| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
* Moved the "ping?" and "pingecho" aliases to the `Ping` superclass.
* Fix issue #8 (the specification for net-ping-2.0.0 has corupped).
|
|
=== Net::LDAP 0.15.0
* Respect connect_timeout when establishing SSL connections {#273}[https://github.com/ruby-ldap/ruby-net-ldap/pull/273]
|
|
*1.3.3
* Add support for DHCP Subnet Selection Option 0x76 (https://github.com/mjtko/net-dhcp-ruby/pull/12) [elibus]
|
|
# Change Log
## [v0.5.20160615](https://github.com/knu/ruby-domain_name/tree/v0.5.20160615) (2016-06-16)
[Full Changelog](https://github.com/knu/ruby-domain_name/compare/v0.5.20160310...v0.5.20160615)
- Always set `@domain` to avoid a warning when `$VERBOSE` is on
- Update the eTLD database to 2016-06-15T16:22:11Z
## [v0.5.20160310](https://github.com/knu/ruby-domain_name/tree/v0.5.20160310) (2016-03-17)
[Full Changelog](https://github.com/knu/ruby-domain_name/compare/v0.5.20160309...v0.5.20160310)
- Update development dependencies for obsolete rubies
- Update the eTLD database to 2016-03-10T21:22:02Z
|
|
## v1.59.3
* Output TXT record multiple strings correctly
* NONE class encoding fix
* only add name labels if there are any
|
|
## Changes Between 1.5.x and 1.6.0 (Apr 4th, 2016)
### amq-protocol Update
Minimum `amq-protocol` version is now `2.0.1`.
### Provide More Details in TCP Connection Failure Exception
Contributed by Neil Hooey.
GH issue: [#222](https://github.com/ruby-amqp/amqp/issues/222).
### Ensures frameset is cleared after an unhandled exception
Ensures frameset is cleared after an unhandled exception.
This avoids confusing exceptions such as
```
undefined method `method_class' for #<AMQ::Protocol::BodyFrame:0x0000001e8a60b0>
```
Contributed by Michael Lutsiuk.
GH issue: [#218](https://github.com/ruby-amqp/amqp/issues/218)
|
|
Upstream changes:
* UserStream connection is timed out when no tweet is received for
certain seconds
* crashed by likes
* no crash by fav'ed
|
|
Upstream changes:
1.016 Fri Sep 23 11:11:25 PDT 2016
add PREREQUISITE section to Interface.pm documentation
add FATAL warning in Makefile.pl for missing /usr/include/sys files
1.015 Wed Sep 21 16:56:55 PDT 2016
update copyright date in documentation
1.014 Tue Sep 21 13:24:30 PDT 2016
Interface.xs change MTU mask from 'ffff' to '1ffff'
to accomodate mtu = 65536
netsymbols.pl add %unique and cleanslurp() to 'IFFs' processing
restructured to run internal code into subroutine
1.013 not released
see Makefile.PL
--- Net-Interface-1.012/Makefile.PL Sun Mar 8 13:18:20 2009
+++ Makefile.PL Wed May 12 16:18:04 2010
@@ -78,6 +78,11 @@
unless ($oldstuff =~ m|$addflags{$_}|) {
$oldstuff .= $addflags{$_};
}
+# fix up issue with memcpy, bug 57413
+ if ($KEY eq 'CCFLAGS') {
+ $oldstuff .= ' ' if $oldstuff && $oldstuff !~ / $/;
+ $oldstuff .= '-D_FORTIFY_SOURCE=0';
+ }
$cfgstrg .= qq|$KEY="$oldstuff" |
|
|
ok pettai@
Changes:
Nmap 7.30 [2016-09-29]
Integrated all 12 of your IPv6 OS fingerprint submissions from June to September. No new groups, but several classifications were strengthened, especially Windows localhost and OS X. [Daniel Miller]
[NSE] Added 7 NSE scripts, from 3 authors, bringing the total up to 541! They are all listed at https://nmap.org/nsedoc/, and the summaries are below (authors are listed in brackets):
[GH#369] coap-resources grabs the list of available resources from CoAP endpoints. [Mak Kolybabi]
fox-info retrieves detailed version and configuration info from Tridium Niagara Fox services. [Stephen Hilt]
ipmi-brute performs authentication brute-forcing on IPMI services. [Claudiu Perta]
ipmi-cipher-zero checks IPMI services for Cipher Zero support, which allows connection without a password. [Claudiu Perta]
ipmi-version retrieves protocol version and authentication options from ASF-RMCP (IPMI) services. [Claudiu Perta]
[GH#352] mqtt-subscribe connects to a MQTT broker, subscribes to topics, and lists the messages received. [Mak Kolybabi]
pcworx-info retrieves PLC model, firmware version, and date from Phoenix Contact PLCs. [Stephen Hilt]
Upgraded Npcap, our new Windows packet capturing driver/library, from version to 0.09 to 0.10r2. This includes many bug fixes, with a particular on emphasis on concurrency issues discovered by running hundreds of Nmap instances at a time. More details are available from https://github.com/nmap/npcap/releases. [Yang Luo, Daniel Miller, Fyodor]
New service probes and match lines for DTLS, IPMI-RMCP, MQTT, PCWorx, ProConOS, and Tridium Fox, [Stephen Hilt, Mak Kolybabi, Daniel Miller]
Improved some output filtering to remove or escape carriage returns ('\r') that could allow output spoofing by overwriting portions of the screen. Issue reported by Adam Rutherford. [Daniel Miller]
[NSE] Fixed a few bad Lua patterns that could result in denial of service due to excessive backtracking. [Adam Rutherford, Daniel Miller]
Fixed a discrepancy between the number of targets selected with -iR and the number of hosts scanned, resulting in output like "Nmap done: 1033 IP addresses" when the user specified -iR 1000. [Daniel Miller]
Fixed a bug in port specification parsing that could cause extraneous 'T', 'U', 'S', and 'P' characters to be ignored when they should have caused an error. [David Fifield]
[GH#543] Restored compatibility with LibreSSL, which was lost in adding library version checks for OpenSSL 1.1. [Wonko7]
[Zenmap] Fixed a bug in the Compare Scans window of Zenmap on OS X resulting in this message instead of Ndiff output:
ImportError: dlopen(/Applications/Zenmap.app/Contents/Resources/lib/python2.7/lib-dynload/datetime.so, 2): no suitable image found. Did find:
/Applications/Zenmap.app/Contents/Resources/lib/python2.7/lib-dynload/datetime.so: mach-o, but wrong architecture
Reported by Kyle Gustafson. [Daniel Miller]
[NSE] Fixed a bug in ssl-enum-ciphers and ssl-dh-params which caused them to not output TLSv1.2 info with DHE ciphersuites or others involving ServerKeyExchange messages. [Daniel Miller]
[NSE] Added X509v3 extension parsing to NSE's sslcert code. ssl-cert now shows the Subject Alternative Name extension; all extensions are shown in the XML output. [Daniel Miller]
Nmap 7.25BETA2 [2016-09-01]
[GH#376] Windows binaries are now code-signed with our "Insecure.Com LLC" SHA256 certificate. This should give our users extra peace-of-mind and avoid triggering Microsoft's ever-increasing security warnings.
[NSE] Upgraded NSE to Lua 5.3, adding bitwise operators, integer data type, a utf8 library, and native binary packing and unpacking functions. Removed bit library, added bits.lua, replaced base32, base64, and bin libraries. [Patrick Donnelly]
[NSE] Added 2 NSE scripts, bringing the total up to 534! They are both listed at https://nmap.org/nsedoc/, and the summaries are below:
oracle-tns-version decodes the version number from Oracle Database Server's TNS listener. [Daniel Miller]
clock-skew analyzes and reports clock skew between Nmap and services that report timestamps, grouping hosts with similar skews. [Daniel Miller]
Integrated all of your service/version detection fingerprints submitted from January to April (578 of them). The signature count went up 2.2% to 10760. We now detect 1122 protocols, from elasticsearch, fhem, and goldengate to ptcp, resin-watchdog, and siemens-logo. [Daniel Miller]
Upgraded Npcap, our new Windows packet capturing driver/library, from version 0.07-r17 to 0.09. This includes many improvements you can read about at https://github.com/nmap/npcap/releases.
[Nsock][GH#148] Added the new IOCP Nsock engine which uses the Windows Overlapped I/O API to improve performance of version scan and NSE against many targets on Windows. [Tudor Emil Coman]
[GH#376] Windows binaries are now code-signed with our "Insecure.Com LLC" SHA256 certificate. This should give our users extra peace-of-mind and avoid triggering Microsoft's ever-increasing security warnings.
Various performance improvements for large-scale high-rate scanning, including increased ping host groups, faster probe matching, and ensuring data types can handle an Internet's-worth of targets. [Tudor Emil Coman]
[NSE] Added the oracle-tns-version NSE script which decodes the version number from Oracle Database Server's TNS listener. https://nmap.org/nsedoc/scripts/oracle-tns-version.html [Daniel Miller]
[NSE] Added the clock-skew NSE script which analyzes and reports clock skew between Nmap and services that report timestamps, grouping hosts with similar skews. https://nmap.org/nsedoc/scripts/clock-skew.html [Daniel Miller]
[Zenmap] Long-overdue Spanish language translation has been added! Muy bien! [Vincent Dumont, Marta Garcia De La Paz, Paulino Calderon, Patricio Castagnaro]
[Zenmap][GH#449] Fix a crash when closing Zenmap due to a read-only zenmap.conf. User will be warned that config cannot be saved and that they should fix the file permissions. [Daniel Miller]
[NSE] Fix a crash when parsing TLS certificates that OpenSSL doesn't support, like DH certificates or corrupted certs. When this happens, ssl-enum-ciphers will label the ciphersuite strength as "unknown." Reported by Bertrand Bonnefoy-Claudet. [Daniel Miller]
[NSE][GH#531] Fix two issues in sslcert.lua that prevented correct operations against LDAP services when version detection or STARTTLS were used. [Tom Sellers]
[Zenmap] Long-overdue Spanish language translation has been added! Muy bien! [Vincent Dumont, Marta Garcia De La Paz, Paulino Calderon, Patricio Castagnaro]
[GH#426] Remove a workaround for lack of selectable pcap file descriptors on Windows, which required including pcap-int.h and locking us to a single version of libpcap. The new method, using WaitForSingleObject should work with all versions of both WinPcap and Npcap. [Daniel Miller]
[NSE][GH#234] Added a --script-timeout option for limiting run time for every individual NSE script. [Abhishek Singh]
[Ncat][GH#444] Added a -z option to Ncat. Just like the -z option in traditional netcat, it can be used to quickly check the status of a port. Port ranges are not supported since we recommend a certain other tool for port scanning. [Abhishek Singh]
Fix checking of Npcap/WinPcap presence on Windows so that "nmap -A" and "nmap" with no options result in the same behaviors as on Linux (and no crashes) [Daniel Miller]
[NSE] ssl-enum-ciphers will now warn about 64-bit block ciphers in CBC mode, which are vulnerable to the SWEET32 attack.
