mirror of
https://git.FreeBSD.org/src.git
synced 2024-12-04 09:09:56 +00:00
Fix implicit automatic local port selection for IPv6 during connect calls.
When a user creates a TCP socket and tries to connect to the socket without explicitly binding the socket to a local address, the connect call implicitly chooses an appropriate local port. When evaluating candidate local ports, the algorithm checks for conflicts with existing ports by doing a lookup in the connection hash table. In this circumstance, both the IPv4 and IPv6 code look for exact matches in the hash table. However, the IPv4 code goes a step further and checks whether the proposed 4-tuple will match wildcard (e.g. TCP "listen") entries. The IPv6 code has no such check. The missing wildcard check can cause problems when connecting to a local server. It is possible that the algorithm will choose the same value for the local port as the foreign port uses. This results in a connection with identical source and destination addresses and ports. Changing the IPv6 code to align with the IPv4 code's behavior fixes this problem. Reviewed by: tuexen Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D27164
This commit is contained in:
parent
32f4592764
commit
440598dd9e
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=367680
@ -464,7 +464,8 @@ in6_pcbconnect_mbuf(struct inpcb *inp, struct sockaddr *nam,
|
||||
rehash = false;
|
||||
error = in_pcb_lport_dest(inp,
|
||||
(struct sockaddr *) &laddr6, &inp->inp_lport,
|
||||
(struct sockaddr *) sin6, sin6->sin6_port, cred, 0);
|
||||
(struct sockaddr *) sin6, sin6->sin6_port, cred,
|
||||
INPLOOKUP_WILDCARD);
|
||||
if (error)
|
||||
return (error);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user