Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

deps: update c-ares to 1.22.0 #50444

Closed
wants to merge 2 commits into from

Conversation

nodejs-github-bot
Copy link
Collaborator

@nodejs-github-bot nodejs-github-bot commented Oct 28, 2023

This is an automated update of c-ares to 1.22.0.

@nodejs-github-bot nodejs-github-bot added the dependencies Pull requests that update a dependency file. label Oct 28, 2023
@nodejs-github-bot
Copy link
Collaborator Author

Review requested:

  • @nodejs/net

@nodejs-github-bot nodejs-github-bot added cares Issues and PRs related to the c-ares dependency or the cares_wrap binding. needs-ci PRs that need a full CI run. labels Oct 28, 2023
@targos targos added the commit-queue-squash Add this label to instruct the Commit Queue to squash all the PR commits into the first one. label Oct 28, 2023
@targos
Copy link
Member

targos commented Oct 28, 2023

I built it and ran the tests locally. There's a failure:

=== release test-dns-resolveany ===
Path: parallel/test-dns-resolveany
node:internal/process/promises:289
            triggerUncaughtException(err, true /* fromPromise */);
            ^

AssertionError [ERR_ASSERTION]: Expected values to be strictly deep-equal:
+ actual - expected ... Lines skipped

  [
    {
...
    {
      entries: [
+       'v=spf1 ~allxyz\x00foo'
-       'v=spf1 ~all',
-       'xyz\x00foo'
      ],
...
      type: 'CAA'
    }
  ]
    at validateResults (/Users/mzasso/git/nodejs/node/test/parallel/test-dns-resolveany.js:61:10)
    at Socket.<anonymous> (/Users/mzasso/git/nodejs/node/test/parallel/test-dns-resolveany.js:51:3) {
  generatedMessage: true,
  code: 'ERR_ASSERTION',
  actual: [
    { address: '1.2.3.4', ttl: 123, type: 'A' },
    { address: '::42', ttl: 123, type: 'AAAA' },
    { exchange: 'foobar.com', priority: 42, type: 'MX' },
    { value: 'foobar.org', type: 'NS' },
    { entries: [ 'v=spf1 ~allxyz\x00foo' ], type: 'TXT' },
    { value: 'baz.org', type: 'PTR' },
    {
      nsname: 'ns1.example.com',
      hostmaster: 'admin.example.com',
      serial: 156696742,
      refresh: 900,
      retry: 900,
      expire: 1800,
      minttl: 60,
      type: 'SOA'
    },
    { critical: 128, issue: 'platynum.ch', type: 'CAA' }
  ],
  expected: [
    { type: 'A', address: '1.2.3.4', ttl: 123 },
    { type: 'AAAA', address: '::42', ttl: 123 },
    { type: 'MX', priority: 42, exchange: 'foobar.com' },
    { type: 'NS', value: 'foobar.org' },
    { type: 'TXT', entries: [ 'v=spf1 ~all', 'xyz\x00foo' ] },
    { type: 'PTR', value: 'baz.org' },
    {
      type: 'SOA',
      nsname: 'ns1.example.com',
      hostmaster: 'admin.example.com',
      serial: 156696742,
      refresh: 900,
      retry: 900,
      expire: 1800,
      minttl: 60
    },
    { type: 'CAA', critical: 128, issue: 'platynum.ch' }
  ],
  operator: 'deepStrictEqual'
}

Node.js v22.0.0-pre
Command: out/Release/node /Users/mzasso/git/nodejs/node/test/parallel/test-dns-resolveany.js

@jasnell
Copy link
Member

jasnell commented Oct 28, 2023

LGTM once CI failures are resolved

bradh352 added a commit to bradh352/node that referenced this pull request Nov 15, 2023
c-ares has made intentional changes to the behavior of TXT records
to comply with RFC 7208, which concatenates multiple strings for
the same TXT record into a single string.  Multiple TXT records
are not concatenated.

Also, response handling has changed, such that a response which is
completely invalid in formatting is thrown away as a malicious
forged/spoofed packet rather than returning EBADRESP.  This is one
step toward RFC 9018 (EDNS COOKIES) which will require the message
to at least be structurally valid to validate against spoofed
records.

Fixes: nodejs#50741
Refs: nodejs#50444

Fix By: Brad House (@bradh352)
@nodejs-github-bot nodejs-github-bot changed the title deps: update c-ares to 1.21.0 deps: update c-ares to 1.22.0 Nov 18, 2023
@lpinca lpinca closed this Nov 18, 2023
@lpinca lpinca deleted the actions/tools-update-c-ares branch November 18, 2023 20:39
@lpinca
Copy link
Member

lpinca commented Nov 18, 2023

Closed in favor of #50800.

lpinca pushed a commit that referenced this pull request Nov 24, 2023
c-ares has made intentional changes to the behavior of TXT records
to comply with RFC 7208, which concatenates multiple strings for
the same TXT record into a single string.  Multiple TXT records
are not concatenated.

Also, response handling has changed, such that a response which is
completely invalid in formatting is thrown away as a malicious
forged/spoofed packet rather than returning EBADRESP.  This is one
step toward RFC 9018 (EDNS COOKIES) which will require the message
to at least be structurally valid to validate against spoofed
records.

Fix By: Brad House (@bradh352)

PR-URL: #50743
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Fixes: #50741
Refs: #50444
martenrichter pushed a commit to martenrichter/node that referenced this pull request Nov 26, 2023
c-ares has made intentional changes to the behavior of TXT records
to comply with RFC 7208, which concatenates multiple strings for
the same TXT record into a single string.  Multiple TXT records
are not concatenated.

Also, response handling has changed, such that a response which is
completely invalid in formatting is thrown away as a malicious
forged/spoofed packet rather than returning EBADRESP.  This is one
step toward RFC 9018 (EDNS COOKIES) which will require the message
to at least be structurally valid to validate against spoofed
records.

Fix By: Brad House (@bradh352)

PR-URL: nodejs#50743
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Fixes: nodejs#50741
Refs: nodejs#50444
lucshi pushed a commit to lucshi/node that referenced this pull request Nov 27, 2023
c-ares has made intentional changes to the behavior of TXT records
to comply with RFC 7208, which concatenates multiple strings for
the same TXT record into a single string.  Multiple TXT records
are not concatenated.

Also, response handling has changed, such that a response which is
completely invalid in formatting is thrown away as a malicious
forged/spoofed packet rather than returning EBADRESP.  This is one
step toward RFC 9018 (EDNS COOKIES) which will require the message
to at least be structurally valid to validate against spoofed
records.

Fix By: Brad House (@bradh352)

PR-URL: nodejs#50743
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Fixes: nodejs#50741
Refs: nodejs#50444
RafaelGSS pushed a commit that referenced this pull request Nov 27, 2023
c-ares has made intentional changes to the behavior of TXT records
to comply with RFC 7208, which concatenates multiple strings for
the same TXT record into a single string.  Multiple TXT records
are not concatenated.

Also, response handling has changed, such that a response which is
completely invalid in formatting is thrown away as a malicious
forged/spoofed packet rather than returning EBADRESP.  This is one
step toward RFC 9018 (EDNS COOKIES) which will require the message
to at least be structurally valid to validate against spoofed
records.

Fix By: Brad House (@bradh352)

PR-URL: #50743
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Fixes: #50741
Refs: #50444
RafaelGSS pushed a commit that referenced this pull request Nov 29, 2023
c-ares has made intentional changes to the behavior of TXT records
to comply with RFC 7208, which concatenates multiple strings for
the same TXT record into a single string.  Multiple TXT records
are not concatenated.

Also, response handling has changed, such that a response which is
completely invalid in formatting is thrown away as a malicious
forged/spoofed packet rather than returning EBADRESP.  This is one
step toward RFC 9018 (EDNS COOKIES) which will require the message
to at least be structurally valid to validate against spoofed
records.

Fix By: Brad House (@bradh352)

PR-URL: #50743
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Fixes: #50741
Refs: #50444
RafaelGSS pushed a commit that referenced this pull request Nov 30, 2023
c-ares has made intentional changes to the behavior of TXT records
to comply with RFC 7208, which concatenates multiple strings for
the same TXT record into a single string.  Multiple TXT records
are not concatenated.

