svn commit: r217888 - head/sys/netinet
Daniel Eischen
deischen at FreeBSD.org
Wed Jan 26 17:31:03 UTC 2011
Author: deischen
Date: Wed Jan 26 17:31:03 2011
New Revision: 217888
URL: http://svn.freebsd.org/changeset/base/217888
Log:
Prison check addresses set with multicast interface options.
Reviewed by: bz
MFC after: 1 week
Modified:
head/sys/netinet/in_pcb.c
Modified: head/sys/netinet/in_pcb.c
==============================================================================
--- head/sys/netinet/in_pcb.c Wed Jan 26 17:20:34 2011 (r217887)
+++ head/sys/netinet/in_pcb.c Wed Jan 26 17:31:03 2011 (r217888)
@@ -889,17 +889,20 @@ in_pcbconnect_setup(struct inpcb *inp, s
if (imo->imo_multicast_ifp != NULL) {
ifp = imo->imo_multicast_ifp;
IN_IFADDR_RLOCK();
- TAILQ_FOREACH(ia, &V_in_ifaddrhead, ia_link)
- if (ia->ia_ifp == ifp)
+ TAILQ_FOREACH(ia, &V_in_ifaddrhead, ia_link) {
+ if ((ia->ia_ifp == ifp) &&
+ (cred == NULL ||
+ prison_check_ip4(cred,
+ &ia->ia_addr.sin_addr) == 0))
break;
- if (ia == NULL) {
- IN_IFADDR_RUNLOCK();
+ }
+ if (ia == NULL)
error = EADDRNOTAVAIL;
- } else {
+ else {
laddr = ia->ia_addr.sin_addr;
- IN_IFADDR_RUNLOCK();
error = 0;
}
+ IN_IFADDR_RUNLOCK();
}
}
if (error)
More information about the svn-src-head
mailing list