Add support for separate v4 and v6 source, without testing

dtls.c

@@ -68,7 +68,7 @@ static const struct protodefs protodefs = {
 
 static int client4_sock = -1;
 static int client6_sock = -1;
-static struct addrinfo *srcres = NULL;
+static struct addrinfo *srcres4, *srcres6 = NULL;
 static uint8_t handle;
 static struct commonprotoopts *protoopts = NULL;
 
@@ -98,10 +98,20 @@ struct dtlsservernewparams {
 };
 
 void dtlssetsrcres() {
-    if (!srcres)
-	srcres =
-            resolvepassiveaddrinfo(protoopts ? protoopts->sourcearg : NULL,
-                                   AF_UNSPEC, NULL, protodefs.socktype);
+	if (!srcres4)
+		srcres4 = resolvepassiveaddrinfo(
+			protoopts ? protoopts->sourcearg4 : NULL,
+			AF_INET,
+			NULL,
+			protodefs.socktype
+		);
+	if (!srcres6)
+		srcres6 = resolvepassiveaddrinfo(
+			protoopts ? protoopts->sourcearg6 : NULL,
+			AF_INET6,
+			NULL,
+			protodefs.socktype
+		);
 }
 
 int udp2bio(int s, struct gqueue *q, int cnt) {
@@ -677,7 +687,7 @@ void addserverextradtls(struct clsrvconf *conf) {
     switch (((struct hostportres *)list_first(conf->hostports)->data)->addrinfo->ai_family) {
     case AF_INET:
 	if (client4_sock < 0) {
-	    client4_sock = bindtoaddr(srcres, AF_INET, 0, 1);
+	    client4_sock = bindtoaddr(srcres4, AF_INET, 0, 1);
 	    if (client4_sock < 0)
 		debugx(1, DBG_ERR, "addserver: failed to create client socket for server %s", conf->name);
 	}
@@ -685,7 +695,7 @@ void addserverextradtls(struct clsrvconf *conf) {
 	break;
     case AF_INET6:
 	if (client6_sock < 0) {
-	    client6_sock = bindtoaddr(srcres, AF_INET6, 0, 1);
+	    client6_sock = bindtoaddr(srcres6, AF_INET6, 0, 1);
 	    if (client6_sock < 0)
 		debugx(1, DBG_ERR, "addserver: failed to create client socket for server %s", conf->name);
 	}
@@ -697,19 +707,23 @@ void addserverextradtls(struct clsrvconf *conf) {
 }
 
 void initextradtls() {
-    pthread_t cl4th, cl6th;
+	pthread_t cl4th, cl6th;
 
-    if (srcres) {
-	freeaddrinfo(srcres);
-	srcres = NULL;
-    }
+	if (srcres4) {
+		freeaddrinfo(srcres4);
+		srcres4 = NULL;
+	}
+	if (srcres6) {
+		freeaddrinfo(srcres6);
+		srcres6 = NULL;
+	}
 
-    if (client4_sock >= 0)
-	if (pthread_create(&cl4th, &pthread_attr, udpdtlsclientrd, (void *)&client4_sock))
-	    debugx(1, DBG_ERR, "pthread_create failed");
-    if (client6_sock >= 0)
-	if (pthread_create(&cl6th, &pthread_attr, udpdtlsclientrd, (void *)&client6_sock))
-	    debugx(1, DBG_ERR, "pthread_create failed");
+	if (client4_sock >= 0)
+		if (pthread_create(&cl4th, &pthread_attr, udpdtlsclientrd, (void *)&client4_sock))
+			debugx(1, DBG_ERR, "pthread_create failed");
+	if (client6_sock >= 0)
+		if (pthread_create(&cl6th, &pthread_attr, udpdtlsclientrd, (void *)&client6_sock))
+			debugx(1, DBG_ERR, "pthread_create failed");
 }
 #else
 const struct protodefs *dtlsinit(uint8_t h) {

hostport.c

@@ -293,21 +293,26 @@ int addressmatches(struct list *hostports, struct sockaddr *addr, uint8_t checkp
     return 0;
 }
 
