git: cd240957d7ba - main - netinet: Disallow connections to INADDR_ANY
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 24 May 2025 18:14:42 UTC
The branch main has been updated by emaste:
URL: https://cgit.FreeBSD.org/src/commit/?id=cd240957d7ba43d819e9d59c6f6517fe915102c7
commit cd240957d7ba43d819e9d59c6f6517fe915102c7
Author: Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2024-11-25 14:07:11 +0000
Commit: Ed Maste <emaste@FreeBSD.org>
CommitDate: 2025-05-24 18:13:09 +0000
netinet: Disallow connections to INADDR_ANY
Previously connect() or sendto() to INADDR_ANY reached some socket bound
to some host interface address. Although this was intentional it was an
artifact of a different era, and is not desirable now.
In 417b35a97b76 markj added support to disallow connect() to INADDR_ANY.
Take the next logical step and disable it by default.
PR: 280705
Reviewed by: markj, jhb, zlei
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D47740
---
sys/netinet/in_pcb.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c
index 3774f73a7a8f..bccd4b84561a 100644
--- a/sys/netinet/in_pcb.c
+++ b/sys/netinet/in_pcb.c
@@ -235,7 +235,7 @@ VNET_SYSINIT(in_pcbhashseed_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_FIRST,
in_pcbhashseed_init, NULL);
#ifdef INET
-VNET_DEFINE_STATIC(int, connect_inaddr_wild) = 1;
+VNET_DEFINE_STATIC(int, connect_inaddr_wild) = 0;
#define V_connect_inaddr_wild VNET(connect_inaddr_wild)
SYSCTL_INT(_net_inet_ip, OID_AUTO, connect_inaddr_wild,
CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(connect_inaddr_wild), 0,