$Id: Changes 710 2008-02-08 15:22:21Z olaf $ -*-text-*-
Revision history for Net::DNS
=============================
*** 0.63, 8 Feb 2008
This version contains a Security Fix.
Feature NotifyHandler in Nameserver
The NotifyHandler is a new attribute to the nameserver used in the
same way as the ReplyHandler except that it is executed when the
opcode is NS_NOTIFY (RFC1996). It takes the same arguments as the
reply handler (i.e. $qname, $qclass, $qtype, $peerhost, and $query).
Corrections made in the documentation.
Fix rt.cpan.org #32937: 5.11 introduces new warning on uc(undef)
The patch supplied fixes for methods where undefined arguments were
likely. For methods where undefined arguments don't make the warning
will be printed.
Fix rt.cpan.org #32147: Default LocalAddr broken in Net::DNS::Nameserver 0.62
Listen on the default address if LocalAddr not defined.
Fix rt.cpan.org #30316 Security issue with Net::DNS Resolver.
Net/DNS/RR/A.pm in Net::DNS 0.60 build 654 allows remote attackers
to cause a denial of service (program "croak") via a crafted DNS
response (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6341). Packet
parsing routines are now enclosed in eval blocks to trap exception
and avoid premature termination of user program.
Bug: mbox-dname and txt-dname were not allowed to be empty in the RP RR.
Fix by Peter Koch
*** 0.62, 28 December 2007
Features: Move of some functionality out of the Packet to the Question
and RR classes; parsing of elements in the packet is now performed
by calling the appropriate subclasses.
New methods were introduced:
* Net::DNS::Packet->parse()
* Net::DNS::RR->parse()
* Net::DNS::Question->parse()
The Packet class now defers parsing of authority/additional until
their content is really needed. This should cause a bit of
performance improvement.
Dick Franks is acknowledged for this Good Work (TM).
Feature: the Net::DNS::Packet's answersize() method will from now on
ignore its arguments and just return the size of the packet.
Feature: The Net::DNS::RR->new() method used to call
Net::DNS::RR->new_from_data() whenever called with the appropriate
combination of arguments. That (undocumented) behavior has been deprecated.
Use Net::DNS::RR->new_from_data() directly if you depended on that.
Feature: Net::DNS::Packets unique_push now ignores the TTL in
comparison of uniqueness, this is closer to the intend of
RFC2181, but not yet fully compliant.
Fix rt.cpan.org #29816
Acquiring the IP address for the Resolver under Cygwin is made
more resilient.
Fix rt.cpan.org #31425
Empty question section in Base.pm search method detected
Fix rt.cpan.org #31042
Makefile corrected to add a library target.
Fix rt.cpan.org #29818
10-recurse.t used to fail in very specific environment (where a query for
qname="." and qtype="NS" would return with an empty additional section).
Fixed by adding the hints explicitly; this also forces the tests to take
place under the root served by a-m.root-servers.net
Fix rt.cpan.org #29877
Made 00-version.t recognize a "GIT" environment.
Fix rt.cpan.org #29878
SPF.pm did not evaluate as true. Thanks Bjorn Hansen.
Fix rt.cpan.org #21398
answersize() and answerfrom() set for persistent sockets
Fix rt.cpan.org #29883
Fix various tests only available through SVN, so they are
more robust (Acknowledgements Bjoern Hansen)
Fix rt.cpan.org #24343
Resolver's nameserver() method would do silly things with undefined
arguments.
Fix rt.cpan.org #29531
Nameserver.pm, Packet.pm and Question.pm modified to avoid erroneous PTR
lookup in response to mischievous query packet containing an IP address.
Fix rt.cpan.org #27970 better netdns.o
Marek Rouchal provided two minor improvements for linking the C
code sniplets
Fix rt.cpan 28345
A fix in Test::Simple revealed an off by 1 error in the testplan
for 05-rr-rrsort.t. The fix is to remove a test, creating a dependency
on Test::Simple 0.71 seemed overkill.
*** 0.61, 1 August 2007
Fix rt.cpan.org #28106, 28198, and 28590
Modification of $_ in various places.
Fix
t/11-inet6 assumed lowercase domain names.
*** 0.60 20 June 2007
Fix spelling mistakes in change log using interactive spell checker (aspell).
Fix
Two redundant calls of $self->rdatastr() in Net::DNS::RR::string().
Fix rt.cpan.org #27285 bis
Unreleased 0.59_1 dn_expand_PP() has security flaw allowing access to
arbitrary data using crafted packet with out of range compression pointer.
Patch by Dick Franks based on 0.59 code.
Fix rt.cpan.org #27391
dn_compress() produces corrupt packet for name containing empty label.
Fix rt.cpan.org #26957
dn_compress() croaks for name having label which exceeds 63 characters.
Patch by Dick Franks truncates offending label.
Feature check_soa test of NCACHE TTL
Dick Franks supplied an improved version of check_soa script which
performs a direct test of NCACHE TTL by looking up non-existent name and
reporting value if it exceeds 86400. Test is skipped unless minimumTTL is
above same threshold. Recent BIND implementations impose a ceiling on
NCACHE TTLs internally, so a large minimumTTL value is unlikely to have
damaging consequences at many sites.
Fix rt.cpan.org #27285
Break out of malformed packets with compression loops.
Steffen Ullrich is acknowledged for patch and test code.
Feature check_zone "alternate domain" and "exception file" flags
Paul Archer supplied a patch for check_zone adding two new features.
