adamm/c-ares
SHA256
1
0
Fork 0
forked from pool/c-ares
Code Pull Requests Activity

Accepting request 819608 from home:elimat:branches:devel:libraries:c_c++

Browse Source 
- Version update to 1.16.1
  Security:
  * Prevent possible use-after-free and double-free in ares_getaddrinfo() if 
    ares_destroy() is called prior to ares_getaddrinfo() completing. 
	Reported by Jann Horn at Google Project Zero.
  Changes:
  * Allow TXT records on CHAOS qclass. Used for retriving things like
    version.bind, version.server, authoris.bind, hostname.bind, and id.server. [3] 
  Bug fixes:
  * Fix Windows Unicode incompatibilities with ares_getaddrinfo() [1]
  * Silence false cast-align compiler warnings due to valid casts of struct
    sockaddr to struct sockaddr_in and struct sockaddr_in6.
  * MacOS should use libresolv for retrieving DNS servers, like iOS
  * CMake build system should populate the INCLUDE_DIRECTORIES property of
    installed targets [2]
  * Correct macros in use for the ares_getaddrinfo.3 man page
- Changes in version 1.16.0
  Changes:
  * Introduction of ares_getaddrinfo() API which provides similar output
    (including proper sorting as per RFC 6724) to the system native API, but
	utilizes different data structures in order to provide additional
	information such as TTLs and all aliases. Please reference the respective
	man pages for usage details.
  * Parse SOA records from ns_t_any response
  * CMake: Provide c-ares version in package export file
  * CMake: Add CPACK functionality for DEB and RPM
  * CMake: Generate PDB files during build
  * CMake: Support manpage installation
  Bug fixes:
  * Fix bad expectation in IPv6 localhost test.
  * AutoTools: use XC_CHECK_BUILD_FLAGS instead of XC_CHECK_USER_FLAGS to
    prevent complaints about CPPFLAGS in CFLAGS.
  * Fix .onion handling
  * Command line usage was out of date for adig and ahost.
  * Typos in manpages
  * If ares_getenv is defined, it must return a value on all platforms
  * If /etc/resolv.conf has invalid lookup values, use the defaults.
  * Tests: Separate live tests from SetServers* tests as only live tests
    should require internet access.
  * ares_gethostbyname() should return ENODATA if no valid A or AAAA record
    is found, but a CNAME was found.
  * CMake: Rework library function checking to prevent unintended linking
    with system libraries that aren't needed.
  * Due to use of inet_addr() it was not possible to return 255.255.255.255
    from ares_gethostbyname().
  * CMake: Fix building of tests on Windows 
- Drop regression.patch which have been fixed upstream
- Refresh disable-live-tests.patch
- Remove static lib since its required when doing tests and we dont want it
  included in package
- Run spec-cleaner

OBS-URL: https://build.opensuse.org/request/show/819608
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/c-ares?expand=0&rev=18
This commit is contained in:
Tomáš Chvátal 2020-07-09 06:43:45 +00:00 committed by Git OBS Bridge
parent 8c39f8b875
commit a4815457d3
7 changed files with 86 additions and 177 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
c-ares-1.15.0-20200117.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:86a99c9750698356ffde22cb42e2a18bb4c2baf424d31ba988c4e6f6fc18ba89
size 1332073

3
c-ares-1.16.1.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:d08312d0ecc3bd48eee0a4cc0d2137c9f194e0a28de2028928c0f6cae85f86ce
size 1374637

11
c-ares-1.16.1.tar.gz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAl65kRoACgkQXMkI/bce
EsLoxwgAkIUACrGgrcLwqPUt6+JZoqWgTMjQTuGyZ+5kB8O93U40GSHH8YDm5Ntj
iTADAQMNo8EJfRBwH+tpQ7VFXDIAz/8dNuwx4VmnadaqoQU7j7v2u5IhltBmtof1
SkRwwdpma4FoteF91cPDoFH/sdaUGlhFo/fS4gJPeWJqqqCok78j5mS9ZIwzyc4B
JKP2PMEt1XX1hmLOc+4jI7Mv0N0egN6cvCTiyW8jq0maEALiUBm3U9T+g6yDLp5J
KnbtLkcwTU+lj4BdMcJ+ADrW4ELFIY1Jd1qOWhLOLEwyvbDFiJ1x53+U3Vzht7n0
Yv/3aL0xtfcRXkILjnNlNCSgO34PTg==
=LOfS
-----END PGP SIGNATURE-----

