$Id: Changes 710 2008-02-08 15:22:21Z olaf $ -*-text-*- Revision history for Net::DNS ============================= *** 0.63, 8 Feb 2008 This version contains a Security Fix. Feature NotifyHandler in Nameserver The NotifyHandler is a new attribute to the nameserver used in the same way as the ReplyHandler except that it is executed when the opcode is NS_NOTIFY (RFC1996). It takes the same arguments as the reply handler (i.e. $qname, $qclass, $qtype, $peerhost, and $query). Corrections made in the documentation. Fix rt.cpan.org #32937: 5.11 introduces new warning on uc(undef) The patch supplied fixes for methods where undefined arguments were likely. For methods where undefined arguments don't make the warning will be printed. Fix rt.cpan.org #32147: Default LocalAddr broken in Net::DNS::Nameserver 0.62 Listen on the default address if LocalAddr not defined. Fix rt.cpan.org #30316 Security issue with Net::DNS Resolver. Net/DNS/RR/A.pm in Net::DNS 0.60 build 654 allows remote attackers to cause a denial of service (program "croak") via a crafted DNS response (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6341). Packet parsing routines are now enclosed in eval blocks to trap exception and avoid premature termination of user program. Bug: mbox-dname and txt-dname were not allowed to be empty in the RP RR. Fix by Peter Koch *** 0.62, 28 December 2007 Features: Move of some functionality out of the Packet to the Question and RR classes; parsing of elements in the packet is now performed by calling the appropriate subclasses. New methods were introduced: * Net::DNS::Packet->parse() * Net::DNS::RR->parse() * Net::DNS::Question->parse() The Packet class now defers parsing of authority/additional until their content is really needed. This should cause a bit of performance improvement. Dick Franks is acknowledged for this Good Work (TM). Feature: the Net::DNS::Packet's answersize() method will from now on ignore its arguments and just return the size of the packet. Feature: The Net::DNS::RR->new() method used to call Net::DNS::RR->new_from_data() whenever called with the appropriate combination of arguments. That (undocumented) behavior has been deprecated. Use Net::DNS::RR->new_from_data() directly if you depended on that. Feature: Net::DNS::Packets unique_push now ignores the TTL in comparison of uniqueness, this is closer to the intend of RFC2181, but not yet fully compliant. Fix rt.cpan.org #29816 Acquiring the IP address for the Resolver under Cygwin is made more resilient. Fix rt.cpan.org #31425 Empty question section in Base.pm search method detected Fix rt.cpan.org #31042 Makefile corrected to add a library target. Fix rt.cpan.org #29818 10-recurse.t used to fail in very specific environment (where a query for qname="." and qtype="NS" would return with an empty additional section). Fixed by adding the hints explicitly; this also forces the tests to take place under the root served by a-m.root-servers.net Fix rt.cpan.org #29877 Made 00-version.t recognize a "GIT" environment. Fix rt.cpan.org #29878 SPF.pm did not evaluate as true. Thanks Bjorn Hansen. Fix rt.cpan.org #21398 answersize() and answerfrom() set for persistent sockets Fix rt.cpan.org #29883 Fix various tests only available through SVN, so they are more robust (Acknowledgements Bjoern Hansen) Fix rt.cpan.org #24343 Resolver's nameserver() method would do silly things with undefined arguments. Fix rt.cpan.org #29531 Nameserver.pm, Packet.pm and Question.pm modified to avoid erroneous PTR lookup in response to mischievous query packet containing an IP address. Fix rt.cpan.org #27970 better netdns.o Marek Rouchal provided two minor improvements for linking the C code sniplets Fix rt.cpan 28345 A fix in Test::Simple revealed an off by 1 error in the testplan for 05-rr-rrsort.t. The fix is to remove a test, creating a dependency on Test::Simple 0.71 seemed overkill. *** 0.61, 1 August 2007 Fix rt.cpan.org #28106, 28198, and 28590 Modification of $_ in various places. Fix t/11-inet6 assumed lowercase domain names. *** 0.60 20 June 2007 Fix spelling mistakes in change log using interactive spell checker (aspell). Fix Two redundant calls of $self->rdatastr() in Net::DNS::RR::string(). Fix rt.cpan.org #27285 bis Unreleased 0.59_1 dn_expand_PP() has security flaw allowing access to arbitrary data using crafted packet with out of range compression pointer. Patch by Dick Franks based on 0.59 code. Fix rt.cpan.org #27391 dn_compress() produces corrupt packet for name containing empty label. Fix rt.cpan.org #26957 dn_compress() croaks for name having label which exceeds 63 characters. Patch by Dick Franks truncates offending label. Feature check_soa test of NCACHE TTL Dick Franks supplied an improved version of check_soa script which performs a direct test of NCACHE TTL by looking up non-existent name and reporting value if it exceeds 86400. Test is skipped unless minimumTTL is above same threshold. Recent BIND implementations impose a ceiling on NCACHE TTLs internally, so a large minimumTTL value is unlikely to have damaging consequences at many sites. Fix rt.cpan.org #27285 Break out of malformed packets with compression loops. Steffen Ullrich is acknowledged for patch and test code. Feature check_zone "alternate domain" and "exception file" flags Paul Archer supplied a patch for