From f4f96b9ea609c21233479d8b8de0a43ee9ed45fc Mon Sep 17 00:00:00 2001
From: Brad House <brad@brad-house.com>
Date: Fri, 6 Oct 2023 07:55:15 -0400
Subject: [PATCH] 1.20.0 release prep (#557)

---
 CMakeLists.txt         |  4 +-
 RELEASE-NOTES          | 91 ++++++++++++++++++++++--------------------
 configure.ac           |  4 +-
 include/ares_version.h |  6 +--
 4 files changed, 54 insertions(+), 51 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index f6bc4d35..9c116919 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -10,7 +10,7 @@ INCLUDE (CheckCSourceCompiles)
 INCLUDE (CheckStructHasMember)
 INCLUDE (CheckLibraryExists)
 
-PROJECT (c-ares LANGUAGES C VERSION "1.19.1" )
+PROJECT (c-ares LANGUAGES C VERSION "1.20.0" )
 
 # Set this version before release
 SET (CARES_VERSION "${PROJECT_VERSION}")
@@ -28,7 +28,7 @@ INCLUDE (GNUInstallDirs) # include this *AFTER* PROJECT(), otherwise paths are w
 # For example, a version of 4:0:2 would generate output such as:
 #    libname.so   -> libname.so.2
 #    libname.so.2 -> libname.so.2.2.0
-SET (CARES_LIB_VERSIONINFO "8:1:6")
+SET (CARES_LIB_VERSIONINFO "9:0:7")
 
 
 OPTION (CARES_STATIC     "Build as a static library"                                             OFF)
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 2524f3cc..062f7a73 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -1,57 +1,60 @@
-c-ares version 1.19.1
+c-ares version 1.20.0
 
-This is a security and bugfix release.
+This is a feature and bugfix release with some significant internal changes.
 
-A special thanks goes out to the Open Source Technology Improvement Fund
-(https://ostif.org) for sponsoring a security audit of c-ares performed by X41
-(https://x41-dsec.de).
-
-Security:
- o CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service [12]
- o CVE-2023-31147. Moderate. Insufficient randomness in generation of DNS
-   query IDs [13]
- o CVE-2023-31130. Moderate. Buffer Underwrite in ares_inet_net_pton() [14]
- o CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE during cross
-   compilation [15]
+Changes:
+ o Update from 1989 MIT license text to modern MIT license text [1]
+ o Remove acountry from built tools as nerd.dk is gone [3]
+ o Add new ARES_OPT_UDP_MAX_QUERIES configuration option to limit the number of
+   queries that can be made from a single ephemeral port [7]
+ o Default per-query timeout has been reduced to 2s with a 3x retry count [8]
+ o Modernization: start implementing some common data structures that are easy
+   to use and hard to misuse.  This will make code refactoring easier and remove
+   some varied implementations in use.  This change also makes ares_timeout()
+   more efficient [9]
+ o Use SPDX identifiers and a REUSE CI job to verify [12]
+ o rand: add support for getrandom() [14]
 
 Bug fixes:
- o Fix uninitialized memory warning in test [1]
- o Turn off IPV6_V6ONLY on Windows to allow IPv4-mapped IPv6 addresses [2]
- o ares_getaddrinfo() should allow a port of 0 [3]
- o Fix memory leak in ares_send() on error [4]
- o Fix comment style in ares_data.h [5]
- o Remove unneeded ifdef for Windows [6]
- o Fix typo in ares_init_options.3 [7]
- o Re-add support for Watcom compiler [8]
- o Sync ax_pthread.m4 with upstream [9]
- o Windows: Invalid stack variable used out of scope for HOSTS path [10]
- o Sync ax_cxx_compile_stdcxx_11.m4 with upstream to fix uclibc support [11]
+ o TCP back to back queries were broken [2]
+ o Ensure queries for ares_getaddrinfo() are not requeued during destruction [4]
+ o ares_getaddrinfo() should not retry other address classes if one address
+   class has already been returned [5]
+ o Avoid production ill-formed result when qualifying a name with the root
+   domain [6]
+ o Fix missing prefix for CMake generated libcares.pc [10]
+ o DNS server ports will now be read from system configuration instead of
+   defaulting to port 53 [11]
+ o Remove some unreachable code [13]
+ o Replace usages of sprintf with snprintf [15]
+ o Fix Watcom instructions and update Windows URLs [16]
 
