netinet6: Disallow connections to IN6ADDR_ANY
AcceptedPublic
Actions

Authored by emaste on Fri, Dec 19, 2:19 PM.

Details

Reviewers

markj
des
jhb
zlei
glebius

Summary

Previously connect() or sendto() to INADDR_ANY or IN6ADDR_ANY reached
some socket bound to some host interface address.  Although this was
intentional it was an artifact of a different era, and is not desirable
now.

In 417b35a97b76 markj added support to disallow connect() to INADDR_ANY
and IN6ADDR_ANY.  Connections to INADDR_ANY were disabled by default in
cd240957d7ba.  Follow suit with IN6ADDR_ANY.

Diff Detail

Lint

Lint Skipped

Unit

Tests Skipped

Event Timeline

emaste created this revision.Fri, Dec 19, 2:19 PM

Herald added subscribers: glebius, melifaro, ae. · View Herald TranscriptFri, Dec 19, 2:19 PM

emaste requested review of this revision.Fri, Dec 19, 2:19 PM

markj accepted this revision.Fri, Dec 19, 2:42 PM

This revision is now accepted and ready to land.Fri, Dec 19, 2:42 PM

This should be run through the test suite, in case tests are relying on this behaviour.

This should be run through the test suite, in case tests are relying on this behaviour.

Indeed, will check at least that before pushing. After a quick grep I didn't find much of interest and I imagine a failure is unlikely; (2 copies of) libevent/test/regress_util.c was all that I spotted that seems somewhat interesting.

This is a behavior change. I think it deserves a Relnotes: Yes commit meta message.

I'd also suggest to change it to SYSCTL_BOOL.

Revision Contents
Changeset List

Path

Size

sys/

netinet6/

in6_pcb.c

2 lines

Diff 168412

View Options

netinet6: Disallow connections to IN6ADDR_ANYAcceptedPublicActions