Subject: Re: gethostbyname & gethostbyaddr in libc thread-safe yet?
To: Christos Zoulas <christos@zoulas.com>
From: Alicia da Conceicao <alicia@engine.ca>
List: tech-net
Date: 05/25/2004 14:54:52
> >Sorry if this is a FAQ, but I was wondering if DNS routines
> >"gethostbyname" & "gethostbyaddr" in libc have been made thread-
> >safe yet?
> No, and are are not planning to do this. Returning a static hostent
> is not the only problem. The problem is also with error reporting;
> checking h_errno after the call is an issue too. ISC solves these
> problems by allocating a per-thread res_state; we've chosen to use
> a pool, so res_state is not available after the return of gethostby*().
> I'd suggest you convert your code to use getaddrinfo() which is
> re-entrant. In the future we might provide _r versions of
> getfoobybar*(), but since there are no real standards for those,
> I would not hold by breath. I will let Brian Ginbach and others correct
> this, if I am wrong.

Dear Christos:

I had previously looked into "getaddrinfo" & "getnameinfo" as alternatives
to "gethostbyname" & "gethostbyaddr", but not only are these much more
bloated (since I only wants to resolve domain names & IP addresses and do
not want to connect or bind any sockets, nor do I care about IPv6 support)
these are still not thread-safe:

============================================================================
GETADDRINFO(3)          NetBSD Library Functions Manual         GETADDRINFO(3)
BUGS
     The current implementation is not thread-safe.
============================================================================
GETNAMEINFO(3)          NetBSD Library Functions Manual         GETNAMEINFO(3)
BUGS
     The current implementation is not thread-safe.
============================================================================

Do you have any suggestions on what to use for a thread-safe alternative to
"gethostbyname" & "gethostbyaddr", so that no one thread would block or
clobber the data of another thread when resolving.  This is for a cross-
platform anti-spam/virus filter which I am coding up from scratch, so it
only needs to resolve and does not use sockets, socket names, or IPv6
support.  I personally receive over 2 million virus & spam messages a day,
since I have my 5 root CA certs preloaded into Netscape/AOL, KDE, OpenSSL,
etc., so having a cross-platform, thread-safe, and light-weight method to
resolve domain names and IP addresses with minimal overhead is critical.

Alicia.