mirror of
https://github.com/yarrick/iodine.git
synced 2024-11-22 06:41:26 +00:00
Only accept IPv6 in server IPv6 socket
Set IPV6_V6ONLY flag on server socket. Not all operating systems support mixing v4/v6 in one socket, so separate them all the time.
This commit is contained in:
parent
4d03ee7786
commit
fc1611fc40
10
src/common.c
10
src/common.c
|
@ -172,6 +172,12 @@ get_addr(char *host, int port, int addr_family, int flags, struct sockaddr_stora
|
||||||
|
|
||||||
int
|
int
|
||||||
open_dns(struct sockaddr_storage *sockaddr, size_t sockaddr_len)
|
open_dns(struct sockaddr_storage *sockaddr, size_t sockaddr_len)
|
||||||
|
{
|
||||||
|
return open_dns_opt(sockaddr, sockaddr_len, -1);
|
||||||
|
}
|
||||||
|
|
||||||
|
int
|
||||||
|
open_dns_opt(struct sockaddr_storage *sockaddr, size_t sockaddr_len, int v6only)
|
||||||
{
|
{
|
||||||
int flag;
|
int flag;
|
||||||
int fd;
|
int fd;
|
||||||
|
@ -190,6 +196,10 @@ open_dns(struct sockaddr_storage *sockaddr, size_t sockaddr_len)
|
||||||
fd_set_close_on_exec(fd);
|
fd_set_close_on_exec(fd);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
if (sockaddr->ss_family == AF_INET6 && v6only >= 0) {
|
||||||
|
setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, (const void*) &v6only, sizeof(v6only));
|
||||||
|
}
|
||||||
|
|
||||||
#ifdef IP_OPT_DONT_FRAG
|
#ifdef IP_OPT_DONT_FRAG
|
||||||
/* Set dont-fragment ip header flag */
|
/* Set dont-fragment ip header flag */
|
||||||
flag = DONT_FRAG_VALUE;
|
flag = DONT_FRAG_VALUE;
|
||||||
|
|
|
@ -106,6 +106,7 @@ void check_superuser(void (*usage_fn)(void));
|
||||||
char *format_addr(struct sockaddr_storage *sockaddr, int sockaddr_len);
|
char *format_addr(struct sockaddr_storage *sockaddr, int sockaddr_len);
|
||||||
int get_addr(char *, int, int, int, struct sockaddr_storage *);
|
int get_addr(char *, int, int, int, struct sockaddr_storage *);
|
||||||
int open_dns(struct sockaddr_storage *, size_t);
|
int open_dns(struct sockaddr_storage *, size_t);
|
||||||
|
int open_dns_opt(struct sockaddr_storage *sockaddr, size_t sockaddr_len, int v6only);
|
||||||
int open_dns_from_host(char *host, int port, int addr_family, int flags);
|
int open_dns_from_host(char *host, int port, int addr_family, int flags);
|
||||||
void close_dns(int);
|
void close_dns(int);
|
||||||
|
|
||||||
|
|
|
@ -2687,7 +2687,9 @@ main(int argc, char **argv)
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
if ((addrfamily == AF_UNSPEC || addrfamily == AF_INET6) &&
|
if ((addrfamily == AF_UNSPEC || addrfamily == AF_INET6) &&
|
||||||
(dns_fds.v6fd = open_dns(&dns6addr, dns6addr_len)) < 0) {
|
/* Set IPv6 socket to V6ONLY */
|
||||||
|
(dns_fds.v6fd = open_dns_opt(&dns6addr, dns6addr_len, 1)) < 0) {
|
||||||
|
|
||||||
retval = 1;
|
retval = 1;
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue