Re: route(1): add an address family validation
> I don't think the entry is pointless. There are setups where nexthop of > different address family do make sense. Things like rfc5549 can do > IPv4 over IPv6 Core. In some cases this is used for network autodiscovery > (using IPv6 link-local addresses as nexthops). I didn't understand them. As you pointed out, the entry is useful. Thank you for your reply.
Re: route(1): add an address family validation
On Fri, Aug 27, 2021 at 03:58:23PM +0900, morimoto wrote:
> hi,
> I found an interesting issue while toying routing.
> route(1) accepts IPv4 destination and IPv6 gateway entry.
> command is as below:
> route add 192.0.2.1 2001:db8::1
>
> Curiously it has no error.
> The entry is pointless, I think it should teach a mistake.
> If destination and gateway address family are not the same, it should return
> error.
>
> Comments?
I don't think the entry is pointless. There are setups where nexthop of
different address family do make sense. Things like rfc5549 can do
IPv4 over IPv6 Core. In some cases this is used for network autodiscovery
(using IPv6 link-local addresses as nexthops).
Because of this I think it would make more sense to make this actually
work.
> Index: sbin/route/route.c
> ===
> RCS file: /cvs/src/sbin/route/route.c,v
> retrieving revision 1.254
> diff -u -p -r1.254 route.c
> --- sbin/route/route.c12 Mar 2021 19:35:43 - 1.254
> +++ sbin/route/route.c26 Aug 2021 09:02:17 -
> @@ -782,6 +782,9 @@ newroute(int argc, char **argv)
> break;
> }
> oerrno = errno;
> + if ((rtm_addrs & RTA_GATEWAY) == 0 &&
> + so_dst.sa.sa_family != so_gate.sa.sa_family)
> + errx(1, "address family mismatch");
> if (!qflag && (*cmd != 'g' || ret != 0)) {
> printf("%s %s %s", cmd, ishost ? "host" : "net", dest);
> if (*gateway) {
>
> Index: sys/net/rtsock.c
> ===
> RCS file: /cvs/src/sys/net/rtsock.c,v
> retrieving revision 1.319
> diff -u -p -r1.319 rtsock.c
> --- sys/net/rtsock.c 23 Jun 2021 16:10:45 - 1.319
> +++ sys/net/rtsock.c 26 Aug 2021 09:02:01 -
> @@ -822,6 +822,12 @@ route_output(struct mbuf *m, struct sock
> error = EINVAL;
> goto fail;
> }
> + if ((rtm->rtm_type == RTM_ADD || rtm->rtm_type == RTM_CHANGE) &&
> + info.rti_info[RTAX_DST]->sa_family !=
> + info.rti_info[RTAX_GATEWAY]->sa_family) {
> + error = EINVAL;
> + goto fail;
> + }
> #ifdef MPLS
> info.rti_mpls = rtm->rtm_mpls;
> #endif
>
>
--
:wq Claudio
route(1): add an address family validation
hi,
I found an interesting issue while toying routing.
route(1) accepts IPv4 destination and IPv6 gateway entry.
command is as below:
route add 192.0.2.1 2001:db8::1
Curiously it has no error.
The entry is pointless, I think it should teach a mistake.
If destination and gateway address family are not the same, it should return
error.
Comments?
Index: sbin/route/route.c
===
RCS file: /cvs/src/sbin/route/route.c,v
retrieving revision 1.254
diff -u -p -r1.254 route.c
--- sbin/route/route.c 12 Mar 2021 19:35:43 - 1.254
+++ sbin/route/route.c 26 Aug 2021 09:02:17 -
@@ -782,6 +782,9 @@ newroute(int argc, char **argv)
break;
}
oerrno = errno;
+ if ((rtm_addrs & RTA_GATEWAY) == 0 &&
+ so_dst.sa.sa_family != so_gate.sa.sa_family)
+ errx(1, "address family mismatch");
if (!qflag && (*cmd != 'g' || ret != 0)) {
printf("%s %s %s", cmd, ishost ? "host" : "net", dest);
if (*gateway) {
Index: sys/net/rtsock.c
===
RCS file: /cvs/src/sys/net/rtsock.c,v
retrieving revision 1.319
diff -u -p -r1.319 rtsock.c
--- sys/net/rtsock.c23 Jun 2021 16:10:45 - 1.319
+++ sys/net/rtsock.c26 Aug 2021 09:02:01 -
@@ -822,6 +822,12 @@ route_output(struct mbuf *m, struct sock
error = EINVAL;
goto fail;
}
+ if ((rtm->rtm_type == RTM_ADD || rtm->rtm_type == RTM_CHANGE) &&
+ info.rti_info[RTAX_DST]->sa_family !=
+ info.rti_info[RTAX_GATEWAY]->sa_family) {
+ error = EINVAL;
+ goto fail;
+ }
#ifdef MPLS
info.rti_mpls = rtm->rtm_mpls;
#endif
