Backout damage to the INADDR_TO_IFP() macro in revision 1.7.

This macro was supposed to only match local IP addresses of
interfaces, and all consumers of this macro assume this as
well.  (See IP_MULTICAST_IF and IP_ADD_MEMBERSHIP socket
options in the ip(4) manpage.)

This fixes a major security breach in IPFW-based firewalls
where the `me' keyword would match the other end of a P2P
link.

PR:		kern/28567

1 files changed, 5 insertions, 12 deletions

diff --git a/sys/netinet/in_var.h b/sys/netinet/in_var.h
index f5c1464..e603cee 100644
--- a/sys/netinet/in_var.h
+++ b/sys/netinet/in_var.h
@@ -94,18 +94,11 @@ extern	u_char	inetctlerrmap[];
 	/* struct in_addr addr; */ \
 	/* struct ifnet *ifp; */ \
 { \
-	register struct in_ifaddr *ia; \
+	struct in_ifaddr *ia; \
 \
-	for (ia = TAILQ_FIRST(&in_ifaddrhead); \
-	    ia != NULL && ((ia->ia_ifp->if_flags & IFF_POINTOPOINT)? \
-		IA_DSTSIN(ia):IA_SIN(ia))->sin_addr.s_addr != (addr).s_addr; \
-	    ia = TAILQ_NEXT(ia, ia_link)) \
-		 continue; \
-	if (ia == NULL) \
-	    TAILQ_FOREACH(ia, &in_ifaddrhead, ia_link) \
-		    if (ia->ia_ifp->if_flags & IFF_POINTOPOINT && \
-			IA_SIN(ia)->sin_addr.s_addr == (addr).s_addr) \
-			    break; \
+	TAILQ_FOREACH(ia, &in_ifaddrhead, ia_link) \
+		if (IA_SIN(ia)->sin_addr.s_addr == (addr).s_addr) \
+			break; \
 	(ifp) = (ia == NULL) ? NULL : ia->ia_ifp; \
 }
 
@@ -180,7 +173,7 @@ struct in_multistep {
 	/* struct ifnet *ifp; */ \
 	/* struct in_multi *inm; */ \
 do { \
-	register struct ifmultiaddr *ifma; \
+	struct ifmultiaddr *ifma; \
 \
 	TAILQ_FOREACH(ifma, &((ifp)->if_multiaddrs), ifma_link) { \
 		if (ifma->ifma_addr->sa_family == AF_INET \