[NSE][GH#117] tftp-enum now only brute-forces IP-address-based Cisco filenames when the wordlist contains "{cisco}". Previously, custom wordlists would still end up sending these extra 256 requests. [Sriram Raghunathan]
[GH#472] Avoid an unnecessary assert failure in timing.cc when printing estimated completion time. Instead, we'll output a diagnostic error message:
Timing error: localtime(n) is NULL
where "n" is some number that is causing problems. [Jean-Guilhem Nousse]
[NSE][GH#519] Removed the obsolete script ip-geolocation-geobytes. [Paulino Calderon]
[NSE] Added 9 new fingerprints for script http-default-accounts. (Motorola AP, Lantronix print server, Dell iDRAC6, HP StorageWorks, Zabbix, Schneider controller, Xerox printer, Citrix NetScaler, ESXi hypervisor) [nnposter]
[NSE] Completed a refresh and validation of almost all fingerprints for script http-default-accounts. Also improved the script speed. [nnposter]
[GH#98] Added support for decoys in IPv6. Earlier we supported decoys only in IPv4. [Abhishek Singh]
Various performance improvements for large-scale high-rate scanning, including increased ping host groups, faster probe matching, and ensuring data types can handle an Internet's-worth of targets. [Tudor Emil Coman]
[GH#484] Allow Nmap to compile on some older Red Hat distros that disable EC crypto support in OpenSSL. [Jeroen Roovers, Vincent Dumont]
[GH#439] Nmap now supports OpenSSL 1.1.0-pre5 and previous versions. [Vincent Dumont]
[Ncat] Fix a crash ("add_fdinfo() failed.") when --exec was used with --ssl and --max-conns, due to improper accounting of file descriptors. [Daniel Miller]
FTP Bounce scan: improved some edge cases like anonymous login without password, 500 errors used to indicate port closed, and timeouts for LIST command. Also fixed a 1-byte array overrun (read) when checking for privileged ports. [Daniel Miller]
[GH#140] Allow target DNS names up to 254 bytes. We previously imposed an incorrect limit of 64 bytes in several parts of Nmap. [Vincent Dumont]
[NSE] The hard limit on number of concurrently running scripts can now increase above 1000 to match a high user-set --min-parallelism value. [Tudor Emil Coman]
[NSE] Solved a memory corruption issue that would happen if a socket connect operation produced an error immediately, such as Network Unreachable. The event handler was throwing a Lua error, preventing Nsock from cleaning up properly, leaking events. [Abhishek Singh, Daniel Miller]
[NSE] Added the datetime library for performing date and time calculations, and as a helper to the clock-skew script.
[GH#103][GH#364] Made Nmap's parallel reverse DNS resolver more robust, fully handling truncated replies. If a response is too long, we now fall back to using the system resolver to answer it. [Abhishek Singh]
[Zenmap][GH#279] Added a legend for the Topography window. [Suraj Hande]
Nmap 7.25BETA1 [2016-07-15]
Nmap now ships with and uses Npcap, our new packet sniffing library for Windows. It's based on WinPcap (unmaintained for years), but uses modern Windows APIs for better performance. It also includes security improvements and many bug fixes. See http://npcap.org. And it enables Nmap to perform SYN scans and OS detection against localhost, which we haven't been able to do on Windows since Microsoft removed the raw sockets API in 2003. [Yang Luo, Daniel Miller, Fyodor]
[NSE] Added 6 NSE scripts, from 5 authors, bringing the total up to 533! They are all listed at https://nmap.org/nsedoc/, and the summaries are below (authors are listed in brackets):
clamav-exec detects ClamAV servers vulnerable to unauthorized clamav command execution. [Paulino Calderon]
http-aspnet-debug detects ASP.NET applications with debugging enabled. [Josh Amishav-Zlatin]
http-internal-ip-disclosure determines if the web server leaks its internal IP address when sending an HTTP/1.0 request without a Host header. [Josh Amishav-Zlatin]
[GH#304] http-mcmp detects mod_cluster Management Protocol (MCMP) and dumps its configuration. [Frank Spierings]
[GH#365] sslv2-drown detects vulnerability to the DROWN attack, including CVE-2016-0703 and CVE-2016-0704 that enable fast attacks on OpenSSL. [Bertrand Bonnefoy-Claudet]
vnc-title logs in to VNC servers and grabs the desktop title, geometry, and color depth. [Daniel Miller]
Integrated all of your IPv4 OS fingerprint submissions from January to April (539 of them). Added 98 fingerprints, bringing the new total to 5187. Additions include Linux 4.4, Android 6.0, Windows Server 2016, and more. [Daniel Miller]
Integrated all 31 of your IPv6 OS fingerprint submissions from January to June. The classifier added 2 groups and expanded several others. Several Apple OS X groups were consolidated, reducing the total number of groups to 93. [Daniel Miller]
Update oldest supported Windows version to Vista (Windows 6.0). This enables the use of the poll Nsock engine, which has significant performance and accuracy advantages. Windows XP users can still use Nmap 7.12, available from https://nmap.org/dist/?C=M&O=D [Daniel Miller]
[NSE] Fix a crash that happened when trying to print the percent done of 0 NSE script threads:
timing.cc:710 bool ScanProgressMeter::printStats(double, const timeval*): Assertion 'ltime' failed.
This would happen if no scripts were scheduled in a scan phase and the user pressed a key or specified a short --stats-every interval. Reported by Richard Petrie. [Daniel Miller]
[GH#283][Nsock] Avoid "unknown protocol:0" debug messages and an "Unknown address family 0" crash on Windows and other platforms that do not set the src_addr argument to recvfrom for TCP sockets. [Daniel Miller]
Retrieve the correct network prefix length for an adapter on Windows. If more than one address was configured on an adapter, the same prefix length would be used for both. This incorrect behavior is still used on Windows XP and earlier. Reported by Niels Bohr. [Daniel Miller]
Changed libdnet-stripped to avoid bailing completely when an interface is encountered with an unsupported hardware address type. Caused "INTERFACES: NONE FOUND!" bugs in Nmap whenever Linux kernel added new hardware address types. [Daniel Miller]
Improved service detection of Docker and fixed a bug in the output of docker-version script. [Tom Sellers]
Fix detection of Microsoft Terminal Services (RDP). Our improved TLS service probes were matching on port 3389 before our specific Terminal Services probe, causing the port to be labeled as "ssl/unknown". Reported by Josh Amishav-Zlatin.
[NSE] Update to enable smb-os-discovery to augment version detection for certain SMB related services using data that the script discovers. [Tom Sellers]
Improved version detection and descriptions for Microsoft and Samba SMB services. Also addresses certain issues with OS identification. [Tom Sellers]
[NSE] ssl-enum-ciphers will give a failing score to any server with an RSA certificate whose public key uses an exponent of 1. It will also cap the score of an RC4-ciphersuite handshake at C and output a warning referencing RFC 7465. [Daniel Miller]
[NSE] Refactored some SSLv2 functionality into a new library, sslv2.lua . [Daniel Miller]
[GH#399] Zenmap's authorization wrapper now uses an AppleScript method for privilege escalation on OS X, avoiding the deprecated AuthorizationExecuteWithPrivileges method previously used. [Vincent Dumont]
[GH#454] The OS X binary package is distributed in a .dmg disk image that now features an instructive background image. [Vincent Dumont]
[GH#420] Our OS X build system now uses gtk-mac-bundler and jhbuild to provide all dependencies. We no longer use Macports for this purpose. [Vincent Dumont]
[GH#345][Zenmap] On Windows, save Zenmap's stderr output to a writeable location (%LOCALAPPDATA%\zenmap.exe.log or %TEMP%\zenmap.exe.log) instead of next to the zenmap.exe executable. This avoids a warning message when closing Zenmap if it produced any stderr output. [Daniel Miller]
[GH#379][NSE] Fix http-iis-short-name-brute to report non vulnerable hosts. Reported by alias1. [Paulino Calderon]
[NSE][GH#371] Fix mysql-audit by adding needed library requires to the mysql-cis.audit file. The script would fail with "Failed to load rulebase" message. [Paolo Perego]
[NSE][GH#362] Added support for LDAP over udp to ldap-rootdse.nse. Also added version detection and information extraction to match the new LDAP LDAPSearchReq and LDAPSearchReqUDP probes. [Tom Sellers]
[GH#354] Added new version detection Probes for LDAP services, LDAPSearchReq and LDAPSearchReqUDP. The second is Microsoft Active Directory specific. The Probes will elicit responses from target services that allow better finger -printing and information extraction. Also added nmap-payload entry for detecting LDAP on udp. [Tom Sellers]
[NSE] More VNC updates: Support for VeNCrypt and Tight auth types, output of authentication sub-types in vnc-info, and all zero-authentication types are recognized and reported. [Daniel Miller]
|
|
Changes:
2016/08/30 : 1.6.9
- DOC: Updated 51Degrees readme.
- BUG/MAJOR: stream: properly mark the server address as unset on connect retry
- BUG/MINOR: payload: fix SSLv2 version parser
- MINOR: cli: allow the semi-colon to be escaped on the CLI
2016/08/14 : 1.6.8
- BUG/MEDIUM: lua: the function txn_done() from sample fetches can crash
- BUG/MEDIUM: lua: the function txn_done() from action wrapper can crash
- BUG/MINOR: peers: Fix peers data decoding issue
- DOC: lua: remove old functions
- BUG/MEDIUM: lua: somme HTTP manipulation functions are called without valid requests
- BUG/MEDIUM: stream-int: completely detach connection on connect error
- DOC: minor typo fixes to improve HTML parsing by haproxy-dconv
- BUILD: make proto_tcp.c compatible with musl library
- BUG/MAJOR: compression: initialize avail_in/next_in even during flush
- BUG/MEDIUM: samples: make smp_dup() always duplicate the sample
- MINOR: sample: implement smp_is_safe() and smp_make_safe()
- MINOR: sample: provide smp_is_rw() and smp_make_rw()
- BUG/MAJOR: server: the "sni" directive could randomly cause trouble
- BUG/MEDIUM: stick-tables: do not fail on string keys with no allocated size
- BUG/MEDIUM: stick-table: properly convert binary samples to keys
- MINOR: sample: use smp_make_rw() in upper/lower converters
- BUG/MINOR: peers: some updates are pushed twice after a resync.
- BUG/MINOR: peers: empty chunks after a resync.
- BUG/MAJOR: stick-counters: possible crash when using sc_trackers with wrong table
2016/07/13 : 1.6.7
- MINOR: new function my_realloc2 = realloc + free upon failure
- CLEANUP: fixed some usages of realloc leading to memory leak
- Revert "BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()"
- BUG/MEDIUM: dns: fix alignment issues in the DNS response parser
- BUG/MINOR: Fix endiness issue in DNS header creation code
|
|
http://freeradius.org/version2.html
The 2.2.x release series is now End Of Life. Only security fixes will be applied to 2.2.x.
Fix Tunnel-Password crash from home server. Found by Denis Andzakovic.
Fix timer issue when proxying.
Update EAP-TTLS so that MPPE keys are correctly calculated with TLSv1.2.
Always delete MS-MPPE-* from the TTLS inner tunnel. This allows TTLS / EAP-MSCHAPv2 to work.
Don't fall through in empty "case" statements. Fixes #1274.
|
|
|
|
|
|
What's New
Bug Fixes
The following vulnerabilities have been fixed:
* [1]wnpa-sec-2016-56
The Bluetooth L2CAP dissector could crash. ([2]Bug 12825)
* [3]wnpa-sec-2016-57
The NCP dissector could crash. ([4]Bug 12945)
The following bugs have been fixed:
* Flow Graph colored data arrows. ([5]Bug 12065)
* Capture File Properties under Statistics Grayed Out after Stopping
a Capture. ([6]Bug 12071)
* Qt: Hidden columns displayed during live capture. ([7]Bug 12377)
* Unable to save changes to coloring rules. ([8]Bug 12814)
* Bad description for NBSS error code 0x81. ([9]Bug 12835)
* Live capture from USBPcap fails immediately. ([10]Bug 12846)
* Cannot decrypt EAP-TTLS traffic (not recognized as conversation).
([11]Bug 12879)
* Export packet dissections Option disabled after capturing traffic.
([12]Bug 12898)
* Failure to open file named with Chinese or other multibyte
characters. ([13]Bug 12900)
* k12 text file format causes errors. ([14]Bug 12903)
* File | File Set | List Files dialog is blank. ([15]Bug 12904)
* Decoding/Display of an INAP CONNECT message goes wrong for the
Destination Routing Address part. ([16]Bug 12911)
* TLS padding extension dissector length parsing bug. ([17]Bug 12922)
* Diameter dictionary bugs. ([18]Bug 12927)
* File open from menu bar with filter in place causes Wireshark to
crash. ([19]Bug 12929)
* Unable to capture USBPcap trace using tshark with extcap built.
([20]Bug 12949)
* P1 dissector fails a TVB assertion. ([21]Bug 12976)
* Multiple PortableApps instances can once again be run at the same
time.
Updated Protocol Support
6LowPAN, BT L2CAP, CIP, DCOM IRemUnknown, Diameter, DMP, EAP, ISUP,
NBT, NCP, NetFlow, SSL / TLS, and U3V
New and Updated Capture File Support
Ascend, and K12
|
|
Upstream changes:
* 3.2.2 (2016/09/25)
* switch to libcurl instead of glib-networking
* implement --post and --ciphers options
* support display of extended_tweet
* 3.2.1 (2016/04/24)
* implement --filter and --record options
* implement editing NG words
* reflect 'don't show Retweets by this user' settings
* add support for thumbnail of Shindan-maker
* print Unicode foreign letters
* compressed display of continuous RTs and favs
|
|
Upstream changes:
* update po files
* tco: Ruby2.3 warnings on extracting URLs due to Kernel.#timeout call
* remove notice on Net::ReadTimeout
* stop use of obsolete Gdk::Pixbuf.new
|
|
Upstream changes:
* support Extended Tweet
* PostBox crashed in some case
* some translations were missed
|
|
* Fix a define to allow dhcpcd to better manage routes on OpenBSD
|
|
Changes:
version 2016.10.07
Extractors
+ [iprima] Detect geo restriction
* [facebook] Fix video extraction (#10846)
+ [commonprotocols] Support direct MMS links (#10838)
+ [generic] Add support for multiple vimeo embeds (#10862)
+ [nzz] Add support for nzz.ch (#4407)
+ [npo] Detect geo restriction
+ [npo] Add support for 2doc.nl (#10842)
+ [lego] Add support for lego.com (#10369)
+ [tonline] Add support for t-online.de (#10376)
* [techtalks] Relax URL regular expression (#10840)
* [youtube:live] Extend URL regular expression (#10839)
+ [theweatherchannel] Add support for weather.com (#7188)
+ [thisoldhouse] Add support for thisoldhouse.com (#10837)
+ [nhl] Add support for wch2016.com (#10833)
* [pornoxo] Use JWPlatform to improve metadata extraction
version 2016.10.02
Core
* Fix possibly lost extended attributes during post-processing
+ Support pyxattr as well as python-xattr for --xattrs and
--xattr-set-filesize (#9054)
Extractors
+ [jwplatform] Support DASH streams in JWPlayer
+ [jwplatform] Support old-style JWPlayer playlists
+ [byutv:event] Add extractor
* [periscope:user] Fix extraction (#10820)
* [dctp] Fix extraction (#10734)
+ [instagram] Extract video dimensions (#10790)
+ [tvland] Extend URL regular expression (#10812)
+ [vgtv] Add support for tv.aftonbladet.se (#10800)
- [aftonbladet] Remove extractor
* [vk] Fix timestamp and view count extraction (#10760)
+ [vk] Add support for running and finished live streams (#10799)
+ [leeco] Recognize more Le Sports URLs (#10794)
+ [instagram] Extract comments (#10788)
+ [ketnet] Extract mzsource formats (#10770)
* [limelight:media] Improve HTTP formats extraction
version 2016.09.27
Core
+ Add hdcore query parameter to akamai f4m formats
+ Delegate HLS live streams downloading to ffmpeg
+ Improved support for HTML5 subtitles
Extractors
+ [vk] Add support for dailymotion embeds (#10661)
* [promptfile] Fix extraction (#10634)
* [kaltura] Speed up embed regular expressions (#10764)
+ [npo] Add support for anderetijden.nl (#10754)
+ [prosiebensat1] Add support for advopedia sites
* [mwave] Relax URL regular expression (#10735, #10748)
* [prosiebensat1] Fix playlist support (#10745)
+ [prosiebensat1] Add support for sat1gold sites (#10745)
+ [cbsnews:livevideo] Fix extraction and extract m3u8 formats
+ [brightcove:new] Add support for live streams
* [soundcloud] Generalize playlist entries extraction (#10733)
+ [mtv] Add support for new URL schema (#8169, #9808)
* [einthusan] Fix extraction (#10714)
+ [twitter] Support Periscope embeds (#10737)
+ [openload] Support subtitles (#10625)
version 2016.09.24
Core
+ Add support for watchTVeverywhere.com authentication provider based MSOs for
Adobe Pass authentication (#10709)
Extractors
+ [soundcloud:playlist] Provide video id for early playlist entries (#10733)
+ [prosiebensat1] Add support for kabeleinsdoku (#10732)
* [cbs] Extract info from thunder videoPlayerService (#10728)
* [openload] Fix extraction (#10408)
+ [ustream] Support the new HLS streams (#10698)
+ [ooyala] Extract all HLS formats
+ [cartoonnetwork] Add support for Adobe Pass authentication
+ [soundcloud] Extract license metadata
+ [fox] Add support for Adobe Pass authentication (#8584)
+ [tbs] Add support for Adobe Pass authentication (#10642, #10222)
+ [trutv] Add support for Adobe Pass authentication (#10519)
+ [turner] Add support for Adobe Pass authentication
version 2016.09.19
Extractors
+ [crunchyroll] Check if already authenticated (#10700)
- [twitch:stream] Remove fallback to profile extraction when stream is offline
* [thisav] Improve title extraction (#10682)
* [vyborymos] Improve station info extraction
version 2016.09.18
Core
+ Introduce manifest_url and fragments fields in formats dictionary for
fragmented media
+ Provide manifest_url field for DASH segments, HLS and HDS
+ Provide fragments field for DASH segments
* Rework DASH segments downloader to use fragments field
+ Add helper method for Wowza Streaming Engine formats extraction
Extractors
+ [vyborymos] Add extractor for vybory.mos.ru (#10692)
+ [xfileshare] Add title regular expression for streamin.to (#10646)
+ [globo:article] Add support for multiple videos (#10653)
+ [thisav] Recognize HTML5 videos (#10447)
* [jwplatform] Improve JWPlayer detection
+ [mangomolo] Add support for Mangomolo embeds
+ [toutv] Add support for authentication (#10669)
* [franceinter] Fix upload date extraction
* [tv4] Fix HLS and HDS formats extraction (#10659)
|
|
|
|
* Fixed octal and hex string parsing in options.
* Ignore bogus RTM_DELADDR on FreeBSD when the interface goes down.
* Several statically sized buffers have been removed and replaced
with dynamically sized ones where we have no real idea of what
the size will be.
* Reverse IPv4 route removal order.
* Improved handling of Netlink messages on Linux.
* Poll for tentative link-local addresses if needed.
* Added --small configure directive to reduce binary size
* Allow DHCPv6, IPv4lL and authentication to be compiled out
* dhcpcd requries the interface to be up when considering link status
* Add support for ifa_addrflags in getifaddrs(3)
* Add support for ifam_addrflags and ifam_pid from route(4)
* If T1 or T2 are not set in DHCPv6 messages, use a default from the
lowest pltime instead of the expiration time.
* Validate lease before moving to REQUEST when both ends use
rapid commit.
* If lease validation fails, don't restart the DISCOVER phase if
we're already in it.
|
|
- Create a pkg-config file for libunbound in contrib.
- TCP Fast open.
- Finegrained localzone control with define-tag, access-control-tag,
access-control-tag-action, access-control-tag-data, local-zone-tag, and
local-zone-override. And added types always_transparent, always_refuse,
always_nxdomain with that.
- If more than half of tcp connections are in use, a shorter timeout
is used (200 msec, vs 2 minutes) to pressure tcp for new connects.
- [bugzilla: 787 ] Fix #787: outgoing-interface netblock/64 ipv6
option to use linux freebind to use 64bits of entropy for every query
with random local part.
- For #787: prefer-ip6 option for unbound.conf prefers to send
upstream queries to ipv6 servers.
- Add default root hints for IPv6 E.ROOT-SERVERS.NET, 2001:500:a8::e.
- keep debug symbols in windows build.
Bug Fixes:
----------
- [bugzilla: 778 ] Fix unbound 1.5.9: -h segfault (null deref).
- Fix unbound-anchor.exe file location defaults to Program Files with
(x86) appended.