Feature Support for IPSECKEY RR
Rudimentary IPSECKEY RR support added.
Fix rt.cpan.org #25342
HINFO would only accept its data fields within quotes. That has now
been fixed to adhere to <character-string> by inheriting parsing functions
from TXT.
Fix rt.cpan.org #24631 / Feature IP address prefix notation
Dick Franks supplied a cleaned up version of Question.pm.
Revised code deals with incomplete IPv6 address bug and accepts RFC4291
address prefix notation. IPv4/prefix also supported for completeness.
This involved a minor change to the API for reverse IP lookup. Changing
qtype to PTR is now performed for A and AAAA only. This allows queries
for NS and SOA records at interior nodes to be specified using the address
prefix. Type ANY queries now also produce the expected result.
Cleaned up TYPE/CLASS reversal code, exploiting fact that the intersection
of the sets of class and type names contains only one member (ANY).
Minor cleanup of remaining code.
Fix rt.cpan.org #22019
Expunge trailing dots from RR->new_from_hash() FQDN arguments.
Patch by Dick Franks.
Fix Recursion and EDNS OPT record
The Recursive resolver process would add an OPT-RR with each recursion
which causes FORMERRs with a number of authoritative servers.
Feature SSHFP warn instead of die
We do not die if a not implemented fingerprint type value is read
from the wire, instead we 'warn' and return undef.
Feature NSEC3PARAM hook
A hook to load NSEC3PARAM when available has been added.
WARNING: Both NSEC3 and NSEC3PARAM are configured with their
experimental type codes.
Feature rt r24525
Net::DNS::Resolver depended on Net::IP (2268 Kb) which depends on
heavy module Math::BigInt (1780 Kb). Valery Studennikov suggested to
ship Net::DNS::Resolver::Base with its own copies of ip_is_ipv[4|6] and
supplied a patch with those functions stripped from Net::IP.
Note that the package still depends on Net::IP because
Net::DNS::Nameserver and a few tests depend on it.
Fix rt 22334
Fixed "perl Makefile.PL --xs" behavior, patch by Tamas Palfalvi
Fix rt 21752 and 24042
Applied the patch supplied by Alexandr Ciornii to be able
to compile on ActiveState perl .
Slight modifications based on comments by nimnul
Fix rt 23961
Randomized the ID on the queries. Thanks to "hjp" for reporting and
suggesting a fix.
The randomization of the src port is supposed to be handled by the
setting the source port to "0" (default). Overriding the default
or using persistent sockets may be problematic.
Also see:
http://www.potaroo.net/ietf/idref/draft-hubert-dns-anti-spoofing/
Fix
Minor compile time warnings for netdns.c on Fedora Core.
*** 0.59 September 18, 2006
Fix rt.cpan.org 20836, 20857, 20994, and 21402
These tickets all revolved around proper reverse mapping of IPv6
addresses.
Acknowledgments to Dick Franks who has provided elegant solutions and
cleaned a bit of code.
Note that directly calling Question->new() without arguments will
cause the qclass,qtype to be IN, A instead of ANY, ANY.
Net::DNS::Resolver's search() method would always gracefully
interpret a qname in the form of an IPv4 address. It would go out
and do a PTR query in the reverse address tree. This behavior has
also been applied to IPv6 addresses in their many shapes and
forms.
This change did two things, 1) root zone not implicitly added to
search list when looking up short name, 2) default domain appended
to short name if DEFNAMES and not DNSRCH.
Fix rt.cpan.org 18113
Minor error due to unapplied part of patch fixed.
Feature: Experimental NSEC3 hooks.
Added hook for future support of (experimental) NSEC3 support
(NSEC3 having an experimental type code).
*** 0.58 July 4, 2006
Feature: hooks for DLV support in Net::DNS::SEC
added hooks for DLV support which is/will be available in
Net::DNS::SEC as of subversion version 592 (Tests are done against
the subversion number, not against the perl release version)
Net::DNS::SEC version 0.15 will have DLV support.
Partly Fixed rt.cpan.org 18940
djhale noticed a number of error conditions under which the
udp_connection in Nameserver dies. We now print a warning instead
of dying.
Fix rt.cpan.org 18958
Fixed typebyname croak for SIGZERO. Acknowledgments to djhale.
Optimize rt.cpan.org 11931
Hanno Stock optimized the method to get the list of available
interfaces in Win32. I have only done very rudimentary tests on
my Windows XP system.
Fix dependency on "CC" rt.cpan.org 19352
The Makefile.PL depended on availability of "cc" and would bail
out on systems where gcc is exclusively available. Thanks to Rob
Windsor for noticing and patching.
Fix compressed dnames in NAPTR/SRV
Clayton O'Neill noted that the the domain names in in the NAPTR
and SRV RRs rdata were subject to name compression which is not
conform the specs. Also see RFC 2782 and 2915.
Fix rt.cpan.org 18897
Zero-length rdata in TXT fixed (Acknowledgments to Roy Arends)
Fix rt.cpan.org 18785
SPF would not work unless the TXT RR was not loaded first. No
wonder, SPF fully inherits TXT and loading of TXT.pm is therefore a
prerequisite.
Fix rt.cpan.org 18713
Net::DNS::Resolver now deals gracefully with persistent sockets
that got disconnected. It will first try to connect again to the
socket and if that fails it will try to connect to the next
available nameserver. tcp_timeout() is the parameter that
determines how long to wait during a reconnect.