check_zone adding two new features. Feature Support for IPSECKEY RR Rudimentary IPSECKEY RR support added. Fix rt.cpan.org #25342 HINFO would only accept its data fields within quotes. That has now been fixed to adhere to by inheriting parsing functions from TXT. Fix rt.cpan.org #24631 / Feature IP address prefix notation Dick Franks supplied a cleaned up version of Question.pm. Revised code deals with incomplete IPv6 address bug and accepts RFC4291 address prefix notation. IPv4/prefix also supported for completeness. This involved a minor change to the API for reverse IP lookup. Changing qtype to PTR is now performed for A and AAAA only. This allows queries for NS and SOA records at interior nodes to be specified using the address prefix. Type ANY queries now also produce the expected result. Cleaned up TYPE/CLASS reversal code, exploiting fact that the intersection of the sets of class and type names contains only one member (ANY). Minor cleanup of remaining code. Fix rt.cpan.org #22019 Expunge trailing dots from RR->new_from_hash() FQDN arguments. Patch by Dick Franks. Fix Recursion and EDNS OPT record The Recursive resolver process would add an OPT-RR with each recursion which causes FORMERRs with a number of authoritative servers. Feature SSHFP warn instead of die We do not die if a not implemented fingerprint type value is read from the wire, instead we 'warn' and return undef. Feature NSEC3PARAM hook A hook to load NSEC3PARAM when available has been added. WARNING: Both NSEC3 and NSEC3PARAM are configured with their experimental type codes. Feature rt r24525 Net::DNS::Resolver depended on Net::IP (2268 Kb) which depends on heavy module Math::BigInt (1780 Kb). Valery Studennikov suggested to ship Net::DNS::Resolver::Base with its own copies of ip_is_ipv[4|6] and supplied a patch with those functions stripped from Net::IP. Note that the package still depends on Net::IP because Net::DNS::Nameserver and a few tests depend on it. Fix rt 22334 Fixed "perl Makefile.PL --xs" behavior, patch by Tamas Palfalvi Fix rt 21752 and 24042 Applied the patch supplied by Alexandr Ciornii to be able to compile on ActiveState perl . Slight modifications based on comments by nimnul Fix rt 23961 Randomized the ID on the queries. Thanks to "hjp" for reporting and suggesting a fix. The randomization of the src port is supposed to be handled by the setting the source port to "0" (default). Overriding the default or using persistent sockets may be problematic. Also see: http://www.potaroo.net/ietf/idref/draft-hubert-dns-anti-spoofing/ Fix Minor compile time warnings for netdns.c on Fedora Core. *** 0.59 September 18, 2006 Fix rt.cpan.org 20836, 20857, 20994, and 21402 These tickets all revolved around proper reverse mapping of IPv6 addresses. Acknowledgments to Dick Franks who has provided elegant solutions and cleaned a bit of code. Note that directly calling Question->new() without arguments will cause the qclass,qtype to be IN, A instead of ANY, ANY. Net::DNS::Resolver's search() method would always gracefully interpret a qname in the form of an IPv4 address. It would go out and do a PTR query in the reverse address tree. This behavior has also been applied to IPv6 addresses in their many shapes and forms. This change did two things, 1) root zone not implicitly added to search list when looking up short name, 2) default domain appended to short name if DEFNAMES and not DNSRCH. Fix rt.cpan.org 18113 Minor error due to unapplied part of patch fixed. Feature: Experimental NSEC3 hooks. Added hook for future support of (experimental) NSEC3 support (NSEC3 having an experimental type code). *** 0.58 July 4, 2006 Feature: hooks for DLV support in Net::DNS::SEC added hooks for DLV support which is/will be available in Net::DNS::SEC as of subversion version 592 (Tests are done against the subversion number, not against the perl release version) Net::DNS::SEC version 0.15 will have DLV support. Partly Fixed rt.cpan.org 18940 djhale noticed a number of error conditions under which the udp_connection in Nameserver dies. We now print a warning instead of dying. Fix rt.cpan.org 18958 Fixed typebyname croak for SIGZERO. Acknowledgments to djhale. Optimize rt.cpan.org 11931 Hanno Stock optimized the method to get the list of available interfaces in Win32. I have only done very rudimentary tests on my Windows XP system. Fix dependency on "CC" rt.cpan.org 19352 The Makefile.PL depended on availability of "cc" and would bail out on systems where gcc is exclusively available. Thanks to Rob Windsor for noticing and patching. Fix compressed dnames in NAPTR/SRV Clayton O'Neill noted that the the domain names in in the NAPTR and SRV RRs rdata were subject to name compression which is not conform the specs. Also see RFC 2782 and 2915. Fix rt.cpan.org 18897 Zero-length rdata in TXT fixed (Acknowledgments to Roy Arends) Fix rt.cpan.org 18785 SPF would not work unless the TXT RR was not loaded first. No wonder, SPF fully inherits TXT and loading of TXT.pm is therefore a prerequisite. Fix rt.cpan.org 18713 Net::DNS::Resolver now deals gracefully with persistent sockets that got disconnected. It will first try to connect again to the socket and if that fails it will try to connect to the next available nameserver. tcp_timeout() is the parameter that determines how long to wait