- Fix to not ignore return value of chown() in daemon startup.
- Better help text from -h.
- [bugzilla: 773 ] Fix Non-standard Python location build failure with
pyunbound.
- Improve threadsafety for openssl 0.9.8 ecdsa dnssec signatures.
- Revert fix for NetworkService account on windows due to breakage it
causes.
- Fix that windows install will not overwrite existing service.conf
file (and ignore gui config choices if it exists).
- And delete service.conf.shipped on uninstall.
- In unbound.conf directory: dir immediately changes to that
directory, so that include: file below that is relative to that
directory. With chroot, make the directory an absolute path inside chroot.
- do not delete service.conf on windows uninstall.
- document directory immediate fix and allow EXECUTABLE syntax in it
on windows.
- Fix directory: fix for unbound-checkconf, it restores cwd.
- Use QTYPE=A for QNAME minimisation.
- Keep track of number of time-outs when performing QNAME
minimisation. Stop minimising when number of time-outs for a QNAME/QTYPE
pair is more than three.
- [bugzilla: 775 ] Fix unbound-host and unbound-anchor crash on
windows, ignore null delete for wsaevent.
- Fix spelling in freebind option man page text.
- Fix windows link of ssl with crypt32.
- [bugzilla: 779 ] Fix Union casting is non-portable.
- [bugzilla: 780 ] Fix MAP_ANON not defined in HP-UX 11.31.
- [bugzilla: 781 ] Fix prealloc() is an HP-UX system library call.
- Decrease dp attempts at each QNAME minimisation iteration
- [bugzilla: 784 ] Fix Build configure assumess that having getpwnam
means there is endpwent function available.
- Updated repository with newer flex and bison output.
- Fix static compile on windows missing gdi32.
- Fix dynamic link of anchor-update.exe on windows.
- Fix detect of mingw for MXE package build.
- Fixes for 64bit windows compile.
- [bugzilla: 788 ] Fix for nettle 3.0: Failed to build with Nettle >=
3.0 and --with-libunbound-only --with-nettle.
- Fixed unbound.doxygen for 1.8.11.
- [bugzilla: 798 ] Fix Client-side TCP fast open fails (Linux).
- [bugzilla: 801 ] Fix missing error condition handling in
daemon_create_workers().
- [bugzilla: 802 ] Fix workaround for function parameters that are
"unused" without log_assert.
- [bugzilla: 803 ] Fix confusing (and incorrect) code comment in
daemon_cleanup().
- [bugzilla: 806 ] Fix wrong comment removed.
- use sendmsg instead of sendto for TFO.
- [bugzilla: 807 ] Fix workaround for possible some "unused" function
parameters in test code.
- Note that OPENPGPKEY type is RFC 7929.
- [bugzilla: 804 ] Fix #804: unbound stops responding after outage.
Fixes queries that attempt to wait for an empty list of subqueries.
- Fix for #804: lower num_target_queries for iterator also for failed
lookups.
- [bugzilla: 820 ] Fix set sldns_str2wire_rr_buf() dual meaning len
parameter in each iteration in find_tag_datas().
- [bugzilla: 777 ] Fix OpenSSL 1.1.0 compatibility.
- RFC 7958 is now out, updated docs for unbound-anchor.
- Fix for compile without warnings with openssl 1.1.0.
- [bugzilla: 826 ] Fix refuse_non_local could result in a broken response.
- iana portlist update.
- Fix compile with openssl 1.1.0 with api=1.1.0.
- [bugzilla: 829 ] Fix doc of sldns_wire2str_rdata_buf() return value
has an off-by-one typo.
- Fix incomplete prototypes reported by Dag-Erling Smørgrav.
- [bugzilla: 828 ] Fix missing type in access-control-tag-action
redirect results in NXDOMAIN.
- Take configured minimum TTL into consideration when reducing TTL to
original TTL from RRSIG.
- [bugzilla: 831 ] Fix workaround for spurious fread_chk warning
against petal.c
- Silenced flex-generated sign-unsigned warning print with gcc
diagnostic pragma.
- Fix for new splint on FreeBSD. Fix cast for sockaddr_un.sun_len.
- fix potential memory leak in daemon/remote.c and nullpointer
dereference in validator/autotrust.
- [bugzilla: 883 ] Fix error for duplicate local zone entry.
- [bugzilla: 835 ] Fix --disable-dsa with nettle verify.
|
|
|
|
|
|
v0.14.7
This is a minor release recommended for all users.
Improvements in this release include faster (i.e., less CPU intensive)
hashing on some Intel and ARM64 CPU:s, a more refined dark theme,
CORS headers in the API, and an updated set of default discovery
servers.
Resolved issues since v0.14.6:
#3596: Deadlock no longer occurs on device removal
|
|
|
|
deleting his entries...
|
|
Make sure the configure script finds the ping or ping6 command on NetBSD, don't
rely on /sbin being in $path of the builder.
Not sure if similar change is needed for other $OPSYS.
Add a comment to patch-ad explaining why some plugins are disabled here.
|
|
pkgsrc's msgfmt wrapper will strip them as needed.
|
|
2016/04/18:
linux/netfilter: fix compile time detection of iptables version >= 1.4.3
2016/03/08:
linux/netfilter: do not add MASQUERADE rule if ports are equals
2016/02/19:
set IPv6 Hop limit to 10
fix HOST: header of event notifications in IPv6
be more compliant on 64bit machines : ui4 in [0;2^32-1]
|
|
|
|
Collection.
httpstat visualizes curl(1) statistics in a way of beauty and clarity.
|
|
Already merged upstream.
|
|
1.0.0
=====
- Only version changed
0.99.0
======
- Fix build on OS X
All contributors to this release:
- Tomasz Pajor <tomek@polishgeeks.com>
- Jens Georg <mail@jensge.org>
0.20.18
=======
- Retry description URL on failure.
Bugs fixed in this release:
- https://bugzilla.gnome.org/show_bug.cgi?id=694450
All contributors to this release:
- Jens Georg <mail@jensge.org>
- Jozef Šiška <jozef.siska@streamunlimited.com>
0.20.17
=======
- Update autogen.sh from GNOME template
- Cache user agents by IP
- Remove intltool
- Use newTargetValue in light example
Bugs fixed in this release:
- https://bugzilla.gnome.org/show_bug.cgi?id=653894
- https://bugzilla.gnome.org/show_bug.cgi?id=763945
- https://bugzilla.gnome.org/show_bug.cgi?id=764050
All contributors to this release:
- Jens Georg <mail@jensge.org>
- Philip Withnall <philip@tecnocode.co.uk>
0.20.16
=======
- Don't hardcode python path in gupnp-binding-tool
- Check for IFA_FLAGS to not bind ourselves to a recent kernel version
- Add missing m4 files
- Fix issues with introspection
- Make GUPnPServiceAction boxed
- Some JavaScript examples
- Distribute VAPI file in tarball
Bugs fixed in this release:
- https://bugzilla.gnome.org/show_bug.cgi?id=760217
- https://bugzilla.gnome.org/show_bug.cgi?id=760430
- https://bugzilla.gnome.org/show_bug.cgi?id=761265
All contributors to this release:
- Jens Georg <mail@jensge.org>
- Ting-Wei Lan <lantw@src.gnome.org>
0.20.15
=======
- Remove gnome-common
- Fix issue with gupnp_service_signals_autoconnect() blocking endlessly.
- Fix return type for BIN_HEX.
- Update some m4 macros.
- Fix typos in API docs.
NetworkManager context manager:
- Fix use-after-free issue.
- Fix various static code analysis findings.
Netlink context manager:
- Use proper macros for RTM_*ADDRESS messages.
- Use device name from netlink.
- Add possibility to dump received netlink packets for debugging.
- Fix issues with losing contexts after DHCP renew happens.
- Some style fixes.
Added/updated dependencies:
- GSSDP >= 0.14.13
Bugs fixed in this release:
- https://bugzilla.gnome.org/show_bug.cgi?id=736365
- https://bugzilla.gnome.org/show_bug.cgi?id=741257
- https://bugzilla.gnome.org/show_bug.cgi?id=750936
- https://bugzilla.gnome.org/show_bug.cgi?id=752490
- https://bugzilla.gnome.org/show_bug.cgi?id=759000
All contributors to this release:
- Jens Georg <mail@jensge.org>
- Debarshi Ray <debarshir@gnome.org>
- Olivier Crête <olivier.crete@collabora.com>
- Guillaume Marquebielle <guillaume.marquebielle@parrot.com>
- Bastien Nocera <hadess@hadess.net>
0.20.14
=======
Changes since 0.20.13:
Added/updated dependencies:
GLib 2.0 >= 2.40.0
- Simplify UUID handling.
Bugs fixed in this release:
- https://bugzilla.gnome.org/show_bug.cgi?id=743072
- https://bugzilla.gnome.org/show_bug.cgi?id=744221
All contributors to this release:
- Jens Georg <mail@jensge.org>
|
|
0.99.0
======
- Don't leak arp lookup symbol
- Minor documentation updates
All contributors to this release:
- Jens Georg <mail@jensge.org>
0.14.16
=======
- Fill the interface index for bionic.
- Remove unused include.
- Fix interface lookup on Win32
Bugs fixed in this release:
- https://bugzilla.gnome.org/show_bug.cgi?id=762455
- https://bugzilla.gnome.org/show_bug.cgi?id=765688
- https://bugzilla.gnome.org/show_bug.cgi?id=765709
All contributors to this release:
- Aurélien Chabot <aurelien.chabot@parrot.com>
- Jens Georg <mail@jensge.org>
- Florian Zwoch <fzwoch@gmail.com>
0.14.15
=======
- Actually use the TTL that was set by the user
- Use if_nametoindex instead of IOCTL when available
- Implement a User Agent cache based on SSDP packages
- Fix potential strncpy overflow
- Add missing m4 macros
- Disable PKTINFO on OS X
- Do not leak host_addr in clients.
Bugs fixed in this release:
- https://bugzilla.gnome.org/show_bug.cgi?id=653894
- https://bugzilla.gnome.org/show_bug.cgi?id=762324
- https://bugzilla.gnome.org/show_bug.cgi?id=764677
All contributors to this release:
- Jens Georg <mail@jensge.org>
- Philip Withnall <philip.withnall@collabora.co.uk>
- Philip Withnall <philip@tecnocode.co.uk>
0.14.14
=======
- Fix warning if the IP address is not known.
- Fix issue with discovery.
Bugs fixed in this release:
- https://bugzilla.gnome.org/show_bug.cgi?id=760702
All contributors to this release:
- Jens Georg <mail@jensge.org>
- Philip Withnall <philip@tecnocode.co.uk>
0.14.13
=======
- Make "host-ip" of GSSDPClient a construction property to give the caller the
chance to bypass the IP autodetection during client creation.
