Date: Sun, 14 Dec 2008 17:47:33 +0000 (UTC) From: "Bjoern A. Zeeb" <bz@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r186086 - head/sys/netinet Message-ID: <200812141747.mBEHlXGF065234@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: bz Date: Sun Dec 14 17:47:33 2008 New Revision: 186086 URL: http://svn.freebsd.org/changeset/base/186086 Log: Add a check, that is currently under discussion for 8 but that we need to keep for 7-STABLE when MFCing in_pcbladdr() to not change the behaviour there. With this a destination route via a loopback interface is treated as a valid and reachable thing for IPv4 source address selection, even though nothing of that network is ever directly reachable, but it is more like a blackhole route. With this the source address will be selected and IPsec can grab the packets before we would discard them at a later point, encapsulate them and send them out from a different tunnel endpoint IP. Discussed on: net Reported by: Frank Behrens <frank@harz.behrens.de> Tested by: Frank Behrens <frank@harz.behrens.de> MFC after: 4 weeks (just so that I get the mail) Modified: head/sys/netinet/in_pcb.c Modified: head/sys/netinet/in_pcb.c ============================================================================== --- head/sys/netinet/in_pcb.c Sun Dec 14 16:56:47 2008 (r186085) +++ head/sys/netinet/in_pcb.c Sun Dec 14 17:47:33 2008 (r186086) @@ -695,6 +695,10 @@ in_pcbladdr(struct inpcb *inp, struct in ia = ifatoia(ifa_ifwithnet(sintosa(&sain))); if (cred == NULL || !jailed(cred)) { +#if __FreeBSD_version < 800000 + if (ia == NULL) + ia = (struct in_ifaddr *)sro.ro_rt->rt_ifa; +#endif if (ia == NULL) { error = ENETUNREACH; goto done;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200812141747.mBEHlXGF065234>