| Date: Thu, 30 Aug 2018 21:18:01 +0200
Forbid inet connections to inet6 socket when ipv6 is requested
Signed-off-by: Christoph Lohmann <20h@r-36.net>
Diffstat:
M main.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
--- |
| @@ -300,7 +300,10 @@ getlistenfd(struct addrinfo *hints, char *bindip, char *port)
char addstr[INET6_ADDRSTRLEN];
struct addrinfo *ai, *rp;
void *sinaddr;
- int on, listfd, aierr;
+ int on, reqaf, listfd, aierr;
+
+ if ((reqaf = hints->ai_family) == AF_UNSPEC)
+ hints->ai_family = AF_INET6;
if ((aierr = getaddrinfo(bindip, port, hints, &ai)) || ai == NULL) {
fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(aierr));
@@ -321,6 +324,14 @@ getlistenfd(struct addrinfo *hints, char *bindip, char *port)
break;
}
+ if (reqaf == AF_INET6 &&
+ (setsockopt(listfd, IPPROTO_IPV6, IPV6_V6ONLY, &on,
+ sizeof(on)) < 0)) {
+ close(listfd);
+ listfd = -1;
+ break;
+ }
+
sinaddr = (rp->ai_family == AF_INET) ?
(void *)&((struct sockaddr_in *)rp->ai_addr)->sin_addr :
(void *)&((struct sockaddr_in6 *)rp->ai_addr)->sin6_addr;
@@ -377,7 +388,7 @@ main(int argc, char *argv[])
bindip = NULL;
ohost = NULL;
sport = NULL;
- inetf = AF_INET6;
+ inetf = AF_UNSPEC;
usechroot = 0;
nocgi = 0;
|