ip6_input.c (130002) | ip6_input.c (130416) |
---|---|
1/* $FreeBSD: head/sys/netinet6/ip6_input.c 130002 2004-06-02 15:41:18Z ume $ */ | 1/* $FreeBSD: head/sys/netinet6/ip6_input.c 130416 2004-06-13 17:29:10Z mlaier $ */ |
2/* $KAME: ip6_input.c,v 1.259 2002/01/21 04:58:09 jinmei Exp $ */ 3 4/* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions --- 351 unchanged lines hidden (view full) --- 361 * because ip6_mloopback() passes the "actual" interface 362 * as the outgoing/incoming interface. 363 */ 364 ip6stat.ip6s_badscope++; 365 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr); 366 goto bad; 367 } 368 | 2/* $KAME: ip6_input.c,v 1.259 2002/01/21 04:58:09 jinmei Exp $ */ 3 4/* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions --- 351 unchanged lines hidden (view full) --- 361 * because ip6_mloopback() passes the "actual" interface 362 * as the outgoing/incoming interface. 363 */ 364 ip6stat.ip6s_badscope++; 365 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr); 366 goto bad; 367 } 368 |
369#ifdef ALTQ 370 if (altq_input != NULL && (*altq_input)(m, AF_INET6) == 0) { 371 /* packet is dropped by traffic conditioner */ 372 return; 373 } 374#endif |
|
369 /* 370 * The following check is not documented in specs. A malicious 371 * party may be able to use IPv4 mapped addr to confuse tcp/udp stack 372 * and bypass security checks (act as if it was from 127.0.0.1 by using 373 * IPv6 src ::ffff:127.0.0.1). Be cautious. 374 * 375 * This check chokes if we are in an SIIT cloud. As none of BSDs 376 * support IPv4-less kernel compilation, we cannot support SIIT --- 1268 unchanged lines hidden --- | 375 /* 376 * The following check is not documented in specs. A malicious 377 * party may be able to use IPv4 mapped addr to confuse tcp/udp stack 378 * and bypass security checks (act as if it was from 127.0.0.1 by using 379 * IPv6 src ::ffff:127.0.0.1). Be cautious. 380 * 381 * This check chokes if we are in an SIIT cloud. As none of BSDs 382 * support IPv4-less kernel compilation, we cannot support SIIT --- 1268 unchanged lines hidden --- |