[openssl] OpenSSL_1_1_1-stable update
tmraz at fedoraproject.org
tmraz at fedoraproject.org
Tue Aug 13 09:44:54 UTC 2019
The branch OpenSSL_1_1_1-stable has been updated
via 8ab99435c0c6e993af090759fea8879bcabaae6c (commit)
via 63be1415bf6c3b73bb0a4971e1ffeb5923269b7c (commit)
from e17a712e763701e05f3e6965498e2697c7d1e30e (commit)
- Log -----------------------------------------------------------------
commit 8ab99435c0c6e993af090759fea8879bcabaae6c
Author: Tomas Mraz <tmraz at fedoraproject.org>
Date: Mon Aug 12 16:43:59 2019 +0200
BIO_lookup_ex: Do not retry on EAI_MEMORY
We should not retry on EAI_MEMORY as that error is most probably
fatal and not depending on AI_ADDRCONFIG hint.
Also report the error from the first call if the second call fails
as that one would be most probably the more interesting one.
Reviewed-by: Paul Dale <paul.dale at oracle.com>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9535)
(cherry picked from commit 91cb81d40a8102c3d8667629661be8d6937db82b)
commit 63be1415bf6c3b73bb0a4971e1ffeb5923269b7c
Author: Tomas Mraz <tmraz at fedoraproject.org>
Date: Mon Aug 5 19:11:07 2019 +0200
BIO_lookup_ex: Always retry the lookup on failure with AI_NUMERICHOST set
Do not try to discern the error return value on
getaddrinfo() failure but when retrying set the AI_NUMERICHOST
to avoid DNS lookups.
Fixes: #9053
Reviewed-by: Paul Dale <paul.dale at oracle.com>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9535)
(cherry picked from commit 7f616a00e9232392927099dca1eca70d0d058665)
-----------------------------------------------------------------------
Summary of changes:
crypto/bio/b_addr.c | 30 +++++++++++++++---------------
1 file changed, 15 insertions(+), 15 deletions(-)
diff --git a/crypto/bio/b_addr.c b/crypto/bio/b_addr.c
index 1619ab586b..dd5008e636 100644
--- a/crypto/bio/b_addr.c
+++ b/crypto/bio/b_addr.c
@@ -675,7 +675,7 @@ int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
if (1) {
#ifdef AI_PASSIVE
- int gai_ret = 0;
+ int gai_ret = 0, old_ret = 0;
struct addrinfo hints;
memset(&hints, 0, sizeof(hints));
@@ -683,12 +683,12 @@ int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
hints.ai_family = family;
hints.ai_socktype = socktype;
hints.ai_protocol = protocol;
-#ifdef AI_ADDRCONFIG
-#ifdef AF_UNSPEC
+# ifdef AI_ADDRCONFIG
+# ifdef AF_UNSPEC
if (family == AF_UNSPEC)
-#endif
+# endif
hints.ai_flags |= AI_ADDRCONFIG;
-#endif
+# endif
if (lookup_type == BIO_LOOKUP_SERVER)
hints.ai_flags |= AI_PASSIVE;
@@ -703,26 +703,26 @@ int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
SYSerr(SYS_F_GETADDRINFO, get_last_socket_error());
BIOerr(BIO_F_BIO_LOOKUP_EX, ERR_R_SYS_LIB);
break;
+# endif
+# ifdef EAI_MEMORY
+ case EAI_MEMORY:
+ BIOerr(BIO_F_BIO_LOOKUP_EX, ERR_R_MALLOC_FAILURE);
+ break;
# endif
case 0:
ret = 1; /* Success */
break;
-# if (defined(EAI_FAMILY) || defined(EAI_ADDRFAMILY)) && defined(AI_ADDRCONFIG)
-# ifdef EAI_FAMILY
- case EAI_FAMILY:
-# endif
-# ifdef EAI_ADDRFAMILY
- case EAI_ADDRFAMILY:
-# endif
+ default:
+# if defined(AI_ADDRCONFIG) && defined(AI_NUMERICHOST)
if (hints.ai_flags & AI_ADDRCONFIG) {
hints.ai_flags &= ~AI_ADDRCONFIG;
+ hints.ai_flags |= AI_NUMERICHOST;
+ old_ret = gai_ret;
goto retry;
}
# endif
- /* fall through */
- default:
BIOerr(BIO_F_BIO_LOOKUP_EX, ERR_R_SYS_LIB);
- ERR_add_error_data(1, gai_strerror(gai_ret));
+ ERR_add_error_data(1, gai_strerror(old_ret ? old_ret : gai_ret));
break;
}
} else {
More information about the openssl-commits
mailing list