summaryrefslogtreecommitdiff
path: root/sys
diff options
context:
space:
mode:
authorAlexander Bluhm <bluhm@cvs.openbsd.org>2018-12-10 23:00:02 +0000
committerAlexander Bluhm <bluhm@cvs.openbsd.org>2018-12-10 23:00:02 +0000
commitda1793edea7ce7c98ea343a907e74f8c919b3359 (patch)
tree6af1f661e0628d9131c52413473bdd84a95a1bb3 /sys
parentf70625261875ba34567f11279c75ec6aa4b22a32 (diff)
When forwarding IPv6 packets, generated ICMP6 packets used the
interface address of the route as source address. To avoid using link-local addresses in ICMP6 packets sent into networks where they are out of scope, use the regular IPv6 source selection algorithm also in this icmp6_reflect() case. reported by sthen@; fix from Arnaud BRAND; OK claudio@
Diffstat (limited to 'sys')
-rw-r--r--sys/netinet6/icmp6.c10
1 files changed, 8 insertions, 2 deletions
diff --git a/sys/netinet6/icmp6.c b/sys/netinet6/icmp6.c
index 678f10ecc31..3a0adadcc7a 100644
--- a/sys/netinet6/icmp6.c
+++ b/sys/netinet6/icmp6.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: icmp6.c,v 1.227 2018/11/09 14:14:32 claudio Exp $ */
+/* $OpenBSD: icmp6.c,v 1.228 2018/12/10 23:00:01 bluhm Exp $ */
/* $KAME: icmp6.c,v 1.217 2001/06/20 15:03:29 jinmei Exp $ */
/*
@@ -1125,6 +1125,8 @@ icmp6_reflect(struct mbuf *m, size_t off)
rt = NULL;
if (src == NULL) {
+ struct in6_ifaddr *ia6;
+
/*
* This case matches to multicasts, our anycast, or unicasts
* that we do not own. Select a source address based on the
@@ -1141,7 +1143,11 @@ icmp6_reflect(struct mbuf *m, size_t off)
rtfree(rt);
goto bad;
}
- src = &ifatoia6(rt->rt_ifa)->ia_addr.sin6_addr;
+ ia6 = in6_ifawithscope(rt->rt_ifa->ifa_ifp, &t, rtableid);
+ if (ia6 != NULL)
+ src = &ia6->ia_addr.sin6_addr;
+ if (src == NULL)
+ src = &ifatoia6(rt->rt_ifa)->ia_addr.sin6_addr;
}
ip6->ip6_src = *src;
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-23 13:02:22 +0000