revert rev. 1.115

  In case imcp_reflect() is called without a given source address
  do not try to find a matching address by iterating over a global
  list and always use the routing table.

This breaks icmp echo replies (and maybe more) on machines with >1 ip
"reverting is safer and make it clear that this function needs more love"
ok florian@, mpi@ for the revert

1 files changed, 20 insertions, 1 deletions

diff --git a/sys/netinet/ip_icmp.c b/sys/netinet/ip_icmp.c
index 8efeb55a930..971ac33e3fe 100644
--- a/sys/netinet/ip_icmp.c
+++ b/sys/netinet/ip_icmp.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_icmp.c,v 1.116 2014/03/13 01:22:54 jsg Exp $	*/
+/*	$OpenBSD: ip_icmp.c,v 1.117 2014/03/20 11:22:15 benno Exp $	*/
 /*	$NetBSD: ip_icmp.c,v 1.19 1996/02/13 23:42:22 christos Exp $	*/
 
 /*
@@ -702,6 +702,25 @@ icmp_reflect(struct mbuf *m, struct mbuf **op, struct in_ifaddr *ia)
 	t = ip->ip_dst;
 	ip->ip_dst = ip->ip_src;
 	/*
+	 * If the incoming packet was addressed directly to us,
+	 * use dst as the src for the reply.  For broadcast, use
+	 * the address which corresponds to the incoming interface.
+	 */
+	if (ia == NULL) {
+		TAILQ_FOREACH(ia, &in_ifaddr, ia_list) {
+			if (ia->ia_ifp->if_rdomain !=
+			    rtable_l2(m->m_pkthdr.rdomain))
+				continue;
+			if (t.s_addr == ia->ia_addr.sin_addr.s_addr)
+				break;
+			if ((ia->ia_ifp->if_flags & IFF_BROADCAST) &&
+			    ia->ia_broadaddr.sin_addr.s_addr != 0 &&
+			    t.s_addr == ia->ia_broadaddr.sin_addr.s_addr)
+				break;
+		}
+	}
+	/*
+	 * The following happens if the packet was not addressed to us.
 	 * Use the new source address and do a route lookup. If it fails
 	 * drop the packet as there is no path to the host.
 	 */