socket-default: Add options to disable address families

author Tobias Brunner <tobias@strongswan.org>

Wed, 3 Jul 2013 15:57:24 +0000 (17:57 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Fri, 5 Jul 2013 07:48:27 +0000 (09:48 +0200)
author Tobias Brunner <tobias@strongswan.org>
Wed, 3 Jul 2013 15:57:24 +0000 (17:57 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Fri, 5 Jul 2013 07:48:27 +0000 (09:48 +0200)
diff --git a/man/strongswan.conf.5.in b/man/strongswan.conf.5.in

index fd8e2f21680a9daa2011e9aa30baa41389064052..f86e9ea1058bbb24937b79bea4d3fcb3fd9a257f 100644 (file)
--- a/man/strongswan.conf.5.in
+++ b/man/strongswan.conf.5.in
@@ -632,6 +632,12 @@ have a high priority according to the order defined in interface-order(5).
  .BR charon.plugins.socket-default.set_source " [yes]"
  Set source address on outbound packets, if possible.
  .TP
+.BR charon.plugins.socket-default.use_ipv4 " [yes]"
+Listen on IPv4, if possible.
+.TP
+.BR charon.plugins.socket-default.use_ipv6 " [yes]"
+Listen on IPv6, if possible.
+.TP
  .BR charon.plugins.sql.database
  Database URI for charons SQL plugin
  .TP
diff --git a/src/libcharon/plugins/socket_default/socket_default_socket.c b/src/libcharon/plugins/socket_default/socket_default_socket.c

index c1ed22ecba565d3710a2714e358e04c807a38332..54380eda0026e6c8a8211f010eeb4a3e8a894614 100644 (file)
--- a/src/libcharon/plugins/socket_default/socket_default_socket.c
+++ b/src/libcharon/plugins/socket_default/socket_default_socket.c
@@ -630,12 +630,37 @@ static int open_socket(private_socket_default_socket_t *this,
         return skt;
  }
  
+/**
+ * Check if we should use the given family
+ */
+static bool use_family(int family)
+{
+       switch (family)
+       {
+               case AF_INET:
+                       return lib->settings->get_bool(lib->settings,
+                                       "%s.plugins.socket-default.use_ipv4", TRUE, charon->name);
+               case AF_INET6:
+                       return lib->settings->get_bool(lib->settings,
+                                       "%s.plugins.socket-default.use_ipv6", TRUE, charon->name);
+               default:
+                       return FALSE;
+       }
+}
+
  /**
   * Open a socket pair (normal and NAT traversal) for a given address family
   */
  static void open_socketpair(private_socket_default_socket_t *this, int family,
                                                         int *skt, int *skt_natt, char *label)
  {
+       if (!use_family(family))
+       {
+               *skt = -1;
+               *skt_natt = -1;
+               return;
+       }
+
         *skt = open_socket(this, family, &this->port);
         if (*skt == -1)
         {
author	Tobias Brunner <tobias@strongswan.org>
	Wed, 3 Jul 2013 15:57:24 +0000 (17:57 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Fri, 5 Jul 2013 07:48:27 +0000 (09:48 +0200)
man/strongswan.conf.5.in		patch \| blob \| blame \| history
src/libcharon/plugins/socket_default/socket_default_socket.c		patch \| blob \| blame \| history