1$Id: Changes 710 2008-02-08 15:22:21Z olaf $ -*-text-*- 2 3 4Revision history for Net::DNS 5============================= 6 7*** 0.63, 8 Feb 2008 8 9This version contains a Security Fix. 10 11Feature NotifyHandler in Nameserver 12 13 The NotifyHandler is a new attribute to the nameserver used in the 14 same way as the ReplyHandler except that it is executed when the 15 opcode is NS_NOTIFY (RFC1996). It takes the same arguments as the 16 reply handler (i.e. $qname, $qclass, $qtype, $peerhost, and $query). 17 Corrections made in the documentation. 18 19Fix rt.cpan.org #32937: 5.11 introduces new warning on uc(undef) 20 21 The patch supplied fixes for methods where undefined arguments were 22 likely. For methods where undefined arguments don't make the warning 23 will be printed. 24 25 26Fix rt.cpan.org #32147: Default LocalAddr broken in Net::DNS::Nameserver 0.62 27 28 Listen on the default address if LocalAddr not defined. 29 30 31Fix rt.cpan.org #30316 Security issue with Net::DNS Resolver. 32 33 Net/DNS/RR/A.pm in Net::DNS 0.60 build 654 allows remote attackers 34 to cause a denial of service (program "croak") via a crafted DNS 35 response (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6341). Packet 36 parsing routines are now enclosed in eval blocks to trap exception 37 and avoid premature termination of user program. 38 39Bug: mbox-dname and txt-dname were not allowed to be empty in the RP RR. 40 Fix by Peter Koch 41 42 43*** 0.62, 28 December 2007 44 45Features: Move of some functionality out of the Packet to the Question 46 and RR classes; parsing of elements in the packet is now performed 47 by calling the appropriate subclasses. 48 49 New methods were introduced: 50 * Net::DNS::Packet->parse() 51 * Net::DNS::RR->parse() 52 * Net::DNS::Question->parse() 53 54 The Packet class now defers parsing of authority/additional until 55 their content is really needed. This should cause a bit of 56 performance improvement. 57 58 Dick Franks is acknowledged for this Good Work (TM). 59 60Feature: the Net::DNS::Packet's answersize() method will from now on 61 ignore its arguments and just return the size of the packet. 62 63Feature: The Net::DNS::RR->new() method used to call 64 Net::DNS::RR->new_from_data() whenever called with the appropriate 65 combination of arguments. That (undocumented) behavior has been deprecated. 66 Use Net::DNS::RR->new_from_data() directly if you depended on that. 67 68Feature: Net::DNS::Packets unique_push now ignores the TTL in 69 comparison of uniqueness, this is closer to the intend of 70 RFC2181, but not yet fully compliant. 71 72Fix rt.cpan.org #29816 73 Acquiring the IP address for the Resolver under Cygwin is made 74 more resilient. 75 76Fix rt.cpan.org #31425 77 Empty question section in Base.pm search method detected 78 79Fix rt.cpan.org #31042 80 Makefile corrected to add a library target. 81 82Fix rt.cpan.org #29818 83 10-recurse.t used to fail in very specific environment (where a query for 84 qname="." and qtype="NS" would return with an empty additional section). 85 Fixed by adding the hints explicitly; this also forces the tests to take 86 place under the root served by a-m.root-servers.net 87 88 89Fix rt.cpan.org #29877 90 Made 00-version.t recognize a "GIT" environment. 91 92 93 94 95Fix rt.cpan.org #29878 96 97 SPF.pm did not evaluate as true. Thanks Bjorn Hansen. 98 99 100Fix rt.cpan.org #21398 101 answersize() and answerfrom() set for persistent sockets 102 103Fix rt.cpan.org #29883 104 Fix various tests only available through SVN, so they are 105 more robust (Acknowledgements Bjoern Hansen) 106 107 108Fix rt.cpan.org #24343 109 Resolver's nameserver() method would do silly things with undefined 110 arguments. 111 112Fix rt.cpan.org #29531 113 Nameserver.pm, Packet.pm and Question.pm modified to avoid erroneous PTR 114 lookup in response to mischievous query packet containing an IP address. 115 116 117Fix rt.cpan.org #27970 better netdns.o 118 119 Marek Rouchal provided two minor improvements for linking the C 120 code sniplets 121 122 123Fix rt.cpan 28345 124 125 A fix in Test::Simple revealed an off by 1 error in the testplan 126 for 05-rr-rrsort.t. The fix is to remove a test, creating a dependency 127 on Test::Simple 0.71 seemed overkill. 128 129 130 131*** 0.61, 1 August 2007 132 133Fix rt.cpan.org #28106, 28198, and 28590 134 Modification of $_ in various places. 135 136Fix 137 t/11-inet6 assumed lowercase domain names. 138 139*** 0.60 20 June 2007 140 141Fix spelling mistakes in change log using interactive spell checker (aspell). 142 143Fix 144 Two redundant calls of $self->rdatastr() in Net::DNS::RR::string(). 145 146Fix rt.cpan.org #27285 bis 147 Unreleased 0.59_1 dn_expand_PP() has security flaw allowing access to 148 arbitrary data using crafted packet with out of range compression pointer. 149 Patch by Dick Franks based on 0.59 code. 150 151Fix rt.cpan.org #27391 152 dn_compress() produces corrupt packet for name containing empty label. 153 154Fix rt.cpan.org #26957 155 dn_compress() croaks for name having label which exceeds 63 characters. 156 Patch by Dick Franks truncates offending label. 157 158Feature check_soa test of NCACHE TTL 159 Dick Franks supplied an improved version of check_soa script which 160 performs a direct test of NCACHE TTL by looking up non-existent name and 161 reporting value if it exceeds 86400. Test is skipped unless minimumTTL is 162 above same threshold. Recent BIND implementations impose a ceiling on 163 NCACHE TTLs internally, so a large minimumTTL value is unlikely to have 164 damaging consequences at many sites. 165 166Fix rt.cpan.org #27285 167 Break out of malformed packets with compression loops. 168 Steffen Ullrich is acknowledged for patch and test code. 169 170Feature check_zone "alternate domain" and "exception file" flags 171 Paul Archer supplied a patch for check_zone adding two new features. 172 173Feature Support for IPSECKEY RR 174 Rudimentary IPSECKEY RR support added. 175 176Fix rt.cpan.org #25342 177 HINFO would only accept its data fields within quotes. That has now 178 been fixed to adhere to <character-string> by inheriting parsing functions 179 from TXT. 180 181Fix rt.cpan.org #24631 / Feature IP address prefix notation 182 Dick Franks supplied a cleaned up version of Question.pm. 183 184 Revised code deals with incomplete IPv6 address bug and accepts RFC4291 185 address prefix notation. IPv4/prefix also supported for completeness. 186 187 This involved a minor change to the API for reverse IP lookup. Changing 188 qtype to PTR is now performed for A and AAAA only. This allows queries 189 for NS and SOA records at interior nodes to be specified using the address 190 prefix. Type ANY queries now also produce the expected result. 191 192 Cleaned up TYPE/CLASS reversal code, exploiting fact that the intersection 193 of the sets of class and type names contains only one member (ANY). 194 195 Minor cleanup of remaining code. 196 197 198Fix rt.cpan.org #22019 199 200 Expunge trailing dots from RR->new_from_hash() FQDN arguments. 201 Patch by Dick Franks. 202 203Fix Recursion and EDNS OPT record 204 205 The Recursive resolver process would add an OPT-RR with each recursion 206 which causes FORMERRs with a number of authoritative servers. 207 208Feature SSHFP warn instead of die 209 210 We do not die if a not implemented fingerprint type value is read 211 from the wire, instead we 'warn' and return undef. 212 213Feature NSEC3PARAM hook 214 215 A hook to load NSEC3PARAM when available has been added. 216 WARNING: Both NSEC3 and NSEC3PARAM are configured with their 217 experimental type codes. 218 219Feature rt r24525 220 221 Net::DNS::Resolver depended on Net::IP (2268 Kb) which depends on 222 heavy module Math::BigInt (1780 Kb). Valery Studennikov suggested to 223 ship Net::DNS::Resolver::Base with its own copies of ip_is_ipv[4|6] and 224 supplied a patch with those functions stripped from Net::IP. 225 226 Note that the package still depends on Net::IP because 227 Net::DNS::Nameserver and a few tests depend on it. 228 229Fix rt 22334 230 Fixed "perl Makefile.PL --xs" behavior, patch by Tamas Palfalvi 231 232Fix rt 21752 and 24042 233 Applied the patch supplied by Alexandr Ciornii to be able 234 to compile on ActiveState perl . 235 Slight modifications based on comments by nimnul 236 237 238Fix rt 23961 239 Randomized the ID on the queries. Thanks to "hjp" for reporting and 240 suggesting a fix. 241 242 The randomization of the src port is supposed to be handled by the 243 setting the source port to "0" (default). Overriding the default 244 or using persistent sockets may be problematic. 245 246 Also see: 247 http://www.potaroo.net/ietf/idref/draft-hubert-dns-anti-spoofing/ 248 249Fix 250 Minor compile time warnings for netdns.c on Fedora Core. 251 252 253 254 255*** 0.59 September 18, 2006 256 257 258 259Fix rt.cpan.org 20836, 20857, 20994, and 21402 260 261 These tickets all revolved around proper reverse mapping of IPv6 262 addresses. 263 264 Acknowledgments to Dick Franks who has provided elegant solutions and 265 cleaned a bit of code. 266 267 Note that directly calling Question->new() without arguments will 268 cause the qclass,qtype to be IN, A instead of ANY, ANY. 269 270 Net::DNS::Resolver's search() method would always gracefully 271 interpret a qname in the form of an IPv4 address. It would go out 272 and do a PTR query in the reverse address tree. This behavior has 273 also been applied to IPv6 addresses in their many shapes and 274 forms. 275 276 This change did two things, 1) root zone not implicitly added to 277 search list when looking up short name, 2) default domain appended 278 to short name if DEFNAMES and not DNSRCH. 279 280 281Fix rt.cpan.org 18113 282 283 Minor error due to unapplied part of patch fixed. 284 285Feature: Experimental NSEC3 hooks. 286 287 Added hook for future support of (experimental) NSEC3 support 288 (NSEC3 having an experimental type code). 289 290 291 292 293*** 0.58 July 4, 2006 294 295Feature: hooks for DLV support in Net::DNS::SEC 296 297 added hooks for DLV support which is/will be available in 298 Net::DNS::SEC as of subversion version 592 (Tests are done against 299 the subversion number, not against the perl release version) 300 Net::DNS::SEC version 0.15 will have DLV support. 301 302Partly Fixed rt.cpan.org 18940 303 304 djhale noticed a number of error conditions under which the 305 udp_connection in Nameserver dies. We now print a warning instead 306 of dying. 307 308 309Fix rt.cpan.org 18958 310 311 Fixed typebyname croak for SIGZERO. Acknowledgments to djhale. 312 313 314Optimize rt.cpan.org 11931 315 316 Hanno Stock optimized the method to get the list of available 317 interfaces in Win32. I have only done very rudimentary tests on 318 my Windows XP system. 319 320Fix dependency on "CC" rt.cpan.org 19352 321 322 The Makefile.PL depended on availability of "cc" and would bail 323 out on systems where gcc is exclusively available. Thanks to Rob 324 Windsor for noticing and patching. 325 326Fix compressed dnames in NAPTR/SRV 327 328 Clayton O'Neill noted that the the domain names in in the NAPTR 329 and SRV RRs rdata were subject to name compression which is not 330 conform the specs. Also see RFC 2782 and 2915. 331 332 333Fix rt.cpan.org 18897 334 335 Zero-length rdata in TXT fixed (Acknowledgments to Roy Arends) 336 337Fix rt.cpan.org 18785 338 339 SPF would not work unless the TXT RR was not loaded first. No 340 wonder, SPF fully inherits TXT and loading of TXT.pm is therefore a 341 prerequisite. 342 343 344Fix rt.cpan.org 18713 345 346 Net::DNS::Resolver now deals gracefully with persistent sockets 347 that got disconnected. It will first try to connect again to the 348 socket and if that fails it will try to connect to the next 349 available nameserver. tcp_timeout() is the parameter that 350 determines how long to wait during a reconnect. 351 352Fix rt.cpan.org 18268 353 354 Added reference to RFC in croak message for label length > 63 in 355 dn_comp(). 356 357Fix rt.cpan.org 18113 358 359 The inet6 tests contained another bug when online-tests were disabled. 360 Klaus Heinz discovered and provided a patch. 361 362*** 0.57 February 24, 2006 363 364Fix rt.cpan.org 17783 365 366 The inet6 tests do not skip enough tests when ipv6 is not available. 367 I did not catch this in my setup since IPv6 is available on all my 368 machines. 369 370 Since this breaks automatic CPAN installs a new release is 371 reasonable. 372 373 374*** 0.56 February 20, 2006 375 376Fix rt.cpan.org 17694 377 378 Net::DNS::typesbyval() now confesses on undefined 379 args. Acknowledgments to Dean Serenevy. 380 381Feature Implemented SPF (typecode 99). 382 383 The class completely inherits from Net::DNS::RR::TXT (the easiest 384 RR to implement ever). 385 386Feature added rrsort() function. 387 Feature was requested by Eric Hall in rt.cpan.org 13392 388 389 This was a little tricky as I think that the sort functions are in 390 fact RR specific class attributes that should be accessed through 391 class methods. This is difficult to implement. I do think I found a 392 fairly clean manner. It does require a global variable in Net::DNS 393 to store the functions and some trickery when the sorting functions 394 are defined. 395 396 See Net::DNS and Net::DNS::RR documentation for details. 397 398 Defaults sorting functions are currently implemented in 399 SRV: default sort: low priority to high priority and for 400 same preference highest weight first. 401 weight: sort all RRs based on weight, highest first 402 priority: see default sort 403 404 MX: default sort: lowest preference first. 405 preference: see default sort 406 407 NAPTR: default sort: lowest to highest order, for same order lowest 408 preference first 409 order: see default sort 410 preference: order on preference, lowest first 411 412 PX: See MX 413 RT: See MX 414 415 416Fix rt.cpan.org 14653 and 14049 417 TCP fallback after V6 socket failure 418 419 Reworked Net::DNS::Base::Nameserver::send_tcp() to fallback to IPv4 when 420 possible. (change applied to SVN Revision 538). 421 422 423Feature Cleanup duplicated code 424 425 axfr_send() and send_tcp() contained some duplicated code. I merged 426 this in one "helper" method _create_tcp_socket() 427 428 429 430Fix AXFR persistent sockets colliding with query sockets. 431 432 I think that using the same persistent sockets for AXFR and 433 'ordinary' queries could lead to race conditions. Better safe than 434 sorry. For axfrs we create a different set of persistent sockets. 435 436 Note that this prevents performing a SOA query first and then using 437 the same socket for the zone transfer itself(in Net::DNS these are 438 different code paths). This behavior of SOA and transfer on the 439 same socket-- seems to be suggested by 1035 section 4.2.2: 440 441 "In particular, the server should allow the SOA and AXFR request 442 sequence (which begins a refresh operation) to be made on a 443 single connection." 444 445 Obviously, on the client side this behavior is not mandatory. 446 447 448Fix rt.cpan.org 17596 449 450 The fixes and features above also fixed the timeout problem reported by 451 Paul Hofman 452 453 454 Profiling 455 456 It turned out that each time we were calling 457 Net::DNS::Resolver::Base::nameserver(); We were creating a 458 resolver object. Now a resolver object is only called when a 459 domain name is given as argument. 460 461 462**** 0.55 December 14, 2005 463 464Fix Inconsistency in test 465 466 There was an inconsistency in the t/05-rr.t that got triggered by 467 the release of Net::DNS::SEC version 0.13 (when installed). That 468 has been fixed. 469 470Feature Net::DNS::Nameserver loop_once() 471 472 Uncommented the documentation of the loop_once() function and introduced 473 get_open_tcp() that reports if there are any open TCP sockets (useful 474 when using loop_once(). 475 476 loop_once() itself was introduced in version 0.53_02 477 478 479Fix rt.cpan.org 16392 480 481 TCP Sockets stayed open even if not requested. This may cause the kernel 482 to run out of TCP slots. 483 484 This bug is the reason for releasing version 0.55 shortly after 0.54. 485 486 Spotted and patched by Robert Felber. 487 488 489*** 0.54 December 7, 2005 490 491 492Fix rt.cpan.org 15947 493 494 Failure to bind a nameserver when specifying an IPv6 address. 495 496Fix rt.cpan.org 11931 497 498 Using Net-DNS 0.53 on Win XP, it is unable to retrieve the 499 nameservers when the IP address of the interface is assigned by 500 DHCP. This is due to the DHCP assigned IP address being stored in 501 DhcpIPAddress rather than IPAddress (which is then 0.0.0.0). Adding 502 a check of DhcpIPAddress existence and not being 0.0.0.0 fixes the 503 problem. Applied the patch submitted by "orjan". 504 505Fix rt.cpan.org 15119 506 507 main_loop() consumed 100% of CPU, because of a bug that 508 caused loop_once() to loop ad infinitum. 509 510Fix rt.cpan.org 15299 511 512 Defining multiple constants with 'use constant { BLA => 1, FOO =>2 }; 513 is a backwards incompatible feature. Thanks to Ian White for spotting and 514 fixing this. 515 516*** 0.53_02 Oct 18, 2005 517 518 519 520Fix rt.cpan.org 14046 521 522 RRSIGs verify and create failed for a number of RR types. The 523 error message showed something like: 524 Can't call method "dn_comp" on an undefined value 525 This was caused by an omission in the _canonicalRdata() method 526 in Net::DNS::RR that was inherited by all failing RR types. 527 528 Code was added to t/05-rr.t that will test signature creation 529 if Net::DNS::SEC is available and can be loaded. 530 531 532Feature async nameserver behaviour. 533 534 In rt.cpan.org 14622 Robert Stone suggested: 535 536 The fact that it needs to take over the main running thread 537 limits its audience. Since many daemon programs are already 538 driven by a top level select loop, it seems useful to provide an 539 API for the user to integrate Net::DNS::Nameserver processing to 540 their own select loop. 541 542 He also supplied example code for which he is hereby acknowledged. 543 The patch was not used because simultaneously Robert Martin-Leg�ne 544 supplied a patch to Nameservers.pm that allowed the same async 545 functionality through the use of loop_once method. Robert M-L's 546 code also carefully manages the TCP sockets, so that they can 547 deal with AXFRs. 548 549 Robert S. has been so kind to review Robert M-L's code and is hereby 550 kindly acknowledged. 551 552 NB. Since the code may be subject to change the documentation of the 553 loop_once method has been commented out. 554 555 556Fix bgsend srcaddr for IPv6 Achim Adam previously noticed that the 557 source address wildard "::" works provides better portability than 558 "0". We forgot to fix the bgsend() part earlier. 559 560 561 562Fix rt.cpan.org 14624 563 564 Fixed documentation of Nameserver.pm Replyhandler and fixed a bug 565 that prevented the peerhost to be set. 566 567Fix rt.cpan.org 14700 568 569 mistyped _name2wire helper function name. Noticed and patched by Simon 570 Josefsson. 571 572Fix rt.cpan.org 13944 573 574 Terminating dot not printed when printing SRV record. The SRV dname should 575 be printed as FQDN, that is, including the dot at the end. 576 Acknowledgments Jakob Schlyter. 577 578 While adding the "dot" I noticed that in the fileformat parsing code 579 there might be theoretical corner cases where rdata elements are not 580 properly read. The code needs an audit for this. 581 582Fix srcport for socket creation in bgsend method 583 584 Lionel Cons noted and patched a small bug in bgsocket creation code for 585 lib/Net/DNS/Resolver/Base.pm 586 587 588*** 0.53_01 July 31, 2005 589 590Fix rt.cpan.org 13809 591 592 "Phar" noted that the peerhost is never passed to the make_reply function 593 in nameserver.pm and provided the trivial patch. 594 595Fix rt.cpan.org 13922 596 597 Fixed a problem with persistent TCP sockets which was introduced 598 because of using the address family as an index to the array of 599 persistent sockets. 600 601 Used AF_UNSPEC for the array index for the TCP socket; just to choose 602 a number. The key to the persistent sockets is the remote nameserver:port 603 combination. 604 605 Acknowledgments to Mike Mitchell for reporting the bug and testing 606 the solution. 607 608Feat t/01-resolve will not try to do tests from private IP space; hopefully 609 that cuts down on the number of false positives. 610 611 612*** 0.53 July 22, 2005 613 614Fix rt.cpan.org 13669 615 616 Danny Thomas provided a somewhat more elegant line of code for the 617 typesbyval regexp. 618 619Fix rt.cpan.org 13534 620 621 Net::DNS::Resolver::Recurse would bail out when it happened to run 622 into lame servers. 623 624Doc rt.cpan.org 13387 625 626 Documented the BUG caught by Robert Martin-Leg�ne 627 Net::DNS::Nameserver running with multiple IP interfaces might 628 violate section 4 of RFC2181. 629 630 631Fix IPv6 on AIX 632 633 Binding to the local interface did not work when local address was 634 specified as "0" instead of "::". The problem was identified, 635 reported and fixed by Achim Adam. 636 637 638 639Fix rt.cpan.org 13232 640 One uncaught AF_INET6. 641 642*** 0.52 July 1, 2005 643 644Feature 645 Net::DNS::RR::OPT 646 647 added the the size(), do(),set_do() and clear_do() methods. 648 649 650 651*** 0.51_02 June 22, 2005 652 653 654Fix rt.cpan.org 13297 655 656 Persistent_udp option broken starting in version 0.50. 657 This was fixed, based on a patch by Sidney Markowitz. 658 Guido van Rooij independently submitted a similar patch. 659 660Fix rt.cpan.org 13289 661 662 Was caused by a typo. 663 664Fix rt.cpan.org 13243 and 13191 665 666 The escaped characters test failed on some system because the 667 the systems dn_expand instead of the supplied dn_expand 668 was used after the makemaker magic linked DNS.xs. 669 670 This was fixed by renaming the dn_expand that comes with the 671 library to netdns_dn_expand. 672 673 674Fix rt.cpan.org 13239: 675 676 When queries are refused the resolver would not take the next 677 nameserver on the nameserver list for its next try but skip one. 678 679 I was also made aware that the "use byte" pragma is incompatible 680 with pre 5.06 perl. 681 682 BEGIN { 683 eval { require bytes; } 684 } 685 686 687 It should be noted that for perl versions < 5.006 I had to disable 688 the escaped character test. Don't expect domain names with labels 689 that contain anything else than host names to work for versions 690 earlier than perl 5.6.0. 691 692 Thanks to Vladimir Kotal for the assistance in testing the code on 693 his system and the members of the NL-PM list for suggestions and 694 education. 695 696 697*** 0.51_01 June 14, 2005 698 699Fix rt.cpan.org 13232: 700 701 Replaced IF_INET6 by IF_INET6() so that use strict subs does not 702 complain in the absence of a definition of IF_INET6 in earlier 703 versions perl that did not have IF_INET6 defined in Socket.pm 704 The problem is similar to the problem described in: 705 http://lists.ee.ethz.ch/mrtg-developers/msg00198.html 706 707 708 709*** 0.51 June 10, 2005 710 711Fix rt.cpan.org 13184: 712 713 Removed a 'stale' debug line (oops). A "stale" debug line may 714 cause clutter in log files which may cause false positives on log 715 analysis tools. Harmful enough to warrant a quick patch. 716 717 718*** 0.50 June 8, 2005 719 720No changes with respect to 0.49_03. 721 722 723*** 0.49_03 June 1, 2005 (Version 0.50 release candidate 3) 724 725Fix: 726 Concatenation of scalars caused modification of data because of 727 Perl's habit to treat scalars as utf characters instead of bytes. 728 Inserted use bytes pragma throughout the code base. DNS is done 729 in octets. 730 731Feature: 732 Added "ignqrid" as an attribute to the Resolver. 733 734 use as: 735 ok (my $res=Net::DNS::Resolver->new(nameservers => ['127.0.0.1'], 736 port => 5354, 737 recurse => 0, 738 igntc => 1, 739 ignqrid => 1, 740 ), 741 742 When the attribute is set to a non-zero value replies with the 743 qr bit clear and replies with non-matching query ids are 744 happily accepted. This opens the possibility to accept spoofed 745 answers. YOU CAN BURN YOURSELF WITH THIS FEATURE. 746 747 It is set to 0 per default and remains, except for this changes file 748 an undocumented feature. 749 750 751*** 0.49_02 May 28, 2005 (Version 0.50 release candidate 2) 752 753Fix: Smoking Gun tests for non-cygwin Win32. 754 Makefile.PL failed to produce a proper Makefile under win32. 755 (e.g. www,nntp.perl.org/group/perl.cpan.testers/210570) 756 I worked around that by moving the library into the base 757 directory of the distribution as the "subdir" section 758 seemed to be all funny. 759 760Fix: rt.cpan.org#11931 (the off-topic part) 761 762 Sidney Markowitz spotted an awkward condition that rarely happens but is 763 significant enough to be dealt with. 764 765 In the send_udp method there are two loops: one over the nameservers 766 and one that waits for the sockets to come forward with data. 767 768 That second loop will sometimes timeout and then be entered with a 769 repeated query to the same nameserver. It occasionally happens that the 770 old packet arrives on the socket. That packet is discarded but the 771 loop does not return to the loop to wait for the remainder of the 772 timeout period for an answer on the second query, that may still arrive. 773 This has now been fixed. 774 775 Thanks to Sidney for the assessment of the problem and the fix. 776 777 778 779*** 0.49_01 (Version 0.50 release candidate 1) 780 781Fix: Makefile.PL: Minor tweak to recognize Mac OS X 10.4 not so relevant 782 since netdnslib is distributed with the code. 783 784Feature: Calling the Net::DNS::Resolver::dnssec method with a non-zero 785 argument will set the udppacketsize to 2048. The method will 786 also carp a warning if you pass a non-zero argument when 787 Net::DNS::SEC is not installed. 788 789 790Feature: IPv6 transport support 791 792 IPv6 transport has been added to the resolver and to the 793 nameserver code. 794 795 To use IPv6 please make sure that you have IO::Socket::INET6 version 796 2.01 or later installed. 797 798 If IPv6 transport is available Net::DNS::Resolver::Recurse will make 799 use of it (picking randomly between IPv4 and IPv6 transport) use 800 the force_v4() method to only force IPv4. 801 802 803 804Feature: Binary characters in labels 805 806 RFC 1035 3.1: 807 808 Domain names in messages are expressed in terms of a sequence of 809 labels. Each label is represented as a one octet length field 810 followed by that number of octets. Since every domain name ends 811 with the null label of the root, a domain name is terminated by a 812 length byte of zero. The high order two bits of every length octet 813 must be zero, and the remaining six bits of the length field limit 814 the label to 63 octets or less. 815 816 Unfortunately dname attributes are stored strings throughout 817 Net::DNS. (With hindsight dnames should have had their own class 818 in which one could have preserved the wire format.). 819 820 To be able to represent all octets that are allowed in domain 821 names I took the approach to use the "presentation format" for 822 the attributes. This presentation format is defined in RFC 1035 823 5.1. 824 825 I added code to parse presentation format domain names that has 826 escaped data such as \ddd and \X (where X is not a number) to 827 wireformat and vice verse. In the conversion from wire format to 828 presentation format the characters that have special meaning in a 829 zone file are escaped (so that they can be cut-n-pasted without 830 pain). 831 832 These are " (0x22), $ (0x24), (0x28), ) (0x29), . (0x2e) , ; 833 (0x3b), @ (ox40) and \ (0x5c). The number between brackets 834 representing the ascii code in hex. 835 836 Note that wherever a name occurs as a string in Net::DNS it is 837 now in presentation format. 838 839 For those that dealt with 'hostnames' (subset of all possible 840 domain names) this will be a completely transparent change. 841 842 Details: 843 844 I added netdnslib which contains Net::DNS's own dn_expand. Its 845 implemented in C and the source is a hodgepodge of Berkeley based 846 code and snippets from ISC's bind9 distribution. The behavior, in 847 terms of which chars are escaped, is similar to bind9. 848 849 There are some functions added to DNS.pm that do conversion from 850 presentation and wire format and back. They should only be used 851 internally (although they live in EXPORT_OK.) 852 853 854 For esoteric test cases see t/11-escapedchars.t. 855 856Fix: rt.cpan.org #11931 857 Applied the patch suggested by "Sidney". It is a practical workaround 858 that may not be portable to all versions of the OS from Redmond. See 859 the ticket for details. 860 861 862 863*** 0.49 March 29, 2005 864 865 No changes wrt 0.48_03. 866 867 868*** 0.48_03 March 22, 2005 (Version 0.49 release candidate 3) 869 870Fix: Only remove leading zeros in the regular expressions for typesbyval 871 and classbyval methods. (patch by Ronald v.d. Pol) 872 873Fix: Properly return an empty array in the authority, additional and answer 874 methods (patch by Ronald v.d. Pol) 875 876 877Fix: rt.cpan.org #11930 878 Incorrect searchlist duplication removal in Net::DNS::Resolver::Win32 879 Patch courtesy Risto Kankkunen. 880 881Problem: rt.cpan.org #11931 882 883 Win32.pm used the DNSRegisteredAdapters registry key to determine which 884 local forwarders to send queries to. This is arguably the wrong key as it 885 is used to identify the server which to send dynamic updates to. 886 887 A real fix for determining the set of nameservers to query has not been 888 implemented. For details see 889 https://rt.cpan.org/Ticket/Display.html?id=11931 890 891 892*** 0.48_02 March 14, 2005 (Version 0.49 release candidate 2) 893 894Fix: Bug report by Bernhard Schmidt (concerning a bug on the IPv6 branch). 895 896 The bug caused dname compression to fail and to create 897 compression pointers causing loops. 