Fix rt.cpan.org 18268
Added reference to RFC in croak message for label length > 63 in
dn_comp().
Fix rt.cpan.org 18113
The inet6 tests contained another bug when online-tests were disabled.
Klaus Heinz discovered and provided a patch.
*** 0.57 February 24, 2006
Fix rt.cpan.org 17783
The inet6 tests do not skip enough tests when ipv6 is not available.
I did not catch this in my setup since IPv6 is available on all my
machines.
Since this breaks automatic CPAN installs a new release is
reasonable.
*** 0.56 February 20, 2006
Fix rt.cpan.org 17694
Net::DNS::typesbyval() now confesses on undefined
args. Acknowledgments to Dean Serenevy.
Feature Implemented SPF (typecode 99).
The class completely inherits from Net::DNS::RR::TXT (the easiest
RR to implement ever).
Feature added rrsort() function.
Feature was requested by Eric Hall in rt.cpan.org 13392
This was a little tricky as I think that the sort functions are in
fact RR specific class attributes that should be accessed through
class methods. This is difficult to implement. I do think I found a
fairly clean manner. It does require a global variable in Net::DNS
to store the functions and some trickery when the sorting functions
are defined.
See Net::DNS and Net::DNS::RR documentation for details.
Defaults sorting functions are currently implemented in
SRV: default sort: low priority to high priority and for
same preference highest weight first.
weight: sort all RRs based on weight, highest first
priority: see default sort
MX: default sort: lowest preference first.
preference: see default sort
NAPTR: default sort: lowest to highest order, for same order lowest
preference first
order: see default sort
preference: order on preference, lowest first
PX: See MX
RT: See MX
Fix rt.cpan.org 14653 and 14049
TCP fallback after V6 socket failure
Reworked Net::DNS::Base::Nameserver::send_tcp() to fallback to IPv4 when
possible. (change applied to SVN Revision 538).
Feature Cleanup duplicated code
axfr_send() and send_tcp() contained some duplicated code. I merged
this in one "helper" method _create_tcp_socket()
Fix AXFR persistent sockets colliding with query sockets.
I think that using the same persistent sockets for AXFR and
'ordinary' queries could lead to race conditions. Better safe than
sorry. For axfrs we create a different set of persistent sockets.
Note that this prevents performing a SOA query first and then using
the same socket for the zone transfer itself(in Net::DNS these are
different code paths). This behavior of SOA and transfer on the
same socket-- seems to be suggested by 1035 section 4.2.2:
"In particular, the server should allow the SOA and AXFR request
sequence (which begins a refresh operation) to be made on a
single connection."
Obviously, on the client side this behavior is not mandatory.
Fix rt.cpan.org 17596
The fixes and features above also fixed the timeout problem reported by
Paul Hofman
Profiling
It turned out that each time we were calling
Net::DNS::Resolver::Base::nameserver(); We were creating a
resolver object. Now a resolver object is only called when a
domain name is given as argument.
**** 0.55 December 14, 2005
Fix Inconsistency in test
There was an inconsistency in the t/05-rr.t that got triggered by
the release of Net::DNS::SEC version 0.13 (when installed). That
has been fixed.
Feature Net::DNS::Nameserver loop_once()
Uncommented the documentation of the loop_once() function and introduced
get_open_tcp() that reports if there are any open TCP sockets (useful
when using loop_once().
loop_once() itself was introduced in version 0.53_02
Fix rt.cpan.org 16392
TCP Sockets stayed open even if not requested. This may cause the kernel
to run out of TCP slots.
This bug is the reason for releasing version 0.55 shortly after 0.54.
Spotted and patched by Robert Felber.
*** 0.54 December 7, 2005
Fix rt.cpan.org 15947
Failure to bind a nameserver when specifying an IPv6 address.
Fix rt.cpan.org 11931
Using Net-DNS 0.53 on Win XP, it is unable to retrieve the
nameservers when the IP address of the interface is assigned by
DHCP. This is due to the DHCP assigned IP address being stored in
DhcpIPAddress rather than IPAddress (which is then 0.0.0.0). Adding
a check of DhcpIPAddress existence and not being 0.0.0.0 fixes the
problem. Applied the patch submitted by "orjan".
Fix rt.cpan.org 15119
main_loop() consumed 100% of CPU, because of a bug that
caused loop_once() to loop ad infinitum.
Fix rt.cpan.org 15299
Defining multiple constants with 'use constant { BLA => 1, FOO =>2 };
is a backwards incompatible feature. Thanks to Ian White for spotting and
fixing this.
*** 0.53_02 Oct 18, 2005
Fix rt.cpan.org 14046
RRSIGs verify and create failed for a number of RR types. The
error message showed something like:
Can't call method "dn_comp" on an undefined value
This was caused by an omission in the _canonicalRdata() method
in Net::DNS::RR that was inherited by all failing RR types.
Code was added to t/05-rr.t that will test signature creation
if Net::DNS::SEC is available and can be loaded.
Feature async nameserver behaviour.
In rt.cpan.org 14622 Robert Stone suggested:
The fact that it needs to take over the main running thread
limits its audience. Since many daemon programs are already
driven by a top level select loop, it seems useful to provide an
API for the user to integrate Net::DNS::Nameserver processing to
their own select loop.
He also supplied example code for which he is hereby acknowledged.
The patch was not used because simultaneously Robert Martin-Legène
supplied a patch to Nameservers.pm that allowed the same async
functionality through the use of loop_once method. Robert M-L's
code also carefully manages the TCP sockets, so that they can
deal with AXFRs.
Robert S. has been so kind to review Robert M-L's code and is hereby
kindly acknowledged.
NB. Since the code may be subject to change the documentation of the
loop_once method has been commented out.
Fix bgsend srcaddr for IPv6 Achim Adam previously noticed that the
source address wildard "::" works provides better portability than
"0". We forgot to fix the bgsend() part earlier.
Fix rt.cpan.org 14624
Fixed documentation of Nameserver.pm Replyhandler and fixed a bug
that prevented the peerhost to be set.
Fix rt.cpan.org 14700
mistyped _name2wire helper function name. Noticed and patched by Simon
Josefsson.
Fix rt.cpan.org 13944
Terminating dot not printed when printing SRV record. The SRV dname should
be printed as FQDN, that is, including the dot at the end.
Acknowledgments Jakob Schlyter.
While adding the "dot" I noticed that in the fileformat parsing code
there might be theoretical corner cases where rdata elements are not
properly read. The code needs an audit for this.
Fix srcport for socket creation in bgsend method
Lionel Cons noted and patched a small bug in bgsocket creation code for
lib/Net/DNS/Resolver/Base.pm
*** 0.53_01 July 31, 2005
Fix rt.cpan.org 13809
"Phar" noted that the peerhost is never passed to the make_reply function
in nameserver.pm and provided the trivial patch.
Fix rt.cpan.org 13922
Fixed a problem with persistent TCP sockets which was introduced
because of using the address family as an index to the array of
persistent sockets.
Used AF_UNSPEC for the array index for the TCP socket; just to choose
a number. The key to the persistent sockets is the remote nameserver:port
combination.
Acknowledgments to Mike Mitchell for reporting the bug and testing
the solution.
Feat t/01-resolve will not try to do tests from private IP space; hopefully
that cuts down on the number of false positives.
*** 0.53 July 22, 2005
Fix rt.cpan.org 13669
Danny Thomas provided a somewhat more elegant line of code for the
typesbyval regexp.
Fix rt.cpan.org 13534
Net::DNS::Resolver::Recurse would bail out when it happened to run
into lame servers.
Doc rt.cpan.org 13387
Documented the BUG caught by Robert Martin-Legène
Net::DNS::Nameserver running with multiple IP interfaces might
violate section 4 of RFC2181.
Fix IPv6 on AIX
Binding to the local interface did not work when local address was
specified as "0" instead of "::". The problem was identified,
reported and fixed by Achim Adam.
Fix rt.cpan.org 13232
One uncaught AF_INET6.
*** 0.52 July 1, 2005
Feature
Net::DNS::RR::OPT
added the the size(), do(),set_do() and clear_do() methods.
*** 0.51_02 June 22, 2005
Fix rt.cpan.org 13297
Persistent_udp option broken starting in version 0.50.
This was fixed, based on a patch by Sidney Markowitz.
Guido van Rooij independently submitted a similar patch.
Fix rt.cpan.org 13289
Was caused by a typo.
Fix rt.cpan.org 13243 and 13191
The escaped characters test failed on some system because the
the systems dn_expand instead of the supplied dn_expand
was used after the makemaker magic linked DNS.xs.
This was fixed by renaming the dn_expand that comes with the
library to netdns_dn_expand.
Fix rt.cpan.org 13239:
When queries are refused the resolver would not take the next
nameserver on the nameserver list for its next try but skip one.
I was also made aware that the "use byte" pragma is incompatible
with pre 5.06 perl.
BEGIN {
eval { require bytes; }
}
It should be noted that for perl versions < 5.006 I had to disable
the escaped character test. Don't expect domain names with labels
that contain anything else than host names to work for versions
earlier than perl 5.6.0.
Thanks to Vladimir Kotal for the assistance in testing the code on
his system and the members of the NL-PM list for suggestions and
education.
*** 0.51_01 June 14, 2005
Fix rt.cpan.org 13232:
Replaced IF_INET6 by IF_INET6() so that use strict subs does not
complain in the absence of a definition of IF_INET6 in earlier
versions perl that did not have IF_INET6 defined in Socket.pm
The problem is similar to the problem described in:
http://lists.ee.ethz.ch/mrtg-developers/msg00198.html
*** 0.51 June 10, 2005
Fix rt.cpan.org 13184:
Removed a 'stale' debug line (oops). A "stale" debug line may
cause clutter in log files which may cause false positives on log
analysis tools. Harmful enough to warrant a quick patch.
*** 0.50 June 8, 2005
No changes with respect to 0.49_03.
*** 0.49_03 June 1, 2005 (Version 0.50 release candidate 3)
Fix:
Concatenation of scalars caused modification of data because of
Perl's habit to treat scalars as utf characters instead of bytes.
Inserted use bytes pragma throughout the code base. DNS is done
in octets.
Feature:
Added "ignqrid" as an attribute to the Resolver.
use as:
ok (my $res=Net::DNS::Resolver->new(nameservers => ['127.0.0.1'],
port => 5354,
recurse => 0,
igntc => 1,
ignqrid => 1,
),
When the attribute is set to a non-zero value replies with the
qr bit clear and replies with non-matching query ids are
happily accepted. This opens the possibility to accept spoofed
answers. YOU CAN BURN YOURSELF WITH THIS FEATURE.