during a reconnect. Fix rt.cpan.org 18268 Added reference to RFC in croak message for label length > 63 in dn_comp(). Fix rt.cpan.org 18113 The inet6 tests contained another bug when online-tests were disabled. Klaus Heinz discovered and provided a patch. *** 0.57 February 24, 2006 Fix rt.cpan.org 17783 The inet6 tests do not skip enough tests when ipv6 is not available. I did not catch this in my setup since IPv6 is available on all my machines. Since this breaks automatic CPAN installs a new release is reasonable. *** 0.56 February 20, 2006 Fix rt.cpan.org 17694 Net::DNS::typesbyval() now confesses on undefined args. Acknowledgments to Dean Serenevy. Feature Implemented SPF (typecode 99). The class completely inherits from Net::DNS::RR::TXT (the easiest RR to implement ever). Feature added rrsort() function. Feature was requested by Eric Hall in rt.cpan.org 13392 This was a little tricky as I think that the sort functions are in fact RR specific class attributes that should be accessed through class methods. This is difficult to implement. I do think I found a fairly clean manner. It does require a global variable in Net::DNS to store the functions and some trickery when the sorting functions are defined. See Net::DNS and Net::DNS::RR documentation for details. Defaults sorting functions are currently implemented in SRV: default sort: low priority to high priority and for same preference highest weight first. weight: sort all RRs based on weight, highest first priority: see default sort MX: default sort: lowest preference first. preference: see default sort NAPTR: default sort: lowest to highest order, for same order lowest preference first order: see default sort preference: order on preference, lowest first PX: See MX RT: See MX Fix rt.cpan.org 14653 and 14049 TCP fallback after V6 socket failure Reworked Net::DNS::Base::Nameserver::send_tcp() to fallback to IPv4 when possible. (change applied to SVN Revision 538). Feature Cleanup duplicated code axfr_send() and send_tcp() contained some duplicated code. I merged this in one "helper" method _create_tcp_socket() Fix AXFR persistent sockets colliding with query sockets. I think that using the same persistent sockets for AXFR and 'ordinary' queries could lead to race conditions. Better safe than sorry. For axfrs we create a different set of persistent sockets. Note that this prevents performing a SOA query first and then using the same socket for the zone transfer itself(in Net::DNS these are different code paths). This behavior of SOA and transfer on the same socket-- seems to be suggested by 1035 section 4.2.2: "In particular, the server should allow the SOA and AXFR request sequence (which begins a refresh operation) to be made on a single connection." Obviously, on the client side this behavior is not mandatory. Fix rt.cpan.org 17596 The fixes and features above also fixed the timeout problem reported by Paul Hofman Profiling It turned out that each time we were calling Net::DNS::Resolver::Base::nameserver(); We were creating a resolver object. Now a resolver object is only called when a domain name is given as argument. **** 0.55 December 14, 2005 Fix Inconsistency in test There was an inconsistency in the t/05-rr.t that got triggered by the release of Net::DNS::SEC version 0.13 (when installed). That has been fixed. Feature Net::DNS::Nameserver loop_once() Uncommented the documentation of the loop_once() function and introduced get_open_tcp() that reports if there are any open TCP sockets (useful when using loop_once(). loop_once() itself was introduced in version 0.53_02 Fix rt.cpan.org 16392 TCP Sockets stayed open even if not requested. This may cause the kernel to run out of TCP slots. This bug is the reason for releasing version 0.55 shortly after 0.54. Spotted and patched by Robert Felber. *** 0.54 December 7, 2005 Fix rt.cpan.org 15947 Failure to bind a nameserver when specifying an IPv6 address. Fix rt.cpan.org 11931 Using Net-DNS 0.53 on Win XP, it is unable to retrieve the nameservers when the IP address of the interface is assigned by DHCP. This is due to the DHCP assigned IP address being stored in DhcpIPAddress rather than IPAddress (which is then 0.0.0.0). Adding a check of DhcpIPAddress existence and not being 0.0.0.0 fixes the problem. Applied the patch submitted by "orjan". Fix rt.cpan.org 15119 main_loop() consumed 100% of CPU, because of a bug that caused loop_once() to loop ad infinitum. Fix rt.cpan.org 15299 Defining multiple constants with 'use constant { BLA => 1, FOO =>2 }; is a backwards incompatible feature. Thanks to Ian White for spotting and fixing this. *** 0.53_02 Oct 18, 2005 Fix rt.cpan.org 14046 RRSIGs verify and create failed for a number of RR types. The error message showed something like: Can't call method "dn_comp" on an undefined value This was caused by an omission in the _canonicalRdata() method in Net::DNS::RR that was inherited by all failing RR types. Code was added to t/05-rr.t that will test signature creation if Net::DNS::SEC is available and can be loaded. Feature async nameserver behaviour. In rt.cpan.org 14622 Robert Stone suggested: The fact that it needs to take over the main running thread limits its audience. Since many daemon programs are already driven by a top level select loop, it seems useful to provide an API for the