CVS commit: src/sys/netinet6

Mon, 13 Jan 2014 10:24:36 -0800 

Module Name:    src
Committed By:   roy
Date:           Mon Jan 13 18:23:37 UTC 2014

Modified Files:
        src/sys/netinet6: nd6_nbr.c

Log Message:
When handling NS/NA we need to check our prefix list instead of our
address list to work out if it came from a valid neighbor.


To generate a diff of this commit:
cvs rdiff -u -r1.98 -r1.99 src/sys/netinet6/nd6_nbr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/netinet6/nd6_nbr.c
diff -u src/sys/netinet6/nd6_nbr.c:1.98 src/sys/netinet6/nd6_nbr.c:1.99
--- src/sys/netinet6/nd6_nbr.c:1.98	Tue May 21 09:54:12 2013
+++ src/sys/netinet6/nd6_nbr.c	Mon Jan 13 18:23:36 2014
@@ -1,4 +1,4 @@
-/*	$NetBSD: nd6_nbr.c,v 1.98 2013/05/21 09:54:12 roy Exp $	*/
+/*	$NetBSD: nd6_nbr.c,v 1.99 2014/01/13 18:23:36 roy Exp $	*/
 /*	$KAME: nd6_nbr.c,v 1.61 2001/02/10 16:06:14 jinmei Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: nd6_nbr.c,v 1.98 2013/05/21 09:54:12 roy Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nd6_nbr.c,v 1.99 2014/01/13 18:23:36 roy Exp $");
 
 #include "opt_inet.h"
 #include "opt_ipsec.h"
@@ -143,10 +143,13 @@ nd6_ns_input(struct mbuf *m, int off, in
 			goto bad;
 		}
 	} else {
+		struct sockaddr_in6 ssin6;
+
 		/*
 		 * Make sure the source address is from a neighbor's address.
 		 */
-		if (in6ifa_ifplocaladdr(ifp, &saddr6) == NULL) {
+		sockaddr_in6_init(&ssin6, &saddr6, 0, 0, 0);
+		if (nd6_is_addr_neighbor(&ssin6, ifp) == 0) {
 			nd6log((LOG_INFO, "nd6_ns_input: "
 			    "NS packet from non-neighbor\n"));
 			goto bad;
@@ -563,6 +566,7 @@ nd6_na_input(struct mbuf *m, int off, in
 	struct rtentry *rt;
 	struct sockaddr_dl *sdl;
 	union nd_opts ndopts;
+	struct sockaddr_in6 ssin6;
 
 	if (ip6->ip6_hlim != 255) {
 		nd6log((LOG_ERR,
@@ -637,11 +641,13 @@ nd6_na_input(struct mbuf *m, int off, in
 		    ip6_sprintf(&taddr6));
 		goto freeit;
 	}
+
 	/*
 	 * Make sure the source address is from a neighbor's address.
 	 */
-	if (in6ifa_ifplocaladdr(ifp, &saddr6) == NULL) {
-		nd6log((LOG_INFO, "nd6_ns_input: "
+	sockaddr_in6_init(&ssin6, &saddr6, 0, 0, 0);
+	if (nd6_is_addr_neighbor(&ssin6, ifp) == 0) {
+		nd6log((LOG_INFO, "nd6_na_input: "
 		    "ND packet from non-neighbor\n"));
 		goto bad;
 	}

Reply via email to