-int connecttcphostlist(struct list *hostports,  struct addrinfo *src) {
-    int s;
-    struct list_node *entry;
-    struct hostportres *hp = NULL;
+int connecttcphostlist(struct list *hostports, struct addrinfo *src4, struct addrinfo *src6) {
+	int s;
+	struct list_node *entry;
+	struct hostportres *hp = NULL;
 
-    for (entry = list_first(hostports); entry; entry = list_next(entry)) {
-	hp = (struct hostportres *)entry->data;
-	debug(DBG_WARN, "connecttcphostlist: trying to open TCP connection to %s port %s", hp->host, hp->port);
-	if ((s = connecttcp(hp->addrinfo, src, list_count(hostports) > 1 ? 5 : 30)) >= 0) {
-	    debug(DBG_WARN, "connecttcphostlist: TCP connection to %s port %s up", hp->host, hp->port);
-	    return s;
+	for (entry = list_first(hostports); entry; entry = list_next(entry)) {
+		hp = (struct hostportres *)entry->data;
+		debug(DBG_WARN, "connecttcphostlist: trying to open TCP connection to %s port %s", hp->host, hp->port);
+		s = connecttcp(
+			hp->addrinfo,
+			hp->addrinfo->ai_family == AF_INET6 ? src6 : src4,
+			list_count(hostports) > 1 ? 5 : 30
+		);
+		if (s >= 0) {
+			debug(DBG_WARN, "connecttcphostlist: TCP connection to %s port %s up", hp->host, hp->port);
+			return s;
+		}
 	}
-    }
-    debug(DBG_ERR, "connecttcphostlist: failed");
-    return -1;
+	debug(DBG_ERR, "connecttcphostlist: failed");
+	return -1;
 }
 
 /* Local Variables: */

hostport.h

@@ -21,7 +21,7 @@ int resolvehostport(struct hostportres *hp, int af, int socktype, uint8_t passiv
 int resolvehostports(struct list *hostports, int af, int socktype);
 struct addrinfo *resolvepassiveaddrinfo(char *hostport, int af, char *default_port, int socktype);
 int addressmatches(struct list *hostports, struct sockaddr *addr, uint8_t checkport);
-int connecttcphostlist(struct list *hostports,  struct addrinfo *src);
+int connecttcphostlist(struct list *hostports, struct addrinfo *src4, struct addrinfo *src6);
 
 /* Local Variables: */
 /* c-file-style: "stroustrup" */

radsecproxy.c

@@ -3186,7 +3186,7 @@ int confrewrite_cb(struct gconffile **cf, void *arg, char *block, char *opt, cha
     return 1;
 }
 
-int setprotoopts(uint8_t type, char **listenargs, char *sourcearg) {
+int setprotoopts(uint8_t type, char **listenargs, char *sourcearg4, char *sourcearg6) {
     struct commonprotoopts *protoopts;
 
     protoopts = malloc(sizeof(struct commonprotoopts));
@@ -3194,7 +3194,8 @@ int setprotoopts(uint8_t type, char **listenargs, char *sourcearg) {
 	return 0;
     memset(protoopts, 0, sizeof(struct commonprotoopts));
     protoopts->listenargs = listenargs;
-    protoopts->sourcearg = sourcearg;
+    protoopts->sourcearg4 = sourcearg4;
+    protoopts->sourcearg6 = sourcearg6;
     protodefs[type]->setprotoopts(protoopts);
     return 1;
 }
@@ -3203,7 +3204,7 @@ void getmainconfig(const char *configfile) {
     long int addttl = LONG_MIN, loglevel = LONG_MIN;
     struct gconffile *cfs;
     char **listenargs[RAD_PROTOCOUNT];
-    char *sourcearg[RAD_PROTOCOUNT];
+    char *sourcearg4[RAD_PROTOCOUNT], *sourcearg6[RAD_PROTOCOUNT];
 #if defined(WANT_FTICKS)
     uint8_t *fticks_reporting_str = NULL;
     uint8_t *fticks_mac_str = NULL;
@@ -3214,7 +3215,8 @@ void getmainconfig(const char *configfile) {
     cfs = openconfigfile(configfile);
     memset(&options, 0, sizeof(options));
     memset(&listenargs, 0, sizeof(listenargs));
-    memset(&sourcearg, 0, sizeof(sourcearg));
+    memset(&sourcearg4, 0, sizeof(sourcearg4));
+    memset(&sourcearg6, 0, sizeof(sourcearg6));
 
     clconfs = list_create();
     if (!clconfs)
@@ -3235,20 +3237,24 @@ void getmainconfig(const char *configfile) {
     if (!getgenericconfig(
 	    &cfs, NULL,
 #ifdef RADPROT_UDP
-	    "ListenUDP", CONF_MSTR, &listenargs[RAD_UDP],
-	    "SourceUDP", CONF_STR, &sourcearg[RAD_UDP],
+		"ListenUDP", CONF_MSTR, &listenargs[RAD_UDP],
+		"SourceUDP", CONF_STR, &sourcearg4[RAD_UDP],
+		"SourceUDP6", CONF_STR, &sourcearg6[RAD_UDP],
 #endif
 #ifdef RADPROT_TCP
-	    "ListenTCP", CONF_MSTR, &listenargs[RAD_TCP],
-	    "SourceTCP", CONF_STR, &sourcearg[RAD_TCP],
+		"ListenTCP", CONF_MSTR, &listenargs[RAD_TCP],
+		"SourceTCP", CONF_STR, &sourcearg4[RAD_TCP],
+		"SourceTCP6", CONF_STR, &sourcearg6[RAD_TCP],
 #endif
 #ifdef RADPROT_TLS
 	    "ListenTLS", CONF_MSTR, &listenargs[RAD_TLS],
-	    "SourceTLS", CONF_STR, &sourcearg[RAD_TLS],
+	    "SourceTLS", CONF_STR, &sourcearg4[RAD_TLS],
+	    "SourceTLS6", CONF_STR, &sourcearg6[RAD_TLS],
 #endif
 #ifdef RADPROT_DTLS
 	    "ListenDTLS", CONF_MSTR, &listenargs[RAD_DTLS],
-	    "SourceDTLS", CONF_STR, &sourcearg[RAD_DTLS],
+	    "SourceDTLS", CONF_STR, &sourcearg4[RAD_DTLS],
+	    "SourceDTLS6", CONF_STR, &sourcearg6[RAD_DTLS],
 #endif
             "PidFile", CONF_STR, &options.pidfile,
 	    "TTLAttribute", CONF_STR, &options.ttlattr,
@@ -3294,8 +3300,8 @@ void getmainconfig(const char *configfile) {
 #endif
 
     for (i = 0; i < RAD_PROTOCOUNT; i++)
-	if (listenargs[i] || sourcearg[i])
-	    setprotoopts(i, listenargs[i], sourcearg[i]);
+	if (listenargs[i] || sourcearg4[i] || sourcearg6[i])
+	    setprotoopts(i, listenargs[i], sourcearg4[i], sourcearg6[i]);
 }
 
 void getargs(int argc, char **argv, uint8_t *foreground, uint8_t *pretend, uint8_t *loglevel, char **configfile, char **pidfile) {

radsecproxy.h

@@ -72,7 +72,8 @@ struct options {
 
 struct commonprotoopts {
     char **listenargs;
-    char *sourcearg;
+    char *sourcearg4;
+    char *sourcearg6;
 };
 
 struct request {

tcp.c

@@ -60,7 +60,7 @@ static const struct protodefs protodefs = {
     NULL /* initextra */
 };
 