user to integrate Net::DNS::Nameserver processing to their own select loop. He also supplied example code for which he is hereby acknowledged. The patch was not used because simultaneously Robert Martin-Legène supplied a patch to Nameservers.pm that allowed the same async functionality through the use of loop_once method. Robert M-L's code also carefully manages the TCP sockets, so that they can deal with AXFRs. Robert S. has been so kind to review Robert M-L's code and is hereby kindly acknowledged. NB. Since the code may be subject to change the documentation of the loop_once method has been commented out. Fix bgsend srcaddr for IPv6 Achim Adam previously noticed that the source address wildard "::" works provides better portability than "0". We forgot to fix the bgsend() part earlier. Fix rt.cpan.org 14624 Fixed documentation of Nameserver.pm Replyhandler and fixed a bug that prevented the peerhost to be set. Fix rt.cpan.org 14700 mistyped _name2wire helper function name. Noticed and patched by Simon Josefsson. Fix rt.cpan.org 13944 Terminating dot not printed when printing SRV record. The SRV dname should be printed as FQDN, that is, including the dot at the end. Acknowledgments Jakob Schlyter. While adding the "dot" I noticed that in the fileformat parsing code there might be theoretical corner cases where rdata elements are not properly read. The code needs an audit for this. Fix srcport for socket creation in bgsend method Lionel Cons noted and patched a small bug in bgsocket creation code for lib/Net/DNS/Resolver/Base.pm *** 0.53_01 July 31, 2005 Fix rt.cpan.org 13809 "Phar" noted that the peerhost is never passed to the make_reply function in nameserver.pm and provided the trivial patch. Fix rt.cpan.org 13922 Fixed a problem with persistent TCP sockets which was introduced because of using the address family as an index to the array of persistent sockets. Used AF_UNSPEC for the array index for the TCP socket; just to choose a number. The key to the persistent sockets is the remote nameserver:port combination. Acknowledgments to Mike Mitchell for reporting the bug and testing the solution. Feat t/01-resolve will not try to do tests from private IP space; hopefully that cuts down on the number of false positives. *** 0.53 July 22, 2005 Fix rt.cpan.org 13669 Danny Thomas provided a somewhat more elegant line of code for the typesbyval regexp. Fix rt.cpan.org 13534 Net::DNS::Resolver::Recurse would bail out when it happened to run into lame servers. Doc rt.cpan.org 13387 Documented the BUG caught by Robert Martin-Legène Net::DNS::Nameserver running with multiple IP interfaces might violate section 4 of RFC2181. Fix IPv6 on AIX Binding to the local interface did not work when local address was specified as "0" instead of "::". The problem was identified, reported and fixed by Achim Adam. Fix rt.cpan.org 13232 One uncaught AF_INET6. *** 0.52 July 1, 2005 Feature Net::DNS::RR::OPT added the the size(), do(),set_do() and clear_do() methods. *** 0.51_02 June 22, 2005 Fix rt.cpan.org 13297 Persistent_udp option broken starting in version 0.50. This was fixed, based on a patch by Sidney Markowitz. Guido van Rooij independently submitted a similar patch. Fix rt.cpan.org 13289 Was caused by a typo. Fix rt.cpan.org 13243 and 13191 The escaped characters test failed on some system because the the systems dn_expand instead of the supplied dn_expand was used after the makemaker magic linked DNS.xs. This was fixed by renaming the dn_expand that comes with the library to netdns_dn_expand. Fix rt.cpan.org 13239: When queries are refused the resolver would not take the next nameserver on the nameserver list for its next try but skip one. I was also made aware that the "use byte" pragma is incompatible with pre 5.06 perl. BEGIN { eval { require bytes; } } It should be noted that for perl versions < 5.006 I had to disable the escaped character test. Don't expect domain names with labels that contain anything else than host names to work for versions earlier than perl 5.6.0. Thanks to Vladimir Kotal for the assistance in testing the code on his system and the members of the NL-PM list for suggestions and education. *** 0.51_01 June 14, 2005 Fix rt.cpan.org 13232: Replaced IF_INET6 by IF_INET6() so that use strict subs does not complain in the absence of a definition of IF_INET6 in earlier versions perl that did not have IF_INET6 defined in Socket.pm The problem is similar to the problem described in: http://lists.ee.ethz.ch/mrtg-developers/msg00198.html *** 0.51 June 10, 2005 Fix rt.cpan.org 13184: Removed a 'stale' debug line (oops). A "stale" debug line may cause clutter in log files which may cause false positives on log analysis tools. Harmful enough to warrant a quick patch. *** 0.50 June 8, 2005 No changes with respect to 0.49_03. *** 0.49_03 June 1, 2005 (Version 0.50 release candidate 3) Fix: Concatenation of scalars caused modification of data because of Perl's habit to treat scalars as utf characters instead of bytes. Inserted use bytes pragma throughout the code base. DNS is done in octets. Feature: Added "ignqrid" as an attribute to the Resolver. use as: ok (my $res=Net::DNS::Resolver->new(nameservers => ['127.0.0.1'], port => 5354, recurse => 0, igntc => 1, ignqrid => 1, ), When the attribute is set to a non-zero value replies with the qr bit clear and replies with non-matching query ids are happily accepted. This opens the possibility to accept spoofed answers. YOU CAN BURN YOURSELF WITH THIS FEATURE. It is set to 0 per default and remains, except for this changes file an undocumented feature. *** 0.49_02 May 28, 2005 (Version 0.50 release candidate 2) Fix: Smoking Gun tests for non-cygwin Win32. Makefile.PL failed to produce a proper Makefile under win32. (e.g. www,nntp.perl.org/group/perl.cpan.testers/210570) I worked around that by moving the library into the base directory of the distribution as the "subdir" section seemed to be all funny. Fix: rt.cpan.org#11931 (the off-topic part) Sidney Markowitz spotted an awkward condition that rarely happens but is significant enough to be dealt with. In the send_udp method there are two loops: one over the nameservers and one that waits for the sockets to come forward with data. That second loop will sometimes timeout and then be entered with a repeated query to the same nameserver. It occasionally happens that the old packet arrives on the socket. That packet is discarded but the loop does not return to the loop to wait for the remainder of the timeout period for an answer on the second query, that may still arrive. This has now been fixed. Thanks to Sidney for the assessment of the problem and the fix. *** 0.49_01 (Version 0.50 release candidate 1) Fix: Makefile.PL: Minor tweak to recognize Mac OS X 10.4 not so relevant since netdnslib is distributed with the code. Feature: Calling the Net::DNS::Resolver::dnssec method with a non-zero argument will set the udppacketsize to 2048. The method will also carp a warning if you pass a non-zero argument when Net::DNS::SEC is not installed. Feature: IPv6 transport support IPv6 transport has been added to the resolver and to the nameserver code. To use IPv6 please make sure that you have IO::Socket::INET6 version 2.01 or later installed. If IPv6 transport is available Net::DNS::Resolver::Recurse will make use of it (picking randomly between IPv4 and IPv6 transport) use the force_v4() method to only force IPv4. Feature: Binary characters in labels RFC 1035 3.1: Domain names in messages are expressed in terms of a sequence of labels. Each label is represented as a one octet length field followed by that number of octets. Since every domain name ends with the null label of the root, a domain name is terminated by a length byte of zero. The high order two bits of every length octet must be zero, and the remaining six bits of the length field limit the label to 63 octets or less. Unfortunately dname attributes are stored strings throughout Net::DNS. (With hindsight dnames should have had their own class in which one could have preserved the wire format.). To be able to represent all octets that are allowed in domain names I took the approach to use the "presentation format" for the attributes. This presentation format is defined in RFC 1035 5.1. I added code to parse presentation format domain names that has escaped data such as \ddd and \X (where X is not a number) to wireformat and vice verse. In the conversion from wire format to presentation format the characters that have special meaning in a zone file are escaped (so that they can be cut-n-pasted without pain). These are " (0x22), $ (0x24), (0x28), ) (0x29), . (0x2e) , ; (0x3b), @ (ox40) and \ (0x5c). The number between brackets representing the ascii code in hex. Note that wherever a name occurs as a string in Net::DNS it is now in presentation format. For those that dealt with 'hostnames' (subset of all possible domain names) this will be a completely transparent change. Details: I added netdnslib which contains Net::DNS's own dn_expand. Its implemented in C and the source is a hodgepodge of Berkeley based code and snippets from ISC's bind9 distribution. The behavior, in terms of which chars are escaped, is similar to bind9. There are some functions added to DNS.pm that do conversion from presentation and wire format and back. They should only be used internally (although they live in EXPORT_OK.) For esoteric test cases see t/11-escapedchars.t. Fix: rt.cpan.org #11931 Applied the patch suggested by "Sidney". It is a practical workaround that may not be portable to all versions of the OS from Redmond. See the ticket for details. *** 0.49 March 29, 2005 No changes wrt 0.48_03. *** 0.48_03 March 22, 2005 (Version 0.49 release candidate 3) Fix: Only remove leading zeros in the regular expressions for typesbyval and classbyval methods. (patch by Ronald v.d. Pol) Fix: Properly return an empty array in the authority, additional and answer methods (patch by Ronald v.d. Pol) Fix: rt.cpan.org #11930 Incorrect searchlist duplication removal in Net::DNS::Resolver::Win32 Patch courtesy Risto Kankkunen. Problem: rt.cpan.org #11931 Win32.pm used the DNSRegisteredAdapters registry key to determine which local forwarders to send queries to. This is arguably the wrong key as it is used to identify the server which to send dynamic updates to. A real fix for determining the set of nameservers to query has not been implemented. For details see https://rt.cpan.org/Ticket/Display.html?id=11931 *** 0.48_02 March 14, 2005 (Version 0.49 release candidate 2) Fix: Bug report by Bernhard Schmidt (concerning a bug on the IPv6 branch). The bug caused