898 899*** 0.48_01 March 7, 2005 (Version 0.49 release candidate 1) 900 901 902Fix: rt.cpan.org #8882 903 No redundant lookups on SERVFAIL response 904 and #6149 905 Does not search multiple DNS servers 906 907 Net::DNS::Resolver will now use the other nameservers in the 908 list if the RCODE of the answer is not NO ERROR (0) or NAME 909 ERROR (3). When send() exhausted the last nameserver from the it 910 will return the answer that was received from the last 911 nameserver that responded with an RCODE. 912 913 The error string will be set to "RCODE: <rcode from last packet>" 914 915 916Fix: rt.cpan.org #8803 917 918 TXT records don't work with semicolons 919 920 Since we are expecting presentation format at input a comment 921 will need to be escaped ( \; ). 922 923 It could be argued that this is a to strict interpretation of 924 1035 section 5.1. 925 926 While working on this I discovered there are more problems with 927 TXT RRs. e.g.; '0100' (a character string content represented in 928 hex) is a perfectly legal and should be represented as "\000" in 929 presentation format. Net::DNS does pass character strings with 930 "non-ASCII" chars from the wire to the char_str_lst array but 931 the print functions do not properly escape them when printing. 932 933 Some tests with TXT RRs added to 07-misc.t 934 935 Properly dealing with zone file presentation format and binary 936 data is still to be done. 937 938 939Fix: rt.cpan.org Ticket #8483 940 eval tests for DNS::RR::SIG fail when using a die handler 941 (Thanks Sebastiaan Hoogeveen) 942 943 Patch applied. 944 945Fix: rt.cpan.org: Ticket #8608 946 Net::DNS::Packet->data makes incorrect assumptions 947 948 Implemented the "pop" method for the question. 949 Since having a qcount that is not 1 is somewhat rare (it appears 950 in TCP AXFR streams) the ability to pop the answer from a question 951 has not been documented in the "pod" 952 953 Also fixed the incorrect assumption. 954 955 (Thanks Bruce Campbell.) 956 957 958Fix: Ticket #11106 959 Incorrect instructions in README 960 961 Corrected in the README and in Makefile.PL 962 963 964Olaf Kolkman took over maintenance responsibility from Chris 965Reinardt. This involved importing the code into another subversion 966repository. I made sure the numbers jumped, but I did not have access 967to the "original" subversion repository so I lost some of the history. 968 969 970*** 0.48_01 March 2005 (Version 0.49 release candidate 1) 971 972 973Fix: rt.cpan.org #8882 974 No redundant lookups on SERVFAIL response 975 and #6149 976 Does not search multiple DNS servers 977 978 Net::DNS::Resolver will now use the other nameservers in the 979 list if the RCODE of the answer is not NOERROR (0) or NXDOMAIN 980 (3). When send() exhausted the last nameserver from the it will 981 return the answer that was received from the last nameserver 982 that responded with an RCODE. 983 984 The errorstring will be set to "RCODE: <rcode from last packet>" 985 986 987Fix: rt.cpan.org #8803 988 TXT records don't work with semicolons 989 990 Since we are expecting "zonefile" presentation at input 991 a comment will need to be escaped ( \; ). 992 993 It could be argued that this is a to strict interpretation of 994 1035 section 5.1. 995 996 While working on this I discovered there are more problems with 997 TXT RRs. Eg; 0100 is a perfectly legal character string that 998 should be represented as "\000" in a zonefile. Net::DNS does 999 pass character strings with "non-ASCII" chars from the wire 1000 to the char_str_lst array but the print functions do not 1001 properly escape them when printing. 1002 1003 Properly dealing with zonefile presentation format and binary 1004 data is still to be done. 1005 1006 1007Fix: rt.cpan.org Ticket #8483 1008 eval tests for DNS::RR::SIG fail when using a die handler 1009 (Thanks Sebastiaan Hoogeveen) 1010 1011 Patch applied. 1012 1013Fix: rt.cpan.org: Ticket #8608 1014 Net::DNS::Packet->data makes incorrect assumptions 1015 1016 Implemented the "pop" method for the question. 1017 Since having a qcount that is not 1 is somewhat rare (it appears 1018 in TCP AXFR streams) the ability to pop the answer from a question 1019 has not been documented in the "pod" 1020 1021 Also fixed the incorrect assumption. 1022 1023 (Thanks Bruce Campbell.) 1024 1025 1026Fix: Ticket #11106 1027 Incorrect instructions in README 1028 1029 Corrected in the README and in Makefile.PL 1030 1031 1032Olaf Kolkman took over maintenance responsibility from Chris 1033Reinardt. This involved importing the code into another subversion 1034repository. I made sure the numbers jumped, but I did not have access 1035to the "original" subversion repository so I lost some of the history. 1036 1037 1038>>>>>>> .merge-right.r260 1039*** 0.48 Aug 12, 2004 1040 1041 1042Net::DNS is now stored in a subversion repository, replacing cvs. 1043As such the submodule version numbers have taken another big jump. 1044Luckily those numbers don't matter as long as they work. 1045 1046Fixed a bug with Unknown RR types that broke zone signing [Olaf]. 1047 1048Added callback support to Net::DNS::Resolver::Recurse. The 1049demo/trace_dns.pl script demonstrates this. 1050 1051Added a note regarding answers with an empty answer section to the 1052Net::DNS::Resolver::search() and Net::DNS::Resolver::query() 1053documentation. 1054 1055The copyright notice for Net::DNS::RR::SSHFP was incorrect. That file 1056is Copyright (c) 2004 RIPE NCC, Olaf Kolkman. 1057 1058*** 0.47_01 May 6, 2004 1059 1060** NOTICE ** 1061 1062RR subclasses no longer pull in parts of Net::DNS; Net::DNS is assumed 1063to be up and running when the subclass is compiled. If you were using a 1064RR subclass directly, this may break your code. It was never documented 1065that you could use them directly however, so hopefully you never did... 1066 1067Fixed bug where SRV records with a priority of 0 did not function 1068correctly. CPAN #6214 1069 1070Calls to various constants where using the &NAME syntax, which is not 1071inlined. Changed to NAME(). 1072 1073Added SSHFP support. [Olaf] 1074 1075CERT fixes. [Olaf] 1076 1077*** 0.47 April 1, 2004 1078 1079safe_push() is back in Net::DNS::Packet, due to the excellent debate 1080skills of Luis E Monoz. However, the name safe_push() is deprecated, 1081use the new name unique_push() instead. 