-static struct addrinfo *srcres = NULL;
+static struct addrinfo *srcres4, *srcres6 = NULL;
 static uint8_t handle;
 static struct commonprotoopts *protoopts = NULL;
 const struct protodefs *tcpinit(uint8_t h) {
@@ -77,10 +77,20 @@ static char **getlistenerargs() {
 }
 
 void tcpsetsrcres() {
-    if (!srcres)
-	srcres =
-            resolvepassiveaddrinfo(protoopts ? protoopts->sourcearg : NULL,
-                                   AF_UNSPEC, NULL, protodefs.socktype);
+	if (!srcres4)
+		srcres4 = resolvepassiveaddrinfo(
+			protoopts ? protoopts->sourcearg4 : NULL,
+			AF_INET,
+			NULL,
+			protodefs.socktype
+		);
+	if (!srcres6)
+		srcres6 = resolvepassiveaddrinfo(
+			protoopts ? protoopts->sourcearg6 : NULL,
+			AF_INET6,
+			NULL,
+			protodefs.socktype
+		);
 }
 
 int tcpconnect(struct server *server, struct timeval *when, int timeout, char *text) {
@@ -122,7 +132,7 @@ int tcpconnect(struct server *server, struct timeval *when, int timeout, char *t
 
 	if (server->sock >= 0)
 	    close(server->sock);
-	if ((server->sock = connecttcphostlist(server->conf->hostports, srcres)) >= 0)
+	if ((server->sock = connecttcphostlist(server->conf->hostports, srcres4, srcres6)) >= 0)
 	    break;
     }
     server->connectionok = 1;

tls.c

@@ -63,7 +63,7 @@ static const struct protodefs protodefs = {
     NULL /* initextra */
 };
 
-static struct addrinfo *srcres = NULL;
+static struct addrinfo *srcres4, *srcres6 = NULL;
 static uint8_t handle;
 static struct commonprotoopts *protoopts = NULL;
 
@@ -81,10 +81,20 @@ static char **getlistenerargs() {
 }
 
 void tlssetsrcres() {
-    if (!srcres)
-	srcres =
-            resolvepassiveaddrinfo(protoopts ? protoopts->sourcearg : NULL,
-                                   AF_UNSPEC, NULL, protodefs.socktype);
+	if (!srcres4)
+		srcres4 = resolvepassiveaddrinfo(
+			protoopts ? protoopts->sourcearg4 : NULL,
+			AF_INET,
+			NULL,
+			protodefs.socktype
+		);
+	if (!srcres6)
+		srcres6 = resolvepassiveaddrinfo(
+			protoopts ? protoopts->sourcearg6 : NULL,
+			AF_INET6,
+			NULL,
+			protodefs.socktype
+		);
 }
 
 int tlsconnect(struct server *server, struct timeval *when, int timeout, char *text) {
@@ -131,7 +141,7 @@ int tlsconnect(struct server *server, struct timeval *when, int timeout, char *t
 
 	if (server->sock >= 0)
 	    close(server->sock);
-	if ((server->sock = connecttcphostlist(server->conf->hostports, srcres)) < 0)
+	if ((server->sock = connecttcphostlist(server->conf->hostports, srcres4, srcres6)) < 0)
 	    continue;
 
 	SSL_free(server->ssl);

udp.c

@@ -67,7 +67,7 @@ static int client4_sock = -1;
 static int client6_sock = -1;
 static struct gqueue *server_replyq = NULL;
 
-static struct addrinfo *srcres = NULL;
+static struct addrinfo *srcres4, *srcres6 = NULL;
 static uint8_t handle;
 static struct commonprotoopts *protoopts = NULL;
 
