DNS Resolver only returns one address - causes problems with ipv4 only system

[6f]

The DNS resolver only returns at most one address. On my non-ipv6 freebsd system this happens to be a ipv6 address. This causes acme-client to fail as it cannot connect to an ipv6 address:

acme-client: acme-v01.api.letsencrypt.org: DNS: 2001:668:108:9a92::3d5
acme-client: 2001:668:108:9a92::3d5: connect: No route to host
acme-client: https://acme-v01.api.letsencrypt.org/directory: bad comm
acme-client: bad exit: netproc(83700): 1

Strangely enough the code is fully equipped to handle multiple ip addresses, however an early "break" inside the getaddrinfo processing code is causing at most one address to be returned, see https://github.com/kristapsdz/acme-client-portable/blob/master/dnsproc.c#L108

After applying the following patch

--- dnsproc.c.orig      2016-10-26 00:26:16.443321714 +0200
+++ dnsproc.c   2016-10-26 00:26:23.620804948 +0200
@@ -105,7 +105,6 @@

                dodbg("%s: DNS: %s", s, vec[vecsz].ip);
                vecsz++;
-               break;
        }

        freeaddrinfo(res0);

The network communication now works as expected:

acme-client: acme-v01.api.letsencrypt.org: DNS: 2001:428:7000:58c::3d5
acme-client: acme-v01.api.letsencrypt.org: DNS: 2001:428:7000:58b::3d5
acme-client: acme-v01.api.letsencrypt.org: DNS: 2.19.77.173
acme-client: 2001:428:7000:58c::3d5: connect: No route to host
acme-client: 2001:428:7000:58b::3d5: connect: No route to host

[kristapsdz]

I can't figure out why this was in there at all in the first place, except that early versions (using libcurl) had trouble with IPV6 or something. Fixed--thanks!

[tbrowder]

A similar problem still exists. I had domains with both ipv4 and ipv6 addresses in dns so only the ipv6 was tried. Unfortunately the ipv6 wasn't responding while the ipv4 was, but acme-client apparently didn't fall back to the ipv4 and thus failed. All worked okay after I removed the ipv6 address from dns, but it took me a while to find the problem.