call libc::res_init() in response to DNS failures

oconnor663 · oconnor663 · commit e62f2d664b66 · 2017-07-19T12:35:59.000-04:00
Go's DNS resolution often defers to the libc implementation, and glibc's resolver has a serious bug: https://sourceware.org/bugzilla/show_bug.cgi?id=984 It will cache the contents of /etc/resolv.conf, which can put the client in a state where all DNS requests fail forever after a network change. The conditions where Go calls into libc are complicated and platform-specific, and the resolver cache involves thread-local state, so repros tend to be inconsistent. But when you hit this on your laptop on the subway or whatever, the effect is that everything is broken until you restart the process. One way to fix this would be to force using the pure-Go resolver (net.DefaultResolver.PreferGo = true), which refreshes /etc/resolv.conf every 5 seconds. I'm wary of doing that, because the Go devs went through an enormous amount of trouble to enable cgo fallback, for various platform- and environment-specific reasons. See all the comments in net/conf.go::initConfVal() and net/conf.go::hostLookupOrder() in the standard library. Instead, we're trying the same workaround that the Rust standard library chose, where we call libc::res_init() after DNS failures. See rust-lang/rust#41570. The downside here is that we have to remember to do this after we make network calls, and that we have to use cgo in the build, but the upside is that it should never break a DNS environment that was working before.
diff --git a/go/libkb/client.go b/go/libkb/client.go
@@ -17,6 +17,7 @@ import (
 	"time"
 
 	"github.com/keybase/go-framed-msgpack-rpc/rpc"
+	"github.com/keybase/go-framed-msgpack-rpc/rpc/resinit"
 
 	"h12.me/socks"
 )
@@ -146,6 +147,13 @@ func NewClient(e *Env, config *ClientConfig, needCookie bool) *Client {
 	xprt.Dial = func(network, addr string) (c net.Conn, err error) {
 		c, err = net.Dial(network, addr)
 		if err != nil {
+			// If we get a DNS error, it could be because glibc has cached an
+			// old version of /etc/resolv.conf. The res_init() libc function
+			// busts that cache and keeps us from getting stuck in a state
+			// where DNS requests keep failing even though the network is up.
+			// This is similar to what the Rust standard library does:
+			// https://github.com/rust-lang/rust/blob/028569ab1b/src/libstd/sys_common/net.rs#L186-L190
+			resinit.ResInitIfDNSError(err)
 			return c, err
 		}
 		if err = rpc.DisableSigPipe(c); err != nil {
@@ -159,6 +167,7 @@ func NewClient(e *Env, config *ClientConfig, needCookie bool) *Client {
 			xprt.TLSClientConfig = &tls.Config{RootCAs: config.RootCAs}
 		}
 		if e.GetTorMode().Enabled() {
+			// TODO: should we call res_init on DNS errors here as well?
 			dialSocksProxy := socks.DialSocksProxy(socks.SOCKS5, e.GetTorProxy())
 			xprt.Dial = dialSocksProxy
 		} else {
