Searched hist:2553 (Results 26 - 30 of 30) sorted by relevance
| /freebsd-11.0-release/usr.sbin/mountd/ | ||
| H A D | mountd.c | diff 146187 Fri May 13 16:31:11 MDT 2005 ume NI_WITHSCOPEID cleanup. Neither RFC 2553 nor RFC 3493 defines NI_WITHSCOPEID, and our getaddrinfo(3) does nothing special for it, now. |
| /freebsd-11.0-release/sys/netinet6/ | ||
| H A D | in6_pcb.c | diff 132794 Wed Jul 28 13:03:07 MDT 2004 yar Disallow a particular kind of port theft described by the following scenario: Alice is too lazy to write a server application in PF-independent manner. Therefore she knocks up the server using PF_INET6 only and allows the IPv6 socket to accept mapped IPv4 as well. An evil hacker known on IRC as cheshire_cat has an account in the same system. He starts a process listening on the same port as used by Alice's server, but in PF_INET. As a consequence, cheshire_cat will distract all IPv4 traffic supposed to go to Alice's server. Such sort of port theft was initially enabled by copying the code that implemented the RFC 2553 semantics on IPv4/6 sockets (see inet6(4)) for the implied case of the same owner for both connections. After this change, the above scenario will be impossible. In the same setting, the user who attempts to start his server last will get EADDRINUSE. Of course, using IPv4 mapped to IPv6 leads to security complications in the first place, but there is no reason to make it even more unsafe. This change doesn't apply to KAME since it affects a FreeBSD-specific part of the code. It doesn't modify the out-of-box behaviour of the TCP/IP stack either as long as mapping IPv4 to IPv6 is off by default. MFC after: 1 month |
| /freebsd-11.0-release/sys/sys/ | ||
| H A D | socket.h | diff 66240 Fri Sep 22 10:52:00 MDT 2000 asmodai Fix comment about the bsd-api-new-02a draft. This has been superceded by RFC 2553. |
| /freebsd-11.0-release/usr.sbin/syslogd/ | ||
| H A D | syslogd.c | diff 146187 Fri May 13 16:31:11 MDT 2005 ume NI_WITHSCOPEID cleanup. Neither RFC 2553 nor RFC 3493 defines NI_WITHSCOPEID, and our getaddrinfo(3) does nothing special for it, now. |
| /freebsd-11.0-release/sys/netinet/ | ||
| H A D | in_pcb.c | diff 132794 Wed Jul 28 13:03:07 MDT 2004 yar Disallow a particular kind of port theft described by the following scenario: Alice is too lazy to write a server application in PF-independent manner. Therefore she knocks up the server using PF_INET6 only and allows the IPv6 socket to accept mapped IPv4 as well. An evil hacker known on IRC as cheshire_cat has an account in the same system. He starts a process listening on the same port as used by Alice's server, but in PF_INET. As a consequence, cheshire_cat will distract all IPv4 traffic supposed to go to Alice's server. Such sort of port theft was initially enabled by copying the code that implemented the RFC 2553 semantics on IPv4/6 sockets (see inet6(4)) for the implied case of the same owner for both connections. After this change, the above scenario will be impossible. In the same setting, the user who attempts to start his server last will get EADDRINUSE. Of course, using IPv4 mapped to IPv6 leads to security complications in the first place, but there is no reason to make it even more unsafe. This change doesn't apply to KAME since it affects a FreeBSD-specific part of the code. It doesn't modify the out-of-box behaviour of the TCP/IP stack either as long as mapping IPv4 to IPv6 is off by default. MFC after: 1 month |
Completed in 871 milliseconds