diff options
author | ume <ume@FreeBSD.org> | 2005-07-25 12:31:43 +0000 |
---|---|---|
committer | ume <ume@FreeBSD.org> | 2005-07-25 12:31:43 +0000 |
commit | da2cf62b280b8450d5f8e0d810e810cdcc59a8c0 (patch) | |
tree | 5a678f63b25976c30f74f3bad9edb6f708c52930 /sys/netinet/tcp_timewait.c | |
parent | 59bc7b0da19f008a39ee92249e92f8246f04394e (diff) | |
download | FreeBSD-src-da2cf62b280b8450d5f8e0d810e810cdcc59a8c0.zip FreeBSD-src-da2cf62b280b8450d5f8e0d810e810cdcc59a8c0.tar.gz |
scope cleanup. with this change
- most of the kernel code will not care about the actual encoding of
scope zone IDs and won't touch "s6_addr16[1]" directly.
- similarly, most of the kernel code will not care about link-local
scoped addresses as a special case.
- scope boundary check will be stricter. For example, the current
*BSD code allows a packet with src=::1 and dst=(some global IPv6
address) to be sent outside of the node, if the application do:
s = socket(AF_INET6);
bind(s, "::1");
sendto(s, some_global_IPv6_addr);
This is clearly wrong, since ::1 is only meaningful within a single
node, but the current implementation of the *BSD kernel cannot
reject this attempt.
Submitted by: JINMEI Tatuya <jinmei__at__isl.rdc.toshiba.co.jp>
Obtained from: KAME
Diffstat (limited to 'sys/netinet/tcp_timewait.c')
-rw-r--r-- | sys/netinet/tcp_timewait.c | 22 |
1 files changed, 10 insertions, 12 deletions
diff --git a/sys/netinet/tcp_timewait.c b/sys/netinet/tcp_timewait.c index 11d51e2..750c3b9 100644 --- a/sys/netinet/tcp_timewait.c +++ b/sys/netinet/tcp_timewait.c @@ -74,6 +74,7 @@ #include <netinet/ip_var.h> #ifdef INET6 #include <netinet6/ip6_var.h> +#include <netinet6/scope6_var.h> #include <netinet6/nd6.h> #endif #include <netinet/ip_icmp.h> @@ -1044,19 +1045,17 @@ tcp6_getcred(SYSCTL_HANDLER_ARGS) error = SYSCTL_IN(req, addrs, sizeof(addrs)); if (error) return (error); + if ((error = sa6_embedscope(&addrs[0], ip6_use_defzone)) != 0 || + (error = sa6_embedscope(&addrs[1], ip6_use_defzone)) != 0) { + return (error); + } if (IN6_IS_ADDR_V4MAPPED(&addrs[0].sin6_addr)) { if (IN6_IS_ADDR_V4MAPPED(&addrs[1].sin6_addr)) mapped = 1; else return (EINVAL); - } else { - error = in6_embedscope(&a6[0], &addrs[0], NULL, NULL); - if (error) - return (EINVAL); - error = in6_embedscope(&a6[1], &addrs[1], NULL, NULL); - if (error) - return (EINVAL); } + INP_INFO_RLOCK(&tcbinfo); if (mapped == 1) inp = in_pcblookup_hash(&tcbinfo, @@ -2191,12 +2190,11 @@ sysctl_drop(SYSCTL_HANDLER_ARGS) lin = (struct sockaddr_in *)&addrs[1]; break; } - error = in6_embedscope(&f6, fin6, NULL, NULL); + error = sa6_embedscope(fin6, ip6_use_defzone); if (error) - return (EINVAL); - error = in6_embedscope(&l6, lin6, NULL, NULL); - if (error) - return (EINVAL); + return (error); + error = sa6_embedscope(lin6, ip6_use_defzone); + return (error); break; #endif case AF_INET: |