SECURITY: Do not hang, eating CPU, if we encounter a compression pointer loop

[adns.git] / changelog

adns (1.5.2~) UPSTREAM; urgency=medium

  * 

 --

adns (1.5.1) UPSTREAM; urgency=medium

  * Portability fix for systems where socklen_t is bigger than int.
  * Fix for malicious optimisation of memcpy in test suite, which
    causes failure with gcc-4.1.9 -O3.  See Debian bug #772718.
  * Fix TCP async connect handling.  The bug is hidden on Linux and on most
    systems where the nameserver is on localhost.  If it is not hidden,
    adns's TCP support is broken unless adns_if_noautosys is used.
  * Fix addr queries (including subqueries, ie including deferencing MX
    lookups etc.) not to crash when one of the address queries returns
    tempfail.  Also, do not return a spurious pointer to the application
    when one of the address queries returns a permanent error (although,
    the application almost certainly won't use this pointer because the
    associated count is zero).
  * adnsresfilter: Fix addrtextbuf buffer size.  This is not actually a
    problem in real compiled code but should be corrected.
  * Properly include harness.h in adnstest.c in regress/.  Suppresses
    a couple of compiler warnings (implicit declaration of Texit, etc.)

 -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Fri, 12 Aug 2016 22:53:59 +0100

adns (1.5.0) UPSTREAM; urgency=low

  * Release 1.5.0.  No changes since 1.5.0~rc1.

 -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Sun, 26 Oct 2014 14:57:10 +0000

adns (1.5.0~rc1) UPSTREAM; urgency=low

  ABI/API changes:
  * Provide adns_qf_cname_strict flag, currently ignored because it's the
    default.  This will allow us to make this not the default in the future
    while retaining forward and backward API and ABI compatibility.
  * Add `sizeforce' enum member value to force enum types in the APIs to be
    big (which will avoids theoretical future ABI-incompatibility).
  * Reject unknown flags passed by our caller.  This will make it ABI-safe
    (although not ABI-backward-compatible) to add new flags in the future,
    as newer clients running against this old library will get ENOSYS.

  resolv.conf parsing:
  * Support `adns_ignoreunkcfg' resolv.conf option to ignore unknown
    options and keywords in resolv.conf.
  * Ignore various BIND9 resolv.conf keywords and options.
  * Fix resolv.conf option word splitting.

  Tests, build system, coding style, etc.:
  * Test cases show rrtype flag values in hex.
  * Parallelise `make check'.
  * Make vbuf__append_quoted1035 no longer extern (there are no out-of-file
    callers).
  * Remove all RCSids.
  * When releasing, check that the `make dist' tarball is identical to git.
    And provide a test mode for the RELEASE-CHECKLIST doc/script.
  * Add `make dist' tarball signature to .gitignore.
  * More correctly and effectively work around bugs in make (Debian #4073,
    #756123) affecting regress.

 -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Sun, 26 Oct 2014 13:24:00 +0000

adns (1.5.0~rc0) UPSTREAM; urgency=low

  New features:
  * Support for queries about IPv6 data in all applicable adns
    query types (including AAAA, PTR, and adns_r_addr queries).
    (Thanks very much to Mark Wooding.)
  * Support for transport over IPv6.  (Thanks to Mark Wooding again.)
  * adns_addr2text and adns_text2addr: Convenient functions for
    converting between addresses and address literals.

  Bugfixes:
  * Fix a crashing bug in adnslogres.  (Debian#392102.)
  * Do all checks of checked PTR owner name before actually sending the
    query, and reject IPv4 PTR owner names whose labels have leading zero
    digits or values >255.

  Build system fixes and improvements:
  * `make clean' removes the pipes.
  * Work around bugs in make (Debian #4073, #756123) affecting regress.
  * Do not include Makefile and src/config.h in distribution tarball.

  Regression test debugging improvements:
  * Provide gdbwrap convenience script.
  * Honour ADNS_TEST_DEBUG env. var.  (Mark Wooding.)

  Other improvements:
  * Licence changed to GPLv3 (still LGPLv2 for adns.h).
  * Source code cleanups.  (Some from Mark Wooding.)
  * Now in git.
  * Documentation and webpage updates.

 -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Mon, 20 Oct 2014 01:29:50 +0100

adns (1.4); urgency=low

  Improvements for multithreaded programs:
  * New documentation comment in adns.h explaining thread guarantees
    (or lack of them), replaces `single-threaded' note at the top.
  * Fix string conversion of adns_r_addr not to use a static buffer
    (function csp_addr) so as to make thread promise true.
  * Make an internal variable const-correct (expectdomain in pa_ptr).

