--- AnyEvent/Changes 2013/07/30 23:14:32 1.571 +++ AnyEvent/Changes 2020/07/25 17:58:50 1.646 @@ -7,22 +7,202 @@ TODO: FAQ: scope-ids? hosts file order? TODO: AnyEvent::Handle with AnyEvent::IO? TODO: invalid. and localhost. specialcasing inside AEDNS and not AESocket (rfc6761) - -TODO: expose default formatting implementation (ft &c) in AE::log, also allow overridign fatal exit -TODO: José Micó (3.0K) 1 inbox Error connecting to hosts resolved from /etc/hosts -TODO: Daniel Carosone (5.2K) 1 inbox AnyEvent::IO vs AnyEvent::AIO (doc patch) TODO: maybe implement env variable to give hosts precedence +TODO: more formats for parse_ipv6 (single ipv6 address without port, ...p80, ...#80) +TODO: inet_aton maybe pack C4? no, add a comment why not +TODO: socket prepare callbacks, can they easily signal failure as well? +TODO: Олег Г , empty A record response causes +AnyEvent::resolve_sockaddr to eventually call pack_sockaddr with undef - +broken dns server, but maybe improve the response. +TODO: AnyEvent::Loop should not use POSIIX when ti isn't used. + +TODO: AnyEvent::Log contexts should have a way to inject log messages received form elsewhere, using timestamp etc. +TODO: add some cheta-sheet to log synopsis regarding AE_LOG=AnyEvent::MP=+ +TODO: tcp_connect option for AnyEvent::Handle? +TODO: hosts files on windows probably contain \r, which is not stripped + - AnyEvent::Loop no longer loads the POSIX module if Time::HiRes + has monotonic clock support (suggested by Felipe Gasper). + - since Net::SSLeay (up to 1.88-1) is _still not ported to openssl 1.1 + and many distributions therefore will have a completely broken + Net::SSLeay module for the forseeable future, AnyEvent::TLS + will now log a warning (that is not seen by default unless you + increase log verbosity). + - add tlsv1_3 disable switch to AnyEvent::TLS. + - add experimental "tls" method support for AnyEvent::TLS. + - tls methods were lowercase, but documented to be uppercase. + fix documentation. + - EV backend now uses EV::break when waiting for condvars, + making waiting for condvars more efficient. This might + "break" already-broken programs that recursively enter + the event loop even more. + +7.17 Wed Sep 18 03:04:49 CEST 2019 + - work around antique openssl version in RHEL 7 by formatting + dh parameters differently (reported by several people). + - add t/13_weaken.t. + +7.16 Fri Jul 19 18:00:21 CEST 2019 + - add ffdhe group dh parameters from RFC 7919, and use ffdhe3072 + as new default, instead of schmorp1539. + - AnyEvent::Log did not reassess logging status of + AnyEvent::Log::logger's when contexts were changed with + ->attach/detach/slaves, causing them to not log even though a + recent attach should have caused them to log. + - added some more logging configuration examples. + - mention RFC 8482 in AnyEvent::DNS. + +7.15 Tue Feb 26 03:07:42 CET 2019 + - INCOMPATIBLE CHANGE: AnyEvent::Handle's tls_detect documentation gave + separate major and minor versions, while code passed only a single + value. This version follows the documentation and now passes separate + major and minor values. + - work around Net::SSLeay not having been ported to openssl 1.1, but many + distributions compiling it against openssl 1.1, which unfortunately + succeeds and results in a very broken module. + - AnyEvent::DNS::dns_unpack now stores the original DNS packet + in the __ member, to allow decoding of undecodable resouce records + containing compressed domian names. + - AnyEvent::Socket::parse_ipv6 would NOT, as advertised, accept ipv4 + addresses. It now does and converts them to ipv4 mapped addresses. + - support CAA records, based on patch by Steve Atkins. + - add freenom and cloudflare nameservers as dns fallback. + - AnyEvent::Strict would not properly ward against io watchers + on files when the handle passed was a file descriptor. + - document "internal" variables used by the dns en-/decoder to allow + enterprising users to extend them in a semi-official way. + +7.14 Sat Jun 24 01:44:19 CEST 2017 + - fix a crash bug in AnyEvent::Handle with openssl 1.1.0 (patched + by Paul Howarth and apparently tracked down by Mike McCauley). + - AnyEvent::Handle->keepalive was documented (and defined) twice + (found by Matt Merhar). + - AnyEvent::Socket::tcp_bind/tcp_server would immediately unlink a unix + listening socket unless a guard is used. Change this so that no + cleanup will be performed unless a guard is used and document this more + clearly. + - make tcp_bind/tcp_server error messages more regular. + - work around latest perl upstream breakage - this time, perl5porters were + apparently bullied by a bogus CVE (CVE-2016-1238), and since distros + stupidly apply anything that has "security fix" stamped on it, it's likely + going to be a problem in practise (and working around it is trivial on + windows and unix). + - add TCP_FASTOPEN/MSG_FASTOPEN and MSG_NOSIGNAL/MSG_MORE/MSG_DONTWAIT + to constants. + - update warnings to common::sense 3.74 standards. + +7.13 Sat Sep 17 04:31:49 CEST 2016 + - Only call tlsext_host_name for non-empty common names (reported + by Maxime Soulé). + - log a (single) notice message if SNI is not supported. + - upgrade to UTS-46:9.0.0 draft and switch to non-transitional + behaviour, beating thunderbird, ie, edge, chrome and safari to it :) + (see also https://bugzilla.mozilla.org/show_bug.cgi?id=1218179) + - turns out the UTS-46 IDNA testcase failures were indeed bugs in the + testcases and the specification and not in the code - the post-9.0.0 + unicode files have all known problems fixed, so finally the AnyEvent + IDNA implementation can pass the full IDNA testsuite - without needing + a single fix :) + - guarantee (and document) that condvar callbacks will be removed + on invocation - important to avoid circular references. + +7.12 Wed Jan 27 19:12:26 CET 2016 + - use common name as hostname for tls connects, if Net::SSLeay + supports SNI. + - fix documentation of tls_autostart read type in AnyEvent::Handle, + analyzed by Felix Ostmann. + +7.11 Thu Jul 16 14:36:00 CEST 2015 + - AnyEvent::Socket::parse_ipv6 could accept malformed ipv6 + addresses (extra "::" at end and similar cases). + - add a more explicit warning to AnyEvent::Handle that it doesn't + work on files, people keep getting confused. + - new function AnyEvent::Socket::tcp_bind. + - new functions AnyEvent::fh_block and AnyEvent::fh_unblock. + - aligned ipv6 address formatting with RFC 5952 (by not shortening + a single :0: to ::). + - added stability canary support. + +7.09 Sat May 2 16:38:53 CEST 2015 + - AnyEvent::Debug called an internal function (AnyEvent::Log::ft) + that was renamed to AnyEvent::Log:format_time. uinder its old name + (analyzed by Michael Stovenour). + - update AnyEvent::DNS fallback resolver addresses: + seems google effectively killed most other free dns resolvers, + so remove them, but add cable and wireless (ecrc) since it was + stable for 20 years or so, official or not, and there should be + an alternative to google. + - perl5porters broke windows error codes in 5.20, and mapped + WSAEWOULDBLOCK on the (different) EWOULDBLOCK error code, and + WSAEINPROGRESS into the incompatible ERINPROGRESS code, probably + because they were so cool. They probably broke other error codes + for no reason, too, but I didn't care for checking, it's too + depressing. This version only works around the WSAEWOULDBLOCK + issue, because I don't have a nice way to work around the + WSAEINPROGRESS bug. + +7.08 Wed Dec 10 05:27:17 CET 2014 + - work around a newly introduced bug in Socket 2.011 (an + errornous sun_length check) (analyzed by Maxime Soulé). + - AnyEvent::TLS didn't load (but refer to) AnyEvent::Socket + (analyzed by Ben Magistro). + - AnyEvent::Strict will now confess, not croak. This is in line with + it being a development/debugging tool. + - work around a number of libglib bugs (debug builds of libglib enforce + certain undocumented behaviour patterns such as not being able to + remove a child watch source after it has fired, which we will try + to emulate to avoid "criticals". what where they thinking...). + - mention json security issues in AnyEvent::Handle, now that Douglas + Crockford has foolishly and incompatibly changed JSON. + - changed default dns resolver "max_outstanding" value from 1 to 10, + the latter beinfg the intended value all along + (reported by Ilya Chesnokov). + - added new "AnyEvent::Impl::UV" interface module to the UV event lib + (written by Mike Lowell). + +7.07 Tue Dec 17 17:45:02 CET 2013 + - the documentation for custom tls verify schemes was wrong. make it agree + with the code (reported by Maxime Soulé). + - added cbor read and write types to AnyEvent::Handle (using CBOR::XS). + - work around an API change in openssl that could cause wrong tls connection + aborts, likely on windows only (analyzed by sten). + - calling AnyEvent->now_update with AnyEvent::Impl::Perl caused an + endless loop (reported by Dietrich Rebmann). + - add tlsv1_1 and tlsv1_2 protocols to AnyEvent::TLS + (patch by Maxime Soulé). + - document AnyEvent::Impl::IOAsync::set_loop and + $AnyEvent::Impl::IOAsync::LOOP. Though only documented now, this + functionality has _always_ been available. + - force a toplevel domain name in t/81_hosts.t (analyzed by + David Jack Wange Olrik). + - document that AnyEvent::Log uses AnyEvent::IO. + - warn about AnyEvent::Filesys::Notify performance. + - praise the joys of AnyEvent::Fork::*. + - time for an =encoding directive. + - do no longer use JSON to create a default json coder, use + JSON::XS or JSON::PP directly. + +7.05 Wed Aug 21 10:38:08 CEST 2013 - uts46data.pl couldn't be found due to wrong naming of the file (reported by Fulko Hew). + - handle lone \015's properly in AE::Handle's default line read + (reported by various people). + - untaint ip addresses found in /etc/hosts (patch by José Micó). + - the memleak fix in 7.03 caused resolving via /etc/hosts to always + fail on first use (reported and testcase by Andrew Whatson). + - expose AnyEvent::Log::format_time, and allow users to redefine it. + - expose AnyEvent::Log::default_format, and allow redefinition. + - expose AnyEvent::Log::fatal_exit, to allow redefinition. - AnyEvent::Debug shell can now run coro shell commands, if available. - t/63* tests were wrongly in MANIFEST. - - mention IO::AIO as optional dependency. - kernel.org's finger server went MIA, switch to freebsd.org and icculus.org. - - handle lone \015's properly in AE::Handle's default line read - (reported by various people). + - clarify that IO::AIO and AnyEvent::AIO are needed for AnyEvent::IO + to function asynchronously (reported by Daniel Carosone). - hard-disable $^W in most tests, it generates too much garbage output. - use a (hopefully) more future-proof method to emulate common::sense. + - upgrade to UTS-46:6.2.0. + - switch to INSTLIB from INSTLIBDIR, as INSTLIBDIR was wrongly + documented. should not affect anything. 7.04 Thu Nov 15 02:23:58 CET 2012 - debugging code left in. @@ -600,7 +780,7 @@ - add an additional error message parameter to AnyEvent::Handle's on_error callback (for TLS, $! is still available). - add AnyEvent::Handle on_starttls/on_stoptls callbacks. - - make AnyEvent::Handle more robust against early conenction + - make AnyEvent::Handle more robust against early connection failures (during new), and return C in that case from the constructor. - AnyEvent::Handle will now try to load only JSON::XS first,