces, which may result in DNS requests being sent to servers on one interface (hosting the current default route, for example) that are only intended to be used via another interface (intended to be used when the first interface is not available, for example). This, in turn, can lead to spurious failures and timeouts simply because of the server address order that resulted because of the enumeration process. This patch makes the (safe?) assumption that there is no other better rule to chose which interface's DNS server list should be prioritized. After all, a DNS lookup isn't something "per network"; applications don't look up "these DNS names on this interface and those DNS names on that interface". There is a single resource pool of DNS servers and the application should presume that any server will give it the "right" answer. However, even if all DNS servers are assumed to give equally useful responses, it is reasonable to expect that some DNS servers will not accept requests on all interfaces. This patch avoids the problem by sorting the DNS server addresses using the Windows IPv4/v6 routing tables. For example, a request to DNS server C on interface 2 that is actually sent over interface 1 (which may happen to have the default route) may be rejected by or not delivered to DNS server C. So, better to use DNS servers A and B associated with interface 1, at least as a first try. By using the metric of the route to the DNS server itself as a proxy for priority of the DNS server in the list, this patch is able to adapt dynamically to changes in the interface list, the DNS server lists per interface, which interfaces are active, the routing table, and so on, while always picking a good "best" DNS server first. In cases where any DNS server on any interface will do, this patch still seems useful because it will prioritize a lower-metric route's (and thus interface's) servers. David Drysdale (22 Feb 2017) - [Sergii Pylypenko brought this change] docs: fixed references to ares_set_local_ip4 and ares_set_local_ip6 - [Calle Wilund brought this change] ares test: fix win32 build errors with virtual socket function tests The added api requires both some typedefs not previously imported into the test build + the test code did not fully deal with socket differences on windows. - [Calle Wilund brought this change] ares_process: fix return type of socket_create function (win32 warning) Daniel Stenberg (31 Jan 2017) - [Calle Wilund brought this change] ares_set_socket_functions: Add man page Providing some rudimentary documentation for the added functionality Closes #72 - [Calle Wilund brought this change] ares-test: Add test helpers and cases for virtual socket IO * Added test case macro to automatically run tests twice, once "normal", once with virtual IO. * Changed most "live" query tests to run in dual mode to verify at least simple socket IO via virtual functions * Added test case for settings/duping socket functions & callback data - [elcallio brought this change] Implement using virtual socket IO functions when set Uses virtual socket IO functions when set on a channel. Note that no socket options are set, nor is any binding done by the library in this case, since the client defining these is probably more suited to deal with this. - [elcallio brought this change] Add virtual function set for socket IO Defines a structure of basic create, close, read/write functions as virtual function calls, settable for individual c-ares channels. David Drysdale (30 Jan 2017) - test: ignore aresfuzzname binary Gregor Jasny (14 Jan 2017) - [Stephen Sorley brought this change] Always use check_symbol_exists instead of check_function_exists. - Also add includes to TARGETS_INST_DEST - [Stephen Sorley brought this change] Windows build fixes - CMake: Export targets - CMake: Use GNUInstallDirs for install location defaults David Drysdale (11 Jan 2017) - Update Makefile.am for renamed INSTALL.md GitHub (11 Jan 2017) - [David Drysdale brought this change] docs: convert INSTALL to MarkDown & tweak (#83) - [Gregor Jasny brought this change] Merge pull request #77 from stephen-sorley/cmake_modernize Updated CMake minimum version to 2.8.12. Stephen Sorley (4 Jan 2017) - Changed executables to depend directly on internal libcares target, instead of against the external-facing alias targets. - Updated Travis to pull CMake 2.8.12 from kubuntu-backports ppa. - Updated CMake minimum version to 2.8.12. Changed the way usage requirements (include dirs, compile defs, dependent libraries) are specified, to match the recommended standard practice for modern CMake. This involves using target-specific functions (target_include_directories, target_compile_definitions, etc.), along with the PUBLIC, PRIVATE or INTERFACE modifiers. Updated chain-building support to imitate new-style Find modules (import libs), instead of old-style Find modules (cache variables). David Drysdale (26 Dec 2016) - [Chris Araman brought this change] configure: clock_gettime workaround (#75) Commits 7518c26, c41726b, and bc14ee7 brought this workaround to the CMake build system. This expands it to the autoconf build system. Fixes #71 - test: add fuzz entrypoint for ares_create_query() - test: Add gTest/gMock files to SOURCES Built tarballs are not including all of the files needed to build the test suite because they are missing from the _SOURCES variable in Makefile.am. - travis: Move build scripts under travis/ Travis doesn't always propagate errors in inline multi-line scripts, so move them all to be explicit shell scripts, each with set -e. - travis: check distributed tarball builds Daniel Stenberg (25 Oct 2016) - dist: ship msvc_ver.inc too Reported-by: Bruce Stephens Fixes #69 - [Aaron Bieber brought this change] fix build on OpenBSD - ares_version.h: bump, working on 1.12.1 now GitHub (18 Oct 2016) - [Gregor Jasny brought this change] Merge pull request #64 from bradh352/master Add CMake build system support to C-Ares. Brad House (5 Oct 2016) - suggested PROJECT_NAME change broke chain building as it needs the magic PROJECT_NAME set in the ADD_LIBRARY for matching. Fix to make both goals work - update MacOSX 10.12 detection - Expand XCode clock_gettime fix to include MacOS 10.12, not just iOS10 David Drysdale (4 Oct 2016) - Revert "travis: work around bug in PyCParser" This reverts commit a24a10a348fc00b8cfd684d91894a1df14880ea9. - travis: work around bug in PyCParser See https://github.com/pyca/cryptography/issues/3187 Brad House (3 Oct 2016) - PROJECT_SOURCE_DIR instead of CMAKE_CURRENT_SOURCE_DIR as per @gjasny - use a project name of c-ares as per @gjasny - Import curl conversion of Makefile.inc to cmake form dynamically as per bdoetsch@ameritech.net to make maintaining multiple build systems easier Daniel Stenberg (30 Sep 2016) - dist: add ares_library_initialized.* to the tarball David Drysdale (30 Sep 2016) - test: check ares_create_query with too-long name Daniel Stenberg (30 Sep 2016) - man pages: minor formatting edits Brad House (29 Sep 2016) - merge fc7917e from @daviddrysdale ... travis build updates for cmake - cleanups as per @gjasny ... Use naked IF statements and use NOT DEFINED Version 1.12.0 (29 Sep 2016) Daniel Stenberg (29 Sep 2016) - RELEASE-NOTES: 1.12.0 - [David Drysdale brought this change] ares-test-misc: test ares_create_query with escaped trailing dot - ares_create_query: avoid single-byte buffer overwrite ... when the name ends with an escaped dot. CVE-2016-5180 Bug: https://c-ares.haxx.se/adv_20160929.html Brad House (29 Sep 2016) - CMake: Unify library versioning with the libtool methodology to make keeping library versions in sync easier with the autotools build system Daniel Stenberg (29 Sep 2016) - ares_library_initialized.3: added - make: bump CARES_VERSION_INFO for release David Drysdale (29 Sep 2016) - man: update ares_init_options.3 Daniel Stenberg (29 Sep 2016) - ares_library_init.3: corrected the ares_library_init_mem proto Brad House (28 Sep 2016) - XCode v8 introduced clock_gettime() for iOS v10. However, it is a weak symbol, which means when earlier iOS versions try to use clock_gettime() it results in a crash due to the missing symbol. Detect this condition and do not set HAVE_CLOCK_GETTIME_MONOTONIC. - Adds cmake build system support to C-Ares. The patch does not modify any source files, it only adds 3 new files (CMakelists.txt, ares_build.h.cmake, ares_config.h.cmake) which form the build system. I've tried to go through as much of the autotools tests and extracted what I thought was appropriate, though many of the tests aren't as in-depth in CMake as they are for autotools ... it is unclear why some of them exist at all, I'm guessing for legacy systems that CMake probably doesn't support anyhow. Building the library, and examples (adig, ahost, acountry) plus installation should work across a large number of tested platforms. The tests have not yet been integrated. Daniel Stenberg (27 Sep 2016) - README.md: remove space from link - README: link to the correct c-ares badge! Reported-by: David Hotham Fixes #63 - docs: minor formatting edits - ares_destroy.3: formatting polish - ares_init.3: split the init docs into two separate man pages - SECURITY: point to the vulnerabilities page now - RELEASE-NOTES: synced with daa7235b1a5 - ares_create_query.3: edit language Tried to make the man page more readable. David Drysdale (26 Sep 2016) - test: fix gMock to work with gcc >= 6.x Taken from: https://github.com/google/googletest/issues/705#issuecomment-235067917 Daniel Stenberg (26 Sep 2016) - [Brad House brought this change] headers: remove checks for and defines of variable sizes ... they're not really used and by avoiding them in the ares_build.h output we make the public header less dependent on data sizes. David Drysdale (24 Sep 2016) - api: add ARES_OPT_NOROTATE optmask value Fix up a couple of problems with configuring whether c-ares rotates between different name servers between requests. Firstly, ares_save_options() returns (in *optmask) the value of (channel->optmask & ARES_OPT_ROTATE), which doesn't necessarily indicate whether the channel is or is not actually doing rotation. This can be confusing/incorrect if: - the channel was originally configured without ARES_OPT_ROTATE (so it appears that the channel is not rotating) - the /etc/resolv.conf file includes the 'rotate' option (so the channel is actually performing rotation). Secondly, it is not possible to reliably configure a channel to not-rotate; leaving off ARES_OPT_ROTATE is not enough, since a 'rotate' option in /etc/resolv.conf will turn it on again. Therefore: - add an ARES_OPT_NOROTATE optmask value to allow explicit configuration of no-rotate behaviour - in ares_save_options(), report the value of channel->rotate as exactly one of (optmask & ARES_OPT_ROTATE) or (optmask & ARES_OPT_NOROTATE). In terms of back-compatibility: - existing apps that set ARES_OPT_ROTATE will continue to rotate, and to have ARES_OPT_ROTATE reported back from ares_save_options() - existing apps that don't set ARES_OPT_ROTATE will continue to use local config/defaults to decide whether to rotate, and will now get ARES_OPT_ROTATE or ARES_OPT_NOROTATE reported back from ares_save_options() rather than 0. - ares_init_options: only propagate init failures from options Commit 46bb820be3a8 ("ares_init_options: don't lose init failure") changed init behaviour so that earlier errors in initialization weren't lost. In particular, if the user passes in specific options but they are not applied (e.g. because of an allocation failure), that failure needs to be reported back to the user; this also applies when duplicating a channel with ares_dup(). However, other initialization failures can be ignored and overridden -- in particular, if init_by_resolv_conf() or init_by_environment() fail, then falling back to default values is OK. So only preserve failures from the init_by_options() stage, not from all initialization stages. Fixes issue 60. - test: Force reinstall of libtool on OSX Travis build environment appears to have changed. - test: Add valgrind build variant - test: Add null pointer to gtest args GoogleTest assumes that there is a null pointer in argv[argc], so make it look like that. Without this change, tests run with command-line arguments get memory errors under valgrind/ASAN. Daniel Stenberg (21 Aug 2016) - AUTHOR: maybe gitgub isn't really an author =) - AUTHORS: added contributors from the git log - LICENSE.md: add a stand-alone license file Just the MIT license used in the top the source files moved out to a stand-alone file for easier reference and discovery. - README: added "CII best practices" badge - SECURITY.md: suggested "security process" for the project David Drysdale (17 Aug 2016) - test: Add Clang static analysis build to Travis Run scan-build over the library source code, but skip the tests. Needs a later Clang install in Travis - test: more info on how to run fuzz testing - test: make fuzzer driver code C not C++ - test: fuzzer mode for AFL's persistent mode When fuzzing with AFL, if the LLVM-based instrumentation is used (via the afl-clang-fast wrapper), then it is possible to have a single execution of the fuzzer program iterate multiple times over the fuzzing entrypoint (similar to libFuzzer's normal mode of execution) with different data. This is much (e.g. 10x) faster. Add code to support this, by checking whether __AFL_LOOP is defined at compile-time. Also, shift the code to effectively be C rather than C++. - test: simplify deps for fuzzer entrypoint No need to depend on the rest of the test code (ares-test.h) for the fuzzer entrypoint; this makes the entrypoint slightly simpler to build with LLVM's libFuzzer. Also shift the code to effectively be C rather than C++ - test: disable MinGW tests The test binary built in the MinGW build is failing for some reason. It works for me when I build locally, so I'm guessing it's down to some sort of AppVeyor environment issue. Disable for now. Daniel Stenberg (16 Aug 2016) - read_tcp_data: remove superfluous NULL check CID 56884 by Coverity. The pointer is already derefenced before this point so it can't be NULL here anyway. - web: http => https GitHub (20 Jul 2016) - [David Drysdale brought this change] Merge pull request #59 from fuze/master Update msvc_ver.inc for VS2015 Update 3 - [Chris Araman brought this change] Update msvc_ver.inc support Visual Studio 2015 Update 3 David Drysdale (2 May 2016) - Fix trailing comment for #endif Daniel Stenberg (30 Apr 2016) - email: use Gisle's "new" address David Drysdale (18 Apr 2016) - test: drop superfluous fuzz inputs Where there are multiple fuzz input files that only differ in the first two bytes (the query ID), just keep the first such file. svante karlsson (15 Apr 2016) - Update msvc_ver.inc support Visual Studio 2015 Update 2 David Drysdale (31 Mar 2016) - test: Run fuzzcheck.sh in Travis build - test: add fuzzing check script to tests Add a test script that runs the fuzzing command over the corpus of DNS packets. This doesn't actually do any fuzzing (it just runs them as inputs without generating any variations) but it does ensure that the fuzzing entrypoint is still working. - test: allow multiple files in aresfuzz command line If no arguments are specified, use stdin as input. Otherwise treat each argument as a filename and feed its contents to the fuzz entrypoint. - test: Add corpus of DNS packets For fuzz testing it is useful to start from a corpus of valid packets, so fill out the test/fuzzinput/ directory with a bunch of inputs. These packets were generated by temporarily modifying the c-ares process_answer() function to save off any incoming response messages. - test: Add utility to show DNS packet from file - [nordsturm brought this change] Fix nsort initialization Author: Alexander Drachevskiy http://c-ares.haxx.se/mail/c-ares-archive-2014-07/0004.shtml http://c-ares.haxx.se/mail/c-ares-archive-2014-07/0014.shtml - test: Check setting nsort=0 option is respected - test: Update fuzzing function prototype libFuzzer changed expected return type from void to int in LLVM 3.8. - Explicitly clear struct servent before use On a build where MSAN has been manually set up (which involves using an MSAN-instrumented version of the standard C++ library, see https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo) there's a warning about use of uninitialized memory here. It might be a false positive, but the fix is trivial so include it. - test: for AF_UNSPEC, return CNAME only for AAAA, but valid A record Also shuffle expected responses rsp6/rsp4 into the order they will occur. - [Chris Araman brought this change] msvc_ver.inc: support Visual Studio 2015 Update 1 - build: commonize MSVC version detection Remove the need to copy/paste version number mapping between Makefile.msvc and test/Makefile.msvc. - test: Use different name in live test - test: Only pass unused args to GoogleTest - ahost.c: add cast to fix C++ compile If ahost.c is force-compiled as C++ the missing cast from (void *) to (char **) is problematic. - ares_library_cleanup: reset ares_realloc too Otherwise a subsequent use of the library might use a previous incarnation's realloc() implementation. Daniel Stenberg (9 Mar 2016) - [Brad House brought this change] configure: check if tests can get built before enabled The current approach for disabling tests is not a good solution because it forces you to pass --disable-tests, rather than auto-detect if your system can support the tests in the first place. Many (most?) systems do not have C++11. This also causes issues when chain-building c-ares, the hosting system needs to be updated to support passing this additional flag if necessary, it doesn't seem reasonable to add this requirement which breaks compatibility. This change auto-detects if the system can build the tests and automatically disable them if it cannot. If you pass --enable-tests to configure and the system cannot build them either due to lack of system support, or because cross-compilation is being used, it will throw an appropriate error since the user indicated they really did want the tests. David Drysdale (3 Mar 2016) - [Viktor Szakats brought this change] Makefile.m32: add support for CROSSPREFIX - [Viktor Szakats brought this change] Makefile.m32: add support for extra flags Allow specification of CARES_{LD,C}FLAG_EXTRAS envvars for mingw - test: Build with MinGW on AppVeyor - test: avoid in6addr_* constants These aren't available on MinGW, so use explicit addresses instead. - test: add missing #includes for dns-proto.cc - [Gregor Jasny brought this change] Fix man page typos detected by Lintian Daniel Stenberg (19 Feb 2016) - configure: acknowledge --disable-tests Fixes #44 - AUTHORS: added contributors from the 1.11.0 release - bump: start working on the next version Version 1.11.0 (19 Feb 2016) Daniel Stenberg (19 Feb 2016) - RELEASE-NOTES: final edits for 1.11.0 David Drysdale (15 Feb 2016) - ares_dup.3: remove mention of nonexistent function ares_dup_options() doesn't exist, so don't document it. - test: skip repeated build steps Top-level buildconf/configure now triggers for the test/ subdir too, so don't need to do explicitly. - test: namespaces unavailable when cross-compiling Daniel Stenberg (13 Feb 2016) - configure: only run configure in test when NOT cross-compiling ... as the tests won't run cross-compiled anyway David Drysdale (13 Feb 2016) - test: prefer ON_CALL to EXPECT_CALL to reduce flakes For UDP tests, there's a chance of a retry. EXPECT_CALL only expects a single request to arrive at the server; ON_CALL allows for a UDP retry and repeats the same answer. Note that ON_CALL and EXPECT_CALL can't be mixed in the same test, and that tests that have a varied sequence of responses for the same repeated request still have to use EXPECT_CALL. Daniel Stenberg (13 Feb 2016) - configure: run configure in 'test' too Having the test dir completely stand-alone causes too many issues for users and devs. It still needs to be built specifically. - configure: build silently by default - buildconf: run test/buildconf too if present - test/configure: build silently by default - [Gregor Jasny brought this change] dist: Distribute README.md Closes #42 Version 1.11.0 (11 Feb 2016) Daniel Stenberg (11 Feb 2016) - Makefile.am: distribute the test dir too - RELEASE-NOTES: synced with 385582bd14b68a - [Nicolas \"Pixel\" Noble brought this change] ares_win32_init: make LoadLibrary work when using UNICODE too Closes #17 David Drysdale (11 Feb 2016) - Use "resolve" as synonym of "dns" in nsswitch.conf Modern Linux systems may have libnss_resolve from systemd as the resolver, which is then configured in /etc/nsswitch.conf with the "resolve" keyword rather than "dns". Fixes #33 - ares_set_socket_callback: make manpage match code The code in ares_process.c that invokes the socket creation/connection callback only checks for rc < 0, not for standard ares error codes. - Merge pull request #36 from AGWA-forks/master Add ares_set_socket_configure_callback() - test: Update init tests to match behaviour Unreadable config files are now treated the same way as absent config files. - [Fedor Indutny brought this change] Ignore `fopen` errors to use default values After 46bb820be3a83520e70e6c5f0c5133253fcd69cd `init_by_resolv_conf` errors are no longer swallowed in `ares_init_options`. This has exposed a previously unknown bug in `lookups` initialization code. If there is no lookup configuration in `resolv.conf`, `init_by_resolv_conf` will attempt to read it from other files available on the system. However, some of these files may have restricted permissions (like `600`), which will lead to `EACCESS` errno, which in turn is handled like a fatal error by `init_by_resolv_conf`. However, it sounds illogical that this error should be handled as a fatal. There is a `init_by_defaults` call that overrides `lookups` with default value, and certainly possible absence of lookup information is the reason why this function exists in a first place! I suggest handling any `fopen` errors as non-fatal ones, allowing to pick up the `lookups` value from different config files, or to pick up default value. Andrew Ayer (9 Feb 2016) - Document callback type in man page for ares_set_socket_callback - Add ares_set_socket_configure_callback() This function sets a callback that is invoked after the socket is created, but before the connection is established. This is an ideal time to customize various socket options. David Drysdale (9 Feb 2016) - test: ares_set_socket_callback failure behaviour - test: Check ares_parse_txt_reply_ext() entrypoint - [Fedor Indutny brought this change] txt: introduce `ares_parse_txt_reply_ext` Introduce `ares_txt_ext` structure with an extra `record_start` field, which indicates a start of a new TXT record, thus allowing to differentiate the chunks in the same record, from a chunks in a different record. Introduce a new API method: `ares_parse_txt_reply_ext` that works with this kind of struct. - doc: Update missed repo references - doc: Update docs on contributing - test: Run command line tools in Travis Do a quick execution of each of the command line tools in the continuous integration build, so that any (say) sanitizer failures show up. - acountry: drop inert test If ver_1 is true, then z0 and z1 must both be 'z', and so (z0 != 'z' && z1 != 'z') can never be true. CID 56879, pointed out by Coverity. - doc: update badge locations to master repo - test: Enable maintainer mode + debug in Travis - test: Add an iOS build target - test: Ignore SIGPIPE in tests - test: More initialization tests - test: Improve containerized test mechanism Aim is to ensure that code coverage information can escape the container. To do this: - Enter a new mount namespace too, so that we can... - Bind mount the expected source directory into the container - Share memory with the sub-process so coverage information is shared too. - test: Make contained tests easier to write - test: Add framework for containerized testing On Linux we can potentially use user and UTS namespaces to run a test in a pseudo-container with: - arbitrary filesystem (e.g. /etc/resolv.conf, /etc/nsswitch.conf, /etc/hosts) - arbitrary hostname/domainname. Include a first pass at the framework code to allow this, along with a first test case that uses the container. - test: Use a longer timeout for less flakiness Having occasional test failures from timeout before multiple queries can complete, so up the default timeout for the test from 100ms to 1500ms. - test: Make failure tests more robust Different platforms will do different numbers of allocations in the processing of a given API call; just check that the return code is either success or ENOMEM, and free off any returned state in the former case. Also cope with ECONNREFUSED as well as ENOTFOUND. - test: Get test code building under Windows - Initial nmake file based off library nmake file - Cast socket call arguments to (char *) - Use wrapper sclose() that maps to closesocket() or close() - Build a config.h indicating presence of headers - Conditionally include netdb.h - Remove unnecessary include of sys/socket.h - Force longer bitmask for allocation failure tracking - Call WSAStartup() / WSACleanup() in main() - Set TCP_NODELAY for mock server - Turn on tests in AppVeyor build - test: Disable tests that manipulate env on Windows - test: Move file lists into Makefile.inc In preparation for a Win32 build of the test suite. - test: Add a simple multi-server test Check rotate option does something - test: Allow for multiple mock servers - Update the MockServer to allow separate specification of UDP and TCP ports - Have an array of mock servers listening on consecutive sets of ports. - Rename Process(fd) to ProcessFD(fd) to avoid confusion. - Initialize channel by using the new ares_set_servers_ports() entrypoint, so multiple ports on the same loopback address can be used. - test: Update test for set/get_servers variants Ports are significant in the _ports_ variant functions, so update test to cope. - test: Make GetNameServers() utility function port-aware Also make it generally available. - test: more testing, including of internal static functions - test: more tests, especially fallback processing - Make mock server listen on UDP + TCP in parallel. - Test UDP->TCP fallback on truncation - Test EDNS->no-EDNS fallback - Test some environment init options - Test nonsense reply test: short response - test: more tests, particularly of initialization - test: Run mock tests over both TCP and UDP With the exception of a few tests that make use of the timed retry aspect of UDP. - test: Run mock tests over both IPv4 and IPv6 - test: Add more tests for edge cases - test: more nooks and crannies of pton functions - test: More tests for PTR parsing - test: Use of HOSTALIAS environment variable - test: Add RAII utility classes for testing - TempFile holds specific contents - EnvValue sets an environment variable - test: More search domain scenarios - test: Remove duplicate flags from Makefile.am - test: Make test code leak-free - test: More tests - test use of sortlist - test gethostbyname(AF_UNSPEC) - test: Test ares_gethostbyname_file() - test: Add more tests of ares_getnameinfo() - test: Tweak tests, add alloc failure test - test: Test init with options - test: More tests - ares_inet_net_pton() variants - ares_getsock() variants - test: Expose ProcessWork() function - test: More parsing tests Including: - Split each parse function test set out into separate files. - Add an allocation failure test for each parsing function. - Add error check test for each parsing function. - test: Add various additional tests - test: More tests Include tests of internal functions, based on the value of the CARES_SYMBOL_HIDING macro; need to configure the library with --disable-symbol-hiding to enable these tests. - test: Allow command line override of mock server port - test: Add README.md documentation - test: Temporarily avoid latest Python requests package Currently get error from Travis on this install step, and downgrading one version appears to fix the problem. "Could not find any downloads that satisfy the requirement pyOpenSSL>=0.13 (from requests[security])" - test: Add AppVeyor config file for Windows build - test: Add configuration for a Travis build Cover Linux & OSX on the container infrastructure, but install a later G++ to satisfy the tests' need for C++11. Use a build matrix to include a variety of build variants: - ASAN - UBSAN - LSAN - Coverage via coveralls.io test: invoke ASAN and coverage in Travis build Also shift to use explicit build matrix test: Use coveralls.io for coverage tracking test: Add a build with UBSAN Also expand and re-order the setting of environment variables for easier modification. test: Add LSAN build to Travis config - test: Add initial unit tests for c-ares library The tests are written in C++11, using the GoogleTest and GoogleMock frameworks. They have their own independent autoconf setup, so that users of the library need not have a C++ compiler just to get c-ares working (however, the test/configure.ac file does assume the use of a shared top-level m4/ directory). However, this autoconf setup has only been tested on Linux and OSX so far. Run with "./arestest", or "./arestest -v" to see extra debug info. The GoogleTest options for running specific tests are also available (e.g. "./arestest --gtest_filter=*Live*"). The tests are nowhere near complete yet (currently hitting around 60% coverage as reported by gcov), but they do include examples of a few different styles of testing: - There are live tests (ares-test-live.cc), which assume that the current machine has a valid DNS setup and connection to the internet; these tests issue queries for real domains but don't particularly check what gets returned. The tests will fail on an offline machine. - There a few mock tests (ares-test-mock.cc) that set up a fake DNS server and inject its port into the c-ares library configuration. These tests allow specific response messages to be crafted and injected, and so are likely to be used for many more tests in future. - To make this generation/injection easier, the dns-proto.h file includes C++ helper classes for building DNS packets. - Other library entrypoints that don't require network activity (e.g. ares_parse_*_reply) are tested directly. - There are few tests of library-internal functions that are not normally visible to API users (in ares-test-internal.cc). - A couple of the tests use a helper method of the test fixture to inject memory allocation failures, using the earlier change to the library to allow override of malloc/realloc/free. - There is also an entrypoint to allow Clang's libfuzzer to drive the packet parsing code in ares_parse_*_reply, together with a standalone wrapper for it (./aresfuzz) to allow use of afl-fuzz for further fuzz testing. - test: Add local copy of GoogleMock/GoogleTest 1.7.0 Don't check in gtest/m4 files, as they are unused and interfere with the top-level configure process. - doc: Show build badges in README.md Note that these URLs will need to be updated if/when the test branch gets pulled into the master repo/branch. - doc: Convert README to README.md Gives better display on GitHub - doc: Update in preparation for next release Assume 1.11.0 is next (as there are various API additions). Also add myself to AUTHORS. - build: Allow header compilation by Windows C++ compiler - build: Expose whether symbol hiding is on Adding the CARES_SYMBOL_HIDING definition allows the test suite to detect whether internal symbols are available or not. - build: Add autoconf macros for C++11 code using pthreads Pull in testing macros from the GNU autoconf archive to allow configure scripts to test for and setup use of a C++11 compiler (AX_CXX_COMPILE_STDCXX_11) and the pthreads library (AX_PTHREAD). Note that these macros are not used by the main library autoconf, just by the tests (which share the same m4/ directory). - build: Add a code coverage option Configure with: ./configure --enable-code-coverage Show coverage output with: make code-coverage-capture Built on m4/ax_code_coverage.m4 from the GNU autoconf archive to provide the macros to check for presence of gcov + lcov; upstream macro modified to: - Remove use of $(AM_DEFAULT_VERBOSITY) , as earlier versions of autoconf (such as the one used by default on Travis) do not have this. - Rather than automatically defining CODE_COVERAGE_RULES to be a set of makefile rules that use ifeq/endif (which is GNU make-specific), instead only define CODE_COVERAGE_RULES if coverages is turned on, and in that case don't use conditionals in the makefile. - api: Add entrypoints to allow use of per-server ports Add user-visible entrypoints ares_{get,set}_servers_ports(3), which take struct ares_addr_port_node rather than struct ares_addr_node. This structure includes a UDP and TCP port number; if this is set to zero, the channel-wide port values are used as before. Similarly, add a new ares_set_servers_ports_csv(3) entrypoint, which is analogous to ares_set_servers(3) except it doesn't ignore any specified port information; instead, any per-server specified port is used as both the UDP and TCP port for that server. The internal struct ares_addr is extended to hold the UDP/TCP ports, stored in network order, with the convention that a value of zero indicates that the channel-wide UDP/TCP port should be used. For the internal implementation of ares_dup(3), shift to use the _ports() version of the get/set functions, so port information is transferred correctly to the new channel. Update manpages, and add missing ares_set_servers_csv to the lists while we're at it - api: Add ares_set_sortlist(3) entrypoint Allow explicit configuration of the channel's sortlist, by specifying a string in the same format as the equivalent /etc/resolv.conf option. This allows library users to perform the same configuration that is available via /etc/resolv.conf, but without needing to change that file. - api: Allow injection of user-specified malloc/free functions Add a new ares_library_init_mem() initialization function for the library which allows the library user to specify their own malloc, realloc & free equivalents for use library-wide. Store these function pointers in library-wide global variables, defaulting to libc's malloc(), realloc() and free(). Change all calls to malloc, realloc and free to use the function pointer instead. Also ensure that ares_strdup() is always available (even if the local environment includes strdup(3)), and change the library code to always use it. Convert calls to calloc() to use ares_malloc() + memset - api: Add option to expose some internal functions Purely for testing, add --enable-expose-statics option to configure which converts some static internal functions to be externally visible. - api: Expose the ares_library_initialized() function - ahost: Allow repeated -s options This also removes a potential leak where later -s options would replace earlier ones without freeing the relevant string. - Mark unhittable lines Add comments for the benefit of the lcov tool, marking lines that cannot be hit. Typically these are fall-back protection arms that are already covered by earlier checks, and so it's not worth taking out the unhittable code (in case someone changes the code between the two places in future). - ares_set_servers_csv.3: make return type match code - bitncmp: update comment to match code behaviour - ares_striendstr: fix so non-NULL return can happen This looks to have been broken since it was first introduced in 2005 in commit aba0b775ea30 ("Added ares_getnameinfo which mimics the getnameinfo API") - config_sortlist: free any existing sortlist on (re)alloc failure If we get an allocation failure on 2nd or later entry in the sortlist, the code would return ENOMEM but still leave the initial entries allocated. Ensure that *sortlist is set to NULL whenever ENOMEM is returned. - ares_dup: clear new channel on failure If the attempt to transfer IPv6 servers from the old to the new channel fails, the previous code would still return a channel to the user even though an error return code was generated. This makes it likely that users would leak the channel, so explicitly clear the channel in this case. - ares_init_options: don't lose init failure If (say) init_by_options() fails, the subsequent call to init_by_defaults() was overwriting the return code with success. Still call init_by_defaults() regardless, but track its return value separately - ares_gethostbyname: don't leak valid-but-empty hostent If an AF_UNSPEC query gets a valid response to its AAAA query, but which has no IPv6 addresses in it, then the code chains on to a A record query. However, the hostent from the AAAA response was being leaked along the way (because it gets replaced before the follow-on end_hquery() invocation). - ares_parse_txt_reply: propagate errors from per-substring loop If we get an allocation failure when processing a particular substring in a TXT record, that failure is silently lost; fix that by propagating errors from the inner loop to the outer loop. - process_answer: fix things up correctly when removing EDNS option When a server rejects an EDNS-equipped request, we retry without the EDNS option. However, in TCP mode, the 2-byte length prefix was being calculated wrong -- it was built from the answer length rather than the length of the original request. Also, it is theoretically possible that the call to realloc() might change the data pointed to; to allow for this, qbuf also needs updating. (Both these fixes were actually included in a patchset sent on the mailing list in Oct 2012, but were included with other functional changes that didn't get merged: http://c-ares.haxx.se/mail/c-ares-archive-2012-10/0004.shtml) - ares__read_line: clear buf pointer on realloc failure - ares_expand_name: check for valid bits in label length The top two bits of the label length indicate whether this is a label length (00) or an index to a name elsewhere in the message (11). RFC1035 4.1.4 says that the other possible values for the top two bits (01, 10) are reserved for future use. Daniel Stenberg (23 Jan 2016) - [Gregor Jasny brought this change] Fix typos detected by lintian Closes #32 - [Gregor Jasny brought this change] Distribute all man pages - README.cares: s/I/Daniel ... and add a pointer to an existing version of the original area 1.1.1 package.a - read_tcp_data: don't try to use NULL pointer after malloc failure CID 56884, pointed out by Coverity. We really should make this function return an error code so that a malloc() failure can return back a major failure. - configure_socket: explicitly ignore return code CID 56889 in Coverity pointed out the return code from setsocknonblock() is ignored, and this added typecast to (void) makes it explicit. - ahost: check the select() return code Fixes CID 137189, pointed out by Coverity David Drysdale (18 Jan 2016) - Fix buildconf on platforms using glibtoolize Commit c49a87eea538 changed buildconf to only check for libtoolize, but missed a line - Don't exit loop early leaving uninitialized entries Update for commit affc63cba875d. The original patch from Gregor Jasny did not have the break statement; I incorrectly added it to prevent continuing the loop. However, the later entries in the array would then be left uninitialized, causing problems for later cleanup. So fix to match Gregor's original patch, with apologies. Daniel Stenberg (18 Jan 2016) - buildconf: remove check for libtool, it only requires libtoolize David Drysdale (17 Jan 2016) - [Gregor Jasny brought this change] Use libresolv to initialize cares on iPhone targets On iPhone targets like iOS, watchOS or tvOS the file /etc/resolv.conf cannot be used to configure cares. Instead the resolver library is queried for configuration values. CC: Yury Kirpichev Daniel Stenberg (17 Jan 2016) - README: updated to new repo URL David Drysdale (14 Jan 2016) - [Lei Shi brought this change] Fixing slow DNS lookup issue This patch is fixing the dns lookup issue due to dummy dns information of a disconnected adapter(in my case is a bluetooth adapter). I changed the dns lookup policy to try GetNetworkParams first because the GetNetworkParams provides the most reliable dns information (lots of checks were done by system). I also filter out inoperable adapter in DNS_AdaptersAddresses in case GetNetworkParams fail. - Merge pull request #30 from p-push/vs-2015 Support Visual Studio 2015 Oleg Pudeyev (3 Jan 2016) - [Gisle Vanem brought this change] Support Visual Studio 2015 David Drysdale (11 Nov 2015) - [Andrew Andkjar brought this change] added another version case to Makefile.msvc nmake version 11.00.61030.0 resolves to CC_VERS_NUM = 110 - Merge pull request #26 from bitbouncer/vs-2013 added define for visual studio 2013 svante karlsson (25 Jun 2015) - added define for visual studio 2013 Jakub Hrozek (6 Nov 2014) - ares__read_line: free buf on realloc failure - Destroy options if ares_save_options fails It's possible that, if ares_save_options failed, the opts structure would contain some allocated memory. Calling ares_destroy_options in this case is safe, because ares_save_options zeroes out the memory initially. - [David Drysdale brought this change] Continue loop if space for hostname not large enough When attempting to build a search domain from the local hostname (used as a fallback when no other methods have given a search domain), the code doubles the buffer size on each loop iteration. However, the loop previously had a WHILE_FALSE terminator so the continue statement exited the loop rather than going round again. Daniel Stenberg (30 Oct 2014) - ares_getnameinfo.3: there is no ares_getaddrinfo David Drysdale (30 Sep 2014) - [Gregor Jasny brought this change] Prevent tmpbuf from overrunning Fix Coverity error CID 56886. Signed-off-by: Gregor Jasny - [Gregor Jasny brought this change] Re-start loop if select fails Fix Coverity error CID 56882 Signed-off-by: Gregor Jasny - [Gregor Jasny brought this change] Free temporary variable in error path Fix Coverity CID 56890 Signed-off-by: Gregor Jasny - [Gregor Jasny brought this change] Fix integer shift overflow if both tcp_socket and udp_socket are set The problem occurs if at the start of the loop the sockindex is at the last valid ARES_GETSOCK_MAXNUM position. If then both udp_socket and tcp_socket are valid, sockindex gets incremented for UDP first and points one entry behind the array for the tcp block. So the fix is to check after every increment of sockindex if it is still valid. Fix Coverity error CID 56878 Signed-off-by: Gregor Jasny - [Gregor Jasny brought this change] Null check before dereference Fix Coverity error CID 56880 Signed-off-by: Gregor Jasny Jakub Hrozek (28 Jul 2014) - [Gisle Vanem brought this change] Comment in ares_ipv6.h David Drysdale (25 Jul 2014) - CONTRIBUTING: add file to indicate mailing list is preferred - Add -t u option to ahost Add an option to allow specification of the AF_UNSPEC address family. Jakub Hrozek (24 Jul 2014) - host_callback: Fall back to AF_INET on searching with AF_UNSPEC Previously, when an ares_gethostbyname() searched with AF_UNSPEC and the first AF_INET6 call only returned CNAMEs, the host_callback never retried AF_INET. This patch makes sure than on ARES_SUCCESS, the result of AF_INET6 is taken as authoritative only if the result contains some addresses. - [David Drysdale brought this change] Move memset call below platform-specific declarations A GitHub commenter [1] says that my recent change to ahost.c has problems compiling on Windows + C89 platforms. [1] https://github.com/bagder/c-ares/commit/ee22246507c9#commitcomment-6587616 - [David Drysdale brought this change] Update ahost man page to describe -s option. Commit ee22246507c9 added the -s option to the ahost command, but neglected to update the man page to describe it. Also fix typo in description of -t option. - ares_parse_soa_reply: Do not leak rr_name on allocation failure If ares_malloc_data failed, already allocated rr_name would go out of scope. - [David Drysdale brought this change] Don't override explicitly specified search domains Only set search domains from /etc/resolv.conf if there isn't a value already present in the channel. - [David Drysdale brought this change] Allow specification of search domain in ahost Add the "-s domain" command line option to override the search domains. Daniel Stenberg (12 May 2014) - Revert "ares_parse_aaaa_reply: fix leak when reply contains 1 alias and no address" This reverts commit 440110b303fdbfadb3ad53d30eeb98cc45d70451. - [Frederic Germain brought this change] ares_parse_aaaa_reply: fix leak when reply contains 1 alias and no address - [Doug Kwan brought this change] ares_build.h: fix building on 64-bit powerpc There are two issues. 