Secure sockets, dns and getnameinfo timeouts
https://stackoverflow.com/questions/6828281
-
26-10-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
just yesterday while debugging my android app i figured out that whenever reverse dns lookup is not possible my connection takes bunch loads of time to initiate (roughly about 20-30 seconds).
i managed to narrow down the source to InetAddress.getHostName() call (that's where it takes so much time) but i am (unfortunately) clueless on how i could work it around. I understand that SSL connections with no DNS verification are more prone to MITM attacks; in such cases i would prefer to notify the user about issues rather than make him wait forever for the application to load and connect. i've been browsing the web back and forth looking for the answer, i could find ways to fix that in java, but none of them applies to android (at least i couldn't cache inetaddress nor use alternative classes to resolve my host names with impl property).
is there any way i could limit the timeout to some reasonable timeouts (say: 2-3 seconds)? i would like to save the time i'd need to spend re-writing ssl sockets as android native code.
thanks!
Solution
this is (was) related to a bug in GLIBC trying to reverse lookup ipv6 host names even if no ipv6 interfaces were configured.
the problem and fix are discussed here:
https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/417757
it should work if /etc/hosts file is updated to cover particular IP address
