Tag: Branch: Tree: 70f10a85f3

coverity_scan

main

v1.23

v1.24

v1.25

v1.26

v1.27

v1.28

v1.29

v1.30

v1.31

v1.32

v1.33

v1.34

c-ares-1_17_0

c-ares-1_2_0

cares-1_10_0

cares-1_11_0

cares-1_11_0-rc1

cares-1_12_0

cares-1_13_0

cares-1_14_0

cares-1_15_0

cares-1_16_0

cares-1_16_1

cares-1_17_1

cares-1_17_2

cares-1_18_0

cares-1_18_1

cares-1_19_0

cares-1_19_1

cares-1_1_0

cares-1_20_0

cares-1_20_1

cares-1_21_0

cares-1_22_0

cares-1_22_1

cares-1_23_0

cares-1_24_0

cares-1_25_0

cares-1_26_0

cares-1_27_0

cares-1_28_0

cares-1_28_1

cares-1_29_0

cares-1_2_1

cares-1_3_1

cares-1_3_2

cares-1_4_0

cares-1_5_0

cares-1_5_1

cares-1_5_2

cares-1_5_3

cares-1_6_0

cares-1_7_0

cares-1_7_1

cares-1_7_2

cares-1_7_3

cares-1_7_4

cares-1_7_5

cares-1_8_0

cares-1_9_0

cares-1_9_1

curl-7_10_8

curl-7_11_0

curl-7_11_1

curl-7_12_0

curl-7_12_1

curl-7_12_2

curl-7_13_0

curl-7_13_1

curl-7_13_2

curl-7_14_0

curl-7_14_1

curl-7_15_0

curl-7_15_1

curl-7_15_3

curl-7_15_4

curl-7_15_5

curl-7_15_6-prepipeline

curl-7_16_0

curl-7_16_1

curl-7_16_2

curl-7_16_3

curl-7_16_4

curl-7_17_0

curl-7_17_1

curl-7_18_0

curl-7_18_1

curl-7_18_2

curl-7_19_0

curl-7_19_2

curl-7_19_3

curl-7_19_4

curl-7_19_5

curl-7_19_6

curl-7_19_7

curl-7_20_0

v1.30.0

v1.31.0

v1.32.0

v1.32.1

v1.32.2

v1.32.3

v1.33.0

v1.33.1

v1.34.0

v1.34.1

v1.34.2

v1.34.3

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '70f10a85f3'

${ noResults }

Commit Graph

662 Commits (70f10a85f3cf2fda69a0fbcf9f5bdfb45bae4961)

 