 -- Ian Jackson <ian@davenant.greenend.org.uk>  Tue, 17 Oct 2006 17:05:08 +0100

adns (1.3); urgency=low

  Portability fixes:
  * Cast ptrdiff_t to int for %.*s length in adnsheloex and adnslogres,
    as is required.  (Report from Jim Meyering.)
  * In configure.in, quote macro name argument to define() to
    suppress spurious autoconf error.  (Report from Mihai Ibanescu.)
  * Use autoconf's values for {bin,lib,include}dir rather than inventing
    our own from @exec_prefix@, making configure --libdir work.
    (Patch from Mihai Ibanescu.)
  * Remove spurious `_' from {bin,lib,include}dir Makefile variables.
    (Report from Mihai Ibanescu.)
  * Do away with `mismatch' variable in parse.c:adns__findrr_anychk so that
    overzealous GCC cannot complain about members of eo_fls being
    uninitialised.  (Report from Jim Meyering.)

 -- Ian Jackson <ian@davenant.greenend.org.uk>  Tue,  6 Jun 2006 20:22:30 +0100

adns (1.2); urgency=medium

  New features:
  * Support for SRV RRs.
  * Support for unknown RR types (according to RFC3597) via adns_r_unknown.
  * Allow `;'-comments in resolv.conf (report from Colin Charles).    
  * New adnsheloex client courtesy of Tony Finch.
  * New adns_init_logfn etc. for having logging use a callback function.

  Bugfixes:
  * Fix error in prototype in definition of adns__parse_domain.
  * Add missing ENOTSOCK to hcommon.c.m4 (was already in hcommon.c!)

  Portability fixes prompted by Bernd Eckenfels, the Debian maintainer:
  * Correct type of various printf arguments: ptrdiff_t != int.
  * Do not print size of leaked blocks of memory (this causes
    a spurious regression test failure on some platforms).
  * Provide adns_if_none and adns_qf_none (which will help with compilers
    which complain about plain `0' being passed where an enum is wanted).
  * adnstest converts some errno values to EFOOBAR: all of the ones
    mentioned in adns.h, at least.  This makes the regression test
    more portable (fixes problem noticed by Bernd Eckenfels).
  * Add -Wno-pointer-sign if GCC has that option.

  Documentation improvements:
  * Add documentation comment by definition of adns_r_ptr_raw type enum.
  * Document in adns.h EINVAL from adns_init meaning bad configuration.
  * Include several new references to related programs to README.html.
  * Redacted the TODO list.
  * New LICENCE.WAIVERS file for GPL-incompatility workarounds.
  * Clarified GPL-vs-LGPL: a bit less hostile and a bit more mercenary.
  * Copyright notices updated.

  Packaging changes:
  * Update MINOR to 2 and DISTVERSION and ADNS_VERSION_STRING to 1.2.
  * Reran autoconf/autoheader (autoconf Debian 2.13-54).
  * Create $(bin_dir) and $(lib_dir) on `make install', and also
    make a libadns.so.1 -> libadns.so.1.<minor> link.  (Suggestions
    and patch from Nix of esperi.org.uk.)
  * Add .PHONY: install to Makefile, to help people with demented fs's.
  * Darwin listed in INSTALL.

  Minor test harness improvements:
  * Hgettimeofday calls Tensurerecordfile (was Tensureinput/outputfile).
  * Add bind(2) and listen(2) wrappers (for epithet, but harmless in adns).

 -- Ian Jackson <ian@davenant.greenend.org.uk>  Sat,  8 Apr 2006 15:41:28 +0100

adns (1.1); urgency=medium

  Major bugfixes:
  * Do not spin if connect() fails immediately (!)
  * Stop searching on a CNAME (even if it's broken).
  * When search list runs out, _qf_owner sets owner to query domain.
  * Fix bogus multiple updates to p in transmit.c (!)

  Portability improvements:
  * Fix up spurious #undef's in hredirect.h.
  * Don't use <sys/select.h> any more, it was a mistake made in pre-1.0
    (and there doesn't seem to be much explanation why).
  * Understand and sort of check OpenBSD `lookup' resolv.conf directive.
  * #include <stdlib.h> in internal.h (for abort etc).
  * Always #include <sys/types.h> before <sys/socket.h> (for FreeBSD 4.6).

  Cosmetic and documentation improvements:
  * Added wishlist entry re configurable port no.
  * Problem with SERVFAIL in TODO.
  * README.html: mentioned Jarle Aase's Windows port, and other fixes.
  * Some better source code formatting/wrapping.

