git: 627e126dbb07 - main - netinet6: Disallow connections to IN6ADDR_ANY
Date: Thu, 29 Jan 2026 14:09:08 UTC
The branch main has been updated by emaste:
URL: https://cgit.FreeBSD.org/src/commit/?id=627e126dbb07b167b028380ef61bb45f10493938
commit 627e126dbb07b167b028380ef61bb45f10493938
Author: Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2025-12-19 14:15:35 +0000
Commit: Ed Maste <emaste@FreeBSD.org>
CommitDate: 2026-01-29 14:08:45 +0000
netinet6: Disallow connections to IN6ADDR_ANY
Previously connect() or sendto() to INADDR_ANY or IN6ADDR_ANY reached
some socket bound to some host interface address. Although this was
intentional it was an artifact of a different era, and is not desirable
now.
In 417b35a97b76 markj added support to disallow connect() to INADDR_ANY
and IN6ADDR_ANY. Connections to INADDR_ANY were disabled by default in
cd240957d7ba. Follow suit with IN6ADDR_ANY.
Reviewed by: glebius, markj, zlei
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D54306
---
sys/netinet6/in6_pcb.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sys/netinet6/in6_pcb.c b/sys/netinet6/in6_pcb.c
index f2eb00161690..9eb7a59fcf55 100644
--- a/sys/netinet6/in6_pcb.c
+++ b/sys/netinet6/in6_pcb.c
@@ -115,7 +115,7 @@
SYSCTL_DECL(_net_inet6);
SYSCTL_DECL(_net_inet6_ip6);
-VNET_DEFINE_STATIC(int, connect_in6addr_wild) = 1;
+VNET_DEFINE_STATIC(int, connect_in6addr_wild) = 0;
#define V_connect_in6addr_wild VNET(connect_in6addr_wild)
SYSCTL_INT(_net_inet6_ip6, OID_AUTO, connect_in6addr_wild,
CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(connect_in6addr_wild), 0,