55
c-ares.changes
View File

@ -1,3 +1,58 @@
-------------------------------------------------------------------
Wed Jul 8 20:35:17 UTC 2020 - Matthias Eliasson <elimat@opensuse.org>
- Version update to 1.16.1
Security:
* Prevent possible use-after-free and double-free in ares_getaddrinfo() if
ares_destroy() is called prior to ares_getaddrinfo() completing.
Reported by Jann Horn at Google Project Zero.
Changes:
* Allow TXT records on CHAOS qclass. Used for retriving things like
version.bind, version.server, authoris.bind, hostname.bind, and id.server. [3]
Bug fixes:
* Fix Windows Unicode incompatibilities with ares_getaddrinfo() [1]
* Silence false cast-align compiler warnings due to valid casts of struct
sockaddr to struct sockaddr_in and struct sockaddr_in6.
* MacOS should use libresolv for retrieving DNS servers, like iOS
* CMake build system should populate the INCLUDE_DIRECTORIES property of
installed targets [2]
* Correct macros in use for the ares_getaddrinfo.3 man page
- Changes in version 1.16.0
Changes:
* Introduction of ares_getaddrinfo() API which provides similar output
(including proper sorting as per RFC 6724) to the system native API, but
utilizes different data structures in order to provide additional
information such as TTLs and all aliases. Please reference the respective
man pages for usage details.
* Parse SOA records from ns_t_any response
* CMake: Provide c-ares version in package export file
* CMake: Add CPACK functionality for DEB and RPM
* CMake: Generate PDB files during build
* CMake: Support manpage installation
Bug fixes:
* Fix bad expectation in IPv6 localhost test.
* AutoTools: use XC_CHECK_BUILD_FLAGS instead of XC_CHECK_USER_FLAGS to
prevent complaints about CPPFLAGS in CFLAGS.
* Fix .onion handling
* Command line usage was out of date for adig and ahost.
* Typos in manpages
* If ares_getenv is defined, it must return a value on all platforms
* If /etc/resolv.conf has invalid lookup values, use the defaults.
* Tests: Separate live tests from SetServers* tests as only live tests
should require internet access.
* ares_gethostbyname() should return ENODATA if no valid A or AAAA record
is found, but a CNAME was found.
* CMake: Rework library function checking to prevent unintended linking
with system libraries that aren't needed.
* Due to use of inet_addr() it was not possible to return 255.255.255.255
from ares_gethostbyname().
* CMake: Fix building of tests on Windows
- Drop regression.patch which have been fixed upstream
- Refresh disable-live-tests.patch
- Remove static lib since its required when doing tests and we dont want it
included in package
- Run spec-cleaner
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Feb 3 15:17:24 UTC 2020 - Adam Majer <adam.majer@suse.de> Mon Feb 3 15:17:24 UTC 2020 - Adam Majer <adam.majer@suse.de>