1082 1083Fixed a bug in Net::DNS::Nameserver which caused the class to build 1084packets incorrectly in some cases. [Ask Bjorn Hansen] 1085 1086Error message cleanups in Net::DNS::typesbyname() 1087and Net::DNS::typesbyval() [Ask Bjorn Hansen] 1088 1089Net::DNS::RR::new_from_hash() now works with unknown RR types [Olaf]. 1090 1091*** 0.46 February 21, 2004 1092 1093IPv6 reverse lookups can now be done with Net::DNS::Resolver::search(), 1094as well as with query(). 1095 1096Hostnames can now be used in the 'nameservers' argument to 1097Net::DNS::Resolver->new() 1098 1099*** 0.45_01 February 9, 2004 1100 1101Net::DNS now uses UDP on windows. 1102 1103Removed Net::DNS::Select from the package. IO::Select appears to work 1104on windows just fine. 1105 1106Fixed a bug that caused MXes with a preference of 0 to function 1107incorrectly, reported by Dick Franks. 1108 1109Net::DNS had a few problems running under taint mode, especially under 1110cygwin. These issues have been fixed. More issues with taint mode may 1111lay undiscovered. 1112 1113Applied Matthew Darwin's patch added support for IPv6 reverse lookups to 1114Net::DNS::Resolver::query. 1115 1116*** 0.45 January 8, 2004 1117 1118No changes from 0.44_02. 1119 1120** 0.44_02 January 3, 2004 1121 1122The XS detection code was broken. We actually use the XS bits now. 1123 1124Major cleanups/optimizations of the various RR subclasses. This release 1125of Net::DNS is over twice as fast at parsing dns packets as 0.44. 1126 1127** NOTICE ** 1128 1129$rr->rdatastr no longer returns '; no data' if the RR record has no 1130data. This happens in $rr->string now. 1131 1132Net::DNS::Packet::safe_push() no longer exists. The method is now only 1133available from Net::DNS::Update objects. 1134 1135 1136** 0.44_01 January 3, 2004 1137 1138Net::DNS::RR objects were not playing nice with Storable, this caused 1139the axfr demo script to fail. Thanks to Joe Dial for the report. 1140 1141** NOTICE ** 1142This may cause RR objects that are already serialize to not deserialize 1143correctly. 1144 1145Reply handlers in Net::DNS::Nameserver are now passed the query object. 1146 1147Fixed a nasty bug in Nameserver.pm related to the qr bit. As Olaf 1148explained: 1149 1150 Replies are sent if the query has its "qr" bit set. The "qr" bit is an 1151 indication that the packet is sent as a response to a query. Since 1152 there are more implementations that suffer from this bug one can cause 1153 all kinds of nasty ping-pong loops by spoofing the initial packet or 1154 have an infinite query loop by spoofing a query from the localhost:53 1155 address. 1156 1157Various Win32/Cygwin cleanups from Sidney Markowitz. 1158 1159 1160*** 0.44 December 12, 2003 1161 1162 The Wrath of CPAN Release. 1163 1164CPAN.pm doesn't understand the nature of revision numbers. 1.10 is 1165newer than 1.9; but CPAN.pm treats them as floats. This is bad. 1166All the internal version numbers in Net::DNS have been bumped to 11672.100 in order to fix this. 1168 1169No actual code changes in this release. 1170 1171 1172*** 0.43 December 11, 2003 1173 1174Added warning of deprecation of Net::DNS::Packet::safe_push. This will 1175move into Net::DNS::Update, as Net::DNS::Update is now a proper subclass 1176of Net::DNS::Packet. 1177 1178** 0.42_02 December 11, 2003 1179 1180Fixed a long standing bug with zone transfers in the "many-answers" format. 1181CPAN #1903. 1182 1183Added the '--online-tests' flag to Makefile.PL. This activates the online 1184tests without asking the user interactively. "--no-online-tests" turns 1185the tests off. 1186 1187Cleaned up Makefile.PL a little. The "--pm" flag is now deprecated, use 1188"--no-xs" instead. 1189 1190Added support for unknown RR types (rfc3597). Note for developers: the 1191typesbyname, typesbyval, classesbyname and classesbyval hashes should 1192not be used directly, use the same named wrapper functions 1193instead. [Olaf Kolkman] 1194 1195Added two hashes for administrative use; they store which types are 1196qtypes and metatypes (rfc2929). [Olaf Kolkman] 1197 1198** 0.42_01 November 30, 2003 1199 1200Major work to get Net::DNS functioning properly on Cygwin by Sidney 1201Markowitz. 1202 1203Fixed a bug in Net::DNS::Nameserver's error handling. CPAN #4195 1204 1205*** 0.42 October 26, 2003 1206 1207Fixed compilation problems on panther (Mac OS 10.3). 1208 1209Fixed a bug in Net::DNS::Resolver::Recurse which allowed an endless 1210loop to arise in certain situations. (cpan #3969, patch 1211by Rob Brown) 1212 1213Applied Mike Mitchell's patch implementing a persistent UDP socket. 1214See the Net::DNS::Resolver documentation for details. 1215 1216*** 0.41 October 3, 2003 1217 1218Added some documentation about modifying the behavior of Net::DNS::Resolver. 1219 1220** 0.40_01 September 26, 2003 1221 1222Fixed some uninitialized value warnings when running under windows. 1223 1224Fixed a bug in the test suite that caused 00-version.t to fail with 1225certain versions of ExtUtils::MakeMaker. Thanks to David James, Jos 1226Boumans and others for reporting it. 1227 1228Reply handlers in Net::DNS::Nameserver are now passed the peerhost. 1229(Assen Totin <assen@online.bg>) 1230 1231Reply handlers in Net::DNS::Nameserver can now tweak the header bits 1232that the nameserver returns. [Olaf] 1233 1234The AD header bit is now documented, and twiddlable. [Olaf] 1235 1236The change log has been trimmed, entries for versions older than 0.21 1237have been removed. 1238 1239** NOTICE ** 1240Net::DNS::Resolver::axfr_old() has been removed from the package. 1241An exception will be thrown if you attempt to use this method. Use 1242axfr() or axfr_start() instead. 1243 1244*** 0.40 September 1, 2003 1245 1246Various POD tweaks. 1247 1248** 0.39_02 August 28, 2003 1249 1250Net-DNS-SEC updates, seems that IETF has been busy redefining DNSSEC. 1251[Olaf] 1252 1253Added version to all the modules in the distribution. 