From 00a28f6561cfaebeb8dd59c930137fb327088ae5 Mon Sep 17 00:00:00 2001 From: Jonathan Wright Date: Sat, 8 May 2021 18:20:40 +0100 Subject: [PATCH] Improve IPv6 address handling in ocspserve When setting an IPv6 address to listing on via the -address command-line argument for both serve and ocspserve, the latter errors with "listen tcp: address ::1:8889: too many colons in address" unless it is escaped. However, the former uses the net library to process the address and port, which results in the enforced escaping of IPv6 addresses regardless of if the address is already enclosed in square brackets (e.g. [::1]). This changes oscpserve to use the same net library call as serve to provide consistency between the two calls when handling IPv6 addresses. --- cli/ocspserve/ocspserve.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/cli/ocspserve/ocspserve.go b/cli/ocspserve/ocspserve.go index 737a0f08e..3d984ea05 100644 --- a/cli/ocspserve/ocspserve.go +++ b/cli/ocspserve/ocspserve.go @@ -3,8 +3,9 @@ package ocspserve import ( "errors" - "fmt" + "net" "net/http" + "strconv" "github.com/cloudflare/cfssl/cli" "github.com/cloudflare/cfssl/log" @@ -53,7 +54,7 @@ func ocspServerMain(args []string, c cli.Config) error { log.Info("Registering OCSP responder handler") http.Handle(c.Path, ocsp.NewResponder(src, nil)) - addr := fmt.Sprintf("%s:%d", c.Address, c.Port) + addr := net.JoinHostPort(c.Address, strconv.Itoa(c.Port)) log.Info("Now listening on ", addr) return http.ListenAndServe(addr, nil) }