diff options
| author | Martin Pieuchot <mpi@cvs.openbsd.org> | 2015-03-04 11:10:56 +0000 |
|---|---|---|
| committer | Martin Pieuchot <mpi@cvs.openbsd.org> | 2015-03-04 11:10:56 +0000 |
| commit | 3a3bb405c333a0ac10968aa7491e22566dcd0b75 (patch) | |
| tree | 9161810dca6a17c78f3ed25ea2a4f112b791413b /sys | |
| parent | d78287abc2616f506ae529027a59d3402f143d98 (diff) | |
Do not check if the interface index matches the scope when all we want
is to clear the damn embedded scope.
At this point the receiving interface should not matter and will in the
future be cleared to prevent such layer violations.
This prevent exporting addresses with embedded scope to userland.
Found the hardway by and ok florian@
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/netinet/udp_usrreq.c | 21 | ||||
| -rw-r--r-- | sys/netinet6/icmp6.c | 4 | ||||
| -rw-r--r-- | sys/netinet6/raw_ip6.c | 4 |
3 files changed, 7 insertions, 22 deletions
diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index b7f96a8bf7f..a9b0f6b55b7 100644 --- a/sys/netinet/udp_usrreq.c +++ b/sys/netinet/udp_usrreq.c @@ -1,4 +1,4 @@ -/* $OpenBSD: udp_usrreq.c,v 1.195 2014/12/05 15:50:04 mpi Exp $ */ +/* $OpenBSD: udp_usrreq.c,v 1.196 2015/03/04 11:10:55 mpi Exp $ */ /* $NetBSD: udp_usrreq.c,v 1.28 1996/03/16 23:54:03 christos Exp $ */ /* @@ -173,7 +173,7 @@ udp_input(struct mbuf *m, ...) #ifdef INET6 struct sockaddr_in6 sin6; #endif /* INET6 */ - } srcsa, dstsa; + } srcsa; #ifdef INET6 struct ip6_hdr *ip6; #endif /* INET6 */ @@ -353,12 +353,6 @@ udp_input(struct mbuf *m, ...) srcsa.sin.sin_family = AF_INET; srcsa.sin.sin_port = uh->uh_sport; srcsa.sin.sin_addr = ip->ip_src; - - bzero(&dstsa, sizeof(struct sockaddr_in)); - dstsa.sin.sin_len = sizeof(struct sockaddr_in); - dstsa.sin.sin_family = AF_INET; - dstsa.sin.sin_port = uh->uh_dport; - dstsa.sin.sin_addr = ip->ip_dst; break; #ifdef INET6 case AF_INET6: @@ -370,16 +364,7 @@ udp_input(struct mbuf *m, ...) srcsa.sin6.sin6_flowinfo = htonl(0x0fffffff) & ip6->ip6_flow; #endif /* KAME hack: recover scopeid */ - (void)in6_recoverscope(&srcsa.sin6, &ip6->ip6_src, - m->m_pkthdr.rcvif); - - bzero(&dstsa, sizeof(struct sockaddr_in6)); - dstsa.sin6.sin6_len = sizeof(struct sockaddr_in6); - dstsa.sin6.sin6_family = AF_INET6; - dstsa.sin6.sin6_port = uh->uh_dport; - /* KAME hack: recover scopeid */ - (void)in6_recoverscope(&dstsa.sin6, &ip6->ip6_dst, - m->m_pkthdr.rcvif); + (void)in6_recoverscope(&srcsa.sin6, &ip6->ip6_src, NULL); break; #endif /* INET6 */ } diff --git a/sys/netinet6/icmp6.c b/sys/netinet6/icmp6.c index c1a1a422d0d..9c124e6867c 100644 --- a/sys/netinet6/icmp6.c +++ b/sys/netinet6/icmp6.c @@ -1,4 +1,4 @@ -/* $OpenBSD: icmp6.c,v 1.156 2015/02/05 03:01:03 mpi Exp $ */ +/* $OpenBSD: icmp6.c,v 1.157 2015/03/04 11:10:55 mpi Exp $ */ /* $KAME: icmp6.c,v 1.217 2001/06/20 15:03:29 jinmei Exp $ */ /* @@ -1082,7 +1082,7 @@ icmp6_rip6_input(struct mbuf **mp, int off) rip6src.sin6_len = sizeof(struct sockaddr_in6); rip6src.sin6_family = AF_INET6; /* KAME hack: recover scopeid */ - (void)in6_recoverscope(&rip6src, &ip6->ip6_src, m->m_pkthdr.rcvif); + (void)in6_recoverscope(&rip6src, &ip6->ip6_src, NULL); TAILQ_FOREACH(in6p, &rawin6pcbtable.inpt_queue, inp_queue) { if (!(in6p->inp_flags & INP_IPV6)) diff --git a/sys/netinet6/raw_ip6.c b/sys/netinet6/raw_ip6.c index 015975a5d65..00f0bf52257 100644 --- a/sys/netinet6/raw_ip6.c +++ b/sys/netinet6/raw_ip6.c @@ -1,4 +1,4 @@ -/* $OpenBSD: raw_ip6.c,v 1.72 2015/01/24 00:29:06 deraadt Exp $ */ +/* $OpenBSD: raw_ip6.c,v 1.73 2015/03/04 11:10:55 mpi Exp $ */ /* $KAME: raw_ip6.c,v 1.69 2001/03/04 15:55:44 itojun Exp $ */ /* @@ -145,7 +145,7 @@ rip6_input(struct mbuf **mp, int *offp, int proto) rip6src.sin6_len = sizeof(struct sockaddr_in6); rip6src.sin6_family = AF_INET6; /* KAME hack: recover scopeid */ - (void)in6_recoverscope(&rip6src, &ip6->ip6_src, m->m_pkthdr.rcvif); + (void)in6_recoverscope(&rip6src, &ip6->ip6_src, NULL); TAILQ_FOREACH(in6p, &rawin6pcbtable.inpt_queue, inp_queue) { if (in6p->inp_socket->so_state & SS_CANTRCVMORE) |