It is set to 0 per default and remains, except for this changes file
an undocumented feature.
*** 0.49_02 May 28, 2005 (Version 0.50 release candidate 2)
Fix: Smoking Gun tests for non-cygwin Win32.
Makefile.PL failed to produce a proper Makefile under win32.
(e.g. www,nntp.perl.org/group/perl.cpan.testers/210570)
I worked around that by moving the library into the base
directory of the distribution as the "subdir" section
seemed to be all funny.
Fix: rt.cpan.org#11931 (the off-topic part)
Sidney Markowitz spotted an awkward condition that rarely happens but is
significant enough to be dealt with.
In the send_udp method there are two loops: one over the nameservers
and one that waits for the sockets to come forward with data.
That second loop will sometimes timeout and then be entered with a
repeated query to the same nameserver. It occasionally happens that the
old packet arrives on the socket. That packet is discarded but the
loop does not return to the loop to wait for the remainder of the
timeout period for an answer on the second query, that may still arrive.
This has now been fixed.
Thanks to Sidney for the assessment of the problem and the fix.
*** 0.49_01 (Version 0.50 release candidate 1)
Fix: Makefile.PL: Minor tweak to recognize Mac OS X 10.4 not so relevant
since netdnslib is distributed with the code.
Feature: Calling the Net::DNS::Resolver::dnssec method with a non-zero
argument will set the udppacketsize to 2048. The method will
also carp a warning if you pass a non-zero argument when
Net::DNS::SEC is not installed.
Feature: IPv6 transport support
IPv6 transport has been added to the resolver and to the
nameserver code.
To use IPv6 please make sure that you have IO::Socket::INET6 version
2.01 or later installed.
If IPv6 transport is available Net::DNS::Resolver::Recurse will make
use of it (picking randomly between IPv4 and IPv6 transport) use
the force_v4() method to only force IPv4.
Feature: Binary characters in labels
RFC 1035 3.1:
Domain names in messages are expressed in terms of a sequence of
labels. Each label is represented as a one octet length field
followed by that number of octets. Since every domain name ends
with the null label of the root, a domain name is terminated by a
length byte of zero. The high order two bits of every length octet
must be zero, and the remaining six bits of the length field limit
the label to 63 octets or less.
Unfortunately dname attributes are stored strings throughout
Net::DNS. (With hindsight dnames should have had their own class
in which one could have preserved the wire format.).
To be able to represent all octets that are allowed in domain
names I took the approach to use the "presentation format" for
the attributes. This presentation format is defined in RFC 1035
5.1.
I added code to parse presentation format domain names that has
escaped data such as \ddd and \X (where X is not a number) to
wireformat and vice verse. In the conversion from wire format to
presentation format the characters that have special meaning in a
zone file are escaped (so that they can be cut-n-pasted without
pain).
These are " (0x22), $ (0x24), (0x28), ) (0x29), . (0x2e) , ;
(0x3b), @ (ox40) and \ (0x5c). The number between brackets
representing the ascii code in hex.
Note that wherever a name occurs as a string in Net::DNS it is
now in presentation format.
For those that dealt with 'hostnames' (subset of all possible
domain names) this will be a completely transparent change.
Details:
I added netdnslib which contains Net::DNS's own dn_expand. Its
implemented in C and the source is a hodgepodge of Berkeley based
code and snippets from ISC's bind9 distribution. The behavior, in
terms of which chars are escaped, is similar to bind9.
There are some functions added to DNS.pm that do conversion from
presentation and wire format and back. They should only be used
internally (although they live in EXPORT_OK.)
For esoteric test cases see t/11-escapedchars.t.
Fix: rt.cpan.org #11931
Applied the patch suggested by "Sidney". It is a practical workaround
that may not be portable to all versions of the OS from Redmond. See
the ticket for details.
*** 0.49 March 29, 2005
No changes wrt 0.48_03.
*** 0.48_03 March 22, 2005 (Version 0.49 release candidate 3)
Fix: Only remove leading zeros in the regular expressions for typesbyval
and classbyval methods. (patch by Ronald v.d. Pol)
Fix: Properly return an empty array in the authority, additional and answer
methods (patch by Ronald v.d. Pol)
Fix: rt.cpan.org #11930
Incorrect searchlist duplication removal in Net::DNS::Resolver::Win32
Patch courtesy Risto Kankkunen.
Problem: rt.cpan.org #11931
Win32.pm used the DNSRegisteredAdapters registry key to determine which
local forwarders to send queries to. This is arguably the wrong key as it
is used to identify the server which to send dynamic updates to.
A real fix for determining the set of nameservers to query has not been
implemented. For details see
https://rt.cpan.org/Ticket/Display.html?id=11931
*** 0.48_02 March 14, 2005 (Version 0.49 release candidate 2)
Fix: Bug report by Bernhard Schmidt (concerning a bug on the IPv6 branch).
The bug caused dname compression to fail and to create
compression pointers causing loops.
*** 0.48_01 March 7, 2005 (Version 0.49 release candidate 1)
Fix: rt.cpan.org #8882
No redundant lookups on SERVFAIL response
and #6149
Does not search multiple DNS servers
Net::DNS::Resolver will now use the other nameservers in the
list if the RCODE of the answer is not NO ERROR (0) or NAME
ERROR (3). When send() exhausted the last nameserver from the it
will return the answer that was received from the last
nameserver that responded with an RCODE.
