From 98c96abcaea0d78f3f5387712e2bda67af058168 Mon Sep 17 00:00:00 2001
From: Hakan Olsson <ho@cvs.openbsd.org>
Date: Tue, 3 Dec 2002 20:05:11 +0000
Subject: Add -4/-6 cmdline options to select what address family (IPv4,v6) to
 use. niklas@ ok.

---
 sbin/isakmpd/isakmpd.8 |  8 +++++-
 sbin/isakmpd/isakmpd.c | 19 +++++++++----
 sbin/isakmpd/udp.c     | 75 ++++++++++++++++++++++++++++++++++----------------
 sbin/isakmpd/udp.h     |  6 +++-
 4 files changed, 77 insertions(+), 31 deletions(-)

diff --git a/sbin/isakmpd/isakmpd.8 b/sbin/isakmpd/isakmpd.8
index 694d0d90c5b..1eea62f85e6 100644
--- a/sbin/isakmpd/isakmpd.8
+++ b/sbin/isakmpd/isakmpd.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: isakmpd.8,v 1.46 2002/11/27 14:36:20 ho Exp $
+.\" $OpenBSD: isakmpd.8,v 1.47 2002/12/03 20:05:10 ho Exp $
 .\" $EOM: isakmpd.8,v 1.23 2000/05/02 00:30:23 niklas Exp $
 .\"
 .\" Copyright (c) 1998, 1999, 2000, 2001 Niklas Hallqvist.
@@ -43,6 +43,8 @@
 .Nd ISAKMP/Oakley a.k.a. IKE key management daemon
 .Sh SYNOPSIS
 .Nm isakmpd
+.Op Fl 4
+.Op Fl 6
 .Op Fl c Ar config-file
 .Op Fl d
 .Op Fl D Ar class=level
@@ -90,6 +92,10 @@ One source of information are the RFCs mentioned below.
 .Pp
 The options are as follows:
 .Bl -tag -width Ds
+.It Fl 4 | Fl 6
+These options control what address family (AF_INET and/or AF_INET6)
+.Nm
+will use. Default is to use both IPv4 and IPv6.
 .It Fl c Ar config-file
 If given, the
 .Fl c
diff --git a/sbin/isakmpd/isakmpd.c b/sbin/isakmpd/isakmpd.c
index e6083bcd023..39c28ea8761 100644
--- a/sbin/isakmpd/isakmpd.c
+++ b/sbin/isakmpd/isakmpd.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: isakmpd.c,v 1.47 2002/11/27 15:29:20 ho Exp $	*/
+/*	$OpenBSD: isakmpd.c,v 1.48 2002/12/03 20:05:10 ho Exp $	*/
 /*	$EOM: isakmpd.c,v 1.54 2000/10/05 09:28:22 niklas Exp $	*/
 
 /*
@@ -115,9 +115,10 @@ static void
 usage (void)
 {
   fprintf (stderr,
-	   "usage: %s [-c config-file] [-d] [-D class=level] [-f fifo]\n"
-	   "          [-i pid-file] [-n] [-p listen-port] [-P local-port]\n"
-	   "          [-L] [-l packetlog-file] [-r seed] [-R report-file]\n",
+	   "usage: %s [-4] [-6] [-c config-file] [-d] [-D class=level]\n"
+	   "          [-f fifo] [-i pid-file] [-n] [-p listen-port]\n"
+	   "          [-P local-port] [-L] [-l packetlog-file] [-r seed]\n"
+	   "          [-R report-file]\n",
 	   sysdep_progname ());
   exit (1);
 }
@@ -132,8 +133,16 @@ parse_args (int argc, char *argv[])
   int do_packetlog = 0;
 #endif
 
-  while ((ch = getopt (argc, argv, "c:dD:f:i:np:P:Ll:r:R:")) != -1) {
+  while ((ch = getopt (argc, argv, "46c:dD:f:i:np:P:Ll:r:R:")) != -1) {
     switch (ch) {
+    case '4':
+      bind_family |= BIND_FAMILY_INET4;
+      break;
+
+    case '6':
+      bind_family |= BIND_FAMILY_INET6;
+      break;
+
     case 'c':
       conf_path = optarg;
       break;
diff --git a/sbin/isakmpd/udp.c b/sbin/isakmpd/udp.c
index 342881ffd47..c2c9cc25562 100644
--- a/sbin/isakmpd/udp.c
+++ b/sbin/isakmpd/udp.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: udp.c,v 1.56 2002/09/11 09:50:44 ho Exp $	*/
+/*	$OpenBSD: udp.c,v 1.57 2002/12/03 20:05:10 ho Exp $	*/
 /*	$EOM: udp.c,v 1.57 2001/01/26 10:09:57 niklas Exp $	*/
 
 /*
@@ -116,6 +116,7 @@ static LIST_HEAD (udp_listen_list, udp_transport) udp_listen_list;
 
 char *udp_default_port = 0;
 char *udp_bind_port = 0;
+int bind_family = 0;
 static struct transport *default_transport, *default_transport6;
 
 /* Find an UDP transport listening on ADDR:PORT.  */
@@ -311,6 +312,24 @@ udp_bind_if (char *ifname, struct sockaddr *if_addr, void *arg)
 	  || sysdep_sa_len (if_addr) != sizeof (struct sockaddr_in6)))
     return;
 
+  /*
+   * Only create sockets for families we should listen to.
+   */
+  if (bind_family)
+    switch (if_addr->sa_family)
+      {
+      case AF_INET:
+	if ((bind_family & BIND_FAMILY_INET4) == 0)
+	  return;
+	break;
+      case AF_INET6:
+	if ((bind_family & BIND_FAMILY_INET6) == 0)
+	  return;
+	break;
+      default:
+	return;
+      }
+
   /*
    * These special addresses are not useable as they have special meaning
    * in the IP stack.
@@ -646,33 +665,41 @@ udp_init (void)
    * Packet reception on this transport is taken as a hint to reprobe the
    * interface list.
    */
-  memset (&dflt_stor, 0, sizeof dflt_stor);
-  dflt->sin_family = AF_INET;
-  ((struct sockaddr_in *)dflt)->sin_len = sizeof (struct sockaddr_in);
-  ((struct sockaddr_in *)dflt)->sin_port = htons (lport);
-
-  default_transport = udp_bind ((struct sockaddr *)&dflt_stor);
-  if (!default_transport)
+  if (!bind_family || (bind_family & BIND_FAMILY_INET4))
     {
-      log_error ("udp_init: could not allocate default IPv4 ISAKMP UDP port");
-      return;
-    }
-  LIST_INSERT_HEAD (&udp_listen_list,
-		    (struct udp_transport *)default_transport, link);
-
-  memset (&dflt_stor, 0, sizeof dflt_stor);
-  dflt->sin_family = AF_INET6;
-  ((struct sockaddr_in6 *)dflt)->sin6_len = sizeof (struct sockaddr_in6);
-  ((struct sockaddr_in6 *)dflt)->sin6_port = htons (lport);
+      memset (&dflt_stor, 0, sizeof dflt_stor);
+      dflt->sin_family = AF_INET;
+      ((struct sockaddr_in *)dflt)->sin_len = sizeof (struct sockaddr_in);
+      ((struct sockaddr_in *)dflt)->sin_port = htons (lport);
 
-  default_transport6 = udp_bind ((struct sockaddr *)&dflt_stor);
-  if (!default_transport6)
+      default_transport = udp_bind ((struct sockaddr *)&dflt_stor);
+      if (!default_transport)
+	{
+	  log_error ("udp_init: could not allocate default "
+		     "IPv4 ISAKMP UDP port");
+	  return;
+	}
+      LIST_INSERT_HEAD (&udp_listen_list,
+			(struct udp_transport *)default_transport, link);
+    }
+  
+  if (!bind_family || (bind_family & BIND_FAMILY_INET6))
     {
-      log_error ("udp_init: could not allocate default IPv6 ISAKMP UDP port");
-      return;
+      memset (&dflt_stor, 0, sizeof dflt_stor);
+      dflt->sin_family = AF_INET6;
+      ((struct sockaddr_in6 *)dflt)->sin6_len = sizeof (struct sockaddr_in6);
+      ((struct sockaddr_in6 *)dflt)->sin6_port = htons (lport);
+
+      default_transport6 = udp_bind ((struct sockaddr *)&dflt_stor);
+      if (!default_transport6)
+	{
+	  log_error ("udp_init: could not allocate default "
+		     "IPv6 ISAKMP UDP port");
+	  return;
+	}
+      LIST_INSERT_HEAD (&udp_listen_list,
+			(struct udp_transport *)default_transport6, link);
     }
-  LIST_INSERT_HEAD (&udp_listen_list,
-		    (struct udp_transport *)default_transport6, link);
 }
 
 /*
diff --git a/sbin/isakmpd/udp.h b/sbin/isakmpd/udp.h
index 0d479d7399d..faa295c2368 100644
--- a/sbin/isakmpd/udp.h
+++ b/sbin/isakmpd/udp.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: udp.h,v 1.5 2001/06/29 19:41:43 ho Exp $	*/
+/*	$OpenBSD: udp.h,v 1.6 2002/12/03 20:05:10 ho Exp $	*/
 /*	$EOM: udp.h,v 1.4 1998/12/22 02:23:43 niklas Exp $	*/
 
 /*
@@ -39,6 +39,10 @@
 
 extern char *udp_default_port;
 extern char *udp_bind_port;
+extern int bind_family;
+
+#define BIND_FAMILY_INET4	0x0001
+#define BIND_FAMILY_INET6	0x0002
 
 #if 0
 extern in_port_t udp_decode_port (char *);
-- 
cgit v1.2.3