From 72736af86a501592d974d46ff754a63959e183bd Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Tue, 24 Jan 2017 16:36:28 +0100
Subject: dirmngr: New option --disable-ipv4.

* dirmngr/dirmngr.c (oDisableIPv4): New const.
(opts): New option --disable-ipv4.
(parse_rereadable_options): Set that option.
* dirmngr/dirmngr.h (opt): New field 'disable_ipv4'.
* dirmngr/dns-stuff.c (opt_disable_ipv4): bew var.
(set_dns_disable_ipv4): New.
(resolve_name_standard): Skip v4 addresses when OPT_DISABLE_IPV4 is
set.
* dirmngr/ks-engine-hkp.c (map_host): Ditto.
(send_request): Pass HTTP_FLAG_IGNORE_IPv4 if opt.disable_v4 is set.
* dirmngr/crlfetch.c (crl_fetch): Ditto.
* dirmngr/ks-engine-finger.c (ks_finger_fetch): Ditto.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
* dirmngr/ocsp.c (do_ocsp_request): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
---
 dirmngr/ks-engine-hkp.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'dirmngr/ks-engine-hkp.c')

diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c
index 45965cecc..4a6b4ecb9 100644
--- a/dirmngr/ks-engine-hkp.c
+++ b/dirmngr/ks-engine-hkp.c
@@ -505,6 +505,8 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect,
             {
               if (ai->family != AF_INET && ai->family != AF_INET6)
                 continue;
+              if (opt.disable_ipv4 && ai->family == AF_INET)
+                continue;
               dirmngr_tick (ctrl);
 
               add_host (name, is_pool, ai, 0, reftbl, reftblsize, &refidx);
@@ -585,7 +587,8 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect,
         {
           for (ai = aibuf; ai; ai = ai->next)
             {
-              if (ai->family == AF_INET6 || ai->family == AF_INET)
+              if (ai->family == AF_INET6
+                  || (!opt.disable_ipv4 && ai->family == AF_INET))
                 {
                   err = resolve_dns_addr (ai->addr, ai->addrlen, 0, &host);
                   if (!err)
@@ -1060,7 +1063,8 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr,
                    /* fixme: AUTH */ NULL,
                    (httpflags
                     |(opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0)
-                    |(opt.use_tor? HTTP_FLAG_FORCE_TOR:0)),
+                    |(opt.use_tor? HTTP_FLAG_FORCE_TOR:0)
+                    |(opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)),
                    ctrl->http_proxy,
                    session,
                    NULL,
-- 
cgit v1.2.3