kernel-netlink: Don't enumerate deprecated IPv6 addresses
authorTobias Brunner <tobias@strongswan.org>
Fri, 4 Oct 2019 08:39:26 +0000 (10:39 +0200)
committerTobias Brunner <tobias@strongswan.org>
Tue, 22 Oct 2019 12:13:32 +0000 (14:13 +0200)
src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c

index c22e379..165fb42 100644 (file)
@@ -1603,8 +1603,9 @@ CALLBACK(filter_addresses, bool,
                {       /* address is regular, but not requested */
                        continue;
                }
-               if (addr->scope >= RT_SCOPE_LINK)
-               {       /* skip addresses with a unusable scope */
+               if (addr->flags & IFA_F_DEPRECATED ||
+                       addr->scope >= RT_SCOPE_LINK)
+               {       /* skip deprecated addresses or those with an unusable scope */
                        continue;
                }
                *out = addr->ip;