From 598bec78faa6064cc717102c61770ce3040dea87 Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Wed, 3 Jul 2013 17:57:24 +0200
Subject: socket-default: Add options to disable address families

---
 .../plugins/socket_default/socket_default_socket.c | 25 ++++++++++++++++++++++
 1 file changed, 25 insertions(+)

(limited to 'src')

diff --git a/src/libcharon/plugins/socket_default/socket_default_socket.c b/src/libcharon/plugins/socket_default/socket_default_socket.c
index c1ed22ecb..54380eda0 100644
--- a/src/libcharon/plugins/socket_default/socket_default_socket.c
+++ b/src/libcharon/plugins/socket_default/socket_default_socket.c
@@ -630,12 +630,37 @@ static int open_socket(private_socket_default_socket_t *this,
 	return skt;
 }
 
+/**
+ * Check if we should use the given family
+ */
+static bool use_family(int family)
+{
+	switch (family)
+	{
+		case AF_INET:
+			return lib->settings->get_bool(lib->settings,
+					"%s.plugins.socket-default.use_ipv4", TRUE, charon->name);
+		case AF_INET6:
+			return lib->settings->get_bool(lib->settings,
+					"%s.plugins.socket-default.use_ipv6", TRUE, charon->name);
+		default:
+			return FALSE;
+	}
+}
+
 /**
  * Open a socket pair (normal and NAT traversal) for a given address family
  */
 static void open_socketpair(private_socket_default_socket_t *this, int family,
 							int *skt, int *skt_natt, char *label)
 {
+	if (!use_family(family))
+	{
+		*skt = -1;
+		*skt_natt = -1;
+		return;
+	}
+
 	*skt = open_socket(this, family, &this->port);
 	if (*skt == -1)
 	{
-- 
cgit v1.2.3