New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
test: fixes for c-ares update to 1.21.0/1.22.0 #50743
Conversation
c-ares has made intentional changes to the behavior of TXT records to comply with RFC 7208, which concatenates multiple strings for the same TXT record into a single string. Multiple TXT records are not concatenated. Also, response handling has changed, such that a response which is completely invalid in formatting is thrown away as a malicious forged/spoofed packet rather than returning EBADRESP. This is one step toward RFC 9018 (EDNS COOKIES) which will require the message to at least be structurally valid to validate against spoofed records. Fixes: nodejs#50741 Refs: nodejs#50444 Fix By: Brad House (@bradh352)
|
I think we should apply changes from #50444 and land everything as a single commit. |
Commit Queue failed- Loading data for nodejs/node/pull/50743 ✔ Done loading data for nodejs/node/pull/50743 ----------------------------------- PR info ------------------------------------ Title test: fixes for c-ares update to 1.21.0/1.22.0 (#50743) Author Brad House (@bradh352) Branch bradh352:main -> nodejs:main Labels test, needs-ci Commits 1 - test: dns test case failures after c-ares update to 1.21.0+ Committers 1 - Brad House PR-URL: https://github.com/nodejs/node/pull/50743 Fixes: https://github.com/nodejs/node/issues/50741 Refs: https://github.com/nodejs/node/pull/50444 Reviewed-By: Luigi Pinca ------------------------------ Generated metadata ------------------------------ PR-URL: https://github.com/nodejs/node/pull/50743 Fixes: https://github.com/nodejs/node/issues/50741 Refs: https://github.com/nodejs/node/pull/50444 Reviewed-By: Luigi Pinca -------------------------------------------------------------------------------- ℹ This PR was created on Wed, 15 Nov 2023 14:37:45 GMT ✔ Approvals: 1 ✔ - Luigi Pinca (@lpinca): https://github.com/nodejs/node/pull/50743#pullrequestreview-1738469498 ✘ This PR needs to wait 90 more hours to land (or 0 hours if there is one more approval) ✔ Last GitHub CI successful ✘ No Jenkins CI runs detected -------------------------------------------------------------------------------- ✔ Aborted `git node land` session in /home/runner/work/node/node/.ncuhttps://github.com/nodejs/node/actions/runs/6915944660 |
|
Applied the commit-queue label instead of request-ci. |
|
should pull in 1.22.0 instead of 1.21.0 in #50444 |
|
The script to pull 1.22.0 should will run tomorrow. We can run it manually now but we have to reapply 0bd1e85. |
|
Shouldn't test/parallel/test-dns-resolveany.js fail at the moment? The c-ares version on main is 1.20.1. |
Nevermind, the server answers with a single string now.
There is no need to land this and the c-ares update as a single commit. This is independent. Still LGTM. |
| // May return EBADRESP or ETIMEOUT | ||
| // code: 'EBADRESP', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
| // May return EBADRESP or ETIMEOUT | |
| // code: 'EBADRESP', | |
| code: /^(?:EBADRESP|ETIMEOUT)$/, |
It would be helpful if the test fix is separate commit (but maybe same PR) and could also be backported to the v20 and v18 branch. Thanks, |
c-ares has made intentional changes to the behavior of TXT records to comply with RFC 7208, which concatenates multiple strings for the same TXT record into a single string. Multiple TXT records are not concatenated. Also, response handling has changed, such that a response which is completely invalid in formatting is thrown away as a malicious forged/spoofed packet rather than returning EBADRESP. This is one step toward RFC 9018 (EDNS COOKIES) which will require the message to at least be structurally valid to validate against spoofed records. Fix By: Brad House (@bradh352) PR-URL: #50743 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Fixes: #50741 Refs: #50444
|
Landed in 345d16c. |
c-ares has made intentional changes to the behavior of TXT records to comply with RFC 7208, which concatenates multiple strings for the same TXT record into a single string. Multiple TXT records are not concatenated. Also, response handling has changed, such that a response which is completely invalid in formatting is thrown away as a malicious forged/spoofed packet rather than returning EBADRESP. This is one step toward RFC 9018 (EDNS COOKIES) which will require the message to at least be structurally valid to validate against spoofed records. Fix By: Brad House (@bradh352) PR-URL: nodejs#50743 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Fixes: nodejs#50741 Refs: nodejs#50444
c-ares has made intentional changes to the behavior of TXT records to comply with RFC 7208, which concatenates multiple strings for the same TXT record into a single string. Multiple TXT records are not concatenated. Also, response handling has changed, such that a response which is completely invalid in formatting is thrown away as a malicious forged/spoofed packet rather than returning EBADRESP. This is one step toward RFC 9018 (EDNS COOKIES) which will require the message to at least be structurally valid to validate against spoofed records. Fix By: Brad House (@bradh352) PR-URL: nodejs#50743 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Fixes: nodejs#50741 Refs: nodejs#50444
c-ares has made intentional changes to the behavior of TXT records to comply with RFC 7208, which concatenates multiple strings for the same TXT record into a single string. Multiple TXT records are not concatenated. Also, response handling has changed, such that a response which is completely invalid in formatting is thrown away as a malicious forged/spoofed packet rather than returning EBADRESP. This is one step toward RFC 9018 (EDNS COOKIES) which will require the message to at least be structurally valid to validate against spoofed records. Fix By: Brad House (@bradh352) PR-URL: #50743 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Fixes: #50741 Refs: #50444
c-ares has made intentional changes to the behavior of TXT records to comply with RFC 7208, which concatenates multiple strings for the same TXT record into a single string. Multiple TXT records are not concatenated. Also, response handling has changed, such that a response which is completely invalid in formatting is thrown away as a malicious forged/spoofed packet rather than returning EBADRESP. This is one step toward RFC 9018 (EDNS COOKIES) which will require the message to at least be structurally valid to validate against spoofed records. Fix By: Brad House (@bradh352) PR-URL: #50743 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Fixes: #50741 Refs: #50444
c-ares has made intentional changes to the behavior of TXT records to comply with RFC 7208, which concatenates multiple strings for the same TXT record into a single string. Multiple TXT records are not concatenated. Also, response handling has changed, such that a response which is completely invalid in formatting is thrown away as a malicious forged/spoofed packet rather than returning EBADRESP. This is one step toward RFC 9018 (EDNS COOKIES) which will require the message to at least be structurally valid to validate against spoofed records. Fix By: Brad House (@bradh352) PR-URL: #50743 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Fixes: #50741 Refs: #50444
c-ares has made intentional changes to the behavior of TXT records
to comply with RFC 7208, which concatenates multiple strings for
the same TXT record into a single string. Multiple TXT records
are not concatenated.
Also, response handling has changed, such that a response which is
completely invalid in formatting is thrown away as a malicious
forged/spoofed packet rather than returning EBADRESP. This is one
step toward RFC 9018 (EDNS COOKIES) which will require the message
to at least be structurally valid to validate against spoofed
records.
Fixes: #50741
Refs: #50444
Fix By: Brad House (@bradh352)