3 files changed, 26 insertions, 21 deletions

diff --git a/src/charon/network/socket.c b/src/charon/network/socket.c
index ba01702cb..c42c9cd10 100644
--- a/src/charon/network/socket.c
+++ b/src/charon/network/socket.c
@@ -308,9 +308,9 @@ static status_t build_interface_list(private_socket_t *this, u_int16_t port)
 		int skt;
 		interface_t *interface;
 
-		if (current->sin_family != AF_INET)
+		if (current->sin_family != AF_INET && current->sin_family != AF_INET6)
 		{
-			/* ignore all but AF_INET interfaces */
+			/* ignore all but IPv4 and IPv6 interfaces */
 			continue;
 		}
 
@@ -334,7 +334,7 @@ static status_t build_interface_list(private_socket_t *this, u_int16_t port)
 		}
 		
 		/* set up interface socket */
-		skt = socket(AF_INET, SOCK_RAW, IPPROTO_UDP);
+		skt = socket(current->sin_family, SOCK_RAW, IPPROTO_UDP);
 		if (socket < 0)
 		{
 			this->logger->log(this->logger, ERROR, "unable to open interface socket!");
@@ -347,7 +347,7 @@ static status_t build_interface_list(private_socket_t *this, u_int16_t port)
 			continue;
 		}
 		current->sin_port = htons(port);
-		current->sin_family = AF_INET;
+
 		if (bind(skt, (struct sockaddr*)current, sizeof(struct sockaddr_in)) < 0)
 		{
 			this->logger->log(this->logger, ERROR, "unable to bind interface socket!");
diff --git a/src/starter/confread.c b/src/starter/confread.c
index cd7a6f29d..e9912f8b8 100644
--- a/src/starter/confread.c
+++ b/src/starter/confread.c
@@ -31,13 +31,15 @@
 #include "args.h"
 #include "interfaces.h"
 
+/* strings containing a colon are interpreted as an IPv6 address */
+#define ip_version(string)	(strchr(string, ':') != NULL)? AF_INET6 : AF_INET;
+
 static const char ike_defaults[] = "3des-sha, 3des-md5";
 static const char esp_defaults[] = "3des-sha1, 3des-md5";
 
 static const char firewall_defaults[] = "ipsec _updown iptables";
 
-static void
-default_values(starter_config_t *cfg)
+static void default_values(starter_config_t *cfg)
 {
 	if (cfg == NULL)
 		return;
@@ -167,22 +169,18 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token
 				goto err;
 			}
 		}
-		else if (streq(value,"%any"))
+		else if (streq(value, "%any"))
 		{
 			anyaddr(conn->addr_family, &end->addr);
 		}
-		else if (value[0] == '%')
+		else if (streq(value, "%any6"))
 		{
-			if (end->iface)
-				pfree(end->iface);
-			end->iface = clone_str(value+1, "iface");
-			if (starter_iface_find(end->iface, conn->addr_family, &end->addr, &end->nexthop) == -1)
-			{
-				conn->state = STATE_INVALID;
-			}
+			conn->addr_family = AF_INET6;
+			anyaddr(conn->addr_family, &end->addr);
 		}
 		else
 		{
+			conn->addr_family = ip_version(value);
 			ugh = ttoaddr(value, 0, conn->addr_family, &end->addr);
 			if (ugh != NULL)
 			{
@@ -203,10 +201,14 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token
 			}
 		}
 		else if (streq(value, "%direct"))
+		{
 			ugh = anyaddr(conn->addr_family, &end->nexthop);
+		}
 		else
+		{
+			conn->addr_family = ip_version(value);
 			ugh = ttoaddr(value, 0, conn->addr_family, &end->nexthop);
-
+		}
 		if (ugh != NULL)
 		{
 			plog("# bad addr: %s=%s [%s]", name, value, ugh);
@@ -222,6 +224,7 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token
 		else
 		{
 			end->has_client = TRUE;
+			conn->tunnel_addr_family = ip_version(value);
 			ugh = ttosubnet(value, 0, conn->tunnel_addr_family, &end->subnet);
 			if (ugh != NULL)
 			{
@@ -233,6 +236,7 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token
 	case KW_SUBNETWITHIN:
 		end->has_client = TRUE;
 		end->has_client_wildcard = TRUE;
+		conn->tunnel_addr_family = ip_version(value);
 		ugh = ttosubnet(value, 0, conn->tunnel_addr_family, &end->subnet);
 		break;
 	case KW_PROTOPORT:
@@ -246,7 +250,8 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token
 		}
 		else
 		{
-			ugh = ttoaddr(value, 0, conn->addr_family, &end->srcip);
+			conn->tunnel_addr_family = ip_version(value);
+			ugh = ttoaddr(value, 0, conn->tunnel_addr_family, &end->srcip);
 			if (ugh != NULL)
 			{
 				plog("# bad addr: %s=%s [%s]", name, value, ugh);
diff --git a/src/starter/starterwhack.c b/src/starter/starterwhack.c
index 862c01766..0b37ab742 100644
--- a/src/starter/starterwhack.c
+++ b/src/starter/starterwhack.c
@@ -157,13 +157,13 @@ set_whack_end(whack_end_t *w, starter_end_t *end)
     w->host_addr           = end->addr;
     w->host_nexthop        = end->nexthop;
     w->host_srcip          = end->srcip;
+    w->has_client          = end->has_client;
 
-    if (end->has_client)
-	w->client = end->subnet;
+    if (w->has_client)
+	w->client          = end->subnet;
     else
-	w->client.addr.u.v4.sin_family = AF_INET;
+	w->client.addr.u.v4.sin_family = addrtypeof(&w->host_addr);
 
-    w->has_client          = end->has_client;
     w->has_client_wildcard = end->has_client_wildcard;
     w->has_port_wildcard   = end->has_port_wildcard;
     w->has_srcip           = end->has_srcip;