rpms/c-ares
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Auto sync2gitlab import of c-ares-1.13.0-6.el8.src.rpm

Browse Source
This commit is contained in:
James Antill 2022-05-26 01:04:04 -04:00
parent 3f7f04d725
commit 58248cea93
7 changed files with 507 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
/c-ares-1.13.0.tar.gz

41
0001-Use-RPM-compiler-options.patch Normal file
View File

@ -0,0 +1,41 @@
From 7dada62a77e061c752123e672e844386ff3b01ea Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Wed, 10 Apr 2013 12:32:44 -0400
Subject: [PATCH] Use RPM compiler options
---
m4/cares-compilers.m4 | 19 ++++++-------------
1 file changed, 6 insertions(+), 13 deletions(-)
diff --git a/m4/cares-compilers.m4 b/m4/cares-compilers.m4
index 7ee8e0dbe741c1a64149a0d20b826f507b3ec620..d7708230fb5628ae80fbf1052da0d2c78ebbc160 100644
--- a/m4/cares-compilers.m4
+++ b/m4/cares-compilers.m4
@@ -143,19 +143,12 @@ AC_DEFUN([CARES_CHECK_COMPILER_GNU_C], [
gccvhi=`echo $gccver | cut -d . -f1`
gccvlo=`echo $gccver | cut -d . -f2`
compiler_num=`(expr $gccvhi "*" 100 + $gccvlo) 2>/dev/null`
- flags_dbg_all="-g -g0 -g1 -g2 -g3"
- flags_dbg_all="$flags_dbg_all -ggdb"
- flags_dbg_all="$flags_dbg_all -gstabs"
- flags_dbg_all="$flags_dbg_all -gstabs+"
- flags_dbg_all="$flags_dbg_all -gcoff"
- flags_dbg_all="$flags_dbg_all -gxcoff"
- flags_dbg_all="$flags_dbg_all -gdwarf-2"
- flags_dbg_all="$flags_dbg_all -gvms"
- flags_dbg_yes="-g"
- flags_dbg_off="-g0"
- flags_opt_all="-O -O0 -O1 -O2 -O3 -Os"
- flags_opt_yes="-O2"
- flags_opt_off="-O0"
+ flags_dbg_all=""
+ flags_dbg_yes=""
+ flags_dbg_off=""
+ flags_opt_all=""
+ flags_opt_yes=""
+ flags_opt_off=""
CURL_CHECK_DEF([_WIN32], [], [silent])
else
AC_MSG_RESULT([no])
--
1.8.1.4

