source-changes: CVS commit: src

Subject: CVS commit: src
To: None <source-changes@NetBSD.org>
From: Christos Zoulas <christos@netbsd.org>
List: source-changes
Date: 04/22/2007 19:47:42

Module Name:	src
Committed By:	christos
Date:		Sun Apr 22 19:47:41 UTC 2007

Modified Files:
	src/share/man/man7: sysctl.7
	src/sys/netinet6: ip6_input.c ip6_var.h route6.c

Log Message:
Disable processing of routing header type 0 packets since they can be used
of DoS attacks. Provide a sysctl to re-enable them (net.inet6.ip6.rht0).

Information from:
	http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf


To generate a diff of this commit:
cvs rdiff -r1.8 -r1.9 src/share/man/man7/sysctl.7
cvs rdiff -r1.101 -r1.102 src/sys/netinet6/ip6_input.c
cvs rdiff -r1.40 -r1.41 src/sys/netinet6/ip6_var.h
cvs rdiff -r1.17 -r1.18 src/sys/netinet6/route6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.