Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

net: respect GODEBUG=netdns=go on macOS #27774

Closed
gregory-m opened this issue Sep 20, 2018 · 9 comments
Closed

net: respect GODEBUG=netdns=go on macOS #27774

gregory-m opened this issue Sep 20, 2018 · 9 comments
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done. OS-Darwin WaitingForInfo Issue is not actionable because of missing required information, which needs to be provided.
Milestone

Comments

@gregory-m
Copy link
Contributor

What version of Go are you using (go version)?

go version go1.11 darwin/amd64

Does this issue reproduce with the latest release?

yes

What operating system and processor architecture are you using (go env)?

Can be reproduced on any darwin.

What did you do?

Tried to debug some DNS issues on our production system.

In order to do this I tried to run code with GODEBUG=netdns=go+2 and GODEBUG=netdns=cgo+2 on my local Mac.

What did you expect to see?

Go runtime will use cgo or go resolver according to GODEBUG env variable.

What did you see instead?

Runtime silently used cgo resolver every time.

Also despite this comment I don't see any popups after I removed this check.

Can we put darwin check before if confVal.dnsDebugLevel > 0 and use go resolver on darwin if user explicitly asked for it?

If there are no objections I will create CL.

@bcmills
Copy link
Contributor

bcmills commented Sep 22, 2018

CC @mikioh @bradfitz @ianlancetaylor

@bcmills bcmills added the NeedsDecision Feedback is required from experts, contributors, and/or the community before a change can be made. label Sep 22, 2018
@bcmills bcmills added this to the Go1.12 milestone Sep 22, 2018
@bradfitz
Copy link
Contributor

As long as we continue to default to using the cgo resolver on Darwin, I'm fine respecting the GODEBUG knob on Darwin to select the pure-Go resolver. (and perhaps the build tag, too?)

@gregory-m
Copy link
Contributor Author

After some investigation looks like Darwin will popup dialog box if developer mode in not enabled on Mac. However it not popup dialog box on some Macs without developer mode been enabled, and I can't found any version or setting correlating with such behaviour.

In any case I don't think build tag is good idea, because some user will definitely see popups on Mac if you compile and distribute binary with pure-Go resolver enabled by default.

However GODEBUG is useful for local debugging.

@gregory-m gregory-m reopened this Sep 26, 2018
@rsc
Copy link
Contributor

rsc commented Sep 26, 2018

Respecting $GODEBUG seems OK - if you ask for it, you get it. I wouldn't want to do hard-coding at build time, though, since we know that the non-cgo resolver is much worse than the cgo one (see #12524).

@rsc rsc changed the title net: on darwin runtime use cgo resolver despite GODEBUG vaules net: respect GODEBUG=netdns=go on macOS Sep 26, 2018
@bradfitz
Copy link
Contributor

TIL:

$ DevToolsSecurity -status
Developer mode is currently enabled.

Not sure when I enabled that.

@rsc rsc added the NeedsFix The path to resolution is known, but the work has not been done. label Sep 26, 2018
@gopherbot gopherbot removed the NeedsDecision Feedback is required from experts, contributors, and/or the community before a change can be made. label Sep 26, 2018
@bitglue
Copy link

bitglue commented Sep 26, 2018

I've been using the same work laptop for 2 years and never enabled developer mode:

$ DevToolsSecurity -status
Developer mode is currently disabled.

and I've never seen this popup despite running plenty of go binaries built with cgo disabled. I tried enabling the firewall in system preferences, and still can't reproduce the popup. Nor have I received any reports of such a popup from my coworkers. Though I do get a lot of complaints about DNS failing to resolve private hostnames, an indication that the native go resolver is in use.

Point being, whatever determines if this popup occurs, I don't think it's developer mode.

Furthermore, on my system I can't reproduce the problem: GODEBUG does seem to be honored. With this test program:

package main

import (
	"fmt"
	"net"
)

func main() {
	ns, err := net.LookupHost("philfrost.local")
	if err != nil {
		panic(err)
	}
	fmt.Println(ns)
}

built with:

philfrost:~ philfrost$ go build -o test ./test.go
philfrost:~ philfrost$ go version
go version go1.10.2 darwin/amd64
philfrost:~ philfrost$ system_profiler SPSoftwareDataType
      System Version: macOS 10.13.6 (17G65)
      Kernel Version: Darwin 17.7.0
      System Integrity Protection: Enabled

cgo resolution works:

philfrost:~ philfrost$ GODEBUG=netdns=cgo+2 ./test
go package net: using cgo DNS resolver
go package net: hostLookupOrder(philfrost.local) = cgo
[192.168.1.167]

Go's native resolver is used when requested, confirmed by the debug output as well as the resolution failure (native Go can't resolve RFC6762 names):

philfrost:~ philfrost$ GODEBUG=netdns=go+2 ./test
go package net: GODEBUG setting forcing use of Go's resolver
go package net: hostLookupOrder(philfrost.local) = files,dns
panic: lookup philfrost.local on 192.168.1.1:53: no such host

goroutine 1 [running]:
main.main()
	/Users/philfrost/test.go:11 +0xde

@bradfitz
Copy link
Contributor

@bitglue, I also see that.

@gregory-m, can you try again? Sure you're using the version of Go you think you are?

@ianlancetaylor
Copy link
Contributor

It sounds like people think that this already works. @gregory-m do you disagree?

@ianlancetaylor ianlancetaylor added the WaitingForInfo Issue is not actionable because of missing required information, which needs to be provided. label Dec 19, 2018
@ianlancetaylor ianlancetaylor modified the milestones: Go1.12, Go1.13 Dec 19, 2018
@gregory-m
Copy link
Contributor Author

Sorry my bad, tried it with wrong build. Works as expected in current version.

@golang golang locked and limited conversation to collaborators Dec 20, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done. OS-Darwin WaitingForInfo Issue is not actionable because of missing required information, which needs to be provided.
Projects
None yet
Development

No branches or pull requests

7 participants