- update to 1.18.1. Changes since 1.17.2:

* Allow '/' as a valid character for a returned name for
    CNAME in-addr.arpa delegation
  * no longer forwards requests for localhost resolution per RFC6761
  * During a domain search, treat ARES_ENODATA as ARES_NXDOMAIN so
    that the search process will continue to the next domain
    in the search.
  * Provide ares_nameser.h as a public interface as needed by NodeJS
  * Add support for URI(Uniform Resource Identifier) records via
    ares_parse_uri_reply()
- 5c995d5.patch: upstreamed
- disable-live-tests.patch: refreshed

OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/c-ares?expand=0&rev=44

5c995d5.patch

@@ -1,51 +0,0 @@
-From 5c995d50b05a2c374ae021012afa6f8f4cf2957e Mon Sep 17 00:00:00 2001
-From: bradh352 <brad@brad-house.com>
-Date: Wed, 8 Sep 2021 07:38:44 -0400
-Subject: [PATCH] ares_expand_name should allow underscores (_) as SRV records
- legitimately use them
-
-c-ares 1.17.2 introduced response validation to prevent a security issue, however
-it did not have (_) listed as a valid character for domain name responses which
-caused issues when a CNAME referenced a SRV record which contained underscores.
-
-While RFC2181 section 11 does explicitly state not to do validation, that applies
-to servers not clients.
-
-Fixes: #424
-Fix By: Brad House (@bradh352)
----
- src/lib/ares_expand_name.c | 12 +++++++++---
- 1 file changed, 9 insertions(+), 3 deletions(-)
-
-diff --git a/src/lib/ares_expand_name.c b/src/lib/ares_expand_name.c
-index a62c982e..db262ab4 100644
---- a/src/lib/ares_expand_name.c
-+++ b/src/lib/ares_expand_name.c
-@@ -59,10 +59,16 @@ static int ares__isprint(int ch)
-   return 0;
- }
- 
--/* Character set allowed by hostnames */
-+/* Character set allowed by hostnames.  This is to include the normal
-+ * domain name character set plus underscores which are used in SRV
-+ * records.  While RFC 2181 section 11 does state not to do validation,
-+ * that applies to servers, not clients.  Vulnerabilities have been
-+ * reported when this validation is not performed.  Security is more
-+ * important than edge-case compatibility (which is probably invalid
-+ * anyhow). */
- static int is_hostnamech(int ch)
- {
--  /* [A-Za-z0-9-.]
-+  /* [A-Za-z0-9-._]
-    * Don't use isalnum() as it is locale-specific
-    */
-   if (ch >= 'A' && ch <= 'Z')
-@@ -71,7 +77,7 @@ static int is_hostnamech(int ch)
-     return 1;
-   if (ch >= '0' && ch <= '9')
-     return 1;
--  if (ch == '-' || ch == '.')
-+  if (ch == '-' || ch == '.' || ch == '_')
-     return 1;
- 
-   return 0;

c-ares-1.17.2.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:4803c844ce20ce510ef0eb83f8ea41fa24ecaae9d280c468c582d2bb25b3913d
-size 1538276

c-ares-1.17.2.tar.gz.asc

@@ -1,11 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAmESGOwACgkQXMkI/bce
-EsIyCwf/aKIZjd/ziFBwGNwLpk5DH62e5tr1sL7BwW8F7TiGjKnvglScxxauraM8
-qCVYP6rkCV3aeSg2yEfYI8slrllek6J8iciIN0Y7a7Vd9epVWfSMLq1GNeR+NPB/
-aAFak21vIk2QaLYZk+z4s4pmWN2bvwWJxGG3Tdohr9/W5f3kdbYVrdCE3nWFgCQ6
-/vqG0SACZufgjiEG6vYf2Mhmit9MY+I1LmuR3LrGO2iLMfS69z7GzBS6d015mAHP
-Gm2qLdNBdWyfoMBi7vEMef0/C336UQ1mNyxThw9vHVXr/Fao+ZSL0NJgiZ0ggtKi
-ojAIChIOwOGMcTy8TBmEyNxf7OIsFA==
-=/P5j
------END PGP SIGNATURE-----

