git: 627e126dbb07 - main - netinet6: Disallow connections to IN6ADDR_ANY

Ed Maste Thu, 29 Jan 2026 06:09:20 -0800

The branch main has been updated by emaste:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=627e126dbb07b167b028380ef61bb45f10493938


commit 627e126dbb07b167b028380ef61bb45f10493938
Author:     Ed Maste <[email protected]>
AuthorDate: 2025-12-19 14:15:35 +0000
Commit:     Ed Maste <[email protected]>
CommitDate: 2026-01-29 14:08:45 +0000

    netinet6: Disallow connections to IN6ADDR_ANY
    
    Previously connect() or sendto() to INADDR_ANY or IN6ADDR_ANY reached
    some socket bound to some host interface address.  Although this was
    intentional it was an artifact of a different era, and is not desirable
    now.
    
    In 417b35a97b76 markj added support to disallow connect() to INADDR_ANY
    and IN6ADDR_ANY.  Connections to INADDR_ANY were disabled by default in
    cd240957d7ba.  Follow suit with IN6ADDR_ANY.
    
    Reviewed by:    glebius, markj, zlei
    Sponsored by:   The FreeBSD Foundation
    Differential Revision: https://reviews.freebsd.org/D54306
---
 sys/netinet6/in6_pcb.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/netinet6/in6_pcb.c b/sys/netinet6/in6_pcb.c
index f2eb00161690..9eb7a59fcf55 100644
--- a/sys/netinet6/in6_pcb.c
+++ b/sys/netinet6/in6_pcb.c
@@ -115,7 +115,7 @@
 
 SYSCTL_DECL(_net_inet6);
 SYSCTL_DECL(_net_inet6_ip6);
-VNET_DEFINE_STATIC(int, connect_in6addr_wild) = 1;
+VNET_DEFINE_STATIC(int, connect_in6addr_wild) = 0;
 #define        V_connect_in6addr_wild  VNET(connect_in6addr_wild)
 SYSCTL_INT(_net_inet6_ip6, OID_AUTO, connect_in6addr_wild,
     CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(connect_in6addr_wild), 0,

git: 627e126dbb07 - main - netinet6: Disallow connections to IN6ADDR_ANY

Reply via email to