Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 26 Jan 2011 17:31:03 +0000 (UTC)
From:      Daniel Eischen <deischen@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r217888 - head/sys/netinet
Message-ID:  <201101261731.p0QHV33e084044@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: deischen
Date: Wed Jan 26 17:31:03 2011
New Revision: 217888
URL: http://svn.freebsd.org/changeset/base/217888

Log:
  Prison check addresses set with multicast interface options.
  
  Reviewed by:	bz
  MFC after:	1 week

Modified:
  head/sys/netinet/in_pcb.c

Modified: head/sys/netinet/in_pcb.c
==============================================================================
--- head/sys/netinet/in_pcb.c	Wed Jan 26 17:20:34 2011	(r217887)
+++ head/sys/netinet/in_pcb.c	Wed Jan 26 17:31:03 2011	(r217888)
@@ -889,17 +889,20 @@ in_pcbconnect_setup(struct inpcb *inp, s
 			if (imo->imo_multicast_ifp != NULL) {
 				ifp = imo->imo_multicast_ifp;
 				IN_IFADDR_RLOCK();
-				TAILQ_FOREACH(ia, &V_in_ifaddrhead, ia_link)
-					if (ia->ia_ifp == ifp)
+				TAILQ_FOREACH(ia, &V_in_ifaddrhead, ia_link) {
+					if ((ia->ia_ifp == ifp) &&
+					    (cred == NULL ||
+					    prison_check_ip4(cred,
+					    &ia->ia_addr.sin_addr) == 0))
 						break;
-				if (ia == NULL) {
-					IN_IFADDR_RUNLOCK();
+				}
+				if (ia == NULL)
 					error = EADDRNOTAVAIL;
-				} else {
+				else {
 					laddr = ia->ia_addr.sin_addr;
-					IN_IFADDR_RUNLOCK();
 					error = 0;
 				}
+				IN_IFADDR_RUNLOCK();
 			}
 		}
 		if (error)



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201101261731.p0QHV33e084044>