Fijxu
/
nginx-quic
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Filtering duplicate addresses in listen (ticket #2400). 

Due to the glibc bug[1], getaddrinfo("localhost") with AI_ADDRCONFIG
on a typical host with glibc and without IPv6 returns two 127.0.0.1
addresses, and therefore "listen localhost:80;" used to result in
"duplicate ... address and port pair" after 4f9b72a229c1.

Fix is to explicitly filter out duplicate addresses returned during
resolution of a name.

[1] https://sourceware.org/bugzilla/show_bug.cgi?id=14969
This commit is contained in:
Maxim Dounin 2022-11-23 17:30:08 +03:00
parent 5d65721f65
commit 6fb2777ad2
3 changed files with 85 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/http/ngx_http_core_module.c
View File

@ -3963,7 +3963,7 @@ ngx_http_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
ngx_str_t *value, size;
ngx_url_t u;
ngx_uint_t n;
ngx_uint_t n, i;
ngx_http_listen_opt_t lsopt;
cscf->listen = 1;
@ -4289,6 +4289,16 @@ ngx_http_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
}
for (n = 0; n < u.naddrs; n++) {
for (i = 0; i < n; i++) {
if (ngx_cmp_sockaddr(u.addrs[n].sockaddr, u.addrs[n].socklen,
u.addrs[i].sockaddr, u.addrs[i].socklen, 0)
== NGX_OK)
{
goto next;
}
}
lsopt.sockaddr = u.addrs[n].sockaddr;
lsopt.socklen = u.addrs[n].socklen;
lsopt.addr_text = u.addrs[n].name;
@ -4297,6 +4307,9 @@ ngx_http_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
if (ngx_http_add_listen(cf, cscf, &lsopt) != NGX_OK) {
return NGX_CONF_ERROR;
}
next:
continue;
}
return NGX_CONF_OK;

47
src/mail/ngx_mail_core_module.c
View File

@ -308,7 +308,7 @@ ngx_mail_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
ngx_str_t *value, size;
ngx_url_t u;
ngx_uint_t i, n, m;
ngx_mail_listen_t *ls, *als;
ngx_mail_listen_t *ls, *als, *nls;
ngx_mail_module_t *module;
ngx_mail_core_main_conf_t *cmcf;
@ -333,7 +333,7 @@ ngx_mail_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
cmcf = ngx_mail_conf_get_module_main_conf(cf, ngx_mail_core_module);
ls = ngx_array_push_n(&cmcf->listen, u.naddrs);
ls = ngx_array_push(&cmcf->listen);
if (ls == NULL) {
return NGX_CONF_ERROR;
}
@ -568,20 +568,40 @@ ngx_mail_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
return NGX_CONF_ERROR;
}
als = cmcf->listen.elts;
for (n = 0; n < u.naddrs; n++) {
ls[n] = ls[0];
ls[n].sockaddr = u.addrs[n].sockaddr;
ls[n].socklen = u.addrs[n].socklen;
ls[n].addr_text = u.addrs[n].name;
ls[n].wildcard = ngx_inet_wildcard(ls[n].sockaddr);
for (i = 0; i < n; i++) {
if (ngx_cmp_sockaddr(u.addrs[n].sockaddr, u.addrs[n].socklen,
u.addrs[i].sockaddr, u.addrs[i].socklen, 0)
== NGX_OK)
{
goto next;
}
}
for (i = 0; i < cmcf->listen.nelts - u.naddrs + n; i++) {
if (n != 0) {
nls = ngx_array_push(&cmcf->listen);
if (nls == NULL) {
return NGX_CONF_ERROR;
}
*nls = *ls;
} else {
nls = ls;
}
nls->sockaddr = u.addrs[n].sockaddr;
nls->socklen = u.addrs[n].socklen;
nls->addr_text = u.addrs[n].name;
nls->wildcard = ngx_inet_wildcard(nls->sockaddr);
als = cmcf->listen.elts;
for (i = 0; i < cmcf->listen.nelts - 1; i++) {
if (ngx_cmp_sockaddr(als[i].sockaddr, als[i].socklen,
ls[n].sockaddr, ls[n].socklen, 1)
nls->sockaddr, nls->socklen, 1)
!= NGX_OK)
{
continue;
@ -589,9 +609,12 @@ ngx_mail_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
"duplicate \"%V\" address and port pair",
&ls[n].addr_text);
&nls->addr_text);
return NGX_CONF_ERROR;
}
next:
continue;
}
return NGX_CONF_OK;

49
src/stream/ngx_stream_core_module.c
View File

@ -578,7 +578,7 @@ ngx_stream_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
ngx_str_t *value, size;
ngx_url_t u;
ngx_uint_t i, n, backlog;
ngx_stream_listen_t *ls, *als;
ngx_stream_listen_t *ls, *als, *nls;
ngx_stream_core_main_conf_t *cmcf;
cscf->listen = 1;
@ -602,7 +602,7 @@ ngx_stream_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
cmcf = ngx_stream_conf_get_module_main_conf(cf, ngx_stream_core_module);
ls = ngx_array_push_n(&cmcf->listen, u.naddrs);
ls = ngx_array_push(&cmcf->listen);
if (ls == NULL) {
return NGX_CONF_ERROR;
}
@ -886,23 +886,43 @@ ngx_stream_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
#endif
}
als = cmcf->listen.elts;
for (n = 0; n < u.naddrs; n++) {
ls[n] = ls[0];
ls[n].sockaddr = u.addrs[n].sockaddr;
ls[n].socklen = u.addrs[n].socklen;
ls[n].addr_text = u.addrs[n].name;
ls[n].wildcard = ngx_inet_wildcard(ls[n].sockaddr);
for (i = 0; i < n; i++) {
if (ngx_cmp_sockaddr(u.addrs[n].sockaddr, u.addrs[n].socklen,
u.addrs[i].sockaddr, u.addrs[i].socklen, 0)
== NGX_OK)
{
goto next;
}
}
for (i = 0; i < cmcf->listen.nelts - u.naddrs + n; i++) {
if (ls[n].type != als[i].type) {
if (n != 0) {
nls = ngx_array_push(&cmcf->listen);
if (nls == NULL) {
return NGX_CONF_ERROR;
}
*nls = *ls;
} else {
nls = ls;
}
nls->sockaddr = u.addrs[n].sockaddr;
nls->socklen = u.addrs[n].socklen;
nls->addr_text = u.addrs[n].name;
nls->wildcard = ngx_inet_wildcard(nls->sockaddr);
als = cmcf->listen.elts;
for (i = 0; i < cmcf->listen.nelts - 1; i++) {
if (nls->type != als[i].type) {
continue;
}
if (ngx_cmp_sockaddr(als[i].sockaddr, als[i].socklen,
ls[n].sockaddr, ls[n].socklen, 1)
nls->sockaddr, nls->socklen, 1)
!= NGX_OK)
{
continue;
@ -910,9 +930,12 @@ ngx_stream_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
"duplicate \"%V\" address and port pair",
&ls[n].addr_text);
&nls->addr_text);
return NGX_CONF_ERROR;
}
next:
continue;
}
return NGX_CONF_OK;