From 0184387f6a748c74c5d29cddf20289dc94f05ddc Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Fri, 19 Jan 2024 08:07:42 +0000 Subject: gentoo auto-resync : 19:01:2024 - 08:07:41 --- net-dns/c-ares/Manifest | 2 + net-dns/c-ares/c-ares-1.25.0-r1.ebuild | 96 ++++++++++++ .../files/c-ares-1.25.0-fix-sanity-check-rr.patch | 166 +++++++++++++++++++++ 3 files changed, 264 insertions(+) create mode 100644 net-dns/c-ares/c-ares-1.25.0-r1.ebuild create mode 100644 net-dns/c-ares/files/c-ares-1.25.0-fix-sanity-check-rr.patch (limited to 'net-dns/c-ares') diff --git a/net-dns/c-ares/Manifest b/net-dns/c-ares/Manifest index b1b3a9d081a6..ded4c88f602a 100644 --- a/net-dns/c-ares/Manifest +++ b/net-dns/c-ares/Manifest @@ -1,6 +1,7 @@ AUX c-ares-1.24.0-ares__iface_ips_enumerate-stub.patch 1133 BLAKE2B c9b4aedb0a9c826dbf79647f2f135668b5667d4801eada9f293e9250109cba2d6e15b2cdc48f9a85041f4cc29e827255f7cd338d395cc4bd311d8c1a2df4d8c7 SHA512 70bf56876051feb49324c64cad80a595cf5f69d3085e2019a83e9282470da7f930f9d9bf04f75efc31ec6e0554e64ed20276084960cab0208839b9a8a48d71fc AUX c-ares-1.24.0-getrandom.patch 2879 BLAKE2B 6683dcca5ebc5c8eaf7da37c08e883fd510d4170a14911d77e6f6fa598e6a79bfcdbe2a14324b05e1ed90bd42a6c46f255eaa622f76cd264346c0fe99222b8fc SHA512 3f998443c2953d0fd5fcc9aceffd6ccfa48c3deae1619901dd696f908cda322fcdfde6c934c8ee36f56df0d708c7255979fa4c9990071c5885048006e183c8b2 AUX c-ares-1.24.0-tests-symbol-hiding.patch 3362 BLAKE2B 029cc9b2422658cd265fc505a821e6371f94b42587022d8680275d8692f11e9444aef07d3db44f001876388d9bfe6f92de251f3177e03d0c0c51039176470268 SHA512 120d3abf30707fd943a56009bcd851d10ea2baa708ab0d1aaf45a782f13e0775e79801c971013968d8f46b37d78f3cad100da48de5f5786a74a7b88970b5fd3c +AUX c-ares-1.25.0-fix-sanity-check-rr.patch 6252 BLAKE2B 4075eb5e0a3ca03047c192dd53a867078ca00bce9db5a9284347c8beaceaacfd0531d87f44805cd6a31ee06eda09683cfe77229da52e0ba7e66d9a1910acc928 SHA512 8f78165011fdf795200b6110798dc4a747fd3c9ab7baf9edd8e6bfad172b5c019b1d518f79318ad70c3baea0918fc88ec2b36d5a0668aea1f06f435281ee1d6d DIST c-ares-1.19.1.tar.gz 1579100 BLAKE2B 4b6c9593edb1a91ab76d54ddacb1cd5d67006d5e628ea1f3289f54e9360be32abeb5d8fc7d23e193feab3e7928e8efde82757eb12fe217dc92ed0d9132bedf5d SHA512 466a94efda626e815a6ef7a890637056339f883d549ea6055e289fd8cd2391130e5682c905c0fb3bd7e955af7f6deb793562c170eb0ee066a4a62085a82ba470 DIST c-ares-1.19.1.tar.gz.asc 488 BLAKE2B 9c47d7b3e67d9a2bd1e332912d21d20ca591fc34f81707c18a4615ea14ba2da00146d1998250a5f4dd2a0b1c04f9bd2013d4940ac734674c0bdff6815985e19d SHA512 1b204ab1a667af1326be4b7c62c0919aacd447a2e00efea4b8ef2ec9f2b13ffb236a836ff8953b0b3359727faf3fb8cfcd71d0b06a0e533a09f9e9ea66024f4e DIST c-ares-1.21.0.tar.gz 1623742 BLAKE2B 708933603dfc6c0286e798b3244eb9d8bce500acb915a255b82e00133509e5c2ceaad6b9b4cd081fcd9193b64fdb72e4e7ff6deeca8eb1744124ab9239cacac0 SHA512 c526b0a28d8ea1c6a53215dfd52e8250c968513a667c5414459d97d46288da7e7a2193d757fc78225e56c6684b3d30e756dd3e5a31917e996c871773a34892ea @@ -12,5 +13,6 @@ DIST c-ares-1.25.0.tar.gz.asc 488 BLAKE2B 45b07fc1ef14452b8a4fda63f134e389b66c12 EBUILD c-ares-1.19.1.ebuild 1953 BLAKE2B 1ded6481a7ebecae276cf0be56591051b72ba20469590e1231b8c873cc9d3869fda7a36cc79f3cadf14f4fef27e05e68dadf683fe9a23b5884c6562f7f3db8c9 SHA512 cf383c805ba7f878afa5c1e75144fca115ee60f420fb257e42badd9d31eaefcb21e2ec9eccdce72d061287e67aa3fe38cfa4ad7168064b8e95318e041e651aa7 EBUILD c-ares-1.21.0.ebuild 2320 BLAKE2B 0bf5577ca5af7eaaa7a0b1adb0acdc63b4a7c2a6be151c39742c6168ee8c44331f6918919d536967a34f527a3ee7b435979b5f4de27203b990a311d079731579 SHA512 fc5446f9b664a5fb93366877f86f029605842850a4aefc73d2c0138f7e5a4c7e61d2429e8c9be1256552805fce7220e26b3e9671dcaa1e561a465ddeceb96fdc EBUILD c-ares-1.24.0.ebuild 3242 BLAKE2B d0e98bad28950c4835670021048a10eea25998ecb2e67fbf078d0106d6509f750f4ceb4f39b45e719e8fbb05ab6ecda792b9d8e040681b3f64fb910e53234ede SHA512 af5de4f8ee25ad76516928d45c524d053c1621aebb852adf1fed3537266a72ee51441fddcdbfc407be94a6f2cd5b84ebf5239585a21feb7deec81461aea7d4e8 +EBUILD c-ares-1.25.0-r1.ebuild 2453 BLAKE2B 07c37b59edd93aacbec980df914da271694ca13173c36325ac732e41270afb6606789796d79f00124cd79e5f11813b2d2d45944c63feac445fdc801b82fb2496 SHA512 847aad620773f09e8a59bec2b0bfca845dd6264e99ab95febae6f1d26d867d9dfda8f6b861ea10d7f89ae2a74eb2756fa3136558287d7e987c4283fc4bd10272 EBUILD c-ares-1.25.0.ebuild 2394 BLAKE2B 2bf5e7d1d5539c987ce2550dc84d3cf900a195e61a8cc4ce37c13c8bfa1e7673fbc636861884999d636cf1b1b8b958369ccf8013feb48476de73d584cce77cf8 SHA512 a6fe90284147dde062d0586d3523e9fbcbe97dc4471405960821c27b90d45d152a2f7b5712769e1c046648db75d5011978eb0a29b4f7122eb8de17833ae70089 MISC metadata.xml 402 BLAKE2B ab03bca92ec4073f5a877993558552136f0ae673f98619aa1f30eb94b6d8f2103b1cf77d23a9f2b3d56ee33af23d626ee230e480a3e3e0bc174df879082466bd SHA512 e02d13db5d10b1aaaae5680247a6b47610dda28a13b7754d2b97f08a760ce732957c96fb6e88ce7fd2076bfec275e72bfbb3dec802940f0159122364ab21acda diff --git a/net-dns/c-ares/c-ares-1.25.0-r1.ebuild b/net-dns/c-ares/c-ares-1.25.0-r1.ebuild new file mode 100644 index 000000000000..f765378e9adf --- /dev/null +++ b/net-dns/c-ares/c-ares-1.25.0-r1.ebuild @@ -0,0 +1,96 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/danielstenberg.asc +inherit edo multilib-minimal verify-sig + +DESCRIPTION="C library that resolves names asynchronously" +HOMEPAGE="https://c-ares.org/" +SRC_URI=" + https://c-ares.org/download/${P}.tar.gz + verify-sig? ( https://c-ares.org/download/${P}.tar.gz.asc ) +" + +# ISC for lib/{bitncmp.c,inet_ntop.c,inet_net_pton.c} (bug #912405) +LICENSE="MIT ISC" +# Subslot = SONAME of libcares.so.2 +SLOT="0/2" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +IUSE="static-libs test" +RESTRICT="!test? ( test )" + +BDEPEND=" + test? ( dev-cpp/gtest ) + verify-sig? ( sec-keys/openpgp-keys-danielstenberg ) +" + +DOCS=( AUTHORS CHANGES NEWS README.md RELEASE-NOTES TODO ) + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/ares_build.h +) + +A__QA_CONFIG_IMPL_DECL_SKIP=( + # Checking for obsolete headers + malloc + calloc + free + + # Non-existent on Linux + closesocket + CloseSocket + ioctlsocket + bitncmp + ConvertInterfaceIndexToLuid + ConvertInterfaceLuidToNameA +) + +PATCHES=( + "${FILESDIR}"/${P}-fix-sanity-check-rr.patch +) + +multilib_src_configure() { + local myeconfargs=( + --enable-symbol-hiding + $(use_enable static-libs static) + $(use_enable test tests) + ) + + # Needed for running unit tests only + # Violates sandbox and tests pass fine without + export ax_cv_uts_namespace=no + export ax_cv_user_namespace=no + ECONF_SOURCE="${S}" econf "${myeconfargs[@]}" +} + +multilib_src_test() { + cd "${BUILD_DIR}"/test || die + + # We're skipping the "real" network tests with the filter + # see https://github.com/c-ares/c-ares/tree/main/test + local network_tests=( + # Most live tests have Live in the name + *Live* + # These don't but are still in ares-test-live.cc => live + *GetTCPSock* + *TimeoutValue* + *GetSock* + *GetSock_virtualized* + *VerifySocketFunctionCallback* + # Seems flaky, even run manually + # https://github.com/c-ares/c-ares/commit/9e542a8839f81c990bb0dff14beeaf9aa6bcc18d + *MockUDPMaxQueriesTest.GetHostByNameParallelLookups* + ) + + # The format for disabling test1, test2, and test3 looks like: + # -test1:test2:test3 + edo ./arestest --gtest_filter=-$(echo $(IFS=:; echo "${network_tests[*]}")) +} + +multilib_src_install_all() { + einstalldocs + + find "${ED}" -name "*.la" -delete || die +} diff --git a/net-dns/c-ares/files/c-ares-1.25.0-fix-sanity-check-rr.patch b/net-dns/c-ares/files/c-ares-1.25.0-fix-sanity-check-rr.patch new file mode 100644 index 000000000000..9b494ebfe8fe --- /dev/null +++ b/net-dns/c-ares/files/c-ares-1.25.0-fix-sanity-check-rr.patch @@ -0,0 +1,166 @@ +https://github.com/c-ares/c-ares/issues/683 +https://github.com/c-ares/c-ares/commit/626dcb155b4daf3360e4251c64ce052e7e520b34 + +From 626dcb155b4daf3360e4251c64ce052e7e520b34 Mon Sep 17 00:00:00 2001 +From: Brad House +Date: Fri, 12 Jan 2024 09:55:42 -0500 +Subject: [PATCH] Do not sanity check RR Name vs Question (#685) + +It appears as though we should never sanity check the RR name vs the question name as some DNS servers may return