32
c-ares.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package c-ares # spec file for package c-ares
# #
# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2020 SUSE LLC
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -18,22 +18,18 @@
%define sonum 2 %define sonum 2
%define libname libcares%{sonum} %define libname libcares%{sonum}
%define realver 1.15.0-20200117
Name: c-ares Name: c-ares
Version: 1.15.0+20200117 Version: 1.16.1
Release: 0 Release: 0
Summary: Library for asynchronous name resolves Summary: Library for asynchronous name resolves
License: MIT License: MIT
URL: https://c-ares.haxx.se/ URL: https://c-ares.haxx.se/
#Source0: https://c-ares.haxx.se/daily-snapshot/c-ares-%{realver}.tar.gz Source0: http://c-ares.haxx.se/download/%{name}-%{version}.tar.gz
Source0: c-ares-%{realver}.tar.gz Source1: http://c-ares.haxx.se/download/%{name}-%{version}.tar.gz.asc
#Source0: http://c-ares.haxx.se/download/%{name}-%{version}.tar.gz
#Source1: http://c-ares.haxx.se/download/%{name}-%{version}.tar.gz.asc
Source3: %{name}.keyring Source3: %{name}.keyring
Source4: baselibs.conf Source4: baselibs.conf
Patch0: 0001-Use-RPM-compiler-options.patch Patch0: 0001-Use-RPM-compiler-options.patch
Patch1: disable-live-tests.patch Patch1: disable-live-tests.patch
Patch2: regression.patch
BuildRequires: cmake BuildRequires: cmake
BuildRequires: gcc-c++ BuildRequires: gcc-c++
BuildRequires: libtool BuildRequires: libtool
@ -56,7 +52,6 @@ by Greg Hudson at MIT.
This package provides some tools that make use of c-ares. This package provides some tools that make use of c-ares.
%package -n %{libname} %package -n %{libname}
Summary: Library for asynchronous name resolves Summary: Library for asynchronous name resolves
# Needed for getservbyport_r function to work properly. # Needed for getservbyport_r function to work properly.
@ -69,7 +64,6 @@ by Greg Hudson at MIT.
This package provides the shared libraries for c-ares. This package provides the shared libraries for c-ares.
%package devel %package devel
Summary: Development files for %{name} Summary: Development files for %{name}
Requires: %{libname} = %{version} Requires: %{libname} = %{version}
@ -85,9 +79,8 @@ by Greg Hudson at MIT.
This package provides the development libraries and headers needed This package provides the development libraries and headers needed
to build packages that depend on c-ares. to build packages that depend on c-ares.
%prep %prep
%autosetup -p1 -n %{name}-%{realver} %autosetup -p1 -n %{name}-%{version}
# Remove bogus cflags checking # Remove bogus cflags checking
sed -i -e '/XC_CHECK_BUILD_FLAGS/d' configure.ac sed -i -e '/XC_CHECK_BUILD_FLAGS/d' configure.ac
@ -100,17 +93,18 @@ sed -i -e '/XC_CHECK_USER_FLAGS/d' m4/xc-cc-check.m4
-DCARES_INSTALL:BOOL=ON \ -DCARES_INSTALL:BOOL=ON \
-DCARES_BUILD_TESTS:BOOL=ON \ -DCARES_BUILD_TESTS:BOOL=ON \
-DCARES_BUILD_TOOLS:BOOL=ON -DCARES_BUILD_TOOLS:BOOL=ON
make %{?_smp_mflags} %make_build
%install %install
%cmake_install %cmake_install
install -m 644 -Dt %{buildroot}%{_mandir}/man1/ *.1 install -m 644 -Dt %{buildroot}%{_mandir}/man1/ *.1
install -m 644 -Dt %{buildroot}%{_mandir}/man3/ *.3 install -m 644 -Dt %{buildroot}%{_mandir}/man3/ *.3
find %{buildroot} -type f -name "*.la" -delete -print # Tests require static lib so lets remove it so it does not get in package
find %{buildroot} -type f \( -name "*.la" -o -name "*.a" \) -delete -print
%check %check
pushd build pushd build
make -C test %{?_smp_mflags} %make_build -C test
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:./lib export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:./lib
./bin/arestest ./bin/arestest
@ -122,9 +116,9 @@ export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:./lib
%{_bindir}/acountry %{_bindir}/acountry
%{_bindir}/adig %{_bindir}/adig
%{_bindir}/ahost %{_bindir}/ahost
%{_mandir}/man1/acountry.1%{ext_man} %{_mandir}/man1/acountry.1%{?ext_man}
%{_mandir}/man1/adig.1%{ext_man} %{_mandir}/man1/adig.1%{?ext_man}
%{_mandir}/man1/ahost.1%{ext_man} %{_mandir}/man1/ahost.1%{?ext_man}
%files -n %{libname} %files -n %{libname}
%license LICENSE.md %license LICENSE.md
@ -134,7 +128,7 @@ export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:./lib
%license LICENSE.md %license LICENSE.md
%{_libdir}/libcares.so %{_libdir}/libcares.so
%{_includedir}/*.h %{_includedir}/*.h
%{_mandir}/man3/ares_*.3%{ext_man} %{_mandir}/man3/ares_*.3%{?ext_man}
%{_libdir}/pkgconfig/libcares.pc %{_libdir}/pkgconfig/libcares.pc
%{_libdir}/cmake/c-ares/ %{_libdir}/cmake/c-ares/

53
disable-live-tests.patch
View File

@ -1,8 +1,7 @@
Index: c-ares-1.15.0-20200117/test/Makefile.inc diff -Naur c-ares-1.16.1.orig/test/Makefile.inc c-ares-1.16.1/test/Makefile.inc
=================================================================== --- c-ares-1.16.1.orig/test/Makefile.inc 2020-07-08 22:15:36.667605939 +0200
--- c-ares-1.15.0-20200117.orig/test/Makefile.inc +++ c-ares-1.16.1/test/Makefile.inc 2020-07-08 22:16:25.407171729 +0200
+++ c-ares-1.15.0-20200117/test/Makefile.inc @@ -14,7 +14,6 @@
@@ -13,7 +13,6 @@ TESTSOURCES = ares-test-main.cc \
ares-test-parse-srv.cc \ ares-test-parse-srv.cc \
ares-test-parse-txt.cc \ ares-test-parse-txt.cc \
ares-test-misc.cc \ ares-test-misc.cc \
@ -10,47 +9,3 @@ Index: c-ares-1.15.0-20200117/test/Makefile.inc
ares-test-mock.cc \ ares-test-mock.cc \
ares-test-mock-ai.cc \ ares-test-mock-ai.cc \
ares-test-internal.cc \ ares-test-internal.cc \
Index: c-ares-1.15.0-20200117/test/ares-test-misc.cc
===================================================================
--- c-ares-1.15.0-20200117.orig/test/ares-test-misc.cc
+++ c-ares-1.15.0-20200117/test/ares-test-misc.cc
@@ -47,10 +47,12 @@ TEST_F(DefaultChannelTest, SetServers) {
EXPECT_EQ(expected, GetNameServers(channel_));
// Change not allowed while request is pending
+ /*
HostResult result;
ares_gethostbyname(channel_, "www.google.com.", AF_INET, HostCallback, &result);
EXPECT_EQ(ARES_ENOTIMP, ares_set_servers(channel_, &server1));
ares_cancel(channel_);
+ */
}
TEST_F(DefaultChannelTest, SetServersPorts) {
@@ -77,10 +79,12 @@ TEST_F(DefaultChannelTest, SetServersPor
EXPECT_EQ(expected, GetNameServers(channel_));
// Change not allowed while request is pending
+ /*
HostResult result;
ares_gethostbyname(channel_, "www.google.com.", AF_INET, HostCallback, &result);
EXPECT_EQ(ARES_ENOTIMP, ares_set_servers_ports(channel_, &server1));
ares_cancel(channel_);
+ */
}
TEST_F(DefaultChannelTest, SetServersCSV) {
@@ -109,11 +113,13 @@ TEST_F(DefaultChannelTest, SetServersCSV
EXPECT_EQ(expected2, GetNameServers(channel_));
// Change not allowed while request is pending
+ /*
HostResult result;
ares_gethostbyname(channel_, "www.google.com.", AF_INET, HostCallback, &result);
EXPECT_EQ(ARES_ENOTIMP, ares_set_servers_csv(channel_, "1.2.3.4,2.3.4.5"));
EXPECT_EQ(ARES_ENOTIMP, ares_set_servers_ports_csv(channel_, "1.2.3.4:56,2.3.4.5:67"));
ares_cancel(channel_);
+ */
// Should survive duplication
ares_channel channel2;

