-
Notifications
You must be signed in to change notification settings - Fork 4.9k
/
Copy pathc-ares.patch
33 lines (31 loc) · 1.41 KB
/
c-ares.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
# Workaround c-ares trusting /etc/hosts entries for localhost
diff --git a/src/lib/ares_getaddrinfo.c b/src/lib/ares_getaddrinfo.c
index eabd17fc..83bcf06f 100644
--- a/src/lib/ares_getaddrinfo.c
+++ b/src/lib/ares_getaddrinfo.c
@@ -449,6 +449,26 @@ static void next_lookup(struct host_query *hquery, ares_status_t status)
break;
case 'f':
+ /* FIXME: This works around wonky /etc/hosts files having localhost
+ * entries with IPs that are *not* valid loop-back IPs. Imagine a
+ * scenario where resolving localhost returns a non-loopback IP but
+ * the server we're trying to connect to is only listening on a
+ * loopback IP. Then resolution succeeds but we still cannot connect.
+ * RFC 6751 Section 6.3 #3 seems to support that localhost should
+ * only resolve to loopback IPs:
+ * "Name resolution APIs ... SHOULD always return the IP loopback
+ * address" */
+ if (ares_is_localhost(hquery->name)) {
+ if (ares_addrinfo_localhost(hquery->name, hquery->port, &hquery->hints,
+ hquery->ai) == ARES_SUCCESS) {
+ end_hquery(hquery, ARES_SUCCESS);
+ break;
+ }
+ hquery->remaining_lookups++;
+ next_lookup(hquery, status);
+ break;
+ }
+
/* Host file lookup */
if (file_lookup(hquery) == ARES_SUCCESS) {
end_hquery(hquery, ARES_SUCCESS);