lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 12 Mar 2011 15:29:12 -0800 (PST) From: David Miller <davem@...emloft.net> To: netdev@...r.kernel.org Subject: [PATCH 17/25] netfilter: Use flowi4 and flowi6 in nf_conntrack_h323_main Signed-off-by: David S. Miller <davem@...emloft.net> --- net/netfilter/nf_conntrack_h323_main.c | 32 ++++++++++++++++++++------------ 1 files changed, 20 insertions(+), 12 deletions(-) diff --git a/net/netfilter/nf_conntrack_h323_main.c b/net/netfilter/nf_conntrack_h323_main.c index b969025..533a183 100644 --- a/net/netfilter/nf_conntrack_h323_main.c +++ b/net/netfilter/nf_conntrack_h323_main.c @@ -714,7 +714,6 @@ static int callforward_do_filter(const union nf_inet_addr *src, u_int8_t family) { const struct nf_afinfo *afinfo; - struct flowi fl1, fl2; int ret = 0; /* rcu_read_lock()ed by nf_hook_slow() */ @@ -722,17 +721,20 @@ static int callforward_do_filter(const union nf_inet_addr *src, if (!afinfo) return 0; - memset(&fl1, 0, sizeof(fl1)); - memset(&fl2, 0, sizeof(fl2)); - switch (family) { case AF_INET: { + struct flowi4 fl1, fl2; struct rtable *rt1, *rt2; - fl1.fl4_dst = src->ip; - fl2.fl4_dst = dst->ip; - if (!afinfo->route((struct dst_entry **)&rt1, &fl1)) { - if (!afinfo->route((struct dst_entry **)&rt2, &fl2)) { + memset(&fl1, 0, sizeof(fl1)); + fl1.daddr = src->ip; + + memset(&fl2, 0, sizeof(fl2)); + fl2.daddr = dst->ip; + if (!afinfo->route((struct dst_entry **)&rt1, + flowi4_to_flowi(&fl1))) { + if (!afinfo->route((struct dst_entry **)&rt2, + flowi4_to_flowi(&fl2))) { if (rt1->rt_gateway == rt2->rt_gateway && rt1->dst.dev == rt2->dst.dev) ret = 1; @@ -745,12 +747,18 @@ static int callforward_do_filter(const union nf_inet_addr *src, #if defined(CONFIG_NF_CONNTRACK_IPV6) || \ defined(CONFIG_NF_CONNTRACK_IPV6_MODULE) case AF_INET6: { + struct flowi6 fl1, fl2; struct rt6_info *rt1, *rt2; - memcpy(&fl1.fl6_dst, src, sizeof(fl1.fl6_dst)); - memcpy(&fl2.fl6_dst, dst, sizeof(fl2.fl6_dst)); - if (!afinfo->route((struct dst_entry **)&rt1, &fl1)) { - if (!afinfo->route((struct dst_entry **)&rt2, &fl2)) { + memset(&fl1, 0, sizeof(fl1)); + ipv6_addr_copy(&fl1.daddr, &src->in6); + + memset(&fl2, 0, sizeof(fl2)); + ipv6_addr_copy(&fl2.daddr, &dst->in6); + if (!afinfo->route((struct dst_entry **)&rt1, + flowi6_to_flowi(&fl1))) { + if (!afinfo->route((struct dst_entry **)&rt2, + flowi6_to_flowi(&fl2))) { if (!memcmp(&rt1->rt6i_gateway, &rt2->rt6i_gateway, sizeof(rt1->rt6i_gateway)) && rt1->dst.dev == rt2->dst.dev) -- 1.7.4.1 -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists