Fixes crash introduced by 0ab6dbbc65. It's
probably a regression since it defeats a system designed to stop this
from happening, but I didn't dig through the history.
rehash() closes listeners. If we happen to get a single epoll() result
that wants to first rehash and then accept a connection, the epoll info
will point to a freed rb_fde_t. Other selectors should have similar
problems, but we didn't investigate that.
rb_fde_ts are normally batched up and freed outside the event
processing, but as of the above commit close_listeners() screws that up
by closing pending FDs immediately in order to create new listeners.
I think it might be a bit better to revert this behaviour and simply not
close listeners if we are going to open new ones over them, but have
opted for the smallest reasonable change I can think of.
Helped-by: Eric Mertens <emertens@gmail.com>
This only supports two addresses as the intended use is 1 IPv4 and 1 IPv6
address on a single-homed host, and the only supported configuration of
outgoing connections to other servers is to bind a single IPv4 or IPv6
address.
These operate on the SubjectPublicKeyInfo of the certificate, which does
change unless the private key is changed. This allows the fingerprint to
stay constant even if the certificate is reissued.
(The same fingerprint is also used by DANE)
