git: DragonFly_RELEASE_5_8 jail - Fix broken port matching code

Matthew Dillon dillon at crater.dragonflybsd.org
Sun Feb 23 12:10:02 PST 2020


commit bd447d74c48cfef43050a6803efd1c02710e4b91
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date:   Sun Feb 23 12:02:27 2020 -0800

    jail - Fix broken port matching code
    
    * in_pcblookup_local() and in_pcblookup_localremote() were trying to
      use the cred to distinguish between jails, but these routines are used
      to locate a free port for bindind purposes and could wind up returning
      a lookup failure for an occupied port.
    
      The code may have been present in an early isolation attempt for jails.
    
    * Remove the code.  Isolating the IPs for a jail basically requires using
      IP aliases, not by trying to isolate port number sets between jails.

Summary of changes:
 sys/netinet/in_pcb.c | 44 ++++++++++++++++----------------------------
 1 file changed, 16 insertions(+), 28 deletions(-)

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/bd447d74c48cfef43050a6803efd1c02710e4b91


-- 
DragonFly BSD source repository



More information about the Commits mailing list