diff options
| author | Hakan Olsson <ho@cvs.openbsd.org> | 2002-12-03 20:05:11 +0000 |
|---|---|---|
| committer | Hakan Olsson <ho@cvs.openbsd.org> | 2002-12-03 20:05:11 +0000 |
| commit | 98c96abcaea0d78f3f5387712e2bda67af058168 (patch) | |
| tree | 0a3d28a9ebdc1b07d2da51d1d7999c0d5ac42514 | |
| parent | 08c8c7ec6504b9635c24c726d30ffcd02e28204e (diff) | |
Add -4/-6 cmdline options to select what address family (IPv4,v6) to use.
niklas@ ok.
| -rw-r--r-- | sbin/isakmpd/isakmpd.8 | 8 | ||||
| -rw-r--r-- | sbin/isakmpd/isakmpd.c | 19 | ||||
| -rw-r--r-- | sbin/isakmpd/udp.c | 75 | ||||
| -rw-r--r-- | sbin/isakmpd/udp.h | 6 |
4 files changed, 77 insertions, 31 deletions
diff --git a/sbin/isakmpd/isakmpd.8 b/sbin/isakmpd/isakmpd.8 index 694d0d90c5b..1eea62f85e6 100644 --- a/sbin/isakmpd/isakmpd.8 +++ b/sbin/isakmpd/isakmpd.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: isakmpd.8,v 1.46 2002/11/27 14:36:20 ho Exp $ +.\" $OpenBSD: isakmpd.8,v 1.47 2002/12/03 20:05:10 ho Exp $ .\" $EOM: isakmpd.8,v 1.23 2000/05/02 00:30:23 niklas Exp $ .\" .\" Copyright (c) 1998, 1999, 2000, 2001 Niklas Hallqvist. @@ -43,6 +43,8 @@ .Nd ISAKMP/Oakley a.k.a. IKE key management daemon .Sh SYNOPSIS .Nm isakmpd +.Op Fl 4 +.Op Fl 6 .Op Fl c Ar config-file .Op Fl d .Op Fl D Ar class=level @@ -90,6 +92,10 @@ One source of information are the RFCs mentioned below. .Pp The options are as follows: .Bl -tag -width Ds +.It Fl 4 | Fl 6 +These options control what address family (AF_INET and/or AF_INET6) +.Nm +will use. Default is to use both IPv4 and IPv6. .It Fl c Ar config-file If given, the .Fl c diff --git a/sbin/isakmpd/isakmpd.c b/sbin/isakmpd/isakmpd.c index e6083bcd023..39c28ea8761 100644 --- a/sbin/isakmpd/isakmpd.c +++ b/sbin/isakmpd/isakmpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: isakmpd.c,v 1.47 2002/11/27 15:29:20 ho Exp $ */ +/* $OpenBSD: isakmpd.c,v 1.48 2002/12/03 20:05:10 ho Exp $ */ /* $EOM: isakmpd.c,v 1.54 2000/10/05 09:28:22 niklas Exp $ */ /* @@ -115,9 +115,10 @@ static void usage (void) { fprintf (stderr, - "usage: %s [-c config-file] [-d] [-D class=level] [-f fifo]\n" - " [-i pid-file] [-n] [-p listen-port] [-P local-port]\n" - " [-L] [-l packetlog-file] [-r seed] [-R report-file]\n", + "usage: %s [-4] [-6] [-c config-file] [-d] [-D class=level]\n" + " [-f fifo] [-i pid-file] [-n] [-p listen-port]\n" + " [-P local-port] [-L] [-l packetlog-file] [-r seed]\n" + " [-R report-file]\n", sysdep_progname ()); exit (1); } @@ -132,8 +133,16 @@ parse_args (int argc, char *argv[]) int do_packetlog = 0; #endif - while ((ch = getopt (argc, argv, "c:dD:f:i:np:P:Ll:r:R:")) != -1) { + while ((ch = getopt (argc, argv, "46c:dD:f:i:np:P:Ll:r:R:")) != -1) { switch (ch) { + case '4': + bind_family |= BIND_FAMILY_INET4; + break; + + case '6': + bind_family |= BIND_FAMILY_INET6; + break; + case 'c': conf_path = optarg; break; diff --git a/sbin/isakmpd/udp.c b/sbin/isakmpd/udp.c index 342881ffd47..c2c9cc25562 100644 --- a/sbin/isakmpd/udp.c +++ b/sbin/isakmpd/udp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: udp.c,v 1.56 2002/09/11 09:50:44 ho Exp $ */ +/* $OpenBSD: udp.c,v 1.57 2002/12/03 20:05:10 ho Exp $ */ /* $EOM: udp.c,v 1.57 2001/01/26 10:09:57 niklas Exp $ */ /* @@ -116,6 +116,7 @@ static LIST_HEAD (udp_listen_list, udp_transport) udp_listen_list; char *udp_default_port = 0; char *udp_bind_port = 0; +int bind_family = 0; static struct transport *default_transport, *default_transport6; /* Find an UDP transport listening on ADDR:PORT. */ @@ -312,6 +313,24 @@ udp_bind_if (char *ifname, struct sockaddr *if_addr, void *arg) return; /* + * Only create sockets for families we should listen to. + */ + if (bind_family) + switch (if_addr->sa_family) + { + case AF_INET: + if ((bind_family & BIND_FAMILY_INET4) == 0) + return; + break; + case AF_INET6: + if ((bind_family & BIND_FAMILY_INET6) == 0) + return; + break; + default: + return; + } + + /* * These special addresses are not useable as they have special meaning * in the IP stack. */ @@ -646,33 +665,41 @@ udp_init (void) * Packet reception on this transport is taken as a hint to reprobe the * interface list. */ - memset (&dflt_stor, 0, sizeof dflt_stor); - dflt->sin_family = AF_INET; - ((struct sockaddr_in *)dflt)->sin_len = sizeof (struct sockaddr_in); - ((struct sockaddr_in *)dflt)->sin_port = htons (lport); - - default_transport = udp_bind ((struct sockaddr *)&dflt_stor); - if (!default_transport) + if (!bind_family || (bind_family & BIND_FAMILY_INET4)) { - log_error ("udp_init: could not allocate default IPv4 ISAKMP UDP port"); - return; - } - LIST_INSERT_HEAD (&udp_listen_list, - (struct udp_transport *)default_transport, link); - - memset (&dflt_stor, 0, sizeof dflt_stor); - dflt->sin_family = AF_INET6; - ((struct sockaddr_in6 *)dflt)->sin6_len = sizeof (struct sockaddr_in6); - ((struct sockaddr_in6 *)dflt)->sin6_port = htons (lport); + memset (&dflt_stor, 0, sizeof dflt_stor); + dflt->sin_family = AF_INET; + ((struct sockaddr_in *)dflt)->sin_len = sizeof (struct sockaddr_in); + ((struct sockaddr_in *)dflt)->sin_port = htons (lport); - default_transport6 = udp_bind ((struct sockaddr *)&dflt_stor); - if (!default_transport6) + default_transport = udp_bind ((struct sockaddr *)&dflt_stor); + if (!default_transport) + { + log_error ("udp_init: could not allocate default " + "IPv4 ISAKMP UDP port"); + return; + } + LIST_INSERT_HEAD (&udp_listen_list, + (struct udp_transport *)default_transport, link); + } + + if (!bind_family || (bind_family & BIND_FAMILY_INET6)) { - log_error ("udp_init: could not allocate default IPv6 ISAKMP UDP port"); - return; + memset (&dflt_stor, 0, sizeof dflt_stor); + dflt->sin_family = AF_INET6; + ((struct sockaddr_in6 *)dflt)->sin6_len = sizeof (struct sockaddr_in6); + ((struct sockaddr_in6 *)dflt)->sin6_port = htons (lport); + + default_transport6 = udp_bind ((struct sockaddr *)&dflt_stor); + if (!default_transport6) + { + log_error ("udp_init: could not allocate default " + "IPv6 ISAKMP UDP port"); + return; + } + LIST_INSERT_HEAD (&udp_listen_list, + (struct udp_transport *)default_transport6, link); } - LIST_INSERT_HEAD (&udp_listen_list, - (struct udp_transport *)default_transport6, link); } /* diff --git a/sbin/isakmpd/udp.h b/sbin/isakmpd/udp.h index 0d479d7399d..faa295c2368 100644 --- a/sbin/isakmpd/udp.h +++ b/sbin/isakmpd/udp.h @@ -1,4 +1,4 @@ -/* $OpenBSD: udp.h,v 1.5 2001/06/29 19:41:43 ho Exp $ */ +/* $OpenBSD: udp.h,v 1.6 2002/12/03 20:05:10 ho Exp $ */ /* $EOM: udp.h,v 1.4 1998/12/22 02:23:43 niklas Exp $ */ /* @@ -39,6 +39,10 @@ extern char *udp_default_port; extern char *udp_bind_port; +extern int bind_family; + +#define BIND_FAMILY_INET4 0x0001 +#define BIND_FAMILY_INET6 0x0002 #if 0 extern in_port_t udp_decode_port (char *); |