resolver issue with c-ares

[jjandesmet]

I did this

I have in my /etc/nsswitch.conf on the host line:
hosts: files dns myhostname
I have in my /etc/resolve.conf (note: 192.168.65.5 does not exist, and that is intentional)
nameserver 193.168.65.5
I have in my /etc/hosts:
216.58.213.14 www.google.com
I'm using curl with c-ares as resolver and carry out:
curl http://www.google.com

I expected the following

Immediate response, as the resolver should take the IP address from the /etc/hosts file and create no dns query.

Instead, I see that the above command (I used "tcpdump -i any port 53 -n -vvv" in another console) does result in a dns query:
11:11:58.064368 IP (tos 0x0, ttl 64, id 13260, offset 0, flags [DF], proto UDP (17), length 60)
172.17.0.3.37942 > 193.168.65.5.domain: [bad udp cksum 0xaefb -> 0xe3cd!] 18912+ AAAA? www.google.com. (32)
11:12:03.065680 IP (tos 0x0, ttl 64, id 17530, offset 0, flags [DF], proto UDP (17), length 60)
172.17.0.3.37942 > 193.168.65.5.domain: [bad udp cksum 0xaefb -> 0xe3cd!] 18912+ AAAA? www.google.com. (32)
Only after the 5 seconds timeout, the /etc/hosts contents are used. Which is not according to /etc/nsswitch.conf.

To exclude the resolver itself, I used the code: https://gist.github.com/mopemope/992777
and replaced line 82 with: (changed "google.com" to "www.google.com")
ares_gethostbyname(channel, "www.google.com", AF_INET, callback, NULL);
In the same environment as above, this returns immediatly with:
Found address name www.google.com
216.58.213.14
fin
During this operation, no dns query was made (witnessed by tcpdump).

Why is curl, using the same resolver, sending out a dns query when it should first look at /etc/hosts?

curl/libcurl version

[curl -V output]
curl 7.76.1 (x86_64-pc-linux-gnu) libcurl/7.76.1 OpenSSL/1.0.2k-fips zlib/1.2.7 c-ares/1.17.1 librtmp/2.3
Release-Date: 2021-04-14
Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt pop3 pop3s rtmp rtsp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS HTTPS-proxy IPv6 Largefile libz NTLM NTLM_WB SSL UnixSockets

operating system

CentOS Linux release 7.9.2009 (Core)
Linux 87752f45dd8a 5.10.25-linuxkit #1 SMP Tue Mar 23 09:27:39 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

[bagder]

When you build with c-ares, c-ares is responsible for the name resolving. If that behaves wrong, it's a c-ares issue, not a curl issue. One way you could verify that is to rebuild with the threaded resolver and make sure that it works correctly/differently then.

[bagder]

I suppose you see that because curl also asks for the AAAA entry and your /etc/hosts doesn't provide one...

[bagder]

I believe the proper fix for this would be to use the c-ares function ares_getaddrinfo instead. Introduced in 1.16.0.

[jjandesmet]

@bagder , I can confirm the ask for the AAAA entry. When using the command "curl -4 http://www.google.com", I don't see the issue.

[bagder]

@jjandesmet are you interested in trying to fix this with ares_getaddrinfo?

[jjandesmet]

@bagder Interested in any fix, but how?

[bagder]

by making curl use ares_getaddrinfo instead of how it current calls ares_gethostbyname twice

[jjandesmet]

Tested and verified on 7.79.0 --> issue is indeed solved.
Thanks!