diff options
author | Claudio Jeker <claudio@cvs.openbsd.org> | 2007-02-16 13:41:22 +0000 |
---|---|---|
committer | Claudio Jeker <claudio@cvs.openbsd.org> | 2007-02-16 13:41:22 +0000 |
commit | 3e45286e9c97f4bf4efb480dfb32e75e0c757375 (patch) | |
tree | 54344605fa89ae233f5d59f4dd2618d14db564c3 | |
parent | 9f4397c5106f62f2488f78970d51221811db2efa (diff) |
Unbreak ppp(8) over tun(4) by restriciting the flags that can be changed
via TUNSIFINFO. ppp(8) was happily clearing the RUNNING flag and so all
incomming packets where dropped. Issue reported by irix <at> ukr <dot> net.
While there check that the mtu is in a valid range -- stolen from SIOCSIFMTU
case.
-rw-r--r-- | sys/net/if_tun.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/sys/net/if_tun.c b/sys/net/if_tun.c index d57064f7f53..20b629bb6f0 100644 --- a/sys/net/if_tun.c +++ b/sys/net/if_tun.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_tun.c,v 1.83 2007/02/06 10:49:40 claudio Exp $ */ +/* $OpenBSD: if_tun.c,v 1.84 2007/02/16 13:41:21 claudio Exp $ */ /* $NetBSD: if_tun.c,v 1.24 1996/05/07 02:40:48 thorpej Exp $ */ /* @@ -111,6 +111,9 @@ int tundebug = TUN_DEBUG; #define TUNDEBUG(a) /* (tundebug? printf a : 0) */ #endif +/* Only these IFF flags are changeable by TUNSIFINFO */ +#define TUN_IFF_FLAGS (IFF_UP|IFF_POINTOPOINT|IFF_MULTICAST|IFF_BROADCAST) + extern int ifqmaxlen; void tunattach(int); @@ -612,9 +615,15 @@ tunioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct proc *p) switch (cmd) { case TUNSIFINFO: tunp = (struct tuninfo *)data; + if (tunp->mtu < ETHERMIN || tunp->mtu > TUNMRU) { + splx(s); + return (EINVAL); + } tp->tun_if.if_mtu = tunp->mtu; tp->tun_if.if_type = tunp->type; - tp->tun_if.if_flags = tunp->flags; + tp->tun_if.if_flags = + (tunp->flags & TUN_IFF_FLAGS) | + (tp->tun_if.if_flags & ~TUN_IFF_FLAGS); tp->tun_if.if_baudrate = tunp->baudrate; break; case TUNGIFINFO: |