diff options
| author | Mike Belopuhov <mikeb@cvs.openbsd.org> | 2014-10-27 21:51:33 +0000 |
|---|---|---|
| committer | Mike Belopuhov <mikeb@cvs.openbsd.org> | 2014-10-27 21:51:33 +0000 |
| commit | b0f941f06f0d61b2bb1efdb3a7c60964903d8fcc (patch) | |
| tree | bd9c58f68c1d0dff4c0a268d8c036d139797c814 /sbin/pfctl/pfctl_parser.h | |
| parent | 080c41521661ceeb012220990b166a34b9744da4 (diff) | |
Fixup incorrect expansion of the networking mask for dynamic interface
specifications under certain circumstances resulting in potentially
elevated access permissions for IPv6 traffic. Reported by sthen@;
ok henning benno sthen
Diffstat (limited to 'sbin/pfctl/pfctl_parser.h')
| -rw-r--r-- | sbin/pfctl/pfctl_parser.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/sbin/pfctl/pfctl_parser.h b/sbin/pfctl/pfctl_parser.h index 3b957b855e5..ec8af3c5923 100644 --- a/sbin/pfctl/pfctl_parser.h +++ b/sbin/pfctl/pfctl_parser.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl_parser.h,v 1.103 2014/08/23 00:11:03 pelikan Exp $ */ +/* $OpenBSD: pfctl_parser.h,v 1.104 2014/10/27 21:51:32 mikeb Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -275,6 +275,7 @@ extern const struct pf_timeout pf_timeouts[]; void set_ipmask(struct node_host *, u_int8_t); int check_netmask(struct node_host *, sa_family_t); int unmask(struct pf_addr *, sa_family_t); +struct node_host *gen_dynnode(struct node_host *, sa_family_t); void ifa_load(void); unsigned int ifa_nametoindex(const char *); char *ifa_indextoname(unsigned int, char *); |