From c1261ffd7fc9bc58e660abd75d800204791423dc Mon Sep 17 00:00:00 2001 From: "Jeffrey A. Clark" Date: Mon, 21 Apr 2025 21:30:14 -0400 Subject: [PATCH 1/2] DRIVERS-3162 Add test for SRV hostname validation when resolver and resolved hostnames are identical with three domain levels --- .../initial-dns-seedlist-discovery.md | 3 +++ source/initial-dns-seedlist-discovery/tests/README.md | 4 ++++ 2 files changed, 7 insertions(+) diff --git a/source/initial-dns-seedlist-discovery/initial-dns-seedlist-discovery.md b/source/initial-dns-seedlist-discovery/initial-dns-seedlist-discovery.md index 92d4de9e77..7c6591c47a 100644 --- a/source/initial-dns-seedlist-discovery/initial-dns-seedlist-discovery.md +++ b/source/initial-dns-seedlist-discovery/initial-dns-seedlist-discovery.md @@ -283,6 +283,9 @@ In the future we could consider using the priority and weight fields of the SRV ## ChangeLog +- 2025-04-22: Add test for SRV hostname validation when resolver and resolved hostnames are identical with three domain + levels. + - 2024-09-24: Removed requirement for URI to have three '.' separated parts; these SRVs have stricter parent domain matching requirements for security. Create terminology section. Remove usage of term `{TLD}`. The `{hostname}` now refers to the entire hostname, not just the `{subdomain}`. diff --git a/source/initial-dns-seedlist-discovery/tests/README.md b/source/initial-dns-seedlist-discovery/tests/README.md index 19e5fdd2e4..be839a7e7a 100644 --- a/source/initial-dns-seedlist-discovery/tests/README.md +++ b/source/initial-dns-seedlist-discovery/tests/README.md @@ -48,6 +48,10 @@ For this test, run each of the following cases: - the SRV `mongodb+srv://mongo.local` resolving to `test_1.my_hostmongo.local` - the SRV `mongodb+srv://blogs.mongodb.com` resolving to `cluster.testmongodb.com` +### 5. Do not throw when return address is identical to SRV hostname and SRV hostname has three or more `.` separated parts + +- the SRV `mongodb+srv://blogs.mongodb.com` resolving to `blogs.mongodb.com` + ## Test Setup The tests in the `replica-set` directory MUST be executed against a three-node replica set on localhost ports 27017, From b39f4e7f30addc33e071321641e1c14372b8bcd0 Mon Sep 17 00:00:00 2001 From: "Jeffrey A. Clark" Date: Tue, 29 Apr 2025 09:18:21 -0400 Subject: [PATCH 2/2] DRIVERS-3162 Use 10gen.cc hosts --- source/initial-dns-seedlist-discovery/tests/README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/source/initial-dns-seedlist-discovery/tests/README.md b/source/initial-dns-seedlist-discovery/tests/README.md index be839a7e7a..82f7f3bfec 100644 --- a/source/initial-dns-seedlist-discovery/tests/README.md +++ b/source/initial-dns-seedlist-discovery/tests/README.md @@ -50,7 +50,8 @@ For this test, run each of the following cases: ### 5. Do not throw when return address is identical to SRV hostname and SRV hostname has three or more `.` separated parts -- the SRV `mongodb+srv://blogs.mongodb.com` resolving to `blogs.mongodb.com` +- the SRV `mongodb+srv://build.10gen.cc` resolving to `build.10gen.cc` +- the SRV `mongodb+srv://test.build.10gen.cc` resolving to `test.build.10gen.cc` ## Test Setup