 -- Ian Jackson <ian@davenant.greenend.org.uk>  Tue,  1 Jul 2003 22:55:29 +0100

adns (1.0); urgency=medium

  Bugfixes:
  * Treat 8-bit characters in email addrs as RFC822 `special' (=> quote).
  * Fix incorrect `compressed datagram contains loop' error.
  * Actually compile shared libraries by default !
  * Fix adnsresfilter usage message to include correct default timeout.

  General improvements:
  * adnshost, adnslogres, adnsresfilter have options for config override. 
  * adnsresfilter has --debug option.
  * Improvements to adnslogres (incl. new -c option) from Tony Finch.
  * adnslogres has --help option, all utilities support --version.
  * Documentation improved somewhat, including new GPL-vs-LGPL file.

  Changes for non-BETA release:
  * Change shared library soname to 1.0.
  * Do not install adnstest test utility.

  Regression test improvements:
  * Tests now include adnshost, adnslogres and adnsresfilter.
  * Test cancellation both before and after query completion.

  Portability fixes and cleanups:
  * adnstest: setvbuf(stdout,...) before we do first output.
  * Cope with compilers that don't do `inline'.
  * Add and fix various missing system #includes.
  * Find install-sh properly when we need to use it, and chmod it +x.
  * Do not use variadic macro, use stdarg instead (adnslogres.c).
  * Regression tests work even if some syscalls are already macros.
  * #include "config.h" before "adns.h".
  * Cast a sizeof(...) in src/event.c to unsigned long before printing.
  * Add pre-generated versions of m4-generated files in regress/.
  * Kill bogus warning, adh-main.c: `arg2' might be used uninitialized ...
  * Add extra {...} near adnslogres.c:167 to kill spurious warning.
  * Use `printf' instead of `echo -n'.
  * Add list of tested platforms in INSTALL file.

 -- Ian Jackson <ian@davenant.greenend.org.uk>  Sun, 17 Sep 2000 15:15:58 +0100

adns (0.9) BETA; urgency=high

  Bug fixes:
  * Don't make _processany always kill the TCP connection with the message
    `TCP connection failed: poll/select: exceptional condition detected'.
  * Call MEM_ROUND in __transfer_interim (avoids assert fail
    `qu->interim_allocd>=0' on some platforms eg 64 bit).
  * adnsresfilter doesn't resolve textual prefixes of addresses (eg,
    10.0.0.1 out of 10.0.0.123) if input happens to block at that point.
  * Do not spin if TCP connection blocks for writing (and add test case).
  * Fail queries if TCP dies repeatedly, rather than retrying many times.
  * Do not abort in a couple of places if TCP unexpectedly broken.
  * Do not free something twice if query fails and is then cancelled.

  Portability/compilation fixes:
  * Move `extern "C" {' to after #include <...>'s.
  * Pass LDFLAGS from configure on to ld via settings.make.in.
  * make clean deletes *.so and *.so.* files.
  * New --disable-dynamic configure option for non-ELF systems.
  * Use AC_PROG_INSTALL (=> perhaps install-sh), to avoid bad `install'.

  Minor improvements:
  * Do not print warning if sendto() gives EAGAIN.
  * adnsresfilter default timeout changed to 1000ms.
  * m1test script can invoke `hrecord' differently.
  * regress/output-<case>.report file contains more useful info.
  * TODO list and other docs updated slightly.
  * Referrals with RD+RA set, or RCODE=Refused, don't generate warnings,
    just debug messages.  BIND does this kind of thing all the time.

 -- Ian Jackson <ian@davenant.greenend.org.uk>  Wed,  9 Aug 2000 16:59:28 +0100

adns (0.8) BETA; urgency=medium

  Bugfixes:
  * Race near adns_beforeselect which could cause infinite timeout fixed
    (it's now less agressive, and will more often return a zero timeout.)
  * Fixed infrequent race causing assertion failure in adns__tcp_broken
    `ads->tcpstate == server_connecting || ads->tcpstate == server_ok'.
  * Spurious `server failure on unidentifiable query' warning suppressed.
  * If we get a referral, don't also always complain falsely about RD==0.
  * adnslogres: cast chars to unsigned char before using ctype.h macros.
  * In _beforeselect, global failure now means zero timeout, and in
    tcp_events, really never try to do anything with the TCP connection if
    act is zero.  This might possibly cause an infinite delay (ie, lockup)
    if things go badly wrong *and* a really unlikely race happens.
  * Test suite `lines of syscall left' value is correct; !0 is failure.

  Portability fixes:
  * install-sh (from autoconf 2.12 Debian r13) included.
  * adnslogres: do not call equivalent of printf("%.*s",0,(char*)0).

  Documentation improvements:
  * Security/performance note added, about local nameservers and DNSSEC.
  * Documented that adns_rr_info _rr_hostaddr ( ) for address list
    means permanent failure, and ? means temporary failure.
  * Typo (*now for now in _beforeselect description) in adns.h fixed.
  * Copyright notices updated.
  
  Changes to produce more defensive code:
  * In adns_wait, assert that the timeout is not infinite.
  * Make qu->id start out as -2 when initially allocated.

 -- Ian Jackson <ian@davenant.greenend.org.uk>  Sun,  7 May 2000 23:37:13 +0100

adns (0.7) BETA; urgency=medium

  * New adns_submit_reverse_any for eg RBL lookups, and corresponding
    option to adnshost.
  * README updated (from www home page).

  * In answers, quote all except alphanums and - _ / + (and document).
  * Don't reject specials in cnames even without adns_qf_quotefail_cname.
  * Better checking of long domain names and labels in queries.
  * answer->owner may be null on error.  Documented, and adnshost copes.
  * Better reporting of unexpected or weird replies from nameserver.
  * Add test case for recursion (infinite loop) domain compression.

 -- Ian Jackson <ian@davenant.greenend.org.uk>  Thu,  2 Mar 2000 01:55:53 +0000

adns (0.6) BETA; urgency=high

  Core library bugfixes:
  * Avoid infinite timeouts, causing lockup, when they should be zero !
  * TCP handling revamped (avoids undefined behaviour due to reentrancy).
  * Do not fail assertion if _qf_owner, _qf_search, domain ends in `.'.
  * Many memory leaks fixed.

  Cool new utility:
  * adnsresfilter is like `cat' but converts addresses to names without
    delaying the output.  Pipe `netstat -n', `tcpdump -ln', etc. into it.

  Test and client program bug and portability fixes:
  * Dynamic library building works properly.
  * adnshost prints somewhat better messages about some wrong usages.
  * Include <stdlib.h> and <sys/types.h> in adnshost.h.
  * adnslogres: parsing and error checking improved (Tony Finch).
  * Regression tests can cope with zero-length reads.
  * Regression tests check for memory leaks.
  * adnstest copes with empty query type list.
  * adnstest uninitialised memory bug fixed.

  General improvements
  * Better control of adnshost output and error messages (new -F options).
  * New adns_if_logpid option (functionality suggested by Tony Finch).
  * New fanftest test program from Tony Finch (ignored by `make install').
  * Reads /etc/resolv-adns.conf if it exists.
  * Declare flags parameters as enums again, not ints.

 -- Ian Jackson <ian@davenant.greenend.org.uk>  Wed, 24 Nov 1999 17:13:03 +0000

adns (0.5) unstable; urgency=high

  New features:
  * adnslogres, ~100x faster replacement for Apache logresolve;
    Thanks to Tony Finch for the program and the performance figure.
  * Internal consistency checking with assert if right options set.
  * adns_wait_poll function like adns_wait but uses poll, not select.
  * adns_reverse_submit function for easy in-addr queries.
  * adns_errtypeabbrev funcion for getting eg "permfail" from _s_nodata.
  * adnshost utility for scripts and the like (rather alpha).

  Incompatible changes:
  * RRs with mailboxes never rejected due to strange chars if _raw.
  * Lack of a mailbox produces `.' not `<>'.
  * Better usage messages (and no default query domain) for adnstest.
  * Return EAGAIN from _check instead of EWOULDBLOCK.
  * adns_rr_info on _r_mx etc. shows status type abbrev and status number.
  
  Bugfixes:
  * Do not invoke __autosys indirectly from __procdgram (result: coredump
    usually in memmove, unless adns_if_noautosys was used).
  * Do not scramble innards when a query on the output queue is cancelled.
  * Do not close tcp socket twice.
  * Mailboxes containing spaces in their names are quoted.
  * Give ESRCH, not EAGAIN, if _check called with no queries outstanding.
  * adns_rr_hostaddr naddrs is -1 on temporary failure (as documented).
  * Reject TXT RRs with no strings.
  * Correct error messages for qname CNAME foo, foo CNAME bar.
  * adns_processany actually does something.
  * Fixed typos in adns.h.

  General improvements:
  * Promise not to change fds in adns_beforepoll (if now is specified).
  * Improved textual error string for _s_prohibitedcname.
  * New comment in adns_processany and return 0 (not r which is 0).
  * Documentation of resolv.conf directives and options, and of environment
    variables understood, in adns.h
  * Regression test scripts set EF_DISABLE_BANNER (for Electric Fence).

  Portability and build improvements:
  * Give install the '-c' flag (otherwise some delete the original !).
  * Do not remove top-level Makefile on `make clean'.
  * Don't complain so much about poll(2) tests if not available.
  * Do not give -u 0 -g 0 options to install.
  * Remove trailing , from some enums in adns.h.
  * Dynamically linked clients now made with -l, so as to avoid rpath.
  * Do not use $^ in make rules (should help with non-GNU make).
  * Declare flags parameters as ints not enums because C++ is crap.

 -- Ian Jackson <ian@davenant.greenend.org.uk>  Wed, 13 Oct 1999 02:24:35 +0100

adns (0.4) unstable; urgency=high

  General important bugfixes:
  * make _qf_owner work if _qf_search not specified, and test it (oops!)
  * ads->configerrno now initialised (in setup.c).
  * timercmp(,,<=) doesn't work - use !timercmp(,,>).
  * Changed memory semantics of internal queries to fix bugs.
  * Restarting a TCP-using query (eg due to CNAME) doesn't abort.
  
  Fixes for handling of broken kinds of reply:
  * Only accept a reply from the subset of servers we sent the query.
  * Ignore CNAME(s) in answer after RR(s) (and test).

  Other bugfixes and improvements:
  * adns_s_systemfail is in table of errors (for eg adns_strerror).
  * Do not ship config.cache, Makefile, etc.
  * Improvements to install instructions, TODO, etc.
  * Regression tests compile on systems without poll(2).
  * Do not install adnstest_s.
  * _submit returns ENOSYS, not adns_s_unknownquery; documented, tested.
  * <adns.h> includes <sys/types.h>, <sys/time.h>, <unistd.h>.

 -- Ian Jackson <ian@davenant.greenend.org.uk>  Thu, 5 Aug 1999 01:17:38 +0100

adns (0.3) unstable; urgency=low

  Incompatible changes:
  * Low adns_status values (below adns_s_max_tempfail) renumbered to make
    room for future locally-induced and locally-detected errors.
  * Event loop functions for use by select(2) renamed and tidied up.
  
  Features / improvements:
  * New adns_errabbrev() for getting status abbreviation strings.
  * regress/checkall prints summary list of failed tests, if any.
  * Event loop functions for poll(2), and some raw variants.
  * adnstest has ability to use poll(2), and user can set initflags.
  * checkall prints passed list as well as failed list, if any failed.
  * You can iterate over outstanding queries (but only once at a time).
  
  Bugfixes:
  * Non-RFC822 mailbox `domain' formatting now works, and clarified.
  * Rejection of bad characters in domains (without quoteok) works.
  * Clean up parents from adns->childw (otherwise would abort/segfault).
  * In adnstest, allocate enough space for, and terminate, query types.
  * In adnstest, don't print errno values as adns_status values.
 
  * Added TODO file.
  * Made adnstest.c test context pointers.

 -- Ian Jackson <ian@davenant.greenend.org.uk>  Thu, 15 Jul 1999 00:23:12 +0100

adns (0.2) experimental; urgency=low

  Portability fixes for compilation on various platforms:
  * Include <sys/socket.h> and <netinet/in.h> in files with <arpa/inet.h>.
  * Don't use GCC union assignment feature (.rrs=0 => .rrs.untyped=0).
  * Explictly cast things to [const] struct sockaddr* in syscall args.
  * Check whether we need -lsocket.
  * Include <sys/times.h> in a few more files.
  * Include <unistd.h> and <sys/time.h> for select.
  * Look for inet_aton and inet_ntoa (in -lnsl and -lsocket).
  * LDLIBS removed from dependency lists (some makes don't support this).
  * An `ambiguous else' warning from some compilers in types.c is removed.

  Other changes:
  * Added COPYING (copy of the GPL).
  * Regression test failure output improved.
  * Missing targets in regress/Makefile.in added.
  * Regression test doesn't rely on value of fcntl flags eg O_NONBLOCK.

 -- Ian Jackson <ian@davenant.greenend.org.uk>  Thu, 20 May 1999 00:27:32 +0100

adns (0.1) experimental; urgency=low

  * Initial public alpha release.

 -- Ian Jackson <ian@davenant.greenend.org.uk>  Sat, 17 April 1999 17:42:19

Local variables:
mode: debian-changelog
fill-column: 75
End: