Many drivers set the UDP/TCP v4 flags even for v6 traffic and if the
packet is encapsulated with gif, the IPv6 header would get corrupted by
ip_output. Patch suggested by bad@
Add a flag ND6_IFF_OVERRIDE_RTADV that tells the kernel to override
ip6_accept_rtadv (net.inet6.ip6.accept_rtadv) on an interface.
Add a routine nd6_accepts_rtadv(ndi) that evaluates both the flags
on the interface represented by ndi and ip6_accept_rtadv, and
returns 'true' if the given interface should accept Router
Advertisements, and 'false' if not.
Now, ND6_IFF_ACCEPT_RTADV works as it was historically documented:
if it is set, then accept router advertisements iff ip6_accept_rtadv
!= 0. Otherwise, do not accept router advertisements.
If ND6_IFF_OVERRIDE_RTADV is set, then the flag ND6_IFF_ACCEPT_RTADV
overrides ip6_accept_rtadv: if ND6_IFF_ACCEPT_RTADV is set, accept;
otherwise reject. Ignore ip6_accept_rtadv.
If neither ND6_IFF_ACCEPT_RTADV nor ND6_IFF_OVERRIDE_RTADV is set,
reject Router Advertisements.
for arg and gre because they cause a race condition by calling ioctl() during
interface initialization. To make this work correctly we would need to
synchronize all interface init routines.
addresses. Make the kernel support SIOC[SG]IFADDRPREF for IPv6
interface addresses.
In in6ifa_ifpforlinklocal(), consult preference numbers before
making an otherwise arbitrary choice of in6_ifaddr. Otherwise,
preference numbers are *not* consulted by the kernel, but that will
be rather easy for somebody with a little bit of free time to fix.
Please note that setting the preference number for a link-local
IPv6 address does not work right, yet, but that ought to be fixed
soon.
In support of the changes above,
1 Add a method to struct domain for "externalizing" a sockaddr, and
provide an implementation for IPv6. Expect more work in this area: it
may be more proper to say that the IPv6 implementation "internalizes"
a sockaddr. Add sockaddr_externalize().
2 Add a subroutine, sofamily(), that returns a struct socket's address
family or AF_UNSPEC.
3 Make a lot of IPv4-specific code generic, and move it from
sys/netinet/ to sys/net/ for re-use by IPv6 parts of the kernel and
ifconfig(8).
to an interface. This keeps the kernel from entering ifp->if_ioctl
recursively, which can deadlock if if_ioctl takes locks. This will
fix deadlocks & LOCKDEBUG errors in agr(4) (kern/39940) and in
gre(4).
make net.inet6.ip6.accept_rtadv the default for individual per-device
settings so people can use the ndp(8) utility to set per-device whether
or not to accept route advertisements.
rtadvd changes to follow.
(Debated on tech-net@ before but almost two weeks passed by without any
comment on the patch.)
- Properly authorize port binding in in_pcbsetport() and in6_pcbsetport()
- Pass struct sockaddr_in6 to in6_pcbsetport() instead of just the address,
so that we have a more complete context
- Adjust udp6_output() to craft a sockaddr_in6 as it calls in6_pcbsetport()
- Fix an issue in in_pcbbind() where we used the "dom_sa_any" pointer and
not a copy of it, pointed out by bouyer@, thanks!
Mailing list reference:
http://mail-index.netbsd.org/tech-net/2009/04/29/msg001259.html
in6_pcbbind_port(), used for binding to an address and a port respectively.
While here, fix a possible "leak" of an in6pcb when binding to an address
succeeded but binding to an auto-assigned port failed.
Proposed and received no objections on tech-net@:
http://mail-index.netbsd.org/tech-net/2009/04/15/msg001223.html
is not aligned wrt CMSG_ALIGN - the length counter drops below 0
in this case which was not checked for,
fixes crashes (with isc_dhcrelay4) reported by Uwe in tech-net
(subject: netbsd5-rc3 crash caused by isc_dhcrelay)