Also, response handling has changed, such that a response which is
completely invalid in formatting is thrown away as a malicious
forged/spoofed packet rather than returning EBADRESP.  This is one
step toward RFC 9018 (EDNS COOKIES) which will require the message
to at least be structurally valid to validate against spoofed
records.

Fix By: Brad House (@bradh352)

PR-URL: #50743
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Fixes: #50741
Refs: #50444
UlisesGascon pushed a commit that referenced this pull request Dec 11, 2023
c-ares has made intentional changes to the behavior of TXT records
to comply with RFC 7208, which concatenates multiple strings for
the same TXT record into a single string.  Multiple TXT records
are not concatenated.

Also, response handling has changed, such that a response which is
completely invalid in formatting is thrown away as a malicious
forged/spoofed packet rather than returning EBADRESP.  This is one
step toward RFC 9018 (EDNS COOKIES) which will require the message
to at least be structurally valid to validate against spoofed
records.

Fix By: Brad House (@bradh352)

PR-URL: #50743
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Fixes: #50741
Refs: #50444
UlisesGascon pushed a commit that referenced this pull request Dec 13, 2023
c-ares has made intentional changes to the behavior of TXT records
to comply with RFC 7208, which concatenates multiple strings for
the same TXT record into a single string.  Multiple TXT records
are not concatenated.

Also, response handling has changed, such that a response which is
completely invalid in formatting is thrown away as a malicious
forged/spoofed packet rather than returning EBADRESP.  This is one
step toward RFC 9018 (EDNS COOKIES) which will require the message
to at least be structurally valid to validate against spoofed
records.

Fix By: Brad House (@bradh352)

PR-URL: #50743
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Fixes: #50741
Refs: #50444
UlisesGascon pushed a commit that referenced this pull request Dec 15, 2023
c-ares has made intentional changes to the behavior of TXT records
to comply with RFC 7208, which concatenates multiple strings for
the same TXT record into a single string.  Multiple TXT records
are not concatenated.

Also, response handling has changed, such that a response which is
completely invalid in formatting is thrown away as a malicious
forged/spoofed packet rather than returning EBADRESP.  This is one
step toward RFC 9018 (EDNS COOKIES) which will require the message
to at least be structurally valid to validate against spoofed
records.

Fix By: Brad House (@bradh352)

PR-URL: #50743
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Fixes: #50741
Refs: #50444
UlisesGascon pushed a commit that referenced this pull request Dec 19, 2023
c-ares has made intentional changes to the behavior of TXT records
to comply with RFC 7208, which concatenates multiple strings for
the same TXT record into a single string.  Multiple TXT records
are not concatenated.

Also, response handling has changed, such that a response which is
completely invalid in formatting is thrown away as a malicious
forged/spoofed packet rather than returning EBADRESP.  This is one
step toward RFC 9018 (EDNS COOKIES) which will require the message
to at least be structurally valid to validate against spoofed
records.

Fix By: Brad House (@bradh352)

PR-URL: #50743
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Fixes: #50741
Refs: #50444
richardlau pushed a commit that referenced this pull request Mar 20, 2024
c-ares has made intentional changes to the behavior of TXT records
to comply with RFC 7208, which concatenates multiple strings for
the same TXT record into a single string.  Multiple TXT records
are not concatenated.

Also, response handling has changed, such that a response which is
completely invalid in formatting is thrown away as a malicious
forged/spoofed packet rather than returning EBADRESP.  This is one
step toward RFC 9018 (EDNS COOKIES) which will require the message
to at least be structurally valid to validate against spoofed
records.

Fix By: Brad House (@bradh352)

PR-URL: #50743
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Fixes: #50741
Refs: #50444
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
cares Issues and PRs related to the c-ares dependency or the cares_wrap binding. commit-queue-squash Add this label to instruct the Commit Queue to squash all the PR commits into the first one. dependencies Pull requests that update a dependency file. needs-ci PRs that need a full CI run.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants