diff options
| author |   mcbride <mcbride@openbsd.org> | 2003-12-08 07:07:35 +0000 |
|---|---|---|
| committer | mcbride <mcbride@openbsd.org> | 2003-12-08 07:07:35 +0000 |
| commit | b2a575a3784c7df6d1b2d7e84adb66d28cffabba (patch) | |
| tree | 2bc3a7eae51661a049d011637713598a775881c4 /sys/netinet/tcp_usrreq.c | |
| parent | sync (diff) | |
| download | wireguard-openbsd-b2a575a3784c7df6d1b2d7e84adb66d28cffabba.tar.xz wireguard-openbsd-b2a575a3784c7df6d1b2d7e84adb66d28cffabba.zip | |
Mbuf tag tcp and udp packets which are translated to localhost, and
use the the presence of this tag to reverse the match order in
in{6}_pcblookup_listen(). Some daemons (such as portmap) do a double
bind, binding to both * and localhost in order to differentiate local
from non-local connections, and potentially granting more privilege to
local ones. This change ensures that redirected connections to localhost
do not appear local to such a daemon.
Bulk of changes from dhartmei@, some changes markus@
ok dhartmei@ deraadt@
Diffstat (limited to 'sys/netinet/tcp_usrreq.c')
| -rw-r--r-- | sys/netinet/tcp_usrreq.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/sys/netinet/tcp_usrreq.c b/sys/netinet/tcp_usrreq.c index ff9983289b7..7512d1a99b0 100644 --- a/sys/netinet/tcp_usrreq.c +++ b/sys/netinet/tcp_usrreq.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_usrreq.c,v 1.72 2003/11/04 21:43:16 markus Exp $ */ +/* $OpenBSD: tcp_usrreq.c,v 1.73 2003/12/08 07:07:36 mcbride Exp $ */ /* $NetBSD: tcp_usrreq.c,v 1.20 1996/02/13 23:44:16 christos Exp $ */ /* @@ -835,12 +835,12 @@ tcp_ident(oldp, oldlenp, newp, newlen) #ifdef INET6 case AF_INET6: inp = in6_pcblookup_listen(&tcbtable, - &l6, lin6->sin6_port); + &l6, lin6->sin6_port, 0); break; #endif case AF_INET: inp = in_pcblookup_listen(&tcbtable, - lin->sin_addr, lin->sin_port); + lin->sin_addr, lin->sin_port, 0); break; } } |