curl / Mailing Lists / curl-library / Single Mail

curl-library

Periodic DNS issues

From: Bill Schoolfield <bill_at_billmax.com>
Date: Mon, 12 Mar 2018 11:14:17 -0500

Hello All,

We are long time users of libcurl in our C based application.
Periodically we get "Couldn't resolve host" errors. (Code 6). As best as
I can tell there seems to be no pattern and the error is very
intermittent. It typically clears itself within several minutes. We
haven't been able to track this down. Our suspicion is libcurl is
somehow more sensitive to DNS related problems but that of course is
just a guess.

How can we debug this? What options might we try to resolve this.

Our app runs on centos 6 and 7. Curl -V (if that helps) shows:

curl 7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1
zlib/1.2.3 libidn/1.18 libssh2/1.4.2
Protocols: tftp ftp telnet dict ldap ldaps http file https ftps scp sftp
Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz

We are using nothing exotic in the setup. A typical setup:

                curl = curl_easy_init();
                 if(!curl) {
                         return EFP_ERROR(&sp, "Curl init failed");
                 }

                 curl_easy_setopt(curl, CURLOPT_URL, EFPI.url);

                 /*
                 if(EFPI.verbose) {
                         curl_easy_setopt(curl, CURLOPT_VERBOSE, 1);
                 }
                 */

                 curl_easy_setopt(curl, CURLOPT_CAINFO,
"/etc/pki/tls/certs/ca-bundle.crt");

#ifdef SKIP_PEER_VERIFICATION
                 /*
                  * If you want to connect to a site who isn't using a
certificate that is
                  * signed by one of the certs in the CA bundle you
have, you can skip the
                  * verification of the server's certificate. This makes
the connection
                  * A LOT LESS SECURE.
                  *
                  * If you have a CA cert for the server stored
someplace else than in the
                  * default bundle, then the CURLOPT_CAPATH option might
come handy for
                  * you.
                  */
                 curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE);
                 curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, FALSE);
#endif
                 curl_easy_setopt(curl, CURLOPT_SSLVERSION,
CURL_SSLVERSION_TLSv1_2);
                 curl_easy_setopt(curl, CURLOPT_ERRORBUFFER,
curl_error_buf);
                 curl_easy_setopt(curl, CURLOPT_STDERR, EFPI.LF);

                 curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, callback);

                 curl_easy_setopt(curl, CURLOPT_TIMEOUT, EFPI.timeout);

Regards,

Bill

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2018-03-12