aboutsummaryrefslogtreecommitdiffstats
path: root/contrib/libs/c-ares
diff options
context:
space:
mode:
authorrobot-contrib <robot-contrib@yandex-team.com>2024-11-12 04:41:48 +0300
committerrobot-contrib <robot-contrib@yandex-team.com>2024-11-12 04:53:58 +0300
commit18b18c79e00cbe11bf0ec82039f1bddbb2c19681 (patch)
tree1b6cebe27d564b429744a96cb8842e306a5d79d0 /contrib/libs/c-ares
parent9632e4fecfdc42cd6b3cb58f05676e3a5dbcf043 (diff)
downloadydb-18b18c79e00cbe11bf0ec82039f1bddbb2c19681.tar.gz
Update contrib/libs/c-ares to 1.34.3
commit_hash:a4dc6127c1976aed745669af6ede1483b05f9686
Diffstat (limited to 'contrib/libs/c-ares')
-rw-r--r--contrib/libs/c-ares/.yandex_meta/override.nix4
-rw-r--r--contrib/libs/c-ares/RELEASE-NOTES.md31
-rw-r--r--contrib/libs/c-ares/RELEASE-PROCEDURE.md23
-rw-r--r--contrib/libs/c-ares/include/ares_version.h4
-rw-r--r--contrib/libs/c-ares/src/lib/ares_getaddrinfo.c34
-rw-r--r--contrib/libs/c-ares/src/lib/ares_process.c55
-rw-r--r--contrib/libs/c-ares/src/lib/ares_send.c5
-rw-r--r--contrib/libs/c-ares/src/lib/event/ares_event_thread.c8
-rw-r--r--contrib/libs/c-ares/ya.make4
9 files changed, 138 insertions, 30 deletions
diff --git a/contrib/libs/c-ares/.yandex_meta/override.nix b/contrib/libs/c-ares/.yandex_meta/override.nix
index 5b0c26de95..2707dd05f6 100644
--- a/contrib/libs/c-ares/.yandex_meta/override.nix
+++ b/contrib/libs/c-ares/.yandex_meta/override.nix
@@ -1,11 +1,11 @@
pkgs: attrs: with pkgs; with attrs; rec {
- version = "1.34.2";
+ version = "1.34.3";
src = fetchFromGitHub {
owner = "c-ares";
repo = "c-ares";
rev= "v${version}";
- hash = "sha256-KGNOc3l+bWifWFnBOLtL0ASJTuYayBOAE6g6gNsl5xk=";
+ hash = "sha256-vCVS0kr/l6iRVWRnRM+J8aWheDEqEVVekjF8f4Naj/0=";
};
patches = [];
diff --git a/contrib/libs/c-ares/RELEASE-NOTES.md b/contrib/libs/c-ares/RELEASE-NOTES.md
index cbd4788600..f9d58d2784 100644
--- a/contrib/libs/c-ares/RELEASE-NOTES.md
+++ b/contrib/libs/c-ares/RELEASE-NOTES.md
@@ -1,3 +1,34 @@
+## c-ares version 1.34.3 - November 9 2024
+
+This is a bugfix release.
+
+Changes:
+* Build the release package in an automated way so we can provide
+ provenance as per [SLSA3](https://slsa.dev/).
+ [PR #906](https://github.com/c-ares/c-ares/pull/906)
+
+Bugfixes:
+* Some upstream servers are non-compliant with EDNS options, resend queries
+ without EDNS. [Issue #911](https://github.com/c-ares/c-ares/issues/911)
+* Android: <=7 needs sys/system_properties.h
+ [a70637c](https://github.com/c-ares/c-ares/commit/a70637c)
+* Android: CMake needs `-D_GNU_SOURCE` and others.
+ [PR #915](https://github.com/c-ares/c-ares/pull/914)
+* TSAN warns on missing lock, but lock isn't actually necessary.
+ [PR #915](https://github.com/c-ares/c-ares/pull/915)
+* `ares_getaddrinfo()` for `AF_UNSPEC` should retry IPv4 if only IPv6 is
+ received. [765d558](https://github.com/c-ares/c-ares/commit/765d558)
+* `ares_send()` shouldn't return `ARES_EBADRESP`, its `ARES_EBADQUERY`.
+ [91519e7](https://github.com/c-ares/c-ares/commit/91519e7)
+* Fix typos in man pages. [PR #905](https://github.com/c-ares/c-ares/pull/905)
+
+Thanks go to these friendly people for their efforts and contributions for this
+release:
+
+* Brad House (@bradh352)
+* Jiwoo Park (@jimmy-park)
+
+
## c-ares version 1.34.2 - October 15 2024
This release contains a fix for downstream packages detecting the c-ares
diff --git a/contrib/libs/c-ares/RELEASE-PROCEDURE.md b/contrib/libs/c-ares/RELEASE-PROCEDURE.md
index c686a9f97b..eb6d17958e 100644
--- a/contrib/libs/c-ares/RELEASE-PROCEDURE.md
+++ b/contrib/libs/c-ares/RELEASE-PROCEDURE.md
@@ -17,7 +17,7 @@ in the source code repo
not a commit which may be shared across this branch and `main`. Create the
branch like:
```
-BRANCH=1.32
+BRANCH=1.35
git pull && \
git checkout main && \
git checkout -b v${BRANCH} main && \
@@ -29,23 +29,18 @@ git push -u origin v${BRANCH}
Major version number, `Y` is the minor version number, and `Z` is the release.
This tag needs to be created from the release branch, for example:
```
-BRANCH=1.32
-RELEASE=1.32.0
+BRANCH=1.35
+RELEASE=1.35.0
git checkout v${BRANCH} && \
git pull && \
git tag -s v${RELEASE} -m 'c-ares release v${RELEASE}' v${BRANCH} && \
git push origin --tags
```
-- Create the release tarball using `make dist`, it is best to check out the
- specific tag fresh and build from that:
+- When a tag is created, it will spawn off a github action to generate a new
+ draft release based on this workflow: [package.yml](https://github.com/c-ares/c-ares/blob/main/.github/workflows/package.yml).
+ Wait for this workflow to complete then fetch the generated source tarball:
```
-RELEASE=1.32.0
-git clone --depth 1 --branch v${RELEASE} https://github.com/c-ares/c-ares c-ares-${RELEASE} && \
-cd c-ares-${RELEASE} && \
-autoreconf -fi && \
-./configure && \
-make && \
-make dist VERSION=${RELEASE}
+wget https://github.com/c-ares/c-ares/releases/download/v${RELEASE}/c-ares-${RELEASE}.tar.gz
```
- GPG sign the release with a detached signature. Valid signing keys are currently:
- Daniel Stenberg <daniel@haxx.se> - 27EDEAF22F3ABCEB50DB9A125CC908FDB71E12C2
@@ -53,8 +48,8 @@ make dist VERSION=${RELEASE}
```
gpg -ab c-ares-${RELEASE}.tar.gz
```
-- Create a new release on GitHub using the `RELEASE-NOTES.md` as the body.
- Upload the generated tarball and signature as an artifact.
+- Upload the generated `c-ares-${RELEASE}.tar.gz.asc` signature as a release
+ asset, then unmark the release as being a draft.
in the c-ares-www repo
----------------------
diff --git a/contrib/libs/c-ares/include/ares_version.h b/contrib/libs/c-ares/include/ares_version.h
index d7a9c9e61e..9cb8084dd5 100644
--- a/contrib/libs/c-ares/include/ares_version.h
+++ b/contrib/libs/c-ares/include/ares_version.h
@@ -32,8 +32,8 @@
#define ARES_VERSION_MAJOR 1
#define ARES_VERSION_MINOR 34
-#define ARES_VERSION_PATCH 2
-#define ARES_VERSION_STR "1.34.2"
+#define ARES_VERSION_PATCH 3
+#define ARES_VERSION_STR "1.34.3"
/* NOTE: We cannot make the version string a C preprocessor stringify operation
* due to assumptions made by integrators that aren't properly using
diff --git a/contrib/libs/c-ares/src/lib/ares_getaddrinfo.c b/contrib/libs/c-ares/src/lib/ares_getaddrinfo.c
index 09d34d3378..32791dc37d 100644
--- a/contrib/libs/c-ares/src/lib/ares_getaddrinfo.c
+++ b/contrib/libs/c-ares/src/lib/ares_getaddrinfo.c
@@ -481,6 +481,18 @@ static void terminate_retries(const struct host_query *hquery,
query->no_retries = ARES_TRUE;
}
+static ares_bool_t ai_has_ipv4(struct ares_addrinfo *ai)
+{
+ struct ares_addrinfo_node *node;
+
+ for (node = ai->nodes; node != NULL; node = node->ai_next) {
+ if (node->ai_family == AF_INET) {
+ return ARES_TRUE;
+ }
+ }
+ return ARES_FALSE;
+}
+
static void host_callback(void *arg, ares_status_t status, size_t timeouts,
const ares_dns_record_t *dnsrec)
{
@@ -496,7 +508,27 @@ static void host_callback(void *arg, ares_status_t status, size_t timeouts,
addinfostatus =
ares_parse_into_addrinfo(dnsrec, ARES_TRUE, hquery->port, hquery->ai);
}
- if (addinfostatus == ARES_SUCCESS) {
+
+ /* We sent out ipv4 and ipv6 requests simultaneously. If we got a
+ * successful ipv4 response, we want to go ahead and tell the ipv6 request
+ * that if it fails or times out to not try again since we have the data
+ * we need.
+ *
+ * Our initial implementation of this would terminate retries if we got any
+ * successful response (ipv4 _or_ ipv6). But we did get some user-reported
+ * issues with this that had bad system configs and odd behavior:
+ * https://github.com/alpinelinux/docker-alpine/issues/366
+ *
+ * Essentially the ipv6 query succeeded but the ipv4 query failed or timed
+ * out, and so we only returned the ipv6 address, but the host couldn't
+ * use ipv6. If we continued to allow ipv4 retries it would have found a
+ * server that worked and returned both address classes (this is clearly
+ * unexpected behavior).
+ *
+ * At some point down the road if ipv6 actually becomes required and
+ * reliable we can drop this ipv4 check.
+ */
+ if (addinfostatus == ARES_SUCCESS && ai_has_ipv4(hquery->ai)) {
terminate_retries(hquery, ares_dns_record_get_id(dnsrec));
}
}
diff --git a/contrib/libs/c-ares/src/lib/ares_process.c b/contrib/libs/c-ares/src/lib/ares_process.c
index 62a6ae1dda..3d186ea9d5 100644
--- a/contrib/libs/c-ares/src/lib/ares_process.c
+++ b/contrib/libs/c-ares/src/lib/ares_process.c
@@ -650,6 +650,51 @@ done:
return status;
}
+static ares_bool_t issue_might_be_edns(const ares_dns_record_t *req,
+ const ares_dns_record_t *rsp)
+{
+ const ares_dns_rr_t *rr;
+
+ /* If we use EDNS and server answers with FORMERR without an OPT RR, the
+ * protocol extension is not understood by the responder. We must retry the
+ * query without EDNS enabled. */
+ if (ares_dns_record_get_rcode(rsp) != ARES_RCODE_FORMERR) {
+ return ARES_FALSE;
+ }
+
+ rr = ares_dns_get_opt_rr_const(req);
+ if (rr == NULL) {
+ /* We didn't send EDNS */
+ return ARES_FALSE;
+ }
+
+ if (ares_dns_get_opt_rr_const(rsp) == NULL) {
+ /* Spec says EDNS won't be echo'd back on non-supporting servers, so
+ * retry without EDNS */
+ return ARES_TRUE;
+ }
+
+ /* As per issue #911 some non-compliant servers that do indeed support EDNS
+ * but don't support unrecognized option codes exist. At this point we
+ * expect them to have also returned an EDNS opt record, but we may remove
+ * that check in the future. Lets detect this situation if we're sending
+ * option codes */
+ if (ares_dns_rr_get_opt_cnt(rr, ARES_RR_OPT_OPTIONS) == 0) {
+ /* We didn't send any option codes */
+ return ARES_FALSE;
+ }
+
+ if (ares_dns_get_opt_rr_const(rsp) != NULL) {
+ /* At this time we're requiring the server to respond with EDNS opt
+ * records since that's what has been observed in the field. We might
+ * find in the future we have to remove this, who knows. Lets go
+ * ahead and force a retry without EDNS*/
+ return ARES_TRUE;
+ }
+
+ return ARES_FALSE;
+}
+
/* Handle an answer from a server. This must NEVER cleanup the
* server connection! Return something other than ARES_SUCCESS to cause
* the connection to be terminated after this call. */
@@ -713,12 +758,10 @@ static ares_status_t process_answer(ares_channel_t *channel,
ares_llist_node_destroy(query->node_queries_to_conn);
query->node_queries_to_conn = NULL;
- /* If we use EDNS and server answers with FORMERR without an OPT RR, the
- * protocol extension is not understood by the responder. We must retry the
- * query without EDNS enabled. */
- if (ares_dns_record_get_rcode(rdnsrec) == ARES_RCODE_FORMERR &&
- ares_dns_get_opt_rr_const(query->query) != NULL &&
- ares_dns_get_opt_rr_const(rdnsrec) == NULL) {
+ /* There are old servers that don't understand EDNS at all, then some servers
+ * that have non-compliant implementations. Lets try to detect this sort
+ * of thing. */
+ if (issue_might_be_edns(query->query, rdnsrec)) {
status = rewrite_without_edns(query);
if (status != ARES_SUCCESS) {
end_query(channel, server, query, status, NULL);
diff --git a/contrib/libs/c-ares/src/lib/ares_send.c b/contrib/libs/c-ares/src/lib/ares_send.c
index ca178a1741..6efa9580b2 100644
--- a/contrib/libs/c-ares/src/lib/ares_send.c
+++ b/contrib/libs/c-ares/src/lib/ares_send.c
@@ -153,6 +153,11 @@ ares_status_t ares_send_nolock(ares_channel_t *channel, ares_server_t *server,
/* Duplicate Query */
status = ares_dns_record_duplicate_ex(&query->query, dnsrec);
if (status != ARES_SUCCESS) {
+ /* Sometimes we might get a EBADRESP response from duplicate due to
+ * the way it works (write and parse), rewrite it to EBADQUERY. */
+ if (status == ARES_EBADRESP) {
+ status = ARES_EBADQUERY;
+ }
ares_free(query);
callback(arg, status, 0, NULL);
return status;
diff --git a/contrib/libs/c-ares/src/lib/event/ares_event_thread.c b/contrib/libs/c-ares/src/lib/event/ares_event_thread.c
index 24b55d6945..d59b7880a4 100644
--- a/contrib/libs/c-ares/src/lib/event/ares_event_thread.c
+++ b/contrib/libs/c-ares/src/lib/event/ares_event_thread.c
@@ -354,14 +354,16 @@ static void *ares_event_thread(void *arg)
ares_process_pending_write(e->channel);
}
+ /* Relock before we loop again */
+ ares_thread_mutex_lock(e->mutex);
+
/* Each iteration should do timeout processing and any other cleanup
* that may not have been performed */
if (e->isup) {
+ ares_thread_mutex_unlock(e->mutex);
ares_process_fds(e->channel, NULL, 0, ARES_PROCESS_FLAG_NONE);
+ ares_thread_mutex_lock(e->mutex);
}
-
- /* Relock before we loop again */
- ares_thread_mutex_lock(e->mutex);
}
/* Lets cleanup while we're in the thread itself */
diff --git a/contrib/libs/c-ares/ya.make b/contrib/libs/c-ares/ya.make
index 80562018e2..563e13e08e 100644
--- a/contrib/libs/c-ares/ya.make
+++ b/contrib/libs/c-ares/ya.make
@@ -12,9 +12,9 @@ LICENSE(
LICENSE_TEXTS(.yandex_meta/licenses.list.txt)
-VERSION(1.34.2)
+VERSION(1.34.3)
-ORIGINAL_SOURCE(https://github.com/c-ares/c-ares/archive/v1.34.2.tar.gz)
+ORIGINAL_SOURCE(https://github.com/c-ares/c-ares/archive/v1.34.3.tar.gz)
PEERDIR(
contrib/libs/libc_compat