lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 18 Dec 2007 17:34:11 -0500 From: Brian Haley <brian.haley@...com> To: David Stevens <dlstevens@...ibm.com> Cc: David Miller <davem@...emloft.net>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, YOSHIFUJI Hideaki <yoshfuji@...ux-ipv6.org> Subject: Re: [PATCH] [IPv6]: IPV6_MULTICAST_IF setting is ignored on link-local connect() David Stevens wrote: > Brian Haley <brian.haley@...com> wrote on 12/18/2007 12:57:54 PM: > >> Trying to connect() to an IPv6 link-local multicast address by >> specifying the outgoing multicast interface doesn't work, you have to >> bind to a device first with an SO_BINDTODEVICE setsockopt() call. Other OSes allow this operation, like FreeBSD, Tru64 UNIX and Solaris. > No, you simply have to specify sin6_scope_id for link-scope > addresses, like you do in unicast cases. But isn't this why IPV6_MULTICAST_IF exists? So you don't have to bind to an interface or use the scope id? RFC 3493 does not mention having to set a scope id in order to send multicast packets: IPv6 applications may send multicast packets by simply specifying an IPv6 multicast address as the destination address, for example in the destination address argument of the sendto() function. > Your patch requires them > to match (if specified), but I don't think IPV6_MULTICAST_IF should > override or require a match for a valid sin6_scope_id (or be an error). The patch won't override sk_bound_dev_if, or sin6_scope_id, it's a last resort for link-local multicast. As far as matching, I think they should if you set both SO_BINDTODEVICE/sin6_scope_id and IPV6_MULTICAST_IF. I can relax that check if you like. The one thing my patch does do is set sk_bound_dev_if, which it never did - that seemed like the right thing to do since that's what the scope id path does, and makes sure we always continue to use this interface. > If I read it correctly, the existing code uses IPV6_MULTICAST_IF > if the sin6_scope_id is not set, otherwise honors the interface specified > in the connect. That seems like correct behaviour to me, and RFC 3493 > doesn't address the relative precedence of the two that I see. This is > in the "linklocal" branch, and all unicast linklocal's require specifying > sin6_scope_id. Multicast doesn't if require a scope_id in the case where > you've done an IPV6_MULTICAST_IF, but it should still allow a different > scope_id when you have used IPV6_MULTICAST_IF. The IPV6_ADDR_MULTICAST check is inside the sin6_scope_id if() statement, so will never get checked if the scope hasn't been specified, that's the bug. Since that isn't required for multicast we always get an EINVAL here. > Do you have application code that you believe is correct that > doesn't work? Yes, a customer does. -Brian -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists