From 3533b854408fa93734742b2ee12b62aa0d55ff28 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Mon, 3 Apr 2017 20:56:12 +0200 Subject: dirmngr: New option --disable-ipv6 * dirmngr/dirmngr.h (struct opt): Add field 'disable_ipv6'. * dirmngr/dirmngr.c (oDisableIPv6): New const. (opts): New option --disable-ipv6. (parse_rereadable_options): Set that option. * dirmngr/dns-stuff.c (opt_disable_ipv6): New var. (set_dns_disable_ipv6): New. (resolve_name_standard): Make use of it. * dirmngr/ks-engine-finger.c (ks_finger_fetch): Take care of OPT.DISABLE_IPV6. * dirmngr/ks-engine-hkp.c (map_host): Ditto. (send_request): Ditto. * dirmngr/ks-engine-http.c (ks_http_fetch): Ditto. * dirmngr/ocsp.c (do_ocsp_request): Ditto. Signed-off-by: Werner Koch --- dirmngr/dns-stuff.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'dirmngr/dns-stuff.c') diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c index c9ce40a2c..728f662ae 100644 --- a/dirmngr/dns-stuff.c +++ b/dirmngr/dns-stuff.c @@ -123,6 +123,10 @@ static int opt_timeout; * returned A records. */ static int opt_disable_ipv4; +/* The flag to disable IPv6 access - right now this only skips + * returned AAAA records. */ +static int opt_disable_ipv6; + /* If set force the use of the standard resolver. */ static int standard_resolver; @@ -248,6 +252,15 @@ set_dns_disable_ipv4 (int yes) } +/* Set the Disable-IPv6 flag so that the name resolver does not return + * AAAA addresses. */ +void +set_dns_disable_ipv6 (int yes) +{ + opt_disable_ipv6 = !!yes; +} + + /* Set the timeout for libdns requests to SECONDS. A value of 0 sets * the default timeout and values are capped at 10 minutes. */ void @@ -953,6 +966,8 @@ resolve_name_standard (const char *name, unsigned short port, continue; if (opt_disable_ipv4 && ai->ai_family == AF_INET) continue; + if (opt_disable_ipv6 && ai->ai_family == AF_INET6) + continue; dai = xtrymalloc (sizeof *dai + ai->ai_addrlen - 1); dai->family = ai->ai_family; -- cgit v1.2.3