socket-default: Always open IPv4 sockets before IPv6 sockets

Since we now open sockets for each address family independently (via
IPV6_V6ONLY) and without SO_REUSEADDR, it could happen with the previous
order on Linux that opening the port that was allocated as ephemeral
port for IPv6 was already used by a different process for IPv4.

Most IPv6 sockets on ephemeral ports will not have IPV6_V6ONLY set, so
the same port is also reserved for IPv4.  Therefore, it's save to assume
that any ephemeral port we first get for IPv4 is free for IPv6.

References strongswan/strongswan#2494

diff --git a/src/libcharon/plugins/socket_default/socket_default_socket.c b/src/libcharon/plugins/socket_default/socket_default_socket.c
index 5f256849504fd39f1e812be1f3e2e992bad7d1a7..a34bf81a25549d68b832ff40563b7b58fccb844f 100644 (file)
--- a/src/libcharon/plugins/socket_default/socket_default_socket.c
+++ b/src/libcharon/plugins/socket_default/socket_default_socket.c
@@ -900,16 +900,8 @@ socket_default_socket_t *socket_default_socket_create()
                }
        }
 
-       /* we allocate IPv6 sockets first as that will reserve randomly allocated
-        * ports also for IPv4. On OS X, we have to do it the other way round
-        * for the same effect. */
-#ifdef __APPLE__
        open_socketpair(this, AF_INET, &this->ipv4, &this->ipv4_natt, "IPv4");
        open_socketpair(this, AF_INET6, &this->ipv6, &this->ipv6_natt, "IPv6");
-#else /* !__APPLE__ */
-       open_socketpair(this, AF_INET6, &this->ipv6, &this->ipv6_natt, "IPv6");
-       open_socketpair(this, AF_INET, &this->ipv4, &this->ipv4_natt, "IPv4");
-#endif /* __APPLE__ */
 
        if (this->ipv4 == -1 && this->ipv6 == -1)
        {