This look like a bad merge from 2000s. This check is present twice in
ip6_input(), so let's remove the late one, ok?
Index: netinet6/ip6_input.c
===================================================================
RCS file: /cvs/src/sys/netinet6/ip6_input.c,v
retrieving revision 1.158
diff -u -p -r1.158 ip6_input.c
--- netinet6/ip6_input.c 19 Apr 2016 08:23:13 -0000 1.158
+++ netinet6/ip6_input.c 6 May 2016 13:01:34 -0000
@@ -600,21 +600,6 @@ ip6_input(struct mbuf *m)
ip6 = mtod(m, struct ip6_hdr *);
/*
- * Malicious party may be able to use IPv4 mapped addr to confuse
- * tcp/udp stack and bypass security checks (act as if it was from
- * 127.0.0.1 by using IPv6 src ::ffff:127.0.0.1). Be cautious.
- *
- * For SIIT end node behavior, you may want to disable the check.
- * However, you will become vulnerable to attacks using IPv4 mapped
- * source.
- */
- if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) ||
- IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) {
- ip6stat.ip6s_badscope++;
- goto bad;
- }
-
- /*
* Tell launch routine the next header
*/
ip6stat.ip6s_delivered++;
