freebsd-skq/sys/netinet
Yaroslav Tykhiy a4eb4405e3 Disallow a particular kind of port theft described by the following scenario:
Alice is too lazy to write a server application in PF-independent
	manner.  Therefore she knocks up the server using PF_INET6 only
	and allows the IPv6 socket to accept mapped IPv4 as well.  An evil
	hacker known on IRC as cheshire_cat has an account in the same
	system.  He starts a process listening on the same port as used
	by Alice's server, but in PF_INET.  As a consequence, cheshire_cat
	will distract all IPv4 traffic supposed to go to Alice's server.

Such sort of port theft was initially enabled by copying the code that
implemented the RFC 2553 semantics on IPv4/6 sockets (see inet6(4)) for
the implied case of the same owner for both connections.  After this
change, the above scenario will be impossible.  In the same setting,
the user who attempts to start his server last will get EADDRINUSE.

Of course, using IPv4 mapped to IPv6 leads to security complications
in the first place, but there is no reason to make it even more unsafe.

This change doesn't apply to KAME since it affects a FreeBSD-specific
part of the code.  It doesn't modify the out-of-box behaviour of the
TCP/IP stack either as long as mapping IPv4 to IPv6 is off by default.

MFC after:	1 month
2004-07-28 13:03:07 +00:00
..
libalias Push WARNS back up to 6, but define NO_WERROR; I want the warts out in the 2004-07-06 12:15:24 +00:00
accf_data.c add missing #include <sys/module.h> 2004-05-30 20:27:19 +00:00
accf_http.c The socket field so_state is used to hold a variety of socket related 2004-06-14 18:16:22 +00:00
icmp6.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
icmp_var.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
if_atm.c replace explicit changes to rt_refcnt by RT_ADDREF and RT_REMREF 2003-11-08 23:36:32 +00:00
if_atm.h
if_ether.c Add a new driver to support IP over firewire. This driver is intended to 2004-06-13 10:54:36 +00:00
if_ether.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
igmp_var.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
igmp.c Lock down parallel router_info list for tracking multicast IGMP 2004-06-11 03:42:37 +00:00
igmp.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
in_cksum.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
in_gif.c Ensure that dst is bzeroed before calling rtalloc_ign(), to avoid possible 2004-06-18 02:04:07 +00:00
in_gif.h - fix typo in comment. 2003-10-07 17:46:18 +00:00
in_pcb.c Disallow a particular kind of port theft described by the following scenario: 2004-07-28 13:03:07 +00:00
in_pcb.h Remove erroneous semicolons. 2004-07-13 16:06:19 +00:00
in_proto.c Commit pf version 3.5 and link additional files to the kernel build. 2004-06-16 23:24:02 +00:00
in_rmx.c Introduce tcp_hostcache and remove the tcp specific metrics from 2003-11-20 20:07:39 +00:00
in_systm.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
in_var.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
in.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
in.h Prepare for pf 3.5 import: 2004-06-16 22:59:06 +00:00
ip6.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
ip_divert.c Rwatson, write 100 times for tomorrow: 2004-06-27 21:54:34 +00:00
ip_divert.h Re-remove MT_TAGs. The problems with dummynet have been fixed now. 2004-02-25 19:55:29 +00:00
ip_dummynet.c Do a pass over all modules in the kernel and make them return EOPNOTSUPP 2004-07-15 08:26:07 +00:00
ip_dummynet.h Re-remove MT_TAGs. The problems with dummynet have been fixed now. 2004-02-25 19:55:29 +00:00
ip_ecn.c add ECN support in layer-3. 2003-10-29 15:07:04 +00:00
ip_ecn.h add ECN support in layer-3. 2003-10-29 15:07:04 +00:00
ip_encap.c Lock down IP-layer encapsulation library: 2004-03-10 02:48:50 +00:00
ip_encap.h
ip_fastfwd.c Those are unneeded too. 2004-06-27 09:06:10 +00:00
ip_fw2.c Extend versrcreach by checking against the rt_flags for RTF_REJECT and 2004-07-21 19:55:14 +00:00
ip_fw.h Introduce a new feature to IPFW2: lookup tables. These are useful 2004-06-09 20:10:38 +00:00
ip_gre.c Lock down global variables in if_gre: 2004-03-22 16:04:43 +00:00
ip_gre.h
ip_icmp.c Define semantic of M_SKIP_FIREWALL more precisely, i.e. also pass associated 2004-07-17 05:10:06 +00:00
ip_icmp.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
ip_id.c Tweak existing header and other build infrastructure to be able to build 2004-02-26 03:53:54 +00:00
ip_input.c Change the following environment variables to kernel options: 2004-07-08 22:35:36 +00:00
ip_mroute.c Do a pass over all modules in the kernel and make them return EOPNOTSUPP 2004-07-15 08:26:07 +00:00
ip_mroute.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
ip_output.c In ip_ctloutput(), acquire the inpcb lock around some of the basic 2004-06-24 02:05:47 +00:00
ip_var.h Provide the sysctl net.inet.ip.process_options to control the processing 2004-05-06 18:46:03 +00:00
ip.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
ipprotosw.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
pim_var.h New PIM header files. 2003-08-07 18:17:43 +00:00
pim.h Include <sys/types.h> for autoconf/automake detection. 2004-03-08 07:45:32 +00:00
raw_ip.c Rename suser_cred()'s PRISON_ROOT flag to SUSER_ALLOWJAIL. This is 2004-07-26 07:24:04 +00:00
tcp_debug.c Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
tcp_debug.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
tcp_fsm.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
tcp_hostcache.c Fix a potential race when purging expired hostcache entries. 2004-04-23 13:54:28 +00:00
tcp_input.c After each label in tcp_input(), assert the inpcbinfo and inpcb lock 2004-07-12 19:28:07 +00:00
tcp_output.c Fix a bug in the sack code that was causing data to be retransmitted 2004-07-28 02:15:14 +00:00
tcp_reass.c After each label in tcp_input(), assert the inpcbinfo and inpcb lock 2004-07-12 19:28:07 +00:00
tcp_sack.c Add support for TCP Selective Acknowledgements. The work for this 2004-06-23 21:04:37 +00:00
tcp_seq.h Add support for TCP Selective Acknowledgements. The work for this 2004-06-23 21:04:37 +00:00
tcp_subr.c Rename suser_cred()'s PRISON_ROOT flag to SUSER_ALLOWJAIL. This is 2004-07-26 07:24:04 +00:00
tcp_syncache.c Fix the !INET6 build. 2004-07-17 21:40:14 +00:00
tcp_timer.c Add support for TCP Selective Acknowledgements. The work for this 2004-06-23 21:04:37 +00:00
tcp_timer.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
tcp_timewait.c Rename suser_cred()'s PRISON_ROOT flag to SUSER_ALLOWJAIL. This is 2004-07-26 07:24:04 +00:00
tcp_usrreq.c compare pointer against NULL, not 0 2004-07-26 21:29:56 +00:00
tcp_var.h The tcp syncache code was leaving the IPv6 flowlabel uninitialised 2004-07-17 19:44:13 +00:00
tcp.h Add support for TCP Selective Acknowledgements. The work for this 2004-06-23 21:04:37 +00:00
tcpip.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
udp_usrreq.c Rename suser_cred()'s PRISON_ROOT flag to SUSER_ALLOWJAIL. This is 2004-07-26 07:24:04 +00:00
udp_var.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00
udp.h Remove advertising clause from University of California Regent's 2004-04-07 20:46:16 +00:00