From: Dr. David von Oheimb <David.von.Oheimb@siemens.com>
Date: Tue, 25 May 2021 06:43:59 +0000 (+0200)
Subject: BIO acpt_state(): Allow retrying addresses (e.g., using IPv6 vs. IPv4) on creating... 
X-Git-Tag: openssl-3.0.0-beta1~321
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=24c07e50551f73f565295db22478464ca9adc32e;p=thirdparty%2Fopenssl.git

BIO acpt_state(): Allow retrying addresses (e.g., using IPv6 vs. IPv4) on creating accept socket

Fixes #15386

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15417)
---

diff --git a/crypto/bio/bss_acpt.c b/crypto/bio/bss_acpt.c
index aff92223af8..834c2ffef1a 100644
--- a/crypto/bio/bss_acpt.c
+++ b/crypto/bio/bss_acpt.c
@@ -216,18 +216,24 @@ static int acpt_state(BIO *b, BIO_ACCEPT *c)
                 ERR_raise(ERR_LIB_BIO, BIO_R_LOOKUP_RETURNED_NOTHING);
                 goto exit_loop;
             }
-            /* We're currently not iterating, but set this as preparation
-             * for possible future development in that regard
-             */
             c->addr_iter = c->addr_first;
             c->state = ACPT_S_CREATE_SOCKET;
             break;
 
         case ACPT_S_CREATE_SOCKET:
+            ERR_set_mark();
             s = BIO_socket(BIO_ADDRINFO_family(c->addr_iter),
                            BIO_ADDRINFO_socktype(c->addr_iter),
                            BIO_ADDRINFO_protocol(c->addr_iter), 0);
             if (s == (int)INVALID_SOCKET) {
+                if ((c->addr_iter = BIO_ADDRINFO_next(c->addr_iter)) != NULL) {
+                    /*
+                     * if there are more addresses to try, do that first
+                     */
+                    ERR_pop_to_mark();
+                    break;
+                }
+                ERR_clear_last_mark();
                 ERR_raise_data(ERR_LIB_SYS, get_last_socket_error(),
                                "calling socket(%s, %s)",
                                 c->param_addr, c->param_serv);