From 7f616a00e9232392927099dca1eca70d0d058665 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Mon, 5 Aug 2019 19:11:07 +0200 Subject: [PATCH] BIO_lookup_ex: Always retry the lookup on failure with AI_NUMERICHOST set Do not try to discern the error return value on getaddrinfo() failure but when retrying set the AI_NUMERICHOST to avoid DNS lookups. Fixes: #9053 Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/9535) --- crypto/bio/b_addr.c | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/crypto/bio/b_addr.c b/crypto/bio/b_addr.c index 47366332ac..511d9c197b 100644 --- a/crypto/bio/b_addr.c +++ b/crypto/bio/b_addr.c @@ -709,20 +709,14 @@ int BIO_lookup_ex(const char *host, const char *service, int lookup_type, case 0: ret = 1; /* Success */ break; -# if (defined(EAI_FAMILY) || defined(EAI_ADDRFAMILY)) && defined(AI_ADDRCONFIG) -# ifdef EAI_FAMILY - case EAI_FAMILY: -# endif -# ifdef EAI_ADDRFAMILY - case EAI_ADDRFAMILY: -# endif + default: +# if defined(AI_ADDRCONFIG) && defined(AI_NUMERICHOST) if (hints.ai_flags & AI_ADDRCONFIG) { hints.ai_flags &= ~AI_ADDRCONFIG; + hints.ai_flags |= AI_NUMERICHOST; goto retry; } # endif - /* fall through */ - default: BIOerr(BIO_F_BIO_LOOKUP_EX, ERR_R_SYS_LIB); ERR_add_error_data(1, gai_strerror(gai_ret)); break; -- 2.25.1