forked from dnsjava/dnsjava
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Changelog
1906 lines (1518 loc) · 58.5 KB
/
Changelog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
09/21/2024
- 3.6.2 released
- Add new IANA Trust Anchor (@technolord, #337)
- Fix Zone handling with signed SOA (@frankarinnet, #335)
07/28/2024
- 3.6.1 released
- Properly fix LookupSession doesn't cache CNAMEs (#316)
- Move JEP-418 SPI to Java 18 to support EOL workflows (#329)
07/21/2024
- 3.6.0 released
- Fix CVE-2024-25638 (GHSA-cfxw-4h78-h7fw)
Lookup and LookupSession do not sanitize input properly,
allowing to smuggle additional responses, even with DNSSEC.
I would like to thank Thomas Bellebaum from Fraunhofer AISEC
(@bellebaum) and Martin Schanzenbach (@schanzen) for reporting
and assisting me with this issue.
- Fix CVE-2023-50387 (GHSA-crjg-w57m-rqqf)
Denial-of-Service Algorithmic Complexity Attacks (KeyTrap)
- Fix CVE-2023-50868 (GHSA-mmwx-rj87-vfgr)
NSEC3 closest encloser proof can exhaust CPU resources (KeyTrap)
- Fix running all DNSSEC on the specified executor
- Add new DNSSEC algorithm constants for SM2SM3 and ECC-GOST12
- Add A/AAAA record constructor with IP address byte array
- Validate DS record digest lengths (#250)
- Fix NPE in SimpleResolver on invalid responses (#277)
- Add support for JEP 418: Internet-Address Resolution SPI (#290)
- Full JPMS support (#246)
- Pluggable I/O for SimpleResolver
(@chrisruffalo, #253)
- UDP port leak in SimpleResolver (#318)
- Fix clean shutdown in app containers when never used (#319)
- Fix concurrency issue in I/O clients (#315, #323)
- LookupSession doesn't cache CNAMEs (#316)
- SimpleResolver can fail with UPDATE response (#322)
- Replace synchronization in Zone with locks
(#305, based on work from @srijeet0406 in #306)
11/11/2023
- 3.5.3 released
- Fix CNAME in LookupSession (#279)
- Fix Name constructor failing with max length, relative name
and root origin (#289, @MMauro94)
- Add config option for Resolver I/O timeout (#273, @vmarian2)
- Extend I/O logging
- Prevent exception during TCP I/O with missing or truncated
length prefix
- Use internal base64 codec for Android compatibility (#271)
- Fix multi-message TSIG stream verification for pre-RFC8945
servers (#295, @frankarinnet and @nguichon)
- Add StreamGenerator for generating RFC8945 compliant
multi-message streams (related to #295)
11/16/2022
- 3.5.2 released
- Correctly render empty TXT records (#254)
- More validation on TLSA data input (#257)
05/15/2022
- 3.5.1 released
- Fix validation of TSIG signed responses (#249)
- DS rdata digest validation hexadecimal digits (#252)
02/05/2022
- 3.5.0 released
- Add full built-in support for DNSSEC based on dnssecjava (#209)
- Make Record classes serializable again (#242)
- Allow SVCB ServiceMode records without params
(#244, @adam-stoler)
- Fix TCPClient receive timeouts
(#218 @nguydavi, #219)
12/05/2021
- 3.4.3 released
- Fix handling of buffers in DNSInput
(#224, #225 @nresare)
- Clear existing nameservers on config refresh (#226)
- Fix exception when calling ResolverConfig.refresh (#234)
09/19/2021
- 3.4.2 released
- Document behavior of ExtendedResolver.setTimeout (#206)
- Add overloads to use an Executor when sending queries in
resolvers (#211)
- Remove synchronous locks in DoH Resolver (related to #211)
- Fix broken CNAME handling in LookupSession (#212)
- "WireParseException: bad label type" when parsing Message
from ByteBuffer (#213)
- Remove unnecessary synchronization in org.xbill.DNS.Header::getID
(#215, @maltalex)
- Add examples for the LookupSession and direct Resolver usage
07/30/2021
- 3.4.1 released
- Allow signing with ED25519 and ED448 algorithms
(#200, Klaus Malorny)
- Rename echconfig to ech in SVCB/HTTPS records
(#202, @adam-stoler)
- Fix bug in Name.compareTo with byte-values >= 128
(#205, @adam-stoler)
06/09/2021
- 3.4.0 released
- UnknownHostException provides details in message (#154)
- Limit length of relative Name to 254 (#165)
- Fix wildcard lookups in Zone (#169)
- Properly close UDP channel upon error
(#177, Walter Scott Johnson)
- Fix load balancing in ExtendedResolver
(#179, Paulo Costa)
- Add method to shutdown NIO threads (#180)
- Fix restoring active position on byte buffers
(#184, @ryru)
- Add support for extended DNS errors (RFC8914, #187)
- Fix TTL for SOA record to minimum of TTL and minimum field
(#191, @amitknx)
- Add support for hosts file in lookups (#195)
10/28/2020
- 3.3.1 released
- Fix value of getAlias in C/DNameRecord (#136)
- Fix bug with SVCB/HTTPS parsing of master file format
(PR#135, @adam-stoler)
09/27/2020
- 3.3.0 released
- Add support for SVCB and HTTPS records
(PR#116, @adam-stoler)
- Fix an issue with ndots in Lookup (#118)
- Support IPv4 mapped IPv6 address in AAAA record
(PR#120, @spwei)
- Validate range in Type
- Improve DOH Resolver (#123, #127)
Note that this resolver is more a proof of concept and not
production ready. See Javadoc and issue #123.
07/11/2020
- 3.2.2 released
- Fix JNA access violation in WindowsResolverConfigProvider
on 32bit JVMs
06/22/2020
- 3.2.1 released
- Include sources and Javadoc
06/22/2020
- 3.2.0 released
- Add Javadoc @since tags for APIs introduced since 3.0
- Fix requiring JNA in certain classloaders (#112)
- Add property to skip initializing builtin resolver config (#112)
- Make ResolverConfig and Resolver API public (#111)
- Add properties for a fallback resolver config provider (#111)
- Close UDP socket on failures (#110)
- Refactor TSIG code and add trace logging (#109)
05/15/2020
- 3.1.0 released
- Fix order of OPT and TSIG records in messages (#108)
- Fix RRset.cycle() short overflows (#102)
- Fix race condition in resolver I/O (#104)
- Add support for custom record types
(#94, Klaus Malorny <[email protected]>)
03/19/2020
- 3.0.2 released
- Only select for tcp write when there is something to write
(PR#96, Rouzbeh Delavari)
02/23/2020
- 3.0.1 released
- Fix toString of RRset reporting empty when it contains signatures
- Fix a potential sorting bug when creating a DNSSEC digest
- Fix getting the resolvers of an ExtendedResolver (#92)
02/15/2020
- 3.0.0 released
- Parse RRsig records with epoch time format
- Add support for EdDSA DNSSEC signatures if BouncyCastle is available
(Ed25519 and Ed448, RFC 8080)
- Add missing RCode, OpCode and RR type mnemonics
01/19/2020:
- 3.0.0-next.1 released
- Requires Java 8 and slf4j-api
- Adds support for Java 9+ and Android O+ via a new server config
lookup system (#6, #9)
- Resolving is now fully asynchronous, no new thread per query anymore
- Message provides information about the resolver that produced it (#41)
- Add support for Host Identity Protocol (HIP) records (RFC 8005, #47)
- Adds a DNS over HTTP (DoH) resolver (#66)
- Fixes some issues with the OSGi manifest (#70)
- Add support for the RES_OPTIONS environment variable (#57)
- Add support for relative $INCLUDE paths in master files (#75)
- Add support for custom DNS server port in config properties (#80)
- Adds new EDNS(0) options
- See the README for hints on migrating from v2.1.x to v3
05/25/2019:
- 2.1.9 released
- Fix getRRsetType for empty RRSIG records.
(PR#40, Klaus Malorny <[email protected]>)
05/23/2019:
- Fix NPE during NameService registration.
(PR#26, Kenny Ingle <[email protected]>)
- Add japicmp Maven plugin for compatibility checks.
(PR#36, Kenny Ingle <[email protected]>)
- Fix parsing/generation of (EC)DSA signatures from/to DER.
- Fix miscount in Message.sectionToWire related to OPT records.
(PR#37, Klaus Malorny <[email protected]>)
- Add support for the CDS and CDNSKEY record types.
05/18/2019:
- Primary maintainer is now Ingo Bauersachs ([email protected])
- Move project from Sourceforge to Github.
- Cleanup Maven POM.
- Add CI und Code Coverage tools.
- Add Javadoc-Badge.
(PR#27, Kenny Ingle <[email protected]>)
10/13/2018:
- Fix Javadoc nits (David Xia <[email protected]>)
3/20/2017:
- Change the number of CNAMEs that the Lookup code will follow,
as the previous limit (6) was not enough for www.paypal.com.
(reported by George Nikolaidis <[email protected]>)
1/3/2017:
- 2.1.8 released
8/13/2016:
- Add a Message constructor taking a ByteBuffer, and convert the
DNSInput class to use a ByteBuffer internally.
(patch from Marrache Mickael <[email protected]>)
- Add support for the OPENPGPKEY record.
(patch from Valentin Hauner <[email protected]>)
- Add support for the SMIMEA record.
11/25/2015:
- Add support for the CAA record.
8/21/2015:
- Convert the TSIG code from using a custom HMAC implementation to
the one in javax.crypto.Mac.
(patch from Nick Sayer <[email protected]>)
4/21/2015:
- Update the URI record implementation to match the latest spec.
(patch from Anthony Kirby <[email protected]>)
2/15/2015
- 2.1.7 released
2/14/2015
- Attempt to deal with Java's poor handling of IPv4-mapped IPv6
addresses. (reported by Keshav Badruka <[email protected]>)
12/23/2014
- Add an interface for logging sent/received packets.
(based on a patch from Damian Minkov <[email protected]>)
- Add support for the URI record.
(patch from Anthony Kirby <[email protected]>)
12/22/2014
- Fix message truncation to preserve the OPT record.
(based on a patch from Klaus Malorny <[email protected]>)
- Properly deal with short DSA and ECDSA keys. (original patch from
Marcos Sanz <[email protected]>, with some local modifications)
- Add support for GOST (RFC 5933) to DNSSEC. Using GOST requires an
external cryptography provider, such as BouncyCastle.
(original patch from Marcos Sanz <[email protected]>, with some
local modifications)
- Change the OPTRecord equals() method to check TTL, since the TTL
field holds relevant information. (based on a patch from
Dr. Christian Möller <[email protected]>)
- Printing an empty RRset would incorrectly throw an exception.
10/14/2013
- 2.1.6 released
- Address.getByName() and Address.getAllByName() had incomplete IPv6
support; they wouldn't issue AAAA queries.
(reported by Cédric Braem <[email protected]>)
10/07/2013
- Improve the name server detection code for Android.
(patch from Florian Schmaus <[email protected]>, based on
stackoverflow.com/a/11362271/194894).
08/07/2013
- Change the edns-client-subnet option to use the officially defined
option code.
07/29/2013
- SIG(0) signatures were incorrectly generated in some cases.
(patch from Tekto <[email protected]>)
- Add NoSignature exception, thrown when attempting to validate a
SIG(0) in a message without one.
05/04/2013
- The Name(String s, Name origin) constructor copies too many labels
when origin has been created by stripping a label.
(patch from Ingo Bauersachs <[email protected]>)
04/10/2013
- Fix Name.isAbsolute() to check that the length of the last label is
0, not that the last byte of the name is 0.
04/10/2013
- 2.1.5 released
03/18/2013
- Fix DS generation to canonicalize the DNSKEY owner name.
(patch from Ingo Bauersachs <[email protected]>)
02/19/2013
- Add Name.canonicalize() and Name.toString() variant for omitting the
final dot in an absolute name.
01/04/2013
- 2.1.4 released
10/25/2012
- Fix the Message constructor to not raise a ClassCastException when a
SIG or TSIG record is seen in the question section.
(patch from Klaus Malorny <[email protected]>)
9/4/2012
- Add support for RFC 6605: Elliptic Curve Digital Signature
Algorithm (DSA) for DNSSEC. (original patch from
Marcos Sanz <[email protected]>, with some local modifications)
8/31/2012
- Add support for the TLSA record type.
- Pass hostnames to InetAddress.getByAddress where possible.
(patch from Ingo Bauersachs <[email protected]>)
11/15/2011
- Fix the ZoneTransferIn object to properly report AXFRs; this was
broken by the changes in 2.1.3.
(reported by Thomas Corte <[email protected]>)
11/3/2011
- Update DSRecord constructor from DNSKEYRecord to generate the
correct digest.
(patch from Marty Kube <[email protected]>)
- Also update the signature of the DSRecord constructor from
DNSKEYRecord to not take the key's footprint as a parameter, as it
can be derived from the key.
10/24/2011
- 2.1.3 released
10/17/2011
- Add a callback interface to ZoneTransferIn.
(based on a patch from Nick Sayer <[email protected]>)
10/10/2011
- An exception could be thrown when attempting to look up data in the
cache for type ANY when there were only previously cached
NOERROR/NODATA responses for that name.
(reported by Niel de Wet <[email protected]>)
7/24/2011
- 2.1.2 released
6/9/2011
- TypeBitmap.toString() failed if no bits were set.
(patch from Jeffrey Damick <[email protected]>)
5/24/2011
- TSIG.fromString() didn't handle base64-encoded secrets with /
characters. (reported by Sten <[email protected]>)
5/12/2011
- Support verifying truncated TSIG signatures, as specified in RFC
4635.
5/10/2011
- Refactor EDNS Option support to allow for custom type
implementations, and add support for the Client Subnet option.
(based on a patch from Ming Zhou <[email protected]>)
- Add support for the NSID EDNS option.
4/20/2011
- Add missing support for the HMAC-SHA224, HMA-SHA384, and HMAC-SHA384
TSIG algorithms. (patch from Thomas Corte <[email protected]>)
3/9/2011
- Add support for using alternate JCA providers when generating DNSSEC
signatures (patch from Jeffrey Damick <[email protected]>)
2/9/2011
- 2.1.1 released
2/3/2011
- Add the ability to set ndots on Lookup objects, and parse the ndots
option from a resolv.conf file (patch from Oleg Tsvinev
2/3/2011
- The 'file' command in the 'update' program didn't work correctly.
(reported by Olafur Gudmundsson <[email protected]>)
9/15/2010
- Change the Android name server detection mechanism to avoid false
positives. (patch from Ulf Dittmer)
9/9/2010
- The IXFR code didn't do serial number arithmetic correctly, and would
fail if the serial number wrapped.
(patch from Alexis MacFarlane <[email protected]>)
9/7/2010
- 2.1.0 released
8/17/2010
- When rendering a message, if records from the additional section did
not fit, the header counts were not properly updated.
(patch from Klaus Malorny <[email protected]>)
7/22/2010
- Fix LOC record parsing to allow negative altitudes.
(based on a patch from William Kocik <[email protected]>)
7/21/2010
- The changes to TSIG verification in 2.0.6 didn't work correctly for
stream verification; specifically, the state was only set on the
first Message in the stream.
(reported by William Kocik <[email protected]>)
5/12/2010
- Add support for determining resolver configuration on
Japanese Windows. (translation and original patch from
Brett Wooldridge <[email protected]>)
5/6/2010
- Add support for building an OSGi bundle (patch from
Markus Alexander Kuppe <[email protected]>).
5/2/2010
- Rewrite DNSSEC support.
4/15/2010
- Fix a hang that could occur when using the dnsjava service provider
on Windows (initial patch from <[email protected]>).
11/21/2009
- 2.0.8 released
11/10/2009
- Fix the conversion of NSEC/NSEC3 bitmaps into wire format.
(Klaus Malorny <[email protected]>, also reported by
Tom <[email protected]>).
10/01/2009
- Properly initialize the Date objects used in RRSIG (and other)
records, so that any unused fields are cleared.
(Klaus Malorny <[email protected]>)
9/25/2009
- 2.0.7 released
- Add support for detecting the configured nameservers on the Android
platform. (patch from Arnt Gulbrandsen <[email protected]>)
9/16/2009
- When determining the nameservers to use, if the
sun.net.dns.ResolverConfiguration class returns an empty list, ignore
it. (based on an anonymous patch).
- Make the Name, Record (and all subclasses), RRset, and Zone classes
implement Serializable.
(based on a patch from Patrick <[email protected]>)
9/15/2009
- Add a constant for the REVOKE DNSKEY flag.
(patch from Wolfgang Nagele <[email protected]>)
- ReverseMap.fromAddress(String) should support both IPv4 and IPv6
addresses.
(reported by Stephan Fuhrmann <[email protected]>)
8/08/2009
- The escaping code for text strings should not escape semicolons.
6/23/2009
- DNSSEC signature validation incorrectly used the TTL of the records
being verified, not the original TTL from the RRSIG record, which
caused failures when verifying records returned by a caching server.
(reported by Samuel Benz <[email protected]>)
6/15/2009
- Change the ResolverConfig.refresh() method to only synchronize the
assignment to currentConfig, not the code which determines the new
configuration.
6/12/2009
- The TSIG verification routines (TSIG.verify,
TSIG.StreamVerifier.verify() now update the Message object with the
status of the verification in addition to returning the status.
6/03/2009
- The lists of servers and searchlist entries in ResolverConfig should
not be static.
(Isabelle Dalmasso <[email protected]>)
5/28/2009
- The canonical form of an NSEC record was incorrectly computed - the
next name should not have its case changed.
(David Blacka <[email protected]>)
- Add support for NSEC3, NSEC3PARAM, and DLV records.
(based on a patch from David Blacka <[email protected]>)
9/17/2008
- Fix LOC record rounding.
(reported by Klaus Malorny <[email protected]>)
8/22/2008
- Type 4 NXDOMAIN responses were incorrectly cached as referrals.
(reported by Luis Silva <[email protected]>)
8/06/2008
- Randomize the UDP source ports for outgoing queries.
(based on a patch from Derek Morr <[email protected]>)
4/25/2008
- Add support for the DHCID record.
4/18/2008
- The prior change to allow creating Zones from AXFR-style IXFR
ZoneTransferIn responses didn't work.
- Update the service provider to work with Java 1.6 and earlier
versions. (patch from <[email protected]>)
2/19/2008
- The Zone.removeRecord() method threw an exception if there were no
other records in the same RRset.
(reported by Yoyo Chen <[email protected]>)
- Parsing and formatting LOC records should not depend on the current
locale. (reported by Klaus Malorny <[email protected]>)
1/31/2008
- When converting messages to wire format, don't include name
compression pointers greater than 2^14 - 1.
(reported by Carole Gill <[email protected]>)
1/24/2008
- 2.0.6 released
1/22/2008
- Fix an off-by-2 error that could cause an infinite loop when
parsing a Name with a self-referential compression pointer.
(reported by Carole Gill <[email protected]>)
- Raise an exception when an invalid label type is seen in a wire
format name. The previous behavior would incorrectly parse invalid
names, and could lead to infinite loops.
(reported by Carole Gill <[email protected]>)
8/28/2007
- 2.0.5 released
- Add the ZoneTransferIn.setLocalAddress() method. (based on a patch
from <[email protected]>)
- Build jar file with -source and -target options to provide
compatibility with older Java releases (that is, revert to
pre-2.0.4 behavior).
(reported by Stefano Bagnara <[email protected]>)
8/26/2007
- 2.0.4 released
- Update SPI code to work with java 6.
- Fix an argument parsing bug in the dig program, where failure to
specify both type and class would cause the specified server to
be ignored.
(reported by Stefano Bagnara <[email protected]>)
6/12/2007
- The SPFRecord constructors incorrectly created records whose
internal type field was TXT, not SPF.
(reported by Stefano Bagnara <[email protected]>)
3/7/2007
- Message.getQuestion() incorrectly handled the case where the
question section was represented by an empty list.
(reported by Karl Auer <[email protected]>)
2/15/2007
- Properly obey timeouts in TCPClient code when the message is
read in multiple chunks. (based on a patch from
Francesco Vivoli <[email protected]>)
12/4/2006
- A cache lookup for a record would incorrectly return a delegation
when records for both the queried type and NS were present.
(reported by yosukear <[email protected]>)
11/28/2006
- 2.0.3 released
11/27/2006
- The Zone.fromXFR() method should be able to create zones
from AXFR-style IXFR responses.
(Bill Kuker <[email protected]>)
10/25/2006
- Make the routines that convert between the DNS and standard Java
representations of DSA signatures public.
(suggested by Klaus Malorny <[email protected]>)
8/3/2006
- Add a TSIG constructor that takes an algorithm as a String.
- Add support to TSIG.fromString() for specifying an algorithm.
7/30/2006
- When converting a PublicKey to a DNS record, allow the algorithm
to be specified, as RSA keys can be either of the RSA-SHA1 or
RSA-MD5 algorithms (based on a patch from
Eric <[email protected]>)
- When converting a PublicKey to a DNS record, allow the type (KEY
or DNSKEY) to be specified.
- Update the DNSSECVerifier code to use DNSKEY records, not KEY
records.
7/30/2006
- Added support for parsing the output of ipconfig in French .
(Frederic Bazin <fbazin@users sourceforge.net>)
7/30/2006
- If both "search" and "domain" lines are present in a resolv.conf
file, the domain line should be ignored.
7/26/2006
- Add support for the SPF record type.
7/21/2006
- DNSSEC.digestRRset could digest records in the wrong order.
(reported by David Blacka <[email protected]> and
Mahendra Jain <[email protected]>)
6/26/2006
- 2.0.2 released.
6/22/2006
- Add support for the IPSECKEY record type.
5/18/2006
- The result of a Lookup that involves a CNAME should include
the queried name as one of the aliases, not the CNAME target.
(Jon Lachelt <[email protected]>)
2/13/2006
- Loading zones containing RRsets with multiple records didn't work.
(reported by Olafur Gudmundsson" <[email protected]>)
1/24/2006
- AXFR requests could leak file descriptors if the connection
failed. (Can Bican <[email protected]>)
11/30/2005
- Add a Resolver.setTimeout(int secs, int msecs) method.
(requested by Dmitry Isakbayev) <[email protected]>)
11/30/2005
- 2.0.1 released.
11/11/2005
- The InetAddresses returned by Address.getByName() should have their
hostname copied from the input parameter.
(reported by Praveen Tammana <[email protected]>)
11/7/2005
- Update remaining DNSSEC code to be compliant with the current spec.
11/6/2005
- Add a Resolver.setEDNS(int level, int payloadSize, int flags,
List options) method, to allow a Resolver to automatically set
the DO flag, as well as future EDNS features.
(requested by Rick Wesson <[email protected]>)
10/25/2005
- The Master(InputStream in, Name origin) constructor should not
always fail.
- Correctly handle the case where reading a Master from an InputStream
would throw a NullPointerException if a $INCLUDE file wasn't found.
(reported by Lars Petrus <[email protected]>)
8/22/2005
- Add Address.getByAddress(String) and
Address.getByAddress(String, family).
7/21/2005
- Zone.findExactMatch() would throw a NullPointerException if the
name didn't exist.
(reported by Hans Zandbelt <[email protected]>)
7/19/2005
- Add support for binding clients to local addresses when using
a SimpleResolver. Also add the -b option to the dig program
to test this. (based on a patch by Bruno Dillenseger)
7/5/2005
- Add support to ResolverConfig for using the undocumented
sun.net.dns.ResolverConfiguration class to determine the list
of nameservers and search path; make this the default when
it works (Yannick Meudal <[email protected]>).
6/16/2005
- The inbound zone transfer code failed to treat port 0 as the
default as it claimed to. (Bill Kuker <[email protected]>)
6/15/2005
- When doing a zone transfer with a SimpleResolver object, the
timeout was not properly obeyed.
(reported by Peter Bryant <[email protected]>)
6/5/2005
- Explictly register record type implementations instead of
using reflection; this should prevent hard to diagnose
problems resulting from partial compilation.
5/31/2005
- 2.0.0 released.
5/16/2005
- Fix the code to deal with TTL 0 data in the Cache.
5/15/2005
- Add unit tests for many classes. The unit tests are located
in the tests directory, which mirrors the org.xbill.DNS hierarchy.
(Matt Rutherford <[email protected]>)
5/7/2005
- Fix several problems with empty names.
(Matt Rutherford <[email protected]>)
4/23/2005
- As per RFC 2181, the maximum allowed TTL value is 0x7FFFFFFF.
Change TTL.parseTTL() to reflect this by silently clamping
larger 32 bit values.
4/22/2005
- Attempting to get the name/type/class/ttl of an empty RRset
throws an exception.
4/21/2005
- Remove RRset.getSecurity()/.setSecurity().
4/16/2005
- Change the internal representation of empty records (that is,
records in the question section of a message or meta-records
used in dynamic update).
- Minor cleanups to the Mnemonic class.
(Matt Rutherford <[email protected]>)
4/3/2005
- Change the Cache from being periodically cleaned to being
size-bounded. (based on a patch from several years ago
from Joseph Shraibman <[email protected]>).
- Remove the FindServer class.
- Added a Name Service Provider interface (dns,dnsjava).
(based on code from Paul Cowan <[email protected]>)
4/1/2005
- Use java.nio classes for sockets internally, which provide a
number of improvements, most visibly improved timeouts.
- Remove deprecated dns class.
- Simplify TSIG initialization; remove functions that should
have never existed.
- Remove Cache.setVerifier() and Cache.setSecurePolicy(). There
should be a way of enabling DNSSEC, but the existing code doesn't
work.
- Change the Zone constructors/factory methods to be consistent.
3/29/2005
- Use java.net.InetAddress for IPv6 addresses rather than a custom
class.
3/20/2005
- Fix several bugs in ResolverConfig on Windows.
(Brian McBarron <[email protected]>)
3/15/2005
- Clean up the synchronization in the RRset class
(reported by Daniel Jensen <[email protected]>)
3/8/2005
- Support the BIND misfeature of loading zones with no explicit
TTL by using the SOA minimum field.
3/7/2005
- 1.6.6 released.
3/6/2005
- $GENERATE statements should obey the start field.
3/1/2005
- Add support for HMAC-SHA1 and HMAC-SHA256 TSIG algorithms.
(suggested by Olafur Gudmundsson <[email protected]>)
2/8/2005
- Add infrastructure for parsing the output of ipconfig on
non-English version of windows, and add support for German
and Polish. (based on a patch by Piotr Kochanski)
2/7/2005
- Add Options.refresh() (based on a patch from Th Kuhne)
- Add the ResolverConfig class, which is largely based on the
FindServer class, except that it's not all static methods.
Add the ability to refresh the current ResolverConfig, and
make FindServer use ResolverConfig.
- Add Lookup.refreshDefault (based on a patch from Th Kuhne)
- Truncated messages aren't guaranteed to parse properly, so shouldn't
throw exceptions. (reported by Caleb Richardson <[email protected]>)
- Work around a TCP bug in whatever broken nameserver Enom is using.
(reported by Caleb Richardson <[email protected]>)
2/4/2005
- 1.6.5 released.
- Records of an unknown type and length 0 weren't handled properly.
(reported by Olafur Gudmundsson <[email protected]>)
- Fixed a bug in $INCLUDE handling.
(Christian Sepulveda <[email protected]>)
2/3/2005
- The Lookup.run() method should be usable more than once on a Lookup
object.
(reported by Joseph Shraibman <[email protected]>)
10/31/2004
- Add partial IPv6 support to the ReverseMap class.
(based on a patch from Th Kuhne)
7/7/2004
- Implement the $GENERATE master file directive.
6/28/2004
- Canonicalizing a name created with the Name(Name src, int n)
constructor caused an exception.
(based on a patch from Nigel Tamplin <[email protected]>)
- Concatenating names caused an exception when the prefix was created
with the Name(Name src, int n) constructor.
(reported by Nigel Tamplin <[email protected]>)
6/22/2004
- The DNSSEC digesting code shouldn't throw ClassCastExceptions.
(reported by Mike StJohns <[email protected]>)
- The label count in a generated SIG/RRSIG record was off by one.
(Mike StJohns <[email protected]>)
6/8/2004
- Rcode 4 is NOTIMP, not NOTIMPL.
6/5/2004
- Fixes to LOCRecord.
6/3/2004
- 1.6.4 released.
5/26/2004
- Properly handle text mnemonics in KEY records.
- Add support for the APL record type.
5/25/2004
- Fix a bug where parsing the text format of an NSEC record
incorrectly parsed one token too many.
5/18/2004
- 1.6.3 released.
5/11/2004
- Don't store the number of labels in a Name in a byte, as the maximum
value (128) cannot be stored in a byte.
5/9/2004
- Add support for options within an OPTRecord (loosely based on
a patch from Madhu Siddalingaiah <[email protected]>)
4/18/2004
- Add support for the SSHFP record type.
- Fix a bug in the zone code which would cause record lookups to fail.
4/10/2004
- When parsing paster files, handle the fact that class and ttl may
be in either order.
4/8/2004
- The opcode field in the DNS header was incorrectly parsed; this
would affect messages with opcodes other than QUERY.
(Madhu Siddalingaiah <[email protected]>)
3/20/2004
- 1.6.2 released.
- Lookups could return "referral" instead of "host not found" in some
cases.
3/18/2004
- Fix NullPointerExceptions caused by bad empty Record handling.
(reported by Dharmveer Jain <[email protected]>)
3/16/2004
- 1.6.1 released.
- When loading master files with $INCLUDE statements, the included
files should be opened relative to the current directory, not
the directory of the parent file.
3/12/2004
- Make it possible to use a Tokenizer without leaving files open.
3/4/2004 - 3/12/2004
- Add support for more record types (AFSDB, GPOS, ISDN, MB, MD, MF, MG,
MINFO, MR, NSAP, NSAP-PTR, NULL, PX, RT, WKS, X25).
3/3/2004
- Cached NXDOMAINs were ignored, which caused extra queries to
be sent (reported by Damon Hart-Davis <[email protected]>).
2/25/2004
- Attempting to load a zone without specifying an origin failed.
2/24/2004
- 1.5.2 released.
2/3/2004
- Message.isSigned() should return true if we signed the Message
with a TSIG.
(reported by Shobana Sampath <[email protected]>)
- Implement NSEC, DNSKEY, and RRSIG record types. (loosely based on
a patch from David Blacka <[email protected]>).
- Change the representations of sections, rcodes, opcodes, flags,
and credibility to int.
1/28/2004
- Attempt to better deal with OutOfMemoryErrors when creating
threads during the resolution process.
(reported by Joseph Shraibman <[email protected]>)
1/27/2004
- Change the representation of a TSIG error from a byte to an int.
- Improve error messages from failed Lookups; treat SERVFAIL
as a temporary failure, not an unrecoverable error.
(Joseph Shraibman <[email protected]>)
1/16/2004
- The master file reader should propagate TTLs through $INCLUDE
statements. (David Blacka <[email protected]>)
1/12/2004
- Add a MANIFEST to the jar file containing implementation name and
version. (Harel Efraim <[email protected]>)
1/11/2004
- Fix a couple minor bugs found by FindBugs
(http://www.cs.umd.edu/~pugh/java/bugs/)
1/8/2004
- 1.5.1 released.
- LOC records weren't parsed correctly.
(reported by Harel Efraim <[email protected]>)
- Lines with only whitespace in master files should be ignored.
12/15/2003
- TTLs weren't handled properly in the master file parser.
(Jack Tavares <[email protected]>)
12/11/2003
- 1.5.0 released.
12/8/2003
- Change to the BSD license.
- Replace the deprecated Name(String) and Name(String, Name)
constructors with new versions that properly return exceptions.
12/6/2003
- Make the J2SE javadoc link a property in build.xml. (Ville Skyttä)
11/24/2003
- Lookup should check that the name, type, and class in the question
section of a response match that of the query.
- SimpleResolver should check that the message id of the response
is the same as the message id of the query. On a sufficiently
busy client, sockets can be reused fast enough that late responses
can come in, and should be ignored.
(seen by Joseph Shraibman <[email protected]>)
11/17/2003
- The Lookup code didn't handle CNAMEs pointing at nonexistant names.
(reported by Joseph Shraibman <[email protected]>)
11/11/2003
- Store a weak reference to the Cache in the CacheCleaner thread, and
kill the thread when the Cache is finalized.
(suggested by Joseph Shraibman <[email protected]>)
- When a Lookup uses a null cache, the temporary cache it creates
should not have a CacheCleaner thread.
(based on a suggestion by Joseph Shraibman <[email protected]>)