From owner-svn-src-head@freebsd.org  Wed Jun  3 14:35:29 2020
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id D17A9338E03;
 Wed,  3 Jun 2020 14:35:29 +0000 (UTC)
 (envelope-from freebsd@gndrsh.dnsmgr.net)
Received: from gndrsh.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 49cWfT1jVnz4W9f;
 Wed,  3 Jun 2020 14:35:28 +0000 (UTC)
 (envelope-from freebsd@gndrsh.dnsmgr.net)
Received: from gndrsh.dnsmgr.net (localhost [127.0.0.1])
 by gndrsh.dnsmgr.net (8.13.3/8.13.3) with ESMTP id 053EZKEC021830;
 Wed, 3 Jun 2020 07:35:20 -0700 (PDT)
 (envelope-from freebsd@gndrsh.dnsmgr.net)
Received: (from freebsd@localhost)
 by gndrsh.dnsmgr.net (8.13.3/8.13.3/Submit) id 053EZKdm021829;
 Wed, 3 Jun 2020 07:35:20 -0700 (PDT) (envelope-from freebsd)
From: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net>
Message-Id: <202006031435.053EZKdm021829@gndrsh.dnsmgr.net>
Subject: Re: svn commit: r361752 - head/sys/netinet
In-Reply-To: <202006031416.053EGem7005706@repo.freebsd.org>
To: Randall Stewart <rrs@freebsd.org>
Date: Wed, 3 Jun 2020 07:35:20 -0700 (PDT)
CC: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Reply-To: rgrimes@freebsd.org
X-Mailer: ELM [version 2.4ME+ PL121h (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII
X-Rspamd-Queue-Id: 49cWfT1jVnz4W9f
X-Spamd-Bar: ----
Authentication-Results: mx1.freebsd.org;
	none
X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[];
 ASN(0.00)[asn:13868, ipnet:69.59.192.0/19, country:US]
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.33
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jun 2020 14:35:29 -0000

> Author: rrs
> Date: Wed Jun  3 14:16:40 2020
> New Revision: 361752
> URL: https://svnweb.freebsd.org/changeset/base/361752
> 
> Log:
>   We should never allow either the broadcast or IN_ADDR_ANY to be
>   connected to or sent to. This was fond when working with Michael
>   Tuexen and Skyzaller. Skyzaller seems to want to use either of
>   these two addresses to connect to at times. And it really is
>   an error to do so, so lets not allow that behavior.

It would be preferable if possible to use the macros from
netinet/in.h.
#define INADDR_ANY              ((in_addr_t)0x00000000)
#define in_nullhost(x)  ((x).s_addr == INADDR_ANY)

There is an in_broadcast, but thats a function doing a
more complicated test checking for all possible local
broadcast addresses, which may be what you really want
to do here.

I am also finding it odd that we need to do this at the TCP layer,
there should already be stuff in place that prevents this from
occuring at the IP layer.  I guess this stuff is setup and ends
up in a tcb, that later fails when it goes to xmit a packet?

>   
>   Sponsored by:	Netflix Inc.
>   Differential Revision:	https://reviews.freebsd.org/D24852
> 
> Modified:
>   head/sys/netinet/tcp_usrreq.c
> 
> Modified: head/sys/netinet/tcp_usrreq.c
> ==============================================================================
> --- head/sys/netinet/tcp_usrreq.c	Wed Jun  3 14:07:31 2020	(r361751)
> +++ head/sys/netinet/tcp_usrreq.c	Wed Jun  3 14:16:40 2020	(r361752)
> @@ -552,6 +552,10 @@ tcp_usr_connect(struct socket *so, struct sockaddr *na
>  	if (sinp->sin_family == AF_INET
>  	    && IN_MULTICAST(ntohl(sinp->sin_addr.s_addr)))
>  		return (EAFNOSUPPORT);
> +	if ((sinp->sin_family == AF_INET) &&
> +	    ((ntohl(sinp->sin_addr.s_addr) == INADDR_BROADCAST) ||
> +	     (sinp->sin_addr.s_addr == INADDR_ANY)))
> +		return(EAFNOSUPPORT);
>  	if ((error = prison_remote_ip4(td->td_ucred, &sinp->sin_addr)) != 0)
>  		return (error);
>  
> @@ -652,6 +656,11 @@ tcp6_usr_connect(struct socket *so, struct sockaddr *n
>  			error = EAFNOSUPPORT;
>  			goto out;
>  		}
> +		if ((ntohl(sin.sin_addr.s_addr) == INADDR_BROADCAST) ||
> +		    (sin.sin_addr.s_addr == INADDR_ANY)) {
> +			error = EAFNOSUPPORT;
> +			goto out;
> +		}
>  		if ((error = prison_remote_ip4(td->td_ucred,
>  		    &sin.sin_addr)) != 0)
>  			goto out;
> @@ -1019,6 +1028,13 @@ tcp_usr_send(struct socket *so, int flags, struct mbuf
>  				goto out;
>  			}
>  			if (IN_MULTICAST(ntohl(sinp->sin_addr.s_addr))) {
> +				if (m)
> +					m_freem(m);
> +				error = EAFNOSUPPORT;
> +				goto out;
> +			}
> +			if ((ntohl(sinp->sin_addr.s_addr) == INADDR_BROADCAST) ||
> +			    (sinp->sin_addr.s_addr == INADDR_ANY)) {
>  				if (m)
>  					m_freem(m);
>  				error = EAFNOSUPPORT;
> 

-- 
Rod Grimes                                                 rgrimes@freebsd.org