[stunnel-users] [PATCH] Address already in use (98) when binding to localhost
Christian Kujau
lists at nerdbynature.de
Tue Feb 6 11:00:19 CET 2018
Hi,
I reported the following to the Fedora bugtracker[0], but only then
realized that this happens with the upstream version too. In short:
since stunnel 5.44 I am no longer able to have stunnel bind to
localhost, when "localhost" is literally mentioned in the configuration
file:
$ cat stunnel.test [test]
client = yes
protocol = smtp
accept = localhost:12345
connect = localhost:2025
$ stunnel-5.44 stunnel.test [...]
[ ] Binding service [test]
[ ] Listening file descriptor created (FD=6)
[ ] Option SO_REUSEADDR set on accept socket
[ ] Service [test] (FD=6) bound to 127.0.0.1:12345
[ ] Listening file descriptor created (FD=7)
[ ] Option SO_REUSEADDR set on accept socket
[!] bind: Address already in use (98)
[!] Error binding service [test] to 127.0.0.1:12345
[ ] Unbinding service [test]
[ ] Service [test] closed (FD=6)
[ ] Service [test] closed
When using "127.0.0.1" or "::1" instead of "localhost" in the
configuration file, stunnel-5.44 works. However, then one can only
connect to either the IPv4 _or_ the IPv6 address, depending on what's
configured. With stunnel-5.43 and "accept=localhost:12345" both IPv4 and
IPv6 was available.
I suspect that this is related to the following change log entry for 5.44:
> Default accept address restored to INADDR_ANY.
I have attached a patch to revert that (?) change and also included a
test script that fails on my system when the patch is not applied.
I see "Version 5.45" already mention in the changelog on the website,
but now download yet?
Thanks,
Christian.
[0] https://bugzilla.redhat.com/show_bug.cgi?id=1542361
--
BOFH excuse #424:
operation failed because: there is no message for this error (#1014)
-------------- next part --------------
--- /dev/null 2018-02-05 14:57:29.436074709 -0800
+++ tests/recipes/019_localhost 2018-02-06 00:45:59.964728931 -0800
@@ -0,0 +1,32 @@
+#!/bin/sh
+. $(dirname $0)/../test_library
+
+start() {
+ ../../src/stunnel -fd 0 <<EOT
+ debug = debug
+ syslog = no
+ pid = ${result_path}/stunnel.pid
+ output = ${result_path}/stunnel.log
+
+ [https client]
+ client = yes
+ accept = localhost:${http1}
+ connect = localhost:${https}
+
+ [https server]
+ accept = localhost:${https}
+ connect = localhost:${http2}
+ cert = ${script_path}/certs/stunnel.pem
+EOT
+}
+
+check_ports "019_localhost"
+if grep -q "IPv6" "results.log" && PATH="${PATH}:/sbin:/usr/sbin" ifconfig | grep -q "inet6" && [ -n "$(command -v ncat)" ] # nc does not support IPv6
+ then
+ start 2> "error.log"
+ test_log_for "019_localhost" "success" "$1" 2>> "stderr.log"
+ exit $?
+ else
+ exit_logs "019_localhost" "skipped"
+ exit 125
+ fi
-------------- next part --------------
--- src/options.c.orig 2017-11-14 23:06:12.000000000 -0800
+++ src/options.c 2018-02-06 00:01:58.892498016 -0800
@@ -1151,7 +1151,7 @@ NOEXPORT char *parse_service_option(CMD
/* accept */
switch(cmd) {
case CMD_BEGIN:
- addrlist_clear(§ion->local_addr, 1);
+ addrlist_clear(§ion->local_addr, 0);
break;
case CMD_EXEC:
if(strcasecmp(opt, "accept"))
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20180206/902e9a2e/attachment.sig>
More information about the stunnel-users
mailing list