diff options
author | Hannes Frederic Sowa <hannes@stressinduktion.org> | 2014-01-20 08:16:39 +0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2014-01-22 04:59:19 +0400 |
commit | 82b276cd2b0bacd58e7c307bf8856925a68c4d14 (patch) | |
tree | ffc8648efa91f83f81c94ac83447dc5246a835cf /include/net | |
parent | 446fab59333dea91e54688f033dd8d788d0486fb (diff) | |
download | linux-82b276cd2b0bacd58e7c307bf8856925a68c4d14.tar.xz |
ipv6: protect protocols not handling ipv4 from v4 connection/bind attempts
Some ipv6 protocols cannot handle ipv4 addresses, so we must not allow
connecting and binding to them. sendmsg logic does already check msg->name
for this but must trust already connected sockets which could be set up
for connection to ipv4 address family.
Per-socket flag ipv6only is of no use here, as it is under users control
by setsockopt.
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net')
-rw-r--r-- | include/net/ipv6.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/net/ipv6.h b/include/net/ipv6.h index 78d3d5124918..4f541f11ce63 100644 --- a/include/net/ipv6.h +++ b/include/net/ipv6.h @@ -783,6 +783,8 @@ int compat_ipv6_getsockopt(struct sock *sk, int level, int optname, char __user *optval, int __user *optlen); int ip6_datagram_connect(struct sock *sk, struct sockaddr *addr, int addr_len); +int ip6_datagram_connect_v6_only(struct sock *sk, struct sockaddr *addr, + int addr_len); int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len); |