ipv6: protect protocols not handling ipv4 from v4 connection/bind attempts
Some ipv6 protocols cannot handle ipv4 addresses, so we must not allow connecting and binding to them. sendmsg logic does already check msg->name for this but must trust already connected sockets which could be set up for connection to ipv4 address family. Per-socket flag ipv6only is of no use here, as it is under users control by setsockopt. Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Hannes Frederic Sowa
committed by
David S. Miller
David S. Miller
parent
446fab5933
commit
82b276cd2b
@@ -371,6 +371,9 @@ static int l2tp_ip6_connect(struct sock *sk, struct sockaddr *uaddr,
|
||||
if (addr_len < sizeof(*lsa))
|
||||
return -EINVAL;
|
||||
|
||||
if (usin->sin6_family != AF_INET6)
|
||||
return -EINVAL;
|
||||
|
||||
addr_type = ipv6_addr_type(&usin->sin6_addr);
|
||||
if (addr_type & IPV6_ADDR_MULTICAST)
|
||||
return -EINVAL;
|
||||
|
||||
Reference in New Issue
Block a user