dname compression to fail and to create compression pointers causing loops. *** 0.48_01 March 7, 2005 (Version 0.49 release candidate 1) Fix: rt.cpan.org #8882 No redundant lookups on SERVFAIL response and #6149 Does not search multiple DNS servers Net::DNS::Resolver will now use the other nameservers in the list if the RCODE of the answer is not NO ERROR (0) or NAME ERROR (3). When send() exhausted the last nameserver from the it will return the answer that was received from the last nameserver that responded with an RCODE. The error string will be set to "RCODE: " Fix: rt.cpan.org #8803 TXT records don't work with semicolons Since we are expecting presentation format at input a comment will need to be escaped ( \; ). It could be argued that this is a to strict interpretation of 1035 section 5.1. While working on this I discovered there are more problems with TXT RRs. e.g.; '0100' (a character string content represented in hex) is a perfectly legal and should be represented as "\000" in presentation format. Net::DNS does pass character strings with "non-ASCII" chars from the wire to the char_str_lst array but the print functions do not properly escape them when printing. Some tests with TXT RRs added to 07-misc.t Properly dealing with zone file presentation format and binary data is still to be done. Fix: rt.cpan.org Ticket #8483 eval tests for DNS::RR::SIG fail when using a die handler (Thanks Sebastiaan Hoogeveen) Patch applied. Fix: rt.cpan.org: Ticket #8608 Net::DNS::Packet->data makes incorrect assumptions Implemented the "pop" method for the question. Since having a qcount that is not 1 is somewhat rare (it appears in TCP AXFR streams) the ability to pop the answer from a question has not been documented in the "pod" Also fixed the incorrect assumption. (Thanks Bruce Campbell.) Fix: Ticket #11106 Incorrect instructions in README Corrected in the README and in Makefile.PL Olaf Kolkman took over maintenance responsibility from Chris Reinardt. This involved importing the code into another subversion repository. I made sure the numbers jumped, but I did not have access to the "original" subversion repository so I lost some of the history. *** 0.48_01 March 2005 (Version 0.49 release candidate 1) Fix: rt.cpan.org #8882 No redundant lookups on SERVFAIL response and #6149 Does not search multiple DNS servers Net::DNS::Resolver will now use the other nameservers in the list if the RCODE of the answer is not NOERROR (0) or NXDOMAIN (3). When send() exhausted the last nameserver from the it will return the answer that was received from the last nameserver that responded with an RCODE. The errorstring will be set to "RCODE: " Fix: rt.cpan.org #8803 TXT records don't work with semicolons Since we are expecting "zonefile" presentation at input a comment will need to be escaped ( \; ). It could be argued that this is a to strict interpretation of 1035 section 5.1. While working on this I discovered there are more problems with TXT RRs. Eg; 0100 is a perfectly legal character string that should be represented as "\000" in a zonefile. Net::DNS does pass character strings with "non-ASCII" chars from the wire to the char_str_lst array but the print functions do not properly escape them when printing. Properly dealing with zonefile presentation format and binary data is still to be done. Fix: rt.cpan.org Ticket #8483 eval tests for DNS::RR::SIG fail when using a die handler (Thanks Sebastiaan Hoogeveen) Patch applied. Fix: rt.cpan.org: Ticket #8608 Net::DNS::Packet->data makes incorrect assumptions Implemented the "pop" method for the question. Since having a qcount that is not 1 is somewhat rare (it appears in TCP AXFR streams) the ability to pop the answer from a question has not been documented in the "pod" Also fixed the incorrect assumption. (Thanks Bruce Campbell.) Fix: Ticket #11106 Incorrect instructions in README Corrected in the README and in Makefile.PL Olaf Kolkman took over maintenance responsibility from Chris Reinardt. This involved importing the code into another subversion repository. I made sure the numbers jumped, but I did not have access to the "original" subversion repository so I lost some of the history. >>>>>>> .merge-right.r260 *** 0.48 Aug 12, 2004 Net::DNS is now stored in a subversion repository, replacing cvs. As such the submodule version numbers have taken another big jump. Luckily those numbers don't matter as long as they work. Fixed a bug with Unknown RR types that broke zone signing [Olaf]. Added callback support to Net::DNS::Resolver::Recurse. The demo/trace_dns.pl script demonstrates this. Added a note regarding answers with an empty answer section to the Net::DNS::Resolver::search() and Net::DNS::Resolver::query() documentation. The copyright notice for Net::DNS::RR::SSHFP was incorrect. That file is Copyright (c) 2004 RIPE NCC, Olaf Kolkman. *** 0.47_01 May 6, 2004 ** NOTICE ** RR subclasses no longer pull in parts of Net::DNS; Net::DNS is assumed to be up and running when the subclass is compiled. If you were using a RR subclass directly, this may break your code. It was never documented that you could use them directly however, so hopefully you never did... Fixed bug where SRV records with a priority of 0 did not function correctly. CPAN #6214 Calls to various constants where using the &NAME syntax, which