results for alias records. + +Fixes Bug: #683 +Fix By: Brad House (@bradh352) +--- a/src/lib/ares__parse_into_addrinfo.c ++++ b/src/lib/ares__parse_into_addrinfo.c +@@ -81,7 +81,6 @@ ares_status_t ares__parse_into_addrinfo(const unsigned char *abuf, size_t alen, + } + + for (i = 0; i < ancount; i++) { +- const char *rname = NULL; + ares_dns_rec_type_t rtype; + const ares_dns_rr_t *rr = + ares_dns_record_rr_get(dnsrec, ARES_SECTION_ANSWER, i); +@@ -91,13 +90,18 @@ ares_status_t ares__parse_into_addrinfo(const unsigned char *abuf, size_t alen, + } + + rtype = ares_dns_rr_get_type(rr); +- rname = ares_dns_rr_get_name(rr); + +- /* Old code did this hostname sanity check */ +- if ((rtype == ARES_REC_TYPE_A || rtype == ARES_REC_TYPE_AAAA) && +- strcasecmp(rname, hostname) != 0) { +- continue; +- } ++ /* Issue #683 ++ * Old code did this hostname sanity check, however it appears this is ++ * flawed logic. Other resolvers don't do this sanity check. Leaving ++ * this code commented out for future reference. ++ * ++ * rname = ares_dns_rr_get_name(rr); ++ * if ((rtype == ARES_REC_TYPE_A || rtype == ARES_REC_TYPE_AAAA) && ++ * strcasecmp(rname, hostname) != 0) { ++ * continue; ++ * } ++ */ + + if (rtype == ARES_REC_TYPE_CNAME) { + struct ares_addrinfo_cname *cname; +--- a/src/lib/ares_parse_ptr_reply.c ++++ b/src/lib/ares_parse_ptr_reply.c +@@ -113,7 +113,6 @@ int ares_parse_ptr_reply(const unsigned char *abuf, int alen_int, + + /* Cycle through answers */ + for (i = 0; i < ancount; i++) { +- const char *rname = NULL; + const ares_dns_rr_t *rr = + ares_dns_record_rr_get(dnsrec, ARES_SECTION_ANSWER, i); + +@@ -141,17 +140,20 @@ int ares_parse_ptr_reply(const unsigned char *abuf, int alen_int, + continue; + } + +- /* Old code compared the name in the rr to the ptrname, so we'll do that +- * check here, but I'm not sure its necessary */ +- rname = ares_dns_rr_get_name(rr); +- if (rname == NULL) { +- /* Shouldn't be possible */ +- status = ARES_EBADRESP; +- goto done; +- } +- if (strcasecmp(ptrname, rname) != 0) { +- continue; +- } ++ /* Issue #683 ++ * Old code compared the name in the rr to the ptrname, but I think this ++ * is wrong since it was proven wrong for A & AAAA records. Leaving ++ * this code commented out for future reference ++ * ++ * rname = ares_dns_rr_get_name(rr); ++ * if (rname == NULL) { ++ * status = ARES_EBADRESP; ++ * goto done; ++ * } ++ * if (strcasecmp(ptrname, rname) != 0) { ++ * continue; ++ * } ++ */ + + /* Save most recent PTR record as the hostname */ + hostname = ares_dns_rr_get_str(rr, ARES_RR_PTR_DNAME); +--- a/test/ares-test-parse-a.cc ++++ b/test/ares-test-parse-a.cc +@@ -312,13 +312,19 @@ TEST_F(LibraryTest, ParseAReplyErrors) { + EXPECT_EQ(nullptr, host); + pkt.add_question(new