From 64524860919679365ced1d0d06dc9d149df20a45 Mon Sep 17 00:00:00 2001
From: Faidon Liambotis <paravoid@debian.org>
Date: Tue, 8 Jan 2019 20:29:24 +0200
Subject: [PATCH 1/2] Replace SOL_TCP with IPPROTO_TCP

SOL_TCP is deprecated and doesn't exist on all platforms (e.g. FreeBSD).
IPPROTO_TCP is equivalent and portable.
---
 util.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/util.c b/util.c
index df6f821..fd9f59c 100644
--- a/util.c
+++ b/util.c
@@ -129,15 +129,15 @@ void enable_keepalive(int socket) {
     debug(DBG_NOTICE, "TCP Keepalive feature might be limited on this platform");
 #else
     optval = 3;
-    if(setsockopt(socket, SOL_TCP, TCP_KEEPCNT, &optval, optlen) < 0) {
+    if(setsockopt(socket, IPPROTO_TCP, TCP_KEEPCNT, &optval, optlen) < 0) {
         debug(DBG_ERR, "enable_keepalive: setsockopt TCP_KEEPCNT failed");
     }
     optval = 10;
-    if(setsockopt(socket, SOL_TCP, TCP_KEEPIDLE, &optval, optlen) < 0) {
+    if(setsockopt(socket, IPPROTO_TCP, TCP_KEEPIDLE, &optval, optlen) < 0) {
         debug(DBG_ERR, "enable_keepalive: setsockopt TCP_KEEPIDLE %d failed", optval);
     }
     optval = 10;
-    if(setsockopt(socket, SOL_TCP, TCP_KEEPINTVL, &optval, optlen) < 0) {
+    if(setsockopt(socket, IPPROTO_TCP, TCP_KEEPINTVL, &optval, optlen) < 0) {
         debug(DBG_ERR, "enable_keepalive: setsockopt TCP_KEEPINTVL failed");
     }
 #endif

From b5439433b75733292baf4cbb3162b00a45449711 Mon Sep 17 00:00:00 2001
From: Faidon Liambotis <paravoid@debian.org>
Date: Tue, 8 Jan 2019 18:51:48 +0200
Subject: [PATCH 2/2] Use IP_RECVDSTADDR where applicable

IP_PKTINFO is provided by many platforms (Linux among them), but not
all. Most notably, FreeBSD does not provide this functionality, but
provides a similar one with IP_RECVDSTADDR instead.

Make the use of IP_PKTINFO conditional on the constant being defined,
and add support for IP_RECVDSTADDR as well, restoring support for
FreeBSD.

Fixes: #25
---
 dtls.c        | 18 +++++++++++++++---
 radsecproxy.c |  5 +++++
 2 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/dtls.c b/dtls.c
index 7c2c315..6ac1e16 100644
--- a/dtls.c
+++ b/dtls.c
@@ -400,12 +400,24 @@ int getConnectionInfo(int socket, struct sockaddr *from, socklen_t fromlen, stru
     if (getsockname(socket, to, &tolen))
         return -1;
     for (ctrlhdr = CMSG_FIRSTHDR(&msghdr); ctrlhdr; ctrlhdr = CMSG_NXTHDR(&msghdr, ctrlhdr)) {
+#if defined(IP_PKTINFO)
         if(ctrlhdr->cmsg_level == IPPROTO_IP && ctrlhdr->cmsg_type == IP_PKTINFO) {
-            debug(DBG_DBG, "udp packet to: %s", inet_ntop(AF_INET, &((struct in_pktinfo *)CMSG_DATA(ctrlhdr))->ipi_addr, tmp, sizeof(tmp)));
+            struct in_pktinfo *pktinfo = (struct in_pktinfo *)CMSG_DATA(ctrlhdr);
+            debug(DBG_DBG, "udp packet to: %s", inet_ntop(AF_INET, &(pktinfo->ipi_addr), tmp, sizeof(tmp)));
 
-            ((struct sockaddr_in *)to)->sin_addr = ((struct in_pktinfo *)CMSG_DATA(ctrlhdr))->ipi_addr;
+            ((struct sockaddr_in *)to)->sin_addr = pktinfo->ipi_addr;
             toaddrfound = 1;
-        } else if(ctrlhdr->cmsg_level == IPPROTO_IPV6 && ctrlhdr->cmsg_type == IPV6_RECVPKTINFO) {
+        }
+#elif defined(IP_RECVDSTADDR)
+        if(ctrlhdr->cmsg_level == IPPROTO_IP && ctrlhdr->cmsg_type == IP_RECVDSTADDR) {
+            struct in_addr *addr = (struct in_addr *)CMSG_DATA(ctrlhdr);
+            debug(DBG_DBG, "udp packet to: %s", inet_ntop(AF_INET, addr, tmp, sizeof(tmp)));
+
+            ((struct sockaddr_in *)to)->sin_addr = *addr;
+            toaddrfound = 1;
+        }
+#endif
+        if(ctrlhdr->cmsg_level == IPPROTO_IPV6 && ctrlhdr->cmsg_type == IPV6_RECVPKTINFO) {
             info6 = (struct in6_pktinfo *)CMSG_DATA(ctrlhdr);
             debug(DBG_DBG, "udp packet to: %x", inet_ntop(AF_INET6, &info6->ipi6_addr, tmp, sizeof(tmp)));
 
diff --git a/radsecproxy.c b/radsecproxy.c
index e8d7527..70a7d6a 100644
--- a/radsecproxy.c
+++ b/radsecproxy.c
@@ -1997,8 +1997,13 @@ void createlistener(uint8_t type, char *arg) {
             if (setsockopt(s, IPPROTO_IPV6, IPV6_RECVPKTINFO, &on, sizeof(on)) == -1)
                 debugerrno(errno, DBG_WARN, "craetelistener: IPV6_RECVPKTINFO");
         } else if (res->ai_family == AF_INET) {
+#if defined(IP_PKTINFO)
             if (setsockopt(s, IPPROTO_IP, IP_PKTINFO, &on, sizeof(on)) == -1)
                 debugerrno(errno, DBG_WARN, "createlistener: IP_PKTINFO");
+#elif defined(IP_RECVDSTADDR)
+            if (setsockopt(s, IPPROTO_IP, IP_RECVDSTADDR, &on, sizeof(on)) == -1)
+                debugerrno(errno, DBG_WARN, "createlistener: IP_RECVDSTADDR");
+#endif
         }
     }
 	if (bind(s, res->ai_addr, res->ai_addrlen)) {