summaryrefslogtreecommitdiff
path: root/sys/netinet/tcp_subr.c
diff options
context:
space:
mode:
authorClaudio Jeker <claudio@cvs.openbsd.org>2009-11-13 20:54:06 +0000
committerClaudio Jeker <claudio@cvs.openbsd.org>2009-11-13 20:54:06 +0000
commita49dcb067ccc0d0288291f437054538b34b31dcf (patch)
tree0579937c1bf07d3bb795d722753a4f295db15530 /sys/netinet/tcp_subr.c
parent750113cd50e6e0756d40eaf9d929ace22ff84a05 (diff)
Extend the protosw pr_ctlinput function to include the rdomain. This is
needed so that the route and inp lookups done in TCP and UDP know where to look. Additionally in_pcbnotifyall() and tcp_respond() got a rdomain argument as well for similar reasons. With this tcp seems to be now fully rdomain save and no longer leaks single packets into the main domain. Looks good markus@, henning@
Diffstat (limited to 'sys/netinet/tcp_subr.c')
-rw-r--r--sys/netinet/tcp_subr.c22
1 files changed, 15 insertions, 7 deletions
diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c
index b5d91f7253b..26cba61037b 100644
--- a/sys/netinet/tcp_subr.c
+++ b/sys/netinet/tcp_subr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tcp_subr.c,v 1.108 2009/11/03 10:59:04 claudio Exp $ */
+/* $OpenBSD: tcp_subr.c,v 1.109 2009/11/13 20:54:05 claudio Exp $ */
/* $NetBSD: tcp_subr.c,v 1.22 1996/02/13 23:44:00 christos Exp $ */
/*
@@ -318,12 +318,13 @@ tcp_template(tp)
/* This function looks hairy, because it was so IPv4-dependent. */
#endif /* INET6 */
void
-tcp_respond(tp, template, th0, ack, seq, flags)
+tcp_respond(tp, template, th0, ack, seq, flags, rdomain)
struct tcpcb *tp;
caddr_t template;
struct tcphdr *th0;
tcp_seq ack, seq;
int flags;
+ u_int rdomain;
{
int tlen;
int win = 0;
@@ -409,6 +410,12 @@ tcp_respond(tp, template, th0, ack, seq, flags)
th->th_win = htons((u_int16_t)win);
th->th_urp = 0;
+ /* force routing domain */
+ if (tp)
+ m->m_pkthdr.rdomain = tp->t_inpcb->inp_rdomain;
+ else
+ m->m_pkthdr.rdomain = rdomain;
+
switch (af) {
#ifdef INET6
case AF_INET6:
@@ -768,9 +775,10 @@ tcp6_ctlinput(cmd, sa, d)
#endif
void *
-tcp_ctlinput(cmd, sa, v)
+tcp_ctlinput(cmd, sa, rdomain, v)
int cmd;
struct sockaddr *sa;
+ u_int rdomain;
void *v;
{
struct ip *ip = v;
@@ -810,7 +818,7 @@ tcp_ctlinput(cmd, sa, v)
seq = ntohl(th->th_seq);
inp = in_pcbhashlookup(&tcbtable,
ip->ip_dst, th->th_dport, ip->ip_src, th->th_sport,
- /* XXX */ 0);
+ rdomain);
if (inp && (tp = intotcpcb(inp)) &&
SEQ_GEQ(seq, tp->snd_una) &&
SEQ_LT(seq, tp->snd_max)) {
@@ -868,7 +876,7 @@ tcp_ctlinput(cmd, sa, v)
th = (struct tcphdr *)((caddr_t)ip + (ip->ip_hl << 2));
inp = in_pcbhashlookup(&tcbtable,
ip->ip_dst, th->th_dport, ip->ip_src, th->th_sport,
- /* XXX */ 0);
+ rdomain);
if (inp) {
seq = ntohl(th->th_seq);
if (inp->inp_socket &&
@@ -888,10 +896,10 @@ tcp_ctlinput(cmd, sa, v)
sin.sin_port = th->th_sport;
sin.sin_addr = ip->ip_src;
syn_cache_unreach((struct sockaddr *)&sin,
- sa, th, /* XXX */ 0);
+ sa, th, rdomain);
}
} else
- in_pcbnotifyall(&tcbtable, sa, errno, notify);
+ in_pcbnotifyall(&tcbtable, sa, rdomain, errno, notify);
return NULL;
}