198
0002-fix-CVE-2021-3672.patch Normal file
View File

@ -0,0 +1,198 @@
From 4bde615c5fa2a6a6f61ca533e46a062691d83f45 Mon Sep 17 00:00:00 2001
From: bradh352 <brad@brad-house.com>
Date: Fri, 11 Jun 2021 11:27:45 -0400
Subject: [PATCH 1/2] ares_expand_name() should escape more characters
RFC1035 5.1 specifies some reserved characters and escaping sequences
that are allowed to be specified. Expand the list of reserved characters
and also escape non-printable characters using the \DDD format as
specified in the RFC.
Bug Reported By: philipp.jeitner@sit.fraunhofer.de
Fix By: Brad House (@bradh352)
---
ares_expand_name.c | 41 ++++++++++++++++++++++++++++++++++++++---
1 file changed, 38 insertions(+), 3 deletions(-)
diff --git a/ares_expand_name.c b/ares_expand_name.c
index 3a38e67..8604543 100644
--- a/ares_expand_name.c
+++ b/ares_expand_name.c
@@ -38,6 +38,26 @@
static int name_length(const unsigned char *encoded, const unsigned char *abuf,
int alen);
+/* Reserved characters for names that need to be escaped */
+static int is_reservedch(int ch)
+{
+ switch (ch) {
+ case '"':
+ case '.':
+ case ';':
+ case '\\':
+ case '(':
+ case ')':
+ case '@':
+ case '$':
+ return 1;
+ default:
+ break;
+ }
+
+ return 0;
+}
+
/* Expand an RFC1035-encoded domain name given by encoded. The
* containing message is given by abuf and alen. The result given by
* *s, which is set to a NUL-terminated allocated buffer. *enclen is
@@ -117,9 +137,18 @@ int ares_expand_name(const unsigned char *encoded, const unsigned char *abuf,
p++;
while (len--)
{
- if (*p == '.' || *p == '\\')
+ if (!isprint(*p)) {
+ /* Output as \DDD for consistency with RFC1035 5.1 */
+ *q++ = '\\';
+ *q++ = '0' + *p / 100;
+ *q++ = '0' + (*p % 100) / 10;
+ *q++ = '0' + (*p % 10);
+ } else if (is_reservedch(*p)) {
*q++ = '\\';
- *q++ = *p;
+ *q++ = *p;
+ } else {
+ *q++ = *p;
+ }
p++;
}
*q++ = '.';
@@ -177,7 +206,13 @@ static int name_length(const unsigned char *encoded, const unsigned char *abuf,
encoded++;
while (offset--)
{
- n += (*encoded == '.' || *encoded == '\\') ? 2 : 1;
+ if (!isprint(*encoded)) {
+ n += 4;
+ } else if (is_reservedch(*encoded)) {
+ n += 2;
+ } else {
+ n += 1;
+ }
encoded++;
}
n++;
--
2.26.3
From 86cc9241f89c1155111b992ccc03bf76d8ae634a Mon Sep 17 00:00:00 2001
From: bradh352 <brad@brad-house.com>
Date: Fri, 11 Jun 2021 12:39:24 -0400
Subject: [PATCH 2/2] ares_expand_name(): fix formatting and handling of root
name response
Fixes issue introduced in prior commit with formatting and handling
of parsing a root name response which should not be escaped.
Fix By: Brad House
---
ares_expand_name.c | 62 ++++++++++++++++++++++++++++++----------------
1 file changed, 40 insertions(+), 22 deletions(-)
diff --git a/ares_expand_name.c b/ares_expand_name.c
index 8604543..f89ee3f 100644
--- a/ares_expand_name.c
+++ b/ares_expand_name.c
@@ -133,27 +133,37 @@ int ares_expand_name(const unsigned char *encoded, const unsigned char *abuf,
}
else
{
- len = *p;
+ int name_len = *p;
+ len = name_len;
p++;
+
while (len--)
{
- if (!isprint(*p)) {
- /* Output as \DDD for consistency with RFC1035 5.1 */
- *q++ = '\\';
- *q++ = '0' + *p / 100;
- *q++ = '0' + (*p % 100) / 10;
- *q++ = '0' + (*p % 10);
- } else if (is_reservedch(*p)) {
- *q++ = '\\';
- *q++ = *p;
- } else {
- *q++ = *p;
- }
+ /* Output as \DDD for consistency with RFC1035 5.1, except
+ * for the special case of a root name response */
+ if (!isprint(*p) && !(name_len == 1 && *p == 0))
+ {
+
+ *q++ = '\\';
+ *q++ = '0' + *p / 100;
+ *q++ = '0' + (*p % 100) / 10;
+ *q++ = '0' + (*p % 10);
+ }
+ else if (is_reservedch(*p))
+ {
+ *q++ = '\\';
+ *q++ = *p;
+ }
+ else
+ {
+ *q++ = *p;
+ }
p++;
}
*q++ = '.';
}
- }
+ }
+
if (!indir)
*enclen = aresx_uztosl(p + 1U - encoded);
@@ -200,21 +210,29 @@ static int name_length(const unsigned char *encoded, const unsigned char *abuf,
}
else if (top == 0x00)
{
- offset = *encoded;
+ int name_len = *encoded;
+ offset = name_len;
if (encoded + offset + 1 >= abuf + alen)
return -1;
encoded++;
+
while (offset--)
{
- if (!isprint(*encoded)) {
- n += 4;
- } else if (is_reservedch(*encoded)) {
- n += 2;
- } else {
- n += 1;
- }
+ if (!isprint(*encoded) && !(name_len == 1 && *encoded == 0))
+ {
+ n += 4;
+ }
+ else if (is_reservedch(*encoded))
+ {
+ n += 2;
+ }
+ else
+ {
+ n += 1;
+ }
encoded++;
}
+
n++;
}
else
--
2.26.3

1
EMPTY
View File

@ -1 +0,0 @@

12
LICENSE Normal file
View File

@ -0,0 +1,12 @@
Copyright (C) 2004 by Daniel Stenberg et al
Permission to use, copy, modify, and distribute this software and its
documentation for any purpose and without fee is hereby granted, provided
that the above copyright notice appear in all copies and that both that
copyright notice and this permission notice appear in supporting
documentation, and that the name of M.I.T. not be used in advertising or
publicity pertaining to distribution of the software without specific,
written prior permission. M.I.T. makes no representations about the
suitability of this software for any purpose. It is provided "as is"
without express or implied warranty.

254
c-ares.spec Normal file
View File

@ -0,0 +1,254 @@
Summary: A library that performs asynchronous DNS operations
Name: c-ares
Version: 1.13.0
Release: 6%{?dist}
License: MIT
Group: System Environment/Libraries
URL: http://c-ares.haxx.se/
Source0: http://c-ares.haxx.se/download/%{name}-%{version}.tar.gz
# The license can be obtained at http://c-ares.haxx.se/license.html
Source1: LICENSE
Patch0: 0001-Use-RPM-compiler-options.patch
Patch1: 0002-fix-CVE-2021-3672.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: libtool
%description
c-ares is a C library that performs DNS requests and name resolves
asynchronously. c-ares is a fork of the library named 'ares', written
by Greg Hudson at MIT.
%package devel
Summary: Development files for c-ares
Group: Development/Libraries
Requires: %{name} = %{version}-%{release}
Requires: pkgconfig
%description devel
This package contains the header files and libraries needed to
compile applications or shared objects that use c-ares.
%prep
%setup -q
%patch0 -p1 -b .optflags
%patch1 -p1 -b .dns
cp %{SOURCE1} .
f=CHANGES ; iconv -f iso-8859-1 -t utf-8 $f -o $f.utf8 ; mv $f.utf8 $f
%build
autoreconf -if
%configure --enable-shared --disable-static \
--disable-dependency-tracking
%{__make} %{?_smp_mflags}
%install
rm -rf $RPM_BUILD_ROOT
make DESTDIR=$RPM_BUILD_ROOT install
rm -f $RPM_BUILD_ROOT/%{_libdir}/libcares.la
%clean
rm -rf $RPM_BUILD_ROOT
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%files
%defattr(-, root, root)
%doc README.cares CHANGES NEWS LICENSE
%{_libdir}/*.so.*
%files devel
%defattr(-, root, root, 0755)
%{_includedir}/ares.h
%{_includedir}/ares_build.h
%{_includedir}/ares_dns.h
%{_includedir}/ares_rules.h
%{_includedir}/ares_version.h
%{_libdir}/*.so
%{_libdir}/pkgconfig/libcares.pc
%{_mandir}/man3/ares_*
%changelog
* Fri Oct 15 2021 Alexey Tikhonov <atikhono@redhat.com> - 1.13.0-6
- Resolves: rhbz#1989425 - CVE-2021-3672 c-ares: missing input validation of host names may lead to Domain Hijacking [rhel-8]
* Mon Aug 13 2018 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-5
- Drop an unused patch
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.13.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.13.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.13.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Tue Jun 20 2017 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-1
- update to 1.13.0
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.12.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Thu Sep 29 2016 Tom Callaway <spot@fedoraproject.org> - 1.12.0-1
- update to 1.12.0
* Fri Feb 19 2016 Jakub Hrozek <jhrozek@redhat.com> - 1.11.0
- New upstream version 1.11.0
* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.10.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.10.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Fri Aug 15 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.10.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.10.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.10.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Mon May 13 2013 Jakub Hrozek <jhrozek@redhat.com> - 1.10.1-1
- New upstream release 1.10
- Obsolete upstreamed patches
- Amend the multilib patch, there's no need to patch configure since we
are running autoreconf anyways
- https://raw.github.com/bagder/c-ares/cares-1_10_0/RELEASE-NOTES
* Thu Apr 11 2013 Jakub Hrozek <jhrozek@redhat.com> - 1.9.1-6
- Apply an upstream patch to override AC_CONFIG_MACRO_DIR only conditionally
* Thu Apr 11 2013 Jakub Hrozek <jhrozek@redhat.com> - 1.9.1-5
- Apply a patch by Stephen Gallagher to patch autoconf, not configure to
allow optflags to be passed in by build environment
- Run autoreconf before configure
- git rm obsolete patches
- Apply upstream patch to stop overriding AC_CONFIG_MACRO_DIR
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.9.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Wed Aug 8 2012 Jakub Hrozek <jhrozek@redhat.com> - 1.9.1-3
- Include URL to the license text
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.9.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Mon Jun 25 2012 Tom Callaway <spot@fedoraproject.org> - 1.9.1-1
- update to 1.9.1
* Sat Apr 28 2012 Tom Callaway <spot@fedoraproject.org> - 1.8.0-1
- update to 1.8.0
- fix multilib patch (thanks to Paul Howarth)
* Thu Jan 12 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.7.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Wed Aug 17 2011 Jakub Hrozek <jhrozek@redhat.com> - 1.7.5-1
- New upstream release 1.7.5
- Obsoletes patch #2
- Rebase patch #1 (optflags) to match the 1.7.5 code
- Fixed Source0 URL to point at the upstream tarball
* Mon Apr 11 2011 Jakub Hrozek <jhrozek@redhat.com> - 1.7.4-3
- Apply upstream patch to fix rhbz#695424
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.7.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Fri Dec 10 2010 Tom "spot" Callaway <tcallawa@redhat.com> - 1.7.4-1
- update to 1.7.4
* Wed Aug 25 2010 Jakub Hrozek <jhrozek@redhat.com> - 1.7.3-3
- Actually apply the patches
* Wed Aug 25 2010 Jakub Hrozek <jhrozek@redhat.com> - 1.7.3-2
- apply couple of patches from upstream
* Tue Jun 15 2010 Jakub Hrozek <jhrozek@redhat.com> - 1.7.3-1
- Upgrade to new upstream release 1.7.3 (obsoletes search/domain patch)
- Fix conflict of -devel packages on multilib architectures (#602880)
* Thu Jun 3 2010 Jakub Hrozek <jhrozek@redhat.com> - 1.7.1-2
- Use last instance of search/domain, not the first one (#597286)
* Tue Mar 23 2010 Jakub Hrozek <jhrozek@redhat.com> - 1.7.1-1
- update to 1.7.1 which contains the IPv6 nameserver patch
* Sun Mar 7 2010 Jakub Hrozek <jhrozek@redhat.com> - 1.7.0-3
- Change IPv6 nameserver patch according to upstream changes
(upstream revisions 1199,1201,1202)
* Wed Mar 3 2010 Jakub Hrozek <jhrozek@redhat.com> - 1.7.0-2
- Add a patch to allow usage of IPv6 nameservers
* Tue Dec 1 2009 Tom "spot" Callaway <tcallawa@redhat.com> - 1.7.0-1
- update to 1.7.0
* Sat Jul 25 2009 Ville Skyttä <ville.skytta at iki.fi> - 1.6.0-3
- Patch to make upstream build system honor our CFLAGS and friends.
- Don't bother building throwaway static libs.
- Disable autotools dependency tracking for cleaner build logs and possible
slight build speedup.
- Convert docs to UTF-8.
- Update URLs.
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.6.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Wed Jul 22 2009 Tom "spot" Callaway <tcallawa@redhat.com> - 1.6.0-1
- update to 1.6.0
* Mon Feb 23 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Fri Sep 12 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 1.5.3-1
- update to 1.5.3
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 1.5.1-2
- Autorebuild for GCC 4.3
* Tue Feb 19 2008 Tom "spot" Callaway <tcallawa@redhat.com> 1.5.1-1
- update to 1.5.1
* Thu Aug 23 2007 Tom "spot" Callaway <tcallawa@redhat.com> 1.4.0-2
- rebuild for ppc32
* Wed Jun 27 2007 Tom "spot" Callaway <tcallawa@redhat.com> 1.4.0-1
- bump to 1.4.0 (resolves bugzilla 243591)
- get rid of static library (.a)
* Wed Jan 17 2007 Tom "spot" Callaway <tcallawa@redhat.com> 1.3.2-1
- bump to 1.3.2
* Mon Sep 11 2006 Tom "spot" Callaway <tcallawa@redhat.com> 1.3.1-2
- FC-6 bump
* Mon Jul 10 2006 Tom "spot" Callaway <tcallawa@redhat.com> 1.3.1-1
- bump to 1.3.1
* Tue Feb 28 2006 Tom "spot" Callaway <tcallawa@redhat.com> 1.3.0-2
- bump for FC-5 rebuild
* Sun Sep 4 2005 Tom "spot" Callaway <tcallawa@redhat.com> 1.3.0-1
- include LICENSE text
- bump to 1.3.0
* Tue May 31 2005 Tom "spot" Callaway <tcallawa@redhat.com> 1.2.1-4
- use dist tag to prevent EVR overlap
* Fri Apr 22 2005 Tom "spot" Callaway <tcallawa@redhat.com> 1.2.1-2
- fix license (MIT, not LGPL)
- get rid of libcares.la
* Fri Apr 22 2005 Tom "spot" Callaway <tcallawa@redhat.com> 1.2.1-1
- initial package creation

1
sources Normal file
View File

@ -0,0 +1 @@
SHA512 (c-ares-1.13.0.tar.gz) = 4a7942e754673f5b8d55a7471e31b0f390e8324b14c12077580c956147fad4d165c7fe8a3190199b1add95c710ceeb1a7957706d4f0d6299d39c5dddc719bd9d