All contributors to this release:
- Jens Georg <mail@jensge.org>
0.14.12.1
=========
- Update m4 macros from autoconf-archive.
Bugs fixed in this release:
- https://bugzilla.gnome.org/show_bug.cgi?id=758778
All contributors to this release:
- Jens Georg <mail@jensge.org>
0.14.12
=======
- Fix issues with names of loopback device on *BSD.
- Move gtest code one level up and examples to their own folder.
- Fix a possible NULL derefence in gssdp-device-sniffer.
- Remove use of gnome-common for building.
Bugs fixed in this release:
- https://bugzilla.gnome.org/show_bug.cgi?id=743070
All contributors to this release:
- Jens Georg <mail@jensge.org>
- Thomas Klausner <tk@giga.or.at>
|
|
|
|
|
|
1.75 Sat Sep 17 20:00 2016
- gtld_new update as per latest IANA db entries
|
|
Changes in version 0.2.8.8 - 2016-09-23
Tor 0.2.8.8 fixes two crash bugs present in previous versions of the
0.2.8.x series. Relays running 0.2.8.x should upgrade, as should users
who select public relays as their bridges.
o Major bugfixes (crash):
- Fix a complicated crash bug that could affect Tor clients
configured to use bridges when replacing a networkstatus consensus
in which one of their bridges was mentioned. OpenBSD users saw
more crashes here, but all platforms were potentially affected.
Fixes bug 20103; bugfix on 0.2.8.2-alpha.
o Major bugfixes (relay, OOM handler):
- Fix a timing-dependent assertion failure that could occur when we
tried to flush from a circuit after having freed its cells because
of an out-of-memory condition. Fixes bug 20203; bugfix on
0.2.8.1-alpha. Thanks to "cypherpunks" for help diagnosing
this one.
o Minor feature (fallback directories):
- Remove broken fallbacks from the hard-coded fallback directory
list. Closes ticket 20190; patch by teor.
o Minor features (geoip):
- Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2
Country database.
|
|
Sent upstream.
|
|
|
|
|
|
Version 1.12.0 (29 Sep 2016)
Daniel Stenberg (29 Sep 2016)
- RELEASE-NOTES: 1.12.0
- [David Drysdale brought this change]
ares-test-misc: test ares_create_query with escaped trailing dot
- ares_create_query: avoid single-byte buffer overwrite
... when the name ends with an escaped dot.
CVE-2016-5180
Bug: https://c-ares.haxx.se/adv_20160929.html
- ares_library_initialized.3: added
- make: bump CARES_VERSION_INFO for release
David Drysdale (29 Sep 2016)
- man: update ares_init_options.3
Daniel Stenberg (29 Sep 2016)
- ares_library_init.3: corrected the ares_library_init_mem proto
- README.md: remove space from link
- README: link to the correct c-ares badge!
Reported-by: David Hotham
Fixes #63
- docs: minor formatting edits
- ares_destroy.3: formatting polish
- ares_init.3: split the init docs into two separate man pages
- SECURITY: point to the vulnerabilities page now
- RELEASE-NOTES: synced with daa7235b1a5
- ares_create_query.3: edit language
Tried to make the man page more readable.
David Drysdale (26 Sep 2016)
- test: fix gMock to work with gcc >= 6.x
Taken from:
https://github.com/google/googletest/issues/705#issuecomment-235067917
Daniel Stenberg (26 Sep 2016)
- [Brad House brought this change]
headers: remove checks for and defines of variable sizes
... they're not really used and by avoiding them in the ares_build.h
output we make the public header less dependent on data sizes.
David Drysdale (24 Sep 2016)
- api: add ARES_OPT_NOROTATE optmask value
Fix up a couple of problems with configuring whether c-ares rotates
between different name servers between requests.
Firstly, ares_save_options() returns (in *optmask) the value of
(channel->optmask & ARES_OPT_ROTATE), which doesn't necessarily
indicate whether the channel is or is not actually doing rotation.
This can be confusing/incorrect if:
- the channel was originally configured without ARES_OPT_ROTATE
(so it appears that the channel is not rotating)
- the /etc/resolv.conf file includes the 'rotate' option
(so the channel is actually performing rotation).
Secondly, it is not possible to reliably configure a channel
to not-rotate; leaving off ARES_OPT_ROTATE is not enough, since
a 'rotate' option in /etc/resolv.conf will turn it on again.
Therefore:
- add an ARES_OPT_NOROTATE optmask value to allow explicit
configuration of no-rotate behaviour
- in ares_save_options(), report the value of channel->rotate
as exactly one of (optmask & ARES_OPT_ROTATE) or
(optmask & ARES_OPT_NOROTATE).
In terms of back-compatibility:
- existing apps that set ARES_OPT_ROTATE will continue to rotate,
and to have ARES_OPT_ROTATE reported back from ares_save_options()
- existing apps that don't set ARES_OPT_ROTATE will continue to
use local config/defaults to decide whether to rotate, and will
now get ARES_OPT_ROTATE or ARES_OPT_NOROTATE reported back from
ares_save_options() rather than 0.
- ares_init_options: only propagate init failures from options
Commit 46bb820be3a8 ("ares_init_options: don't lose init failure")
changed init behaviour so that earlier errors in initialization
weren't lost. In particular, if the user passes in specific
options but they are not applied (e.g. because of an allocation
failure), that failure needs to be reported back to the user; this
also applies when duplicating a channel with ares_dup().
However, other initialization failures can be ignored and
overridden -- in particular, if init_by_resolv_conf() or
init_by_environment() fail, then falling back to default values
is OK.
So only preserve failures from the init_by_options() stage, not
from all initialization stages.
Fixes issue 60.
- test: Force reinstall of libtool on OSX
Travis build environment appears to have changed.
- test: Add valgrind build variant
- test: Add null pointer to gtest args
GoogleTest assumes that there is a null pointer in argv[argc],
so make it look like that. Without this change, tests run with
command-line arguments get memory errors under valgrind/ASAN.
Daniel Stenberg (21 Aug 2016)
- AUTHOR: maybe gitgub isn't really an author =)
- AUTHORS: added contributors from the git log
- LICENSE.md: add a stand-alone license file
Just the MIT license used in the top the source files moved out to a
stand-alone file for easier reference and discovery.
- README: added "CII best practices" badge
- SECURITY.md: suggested "security process" for the project
David Drysdale (17 Aug 2016)
- test: Add Clang static analysis build to Travis
Run scan-build over the library source code, but skip the
tests. Needs a later Clang install in Travis
- test: more info on how to run fuzz testing
- test: make fuzzer driver code C not C++
- test: fuzzer mode for AFL's persistent mode
When fuzzing with AFL, if the LLVM-based instrumentation is
used (via the afl-clang-fast wrapper), then it is possible to
have a single execution of the fuzzer program iterate multiple
times over the fuzzing entrypoint (similar to libFuzzer's normal
mode of execution) with different data. This is much (e.g. 10x)
faster.
Add code to support this, by checking whether __AFL_LOOP is
defined at compile-time.
Also, shift the code to effectively be C rather than C++.
- test: simplify deps for fuzzer entrypoint
No need to depend on the rest of the test code (ares-test.h) for
the fuzzer entrypoint; this makes the entrypoint slightly simpler
to build with LLVM's libFuzzer.
Also shift the code to effectively be C rather than C++
- test: disable MinGW tests
The test binary built in the MinGW build is failing for some
reason. It works for me when I build locally, so I'm guessing
it's down to some sort of AppVeyor environment issue.
Disable for now.
Daniel Stenberg (16 Aug 2016)
- read_tcp_data: remove superfluous NULL check
CID 56884 by Coverity. The pointer is already derefenced before this
point so it can't be NULL here anyway.
- web: http => https
GitHub (20 Jul 2016)
- [David Drysdale brought this change]
Merge pull request #59 from fuze/master
Update msvc_ver.inc for VS2015 Update 3
- [Chris Araman brought this change]
Update msvc_ver.inc
support Visual Studio 2015 Update 3
David Drysdale (2 May 2016)
- Fix trailing comment for #endif
Daniel Stenberg (30 Apr 2016)
- email: use Gisle's "new" address
David Drysdale (18 Apr 2016)
- test: drop superfluous fuzz inputs
Where there are multiple fuzz input files that only differ in
the first two bytes (the query ID), just keep the first such
file.
svante karlsson (15 Apr 2016)
- Update msvc_ver.inc
support Visual Studio 2015 Update 2
David Drysdale (31 Mar 2016)
- test: Run fuzzcheck.sh in Travis build
- test: add fuzzing check script to tests
Add a test script that runs the fuzzing command over the
corpus of DNS packets. This doesn't actually do any fuzzing
(it just runs them as inputs without generating any variations)
but it does ensure that the fuzzing entrypoint is still working.
- test: allow multiple files in aresfuzz command line
If no arguments are specified, use stdin as input.
Otherwise treat each argument as a filename and feed
its contents to the fuzz entrypoint.
- test: Add corpus of DNS packets
For fuzz testing it is useful to start from a corpus of valid
packets, so fill out the test/fuzzinput/ directory with a bunch
of inputs.
These packets were generated by temporarily modifying the c-ares
process_answer() function to save off any incoming response messages.
- test: Add utility to show DNS packet from file
- [nordsturm brought this change]
Fix nsort initialization
Author: Alexander Drachevskiy
http://c-ares.haxx.se/mail/c-ares-archive-2014-07/0004.shtml
http://c-ares.haxx.se/mail/c-ares-archive-2014-07/0014.shtml
- test: Check setting nsort=0 option is respected
- test: Update fuzzing function prototype
libFuzzer changed expected return type from void to int
in LLVM 3.8.
- Explicitly clear struct servent before use
On a build where MSAN has been manually set up (which involves
using an MSAN-instrumented version of the standard C++ library, see
https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo)
there's a warning about use of uninitialized memory here. It
might be a false positive, but the fix is trivial so include it.
- test: for AF_UNSPEC, return CNAME only for AAAA, but valid A record
Also shuffle expected responses rsp6/rsp4 into the order they will occur.
- [Chris Araman brought this change]
msvc_ver.inc: support Visual Studio 2015 Update 1
- build: commonize MSVC version detection
Remove the need to copy/paste version number mapping between
Makefile.msvc and test/Makefile.msvc.
- test: Use different name in live test
- test: Only pass unused args to GoogleTest
- ahost.c: add cast to fix C++ compile
If ahost.c is force-compiled as C++ the missing cast from
(void *) to (char **) is problematic.
- ares_library_cleanup: reset ares_realloc too
Otherwise a subsequent use of the library might use a previous
incarnation's realloc() implementation.