The error string will be set to "RCODE: <rcode from last packet>"
Fix: rt.cpan.org #8803
TXT records don't work with semicolons
Since we are expecting presentation format at input a comment
will need to be escaped ( \; ).
It could be argued that this is a to strict interpretation of
1035 section 5.1.
While working on this I discovered there are more problems with
TXT RRs. e.g.; '0100' (a character string content represented in
hex) is a perfectly legal and should be represented as "\000" in
presentation format. Net::DNS does pass character strings with
"non-ASCII" chars from the wire to the char_str_lst array but
the print functions do not properly escape them when printing.
Some tests with TXT RRs added to 07-misc.t
Properly dealing with zone file presentation format and binary
data is still to be done.
Fix: rt.cpan.org Ticket #8483
eval tests for DNS::RR::SIG fail when using a die handler
(Thanks Sebastiaan Hoogeveen)
Patch applied.
Fix: rt.cpan.org: Ticket #8608
Net::DNS::Packet->data makes incorrect assumptions
Implemented the "pop" method for the question.
Since having a qcount that is not 1 is somewhat rare (it appears
in TCP AXFR streams) the ability to pop the answer from a question
has not been documented in the "pod"
Also fixed the incorrect assumption.
(Thanks Bruce Campbell.)
Fix: Ticket #11106
Incorrect instructions in README
Corrected in the README and in Makefile.PL
Olaf Kolkman took over maintenance responsibility from Chris
Reinardt. This involved importing the code into another subversion
repository. I made sure the numbers jumped, but I did not have access
to the "original" subversion repository so I lost some of the history.
*** 0.48_01 March 2005 (Version 0.49 release candidate 1)
Fix: rt.cpan.org #8882
No redundant lookups on SERVFAIL response
and #6149
Does not search multiple DNS servers
Net::DNS::Resolver will now use the other nameservers in the
list if the RCODE of the answer is not NOERROR (0) or NXDOMAIN
(3). When send() exhausted the last nameserver from the it will
return the answer that was received from the last nameserver
that responded with an RCODE.
The errorstring will be set to "RCODE: <rcode from last packet>"
Fix: rt.cpan.org #8803
TXT records don't work with semicolons
Since we are expecting "zonefile" presentation at input
a comment will need to be escaped ( \; ).
It could be argued that this is a to strict interpretation of
1035 section 5.1.
While working on this I discovered there are more problems with
TXT RRs. Eg; 0100 is a perfectly legal character string that
should be represented as "\000" in a zonefile. Net::DNS does
pass character strings with "non-ASCII" chars from the wire
to the char_str_lst array but the print functions do not
properly escape them when printing.
Properly dealing with zonefile presentation format and binary
data is still to be done.
Fix: rt.cpan.org Ticket #8483
eval tests for DNS::RR::SIG fail when using a die handler
(Thanks Sebastiaan Hoogeveen)
Patch applied.
Fix: rt.cpan.org: Ticket #8608
Net::DNS::Packet->data makes incorrect assumptions
Implemented the "pop" method for the question.
Since having a qcount that is not 1 is somewhat rare (it appears
in TCP AXFR streams) the ability to pop the answer from a question
has not been documented in the "pod"
Also fixed the incorrect assumption.
(Thanks Bruce Campbell.)
Fix: Ticket #11106
Incorrect instructions in README
Corrected in the README and in Makefile.PL
Olaf Kolkman took over maintenance responsibility from Chris
Reinardt. This involved importing the code into another subversion
repository. I made sure the numbers jumped, but I did not have access
to the "original" subversion repository so I lost some of the history.
>>>>>>> .merge-right.r260
*** 0.48 Aug 12, 2004
Net::DNS is now stored in a subversion repository, replacing cvs.
As such the submodule version numbers have taken another big jump.
Luckily those numbers don't matter as long as they work.
Fixed a bug with Unknown RR types that broke zone signing [Olaf].
Added callback support to Net::DNS::Resolver::Recurse. The
demo/trace_dns.pl script demonstrates this.
Added a note regarding answers with an empty answer section to the
Net::DNS::Resolver::search() and Net::DNS::Resolver::query()
documentation.
The copyright notice for Net::DNS::RR::SSHFP was incorrect. That file
is Copyright (c) 2004 RIPE NCC, Olaf Kolkman.
*** 0.47_01 May 6, 2004
** NOTICE **
RR subclasses no longer pull in parts of Net::DNS; Net::DNS is assumed
to be up and running when the subclass is compiled. If you were using a
RR subclass directly, this may break your code. It was never documented
that you could use them directly however, so hopefully you never did...
Fixed bug where SRV records with a priority of 0 did not function
correctly. CPAN #6214
Calls to various constants where using the &NAME syntax, which is not
inlined. Changed to NAME().
Added SSHFP support. [Olaf]
CERT fixes. [Olaf]
*** 0.47 April 1, 2004
safe_push() is back in Net::DNS::Packet, due to the excellent debate
skills of Luis E Monoz. However, the name safe_push() is deprecated,
use the new name unique_push() instead.
Fixed a bug in Net::DNS::Nameserver which caused the class to build
packets incorrectly in some cases. [Ask Bjorn Hansen]
Error message cleanups in Net::DNS::typesbyname()
and Net::DNS::typesbyval() [Ask Bjorn Hansen]
Net::DNS::RR::new_from_hash() now works with unknown RR types [Olaf].
*** 0.46 February 21, 2004
IPv6 reverse lookups can now be done with Net::DNS::Resolver::search(),
as well as with query().
