[openssl/openssl] 28932a: Fix quicserver binding when duplicate entries exist

Neil Horman noreply at github.com
Thu Nov 2 11:30:06 UTC 2023


  Branch: refs/heads/openssl-3.2
  Home:   https://github.com/openssl/openssl
  Commit: 28932ab1acc4372fbb4f0050fa7748f1fa079d0d
      https://github.com/openssl/openssl/commit/28932ab1acc4372fbb4f0050fa7748f1fa079d0d
  Author: Neil Horman <nhorman at openssl.org>
  Date:   2023-11-02 (Thu, 02 Nov 2023)

  Changed paths:
    M util/quicserver.c

  Log Message:
  -----------
  Fix quicserver binding when duplicate entries exist

In testing the quic demos, I found that the quicserver refused to start for me,
indicating an inability to bind a socket to listen on

The problem turned out to be that getaddrinfo on my system was returning
multiple entries, due to the fact that /etc/host maps the localhost host name to
both ipv4 (127.0.0.1) and ipv6 (::1), but returns the latter as an ipv4 mapped
address (specifying family == AF_INET)

It seems like the proper fix would be to modify the /etc/hosts file to not make
that mapping, and indeed that works.  However, since several distribution ship
with this setup, it seems like it is worthwhile to manage it in the server code.

its also that some other application may be bound to a given address/port
leading to failure, which I think could be considered erroneous, as any failure
for the full addrinfo list in quicserver would lead to a complete failure

Fix this by modifying the create_dgram_bio function to count the number of
sockets is successfully binds/listens on, skipping any failures, and only exit
the application if the number of bound sockets is zero.

Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22559)

(cherry picked from commit fe26b6b4961b1d5a560b52463923f6fb014f5068)




More information about the openssl-commits mailing list