]> git.ipfire.org Git - ipfire-2.x.git/commitdiff
projects / ipfire-2.x.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 373c0c7)
strongswan: Disable IPv6 by default
authorMichael Tremer <michael.tremer@ipfire.org>
Wed, 15 Mar 2017 12:56:05 +0000 (12:56 +0000)
committerMichael Tremer <michael.tremer@ipfire.org>
Wed, 15 Mar 2017 12:56:05 +0000 (12:56 +0000)
IPFire 2 does not have IPv6 connectivity with exception of a
few systems for testing where IPsec connections become a little
bit unstable when trying to connect over IPv6.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
config/rootfiles/core/110/filelists/strongswan [new symlink] patch | blob
lfs/strongswan patch | blob | blame | history
src/patches/strongswan-disable-ipv6.patch [new file with mode: 0644] patch | blob

diff --git a/config/rootfiles/core/110/filelists/strongswan b/config/rootfiles/core/110/filelists/strongswan
new file mode 120000 (symlink)
index 0000000..90c727e
--- /dev/null
+++ b/config/rootfiles/core/110/filelists/strongswan
@@ -0,0 +1 @@
+../../../common/strongswan
\ No newline at end of file
diff --git a/lfs/strongswan b/lfs/strongswan
index 0af9e9dbeea90b1571bce988bcada077f871f977..fffa9af0f2cc96ae663a39b125affe5f7de82b13 100644 (file)
--- a/lfs/strongswan
+++ b/lfs/strongswan
@@ -78,6 +78,7 @@ $(subst %,%_MD5,$(objects)) :
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        @$(PREBUILD)
        @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
+       cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-disable-ipv6.patch
        cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-ipfire.patch
 
        cd $(DIR_APP) && ./configure \
diff --git a/src/patches/strongswan-disable-ipv6.patch b/src/patches/strongswan-disable-ipv6.patch
new file mode 100644 (file)
index 0000000..e459941
--- /dev/null
+++ b/src/patches/strongswan-disable-ipv6.patch
@@ -0,0 +1,24 @@
+diff --git a/conf/plugins/socket-default.opt b/conf/plugins/socket-default.opt
+index 483a0f03d584..6fc7c2db47a7 100644
+--- a/conf/plugins/socket-default.opt
++++ b/conf/plugins/socket-default.opt
+@@ -7,5 +7,5 @@ charon.plugins.socket-default.set_source = yes
+ charon.plugins.socket-default.use_ipv4 = yes
+       Listen on IPv4, if possible.
+-charon.plugins.socket-default.use_ipv6 = yes
++charon.plugins.socket-default.use_ipv6 = no
+       Listen on IPv6, if possible.
+diff --git a/src/libcharon/plugins/socket_default/socket_default_socket.c b/src/libcharon/plugins/socket_default/socket_default_socket.c
+index ba22b0c2bdb6..da6989d81d7a 100644
+--- a/src/libcharon/plugins/socket_default/socket_default_socket.c
++++ b/src/libcharon/plugins/socket_default/socket_default_socket.c
+@@ -748,7 +748,7 @@ static bool use_family(int family)
+                                               "%s.plugins.socket-default.use_ipv4", TRUE, lib->ns);
+               case AF_INET6:
+                       return lib->settings->get_bool(lib->settings,
+-                                              "%s.plugins.socket-default.use_ipv6", TRUE, lib->ns);
++                                              "%s.plugins.socket-default.use_ipv6", FALSE, lib->ns);
+               default:
+                       return FALSE;
+       }
IPFire 2.x development tree