 Thanks go to these friendly people for their efforts and contributions:
+  Alexey A Tikhonov (@alexey-tikhonov)
+  Ben Noordhuis (@bnoordhuis)
   Brad House (@bradh352)
   @Chilledheart
   Daniel Stenberg (@bagder)
   Douglas R. Reno (@renodr)
-  Gregor Jasny (@gjasny)
-  Jay Freeman (@saurik)
-  @lifenjoiner
-  Nikolaos Chatzikonstantinou (@createyourpersonalaccount)
-  Yijie Ma (@yijiem)
+  Jérôme Duval (@korli)
+  Sam Morris (@yrro)
+  Tim Wojtulewicz (@timwoj)
 (9 contributors)
 
 References to bug reports and discussions on issues:
- [1] = https://github.com/c-ares/c-ares/pull/515
- [2] = https://github.com/c-ares/c-ares/pull/520
- [3] = https://github.com/c-ares/c-ares/issues/517
- [4] = https://github.com/c-ares/c-ares/pull/511
- [5] = https://github.com/c-ares/c-ares/pull/513
- [6] = https://github.com/c-ares/c-ares/pull/512
- [7] = https://github.com/c-ares/c-ares/pull/510
- [8] = https://github.com/c-ares/c-ares/pull/509
- [9] = https://github.com/c-ares/c-ares/pull/507
- [10] = https://github.com/c-ares/c-ares/pull/502
- [11] = https://github.com/c-ares/c-ares/pull/505
- [12] = https://github.com/c-ares/c-ares/security/advisories/GHSA-9g78-jv2r-p7vc
- [13] = https://github.com/c-ares/c-ares/security/advisories/GHSA-8r8p-23f3-64c2
- [14] = https://github.com/c-ares/c-ares/security/advisories/GHSA-x6mf-cxr9-8q6v
- [15] = https://github.com/c-ares/c-ares/security/advisories/GHSA-54xr-f67r-4pc4
+ [1] = https://github.com/c-ares/c-ares/pull/556
+ [2] = https://github.com/c-ares/c-ares/pull/552
+ [3] = https://github.com/c-ares/c-ares/pull/554
+ [4] = https://github.com/c-ares/c-ares/pull/553
+ [5] = https://github.com/c-ares/c-ares/pull/551
+ [6] = https://github.com/c-ares/c-ares/pull/546
+ [7] = https://github.com/c-ares/c-ares/pull/549
+ [8] = https://github.com/c-ares/c-ares/pull/542
+ [9] = https://github.com/c-ares/c-ares/pull/540
+ [10] = https://github.com/c-ares/c-ares/pull/530
+ [11] = https://github.com/c-ares/c-ares/pull/534
+ [12] = https://github.com/c-ares/c-ares/commit/c1b00c41
+ [13] = https://github.com/c-ares/c-ares/pull/527
+ [14] = https://github.com/c-ares/c-ares/pull/526
+ [15] = https://github.com/c-ares/c-ares/pull/525
+ [16] = https://github.com/c-ares/c-ares/pull/524
diff --git a/configure.ac b/configure.ac
index 6be1d038..9f0b5a87 100644
--- a/configure.ac
+++ b/configure.ac
@@ -20,10 +20,10 @@
 #############################################################
 AC_PREREQ([2.60])
 
-AC_INIT([c-ares], [1.19.1],
+AC_INIT([c-ares], [1.20.0],
   [c-ares mailing list: http://lists.haxx.se/listinfo/c-ares])
 
-CARES_VERSION_INFO="8:1:6"
+CARES_VERSION_INFO="9:0:7"
 dnl This flag accepts an argument of the form current[:revision[:age]]. So,
 dnl passing -version-info 3:12:1 sets current to 3, revision to 12, and age to
 dnl 1.
diff --git a/include/ares_version.h b/include/ares_version.h
index ed9c5535..fa83494f 100644
--- a/include/ares_version.h
+++ b/include/ares_version.h
@@ -31,12 +31,12 @@
 #define ARES_COPYRIGHT "2004 - 2023 Daniel Stenberg, <daniel@haxx.se>."
 
 #define ARES_VERSION_MAJOR 1
-#define ARES_VERSION_MINOR 19
-#define ARES_VERSION_PATCH 1
+#define ARES_VERSION_MINOR 20
+#define ARES_VERSION_PATCH 0
 #define ARES_VERSION ((ARES_VERSION_MAJOR<<16)|\
                        (ARES_VERSION_MINOR<<8)|\
                        (ARES_VERSION_PATCH))
-#define ARES_VERSION_STR "1.19.1"
+#define ARES_VERSION_STR "1.20.0"
 
 #if (ARES_VERSION >= 0x010700)
 #  define CARES_HAVE_ARES_LIBRARY_INIT 1