-
Notifications
You must be signed in to change notification settings - Fork 30.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to resolve A when record points to CNAME containing underscore #39780
Comments
Yeah, it was introduced on v16.6.2 release. c-ares was updated in that release. c-ares seems start to enforce hostname validation in c-ares/c-ares#406. |
Hi @Ayase-252, thanks for the explanation. This validation seems too strict as it does not allow for underscores in hostnames (for A, AAAA and CNAME records) contrary to what RFC 2181 states in its 11th section: https://www.rfc-editor.org/rfc/rfc2181.html#section-11 Namely, browsers, dns utilities (think dig, nslookup) and usual utilities relying on system resolvers (thinking about ping) all support hostnames containing underscore (and IIUC they should support any ASCII character). |
So, there is a difference between acceptable domain name and acceptable hostname. One should not be confused with another.
This should resolve even though _ldap is not a valid hostname. |
I see, thanks for the explanation. |
Please see c-ares/c-ares@5c995d50 |
Many thanks @bradh352, I'll wait for the node release to test it before closing the issue. |
Hi @bradh352, would it be possible to include this fix in the next version of Node? |
@m-roussee, @bagder: I don't see any reason to not start staging a c-ares 1.18.0 release. There have been quite a few code changes and now that we have Cirrus-CI as a replacement for Travis-CI so auto-builds are happening again, I have greater confidence in the release process going smoothly. I'll start the process on my end, but @bagder is the one that needs to actually push it live. |
I'll be ready to press the necessary key combos to make it happen. |
@bagder: ready when you are c-ares/c-ares@800e472 |
Roger that. I'll make it happen later tonight my time. |
c-ares 1.18.0 is officially shipped |
We have updated c-ares to 1.18.1 in #40660, and released it in v17.1.0 It should be resolved now. Feel free to reopen the issue if it is not the case. |
Can this please be backported to v16? |
Notable changes This release contains a c-ares update to fix a regression introduced in Node.js 14.17.5 resolving CNAME records containing underscores (#39780). Also included are commits to allow Node.js 14 to continue to build and pass tests on our Jenkins CI, including adding Python 3.10 to the list of allowable Python versions for building. PR-URL: #40969
Notable changes This release contains a c-ares update to fix a regression introduced in Node.js 14.17.5 resolving CNAME records containing underscores (#39780). Also included are commits to allow Node.js 14 to continue to build and pass tests on our Jenkins CI, including adding Python 3.10 to the list of allowable Python versions for building. PR-URL: #40969
Can this also be backported to v12 please? I'm seeing the same issue there on 12.22.7, and it looks like this started from 12.22.5. |
Notable changes This release contains a c-ares update to fix a regression introduced in Node.js 14.17.5 resolving CNAME records containing underscores (#39780). Also included are commits to allow Node.js 14 to continue to build and pass tests on our Jenkins CI, including adding Python 3.10 to the list of allowable Python versions for building. PR-URL: #40969
I've cherry-picked #40660 onto the |
@richardlau Thanks for the update! Is it possible to request some help prioritizing a release, or get an estimated timeframe for when the next v12 release will happen? To forward some context, this is currently causing a consistent issue for some of our customers. While the problem isn't super widespread, those specific customers' use cases (that is, when requesting a specific URL) is just totally broken right now. "20% of the time, it fails all the time". 😢 |
@FredZhao-at I've opened #41161 for discussion -- let's try to get a release on Thursday. There's an OpenSSL release due out tomorrow so hopefully we'll be able to include that as well. I'm taking time off work next week until the New Year so if the release doesn't happen by the end of this week it'll probably be early January. |
Notable changes This release contains a c-ares update to fix a regression introduced in Node.js 14.17.5 resolving CNAME records containing underscores (nodejs#39780). Also included are commits to allow Node.js 14 to continue to build and pass tests on our Jenkins CI, including adding Python 3.10 to the list of allowable Python versions for building. PR-URL: nodejs#40969
Notable changes: This release contains a c-ares update to fix a regression introduced in Node.js 12.22.5 resolving CNAME records containing underscores (nodejs#39780). Root certificates have been updated to those from Mozilla's Network Security Services 3.71 (nodejs#40280). PR-URL: nodejs#41161
Version
v14.17.5
Platform
Darwin abc.local 20.6.0 Darwin Kernel Version 20.6.0: Wed Jun 23 00:26:31 PDT 2021; root:xnu-7195.141.2~5/RELEASE_X86_64 x86_64 i386 MacBookPro15,2 Darwin
Subsystem
No response
What steps will reproduce the bug?
How often does it reproduce? Is there a required condition?
It reproduces everytime.
What is the expected behavior?
What do you see instead?
Additional information
It seems to have been introduced in latest release (it works fine under 14.17.4) and seems related to hostname validation, I suspect it fails because the CNAME record contains underscores.
The text was updated successfully, but these errors were encountered: