Only accept IPv6 in server IPv6 socket

Set IPV6_V6ONLY flag on server socket. Not all operating systems
support mixing v4/v6 in one socket, so separate them all the time.
This commit is contained in:
Erik Ekman 2015-06-30 21:56:11 +02:00
parent 4d03ee7786
commit fc1611fc40
3 changed files with 14 additions and 1 deletions

View file

@ -172,6 +172,12 @@ get_addr(char *host, int port, int addr_family, int flags, struct sockaddr_stora
int
open_dns(struct sockaddr_storage *sockaddr, size_t sockaddr_len)
{
return open_dns_opt(sockaddr, sockaddr_len, -1);
}
int
open_dns_opt(struct sockaddr_storage *sockaddr, size_t sockaddr_len, int v6only)
{
int flag;
int fd;
@ -190,6 +196,10 @@ open_dns(struct sockaddr_storage *sockaddr, size_t sockaddr_len)
fd_set_close_on_exec(fd);
#endif
if (sockaddr->ss_family == AF_INET6 && v6only >= 0) {
setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, (const void*) &v6only, sizeof(v6only));
}
#ifdef IP_OPT_DONT_FRAG
/* Set dont-fragment ip header flag */
flag = DONT_FRAG_VALUE;

View file

@ -106,6 +106,7 @@ void check_superuser(void (*usage_fn)(void));
char *format_addr(struct sockaddr_storage *sockaddr, int sockaddr_len);
int get_addr(char *, int, int, int, struct sockaddr_storage *);
int open_dns(struct sockaddr_storage *, size_t);
int open_dns_opt(struct sockaddr_storage *sockaddr, size_t sockaddr_len, int v6only);
int open_dns_from_host(char *host, int port, int addr_family, int flags);
void close_dns(int);

View file

@ -2687,7 +2687,9 @@ main(int argc, char **argv)
goto cleanup;
}
if ((addrfamily == AF_UNSPEC || addrfamily == AF_INET6) &&
(dns_fds.v6fd = open_dns(&dns6addr, dns6addr_len)) < 0) {
/* Set IPv6 socket to V6ONLY */
(dns_fds.v6fd = open_dns_opt(&dns6addr, dns6addr_len, 1)) < 0) {
retval = 1;
goto cleanup;
}