Hostnames can now be used in the 'nameservers' argument to
Net::DNS::Resolver->new()
*** 0.45_01 February 9, 2004
Net::DNS now uses UDP on windows.
Removed Net::DNS::Select from the package. IO::Select appears to work
on windows just fine.
Fixed a bug that caused MXes with a preference of 0 to function
incorrectly, reported by Dick Franks.
Net::DNS had a few problems running under taint mode, especially under
cygwin. These issues have been fixed. More issues with taint mode may
lay undiscovered.
Applied Matthew Darwin's patch added support for IPv6 reverse lookups to
Net::DNS::Resolver::query.
*** 0.45 January 8, 2004
No changes from 0.44_02.
** 0.44_02 January 3, 2004
The XS detection code was broken. We actually use the XS bits now.
Major cleanups/optimizations of the various RR subclasses. This release
of Net::DNS is over twice as fast at parsing dns packets as 0.44.
** NOTICE **
$rr->rdatastr no longer returns '; no data' if the RR record has no
data. This happens in $rr->string now.
Net::DNS::Packet::safe_push() no longer exists. The method is now only
available from Net::DNS::Update objects.
** 0.44_01 January 3, 2004
Net::DNS::RR objects were not playing nice with Storable, this caused
the axfr demo script to fail. Thanks to Joe Dial for the report.
** NOTICE **
This may cause RR objects that are already serialize to not deserialize
correctly.
Reply handlers in Net::DNS::Nameserver are now passed the query object.
Fixed a nasty bug in Nameserver.pm related to the qr bit. As Olaf
explained:
Replies are sent if the query has its "qr" bit set. The "qr" bit is an
indication that the packet is sent as a response to a query. Since
there are more implementations that suffer from this bug one can cause
all kinds of nasty ping-pong loops by spoofing the initial packet or
have an infinite query loop by spoofing a query from the localhost:53
address.
Various Win32/Cygwin cleanups from Sidney Markowitz.
*** 0.44 December 12, 2003
The Wrath of CPAN Release.
CPAN.pm doesn't understand the nature of revision numbers. 1.10 is
newer than 1.9; but CPAN.pm treats them as floats. This is bad.
All the internal version numbers in Net::DNS have been bumped to
2.100 in order to fix this.
No actual code changes in this release.
*** 0.43 December 11, 2003
Added warning of deprecation of Net::DNS::Packet::safe_push. This will
move into Net::DNS::Update, as Net::DNS::Update is now a proper subclass
of Net::DNS::Packet.
** 0.42_02 December 11, 2003
Fixed a long standing bug with zone transfers in the "many-answers" format.
CPAN #1903.
Added the '--online-tests' flag to Makefile.PL. This activates the online
tests without asking the user interactively. "--no-online-tests" turns
the tests off.
Cleaned up Makefile.PL a little. The "--pm" flag is now deprecated, use
"--no-xs" instead.
Added support for unknown RR types (rfc3597). Note for developers: the
typesbyname, typesbyval, classesbyname and classesbyval hashes should
not be used directly, use the same named wrapper functions
instead. [Olaf Kolkman]
Added two hashes for administrative use; they store which types are
qtypes and metatypes (rfc2929). [Olaf Kolkman]
** 0.42_01 November 30, 2003
Major work to get Net::DNS functioning properly on Cygwin by Sidney
Markowitz.
Fixed a bug in Net::DNS::Nameserver's error handling. CPAN #4195
*** 0.42 October 26, 2003
Fixed compilation problems on panther (Mac OS 10.3).
Fixed a bug in Net::DNS::Resolver::Recurse which allowed an endless
loop to arise in certain situations. (cpan #3969, patch
by Rob Brown)
Applied Mike Mitchell's patch implementing a persistent UDP socket.
See the Net::DNS::Resolver documentation for details.
*** 0.41 October 3, 2003
Added some documentation about modifying the behavior of Net::DNS::Resolver.
** 0.40_01 September 26, 2003
Fixed some uninitialized value warnings when running under windows.
Fixed a bug in the test suite that caused 00-version.t to fail with
certain versions of ExtUtils::MakeMaker. Thanks to David James, Jos
Boumans and others for reporting it.
Reply handlers in Net::DNS::Nameserver are now passed the peerhost.
(Assen Totin <assen@online.bg>)
Reply handlers in Net::DNS::Nameserver can now tweak the header bits
that the nameserver returns. [Olaf]
The AD header bit is now documented, and twiddlable. [Olaf]
The change log has been trimmed, entries for versions older than 0.21
have been removed.
** NOTICE **
Net::DNS::Resolver::axfr_old() has been removed from the package.
An exception will be thrown if you attempt to use this method. Use
axfr() or axfr_start() instead.
*** 0.40 September 1, 2003
Various POD tweaks.
** 0.39_02 August 28, 2003
Net-DNS-SEC updates, seems that IETF has been busy redefining DNSSEC.
[Olaf]
Added version to all the modules in the distribution.
** 0.39_01 August 12 2003
Added a META.yaml. The crystal ball says an upgrade to Module::Install may
be coming soon.
Changed how the versions of the various submodules were set. The CPAN
indexer cannot execute "$VERSION = $Net::DNS::VERSION". The single line
with the $VERSION assignment is pulled out of the file and eval'ed; at
that time, Net::DNS is not loaded. The submodules now pull their version
numbers out of CVS.
*** 0.39 August 7 2003
Fixed a bug on Win32 where some machines separated lists with commas,
not whitespace. Thanks to Jim White for pointing it out.
** 0.38_02 July 29 2003
Reworked the POD for Net::DNS::Resolver.
When parsing resolver configuration files, IPv6 addresses are now skipped,
as Net::DNS does not yet have IPv6 support.
** 0.38_01 Jun 22 2003
Broke Net::DNS::Resolver into separate classes. UNIX and Win32
classes are currently implemented. Many of the globals in
Net::DNS::Resolver no longer exist. They were never documented
so you never used them.... right?
Options to Net::DNS::Resolver->new() are now supported, including
using your own configuration file. See the Net::DNS::Resolver man
page for details.
Tweaked Net::DNS::RR::TXT to fail more gracefully when the quotes
in the data section are not balanced.
Add more tests (of course).
Moved next_id() from Resolver.pm to Header.pm (which is where it is
used).
Net::DNS::Select now uses $^O directly, this means that the second
argument to Net::DNS::Select::new() (the OS) is now ignored.
*** 0.38 Jun 5 2003
Various buglets fixed in the new Makefile.PL.
Use Dynaloader instead of XSLoader. Turns out that XSLoader is only
in more recent perls.
Added deprecation warning to Net::DNS::Resolver::axfr_old().
HP-UX fixes [cpan #2710], I don't have the name of the reporter/patcher.
*** 0.37 May 28 2003
Renamed the test C file to compile.c, test.c was confusing the 'make test'
target.
*** 0.36 May 28 2003
Removed Rob Brown's RPM stuff. Something odd happened in the 0.35 tarball
and at the moment I don't have the time to investigate.
*** 0.35 May 26 2003
POD fixes, added tests for POD.
*** 0.34_03 May 22 2003
Reworked Makefile.PL to try and detect if you have a working C compiler.
Added '--pm' and '--xs' command line options to Makefile.PL
Fixed linking problem on linux.
Tie::DNSHash removed from the package, see Tie::DNS from CPAN for a more
complete implementation of a DNS hash.
*** 0.34_02 May 21 2003
Net::DNS::Packet::dn_expand is now implemented using the function of the
same name from libresolv. This method of decompressing names is around
twice as fast as the perl implementation.
Applied Jan Dubois's patch to fix nameserver lookup on Windows 2000/95/98/ME.
*** 0.34 6 Mar 2003
Applied David Carmean's patch for handling more than one string in a
TXT RR's RDATA section.
Applied Net::DNS::Resolver::Recurse bug fixes from Rob Brown.
Added check of the answer's rcode in Net::DNS::Resolver::axfr_next().
Applied Kenneth Olving <kenneth.olving@eoncompany.com> Windows changes.
Applied patch from Dan Sully (daniel@electricrain.com) allowing multiple
questions to be part of a DNS packet.
*** 0.33 8 Jan 2003
Fixed 00-load.t to skip the Net::DNS::SEC modules. The test suite
should now pass if you have Net::DNS::SEC installed.
Fixed the regular expression in RR.pm to comply with the RFCs, turns
out we were _too_ paranoid. [Olaf]
*** 0.32 5 Jan 2003
Various cleanups for perl 5.004. Thanks to nathan@anderson-net.com
([cpan #1847])
Applied Olaf's SIG patch (thanks as always).
Win32 now looks at the environment variables when building the
configuration defaults. Thanks to net-dns-bug@oak-wood.co.uk
(That's the only name I have... [cpan #1819])
Added Rob Brown's Net::DNS::Resolver::Recurse module.
*** 0.31 17 Nov 2002
Applied Olaf's patch for an initialization bug in OPT.pm
Applied Rob Brown's patch for udp timeouts.
Added stuff from Rob Brown for making RPM creation easier.
Fixed a typo in FAQ.pod that was making apropos and whatis
grumpy. Thanks to Florian Hinzmann for pointing it out and a patch.
*** 0.30 7 Nov 2002
Applied Andrew Tridgell's (tridge@samba.org) patch for TKEY support.
Added Net::DNS::Packet->safe_push() to allow for automatically
checking for duplicate RRs being pushed into a packet. Inspired by Luis
Munoz.
Added more tests.
*** 0.29 2 Oct 2002
Fixed $_ from creeping out of scope in Resolver.pm. Thanks to
Ilya Martynov for finding the problem and the patch to fix it.
Fixed divide by zero bug there is no usable network interface(s).
Thanks to twilliams@tfcci.com, misiek@pld.ORG.PL (and one other
person that I can't seem to find the address of) for reports.
*** 0.28 20 Aug 2002
Fixed a bug in the new AUTOLOAD routines that made it impossible to set
attributes to '0'.
Fixed a bug in the RR patch that broke many updates.
*** 0.27 15 Aug 2002
Added (untested) support for perl 5.004.
We now allow whitespace at the beginning of a RR.
Fixed an issue that gave Net::DNS::SEC problems, %Net::DNS::RR::RR is now
in a scope that the Net::DNS::SEC hook can see it from.
Fixed SRV records.
Fixed debug message in Net::DNS::Resolver::bgread().
*** 0.26 5 Aug 2002
Fixed various bugs in the test suite.
Fixed warning in Net::DNS::RR::AUTOLOAD with perl 5.005.
---
Olaf Kolkman <olaf@net-dns.org>
Chris Reinhardt
Michael Fuhr