[src/trunk]: src/sys/netinet6 make setsockopt(IPV6_PORTRANGE) work. obeys IP...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/sys/netinet6 make setsockopt(IPV6_PORTRANGE) work. obeys IP...
From: itojun <itojun%NetBSD.org@localhost>
Date: Fri, 24 Jan 2020 06:40:02 +0000

details:   https://anonhg.NetBSD.org/src/rev/ec908d8912ad
branches:  trunk
changeset: 481351:ec908d8912ad
user:      itojun <itojun%NetBSD.org@localhost>
date:      Wed Jan 26 17:06:36 2000 +0000

description:
make setsockopt(IPV6_PORTRANGE) work.  obeys IPNOPRIVPORTS.

diffstat:

 sys/netinet6/in6_pcb.c    |  36 +++++++++++++++++++++++++++---------
 sys/netinet6/ip6_output.c |  41 ++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 67 insertions(+), 10 deletions(-)

diffs (151 lines):

diff -r f275d8d8607d -r ec908d8912ad sys/netinet6/in6_pcb.c
--- a/sys/netinet6/in6_pcb.c    Wed Jan 26 16:51:11 2000 +0000
+++ b/sys/netinet6/in6_pcb.c    Wed Jan 26 17:06:36 2000 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: in6_pcb.c,v 1.12 2000/01/06 15:46:09 itojun Exp $      */
+/*     $NetBSD: in6_pcb.c,v 1.13 2000/01/26 17:06:36 itojun Exp $      */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -242,10 +242,13 @@
                        }
                }
                if (lport) {
+#ifndef IPNOPRIVPORTS
                        /* GROSS */
                        if (ntohs(lport) < IPV6PORT_RESERVED &&
-                          (error = suser(p->p_ucred, &p->p_acflag)))
+                           (p == 0 ||
+                            (error = suser(p->p_ucred, &p->p_acflag))))
                                return(EACCES);
+#endif
 
                        if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) {
                                /* should check this but we can't ... */
@@ -284,7 +287,6 @@
 
 /*
  * Find an empty port and set it to the specified PCB.
- * XXX IN6P_LOWPORT
  */
 int
 in6_pcbsetport(laddr, in6p)
@@ -296,6 +298,10 @@
        u_short last_port, lport = 0;
        int wild = 0;
        void *t;
+       u_short min, max;
+#ifndef IPNOPRIVPORTS
+       struct proc *p = curproc;       /*XXX*/
+#endif
 
        /* XXX: this is redundant when called from in6_pcbbind */
        if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0 &&
@@ -303,11 +309,23 @@
            (so->so_options & SO_ACCEPTCONN) == 0))
                wild = IN6PLOOKUP_WILDCARD;
 
+       if (in6p->in6p_flags & IN6P_LOWPORT) {
+#ifndef IPNOPRIVPORTS
+                if (p == 0 || (suser(p->p_ucred, &p->p_acflag) != 0))
+                       return (EACCES);
+#endif
+               min = IPV6PORT_RESERVEDMIN;
+               max = IPV6PORT_RESERVEDMAX;
+       } else {
+               min = IPV6PORT_ANONMIN;
+               max = IPV6PORT_ANONMAX;
+       }
+
        /* value out of range */
-       if (head->in6p_lport < IPV6PORT_ANONMIN)
-               head->in6p_lport = IPV6PORT_ANONMIN;
-       else if (head->in6p_lport > IPV6PORT_ANONMAX)
-               head->in6p_lport = IPV6PORT_ANONMIN;
+       if (head->in6p_lport < min)
+               head->in6p_lport = min;
+       else if (head->in6p_lport > max)
+               head->in6p_lport = min;
        last_port = head->in6p_lport;
        goto startover; /*to randomize*/
        for (;;) {
@@ -327,8 +345,8 @@
                if (t == 0)
                        break;
          startover:
-               if (head->in6p_lport >= IPV6PORT_ANONMAX)
-                       head->in6p_lport = IPV6PORT_ANONMIN;
+               if (head->in6p_lport >= max)
+                       head->in6p_lport = min;
                else
                        head->in6p_lport++;
                if (head->in6p_lport == last_port)
diff -r f275d8d8607d -r ec908d8912ad sys/netinet6/ip6_output.c
--- a/sys/netinet6/ip6_output.c Wed Jan 26 16:51:11 2000 +0000
+++ b/sys/netinet6/ip6_output.c Wed Jan 26 17:06:36 2000 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ip6_output.c,v 1.11 2000/01/06 15:46:10 itojun Exp $   */
+/*     $NetBSD: ip6_output.c,v 1.12 2000/01/26 17:06:37 itojun Exp $   */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -1266,6 +1266,31 @@
                                error = ip6_setmoptions(optname, &in6p->in6p_moptions, m);
                                break;
 
+                       case IPV6_PORTRANGE:
+                               optval = *mtod(m, int *);
+
+                               switch (optval) {
+                               case IPV6_PORTRANGE_DEFAULT:
+                                       in6p->in6p_flags &= ~(IN6P_LOWPORT);
+                                       in6p->in6p_flags &= ~(IN6P_HIGHPORT);
+                                       break;
+
+                               case IPV6_PORTRANGE_HIGH:
+                                       in6p->in6p_flags &= ~(IN6P_LOWPORT);
+                                       in6p->in6p_flags |= IN6P_HIGHPORT;
+                                       break;
+
+                               case IPV6_PORTRANGE_LOW:
+                                       in6p->in6p_flags &= ~(IN6P_HIGHPORT);
+                                       in6p->in6p_flags |= IN6P_LOWPORT;
+                                       break;
+
+                               default:
+                                       error = EINVAL;
+                                       break;
+                               }
+                               break;
+
 #ifdef IPSEC
                        case IPV6_IPSEC_POLICY:
                            {
@@ -1336,6 +1361,7 @@
                        case IPV6_RECVOPTS:
                        case IPV6_RECVRETOPTS:
                        case IPV6_RECVDSTADDR:
+                       case IPV6_PORTRANGE:
                        case IPV6_PKTINFO:
                        case IPV6_HOPLIMIT:
                        case IPV6_RTHDR:
@@ -1366,6 +1392,19 @@
                                        optval = OPTBIT(IN6P_RECVDSTADDR);
                                        break;
 
+                               case IPV6_PORTRANGE:
+                                   {
+                                       int flags;
+                                       flags = in6p->in6p_flags;
+                                       if (flags & IN6P_HIGHPORT)
+                                               optval = IPV6_PORTRANGE_HIGH;
+                                       else if (flags & IN6P_LOWPORT)
+                                               optval = IPV6_PORTRANGE_LOW;
+                                       else
+                                               optval = 0;
+                                       break;
+                                   }
+
                                case IPV6_PKTINFO:
                                        optval = OPTBIT(IN6P_PKTINFO);
                                        break;

Prev by Date: [src/trunk]: src/sys/netinet6 don't attach Adler32 checksum to ipcomp payload.
Next by Date: [src/trunk]: src/sys/arch/i386/i386 next step in getting machdep.c maintainab...
Previous by Thread: [src/trunk]: src/sys/netinet6 don't attach Adler32 checksum to ipcomp payload.
Next by Thread: [src/trunk]: src/sys/arch/i386/i386 next step in getting machdep.c maintainab...
Indexes:

Home | Main Index | Thread Index | Old Index