search

golang / go

The Go programming language
https://go.dev
BSD 3-Clause "New" or "Revised" License
123.3k stars 17.58k forks source link

net: LookupCNAME inconsistency on unix systems #59943

Open mateusz834 opened 1 year ago

mateusz834 commented 1 year ago

So there was a #50101 proposal to make the LookupCNAME consistent between unix/windows, or more concrete to make it send an explicit CNAME query, so that when the last CNAME doesn't have an ending A/AAAA record it returns the CNAME. So the change made the cgo version to use the res_search routines instead of getaddrinfo.

And that leads to some compat breaking changes that were made because of this change and some minor differences between linux/windows.

Current Issues: 1) when cgo fails the go resolver is being used (even for noSuchHost). This returns completed == false, so a fallback to go happens (lookupCNAME). EDIT: the go resolver will also send, second (unnecessary) CNAME. https://github.com/golang/go/blob/0d347544cbca0f42b160424f6bc2458ebcc7b3fc/src/net/cgo_unix.go#L296-L300 https://github.com/golang/go/blob/0d347544cbca0f42b160424f6bc2458ebcc7b3fc/src/net/lookup_unix.go#L102-L110 2) Windows returns the last CNAME in a CNAME chain, on unix the first is returned. (Before that change the last was returned, but only when A/AAAA existed, now always the first one (assuming that the CNAMEs are in order) 3) Unix no longer uses getaddrinfo, so when in nsswitch.conf is different in any way from: hosts: dns it returns the wrong result (different that before that change), because of the fallback to go (Issue 1) this is not really noticeable, because the go resolver handles /etc/hosts aliases correctly. (but for other nss modules it might cause problems (mdns, myhostname, resolve, ....)) 4) Cgo doesn't send also A/AAAA (like the go resolver does), so when removing the fallback to go resolver (Issue 1) then the tests start to fail, because not all domains in tests have CNAME (only A records). 5) https://github.com/golang/go/issues/44199#issuecomment-1417070233

I made before a CL 455275 to try address that problems. The best solution to fix that is to do something like (for cgo resolver): Try with getaddrinfo, if it doesn't find anything (returns errNoSuchHost) then try with res_search query for CNAME.

CC @ianlancetaylor

cagedmantis commented 1 year ago

cc @neild

gopherbot commented 1 year ago

Change https://go.dev/cl/455275 mentions this issue: net: rework the unified CNAME handling on unix

ianlancetaylor commented 1 year ago

CC @rsc

mateusz834 commented 11 months ago

@rsc do you have any opinions/thoughts on this? It would be nice to fix this issue at some point. Considering that you implemented the #50101 change, I would like to hear your opinion on this.