DNSQuestion("example.com", T_A)); + +- // Question != answer ++ // Question != answer, this is ok as of Issue #683 + pkt.questions_.clear(); + pkt.add_question(new DNSQuestion("Axample.com", T_A)); + data = pkt.data(); +- EXPECT_EQ(ARES_ENODATA, ares_parse_a_reply(data.data(), (int)data.size(), ++ EXPECT_EQ(ARES_SUCCESS, ares_parse_a_reply(data.data(), (int)data.size(), + &host, info, &count)); +- EXPECT_EQ(nullptr, host); ++ ASSERT_NE(nullptr, host); ++ std::stringstream ss; ++ ss << HostEnt(host); ++ EXPECT_EQ("{'Axample.com' aliases=[] addrs=[2.3.4.5]}", ss.str()); ++ ares_free_hostent(host); ++ host = nullptr; ++ + pkt.questions_.clear(); + pkt.add_question(new DNSQuestion("example.com", T_A)); + +--- a/test/ares-test-parse-aaaa.cc ++++ b/test/ares-test-parse-aaaa.cc +@@ -139,13 +139,19 @@ TEST_F(LibraryTest, ParseAaaaReplyErrors) { + EXPECT_EQ(nullptr, host); + pkt.add_question(new DNSQuestion("example.com", T_AAAA)); + +- // Question != answer ++ // Question != answer, this is ok as of Issue #683 + pkt.questions_.clear(); + pkt.add_question(new DNSQuestion("Axample.com", T_AAAA)); + data = pkt.data(); +- EXPECT_EQ(ARES_ENODATA, ares_parse_aaaa_reply(data.data(), (int)data.size(), ++ EXPECT_EQ(ARES_SUCCESS, ares_parse_aaaa_reply(data.data(), (int)data.size(), + &host, info, &count)); +- EXPECT_EQ(nullptr, host); ++ ASSERT_NE(nullptr, host); ++ std::stringstream ss; ++ ss << HostEnt(host); ++ EXPECT_EQ("{'Axample.com' aliases=[] addrs=[0101:0101:0202:0202:0303:0303:0404:0404]}", ss.str()); ++ ares_free_hostent(host); ++ ++ host = nullptr; + pkt.questions_.clear(); + pkt.add_question(new DNSQuestion("example.com", T_AAAA)); + +--- a/test/ares-test-parse-ptr.cc ++++ b/test/ares-test-parse-ptr.cc +@@ -163,13 +163,20 @@ TEST_F(LibraryTest, ParsePtrReplyErrors) { + addrv4, sizeof(addrv4), AF_INET, &host)); + pkt.add_question(new DNSQuestion("64.48.32.16.in-addr.arpa", T_PTR)); + +- // Question != answer ++ // Question != answer, ok after #683 ++ host = nullptr; + pkt.questions_.clear(); + pkt.add_question(new DNSQuestion("99.48.32.16.in-addr.arpa", T_PTR)); + data = pkt.data(); +- EXPECT_EQ(ARES_ENODATA, ares_parse_ptr_reply(data.data(), (int)data.size(), ++ EXPECT_EQ(ARES_SUCCESS, ares_parse_ptr_reply(data.data(), (int)data.size(), + addrv4, sizeof(addrv4), AF_INET, &host)); +- EXPECT_EQ(nullptr, host); ++ ASSERT_NE(nullptr, host); ++ std::stringstream ss; ++ ss << HostEnt(host); ++ EXPECT_EQ("{'other.com' aliases=[other.com] addrs=[16.32.48.64]}", ss.str()); ++ ares_free_hostent(host); ++ ++ host = nullptr; + pkt.questions_.clear(); + pkt.add_question(new DNSQuestion("64.48.32.16.in-addr.arpa", T_PTR)); + + -- cgit v1.2.3