c-ares version 1.28.1 - Mar 30 2024
This release contains a fix for a single significant regression introduced
in c-ares 1.28.0.
ares_search()
and ares_getaddrinfo()
resolution fails if no search domains
are specified. Issue #737
c-ares version 1.28.0 - Mar 29 2024
This is a feature and bugfix release.
Features:
- Emit warnings when deprecated c-ares functions are used. This can be
disabled by passing a compiler definition of
CARES_NO_DEPRECATED
. PR #732
- Add function
ares_search_dnsrec()
to search for records using the new DNS
record data structures. PR #719
- Rework internals to pass around
ares_dns_record_t
instead of binary data,
this introduces new public functions of ares_query_dnsrec()
and
ares_send_dnsrec()
. PR #730
Changes:
- tests: when performing simulated queries, reduce timeouts to make tests run
faster
- Replace configuration file parsers with memory-safe parser. PR #725
- Remove
acountry
completely, the manpage might still get installed otherwise. Issue #718
Bugfixes:
- CMake: don't overwrite global required libraries/definitions/includes which
could cause build errors for projects chain building c-ares. Issue #729
- On some platforms,
netinet6/in6.h
is not included by netinet/in.h
and needs to be included separately. PR #728
- Fix a potential memory leak in
ares_init()
. Issue #724
- Some platforms don't have the
isascii()
function. Implement as a macro. PR #721
- CMake: Fix Chain building if CMAKE runtime paths not set
- NDots configuration should allow a value of zero. PR #735
c-ares version 1.27.0 - Feb 23 2024
This is a security, feature, and bugfix release.
Security:
- Moderate. CVE-2024-25629. Reading malformatted
/etc/resolv.conf
,
/etc/nsswitch.conf
or the HOSTALIASES
file could result in a crash.
GHSA-mg26-v6qh-x48q
Features:
- New function
ares_queue_active_queries()
to retrieve number of in-flight
queries. PR #712
- New function
ares_queue_wait_empty()
to wait for the number of in-flight
queries to reach zero. PR #710
- New
ARES_FLAG_NO_DEFLT_SVR
for ares_init_options()
to return a failure if
no DNS servers can be found rather than attempting to use 127.0.0.1
. This
also introduces a new ares status code of ARES_ENOSERVER
. PR #713
Changes:
- EDNS Packet size should be 1232 as per DNS Flag Day. PR #705
Bugfixes:
- Windows DNS suffix search list memory leak. PR #711
- Fix warning due to ignoring return code of
write()
. PR #709
- CMake: don't override target output locations if not top-level. Issue #708
- Fix building c-ares without thread support. PR #700
c-ares version 1.26.0 - Jan 26 2024
This is a feature and bugfix release.
Features:
- Event Thread support. Integrators are no longer required to monitor the
file descriptors registered by c-ares for events and call
ares_process()
when enabling the event thread feature via ARES_OPT_EVENT_THREAD
passed
to ares_init_options()
. PR #696
- Added flags to
are_dns_parse()
to force RAW packet parsing.
PR #693
Changes:
- Mark
ares_fds()
as deprecated.
PR #691
Bugfixes:
adig
: Differentiate between internal and server errors.
e10b16a
- Autotools allow make to override CFLAGS/CPPFLAGS/CXXFLAGS.
PR #695
- Autotools: fix building for 32bit windows due to stdcall symbol mangling.
PR #689
- RR Name should not be sanity checked against the Question.
PR #685
c-ares version 1.25.0 - Jan 3 2024
Changes:
- AutoTools: rewrite build system to be lighter weight and fix issues in some semi-modern systems. It is likely this has broken building on some less common and legacy OSs, please report issues. PR #674
- Rewrite ares_strsplit() as a wrapper for ares__buf_split() for memory safety reasons. 88c444d
- The ahost utility now uses ares_getaddrinfo() and returns both IPv4 and IPv6 addresses by default. PR #669
- OpenBSD: Add SOCK_DNS flag when creating socket. PR #659
Bugfixes:
- Tests: Live reverse lookups for Google's public DNS servers no longer return results, replace with CloudFlare pubic DNS servers. 1231aa7
- MacOS legacy SDKs require sys/socket.h before net/if.h PR #673
- Connection failures should increment the server failure count first or a retry might be enqueued to the same server. 05181a6
- On systems that don't implement the ability to enumerate network interfaces the stubs used the wrong prototype. eebfe0c
- Fix minor warnings and documentation typos. PR #666
- Fix support for older GoogleTest versions. d186f11
- getrandom() may require sys/random.h on some systems. Issue #665
- Fix building tests with symbol hiding enabled. Issue #664
c-ares version 1.24.0 - Dec 17 2023
Features:
Changes:
Bugfixes:
c-ares version 1.23.0 - Nov 30 2023
Features:
Bugfixes:
c-ares version 1.22.1 - Nov 19 2023
Bugfixes:
c-ares version 1.22.0 - Nov 14 2023
Features:
Changes:
Bugfixes:
c-ares version 1.21.0 - Oct 27 2023
Changes:
Bugfixes:
c-ares version 1.20.1 - Oct 8 2023
Bugfixes:
c-ares version 1.20.0 - Oct 7 2023
Changes:
Bug fixes:
c-ares version 1.19.1 - May 22 2023
Security:
- CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service
- CVE-2023-31147 Moderate. Insufficient randomness in generation of DNS query IDs
- CVE-2023-31130. Moderate. Buffer Underwrite in ares_inet_net_pton()
- CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE during cross compilation
Bug fixes:
c-ares version 1.19.0 - Jan 28 2023
Security:
Changes:
Bug fixes:
c-ares version 1.18.1 - Oct 27 2021
Bug fixes:
- ares_getaddrinfo() would return ai_addrlen of 16 for ipv6 adddresses rather than the sizeof(struct sockaddr_in6)
c-ares version 1.18.0 - Oct 25 2021
Changes:
Bug fixes:
c-ares version 1.17.2 - Aug 10 2021
Security:
Changes:
Bug fixes:
c-ares version 1.17.1 - Nov 19 2020
Fixes packaging issues in 1.17.0.
c-ares version 1.17.0 - Nov 16 2020
Security:
Changes:
Bug fixes:
c-ares version 1.16.1 - May 11 2020
Security:
- Prevent possible use-after-free and double-free in ares_getaddrinfo() if ares_destroy() is called prior to ares_getaddrinfo() completing. Reported by Jann Horn at Google Project Zero.
Changes:
- Allow TXT records on CHAOS qclass. Used for retriving things like version.bind, version.server, authoris.bind, hostname.bind, and id.server. [3]
Bug fixes:
- Fix Windows Unicode incompatibilities with ares_getaddrinfo() [1]
- Silence false cast-align compiler warnings due to valid casts of struct sockaddr to struct sockaddr_in and struct sockaddr_in6.
- MacOS should use libresolv for retrieving DNS servers, like iOS
- CMake build system should populate the INCLUDE_DIRECTORIES property of installed targets [2]
- Correct macros in use for the ares_getaddrinfo.3 man page
c-ares version 1.16.0 - March 13 2020
Changes:
- Introduction of ares_getaddrinfo() API which provides similar output (including proper sorting as per RFC 6724) to the system native API, but utilizes different data structures in order to provide additional information such as TTLs and all aliases. Please reference the respective man pages for usage details.
- Parse SOA records from ns_t_any response
- CMake: Provide c-ares version in package export file
- CMake: Add CPACK functionality for DEB and RPM
- CMake: Generate PDB files during build
- CMake: Support manpage installation
Bug fixes:
- Fix bad expectation in IPv6 localhost test.
- AutoTools: use XC_CHECK_BUILD_FLAGS instead of XC_CHECK_USER_FLAGS to prevent complaints about CPPFLAGS in CFLAGS.
- Fix .onion handling
- Command line usage was out of date for adig and ahost.
- Typos in manpages
- If ares_getenv is defined, it must return a value on all platforms
- If /etc/resolv.conf has invalid lookup values, use the defaults.
- Tests: Separate live tests from SetServers* tests as only live tests should require internet access.
- ares_gethostbyname() should return ENODATA if no valid A or AAAA record is found, but a CNAME was found.
- CMake: Rework library function checking to prevent unintended linking with system libraries that aren't needed.
- Due to use of inet_addr() it was not possible to return 255.255.255.255 from ares_gethostbyname().
