Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 19 Feb 2018 15:54:26 +0000 (UTC)
From:      Eric van Gyzen <vangyzen@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org
Subject:   svn commit: r329581 - stable/11/sys/netinet6
Message-ID:  <201802191554.w1JFsQGl079255@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: vangyzen
Date: Mon Feb 19 15:54:26 2018
New Revision: 329581
URL: https://svnweb.freebsd.org/changeset/base/329581

Log:
  MFC r329053
  
  Fix ICMPv6 redirects
  
  icmp6_redirect_input() validates that a redirect packet came from the
  current gateway for the respective destination.  To do this, it compares
  the source address, which has an embedded scope zone id, to the next-hop
  address, which does not.  If the address is link-local, which should be
  the case, the comparison fails and the redirect is ignored.
  
  Insert the scope zone id into the next-hop address so the comparison
  is accurate.
  
  Unsurprisingly, this fixes 35 UNH IPv6 conformance test cases.
  
  Submitted by:	Farrell Woods <Farrell_Woods@Dell.com> (initial revision)
  Reviewed by:	ae melifaro dab
  Relnotes:	yes
  Sponsored by:	Dell EMC
  Differential Revision:	https://reviews.freebsd.org/D14254

Modified:
  stable/11/sys/netinet6/icmp6.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/sys/netinet6/icmp6.c
==============================================================================
--- stable/11/sys/netinet6/icmp6.c	Mon Feb 19 15:49:27 2018	(r329580)
+++ stable/11/sys/netinet6/icmp6.c	Mon Feb 19 15:54:26 2018	(r329581)
@@ -2302,6 +2302,14 @@ icmp6_redirect_input(struct mbuf *m, int off)
 			goto bad;
 		}
 
+		/*
+		 * Embed scope zone id into next hop address, since
+		 * fib6_lookup_nh_basic() returns address without embedded
+		 * scope zone id.
+		 */
+		if (in6_setscope(&nh6.nh_addr, m->m_pkthdr.rcvif, NULL))
+			goto freeit;
+
 		if (IN6_ARE_ADDR_EQUAL(&src6, &nh6.nh_addr) == 0) {
 			nd6log((LOG_ERR,
 			    "ICMP6 redirect rejected; "

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201802191554.w1JFsQGl079255>