@@ -85,10 +85,20 @@ static char **getlistenerargs() {
 }
 
 void udpsetsrcres() {
-    if (!srcres)
-	srcres =
-            resolvepassiveaddrinfo(protoopts ? protoopts->sourcearg : NULL,
-                                   AF_UNSPEC, NULL, protodefs.socktype);
+	if (!srcres4)
+		srcres4 = resolvepassiveaddrinfo(
+			protoopts ? protoopts->sourcearg4 : NULL,
+			AF_INET,
+			NULL,
+			protodefs.socktype
+		);
+	if (!srcres6)
+		srcres6 = resolvepassiveaddrinfo(
+			protoopts ? protoopts->sourcearg6 : NULL,
+			AF_INET6,
+			NULL,
+			protodefs.socktype
+		);
 }
 
 void removeudpclientfromreplyq(struct client *c) {
@@ -324,7 +334,7 @@ void addserverextraudp(struct clsrvconf *conf) {
     switch (((struct hostportres *)list_first(conf->hostports)->data)->addrinfo->ai_family) {
     case AF_INET:
 	if (client4_sock < 0) {
-	    client4_sock = bindtoaddr(srcres, AF_INET, 0, 1);
+	    client4_sock = bindtoaddr(srcres4, AF_INET, 0, 1);
 	    if (client4_sock < 0)
 		debugx(1, DBG_ERR, "addserver: failed to create client socket for server %s", conf->name);
 	}
@@ -332,7 +342,7 @@ void addserverextraudp(struct clsrvconf *conf) {
 	break;
     case AF_INET6:
 	if (client6_sock < 0) {
-	    client6_sock = bindtoaddr(srcres, AF_INET6, 0, 1);
+	    client6_sock = bindtoaddr(srcres6, AF_INET6, 0, 1);
 	    if (client6_sock < 0)
 		debugx(1, DBG_ERR, "addserver: failed to create client socket for server %s", conf->name);
 	}
@@ -344,25 +354,29 @@ void addserverextraudp(struct clsrvconf *conf) {
 }
 
 void initextraudp() {
-    pthread_t cl4th, cl6th, srvth;
+	pthread_t cl4th, cl6th, srvth;
 
-    if (srcres) {
-	freeaddrinfo(srcres);
-	srcres = NULL;
-    }
+	if (srcres4) {
+		freeaddrinfo(srcres4);
+		srcres4 = NULL;
+	}
+	if (srcres6) {
+		freeaddrinfo(srcres6);
+		srcres6 = NULL;
+	}
 
-    if (client4_sock >= 0)
-	if (pthread_create(&cl4th, &pthread_attr, udpclientrd, (void *)&client4_sock))
-	    debugx(1, DBG_ERR, "pthread_create failed");
-    if (client6_sock >= 0)
-	if (pthread_create(&cl6th, &pthread_attr, udpclientrd, (void *)&client6_sock))
-	    debugx(1, DBG_ERR, "pthread_create failed");
-
-    if (find_clconf_type(handle, NULL)) {
-	server_replyq = newqueue();
-	if (pthread_create(&srvth, &pthread_attr, udpserverwr, (void *)server_replyq))
-	    debugx(1, DBG_ERR, "pthread_create failed");
-    }
+	if (client4_sock >= 0)
+		if (pthread_create(&cl4th, &pthread_attr, udpclientrd, (void *)&client4_sock))
+			debugx(1, DBG_ERR, "pthread_create failed");
+	if (client6_sock >= 0)
+		if (pthread_create(&cl6th, &pthread_attr, udpclientrd, (void *)&client6_sock))
+			debugx(1, DBG_ERR, "pthread_create failed");
+
+	if (find_clconf_type(handle, NULL)) {
+		server_replyq = newqueue();
+		if (pthread_create(&srvth, &pthread_attr, udpserverwr, (void *)server_replyq))
+			debugx(1, DBG_ERR, "pthread_create failed");
+	}
 }
 #else
 const struct protodefs *udpinit(uint8_t h) {