$OpenBSD: patch-lib_isc_unix_socket_c,v 1.31 2021/08/18 19:55:36 sthen Exp $

Disable some socket options which pledge doesn't allow.

Index: lib/isc/unix/socket.c
--- lib/isc/unix/socket.c.orig
+++ lib/isc/unix/socket.c
@@ -2105,10 +2105,12 @@ set_ip_disable_pmtud(isc_socket_t *sock) {
 	 * Disable Path MTU Discover on IP packets
 	 */
 	if (sock->pf == AF_INET6) {
+#if !defined(__OpenBSD__) /* pledge doesn't allow "don't fragment" sockopts */
 #if defined(IPV6_DONTFRAG)
 		(void)setsockopt(sock->fd, IPPROTO_IPV6, IPV6_DONTFRAG,
 				 &(int){ 0 }, sizeof(int));
 #endif
+#endif
 #if defined(IPV6_MTU_DISCOVER) && defined(IP_PMTUDISC_OMIT)
 		(void)setsockopt(sock->fd, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
 				 &(int){ IP_PMTUDISC_OMIT }, sizeof(int));
@@ -2385,6 +2387,7 @@ again:
 		}
 #endif /* if defined(SO_SNDBUF) */
 	}
+#if !defined(__OpenBSD__) /* pledge doesn't allow "receive ToS" sockopts */
 #ifdef IPV6_RECVTCLASS
 	if ((sock->pf == AF_INET6) &&
 	    (setsockopt(sock->fd, IPPROTO_IPV6, IPV6_RECVTCLASS, (void *)&on,
@@ -2409,6 +2412,7 @@ again:
 				 sock->fd, strbuf);
 	}
 #endif /* ifdef IP_RECVTOS */
+#endif
 #endif /* defined(USE_CMSG) || defined(SET_RCVBUF) || defined(SET_SNDBUF) */
 
 	set_ip_disable_pmtud(sock);
@@ -5091,6 +5095,13 @@ isc_socket_gettype(isc_socket_t *sock) {
 
 void
 isc_socket_ipv6only(isc_socket_t *sock, bool yes) {
+#ifdef __OpenBSD__
+/*
+ * pledge doesn't allow setting IPV6_V6ONLY, but that's ok,
+ * IPV6_V6ONLY is always enabled on OpenBSD;
+ */
+#undef IPV6_V6ONLY
+#endif
 #if defined(IPV6_V6ONLY)
 	int onoff = yes ? 1 : 0;
 #else  /* if defined(IPV6_V6ONLY) */
