DragonFly BSD
DragonFly commits List (threaded) for 2013-04
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

git: ip/udp: Fix IP source address setting for multicast address bound socket


From: Sepherosa Ziehau <sephe@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Mon, 8 Apr 2013 20:22:28 -0700 (PDT)

commit 2e585eadf62d1f194eafed7634e9cfd3739d0e50
Author: Sepherosa Ziehau <sephe@dragonflybsd.org>
Date:   Tue Apr 9 11:06:39 2013 +0800

    ip/udp: Fix IP source address setting for multicast address bound socket
    
    It is a common practice to bind UDP socket to multicast address to enjoy
    kernel level destination multicast address and port filtering.  However,
    if data are sent on this kind of socket, source address of the IP packet
    will be the bound multicast address?!
    
    Two fixes are added to address this bug:
    
    1) Don't set IP source address in udp_output(), if the inpcb's laddr is
       multicast address.  Instead the IP source address is set to INADDR_ANY,
       so ip_output() could pick up a proper IP source address.
    
    2) With 1) in place, it is possible that IP source address is INADDR_ANY
       before the ifnet.if_output() using following steps:
       - If the IP_MULTICAST_IF socket option is set to iface0
       - The iface0's last IP address is unset, before the ip_output()
    
       This condition could easily be reproduced by using test/mcast:
       mcast -m 224.2.2.2 -p 3000 -i iface0_ip -D 10
       During the 10sec delay, wipe out all IP addresses from iface0
    
       Well, even without 1), raw IP still could generate IP packet using
       INADDR_ANY as source address.
    
       Two checks on the source IP address are added to ip_output() before
       ifnet.if_output()
       - IP source address should not be INADDR_ANY
       - IP source address should not be multicast address
    
       And for multicast IP packets, if the IP source address could be
       determined, they will not be looped back and forwarded.
    
    Reported-by: zeroxia

Summary of changes:
 sys/netinet/ip_output.c  | 86 +++++++++++++++++++++++++++---------------------
 sys/netinet/udp_usrreq.c |  5 ++-
 2 files changed, 53 insertions(+), 38 deletions(-)

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/2e585eadf62d1f194eafed7634e9cfd3739d0e50


-- 
DragonFly BSD source repository



[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]