Merge tag 'v5.1.0-1' into sid

tag strongSwan 5.1.0-1

1 files changed, 57 insertions, 30 deletions

diff --git a/src/libhydra/plugins/resolve/resolve_handler.c b/src/libhydra/plugins/resolve/resolve_handler.c
index 011ebbaaf..6c57fa0bf 100644
--- a/src/libhydra/plugins/resolve/resolve_handler.c
+++ b/src/libhydra/plugins/resolve/resolve_handler.c
@@ -21,7 +21,7 @@
 #include <unistd.h>
 
 #include <hydra.h>
-#include <debug.h>
+#include <utils/debug.h>
 #include <threading/mutex.h>
 
 /* path to resolvconf executable */
@@ -126,7 +126,7 @@ static void remove_nameserver(private_resolve_handler_t *this,
 			/* copy all, but matching line */
 			while (fgets(line, sizeof(line), in))
 			{
-				if (strneq(line, matcher, strlen(matcher)))
+				if (strpfx(line, matcher))
 				{
 					DBG1(DBG_IKE, "removing DNS server %H from %s",
 						 addr, this->file);
@@ -150,6 +150,7 @@ static bool invoke_resolvconf(private_resolve_handler_t *this,
 							  bool install)
 {
 	char cmd[128];
+	bool success = TRUE;
 
 	/* we use the nameserver's IP address as part of the interface name to
 	 * make them unique */
@@ -171,7 +172,8 @@ static bool invoke_resolvconf(private_resolve_handler_t *this,
 		DBG1(DBG_IKE, "installing DNS server %H via resolvconf", addr);
 		fprintf(out, "nameserver %H   # by strongSwan, from %Y\n", addr,
 				server);
-		if (ferror(out) || pclose(out))
+		success = !ferror(out);
+		if (pclose(out))
 		{
 			return FALSE;
 		}
@@ -180,7 +182,7 @@ static bool invoke_resolvconf(private_resolve_handler_t *this,
 	{
 		ignore_result(system(cmd));
 	}
-	return TRUE;
+	return success;
 }
 
 METHOD(attribute_handler_t, handle, bool,
@@ -267,46 +269,71 @@ METHOD(attribute_handler_t, release, void,
 typedef struct {
 	/** implements enumerator_t interface */
 	enumerator_t public;
-	/** virtual IP we are requesting */
-	host_t *vip;
+	/** request IPv4 DNS? */
+	bool v4;
+	/** request IPv6 DNS? */
+	bool v6;
 } attribute_enumerator_t;
 
 static bool attribute_enumerate(attribute_enumerator_t *this,
 								configuration_attribute_type_t *type,
 								chunk_t *data)
 {
-	switch (this->vip->get_family(this->vip))
+	if (this->v4)
 	{
-		case AF_INET:
-			*type = INTERNAL_IP4_DNS;
-			break;
-		case AF_INET6:
-			*type = INTERNAL_IP6_DNS;
-			break;
-		default:
-			return FALSE;
+		*type = INTERNAL_IP4_DNS;
+		*data = chunk_empty;
+		this->v4 = FALSE;
+		return TRUE;
+	}
+	if (this->v6)
+	{
+		*type = INTERNAL_IP6_DNS;
+		*data = chunk_empty;
+		this->v6 = FALSE;
+		return TRUE;
 	}
-	*data = chunk_empty;
-	/* enumerate only once */
-	this->public.enumerate = (void*)return_false;
-	return TRUE;
+	return FALSE;
 }
 
-METHOD(attribute_handler_t, create_attribute_enumerator, enumerator_t*,
-	private_resolve_handler_t *this, identification_t *server, host_t *vip)
+/**
+ * Check if a list has a host of given family
+ */
+static bool has_host_family(linked_list_t *list, int family)
 {
-	if (vip)
+	enumerator_t *enumerator;
+	host_t *host;
+	bool found = FALSE;
+
+	enumerator = list->create_enumerator(list);
+	while (enumerator->enumerate(enumerator, &host))
 	{
-		attribute_enumerator_t *enumerator;
+		if (host->get_family(host) == family)
+		{
+			found = TRUE;
+			break;
+		}
+	}
+	enumerator->destroy(enumerator);
 
-		enumerator = malloc_thing(attribute_enumerator_t);
-		enumerator->public.enumerate = (void*)attribute_enumerate;
-		enumerator->public.destroy = (void*)free;
-		enumerator->vip = vip;
+	return found;
+}
 
-		return &enumerator->public;
-	}
-	return enumerator_create_empty();
+METHOD(attribute_handler_t, create_attribute_enumerator, enumerator_t*,
+	private_resolve_handler_t *this, identification_t *server,
+	linked_list_t *vips)
+{
+	attribute_enumerator_t *enumerator;
+
+	INIT(enumerator,
+		.public = {
+			.enumerate = (void*)attribute_enumerate,
+			.destroy = (void*)free,
+		},
+		.v4 = has_host_family(vips, AF_INET),
+		.v6 = has_host_family(vips, AF_INET6),
+	);
+	return &enumerator->public;
 }
 
 METHOD(resolve_handler_t, destroy, void,