host: Don't try to resolve %any* keywords with mismatched address family

While host_create_from_string_and_family() usually replaces %any*
keywords, this fails if the address family doesn't match (e.g. %any4 with
AF_INET6).  There is no point in trying to resolve these keywords via
DNS as % is no valid character for host names.

Closes strongswan/strongswan#2880

diff --git a/src/libstrongswan/networking/host.c b/src/libstrongswan/networking/host.c
index f2768dc10ddcde94691b3215506000f5ce9b06ad..fae90b05b4a93a00b9f4512b7dcaf9be7dc21f95 100644 (file)
--- a/src/libstrongswan/networking/host.c
+++ b/src/libstrongswan/networking/host.c
@@ -461,7 +461,7 @@ host_t *host_create_from_dns(char *string, int af, uint16_t port)
        host_t *this;
 
        this = host_create_from_string_and_family(string, af, port);
-       if (!this)
+       if (!this && string && string[0] != '%')
        {
                this = lib->hosts->resolve(lib->hosts, string, af);
        }