1. gcc actually does not use __ppc__ and __ppc64__ but __PPC__ and __PPC64__. The tests of __ILP32__ and __LP64__ are sufficient for gcc. 2. clang defines __GNU__ and defines both __ppc64__ and __ppc__ when targeting ppc64. This makes CARES_SIZEOF_LONG to be 4 on a ppc64 system when building with clang. My patch is two change the order of the checks so that we check the 64-bit case first. - refresh: updated now with automake 1.14 - [David Drysdale brought this change] single_domain: Invalid memory access for empty string input We noticed a small buglet in ares_search() when it gets an empty string as input -- the single_domain() utility function in ares_search.c accesses invalid memory (before the start of the string). Guenter Knauf (31 Aug 2013) - Fixed warning 'type specifier missing'. Daniel Stenberg (30 Aug 2013) - [Tor Arntsen brought this change] ares_rules.h: CARES_SIZEOF_LONG doesn't exist anymore, don't test for it It was removed in f19387dd72432 - nowarn: use instead of configure for size of long This makes the header file much more multi-arch friendly and can be used as-is with both 32 bit and 64 bit builds. - timeoffset: made static and private ares__timeoffset() was only used once within this single source file - timeadd: make static ares__timeadd() was only ever used from within the same source Yang Tse (18 Jul 2013) - xc-am-iface.m4: comments refinement - configure: fix 'subdir-objects' distclean related issue See XC_AMEND_DISTCLEAN comments for details. - configure: automake 1.14 compatibility tweak (use XC_AUTOMAKE) - xc-am-iface.m4: provide XC_AUTOMAKE macro Daniel Stenberg (12 May 2013) - gitignore: ignore all ares_*pdf but also CHANGES.dist - bump: start working towards 1.10.1 Version 1.10.0 (12 May 2013) Daniel Stenberg (12 May 2013) - RELEASE-NOTES: two more bug fixes - [Keith Shaw brought this change] ares_set_servers_csv: fixed IPv6 address parsing Fixed bug that caused the last part of an IPv6 address to be parsed as the port number when the last part is all numeric. - nroff: fix two syntax mistakes ares_parse_a_reply and ares_parse_aaaa_reply both had two \fB instead of \fP Reported-by: Alexander Klauer Bug: http://c-ares.haxx.se/mail/c-ares-archive-2013-03/0010.shtml - [Alex Loukissas brought this change] build: fix build on msvc11 - Makefile.am: increment -version-info for 1.10.0 release - README: remove unnecessary comment - ares_version.h: copyright end range year is now 2013 - RELEASE-NOTES: synced with fb0737f3a0a1c37 - [Paul Saab brought this change] ares_parse_aaaa_reply: Plug memory leak This change is similar to ares_parse_a_reply.c in commit bffd67f16a8f42fe6dbf79ab2e39d92eea05c8a6 - [Patrick Valsecchi brought this change] ares_parse_txt_reply: return a ares_txt_reply node for each sub-string Previously, the function would wrongly return all substrings merged into one. - [Alexander Klauer brought this change] library init: documentation update This commit updates the documentation of ares_library_init() and ares_library_cleanup() with regard to the newly introduced reference counting of initializations and deinitializations. - [Alexander Klauer brought this change] library init: be recursive Previously, a single call to ares_library_cleanup() would deinitialise the c-ares library, regardless of how many times ares_library_init() was called. This behaviour may cause problems in programs linking two or more libraries which, in turn, use c-ares. The present commit fixes this problem, deinitializing the library only after a number of calls to ares_library_cleanup() matching the number of calls to ares_library_init(). - [Patrick Valsecchi brought this change] protocol parsing: check input data stricter ... so that bad length fields aren't blindly accepted Bug: http://c-ares.haxx.se/mail/c-ares-archive-2013-04/0016.shtml Guenter Knauf (11 Apr 2013) - Create ares_build.h when buidling from Git. - Added -DCARES_STATICLIB to CFLAGS. Currently this static makefile does only support building the static library libcares.a. Daniel Stenberg (8 Apr 2013) - [Alexander Klauer brought this change] .gitignore: ignore patch files This commit adds a line to .gitignore to the effect that patch files generated by 'git format-patch' are excluded from the repository. - [Alexander Klauer brought this change] ares_destroy() documentation: no new requests Clarify that no new requests may be added to a resolver channel that is currently being destroyed. - [Alexander Klauer brought this change] Documentation: properly document ARES_ECANCELLED This commit clarifies the behaviour of ares_cancel() with respect to callbacks and adds missing documentation of ARES_ECANCELLED to the man pages of the affected functions. - [Alexander Klauer brought this change] ares_cancel(): cancel requests safely An invocation of ares_cancel() walks through the request list, calling the callbacks of all pending requests on a channel. Previously, if such a callback added a new request to the channel, the request list might not end up empty, causing an abort by assertion failure. The present commit ensures that precisely all requests present upon entry of ares_cancel() are cancelled, and that adding new requests through callbacks is safe. Yang Tse (10 Mar 2013) - ares.h: stricter CARES_EXTERN linkage decorations logic No API change involved. - ares_build.h.dist: enhance non-configure GCC ABI detection logic GCC specific adjustments: - check __ILP32__ before 32 and 64bit processor architectures in order to detect ILP32 programming model on 64 bit processors which, of course, also support LP64 programming model, when using gcc 4.7 or newer. - keep 32bit processor architecture checks in order to support gcc versions older than 4.7 which don't define __ILP32__ - check __LP64__ for gcc 3.3 and newer, while keeping 64bit processor architecture checks for older versions which don't define __LP64__ Daniel Stenberg (9 Mar 2013) - ares.h: there is no ares_free_soa function