Skip to content

Commit

Permalink
fix: RUSTSEC-2024-0421 by upgrading idna
Browse files Browse the repository at this point in the history
  • Loading branch information
hanabi1224 authored Dec 11, 2024
1 parent 524afb4 commit cda1470
Show file tree
Hide file tree
Showing 8 changed files with 358 additions and 74 deletions.
382 changes: 326 additions & 56 deletions Cargo.lock

Large diffs are not rendered by default.

7 changes: 5 additions & 2 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -78,13 +78,13 @@ libp2p-autonat = { version = "0.13.2", path = "protocols/autonat" }
libp2p-connection-limits = { version = "0.4.1", path = "misc/connection-limits" }
libp2p-core = { version = "0.42.1", path = "core" }
libp2p-dcutr = { version = "0.12.1", path = "protocols/dcutr" }
libp2p-dns = { version = "0.42.0", path = "transports/dns" }
libp2p-dns = { version = "0.42.1", path = "transports/dns" }
libp2p-floodsub = { version = "0.45.0", path = "protocols/floodsub" }
libp2p-gossipsub = { version = "0.48.0", path = "protocols/gossipsub" }
libp2p-identify = { version = "0.46.0", path = "protocols/identify" }
libp2p-identity = { version = "0.2.10" }
libp2p-kad = { version = "0.47.1", path = "protocols/kad" }
libp2p-mdns = { version = "0.46.0", path = "protocols/mdns" }
libp2p-mdns = { version = "0.46.1", path = "protocols/mdns" }
libp2p-memory-connection-limits = { version = "0.3.1", path = "misc/memory-connection-limits" }
libp2p-metrics = { version = "0.15.0", path = "misc/metrics" }
libp2p-mplex = { version = "0.42.0", path = "muxers/mplex" }
Expand Down Expand Up @@ -115,10 +115,13 @@ libp2p-webtransport-websys = { version = "0.4.1", path = "transports/webtranspor
libp2p-yamux = { version = "0.46.0", path = "muxers/yamux" }

# External dependencies
async-std-resolver = { version = "0.25.0-alpha.4", default-features = false }
asynchronous-codec = { version = "0.7.0" }
futures = "0.3.30"
futures-bounded = { version = "0.2.4" }
futures-rustls = { version = "0.26.0", default-features = false }
hickory-proto = { version = "0.25.0-alpha.4", default-features = false }
hickory-resolver = { version = "0.25.0-alpha.4", default-features = false }
multiaddr = "0.18.1"
multihash = "0.19.1"
multistream-select = { version = "0.13.0", path = "misc/multistream-select" }
Expand Down
5 changes: 5 additions & 0 deletions protocols/mdns/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
## 0.46.1

- Upgrade `hickory-proto`.
See [PR 5727](https://github.com/libp2p/rust-libp2p/pull/5727)

## 0.46.0

<!-- Update to libp2p-swarm v0.45.0 -->
Expand Down
4 changes: 2 additions & 2 deletions protocols/mdns/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
name = "libp2p-mdns"
edition = "2021"
rust-version = { workspace = true }
version = "0.46.0"
version = "0.46.1"
description = "Implementation of the libp2p mDNS discovery method"
authors = ["Parity Technologies <[email protected]>"]
license = "MIT"
Expand All @@ -24,7 +24,7 @@ smallvec = "1.13.2"
socket2 = { version = "0.5.7", features = ["all"] }
tokio = { workspace = true, default-features = false, features = ["net", "time"], optional = true}
tracing = { workspace = true }
hickory-proto = { version = "0.24.1", default-features = false, features = ["mdns"] }
hickory-proto = { workspace = true, features = ["mdns"] }

[features]
tokio = ["dep:tokio", "if-watch/tokio"]
Expand Down
8 changes: 4 additions & 4 deletions protocols/mdns/src/behaviour/iface/query.rs
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ impl MdnsPacket {
pub(crate) fn new_from_bytes(
buf: &[u8],
from: SocketAddr,
) -> Result<Option<MdnsPacket>, hickory_proto::error::ProtoError> {
) -> Result<Option<MdnsPacket>, hickory_proto::ProtoError> {
let packet = Message::from_vec(buf)?;

if packet.query().is_none() {
Expand Down Expand Up @@ -161,7 +161,7 @@ impl MdnsResponse {
return None;
}

let RData::PTR(record_value) = record.data()? else {
let RData::PTR(record_value) = record.data() else {
return None;
};

Expand Down Expand Up @@ -243,7 +243,7 @@ impl MdnsPeer {
return None;
}

if let Some(RData::TXT(ref txt)) = add_record.data() {
if let RData::TXT(ref txt) = add_record.data() {
Some(txt)
} else {
None
Expand Down Expand Up @@ -341,7 +341,7 @@ mod tests {
if record.name().to_utf8() != SERVICE_NAME_FQDN {
return None;
}
let Some(RData::PTR(record_value)) = record.data() else {
let RData::PTR(record_value) = record.data() else {
return None;
};
Some(record_value)
Expand Down
5 changes: 5 additions & 0 deletions transports/dns/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
## 0.42.1

- Upgrade `async-std-resolver` and `hickory-resolver`.
See [PR 5727](https://github.com/libp2p/rust-libp2p/pull/5727)

## 0.42.0

- Implement refactored `Transport`.
Expand Down
6 changes: 3 additions & 3 deletions transports/dns/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -3,21 +3,21 @@ name = "libp2p-dns"
edition = "2021"
rust-version = { workspace = true }
description = "DNS transport implementation for libp2p"
version = "0.42.0"
version = "0.42.1"
authors = ["Parity Technologies <[email protected]>"]
license = "MIT"
repository = "https://github.com/libp2p/rust-libp2p"
keywords = ["peer-to-peer", "libp2p", "networking"]
categories = ["network-programming", "asynchronous"]

[dependencies]
async-std-resolver = { version = "0.24", optional = true }
async-std-resolver = { workspace = true, features = ["system-config"], optional = true }
async-trait = "0.1.80"
futures = { workspace = true }
libp2p-core = { workspace = true }
libp2p-identity = { workspace = true }
parking_lot = "0.12.3"
hickory-resolver = { version = "0.24.1", default-features = false, features = ["system-config"] }
hickory-resolver = { workspace = true, features = ["system-config"] }
smallvec = "1.13.2"
tracing = { workspace = true }

Expand Down
15 changes: 8 additions & 7 deletions transports/dns/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -117,12 +117,12 @@ pub mod async_std {
pub mod tokio {
use std::sync::Arc;

use hickory_resolver::{system_conf, TokioAsyncResolver};
use hickory_resolver::{system_conf, TokioResolver};
use parking_lot::Mutex;

/// A `Transport` wrapper for performing DNS lookups when dialing `Multiaddr`esses
/// using `tokio` for all async I/O.
pub type Transport<T> = crate::Transport<T, TokioAsyncResolver>;
pub type Transport<T> = crate::Transport<T, TokioResolver>;

impl<T> Transport<T> {
/// Creates a new [`Transport`] from the OS's DNS configuration and defaults.
Expand All @@ -140,7 +140,7 @@ pub mod tokio {
) -> Transport<T> {
Transport {
inner: Arc::new(Mutex::new(inner)),
resolver: TokioAsyncResolver::tokio(cfg, opts),
resolver: TokioResolver::tokio(cfg, opts),
}
}
}
Expand All @@ -160,13 +160,12 @@ use async_trait::async_trait;
use futures::{future::BoxFuture, prelude::*};
pub use hickory_resolver::{
config::{ResolverConfig, ResolverOpts},
error::{ResolveError, ResolveErrorKind},
{ResolveError, ResolveErrorKind},
};
use hickory_resolver::{
lookup::{Ipv4Lookup, Ipv6Lookup, TxtLookup},
lookup_ip::LookupIp,
name_server::ConnectionProvider,
AsyncResolver,
};
use libp2p_core::{
multiaddr::{Multiaddr, Protocol},
Expand Down Expand Up @@ -594,7 +593,7 @@ pub trait Resolver {
}

#[async_trait]
impl<C> Resolver for AsyncResolver<C>
impl<C> Resolver for hickory_resolver::Resolver<C>
where
C: ConnectionProvider,
{
Expand All @@ -618,6 +617,7 @@ where
#[cfg(all(test, any(feature = "tokio", feature = "async-std")))]
mod tests {
use futures::future::BoxFuture;
use hickory_resolver::proto::{ProtoError, ProtoErrorKind};
use libp2p_core::{
multiaddr::{Multiaddr, Protocol},
transport::{PortUse, TransportError, TransportEvent},
Expand Down Expand Up @@ -750,7 +750,8 @@ mod tests {
.await
{
Err(Error::ResolveError(e)) => match e.kind() {
ResolveErrorKind::NoRecordsFound { .. } => {}
ResolveErrorKind::Proto(ProtoError { kind, .. })
if matches!(kind.as_ref(), ProtoErrorKind::NoRecordsFound { .. }) => {}
_ => panic!("Unexpected DNS error: {e:?}"),
},
Err(e) => panic!("Unexpected error: {e:?}"),
Expand Down

0 comments on commit cda1470

Please sign in to comment.