0
0
mirror of https://github.com/nodejs/node.git synced 2024-11-21 21:19:50 +01:00
nodejs/test/parallel/test-dns-resolveany.js
Brad House 345d16cc50 test: fix dns test case failures after c-ares update to 1.21.0+
c-ares has made intentional changes to the behavior of TXT records
to comply with RFC 7208, which concatenates multiple strings for
the same TXT record into a single string.  Multiple TXT records
are not concatenated.

Also, response handling has changed, such that a response which is
completely invalid in formatting is thrown away as a malicious
forged/spoofed packet rather than returning EBADRESP.  This is one
step toward RFC 9018 (EDNS COOKIES) which will require the message
to at least be structurally valid to validate against spoofed
records.

Fix By: Brad House (@bradh352)

PR-URL: https://github.com/nodejs/node/pull/50743
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Fixes: https://github.com/nodejs/node/issues/50741
Refs: https://github.com/nodejs/node/issues/50444
2023-11-24 15:59:39 +01:00

70 lines
1.8 KiB
JavaScript

'use strict';
const common = require('../common');
const dnstools = require('../common/dns');
const dns = require('dns');
const assert = require('assert');
const dgram = require('dgram');
const dnsPromises = dns.promises;
const answers = [
{ type: 'A', address: '1.2.3.4', ttl: 123 },
{ type: 'AAAA', address: '::42', ttl: 123 },
{ type: 'MX', priority: 42, exchange: 'foobar.com', ttl: 124 },
{ type: 'NS', value: 'foobar.org', ttl: 457 },
{ type: 'TXT', entries: [ 'v=spf1 ~all xyz\0foo' ] },
{ type: 'PTR', value: 'baz.org', ttl: 987 },
{
type: 'SOA',
nsname: 'ns1.example.com',
hostmaster: 'admin.example.com',
serial: 156696742,
refresh: 900,
retry: 900,
expire: 1800,
minttl: 60
},
{
type: 'CAA',
critical: 128,
issue: 'platynum.ch'
},
];
const server = dgram.createSocket('udp4');
server.on('message', common.mustCall((msg, { address, port }) => {
const parsed = dnstools.parseDNSPacket(msg);
const domain = parsed.questions[0].domain;
assert.strictEqual(domain, 'example.org');
server.send(dnstools.writeDNSPacket({
id: parsed.id,
questions: parsed.questions,
answers: answers.map((answer) => Object.assign({ domain }, answer)),
}), port, address);
}, 2));
server.bind(0, common.mustCall(async () => {
const address = server.address();
dns.setServers([`127.0.0.1:${address.port}`]);
validateResults(await dnsPromises.resolveAny('example.org'));
dns.resolveAny('example.org', common.mustSucceed((res) => {
validateResults(res);
server.close();
}));
}));
function validateResults(res) {
// TTL values are only provided for A and AAAA entries.
assert.deepStrictEqual(res.map(maybeRedactTTL), answers.map(maybeRedactTTL));
}
function maybeRedactTTL(r) {
const ret = { ...r };
if (!['A', 'AAAA'].includes(r.type))
delete ret.ttl;
return ret;
}