summaryrefslogtreecommitdiffstats
path: root/include/net
diff options
context:
space:
mode:
authorHannes Frederic Sowa <hannes@stressinduktion.org>2014-01-20 05:16:39 +0100
committerDavid S. Miller <davem@davemloft.net>2014-01-22 01:59:19 +0100
commit82b276cd2b0bacd58e7c307bf8856925a68c4d14 (patch)
treeffc8648efa91f83f81c94ac83447dc5246a835cf /include/net
parentipv6: enable anycast addresses as source addresses in ICMPv6 error messages (diff)
downloadlinux-82b276cd2b0bacd58e7c307bf8856925a68c4d14.tar.xz
linux-82b276cd2b0bacd58e7c307bf8856925a68c4d14.zip
ipv6: protect protocols not handling ipv4 from v4 connection/bind attempts
Some ipv6 protocols cannot handle ipv4 addresses, so we must not allow connecting and binding to them. sendmsg logic does already check msg->name for this but must trust already connected sockets which could be set up for connection to ipv4 address family. Per-socket flag ipv6only is of no use here, as it is under users control by setsockopt. Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net')
-rw-r--r--include/net/ipv6.h2
1 files changed, 2 insertions, 0 deletions
diff --git a/include/net/ipv6.h b/include/net/ipv6.h
index 78d3d5124918..4f541f11ce63 100644
--- a/include/net/ipv6.h
+++ b/include/net/ipv6.h
@@ -783,6 +783,8 @@ int compat_ipv6_getsockopt(struct sock *sk, int level, int optname,
char __user *optval, int __user *optlen);
int ip6_datagram_connect(struct sock *sk, struct sockaddr *addr, int addr_len);
+int ip6_datagram_connect_v6_only(struct sock *sk, struct sockaddr *addr,
+ int addr_len);
int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len,
int *addr_len);