All Branches   

Search

Author	SHA1	Message	Date
Brad House	70f10a85f3	DNS 0x20 implementation (#800) ... This PR enables DNS 0x20 as per https://datatracker.ietf.org/doc/html/draft-vixie-dnsext-dns0x20-00 . DNS 0x20 adds additional entropy to the request by randomly altering the case of the DNS question to help prevent cache poisoning attacks. Google DNS has implemented this support as of 2023, even though this is a proposed and expired standard from 2008: https://groups.google.com/g/public-dns-discuss/c/KxIDPOydA5M There have been documented cases of name server and caching server non-conformance, though it is expected to become more rare, especially since Google has started using this. This can be enabled via the `ARES_FLAG_DNS0x20` flag, which is currently disabled by default. The test cases do however enable this flag to validate this feature. Implementors using this flag will notice that responses will retain the mixed case, but since DNS names are case-insensitive, any proper implementation should not be impacted. There is currently no fallback mechanism implemented as it isn't immediately clear how this may affect a stub resolver like c-ares where we aren't querying the authoritative name server, but instead an intermediate recursive resolver where some domains may return invalid results while others return valid results, all while querying the same nameserver. Likely using DNS cookies as suggested by #620 is a better mechanism to fight cache poisoning attacks for stub resolvers. TCP queries do not use this feature even if the `ARES_FLAG_DNS0x20` flag is specified since they are not subject to cache poisoning attacks. Fixes Issue: #795 Fix By: Brad House (@bradh352)	5 months ago
Brad House	5e1c3a7575	tell google test to print backtraces	5 months ago
Brad House	1dc567d9c0	fix wording in docs	5 months ago
Brad House	17cf8c04e8	revert change that didn't work for #796	5 months ago
Brad House	d2a3d954c4	coverity: fix new false positives	5 months ago
Brad House	c96200353d	valgrind: fix warning in test case	5 months ago
Brad House	51ca744459	Clean up header inclusion, simplification (#797) ... The header inclusion logic in c-ares is hard to follow. Lets try to simplify the way it works to make it easier to understand and less likely to break on new code changes. There's still more work to be done, but this is a good start at simplifying things. Fix By: Brad House (@bradh352)	5 months ago
Brad House	209e7077bb	thread safety enhancements	5 months ago
Brad House	93aa939169	thread deadlock: make sure channel lock isn't used recursively	5 months ago
Brad House	74a64e486a	ares_timeout: missing thread-safety lock	5 months ago
Brad House	ef186fe2a4	remove unused SEND_QUAL_ARG2	5 months ago
Brad House	0d1008355a	remove unneeded warning disablement	5 months ago
Brad House	7d6de797d1	MSVC: Prevent C1041 error ... error C1041: cannot open program database '....'; if multiple CL.EXE write to the same .PDB file, please use /FS might be output in some conditions, add /FS compiler flag to prevent it. Fixes Issue: #796 Fix By: Brad House (@bradh352)	5 months ago
Brad House	cd1ff7b2f3	remove outdated comment	5 months ago
Brad House	350be9e1f1	mingw32 build fix	5 months ago
Brad House	325c75abd0	don't try to install removed header ares_rules.h	5 months ago
Brad House	e57a5b877b	remove duplicate typedef	5 months ago
Brad House	adc6659486	simplify header include order	5 months ago
Brad House	94b69fbd45	try to fix build	5 months ago
Brad House	9b6f197fec	warning in test	5 months ago
Brad House	381d38d925	forcibly kill bogus warning	5 months ago
Brad House	1b8cfdedc9	build fix	5 months ago
Brad House	bdd08d8dd4	fix warning	5 months ago
Brad House	4b0326e129	try to clean up some windows-specific warnings	5 months ago
Brad House	853244bc58	build fix	5 months ago
Brad House	54808a5190	fix comments	5 months ago
Brad House	7efb5019a2	fix build warnings	5 months ago
Brad House	44d030e40f	updates	5 months ago
Brad House	8293a05f63	cleanup more warnings due to new compiler flags	5 months ago
Brad House	b417a79b9b	fix	5 months ago
Brad House	253bdee3bc	enable more GCC/clang warnings, fix reported warnings	5 months ago
Brad House	bbcb1a2bdf	clang-format	5 months ago
Brad House	c2b91beaef	fix epoll flags usage	5 months ago
Brad House	a488525f08	Automatic query timeout adjustment based on server history (#794) ... With very little effort we should be able to determine fairly proper timeouts we can use based on prior query history. We track in order to be able to auto-scale when network conditions change (e.g. maybe there is a provider failover and timings change due to that). Apple appears to do this within their system resolver in MacOS. Obviously we should have a minimum, maximum, and initial value to make sure the algorithm doesn't somehow go off the rails. Values: - Minimum Timeout: 250ms (approximate RTT half-way around the globe) - Maximum Timeout: 5000ms (Recommended timeout in RFC 1123), can be reduced by ARES_OPT_MAXTIMEOUTMS, but otherwise the bound specified by the option caps the retry timeout. - Initial Timeout: User-specified via configuration or ARES_OPT_TIMEOUTMS - Average latency multiplier: 5x (a local DNS server returning a cached value will be quicker than if it needs to recurse so we need to account for this) - Minimum Count for Average: 3. This is the minimum number of queries we need to form an average for the bucket. Per-server buckets for tracking latency over time (these are ephemeral meaning they don't persist once a channel is destroyed). We record both the current timespan for the bucket and the immediate preceding timespan in case of roll-overs we can still maintain recent metrics for calculations: - 1 minute - 15 minutes - 1 hr - 1 day - since inception Each bucket contains: - timestamp (divided by interval) - minimum latency - maximum latency - total time - count NOTE: average latency is (total time / count), we will calculate this dynamically when needed Basic algorithm for calculating timeout to use would be: - Scan from most recent bucket to least recent - Check timestamp of bucket, if doesn't match current time, continue to next bucket - Check count of bucket, if its not at least the "Minimum Count for Average", check the previous bucket, otherwise continue to next bucket - If we reached the end with no bucket match, use "Initial Timeout" - If bucket is selected, take ("total time" / count) as Average latency, multiply by "Average Latency Multiplier", bound by "Minimum Timeout" and "Maximum Timeout" NOTE: The timeout calculated may not be the timeout used. If we are retrying the query on the same server another time, then it will use a larger value On each query reply where the response is legitimate (proper response or NXDOMAIN) and not something like a server error: - Cycle through each bucket in order - Check timestamp of bucket against current timestamp, if out of date overwrite previous entry with values, clear current values - Compare current minimum and maximum recorded latency against query time and adjust if necessary - Increment "count" by 1 and "total time" by the query time Other Notes: - This is always-on, the only user-configurable value is the initial timeout which will simply re-uses the current option. - Minimum and Maximum latencies for a bucket are currently unused but are there in case we find a need for them in the future. Fixes Issue: #736 Fix By: Brad House (@bradh352)	5 months ago
Brad House	0b50983539	CI: MSYS2: try to take advantage of package caching	5 months ago
Brad House	8d2d2fc542	missing files	5 months ago
Brad House	fbbc68797d	split windows sysconfig into its own file	5 months ago
Brad House	827a1d523c	ares_queryloop: output server list	5 months ago
Brad House	f8d1e63840	ares_queryloop: properly capture CTRL-C and cleanup	5 months ago
Brad House	7ea18a83b3	test: clean up some minor warnings	5 months ago
Brad House	8cded20f3a	update some build instructions	5 months ago
Brad House	f37cb2f4fa	fix link typo	5 months ago
Brad House	7b353da759	CI: MSYS: enable static analyzer	5 months ago
Brad House	d6534de510	disable static analyzer, doesn't work due to link issues	5 months ago
Brad House	d0ccb5efd8	CI: Msys: attempt to build with clang static analyzer	5 months ago
Brad House	732a3d0d73	CI: Msys: need different build dirs	5 months ago
Brad House	f9faa3f05c	try to work around windows ASAN issue by not using std::string::npos	5 months ago
Brad House	536f3bd42b	fix compiler flags	5 months ago
Brad House	0d301b5729	logic fix	5 months ago
Brad House	6d27b72b93	try to enable windows ASAN	5 months ago