1254 1255** 0.39_01 August 12 2003 1256 1257Added a META.yaml. The crystal ball says an upgrade to Module::Install may 1258be coming soon. 1259 1260Changed how the versions of the various submodules were set. The CPAN 1261indexer cannot execute "$VERSION = $Net::DNS::VERSION". The single line 1262with the $VERSION assignment is pulled out of the file and eval'ed; at 1263that time, Net::DNS is not loaded. The submodules now pull their version 1264numbers out of CVS. 1265 1266*** 0.39 August 7 2003 1267 1268Fixed a bug on Win32 where some machines separated lists with commas, 1269not whitespace. Thanks to Jim White for pointing it out. 1270 1271** 0.38_02 July 29 2003 1272 1273Reworked the POD for Net::DNS::Resolver. 1274 1275When parsing resolver configuration files, IPv6 addresses are now skipped, 1276as Net::DNS does not yet have IPv6 support. 1277 1278** 0.38_01 Jun 22 2003 1279 1280Broke Net::DNS::Resolver into separate classes. UNIX and Win32 1281classes are currently implemented. Many of the globals in 1282Net::DNS::Resolver no longer exist. They were never documented 1283so you never used them.... right? 1284 1285Options to Net::DNS::Resolver->new() are now supported, including 1286using your own configuration file. See the Net::DNS::Resolver man 1287page for details. 1288 1289Tweaked Net::DNS::RR::TXT to fail more gracefully when the quotes 1290in the data section are not balanced. 1291 1292Add more tests (of course). 1293 1294Moved next_id() from Resolver.pm to Header.pm (which is where it is 1295used). 1296 1297Net::DNS::Select now uses $^O directly, this means that the second 1298argument to Net::DNS::Select::new() (the OS) is now ignored. 1299 1300*** 0.38 Jun 5 2003 1301 1302Various buglets fixed in the new Makefile.PL. 1303 1304Use Dynaloader instead of XSLoader. Turns out that XSLoader is only 1305in more recent perls. 1306 1307Added deprecation warning to Net::DNS::Resolver::axfr_old(). 1308 1309HP-UX fixes [cpan #2710], I don't have the name of the reporter/patcher. 1310 1311*** 0.37 May 28 2003 1312 1313Renamed the test C file to compile.c, test.c was confusing the 'make test' 1314target. 1315 1316*** 0.36 May 28 2003 1317 1318Removed Rob Brown's RPM stuff. Something odd happened in the 0.35 tarball 1319and at the moment I don't have the time to investigate. 1320 1321*** 0.35 May 26 2003 1322 1323POD fixes, added tests for POD. 1324 1325*** 0.34_03 May 22 2003 1326 1327Reworked Makefile.PL to try and detect if you have a working C compiler. 1328 1329Added '--pm' and '--xs' command line options to Makefile.PL 1330 1331Fixed linking problem on linux. 1332 1333Tie::DNSHash removed from the package, see Tie::DNS from CPAN for a more 1334complete implementation of a DNS hash. 1335 1336*** 0.34_02 May 21 2003 1337 1338Net::DNS::Packet::dn_expand is now implemented using the function of the 1339same name from libresolv. This method of decompressing names is around 1340twice as fast as the perl implementation. 1341 1342Applied Jan Dubois's patch to fix nameserver lookup on Windows 2000/95/98/ME. 1343 1344*** 0.34 6 Mar 2003 1345 1346Applied David Carmean's patch for handling more than one string in a 1347TXT RR's RDATA section. 1348 1349Applied Net::DNS::Resolver::Recurse bug fixes from Rob Brown. 1350 1351Added check of the answer's rcode in Net::DNS::Resolver::axfr_next(). 1352 1353Applied Kenneth Olving <kenneth.olving@eoncompany.com> Windows changes. 1354 1355Applied patch from Dan Sully (daniel@electricrain.com) allowing multiple 1356questions to be part of a DNS packet. 1357 1358*** 0.33 8 Jan 2003 1359 1360Fixed 00-load.t to skip the Net::DNS::SEC modules. The test suite 1361should now pass if you have Net::DNS::SEC installed. 1362 1363Fixed the regular expression in RR.pm to comply with the RFCs, turns 1364out we were _too_ paranoid. [Olaf] 1365 1366 1367*** 0.32 5 Jan 2003 1368 1369Various cleanups for perl 5.004. Thanks to nathan@anderson-net.com 1370([cpan #1847]) 1371 1372Applied Olaf's SIG patch (thanks as always). 1373 1374Win32 now looks at the environment variables when building the 1375configuration defaults. Thanks to net-dns-bug@oak-wood.co.uk 1376(That's the only name I have... [cpan #1819]) 1377 1378Added Rob Brown's Net::DNS::Resolver::Recurse module. 1379 1380 1381*** 0.31 17 Nov 2002 1382 1383Applied Olaf's patch for an initialization bug in OPT.pm 1384 1385Applied Rob Brown's patch for udp timeouts. 1386 1387Added stuff from Rob Brown for making RPM creation easier. 1388 1389Fixed a typo in FAQ.pod that was making apropos and whatis 1390grumpy. Thanks to Florian Hinzmann for pointing it out and a patch. 1391 1392 1393*** 0.30 7 Nov 2002 1394 1395Applied Andrew Tridgell's (tridge@samba.org) patch for TKEY support. 1396 1397Added Net::DNS::Packet->safe_push() to allow for automatically 1398checking for duplicate RRs being pushed into a packet. Inspired by Luis 1399Munoz. 1400 1401Added more tests. 1402 1403 1404*** 0.29 2 Oct 2002 1405 1406Fixed $_ from creeping out of scope in Resolver.pm. Thanks to 1407Ilya Martynov for finding the problem and the patch to fix it. 1408 1409Fixed divide by zero bug there is no usable network interface(s). 1410Thanks to twilliams@tfcci.com, misiek@pld.ORG.PL (and one other 1411person that I can't seem to find the address of) for reports. 1412 1413 1414*** 0.28 20 Aug 2002 1415 1416Fixed a bug in the new AUTOLOAD routines that made it impossible to set 1417attributes to '0'. 1418 1419Fixed a bug in the RR patch that broke many updates. 1420 1421 1422*** 0.27 15 Aug 2002 1423 1424Added (untested) support for perl 5.004. 1425 1426We now allow whitespace at the beginning of a RR. 1427 1428Fixed an issue that gave Net::DNS::SEC problems, %Net::DNS::RR::RR is now 1429in a scope that the Net::DNS::SEC hook can see it from. 1430 1431Fixed SRV records. 1432 1433Fixed debug message in Net::DNS::Resolver::bgread(). 1434 1435 1436*** 0.26 5 Aug 2002 1437 1438Fixed various bugs in the test suite. 1439 1440Fixed warning in Net::DNS::RR::AUTOLOAD with perl 5.005. 1441 1442--- 1443Olaf Kolkman <olaf@net-dns.org> 1444Chris Reinhardt 1445Michael Fuhr 1446 1447 1448