summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJun-ichiro itojun Hagino <itojun@cvs.openbsd.org>1999-12-17 22:47:06 +0000
committerJun-ichiro itojun Hagino <itojun@cvs.openbsd.org>1999-12-17 22:47:06 +0000
commit315f1c20f4c1bb68b2914337820367098d3f7747 (patch)
treeb8624ae9b72dc739f99fa6c05a54a8d65ce6a855
parent06e3ea76cea11d16014e616597608e4b5e769891 (diff)
do not accept IPv4 traffic by AF_INET6 socket. IPv4 mapped address is
bad for access controls. (quickhack fix, need sysctl/setsockopt knob to enable this functionality)
-rw-r--r--sys/netinet/in_pcb.c16
-rw-r--r--sys/netinet/udp_usrreq.c12
2 files changed, 26 insertions, 2 deletions
diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c
index 0ddfa35e14a..f7797ea4fd8 100644
--- a/sys/netinet/in_pcb.c
+++ b/sys/netinet/in_pcb.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: in_pcb.c,v 1.36 1999/12/08 11:36:40 angelos Exp $ */
+/* $OpenBSD: in_pcb.c,v 1.37 1999/12/17 22:47:04 itojun Exp $ */
/* $NetBSD: in_pcb.c,v 1.25 1996/02/13 23:41:53 christos Exp $ */
/*
@@ -817,6 +817,11 @@ in_pcblookup(table, faddrp, fport_arg, laddrp, lport_arg, flags)
inp->inp_fport != fport)
continue;
} else {
+#ifdef INET6
+ if (inp->inp_flags & INP_IPV6)
+ continue; /*XXX*/
+ else
+#endif
if (faddr.s_addr != INADDR_ANY)
wildcard++;
}
@@ -826,6 +831,11 @@ in_pcblookup(table, faddrp, fport_arg, laddrp, lport_arg, flags)
else if (inp->inp_laddr.s_addr != laddr.s_addr)
continue;
} else {
+#ifdef INET6
+ if (inp->inp_flags & INP_IPV6)
+ continue; /*XXX*/
+ else
+#endif
if (laddr.s_addr != INADDR_ANY)
wildcard++;
}
@@ -975,6 +985,10 @@ in_pcbhashlookup(table, faddr, fport_arg, laddr, lport_arg)
head = INPCBHASH(table, &faddr, fport, &laddr, lport);
for (inp = head->lh_first; inp != NULL; inp = inp->inp_hash.le_next) {
+#ifdef INET6
+ if (inp->inp_flags & INP_IPV6)
+ continue; /*XXX*/
+#endif
if (inp->inp_faddr.s_addr == faddr.s_addr &&
inp->inp_fport == fport &&
inp->inp_lport == lport &&
diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c
index a2d2d5a17bd..f5eeb674080 100644
--- a/sys/netinet/udp_usrreq.c
+++ b/sys/netinet/udp_usrreq.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: udp_usrreq.c,v 1.30 1999/12/12 10:59:41 itojun Exp $ */
+/* $OpenBSD: udp_usrreq.c,v 1.31 1999/12/17 22:47:05 itojun Exp $ */
/* $NetBSD: udp_usrreq.c,v 1.28 1996/03/16 23:54:03 christos Exp $ */
/*
@@ -409,6 +409,11 @@ udp_input(m, va_alist)
if (inp->inp_laddr.s_addr !=
ip->ip_dst.s_addr)
continue;
+ } else {
+#ifdef INET6
+ if (inp->inp_flags & INP_IPV6)
+ continue; /*XXX*/
+#endif
}
#ifdef INET6
if (ipv6) {
@@ -424,6 +429,11 @@ udp_input(m, va_alist)
ip->ip_src.s_addr ||
inp->inp_fport != uh->uh_sport)
continue;
+ } else {
+#ifdef INET6
+ if (inp->inp_flags & INP_IPV6)
+ continue; /*XXX*/
+#endif
}
if (last != NULL) {