is not inlined. Changed to NAME(). Added SSHFP support. [Olaf] CERT fixes. [Olaf] *** 0.47 April 1, 2004 safe_push() is back in Net::DNS::Packet, due to the excellent debate skills of Luis E Monoz. However, the name safe_push() is deprecated, use the new name unique_push() instead. Fixed a bug in Net::DNS::Nameserver which caused the class to build packets incorrectly in some cases. [Ask Bjorn Hansen] Error message cleanups in Net::DNS::typesbyname() and Net::DNS::typesbyval() [Ask Bjorn Hansen] Net::DNS::RR::new_from_hash() now works with unknown RR types [Olaf]. *** 0.46 February 21, 2004 IPv6 reverse lookups can now be done with Net::DNS::Resolver::search(), as well as with query(). Hostnames can now be used in the 'nameservers' argument to Net::DNS::Resolver->new() *** 0.45_01 February 9, 2004 Net::DNS now uses UDP on windows. Removed Net::DNS::Select from the package. IO::Select appears to work on windows just fine. Fixed a bug that caused MXes with a preference of 0 to function incorrectly, reported by Dick Franks. Net::DNS had a few problems running under taint mode, especially under cygwin. These issues have been fixed. More issues with taint mode may lay undiscovered. Applied Matthew Darwin's patch added support for IPv6 reverse lookups to Net::DNS::Resolver::query. *** 0.45 January 8, 2004 No changes from 0.44_02. ** 0.44_02 January 3, 2004 The XS detection code was broken. We actually use the XS bits now. Major cleanups/optimizations of the various RR subclasses. This release of Net::DNS is over twice as fast at parsing dns packets as 0.44. ** NOTICE ** $rr->rdatastr no longer returns '; no data' if the RR record has no data. This happens in $rr->string now. Net::DNS::Packet::safe_push() no longer exists. The method is now only available from Net::DNS::Update objects. ** 0.44_01 January 3, 2004 Net::DNS::RR objects were not playing nice with Storable, this caused the axfr demo script to fail. Thanks to Joe Dial for the report. ** NOTICE ** This may cause RR objects that are already serialize to not deserialize correctly. Reply handlers in Net::DNS::Nameserver are now passed the query object. Fixed a nasty bug in Nameserver.pm related to the qr bit. As Olaf explained: Replies are sent if the query has its "qr" bit set. The "qr" bit is an indication that the packet is sent as a response to a query. Since there are more implementations that suffer from this bug one can cause all kinds of nasty ping-pong loops by spoofing the initial packet or have an infinite query loop by spoofing a query from the localhost:53 address. Various Win32/Cygwin cleanups from Sidney Markowitz. *** 0.44 December 12, 2003 The Wrath of CPAN Release. CPAN.pm doesn't understand the nature of revision numbers. 1.10 is newer than 1.9; but CPAN.pm treats them as floats. This is bad. All the internal version numbers in Net::DNS have been bumped to 2.100 in order to fix this. No actual code changes in this release. *** 0.43 December 11, 2003 Added warning of deprecation of Net::DNS::Packet::safe_push. This will move into Net::DNS::Update, as Net::DNS::Update is now a proper subclass of Net::DNS::Packet. ** 0.42_02 December 11, 2003 Fixed a long standing bug with zone transfers in the "many-answers" format. CPAN #1903. Added the '--online-tests' flag to Makefile.PL. This activates the online tests without asking the user interactively. "--no-online-tests" turns the tests off. Cleaned up Makefile.PL a little. The "--pm" flag is now deprecated, use "--no-xs" instead. Added support for unknown RR types (rfc3597). Note for developers: the typesbyname, typesbyval, classesbyname and classesbyval hashes should not be used directly, use the same named wrapper functions instead. [Olaf Kolkman] Added two hashes for administrative use; they store which types are qtypes and metatypes (rfc2929). [Olaf Kolkman] ** 0.42_01 November 30, 2003 Major work to get Net::DNS functioning properly on Cygwin by Sidney Markowitz. Fixed a bug in Net::DNS::Nameserver's error handling. CPAN #4195 *** 0.42 October 26, 2003 Fixed compilation problems on panther (Mac OS 10.3). Fixed a bug in Net::DNS::Resolver::Recurse which allowed an endless loop to arise in certain situations. (cpan #3969, patch by Rob Brown) Applied Mike Mitchell's patch implementing a persistent UDP socket. See the Net::DNS::Resolver documentation for details. *** 0.41 October 3, 2003 Added some documentation about modifying the behavior of Net::DNS::Resolver. ** 0.40_01 September 26, 2003 Fixed some uninitialized value warnings when running under windows. Fixed a bug in the test suite that caused 00-version.t to fail with certain versions of ExtUtils::MakeMaker. Thanks to David James, Jos Boumans and others for reporting it. Reply handlers in Net::DNS::Nameserver are now passed the peerhost. (Assen Totin ) Reply handlers in Net::DNS::Nameserver can now tweak the header bits that the nameserver returns. [Olaf] The AD header bit is now documented, and twiddlable. [Olaf] The change log has been trimmed, entries for versions older than 0.21 have been removed. ** NOTICE ** Net::DNS::Resolver::axfr_old() has been removed from the package. An exception will be thrown if you attempt to use this method. Use axfr() or axfr_start() instead. *** 0.40 September 1, 2003 Various POD tweaks. ** 0.39_02 August 28, 2003 Net-DNS-SEC