开发者

Secure sockets, dns and getnameinfo timeouts

just yesterday while debugging my android app i figured out that whenever reverse dns lookup is not possible my connection takes bunch loads of time to initiate (roughly about 20-30 seconds).

i managed to narrow down the source to InetAddress.getHostName() call (that's where it takes so much time) but i am (unfortunately) clueless on how i could work it around. I understand that SSL connections with no DNS verification are more prone to MITM attacks; in such cases i would prefer to notify the user about issues rather than make him wait forever for the ap开发者_开发百科plication to load and connect. i've been browsing the web back and forth looking for the answer, i could find ways to fix that in java, but none of them applies to android (at least i couldn't cache inetaddress nor use alternative classes to resolve my host names with impl property).

is there any way i could limit the timeout to some reasonable timeouts (say: 2-3 seconds)? i would like to save the time i'd need to spend re-writing ssl sockets as android native code.

thanks!


this is (was) related to a bug in GLIBC trying to reverse lookup ipv6 host names even if no ipv6 interfaces were configured.

the problem and fix are discussed here:

https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/417757

it should work if /etc/hosts file is updated to cover particular IP address

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