git: DragonFly_RELEASE_3_4 ip/udp: Fix IP source address setting for multicast address bound socket

Sepherosa Ziehau sephe at crater.dragonflybsd.org
Mon Apr 8 20:24:54 PDT 2013


commit 49452c993aaa48db33a11357cc5df6b73d0ff394
Author: Sepherosa Ziehau <sephe at dragonflybsd.org>
Date:   Tue Apr 9 11:06:39 2013 +0800

    ip/udp: Fix IP source address setting for multicast address bound socket
    
    It is a common practice to bind UDP socket to multicast address to enjoy
    kernel level destination multicast address and port filtering.  However,
    if data are sent on this kind of socket, source address of the IP packet
    will be the bound multicast address?!
    
    Two fixes are added to address this bug:
    
    1) Don't set IP source address in udp_output(), if the inpcb's laddr is
       multicast address.  Instead the IP source address is set to INADDR_ANY,
       so ip_output() could pick up a proper IP source address.
    
    2) With 1) in place, it is possible that IP source address is INADDR_ANY
       before the ifnet.if_output() using following steps:
       - If the IP_MULTICAST_IF socket option is set to iface0
       - The iface0's last IP address is unset, before the ip_output()
    
       This condition could easily be reproduced by using test/mcast:
       mcast -m 224.2.2.2 -p 3000 -i iface0_ip -D 10
       During the 10sec delay, wipe out all IP addresses from iface0
    
       Well, even without 1), raw IP still could generate IP packet using
       INADDR_ANY as source address.
    
       Two checks on the source IP address are added to ip_output() before
       ifnet.if_output()
       - IP source address should not be INADDR_ANY
       - IP source address should not be multicast address
    
       And for multicast IP packets, if the IP source address could be
       determined, they will not be looped back and forwarded.
    
    Reported-by: zeroxia

Summary of changes:
 sys/netinet/ip_output.c  | 86 +++++++++++++++++++++++++++---------------------
 sys/netinet/udp_usrreq.c |  5 ++-
 2 files changed, 53 insertions(+), 38 deletions(-)

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/49452c993aaa48db33a11357cc5df6b73d0ff394


-- 
DragonFly BSD source repository



More information about the Commits mailing list