- CMake: Fix building of tests on Windows
c-ares version 1.15.0 - October 23 2018
Changes:
Bug fixes:
c-ares version 1.14.0 - February 16 2018
Changes:
Bug fixes:
c-ares version 1.13.0 - June 20 2017
Changes:
- cmake build system support added
- Add virtual function set for socket IO: ares_set_socket_functions
Bug fixes:
- CVE-2017-1000381: c-ares NAPTR parser out of bounds access
- macos: do not set HAVE_CLOCK_GETTIME_MONOTONIC
- test: check ares_create_query with too-long name
- dist: add ares_library_initialized.* to the tarball
- fix build on OpenBSD
- dist: ship msvc_ver.inc too
- test: Add gTest/gMock files to SOURCES
- test: add fuzz entrypoint for ares_create_query()
- configure: clock_gettime workaround
- docs: convert INSTALL to MarkDown & tweak
- ares_process: fix return type of socket_create function (win32 warning)
- docs: fixed references to ares_set_local_ip4 and ares_set_local_ip6
- Windows DNS server sorting
- Use ares_socklen_t instead of socket_t
- ares_create_query: use ares_free not naked free
- msvc_ver.inc support most recent Visual Studio 2017
- acountry: Convert char from ISO-8859-1 to UTF-8
- ares_expand_name: limit number of indirections
- configure: do not check for ar if specified manually
- Added support for Windows DNS Suffix Search List
- ares.h: support compiling with QNX
c-ares version 1.12.0 - Sep 29 2016
Changes:
- api: add ARES_OPT_NOROTATE optmask value
Bug fixes:
- CVE-2016-5180: ares_create_query single byte out of buffer write
- configure: acknowledge --disable-tests [1]
- man pages: fix typos detected by Lintian
- test: add missing #includes for dns-proto.cc
- test: avoid in6addr_* constants
- test: Build with MinGW on AppVeyor
- Makefile.m32: add support for extra flags
- Makefile.m32: add support for CROSSPREFIX
- configure: check if tests can get built before enabled
- ares_library_cleanup: reset ares_realloc too
- ahost.c: add cast to fix C++ compile
- test: Only pass unused args to GoogleTest
- build: commonize MSVC version detection
- msvc_ver.inc: support Visual Studio 2015 Update 1, 2, 3
- test: for AF_UNSPEC, return CNAME only for AAAA, but valid A record
- ares_getnameinfo: explicitly clear struct servent before use
- test: Update fuzzing function prototype
- init: fix nsort initialization
- test: add fuzzing check script to tests
- web: http => https
- read_tcp_data: remove superfluous NULL check
- LICENSE.md: add a stand-alone license file
- SECURITY.md: suggested "security process" for the project
- ares_init_options: only propagate init failures from options [2]
- headers: remove checks for and defines of variable sizes
- test: fix gMock to work with gcc >= 6.x [3]
c-ares version 1.11.0 - Feb 19 2016
Changes:
- Add a unit test suite
- Allow builds with code converage with --enable-code-coverage configure option
- Allow library-wide override of malloc/free
- Allow multiple -s options to the ahost command
- api: Expose the ares_library_initialized() function
- api: Add ares_set_sortlist(3) entrypoint
- api: Add entrypoints to allow use of per-server ports
- api: introduce \
ares\_parse\_txt\_reply\_ext\
- api: Add ares_set_socket_configure_callback()
Bug fixes:
- timeadd: make static
- timeoffset: made static and private
- nowarn: use limits.h instead of configure for size of long
- single_domain: Invalid memory access for empty string input
- ares_build.h: fix building on 64-bit powerpc
- Allow specification of search domain in ahost
- Don't override explicitly specified search domains
- ares_parse_soa_reply: Do not leak rr_name on allocation failure
- Update ahost man page to describe -s option
- host_callback: Fall back to AF_INET on searching with AF_UNSPEC
- Add -t u option to ahost
- CONTRIBUTING: added
- ares_set_servers_csv: fix NULL dereference
- Fix integer shift overflow if both tcp_socket and udp_socket are set
- fix acountry memory leak
- lookup_service: prevent tmpbuf from overrunning
- ares_getnameinfo.3: there is no ares_getaddrinfo
- init_by_defaults: Continue loop if space for hostname not large enough
- Destroy options if aressaveoptions fails
- ares__read_line: free buf on realloc failure
- added define for visual studio 2013
- windows: fix slow DNS lookup issue
- Use libresolv to initialize cares on iPhone targets
- buildconf: remove check for libtool, it only requires libtoolize
- init_by_resolv_conf: Don't exit loop early leaving uninitialized entries
- ahost: check the select() return code
- configure_socket: explicitly ignore return code
- read_tcp_data: don't try to use NULL pointer after malloc failure
- Distribute all man pages
- aresexpandname: check for valid bits in label length
- ares__read_line: clear buf pointer on realloc failure
- process_answer: fix things up correctly when removing EDNS option
- ares_parse_txt_reply: propagate errors from per-substring loop
- ares_gethostbyname: don't leak valid-but-empty hostent
- ares_init_options: don't lose init failure
- ares_dup: clear new channel on failure
- config_sortlist: free any existing sortlist on (re)alloc failure
- ares_striendstr: fix so non-NULL return can happen
- bitncmp: update comment to match code behaviour
- ares_set_servers_csv.3: make return type match code
- init_by_resolv_conf: ignore
fopen
errors to use default values
- Use "resolve" as synonym of "dns" in nsswitch.conf
- ares_win32_init: make LoadLibrary work when using UNICODE too
- dist: Distribute README.md
- configure: build silently by default
- ares_dup.3: remove mention of nonexistent function
c-ares version 1.10.0 - May 12 2013
Changes:
- Added ares_create_query(), to be used instead of ares_mkquery()
- ares_inet_ntop() and ares_inet_pton() are now recognized c-ares functions
Bug fixes:
- include the ares_parse_soa_reply.* files in the tarball
- read_udp_packets: bail out loop on bad sockets
- get_DNS_AdaptersAddresses: fix IPv6 parsing
- adig: perror() doesn't work for socket errors on windows
- ares_parse_aaaa_reply: fix memory leak
- setup_once.h: HP-UX sys/socket.h issue workaround
- configure: several fixes
- config-dos.h: define strerror() to strerror_s_() for High-C
- config-dos.h: define HAVECLOSES for MSDOS/Watt-32
- ares_build.h.dist: enhance non-configure GCC ABI detection logic
- ares.h: stricter CARES_EXTERN linkage decorations logic
- ares_cancel(): cancel requests safely
- protocol parsing: check input data stricter
- library init: be recursive, reference count inits/cleanups
- ares_parse_txt_reply: return a arestxtreply node for each sub-string
- ares_set_servers_csv: fixed IPv6 address parsing
- build: fix build on msvc11
c-ares version 1.9.1 - Jun 18 2012
Fixed:
- include the ares_parse_soa_reply.* files in the tarball
c-ares version 1.9.0 - Jun 17 2012
Changed:
- Added ares_parse_soa_reply
Fixed:
- libcares.pc generation for static MingW* cross builds
- ares_dup: UDP and TCP port byte order in saved options
c-ares version 1.8.0 - Apr 27 2012
Changed:
- Added ares_parse_naptr_reply()
Fixed:
- handle CNAME-only in ares_parse_aaaa_reply()
- support multiple DNS servers on Android
- check for __ANDROID__ in addition to ANDROID macro
- port numbers: convert them to network order
- get_iphlpapi_dns_info: fix buffer overrun
- configure: make CURL_CHECK_DEF ignore leading whitespace
- segfault triggered in ares_init_options()
- ares_getnameinfo's memcpy did not copy enough bytes
- ares_destroy: fix segfault in ares_destroy_options()
- CHANGES: generate from script
- configure: fix symbol hiding usability check
c-ares version 1.7.5 - Aug 16 2011
Fixed:
- detection of semicolon comments in resolv.conf
- avoid using system's inet_net_pton affected by the WLB-2008080064 advisory
- replacement ares_inet_net_pton affected by the WLB-2008080064 advisory
- replacement ares_inet_ntop affected by potential out of bounds write
- added install target to Makefile.msvc
- only fall back to AF_INET searches when looking for AF_UNSPEC addresses
- fixed ares_parse_*_reply memory leaks
- Use correct sizeof in ares_getnameinfo()
- IPv6-on-windows: find DNS servers correctly
- man pages: docs for the c-ares utility programs
- getservbyport replacement for Win CE
- config_sortlist: (win32) missing else
- advance_tcp_send_queue: avoid NULL ptr dereference
- configure: fix a bashism
- ares_expand_name: Fix encoded length for indirect root
c-ares version 1.7.4 - Dec 9 2010
Changed:
- local-bind: Support binding to local interface/IPs, see ares_set_local_ip4, ares_set_local_ip6, ares_set_local_dev
Fixed:
- memory leak in ares_getnameinfo
- add missing break that caused get_ares_servers to fail
- ares_parse_a_reply: fix CNAME response parsing
- init_by_options: don't copy an empty sortlist
- Replaced uint32_t with unsigned int to fix broken builds on a couple of platforms
- Fix lookup with HOSTALIASES set
- adig: fix NAPTR parsing
- compiler warning cleanups
c-ares version 1.7.3 - Jun 11 2010
Fixed:
- builds on Android
- now includes all files necessary to build it (1.7.2 lacked a file)
c-ares version 1.7.2 - Jun 10 2010
Changed:
- Added ares_parse_mx_reply()
Fixed:
- ares_init: Last, not first instance of domain or search should win
- improve alternative definition of bool
- fix VS2010 compiler warnings
c-ares version 1.7.1 - Mar 23 2010
Changed:
- added IPv6 name servers support
Fixed:
- closing of sockets on Windows systems
- MSVC deprecated compiler options warnings
- ares_process_fd() didn't check broken connections
c-ares version 1.7.0 - Nov 30 2009
Changed:
- in6_addr is not used in ares.h anymore, but a private ares_in6_addr is instead declared and used
- ares_gethostbyname() now supports 'AF_UNSPEC' as a family for resolving either AF_INET6 or AF_INET
- a build-time configured ares_socklen_t is now used instead of socklen_t
- new ares_library_init() and ares_library_cleanup() functions
- new --enable-curldebug configure option
- ARES_ECANCELLED is now sent as reason for ares_cancel()
- added ares_parse_srv_reply()
- added ares_parse_txt_reply()
- added ares_free_data()
- new --enable-symbol-hiding configure option
- new Makefile.msvc for any MSVC compiler or MS Visual Studio version
- addrttl and addr6ttl structs renamed to ares_addrttl and ares_addr6ttl
- naming convention for libraries built with MSVC, see README.msvc
Fixed:
- ares_parse_*_reply() functions now return ARES_EBADRESP instead of ARES_EBADNAME if the name in the response failed to decode
- only expose/export symbols starting with 'ares_'
- fix \Device\TCP handle leaks triggered by buggy iphlpapi.dll
- init without internet gone no longer fails
- out of bounds memory overwrite triggered with malformed /etc/hosts file
- function prototypes in man pages out of sync with ares.h
c-ares version 1.6.0 - Dec 9 2008
Changed:
- Added support for the glibc "rotate" resolv.conf option (or ARES_OPT_ROTATE)
- Added ares_gethostbyname_file()
- Added ares_dup()
- Added ares_set_socket_callback()
Fixed:
- improved configure detection of several functions
- improved source code portability
- adig supports a regular numerical dotted IP address for the -s option
- handling of EINPROGRESS for UDP connects
- ares_parse_ptr_reply() would cause a buffer to shrink instead of expand if a reply contained 8 or more records
- buildconf works on OS X
c-ares version 1.5.3 - Aug 29 2008
- fix adig sample application compilation failure on some systems
- fix pkg-config reporting of private libraries needed for static linking
- fallback to gettimeofday when monotonic clock is unavailable at run-time
- ares_gethostbyname() fallback from AAA to A records with CNAME present
- allow --enable-largefile and --disable-largefile configurations
- configure process no longer needs nor checks size of curl_off_t
- library will now be built with _REENTRANT symbol defined if needed
- Improved configure detection of number of arguments for getservbyport_r
- Improved query-ID randomness
- Validate that DNS response address matches the request address
- fix acountry sample application compilation failure on some systems
c-ares version 1.5.2 - May 29 2008
- code refactoring in ares_gethostbyaddr
- improved checking of /dev/urandom in configure script
- new sample application, acountry
- improved MSVC6 dsp files
- adig sample application supports NAPTR records
- improved file seeding randomizer
- improved parsing of resolver configuration files
- updated configure script to remove autoconf 2.62 warnings
- use monotonic time source if available
- return all PTR-records when doing reverse lookups
- millisecond resolution support for the timeout option
c-ares version 1.5.1 - Nov 21 2007
- added the ares_llist.h header that was missing in the 1.5.0 release
c-ares version 1.5.0 - Nov 21 2007
- SONAME bump to a few API and ABI breaking changes: - ares_host_callback() - ares_nameinfo_callback() - ares_parse_a_reply() - ares_parse_aaaa_reply()
- two valgrind reports were silenced
- ares_save_options() fix
- do DNS retries even on TCP connections
- correctly clear sockets from the fd_set in several functions
- always wait on TCP events to detect connect closures
- new socket options: ARES_OPT_SOCK_SNDBUF and ARES_OPT_SOCK_RCVBUF
- made the query callbacks receive the number of timeouts that happened during the execution of a query
- don't skip a server if it's the only one
- segfault when generating a DNS "Transaction ID" under low memory conditions
- ares_strerror() segfault fix
- added copyright texts to a few places that were missing them
c-ares version 1.4.0 - Jun 8 2007
- fixed VS2005 compiler warnings due to time_t being 64bit
- introduced cryptographically secure transaction IDs
- added ares_save_options()
- added ares_destroy_options()
- added ares_process_fd()
- fixed undefined return value in init_by_resolv_conf() function for windows
- added ares_parse_ns_reply()
- fix failure to get the search sequence of /etc/hosts and DNS from /etc/nsswitch.conf, /etc/host.conf or /etc/svc.conf when /etc/resolv.conf did not exist
- when domains were sert in the options struct, and there were domain/search entries in /etc/resolv.conf, the domains of the options struct would be overridden
- removed a couple of potential zero size memory allocations
- fixed the line endings in areslib.dsp