From 72d0b3c91365dc535a79bb07ea378ef6ce1f6574 Mon Sep 17 00:00:00 2001
From: Miroslav Lichvar <mlichvar@redhat.com>
Date: Mon, 20 May 2013 15:34:33 +0200
Subject: [PATCH] Create sockets only in selected family with -4 or -6 option

---
 chrony.texi.in |  6 ++++--
 chronyd.8.in   |  4 ++--
 cmdmon.c       | 12 +++++++++---
 cmdmon.h       |  2 +-
 main.c         | 12 +++++++-----
 ntp_io.c       | 14 +++++++++++---
 ntp_io.h       |  2 +-
 7 files changed, 35 insertions(+), 17 deletions(-)

diff --git a/chrony.texi.in b/chrony.texi.in
index 977a564..d8bdeb9 100644
--- a/chrony.texi.in
+++ b/chrony.texi.in
@@ -1097,9 +1097,11 @@ supported only on Linux.
 This option will lock chronyd into RAM so that it will never be paged
 out.  This mode is only supported on Linux.
 @item -4
-With this option hostnames will be resolved only to IPv4 addresses.
+With this option hostnames will be resolved only to IPv4 addresses and only
+IPv4 sockets will be created.
 @item -6
-With this option hostnames will be resolved only to IPv6 addresses.
+With this option hostnames will be resolved only to IPv6 addresses and only
+IPv6 sockets will be created.
 @end table
 
 On systems that support an @file{/etc/rc.local} file for starting
diff --git a/chronyd.8.in b/chronyd.8.in
index dc7a7d7..94471e6 100644
--- a/chronyd.8.in
+++ b/chronyd.8.in
@@ -106,10 +106,10 @@ user.  So far, it works only on Linux when compiled with capabilities support.
 This option displays \fBchronyd\fR's version number to the terminal and exits
 .TP
 .B \-4
-Resolve hostnames only to IPv4 addresses.
+Resolve hostnames only to IPv4 addresses and create only IPv4 sockets.
 .TP
 .B \-6
-Resolve hostnames only to IPv6 addresses.
+Resolve hostnames only to IPv6 addresses and create only IPv6 sockets.
 
 .SH FILES
 \fI@SYSCONFDIR@/chrony.conf\fR
diff --git a/cmdmon.c b/cmdmon.c
index d58e0f1..7c283bc 100644
--- a/cmdmon.c
+++ b/cmdmon.c
@@ -262,7 +262,7 @@ prepare_socket(int family)
 /* ================================================== */
 
 void
-CAM_Initialise(void)
+CAM_Initialise(int family)
 {
   assert(!initialised);
   initialised = 1;
@@ -278,9 +278,15 @@ CAM_Initialise(void)
   free_replies = NULL;
   kept_replies.next = NULL;
 
-  sock_fd4 = prepare_socket(AF_INET);
+  if (family == IPADDR_UNSPEC || family == IPADDR_INET4)
+    sock_fd4 = prepare_socket(AF_INET);
+  else
+    sock_fd4 = -1;
 #ifdef HAVE_IPV6
-  sock_fd6 = prepare_socket(AF_INET6);
+  if (family == IPADDR_UNSPEC || family == IPADDR_INET6)
+    sock_fd6 = prepare_socket(AF_INET6);
+  else
+    sock_fd6 = -1;
 #endif
 
   if (sock_fd4 < 0
diff --git a/cmdmon.h b/cmdmon.h
index ab505a1..ac337e7 100644
--- a/cmdmon.h
+++ b/cmdmon.h
@@ -29,7 +29,7 @@
 
 #include "addressing.h"
 
-extern void CAM_Initialise(void);
+extern void CAM_Initialise(int family);
 
 extern void CAM_Finalise(void);
 
diff --git a/main.c b/main.c
index 59c3be5..2fe96fa 100644
--- a/main.c
+++ b/main.c
@@ -286,7 +286,7 @@ int main
 {
   const char *conf_file = DEFAULT_CONF_FILE;
   char *user = NULL;
-  int debug = 0, nofork = 0;
+  int debug = 0, nofork = 0, address_family = IPADDR_UNSPEC;
   int do_init_rtc = 0, restarted = 0;
   int other_pid;
   int lock_memory = 0, sched_priority = 0;
@@ -329,9 +329,9 @@ int main
       debug = 1;
       nofork = 1;
     } else if (!strcmp("-4", *argv)) {
-      DNS_SetAddressFamily(IPADDR_INET4);
+      address_family = IPADDR_INET4;
     } else if (!strcmp("-6", *argv)) {
-      DNS_SetAddressFamily(IPADDR_INET6);
+      address_family = IPADDR_INET6;
     } else {
       LOG_FATAL(LOGF_Main, "Unrecognized command line option [%s]", *argv);
     }
@@ -354,6 +354,8 @@ int main
   
   LOG(LOGS_INFO, LOGF_Main, "chronyd version %s starting", CHRONY_VERSION);
 
+  DNS_SetAddressFamily(address_family);
+
   CNF_SetRestarted(restarted);
   CNF_ReadFile(conf_file);
 
@@ -376,8 +378,8 @@ int main
   LCL_Initialise();
   SCH_Initialise();
   SYS_Initialise();
-  NIO_Initialise();
-  CAM_Initialise();
+  NIO_Initialise(address_family);
+  CAM_Initialise(address_family);
   RTC_Initialise();
   SRC_Initialise();
   RCL_Initialise();
diff --git a/ntp_io.c b/ntp_io.c
index 57e979b..a983d86 100644
--- a/ntp_io.c
+++ b/ntp_io.c
@@ -231,17 +231,25 @@ prepare_socket(int family)
   return sock_fd;
 }
 
+/* ================================================== */
+
 void
-NIO_Initialise(void)
+NIO_Initialise(int family)
 {
   assert(!initialised);
   initialised = 1;
 
   do_size_checks();
 
-  sock_fd4 = prepare_socket(AF_INET);
+  if (family == IPADDR_UNSPEC || family == IPADDR_INET4)
+    sock_fd4 = prepare_socket(AF_INET);
+  else
+    sock_fd4 = -1;
 #ifdef HAVE_IPV6
-  sock_fd6 = prepare_socket(AF_INET6);
+  if (family == IPADDR_UNSPEC || family == IPADDR_INET6)
+    sock_fd6 = prepare_socket(AF_INET6);
+  else
+    sock_fd6 = -1;
 #endif
 
   if (sock_fd4 < 0
diff --git a/ntp_io.h b/ntp_io.h
index 231568b..cbbe638 100644
--- a/ntp_io.h
+++ b/ntp_io.h
@@ -32,7 +32,7 @@
 #include "addressing.h"
 
 /* Function to initialise the module. */
-extern void NIO_Initialise(void);
+extern void NIO_Initialise(int family);
 
 /* Function to finalise the module */
 extern void NIO_Finalise(void);