c-ares-1.18.1.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:1a7d52a8a84a9fbffb1be9133c0f6e17217d91ea5a6fa61f6b4729cda78ebbcf
+size 1560165

c-ares-1.18.1.tar.gz.asc

@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAmF47KIACgkQXMkI/bce
+EsKuvwf9Ef0HL1yhrA80nUSxQvgGNFhYQO1eEeH5LzV/UPGydOOSXuoVU+YZKjnr
+XUMCYcW8gCLACd4wBab/1gHBa9YeSVJpeJRdyrtIiAhiOPixmwSDCQMMixI526zd
+q40YK+M/YROJgYyp4E1t6rK5UK+sSwkKePXLLPUW5IXjj3vyCNz6TANINv3KoQqC
+mXVmUx0kr1U58fjzp0DB8jz1bixVllD7PpGPsR8pkFTCltVFZmKrvxRy4MHB7/Zs
+5JAElYhR/H+NKY1+2S9A4pKPfN/orGkVyeZlw9A/XdMF+Tjr2YT5FDPair6DQuvI
+Dp24pB2pYTFRfdjZj2b5l568UiujHQ==
+=mcGJ
+-----END PGP SIGNATURE-----

c-ares.changes

@@ -1,3 +1,20 @@
+-------------------------------------------------------------------
+Tue Dec  7 16:57:20 UTC 2021 - Adam Majer <adam.majer@suse.de>
+
+- update to 1.18.1. Changes since 1.17.2:
+  * Allow '/' as a valid character for a returned name for
+    CNAME in-addr.arpa delegation
+  * no longer forwards requests for localhost resolution per RFC6761
+  * During a domain search, treat ARES_ENODATA as ARES_NXDOMAIN so
+    that the search process will continue to the next domain
+    in the search.
+  * Provide ares_nameser.h as a public interface as needed by NodeJS
+  * Add support for URI(Uniform Resource Identifier) records via
+    ares_parse_uri_reply()
+
+- 5c995d5.patch: upstreamed
+- disable-live-tests.patch: refreshed
+
 -------------------------------------------------------------------
 Thu Sep  9 12:15:01 UTC 2021 - Adam Majer <adam.majer@suse.de>
 

c-ares.spec

@@ -24,7 +24,7 @@
 %endif
 
 Name:           c-ares
-Version:        1.17.2
+Version:        1.18.1
 Release:        0
 Summary:        Library for asynchronous name resolves
 License:        MIT
@@ -35,7 +35,6 @@ Source3:        c-ares.keyring
 Source4:        baselibs.conf
 Patch0:         0001-Use-RPM-compiler-options.patch
 Patch1:         disable-live-tests.patch
-Patch2:         https://github.com/c-ares/c-ares/commit/5c995d5.patch
 BuildRequires:  cmake
 BuildRequires:  gcc-c++
 BuildRequires:  pkg-config

disable-live-tests.patch

@@ -1,9 +1,10 @@
-diff -Naur c-ares-1.16.1.orig/test/Makefile.inc c-ares-1.16.1/test/Makefile.inc
---- c-ares-1.16.1.orig/test/Makefile.inc	2020-07-08 22:15:36.667605939 +0200
-+++ c-ares-1.16.1/test/Makefile.inc	2020-07-08 22:16:25.407171729 +0200
-@@ -14,7 +14,6 @@
-   ares-test-parse-srv.cc		\
+Index: c-ares-1.18.1/test/Makefile.inc
+===================================================================
+--- c-ares-1.18.1.orig/test/Makefile.inc
++++ c-ares-1.18.1/test/Makefile.inc
+@@ -16,7 +16,6 @@ TESTSOURCES = ares-test-main.cc	\
    ares-test-parse-txt.cc		\
+   ares-test-parse-uri.cc		\
    ares-test-misc.cc			\
 -  ares-test-live.cc			\
    ares-test-mock.cc			\