diff options
author | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2008-07-01 14:31:38 +0000 |
---|---|---|
committer | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2008-07-01 14:31:38 +0000 |
commit | 9c78cb2146f35e6ffd5b0e0a09831b3f586c8f15 (patch) | |
tree | 574825d1578b0c5a9c96e131f520f1ea7c9c1b74 /sbin | |
parent | 72033ed7feeaabc7fd5e2c6fed9ac62a26c7f333 (diff) |
If a rules contains a hostname instead of an address, use the list
of all possible addresses from DNS and not only the first one. So
during expansion, the right address family can be chosen and
regression test ike56 passes again. There localhost resolves to
127.0.0.1 and ::1.
ok hshoexer
Diffstat (limited to 'sbin')
-rw-r--r-- | sbin/ipsecctl/parse.y | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/sbin/ipsecctl/parse.y b/sbin/ipsecctl/parse.y index a53667f07bd..9bf95d429a4 100644 --- a/sbin/ipsecctl/parse.y +++ b/sbin/ipsecctl/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.137 2008/07/01 14:08:39 bluhm Exp $ */ +/* $OpenBSD: parse.y,v 1.138 2008/07/01 14:31:37 bluhm Exp $ */ /* * Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -1583,7 +1583,7 @@ host_v4(const char *s, int mask) struct ipsec_addr_wrap * host_dns(const char *s, int mask) { - struct ipsec_addr_wrap *ipa = NULL; + struct ipsec_addr_wrap *ipa = NULL, *head = NULL; struct addrinfo hints, *res0, *res; int error; char hbuf[NI_MAXHOST]; @@ -1629,6 +1629,12 @@ host_dns(const char *s, int mask) ipa->af = res->ai_family; ipa->next = NULL; ipa->tail = ipa; + if (head == NULL) + head = ipa; + else { + head->tail->next = ipa; + head->tail = ipa; + } /* * XXX for now, no netmask support for IPv6. @@ -1642,11 +1648,10 @@ host_dns(const char *s, int mask) if (mask != -1) err(1, "host_dns: cannot apply netmask " "on non-IPv4 address"); - break; } freeaddrinfo(res0); - return (ipa); + return (head); } struct ipsec_addr_wrap * |