Daniel Stenberg (9 Mar 2016)
- [Brad House brought this change]
configure: check if tests can get built before enabled
The current approach for disabling tests is not a good solution because
it forces you to pass --disable-tests, rather than auto-detect if your
system can support the tests in the first place. Many (most?) systems
do not have C++11. This also causes issues when chain-building c-ares,
the hosting system needs to be updated to support passing this
additional flag if necessary, it doesn't seem reasonable to add this
requirement which breaks compatibility.
This change auto-detects if the system can build the tests and
automatically disable them if it cannot. If you pass --enable-tests to
configure and the system cannot build them either due to lack of system
support, or because cross-compilation is being used, it will throw an
appropriate error since the user indicated they really did want the
tests.
David Drysdale (3 Mar 2016)
- [Viktor Szakats brought this change]
Makefile.m32: add support for CROSSPREFIX
- [Viktor Szakats brought this change]
Makefile.m32: add support for extra flags
Allow specification of CARES_{LD,C}FLAG_EXTRAS envvars
for mingw
- test: Build with MinGW on AppVeyor
- test: avoid in6addr_* constants
These aren't available on MinGW, so use explicit addresses instead.
- test: add missing #includes for dns-proto.cc
- [Gregor Jasny brought this change]
Fix man page typos detected by Lintian
Daniel Stenberg (19 Feb 2016)
- configure: acknowledge --disable-tests
Fixes #44
- AUTHORS: added contributors from the 1.11.0 release
- bump: start working on the next version
Version 1.11.0 (19 Feb 2016)
Daniel Stenberg (19 Feb 2016)
- RELEASE-NOTES: final edits for 1.11.0
David Drysdale (15 Feb 2016)
- ares_dup.3: remove mention of nonexistent function
ares_dup_options() doesn't exist, so don't document it.
- test: skip repeated build steps
Top-level buildconf/configure now triggers for the
test/ subdir too, so don't need to do explicitly.
- test: namespaces unavailable when cross-compiling
Daniel Stenberg (13 Feb 2016)
- configure: only run configure in test when NOT cross-compiling
... as the tests won't run cross-compiled anyway
David Drysdale (13 Feb 2016)
- test: prefer ON_CALL to EXPECT_CALL to reduce flakes
For UDP tests, there's a chance of a retry. EXPECT_CALL only
expects a single request to arrive at the server; ON_CALL allows
for a UDP retry and repeats the same answer.
Note that ON_CALL and EXPECT_CALL can't be mixed in the same
test, and that tests that have a varied sequence of responses
for the same repeated request still have to use EXPECT_CALL.
Daniel Stenberg (13 Feb 2016)
- configure: run configure in 'test' too
Having the test dir completely stand-alone causes too many issues for
users and devs. It still needs to be built specifically.
- configure: build silently by default
- buildconf: run test/buildconf too if present
- test/configure: build silently by default
- [Gregor Jasny brought this change]
dist: Distribute README.md
Closes #42
Version 1.11.0 (11 Feb 2016)
Daniel Stenberg (11 Feb 2016)
- Makefile.am: distribute the test dir too
- RELEASE-NOTES: synced with 385582bd14b68a
- [Nicolas \"Pixel\" Noble brought this change]
ares_win32_init: make LoadLibrary work when using UNICODE too
Closes #17
David Drysdale (11 Feb 2016)
- Use "resolve" as synonym of "dns" in nsswitch.conf
Modern Linux systems may have libnss_resolve from systemd as the
resolver, which is then configured in /etc/nsswitch.conf with
the "resolve" keyword rather than "dns".
Fixes #33
- ares_set_socket_callback: make manpage match code
The code in ares_process.c that invokes the socket creation/connection
callback only checks for rc < 0, not for standard ares error codes.
- Merge pull request #36 from AGWA-forks/master
Add ares_set_socket_configure_callback()
- test: Update init tests to match behaviour
Unreadable config files are now treated the same way
as absent config files.
- [Fedor Indutny brought this change]
Ignore `fopen` errors to use default values
After 46bb820be3a83520e70e6c5f0c5133253fcd69cd `init_by_resolv_conf`
errors are no longer swallowed in `ares_init_options`. This has exposed
a previously unknown bug in `lookups` initialization code.
If there is no lookup configuration in `resolv.conf`,
`init_by_resolv_conf` will attempt to read it from other files available
on the system. However, some of these files may have restricted
permissions (like `600`), which will lead to `EACCESS` errno, which in
turn is handled like a fatal error by `init_by_resolv_conf`.
However, it sounds illogical that this error should be handled as a
fatal. There is a `init_by_defaults` call that overrides `lookups` with
default value, and certainly possible absence of lookup information is
the reason why this function exists in a first place!
I suggest handling any `fopen` errors as non-fatal ones, allowing to
pick up the `lookups` value from different config files, or to pick up
default value.
Andrew Ayer (9 Feb 2016)
- Document callback type in man page for ares_set_socket_callback
- Add ares_set_socket_configure_callback()
This function sets a callback that is invoked after the socket is
created, but before the connection is established. This is an ideal
time to customize various socket options.
David Drysdale (9 Feb 2016)
- test: ares_set_socket_callback failure behaviour
- test: Check ares_parse_txt_reply_ext() entrypoint
- [Fedor Indutny brought this change]
txt: introduce `ares_parse_txt_reply_ext`
Introduce `ares_txt_ext` structure with an extra `record_start`
field, which indicates a start of a new TXT record, thus allowing to
differentiate the chunks in the same record, from a chunks in a
different record.
Introduce a new API method: `ares_parse_txt_reply_ext` that works with
this kind of struct.
- doc: Update missed repo references
- doc: Update docs on contributing
- test: Run command line tools in Travis
Do a quick execution of each of the command line tools
in the continuous integration build, so that any (say)
sanitizer failures show up.
- acountry: drop inert test
If ver_1 is true, then z0 and z1 must both be 'z', and so
(z0 != 'z' && z1 != 'z') can never be true.
CID 56879, pointed out by Coverity.
- doc: update badge locations to master repo
- test: Enable maintainer mode + debug in Travis
- test: Add an iOS build target
- test: Ignore SIGPIPE in tests
- test: More initialization tests
- test: Improve containerized test mechanism
Aim is to ensure that code coverage information can escape the
container. To do this:
- Enter a new mount namespace too, so that we can...
- Bind mount the expected source directory into the container
- Share memory with the sub-process so coverage information is
shared too.
- test: Make contained tests easier to write
- test: Add framework for containerized testing
On Linux we can potentially use user and UTS namespaces to run a test
in a pseudo-container with:
- arbitrary filesystem (e.g. /etc/resolv.conf, /etc/nsswitch.conf, /etc/hosts)
- arbitrary hostname/domainname.
Include a first pass at the framework code to allow this, along with a
first test case that uses the container.
- test: Use a longer timeout for less flakiness
Having occasional test failures from timeout before multiple
queries can complete, so up the default timeout for the test
from 100ms to 1500ms.
- test: Make failure tests more robust
Different platforms will do different numbers of allocations
in the processing of a given API call; just check that the
return code is either success or ENOMEM, and free off any
returned state in the former case.
Also cope with ECONNREFUSED as well as ENOTFOUND.
- test: Get test code building under Windows
- Initial nmake file based off library nmake file
- Cast socket call arguments to (char *)
- Use wrapper sclose() that maps to closesocket() or close()
- Build a config.h indicating presence of headers
- Conditionally include netdb.h
- Remove unnecessary include of sys/socket.h
- Force longer bitmask for allocation failure tracking
- Call WSAStartup() / WSACleanup() in main()
- Set TCP_NODELAY for mock server
- Turn on tests in AppVeyor build
- test: Disable tests that manipulate env on Windows
- test: Move file lists into Makefile.inc
In preparation for a Win32 build of the test suite.
- test: Add a simple multi-server test
Check rotate option does something
- test: Allow for multiple mock servers
- Update the MockServer to allow separate specification of
UDP and TCP ports
- Have an array of mock servers listening on consecutive
sets of ports.
- Rename Process(fd) to ProcessFD(fd) to avoid confusion.
- Initialize channel by using the new ares_set_servers_ports()
entrypoint, so multiple ports on the same loopback address
can be used.
- test: Update test for set/get_servers variants
Ports are significant in the _ports_ variant functions, so update test to cope.
- test: Make GetNameServers() utility function port-aware
Also make it generally available.
- test: more testing, including of internal static functions
- test: more tests, especially fallback processing
- Make mock server listen on UDP + TCP in parallel.
- Test UDP->TCP fallback on truncation
- Test EDNS->no-EDNS fallback
- Test some environment init options
- Test nonsense reply
test: short response
- test: more tests, particularly of initialization
- test: Run mock tests over both TCP and UDP
With the exception of a few tests that make use of the timed
retry aspect of UDP.
- test: Run mock tests over both IPv4 and IPv6
- test: Add more tests for edge cases
- test: more nooks and crannies of pton functions
- test: More tests for PTR parsing
- test: Use of HOSTALIAS environment variable
- test: Add RAII utility classes for testing
- TempFile holds specific contents
- EnvValue sets an environment variable
- test: More search domain scenarios
- test: Remove duplicate flags from Makefile.am
- test: Make test code leak-free
- test: More tests
- test use of sortlist
- test gethostbyname(AF_UNSPEC)
- test: Test ares_gethostbyname_file()
- test: Add more tests of ares_getnameinfo()
- test: Tweak tests, add alloc failure test
- test: Test init with options
- test: More tests
- ares_inet_net_pton() variants
- ares_getsock() variants
- test: Expose ProcessWork() function
- test: More parsing tests
Including:
- Split each parse function test set out into separate files.
- Add an allocation failure test for each parsing function.
- Add error check test for each parsing function.
- test: Add various additional tests
- test: More tests
Include tests of internal functions, based on the value of the
CARES_SYMBOL_HIDING macro; need to configure the library with
--disable-symbol-hiding to enable these tests.
- test: Allow command line override of mock server port
- test: Add README.md documentation
- test: Temporarily avoid latest Python requests package
Currently get error from Travis on this install step, and downgrading one
version appears to fix the problem.
"Could not find any downloads that satisfy the requirement pyOpenSSL>=0.13
(from requests[security])"
- test: Add AppVeyor config file for Windows build
- test: Add configuration for a Travis build
Cover Linux & OSX on the container infrastructure, but install
a later G++ to satisfy the tests' need for C++11.
