From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/11142
Path: news.gmane.org!.POSTED!not-for-mail
From: Rich Felker <dalias@libc.org>
Newsgroups: gmane.linux.lib.musl.general
Subject: Re: Queries with less than `ndots` dots never lead to
 resolution using the global namespace if the `search` domains don't work
Date: Wed, 15 Mar 2017 13:22:53 -0400
Message-ID: <20170315172253.GH1693@brightrain.aerifal.cx>
References: <075030ca6fc64b13be5651fe32c5e770@CHBARSRV1EXCHP1.ANYACCESS.NET>
 <20170315122515.GD1693@brightrain.aerifal.cx>
 <0779b092406345a4b4d68ce279f97c16@CHBARSRV1EXCHP1.ANYACCESS.NET>
 <20170315151103.GF1693@brightrain.aerifal.cx>
 <1e14e4e5bddc41518ff651e4b841c2b1@CHBARSRV1EXCHP1.ANYACCESS.NET>
Reply-To: musl@lists.openwall.com
NNTP-Posting-Host: blaine.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: blaine.gmane.org 1489598588 23641 195.159.176.226 (15 Mar 2017 17:23:08 GMT)
X-Complaints-To: usenet@blaine.gmane.org
NNTP-Posting-Date: Wed, 15 Mar 2017 17:23:08 +0000 (UTC)
User-Agent: Mutt/1.5.21 (2010-09-15)
To: musl@lists.openwall.com
Original-X-From: musl-return-11157-gllmg-musl=m.gmane.org@lists.openwall.com Wed Mar 15 18:23:04 2017
Return-path: <musl-return-11157-gllmg-musl=m.gmane.org@lists.openwall.com>
Envelope-to: gllmg-musl@m.gmane.org
Original-Received: from mother.openwall.net ([195.42.179.200])
	by blaine.gmane.org with smtp (Exim 4.84_2)
	(envelope-from <musl-return-11157-gllmg-musl=m.gmane.org@lists.openwall.com>)
	id 1coCda-0005ZK-H7
	for gllmg-musl@m.gmane.org; Wed, 15 Mar 2017 18:23:02 +0100
Original-Received: (qmail 21857 invoked by uid 550); 15 Mar 2017 17:23:06 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
List-ID: <musl.lists.openwall.com>
Original-Received: (qmail 21834 invoked from network); 15 Mar 2017 17:23:05 -0000
Content-Disposition: inline
In-Reply-To: <1e14e4e5bddc41518ff651e4b841c2b1@CHBARSRV1EXCHP1.ANYACCESS.NET>
Original-Sender: Rich Felker <dalias@aerifal.cx>
Xref: news.gmane.org gmane.linux.lib.musl.general:11142
Archived-At: <http://permalink.gmane.org/gmane.linux.lib.musl.general/11142>

On Wed, Mar 15, 2017 at 05:10:08PM +0000, dominic.chambers@glencore.com wrote:
> HI Rich,
> 
> I've attached the results from running the following two commands:
> 
>   1. ` strace ./gai3a google.com 2> strace_of_google-com.txt`
>   2. ` strace ./gai3a google.com.default.svc 2> strace_of_google-com-default-svc.txt`
> 
> Is this what you were looking for or can I provide something more useful?

Yes, this works. Here's the problem:

> execve("./gai3a", ["./gai3a", "google.com"], [/* 15 vars */]) = 0
> [...]
> socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, IPPROTO_IP) = 3
> bind(3, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
> sendto(3, "\271\377\1\0\0\1\0\0\0\0\0\0\6google\3com\7default\3"..., 54, MSG_NOSIGNAL, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("10.43.0.10")}, 16) = 54
> sendto(3, "\341\262\1\0\0\1\0\0\0\0\0\0\6google\3com\7default\3"..., 54, MSG_NOSIGNAL, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("10.43.0.10")}, 16) = 54
> poll([{fd=3, events=POLLIN}], 1, 2500)  = 1 ([{fd=3, revents=POLLIN}])
> recvfrom(3, "\271\377\201\203\0\1\0\0\0\1\0\0\6google\3com\7default\3"..., 512, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("10.43.0.10")}, [16]) = 147
> recvfrom(3, "\341\262\201\203\0\1\0\0\0\1\0\0\6google\3com\7default\3"..., 512, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("10.43.0.10")}, [16]) = 147
                        ^^^^^^^

This correctly returns NxDomain (the \203 byte). But:

> [...]
> socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, IPPROTO_IP) = 3
> bind(3, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
> sendto(3, "H\244\1\0\0\1\0\0\0\0\0\0\6google\3com\7kubelet\n"..., 64, MSG_NOSIGNAL, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("10.43.0.10")}, 16) = 64
> sendto(3, "K\266\1\0\0\1\0\0\0\0\0\0\6google\3com\7kubelet\n"..., 64, MSG_NOSIGNAL, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("10.43.0.10")}, 16) = 64
> poll([{fd=3, events=POLLIN}], 1, 2500)  = 1 ([{fd=3, revents=POLLIN}])
> recvfrom(3, "H\244\205\200\0\1\0\0\0\1\0\0\6google\3com\7kubelet\n"..., 512, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("10.43.0.10")}, [16]) = 100
> recvfrom(3, 0x7fff9c3f83c0, 512, 0, 0x7fff9c3f7e70, [16]) = -1 EAGAIN (Resource temporarily unavailable)
> poll([{fd=3, events=POLLIN}], 1, 2498)  = 1 ([{fd=3, revents=POLLIN}])
> recvfrom(3, "K\266\205\200\0\1\0\0\0\1\0\0\6google\3com\7kubelet\n"..., 512, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("10.43.0.10")}, [16]) = 100
                    ^^^^^^^^

Here we see your nameserver returning a RCODE=0 (Success, the \200
byte) reply for google.com.kubelet[...] rather than NxDomain. Sorry I
don't have the full name; you need to pass a larger -s to strace to
get it not to truncate strings. You need to figure out why the
nameserver is claiming this exists; it might be some sort of wildcard
record or just a buggy nameserver (probably some component of
kubernetes).

Rich