[src/trunk]: src/sys/netipsec catch a case where an ip6 address with scope em...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/sys/netipsec catch a case where an ip6 address with scope em...
From: drochner <drochner%NetBSD.org@localhost>
Date: Mon, 06 Apr 2020 20:35:09 +0000

details:   https://anonhg.NetBSD.org/src/rev/9a34801a50a9
branches:  trunk
changeset: 765909:9a34801a50a9
user:      drochner <drochner%NetBSD.org@localhost>
date:      Thu Jun 09 21:04:37 2011 +0000

description:
catch a case where an ip6 address with scope embedded was compared with
one without -- interestingly this didn't break the connection but just
caused a useless encapsulation
(this code needs to be rearranged to get it clean)

diffstat:

 sys/netipsec/ipsec_output.c |  18 +++++++++++++++---
 1 files changed, 15 insertions(+), 3 deletions(-)

diffs (46 lines):

diff -r 0c4d994badc7 -r 9a34801a50a9 sys/netipsec/ipsec_output.c
--- a/sys/netipsec/ipsec_output.c       Thu Jun 09 19:57:50 2011 +0000
+++ b/sys/netipsec/ipsec_output.c       Thu Jun 09 21:04:37 2011 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ipsec_output.c,v 1.35 2011/06/07 15:54:57 drochner Exp $       */
+/*     $NetBSD: ipsec_output.c,v 1.36 2011/06/09 21:04:37 drochner Exp $       */
 
 /*-
  * Copyright (c) 2002, 2003 Sam Leffler, Errno Consulting
@@ -29,7 +29,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec_output.c,v 1.35 2011/06/07 15:54:57 drochner Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec_output.c,v 1.36 2011/06/09 21:04:37 drochner Exp $");
 
 /*
  * IPsec output processing.
@@ -632,6 +632,18 @@
 #endif
 
 #ifdef INET6
+static int
+in6_sa_equal_addrwithscope(const struct sockaddr_in6 *sa, const struct in6_addr *ia)
+{
+       struct in6_addr ia2;
+
+       memcpy(&ia2, &sa->sin6_addr, sizeof(ia2));
+       if (IN6_IS_SCOPE_LINKLOCAL(&sa->sin6_addr))
+               ia2.s6_addr16[1] = htons(sa->sin6_scope_id);
+
+       return IN6_ARE_ADDR_EQUAL(ia, &ia2);
+}
+
 int
 ipsec6_process_packet(
        struct mbuf *m,
@@ -673,7 +685,7 @@
            dst->sa.sa_family != AF_INET6 ||        /* PF mismatch */
            ((dst->sa.sa_family == AF_INET6) &&
             (!IN6_IS_ADDR_UNSPECIFIED(&dst->sin6.sin6_addr)) &&
-            (!IN6_ARE_ADDR_EQUAL(&dst->sin6.sin6_addr,
+            (!in6_sa_equal_addrwithscope(&dst->sin6,
                                  &ip6->ip6_dst)))) {
                struct mbuf *mp;

Prev by Date: [src/trunk]: src/sys more "const"
Next by Date: [src/trunk]: src/sbin share more code.
Previous by Thread: [src/trunk]: src/sys more "const"
Next by Thread: [src/trunk]: src/sbin share more code.
Indexes:

Home | Main Index | Thread Index | Old Index