Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

resolver issue with c-ares #7364

Closed
jjandesmet opened this issue Jul 8, 2021 · 8 comments
Closed

resolver issue with c-ares #7364

jjandesmet opened this issue Jul 8, 2021 · 8 comments

Comments

@jjandesmet
Copy link

@jjandesmet jjandesmet commented Jul 8, 2021

I did this

I have in my /etc/nsswitch.conf on the host line:
hosts: files dns myhostname
I have in my /etc/resolve.conf (note: 192.168.65.5 does not exist, and that is intentional)
nameserver 193.168.65.5
I have in my /etc/hosts:
216.58.213.14 www.google.com
I'm using curl with c-ares as resolver and carry out:
curl http://www.google.com

I expected the following

Immediate response, as the resolver should take the IP address from the /etc/hosts file and create no dns query.

Instead, I see that the above command (I used "tcpdump -i any port 53 -n -vvv" in another console) does result in a dns query:
11:11:58.064368 IP (tos 0x0, ttl 64, id 13260, offset 0, flags [DF], proto UDP (17), length 60)
172.17.0.3.37942 > 193.168.65.5.domain: [bad udp cksum 0xaefb -> 0xe3cd!] 18912+ AAAA? www.google.com. (32)
11:12:03.065680 IP (tos 0x0, ttl 64, id 17530, offset 0, flags [DF], proto UDP (17), length 60)
172.17.0.3.37942 > 193.168.65.5.domain: [bad udp cksum 0xaefb -> 0xe3cd!] 18912+ AAAA? www.google.com. (32)
Only after the 5 seconds timeout, the /etc/hosts contents are used. Which is not according to /etc/nsswitch.conf.

To exclude the resolver itself, I used the code: https://gist.github.com/mopemope/992777
and replaced line 82 with: (changed "google.com" to "www.google.com")
ares_gethostbyname(channel, "www.google.com", AF_INET, callback, NULL);
In the same environment as above, this returns immediatly with:
Found address name www.google.com
216.58.213.14
fin
During this operation, no dns query was made (witnessed by tcpdump).

Why is curl, using the same resolver, sending out a dns query when it should first look at /etc/hosts?

curl/libcurl version

[curl -V output]
curl 7.76.1 (x86_64-pc-linux-gnu) libcurl/7.76.1 OpenSSL/1.0.2k-fips zlib/1.2.7 c-ares/1.17.1 librtmp/2.3
Release-Date: 2021-04-14
Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt pop3 pop3s rtmp rtsp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS HTTPS-proxy IPv6 Largefile libz NTLM NTLM_WB SSL UnixSockets

operating system

CentOS Linux release 7.9.2009 (Core)
Linux 87752f45dd8a 5.10.25-linuxkit #1 SMP Tue Mar 23 09:27:39 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

@bagder bagder changed the title resolver issue resolver issue with c-ares Jul 8, 2021
@bagder

This comment has been hidden.

@bagder
Copy link
Member

@bagder bagder commented Jul 8, 2021

I suppose you see that because curl also asks for the AAAA entry and your /etc/hosts doesn't provide one...

@bagder
Copy link
Member

@bagder bagder commented Jul 8, 2021

I believe the proper fix for this would be to use the c-ares function ares_getaddrinfo instead. Introduced in 1.16.0.

@jjandesmet
Copy link
Author

@jjandesmet jjandesmet commented Jul 8, 2021

@bagder , I can confirm the ask for the AAAA entry. When using the command "curl -4 http://www.google.com", I don't see the issue.

@bagder
Copy link
Member

@bagder bagder commented Jul 29, 2021

@jjandesmet are you interested in trying to fix this with ares_getaddrinfo?

@jjandesmet
Copy link
Author

@jjandesmet jjandesmet commented Jul 30, 2021

@bagder Interested in any fix, but how?

@bagder
Copy link
Member

@bagder bagder commented Jul 30, 2021

by making curl use ares_getaddrinfo instead of how it current calls ares_gethostbyname twice

bagder added a commit that referenced this issue Aug 10, 2021
ares_getaddrinfo() is the getaddrinfo() cloned provided by c-ares, introduced
in version 1.16.0.

With older c-ares versions, curl invokes ares_gethostbyname() twice - once for
IPv4 and once for IPv6 to resolve both addresses, and then combines the
returned results.

Reported-by: jjandesmet
Fixes #7364
@bagder bagder closed this in ba904db Aug 12, 2021
@jjandesmet
Copy link
Author

@jjandesmet jjandesmet commented Sep 16, 2021

Tested and verified on 7.79.0 --> issue is indeed solved.
Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

2 participants