From ac0272cad12f0b3dbe5432111d034fa7b6192f82 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Mon, 15 Sep 2025 15:56:26 +0200 Subject: [PATCH] host: Don't try to resolve %any* keywords with mismatched address family While host_create_from_string_and_family() usually replaces %any* keywords, this fails if the address family doesn't match (e.g. %any4 with AF_INET6). There is no point in trying to resolve these keywords via DNS as % is no valid character for host names. Closes strongswan/strongswan#2880 --- src/libstrongswan/networking/host.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libstrongswan/networking/host.c b/src/libstrongswan/networking/host.c index f2768dc10d..fae90b05b4 100644 --- a/src/libstrongswan/networking/host.c +++ b/src/libstrongswan/networking/host.c @@ -461,7 +461,7 @@ host_t *host_create_from_dns(char *string, int af, uint16_t port) host_t *this; this = host_create_from_string_and_family(string, af, port); - if (!this) + if (!this && string && string[0] != '%') { this = lib->hosts->resolve(lib->hosts, string, af); } -- 2.47.3