Date: Wed, 8 Dec 2004 23:40:13 GMT From: dave baukus <dbaukus@chiaro.com> To: freebsd-gnats-submit@FreeBSD.org Subject: kern/74876: Can not receive Hop by Hop options Message-ID: <200412082340.iB8NeD0i093473@www.freebsd.org> Resent-Message-ID: <200412082350.iB8NoNJ0029579@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 74876 >Category: kern >Synopsis: Can not receive Hop by Hop options >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Dec 08 23:50:23 GMT 2004 >Closed-Date: >Last-Modified: >Originator: dave baukus >Release: 4.10 >Organization: Chiaro Networks >Environment: FreeBSD kavachi 4.10-RELEASE FreeBSD 4.10-RELEASE #0: Wed Dec 8 15:43:48 CST 2004dbaukus@krakatoa.chiaro.com:/home/dbaukus/kavachi-kern/compile/CHIAROS i386 >Description: It is impossible for an application receive an IPv6 Hop By Hop option via the RFC 2293 API; a bug in the kernel prevents this. >How-To-Repeat: Write a program that sends and receives IPv6 packets using the RFC 2292 API; enable the receiving socket to extract the Hop by Hop ancillary data. The kernel will not append the Hop by Hop options to the socket() because of a bogus "privilege" check in ip6_savecontrol(); The check is bogus because it relies on curproc, this function is executed from ip6_input via ip6intr() from softclock. curproc, if not NULL, almost certainly has no relationship to the destination socket. >Fix: Remove the "privileged" check from the IN6P_HOPOPTS delivery in ip6_savecontrol(); the setsockopt(...,IPV6_HOPOPTS,...) code already checks suser() when the IN6P_HOPOPTS flag is set; therefore, only a privileged socket will be able to receive these options. ip6_savecontrol () diff: 1372c1372 < if ((in6p->in6p_flags & IN6P_HOPOPTS) != 0 && privileged) { --- > if ((in6p->in6p_flags & IN6P_HOPOPTS) != 0) { >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200412082340.iB8NeD0i093473>