updates, seems that IETF has been busy redefining DNSSEC. [Olaf] Added version to all the modules in the distribution. ** 0.39_01 August 12 2003 Added a META.yaml. The crystal ball says an upgrade to Module::Install may be coming soon. Changed how the versions of the various submodules were set. The CPAN indexer cannot execute "$VERSION = $Net::DNS::VERSION". The single line with the $VERSION assignment is pulled out of the file and eval'ed; at that time, Net::DNS is not loaded. The submodules now pull their version numbers out of CVS. *** 0.39 August 7 2003 Fixed a bug on Win32 where some machines separated lists with commas, not whitespace. Thanks to Jim White for pointing it out. ** 0.38_02 July 29 2003 Reworked the POD for Net::DNS::Resolver. When parsing resolver configuration files, IPv6 addresses are now skipped, as Net::DNS does not yet have IPv6 support. ** 0.38_01 Jun 22 2003 Broke Net::DNS::Resolver into separate classes. UNIX and Win32 classes are currently implemented. Many of the globals in Net::DNS::Resolver no longer exist. They were never documented so you never used them.... right? Options to Net::DNS::Resolver->new() are now supported, including using your own configuration file. See the Net::DNS::Resolver man page for details. Tweaked Net::DNS::RR::TXT to fail more gracefully when the quotes in the data section are not balanced. Add more tests (of course). Moved next_id() from Resolver.pm to Header.pm (which is where it is used). Net::DNS::Select now uses $^O directly, this means that the second argument to Net::DNS::Select::new() (the OS) is now ignored. *** 0.38 Jun 5 2003 Various buglets fixed in the new Makefile.PL. Use Dynaloader instead of XSLoader. Turns out that XSLoader is only in more recent perls. Added deprecation warning to Net::DNS::Resolver::axfr_old(). HP-UX fixes [cpan #2710], I don't have the name of the reporter/patcher. *** 0.37 May 28 2003 Renamed the test C file to compile.c, test.c was confusing the 'make test' target. *** 0.36 May 28 2003 Removed Rob Brown's RPM stuff. Something odd happened in the 0.35 tarball and at the moment I don't have the time to investigate. *** 0.35 May 26 2003 POD fixes, added tests for POD. *** 0.34_03 May 22 2003 Reworked Makefile.PL to try and detect if you have a working C compiler. Added '--pm' and '--xs' command line options to Makefile.PL Fixed linking problem on linux. Tie::DNSHash removed from the package, see Tie::DNS from CPAN for a more complete implementation of a DNS hash. *** 0.34_02 May 21 2003 Net::DNS::Packet::dn_expand is now implemented using the function of the same name from libresolv. This method of decompressing names is around twice as fast as the perl implementation. Applied Jan Dubois's patch to fix nameserver lookup on Windows 2000/95/98/ME. *** 0.34 6 Mar 2003 Applied David Carmean's patch for handling more than one string in a TXT RR's RDATA section. Applied Net::DNS::Resolver::Recurse bug fixes from Rob Brown. Added check of the answer's rcode in Net::DNS::Resolver::axfr_next(). Applied Kenneth Olving Windows changes. Applied patch from Dan Sully (daniel@electricrain.com) allowing multiple questions to be part of a DNS packet. *** 0.33 8 Jan 2003 Fixed 00-load.t to skip the Net::DNS::SEC modules. The test suite should now pass if you have Net::DNS::SEC installed. Fixed the regular expression in RR.pm to comply with the RFCs, turns out we were _too_ paranoid. [Olaf] *** 0.32 5 Jan 2003 Various cleanups for perl 5.004. Thanks to nathan@anderson-net.com ([cpan #1847]) Applied Olaf's SIG patch (thanks as always). Win32 now looks at the environment variables when building the configuration defaults. Thanks to net-dns-bug@oak-wood.co.uk (That's the only name I have... [cpan #1819]) Added Rob Brown's Net::DNS::Resolver::Recurse module. *** 0.31 17 Nov 2002 Applied Olaf's patch for an initialization bug in OPT.pm Applied Rob Brown's patch for udp timeouts. Added stuff from Rob Brown for making RPM creation easier. Fixed a typo in FAQ.pod that was making apropos and whatis grumpy. Thanks to Florian Hinzmann for pointing it out and a patch. *** 0.30 7 Nov 2002 Applied Andrew Tridgell's (tridge@samba.org) patch for TKEY support. Added Net::DNS::Packet->safe_push() to allow for automatically checking for duplicate RRs being pushed into a packet. Inspired by Luis Munoz. Added more tests. *** 0.29 2 Oct 2002 Fixed $_ from creeping out of scope in Resolver.pm. Thanks to Ilya Martynov for finding the problem and the patch to fix it. Fixed divide by zero bug there is no usable network interface(s). Thanks to twilliams@tfcci.com, misiek@pld.ORG.PL (and one other person that I can't seem to find the address of) for reports. *** 0.28 20 Aug 2002 Fixed a bug in the new AUTOLOAD routines that made it impossible to set attributes to '0'. Fixed a bug in the RR patch that broke many updates. *** 0.27 15 Aug 2002 Added (untested) support for perl 5.004. We now allow whitespace at the beginning of a RR. Fixed an issue that gave Net::DNS::SEC problems, %Net::DNS::RR::RR is now in a scope that the Net::DNS::SEC hook can see it from. Fixed SRV records. Fixed debug message in Net::DNS::Resolver::bgread(). *** 0.26 5 Aug 2002 Fixed various bugs in the test suite. Fixed warning in Net::DNS::RR::AUTOLOAD with perl 5.005. --- Olaf Kolkman Chris Reinhardt Michael Fuhr