git: inet/inet6: Remove the v4-mapped address support
Sepherosa Ziehau
sephe at crater.dragonflybsd.org
Fri Dec 26 23:49:05 PST 2014
commit 727ccde8cce813911d885b7f6ed749dcea68a886
Author: Sepherosa Ziehau <sephe at dragonflybsd.org>
Date: Thu Dec 18 21:06:42 2014 +0800
inet/inet6: Remove the v4-mapped address support
This greatly simplies the code (even the IPv4 code) and avoids all kinds
of possible port theft.
INPCB:
- Nuke IN6P_IPV6_V6ONLY, which is always on after this commit.
- Change inp_vflag into inp_af (AF_INET or AF_INET6), since the socket
is either IPv6 or IPv4, but never both. Set inpcb.inp_af in
in_pcballoc() instead of in every pru_attach methods. Add INP_ISIPV4()
and INP_ISIPV6() macros to check inpcb family (socket family and
inpcb.inp_af are same).
- Nuke the convoluted code in in_pcbbind() and in6_pcbbind() which is used
to allow wildcard binding to accepting IPv4 connections on IPv6 wildcard
bound sockets.
- Nuke the code in in_pcblookup_pkthash() to match IPv4 faddr with IPv6
wildcard bound socket.
- Nuke in6_mapped_{peeraddr,sockaddr,savefaddr}(); use in6_{setpeeraddr,
setsockaddr,savefaddr}() directly.
- Nuke v4-mapped address convertion functions.
- Don't allow binding to v4-mapped address in in6_pcbind().
- Don't allow connecting to v4-mapped address in in6_pcbconnect().
TCP:
- Nuke the code in tcp_output() which takes care of the IP header TTL
setting for v4-mapped IPv6 socket.
- Don't allow binding to v4-mapped address (through in6_pcbbind()).
- Don't allow connecting to v4-mapped address and nuke the related code
(PRUC_NAMALLOC etc.).
- Nuke the code (PRUC_FALLBACK etc.) to fallback to IPv4 connection if
IPv6 connection fails, which is wrong.
- Nuke the code for v4-mapped IPv6 socket in tcp6_soport().
UDP:
- Nuke the code for v4-mapped IPv6 socket in udp_input() and udp_append().
- Don't allow binding to v4-mapped address (through in6_pcbbind()).
- Don't allow connecting to v4-mapped address.
- Don't allow sending datagrams to v4-mapped address and nuke the related
code in udp6_output().
- Nuke the code for v4-mapped IPv6 socket in udp6_disconnect()
RIP:
- Don't allow sending packets to v4-mapped address.
- Don't allow binding to v4-mapped address.
- Don't allow connecting to v4-mapped address.
Misc fixup:
- Don't force rip pru_attach method to return 0. If in_pcballoc() fails,
just return the error code.
Summary of changes:
sys/net/netmsg.h | 2 -
sys/netinet/in_pcb.c | 101 +++++-----------
sys/netinet/in_pcb.h | 14 +--
sys/netinet/ip_divert.c | 1 -
sys/netinet/raw_ip.c | 4 +-
sys/netinet/sctp_asconf.c | 27 +----
sys/netinet/sctp_output.c | 17 +--
sys/netinet/sctp_pcb.c | 164 ++++----------------------
sys/netinet/sctp_pcb.h | 17 ---
sys/netinet/sctp_usrreq.c | 83 +++----------
sys/netinet/sctputil.c | 18 +--
sys/netinet/tcp_input.c | 9 +-
sys/netinet/tcp_output.c | 17 +--
sys/netinet/tcp_subr.c | 40 ++-----
sys/netinet/tcp_syncache.c | 6 +-
sys/netinet/tcp_timer.c | 2 +-
sys/netinet/tcp_usrreq.c | 81 +++----------
sys/netinet/udp_usrreq.c | 138 +++-------------------
sys/netinet6/icmp6.c | 6 +-
sys/netinet6/in6.c | 58 ----------
sys/netinet6/in6.h | 4 -
sys/netinet6/in6_pcb.c | 124 +++-----------------
sys/netinet6/in6_pcb.h | 6 +-
sys/netinet6/ip6_demux.c | 18 +--
sys/netinet6/ip6_output.c | 11 +-
sys/netinet6/raw_ip6.c | 16 ++-
sys/netinet6/sctp6_usrreq.c | 275 +++-----------------------------------------
sys/netinet6/udp6_output.c | 106 ++++++-----------
sys/netinet6/udp6_usrreq.c | 75 +++---------
usr.bin/netstat/inet.c | 30 ++---
usr.bin/sockstat/sockstat.c | 26 ++---
usr.bin/systat/netbw.c | 20 ++--
usr.bin/systat/netstat.c | 2 +-
33 files changed, 271 insertions(+), 1247 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/727ccde8cce813911d885b7f6ed749dcea68a886
--
DragonFly BSD source repository
More information about the Commits
mailing list