106
regression.patch
View File

@ -1,106 +0,0 @@
commit 9413d54ff43d18cedf0d4531408aabc7c2c102a2
Author: Adam Majer <amajer@suse.de>
Date: Mon Feb 3 15:19:08 2020 +0100
Only count valid addresses when response parsing
When ares_parse_a_reply or ares_parse_aaaa_reply is called in case
where another AAAA and A responses exist, the resulting ares_addrttl
count is invalid and the structure points to gibberish.
This is a regression since 1.15.
PR: https://github.com/c-ares/c-ares/pull/302
diff --git a/ares_parse_a_reply.c b/ares_parse_a_reply.c
index b506f72..920ba24 100644
--- a/ares_parse_a_reply.c
+++ b/ares_parse_a_reply.c
@@ -86,7 +86,10 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
next = ai.nodes;
while (next)
{
- ++naddrs;
+ if (next->ai_family == AF_INET)
+ {
+ ++naddrs;
+ }
next = next->ai_next;
}
diff --git a/ares_parse_aaaa_reply.c b/ares_parse_aaaa_reply.c
index aca3f00..d39e138 100644
--- a/ares_parse_aaaa_reply.c
+++ b/ares_parse_aaaa_reply.c
@@ -88,7 +88,10 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
next = ai.nodes;
while (next)
{
- ++naddrs;
+ if(next->ai_family == AF_INET6)
+ {
+ ++naddrs;
+ }
next = next->ai_next;
}
diff --git a/test/ares-test-parse-a.cc b/test/ares-test-parse-a.cc
index 77d9591..0741c0d 100644
--- a/test/ares-test-parse-a.cc
+++ b/test/ares-test-parse-a.cc
@@ -11,13 +11,14 @@ TEST_F(LibraryTest, ParseAReplyOK) {
DNSPacket pkt;
pkt.set_qid(0x1234).set_response().set_aa()
.add_question(new DNSQuestion("example.com", ns_t_a))
- .add_answer(new DNSARR("example.com", 0x01020304, {2,3,4,5}));
+ .add_answer(new DNSARR("example.com", 0x01020304, {2,3,4,5}))
+ .add_answer(new DNSAaaaRR("example.com", 0x01020304, {0,0,0,0,0,0,0,0,0,0,0,0,2,3,4,5}));
std::vector<byte> data = {
0x12, 0x34, // qid
0x84, // response + query + AA + not-TC + not-RD
0x00, // not-RA + not-Z + not-AD + not-CD + rc=NoError
0x00, 0x01, // num questions
- 0x00, 0x01, // num answer RRs
+ 0x00, 0x02, // num answer RRs
0x00, 0x00, // num authority RRs
0x00, 0x00, // num additional RRs
// Question
@@ -35,6 +36,15 @@ TEST_F(LibraryTest, ParseAReplyOK) {
0x01, 0x02, 0x03, 0x04, // TTL
0x00, 0x04, // rdata length
0x02, 0x03, 0x04, 0x05,
+ // Answer 2
+ 0x07, 'e', 'x', 'a', 'm', 'p', 'l', 'e',
+ 0x03, 'c', 'o', 'm',
+ 0x00,
+ 0x00, 0x1c, // RR type
+ 0x00, 0x01, // class IN
+ 0x01, 0x02, 0x03, 0x04, // TTL
+ 0x00, 0x10, // rdata length
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x03, 0x04, 0x05,
};
EXPECT_EQ(data, pkt.data());
struct hostent *host = nullptr;
@@ -68,7 +78,7 @@ TEST_F(LibraryTest, ParseMalformedAReply) {
0x84, // [2] response + query + AA + not-TC + not-RD
0x00, // [3] not-RA + not-Z + not-AD + not-CD + rc=NoError
0x00, 0x01, // [4:6) num questions
- 0x00, 0x01, // [6:8) num answer RRs
+ 0x00, 0x02, // [6:8) num answer RRs
0x00, 0x00, // [8:10) num authority RRs
0x00, 0x00, // [10:12) num additional RRs
// Question
diff --git a/test/ares-test-parse-aaaa.cc b/test/ares-test-parse-aaaa.cc
index 9d0457e..1314c83 100644
--- a/test/ares-test-parse-aaaa.cc
+++ b/test/ares-test-parse-aaaa.cc
@@ -13,7 +13,8 @@ TEST_F(LibraryTest, ParseAaaaReplyOK) {
.add_question(new DNSQuestion("example.com", ns_t_aaaa))
.add_answer(new DNSAaaaRR("example.com", 100,
{0x01, 0x01, 0x01, 0x01, 0x02, 0x02, 0x02, 0x02,
- 0x03, 0x03, 0x03, 0x03, 0x04, 0x04, 0x04, 0x04}));
+ 0x03, 0x03, 0x03, 0x03, 0x04, 0x04, 0x04, 0x04}))
+ .add_answer(new DNSARR("example.com", 0x01020304, {2,3,4,5}));
std::vector<byte> data = pkt.data();
struct hostent *host = nullptr;
struct ares_addr6ttl info[5];