From 315f1c20f4c1bb68b2914337820367098d3f7747 Mon Sep 17 00:00:00 2001 From: Jun-ichiro itojun Hagino Date: Fri, 17 Dec 1999 22:47:06 +0000 Subject: do not accept IPv4 traffic by AF_INET6 socket. IPv4 mapped address is bad for access controls. (quickhack fix, need sysctl/setsockopt knob to enable this functionality) --- sys/netinet/in_pcb.c | 16 +++++++++++++++- sys/netinet/udp_usrreq.c | 12 +++++++++++- 2 files changed, 26 insertions(+), 2 deletions(-) (limited to 'sys') diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c index 0ddfa35e14a..f7797ea4fd8 100644 --- a/sys/netinet/in_pcb.c +++ b/sys/netinet/in_pcb.c @@ -1,4 +1,4 @@ -/* $OpenBSD: in_pcb.c,v 1.36 1999/12/08 11:36:40 angelos Exp $ */ +/* $OpenBSD: in_pcb.c,v 1.37 1999/12/17 22:47:04 itojun Exp $ */ /* $NetBSD: in_pcb.c,v 1.25 1996/02/13 23:41:53 christos Exp $ */ /* @@ -817,6 +817,11 @@ in_pcblookup(table, faddrp, fport_arg, laddrp, lport_arg, flags) inp->inp_fport != fport) continue; } else { +#ifdef INET6 + if (inp->inp_flags & INP_IPV6) + continue; /*XXX*/ + else +#endif if (faddr.s_addr != INADDR_ANY) wildcard++; } @@ -826,6 +831,11 @@ in_pcblookup(table, faddrp, fport_arg, laddrp, lport_arg, flags) else if (inp->inp_laddr.s_addr != laddr.s_addr) continue; } else { +#ifdef INET6 + if (inp->inp_flags & INP_IPV6) + continue; /*XXX*/ + else +#endif if (laddr.s_addr != INADDR_ANY) wildcard++; } @@ -975,6 +985,10 @@ in_pcbhashlookup(table, faddr, fport_arg, laddr, lport_arg) head = INPCBHASH(table, &faddr, fport, &laddr, lport); for (inp = head->lh_first; inp != NULL; inp = inp->inp_hash.le_next) { +#ifdef INET6 + if (inp->inp_flags & INP_IPV6) + continue; /*XXX*/ +#endif if (inp->inp_faddr.s_addr == faddr.s_addr && inp->inp_fport == fport && inp->inp_lport == lport && diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index a2d2d5a17bd..f5eeb674080 100644 --- a/sys/netinet/udp_usrreq.c +++ b/sys/netinet/udp_usrreq.c @@ -1,4 +1,4 @@ -/* $OpenBSD: udp_usrreq.c,v 1.30 1999/12/12 10:59:41 itojun Exp $ */ +/* $OpenBSD: udp_usrreq.c,v 1.31 1999/12/17 22:47:05 itojun Exp $ */ /* $NetBSD: udp_usrreq.c,v 1.28 1996/03/16 23:54:03 christos Exp $ */ /* @@ -409,6 +409,11 @@ udp_input(m, va_alist) if (inp->inp_laddr.s_addr != ip->ip_dst.s_addr) continue; + } else { +#ifdef INET6 + if (inp->inp_flags & INP_IPV6) + continue; /*XXX*/ +#endif } #ifdef INET6 if (ipv6) { @@ -424,6 +429,11 @@ udp_input(m, va_alist) ip->ip_src.s_addr || inp->inp_fport != uh->uh_sport) continue; + } else { +#ifdef INET6 + if (inp->inp_flags & INP_IPV6) + continue; /*XXX*/ +#endif } if (last != NULL) { -- cgit v1.2.3