curl-openssl built with c-ares is failing to resolve local domains on osx

[hanoii]

I use homebrew on OSX and install their PHP packages for local development. PHP on its own depends on curl-openssl which is compiled using c-ares.

I also have a local resolver for *.dev.localhost configured by dnsmasqd and also added a local resolver for dev.localhost to /etc/resolver

Output of scutil --dns is on https://pastebin.com/DE3YRHL7.

It's also been brought up on the hombrew package at Homebrew/homebrew-core#41286 and I found a thread on the curl mailing list explaining the issue might be on this library.

The workaround stated above and elsewhere is to uninstall curl-openssl so that PHP uses the local curl version which works and doesn't uses c-ares, but it might be great if this is fixed somehow with c-ares too.

I am happy to help debugging/helping fixing this somehow with enough pointers if you need me too.

Everything else resolves *.dev.localhost properly: (ping, curl, etc). curl-openssl from the brew formula above doesn't.

[bradh352]

I'm pretty sure commit baf6f4e would probably fix your issue, which was made after the 1.16.0 release

[hanoii]

Great, I was hoping to try it from brew but apparently I can't build the latest version from it. I'll see what I can test but in the meantime, is there a timeline for a new release?

[bradh352]

due to some other issues, probably within the next week

[bradh352]

1.16.1 was released yesterday.

[hanoii]

Hmm, I upgraded to c-ares 1.16.1, recompiled curl-openssl with brew reinstall -s curl-openssl which does so with --enable-ares=/usr/local/opt/c-ares and It still can't resolve local domains exactly as before.

[bradh352]

Are the names you're trying to resolve mDNS or Bonjour?

[hanoii]

I'd say neither 🤔 - I might be wrong but I don't think so. This is a zone configured through dnsmasqd

This is pretty much my setup: https://passingcuriosity.com/2013/dnsmasq-dev-osx/

dig something.dev.localhost @localhost

;; ANSWER SECTION:
something.dev.localhost. 0	IN	A	127.0.0.1

[jeff-h]

Like the OP I'm also running dnsmasq on macOS, and have nameserver 127.0.0.1 in /etc/resolver/test. This works just fine everywhere except when I try to use home-brew's curl-openssl (which as stated is compiled with c-ares). I've updated everything so I am using the current c-ares 1.16.1 and still curl cannot resolve my .test domains.

Has baf6f4e actually resolved this issue for anyone? If not, @bradh352 are there any tests I could run to help identify the cause?

[bradh352]

The issue is that the configuration is actively trying to route different domains to different name servers. That's not a standardized thing. It appears to be a very mac-specific thing. It is not something c-ares has any concept of. You typically reach out to your configured nameservers to look up the entirety of your domains, not route different top levels to different servers.

We'd probably accept patches to add such support for MacOS, but it is definitely not on any development roadmap.

[jeff-h]

I'm (probably obviously) out of my depth here :) Nonetheless I wonder if the following is of relevance; it seems to be casting some doubt on whether macOS libresolve is correctly reading the contents of /etc/resolver in a split-DNS scenario?

https://openradar.appspot.com/FB7633839

I'm guessing that's all far below the jurisdiction of c-ares though.