Merge branch 'ipv6-addrs-mobike'

Address enumeration on Linux now ignores deprecated addresses and
whether temporary or permanent IPv6 addresses are included now depends
on the charon.prefer_temporary_addrs setting.

Closes #3192.

conf/options/charon.opt

@@ -286,8 +286,16 @@ charon.prefer_configured_proposals = yes
 	notifies).
 
 charon.prefer_temporary_addrs = no
-	By default public IPv6 addresses are preferred over temporary ones (RFC
+	Controls whether permanent or temporary IPv6 addresses are used as source,
-	4941), to make connections more stable. Enable this option to reverse this.
+	or announced as additional addresses if MOBIKE is used.
+
+	By default, permanent IPv6 source addresses are preferred over temporary
+	ones (RFC 4941), to make connections more stable. Enable this option to
+	reverse this.
+
+	It also affects which IPv6 addresses are announced as additional addresses
+	if MOBIKE is used.  If the option is disabled, only permanent addresses are
+	sent, and only temporary ones if it is enabled.
 
 charon.process_route = yes
 	Process RTM_NEWROUTE and RTM_DELROUTE events.

src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c

@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2008-2018 Tobias Brunner
+ * Copyright (C) 2008-2019 Tobias Brunner
  * Copyright (C) 2005-2008 Martin Willi
  * HSR Hochschule fuer Technik Rapperswil
  *
@@ -1603,10 +1603,19 @@ CALLBACK(filter_addresses, bool,
 		{	/* address is regular, but not requested */
 			continue;
 		}
-		if (addr->scope >= RT_SCOPE_LINK)
+		if (addr->flags & IFA_F_DEPRECATED ||
-		{	/* skip addresses with a unusable scope */
+			addr->scope >= RT_SCOPE_LINK)
+		{	/* skip deprecated addresses or those with an unusable scope */
 			continue;
 		}
+		if (addr->ip->get_family(addr->ip) == AF_INET6)
+		{	/* handle temporary IPv6 addresses according to config */
+			bool temporary = (addr->flags & IFA_F_TEMPORARY) == IFA_F_TEMPORARY;
+			if (data->this->prefer_temporary_addrs != temporary)
+			{
+				continue;
+			}
+		}
 		*out = addr->ip;
 		return TRUE;
 	}