Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 14 Nov 2020 14:50:34 +0000 (UTC)
From:      "Jonathan T. Looney" <jtl@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r367680 - head/sys/netinet6
Message-ID:  <202011141450.0AEEoYWL079087@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: jtl
Date: Sat Nov 14 14:50:34 2020
New Revision: 367680
URL: https://svnweb.freebsd.org/changeset/base/367680

Log:
  Fix implicit automatic local port selection for IPv6 during connect calls.
  
  When a user creates a TCP socket and tries to connect to the socket without
  explicitly binding the socket to a local address, the connect call
  implicitly chooses an appropriate local port. When evaluating candidate
  local ports, the algorithm checks for conflicts with existing ports by
  doing a lookup in the connection hash table.
  
  In this circumstance, both the IPv4 and IPv6 code look for exact matches
  in the hash table. However, the IPv4 code goes a step further and checks
  whether the proposed 4-tuple will match wildcard (e.g. TCP "listen")
  entries. The IPv6 code has no such check.
  
  The missing wildcard check can cause problems when connecting to a local
  server. It is possible that the algorithm will choose the same value for
  the local port as the foreign port uses. This results in a connection with
  identical source and destination addresses and ports. Changing the IPv6
  code to align with the IPv4 code's behavior fixes this problem.
  
  Reviewed by:	tuexen
  Sponsored by:	Netflix
  Differential Revision:	https://reviews.freebsd.org/D27164

Modified:
  head/sys/netinet6/in6_pcb.c

Modified: head/sys/netinet6/in6_pcb.c
==============================================================================
--- head/sys/netinet6/in6_pcb.c	Sat Nov 14 14:15:49 2020	(r367679)
+++ head/sys/netinet6/in6_pcb.c	Sat Nov 14 14:50:34 2020	(r367680)
@@ -464,7 +464,8 @@ in6_pcbconnect_mbuf(struct inpcb *inp, struct sockaddr
 			rehash = false;
 			error = in_pcb_lport_dest(inp,
 			    (struct sockaddr *) &laddr6, &inp->inp_lport,
-			    (struct sockaddr *) sin6, sin6->sin6_port, cred, 0);
+			    (struct sockaddr *) sin6, sin6->sin6_port, cred,
+			    INPLOOKUP_WILDCARD);
 			if (error)
 				return (error);
 		}

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202011141450.0AEEoYWL079087>