third-party-mirrors/sslh
1
0
Fork 0
mirror of https://github.com/yrutschle/sslh.git synced 2025-04-13 07:37:15 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #408 from pcrow/master

Browse Source 
Fix transparent mode in a multi-stage chain
This commit is contained in:
Yves Rutschle 2023-10-07 21:15:58 +02:00 committed by GitHub
commit 92d2326016
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 19 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
common.c
View File

@ -278,7 +278,25 @@ int bind_peer(int fd, int fd_from)
}
#endif /* IP_TRANSPARENT / IP_BINDANY */
res = bind(fd, from.ai_addr, from.ai_addrlen);
CHECK_RES_RETURN(res, "bind", res);
if (res == -1 && errno != EADDRINUSE) {
CHECK_RES_RETURN(res, "bind", res);
}
else if (res == -1 ) {
/*
* If there is more than one transparent mode proxy going on, such as
* using sslh as the target of stunnel also in transparent mode, then
* the (ip,port) combination will already be bound for the previous application.
* In that case, the best we can do is bind with a different port.
* This does mean the local server can't use the ident protocol as the port will
* have changed, but most people won't care.
* Also note that stunnel uses the same logic for the same situation.
*/
struct sockaddr_in *sin;
sin = from.ai_addr;
sin->sin_port = 0; /* auto-pick an unused high port */
res = bind(fd, from.ai_addr, from.ai_addrlen);
CHECK_RES_RETURN(res, "bind", res);
}
return 0;
}