No longer prevent TCP connections to IPv6 anycast addresses.

RFC 4291 dropped this requirement from RFC 3513:
   o  An anycast address must not be used as the source address of an
      IPv6 packet.

And from that requirement draft-itojun-ipv6-tcp-to-anycast rightly
concluded that TCP connections must be prevented.

The draft also states:

The proposed method MUST be removed when one of the following events
happens in the future:

o  Restriction imposed on IPv6 anycast address is loosened, so that
   anycast address can be placed into source address field of the IPv6
   header[...]

OK jca

1 files changed, 1 insertions, 15 deletions

diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c
index 1b511d14a4b..394362dc005 100644
--- a/sys/netinet/ip_input.c
+++ b/sys/netinet/ip_input.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_input.c,v 1.349 2020/08/01 23:41:55 gnezdo Exp $	*/
+/*	$OpenBSD: ip_input.c,v 1.350 2020/08/08 07:42:31 florian Exp $	*/
 /*	$NetBSD: ip_input.c,v 1.30 1996/03/16 23:53:58 christos Exp $	*/
 
 /*
@@ -619,20 +619,6 @@ ip_deliver(struct mbuf **mp, int *offp, int nxt, int af)
 			goto bad;
 		}
 
-#ifdef INET6
-		/* draft-itojun-ipv6-tcp-to-anycast */
-		if (af == AF_INET6 &&
-		    ISSET((*mp)->m_flags, M_ACAST) && (nxt == IPPROTO_TCP)) {
-			if ((*mp)->m_len >= sizeof(struct ip6_hdr)) {
-				icmp6_error(*mp, ICMP6_DST_UNREACH,
-					ICMP6_DST_UNREACH_ADDR,
-					offsetof(struct ip6_hdr, ip6_dst));
-				*mp = NULL;
-			}
-			goto bad;
-		}
-#endif /* INET6 */
-
 #ifdef IPSEC
 		if (ipsec_in_use) {
 			if (ipsec_local_check(*mp, *offp, nxt, af) != 0) {