Use a build matrix to include a variety of build variants:
- ASAN
- UBSAN
- LSAN
- Coverage via coveralls.io
test: invoke ASAN and coverage in Travis build
Also shift to use explicit build matrix
test: Use coveralls.io for coverage tracking
test: Add a build with UBSAN
Also expand and re-order the setting of environment variables
for easier modification.
test: Add LSAN build to Travis config
- test: Add initial unit tests for c-ares library
The tests are written in C++11, using the GoogleTest and GoogleMock
frameworks. They have their own independent autoconf setup, so that
users of the library need not have a C++ compiler just to get c-ares
working (however, the test/configure.ac file does assume the use of
a shared top-level m4/ directory). However, this autoconf setup has
only been tested on Linux and OSX so far.
Run with "./arestest", or "./arestest -v" to see extra debug info.
The GoogleTest options for running specific tests are also
available (e.g. "./arestest --gtest_filter=*Live*").
The tests are nowhere near complete yet (currently hitting around
60% coverage as reported by gcov), but they do include examples
of a few different styles of testing:
- There are live tests (ares-test-live.cc), which assume that the
current machine has a valid DNS setup and connection to the
internet; these tests issue queries for real domains but don't
particularly check what gets returned. The tests will fail on
an offline machine.
- There a few mock tests (ares-test-mock.cc) that set up a fake DNS
server and inject its port into the c-ares library configuration.
These tests allow specific response messages to be crafted and
injected, and so are likely to be used for many more tests in
future.
- To make this generation/injection easier, the dns-proto.h file
includes C++ helper classes for building DNS packets.
- Other library entrypoints that don't require network activity
(e.g. ares_parse_*_reply) are tested directly.
- There are few tests of library-internal functions that are not
normally visible to API users (in ares-test-internal.cc).
- A couple of the tests use a helper method of the test fixture to
inject memory allocation failures, using the earlier change to the
library to allow override of malloc/realloc/free.
- There is also an entrypoint to allow Clang's libfuzzer to drive
the packet parsing code in ares_parse_*_reply, together with a
standalone wrapper for it (./aresfuzz) to allow use of afl-fuzz
for further fuzz testing.
- test: Add local copy of GoogleMock/GoogleTest 1.7.0
Don't check in gtest/m4 files, as they are unused and interfere
with the top-level configure process.
- doc: Show build badges in README.md
Note that these URLs will need to be updated if/when the test branch
gets pulled into the master repo/branch.
- doc: Convert README to README.md
Gives better display on GitHub
- doc: Update in preparation for next release
Assume 1.11.0 is next (as there are various API additions).
Also add myself to AUTHORS.
- build: Allow header compilation by Windows C++ compiler
- build: Expose whether symbol hiding is on
Adding the CARES_SYMBOL_HIDING definition allows the test suite to
detect whether internal symbols are available or not.
- build: Add autoconf macros for C++11 code using pthreads
Pull in testing macros from the GNU autoconf archive to allow
configure scripts to test for and setup use of a C++11 compiler
(AX_CXX_COMPILE_STDCXX_11) and the pthreads library (AX_PTHREAD).
Note that these macros are not used by the main library autoconf,
just by the tests (which share the same m4/ directory).
- build: Add a code coverage option
Configure with:
./configure --enable-code-coverage
Show coverage output with:
make code-coverage-capture
Built on m4/ax_code_coverage.m4 from the GNU autoconf archive
to provide the macros to check for presence of gcov + lcov;
upstream macro modified to:
- Remove use of $(AM_DEFAULT_VERBOSITY) , as earlier versions of
autoconf (such as the one used by default on Travis) do not have this.
- Rather than automatically defining CODE_COVERAGE_RULES to be a set
of makefile rules that use ifeq/endif (which is GNU make-specific),
instead only define CODE_COVERAGE_RULES if coverages is turned on,
and in that case don't use conditionals in the makefile.
- api: Add entrypoints to allow use of per-server ports
Add user-visible entrypoints ares_{get,set}_servers_ports(3), which
take struct ares_addr_port_node rather than struct ares_addr_node.
This structure includes a UDP and TCP port number; if this is set
to zero, the channel-wide port values are used as before.
Similarly, add a new ares_set_servers_ports_csv(3) entrypoint, which
is analogous to ares_set_servers(3) except it doesn't ignore any
specified port information; instead, any per-server specified port
is used as both the UDP and TCP port for that server.
The internal struct ares_addr is extended to hold the UDP/TCP ports,
stored in network order, with the convention that a value of zero
indicates that the channel-wide UDP/TCP port should be used.
For the internal implementation of ares_dup(3), shift to use the
_ports() version of the get/set functions, so port information is
transferred correctly to the new channel.
Update manpages, and add missing ares_set_servers_csv to the lists
while we're at it
- api: Add ares_set_sortlist(3) entrypoint
Allow explicit configuration of the channel's sortlist, by
specifying a string in the same format as the equivalent
/etc/resolv.conf option.
This allows library users to perform the same configuration
that is available via /etc/resolv.conf, but without needing
to change that file.
- api: Allow injection of user-specified malloc/free functions
Add a new ares_library_init_mem() initialization function for the
library which allows the library user to specify their own malloc,
realloc & free equivalents for use library-wide.
Store these function pointers in library-wide global variables,
defaulting to libc's malloc(), realloc() and free().
Change all calls to malloc, realloc and free to use the function pointer
instead. Also ensure that ares_strdup() is always available
(even if the local environment includes strdup(3)), and change the
library code to always use it.
Convert calls to calloc() to use ares_malloc() + memset
- api: Add option to expose some internal functions
Purely for testing, add --enable-expose-statics option to configure
which converts some static internal functions to be externally visible.
- api: Expose the ares_library_initialized() function
- ahost: Allow repeated -s <domain> options
This also removes a potential leak where later -s options would
replace earlier ones without freeing the relevant string.
- Mark unhittable lines
Add comments for the benefit of the lcov tool, marking
lines that cannot be hit. Typically these are fall-back
protection arms that are already covered by earlier checks,
and so it's not worth taking out the unhittable code (in case
someone changes the code between the two places in future).
- ares_set_servers_csv.3: make return type match code
- bitncmp: update comment to match code behaviour
- ares_striendstr: fix so non-NULL return can happen
This looks to have been broken since it was first introduced in 2005 in
commit aba0b775ea30 ("Added ares_getnameinfo which mimics the
getnameinfo API")
- config_sortlist: free any existing sortlist on (re)alloc failure
If we get an allocation failure on 2nd or later entry in the sortlist, the
code would return ENOMEM but still leave the initial entries allocated.
Ensure that *sortlist is set to NULL whenever ENOMEM is returned.
- ares_dup: clear new channel on failure
If the attempt to transfer IPv6 servers from the old to the new channel
fails, the previous code would still return a channel to the user even though
an error return code was generated. This makes it likely that users would
leak the channel, so explicitly clear the channel in this case.
- ares_init_options: don't lose init failure
If (say) init_by_options() fails, the subsequent call to
init_by_defaults() was overwriting the return code with
success. Still call init_by_defaults() regardless, but track
its return value separately
- ares_gethostbyname: don't leak valid-but-empty hostent
If an AF_UNSPEC query gets a valid response to its AAAA query,
but which has no IPv6 addresses in it, then the code chains on to
a A record query. However, the hostent from the AAAA response
was being leaked along the way (because it gets replaced before
the follow-on end_hquery() invocation).
- ares_parse_txt_reply: propagate errors from per-substring loop
If we get an allocation failure when processing a particular substring in a
TXT record, that failure is silently lost; fix that by propagating errors from
the inner loop to the outer loop.
- process_answer: fix things up correctly when removing EDNS option
When a server rejects an EDNS-equipped request, we retry without
the EDNS option. However, in TCP mode, the 2-byte length prefix was
being calculated wrong -- it was built from the answer length rather than
the length of the original request.
Also, it is theoretically possible that the call to realloc() might change
the data pointed to; to allow for this, qbuf also needs updating.
(Both these fixes were actually included in a patchset sent on the mailing
list in Oct 2012, but were included with other functional changes that
didn't get merged:
http://c-ares.haxx.se/mail/c-ares-archive-2012-10/0004.shtml)
- ares__read_line: clear buf pointer on realloc failure
- ares_expand_name: check for valid bits in label length
The top two bits of the label length indicate whether this is a
label length (00) or an index to a name elsewhere in the message
(11). RFC1035 4.1.4 says that the other possible values for the
top two bits (01, 10) are reserved for future use.
Daniel Stenberg (23 Jan 2016)
- [Gregor Jasny brought this change]
Fix typos detected by lintian
Closes #32
- [Gregor Jasny brought this change]
Distribute all man pages
- README.cares: s/I/Daniel
... and add a pointer to an existing version of the original area 1.1.1
package.a
- read_tcp_data: don't try to use NULL pointer after malloc failure
CID 56884, pointed out by Coverity. We really should make this function
return an error code so that a malloc() failure can return back a major
failure.
- configure_socket: explicitly ignore return code
CID 56889 in Coverity pointed out the return code from setsocknonblock()
is ignored, and this added typecast to (void) makes it explicit.
- ahost: check the select() return code
Fixes CID 137189, pointed out by Coverity
David Drysdale (18 Jan 2016)
- Fix buildconf on platforms using glibtoolize
Commit c49a87eea538 changed buildconf to only check for
libtoolize, but missed a line
- Don't exit loop early leaving uninitialized entries
Update for commit affc63cba875d.
The original patch from Gregor Jasny did not have the break
statement; I incorrectly added it to prevent continuing the loop.
However, the later entries in the array would then be left
uninitialized, causing problems for later cleanup.
So fix to match Gregor's original patch, with apologies.
Daniel Stenberg (18 Jan 2016)
- buildconf: remove check for libtool, it only requires libtoolize
David Drysdale (17 Jan 2016)
- [Gregor Jasny brought this change]
Use libresolv to initialize cares on iPhone targets
On iPhone targets like iOS, watchOS or tvOS the file
/etc/resolv.conf cannot be used to configure cares.
Instead the resolver library is queried for configuration
values.
CC: Yury Kirpichev <ykirpichev@yandex-team.ru>
Daniel Stenberg (17 Jan 2016)
- README: updated to new repo URL
David Drysdale (14 Jan 2016)
- [Lei Shi brought this change]
Fixing slow DNS lookup issue
This patch is fixing the dns lookup issue due to dummy dns information
of a disconnected adapter(in my case is a bluetooth adapter). I changed
the dns lookup policy to try GetNetworkParams first because the
GetNetworkParams provides the most reliable dns information (lots of
checks were done by system). I also filter out inoperable adapter in
DNS_AdaptersAddresses in case GetNetworkParams fail.
- Merge pull request #30 from p-push/vs-2015
Support Visual Studio 2015
Oleg Pudeyev (3 Jan 2016)
- [Gisle Vanem brought this change]
Support Visual Studio 2015
David Drysdale (11 Nov 2015)
- [Andrew Andkjar brought this change]
added another version case to Makefile.msvc
nmake version 11.00.61030.0 resolves to CC_VERS_NUM = 110
- Merge pull request #26 from bitbouncer/vs-2013
added define for visual studio 2013
svante karlsson (25 Jun 2015)
- added define for visual studio 2013
Jakub Hrozek (6 Nov 2014)
- ares__read_line: free buf on realloc failure
- Destroy options if ares_save_options fails
It's possible that, if ares_save_options failed, the opts structure
would contain some allocated memory. Calling ares_destroy_options in
this case is safe, because ares_save_options zeroes out the memory
initially.
- [David Drysdale brought this change]
Continue loop if space for hostname not large enough
When attempting to build a search domain from the local hostname
(used as a fallback when no other methods have given a search
domain), the code doubles the buffer size on each loop iteration.
However, the loop previously had a WHILE_FALSE terminator so the continue
statement exited the loop rather than going round again.
Daniel Stenberg (30 Oct 2014)
- ares_getnameinfo.3: there is no ares_getaddrinfo
David Drysdale (30 Sep 2014)
- [Gregor Jasny brought this change]
Prevent tmpbuf from overrunning
Fix Coverity error CID 56886.
Signed-off-by: Gregor Jasny <gjasny@googlemail.com>
- [Gregor Jasny brought this change]
Re-start loop if select fails
Fix Coverity error CID 56882
Signed-off-by: Gregor Jasny <gjasny@googlemail.com>
- [Gregor Jasny brought this change]
Free temporary variable in error path
Fix Coverity CID 56890
Signed-off-by: Gregor Jasny <gjasny@googlemail.com>
- [Gregor Jasny brought this change]
Fix integer shift overflow if both tcp_socket and udp_socket are set
The problem occurs if at the start of the loop the sockindex is at the
last valid ARES_GETSOCK_MAXNUM position. If then both udp_socket and
tcp_socket are valid, sockindex gets incremented for UDP first and
points one entry behind the array for the tcp block.
So the fix is to check after every increment of sockindex if it is still
valid.
Fix Coverity error CID 56878
Signed-off-by: Gregor Jasny <gjasny@googlemail.com>
- [Gregor Jasny brought this change]
Null check before dereference
Fix Coverity error CID 56880
Signed-off-by: Gregor Jasny <gjasny@googlemail.com>
Jakub Hrozek (28 Jul 2014)
- [Gisle Vanem brought this change]
Comment in ares_ipv6.h
David Drysdale (25 Jul 2014)
- CONTRIBUTING: add file to indicate mailing list is preferred
- Add -t u option to ahost
Add an option to allow specification of the AF_UNSPEC
address family.
Jakub Hrozek (24 Jul 2014)
- host_callback: Fall back to AF_INET on searching with AF_UNSPEC
Previously, when an ares_gethostbyname() searched with AF_UNSPEC and the
first AF_INET6 call only returned CNAMEs, the host_callback never
retried AF_INET.
This patch makes sure than on ARES_SUCCESS, the result of AF_INET6 is
taken as authoritative only if the result contains some addresses.
- [David Drysdale brought this change]
Move memset call below platform-specific declarations
A GitHub commenter [1] says that my recent change to ahost.c has
problems compiling on Windows + C89 platforms.
[1] https://github.com/bagder/c-ares/commit/ee22246507c9#commitcomment-6587616
- [David Drysdale brought this change]
Update ahost man page to describe -s option.
Commit ee22246507c9 added the -s <domain> option to the
ahost command, but neglected to update the man page to
describe it.
Also fix typo in description of -t option.
- ares_parse_soa_reply: Do not leak rr_name on allocation failure
If ares_malloc_data failed, already allocated rr_name would go out of
scope.
- [David Drysdale brought this change]
Don't override explicitly specified search domains
Only set search domains from /etc/resolv.conf if there isn't a value
already present in the channel.
- [David Drysdale brought this change]
Allow specification of search domain in ahost
Add the "-s domain" command line option to override the search
domains.
Daniel Stenberg (12 May 2014)
- Revert "ares_parse_aaaa_reply: fix leak when reply contains 1 alias and no address"
This reverts commit 440110b303fdbfadb3ad53d30eeb98cc45d70451.
- [Frederic Germain brought this change]
ares_parse_aaaa_reply: fix leak when reply contains 1 alias and no address
- [Doug Kwan brought this change]
ares_build.h: fix building on 64-bit powerpc
There are two issues.
1. gcc actually does not use __ppc__ and __ppc64__ but __PPC__ and
__PPC64__. The tests of __ILP32__ and __LP64__ are sufficient for gcc.
2. clang defines __GNU__ and defines both __ppc64__ and __ppc__ when
targeting ppc64. This makes CARES_SIZEOF_LONG to be 4 on a ppc64 system
when building with clang.
My patch is two change the order of the checks so that we check the
64-bit case first.
- refresh: updated now with automake 1.14
- [David Drysdale brought this change]
single_domain: Invalid memory access for empty string input
We noticed a small buglet in ares_search() when it gets an empty string
as input -- the single_domain() utility function in ares_search.c
accesses invalid memory (before the start of the string).
Guenter Knauf (31 Aug 2013)
- Fixed warning 'type specifier missing'.
Daniel Stenberg (30 Aug 2013)
- [Tor Arntsen brought this change]
ares_rules.h: CARES_SIZEOF_LONG doesn't exist anymore, don't test for it
It was removed in f19387dd72432
- nowarn: use <limits.h> instead of configure for size of long
This makes the header file much more multi-arch friendly and can be used
as-is with both 32 bit and 64 bit builds.
- timeoffset: made static and private
ares__timeoffset() was only used once within this single source file
- timeadd: make static
ares__timeadd() was only ever used from within the same source
Yang Tse (18 Jul 2013)
- xc-am-iface.m4: comments refinement
- configure: fix 'subdir-objects' distclean related issue
See XC_AMEND_DISTCLEAN comments for details.
- configure: automake 1.14 compatibility tweak (use XC_AUTOMAKE)
- xc-am-iface.m4: provide XC_AUTOMAKE macro
Daniel Stenberg (12 May 2013)
- gitignore: ignore all ares_*pdf but also CHANGES.dist
- bump: start working towards 1.10.1
|
|
--- 9.9.9-P3 released ---
4467. [security] It was possible to trigger a assertion when rendering
a message. (CVE-2016-2776) [RT #43139]
|
|
--- 9.10.4-P3 released ---
4468. [bug] Address ECS option handling issues. [RT #43191]
Note: Only the parts required to restore
interoperation with ECS clients have been
included in this security release. The full
fix is included in BIND 9.10.5.
4467. [security] It was possible to trigger a assertion when rendering
a message. (CVE-2016-2776) [RT #43139]
|
|
Bug #2765 - A letter appears on macOS clients when the spacebar is pressed
Bug #3241 - Windows UAC disconnects clients when elevated
Bug #4740 - Linux client crashes with "Assertion '!m_open' failed"
Bug #4879 - Memory leak caused by IpcReader
Bug #5373 - Tab behaves like shift tab on client
Bug #5502 - Copy and paste from server to client doesn't work
Enhancement #123 - Option to disable clipboard sharing
Enhancement #3305 - Media key support on macOS
Enhancement #4323 - Make automatic elevation on Windows optional
|
|
Patch inspired by net/vino/patches/patch-server_libvncserver_auth.c (r.1.1)
Bump PKGREVISION to 3.
|
|
Changelog:
Release 2.2.3 August 8th 2016
SyncEngine: Fix detection of backup (#5104)
Fix bug with overriding URL in config (#5016)
Sharing: Fix bug with file names containing percent encodes (#5042, #5043)
Sharing: Permissions for federated shares on servers >=9.1 (#4996, #5001)
Overlays: Fix issues with file name casing on OS X and Windows
Windows: Skip symlinks and junctions again (#5019)
Only accept notification API Capability if endpoint is OCS-enabled (#5034)
Fix windows HiDPI (#4994)
SocketAPI: Use different pipe name to avoid unusual delay (#4977)
Tray: Add minimal mode as workaround and testing tool for Linux issues (#4985, #4990)
owncloudcmd: Fix --exclude regression #4979
Small memleak: Use the full file stat destructors (#4992)
Fix small QAction memleak (#5008)
Fix crash on shutting down during propagation (#4979)
Decrease memory usage during sync (#4979)
Fix a deadlock when shutting down during discovery (#4993)
Setup csync logging earlier to get all log output (#4991)
Enable Shibboleth debug view with OWNCLOUD_SHIBBOLETH_DEBUG env
Release 2.2.2 June 21st 2016
Excludes: Don't redundantly add the same exclude files (#4967, #4988)
Excludes: Only log if the pattern was really logged. (#4989)
Release 2.2.1 June 6th 2016
Fix out of memory error when too many uploads happen (#4611)
Fix display errors in progress display (#4803, #4856)
LockWatcher: Remember to upload files after they become unlocked (#4865)
Fix overlay icons for files with umlauts (#4884)
Certs: Re-ask for different cert after rejection (#4898, #4911)
Progress: Don't count items without propagation jobs (#4856, #4910)
Utility: Fix for the translation of minutes, second (#4855)
SyncEngine: invalid the blacklist entry when the rename destination change
Several fixes to speed up reconnect after connection changes
Updater: Fix small memory leak
Linux: Revert forced HiDPI detection settings (#4840, #4861)
Release 2.2.0 May 12th 2016
Overlay icons: Refactoring - mainly for performance improvements
Improved error handling with Sync Journal on USB storages (#4632)
Sharing Completion: Improved UI of completion in sharing from desktop. (#3737)
Show server notifications on the client (#3733)
Improved Speed with small files by dynamic parallel request count (#4529)
LockWatcher: Make sure to sync files after apps released exclusive locks on Windows.
Improved handling of Win32 file locks and network files
Workaround Ubuntu 16.04 tray icon bug (#4693)
Removed the Alias field from the folder definition (#4695)
Improved netrc parser (#4691)
Improved user notifications about ignored files and conflicts (#4761, #3222)
Add warnings for old server versions (#4523)
Enable tranportation checksums if the server supports based on server capabilities (#3735)
Default Chunk-size changed to 10MB (#4354)
Documentation Improvements, ie. about overlay icons
Translation fixes
Countless other bugfixes
Sqlite Update to recent version
Update of QtKeyChain to support Windows credential store
|
|
http://bugzilla.gnome.org/show_bug.cgi?id=648606
require minimally gnutls 2.2.0 for use of currently used functions
since the recent gnutls update, deprecated => obsoleted
fixes build for now, discussing with wiz@ seems reasonable later
to update to the gnome3 version and, if necessary, adding back vino2.
|
|
|
