| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 12 Mar 2011 15:29:12 -0800 (PST)
From: David Miller <davem@...emloft.net>
To: netdev@...r.kernel.org
Subject: [PATCH 17/25] netfilter: Use flowi4 and flowi6 in
nf_conntrack_h323_main
Signed-off-by: David S. Miller <davem@...emloft.net>
---
net/netfilter/nf_conntrack_h323_main.c | 32 ++++++++++++++++++++------------
1 files changed, 20 insertions(+), 12 deletions(-)
diff --git a/net/netfilter/nf_conntrack_h323_main.c b/net/netfilter/nf_conntrack_h323_main.c
index b969025..533a183 100644
--- a/net/netfilter/nf_conntrack_h323_main.c
+++ b/net/netfilter/nf_conntrack_h323_main.c
@@ -714,7 +714,6 @@ static int callforward_do_filter(const union nf_inet_addr *src,
u_int8_t family)
{
const struct nf_afinfo *afinfo;
- struct flowi fl1, fl2;
int ret = 0;
/* rcu_read_lock()ed by nf_hook_slow() */
@@ -722,17 +721,20 @@ static int callforward_do_filter(const union nf_inet_addr *src,
if (!afinfo)
return 0;
- memset(&fl1, 0, sizeof(fl1));
- memset(&fl2, 0, sizeof(fl2));
-
switch (family) {
case AF_INET: {
+ struct flowi4 fl1, fl2;
struct rtable *rt1, *rt2;
- fl1.fl4_dst = src->ip;
- fl2.fl4_dst = dst->ip;
- if (!afinfo->route((struct dst_entry **)&rt1, &fl1)) {
- if (!afinfo->route((struct dst_entry **)&rt2, &fl2)) {
+ memset(&fl1, 0, sizeof(fl1));
+ fl1.daddr = src->ip;
+
+ memset(&fl2, 0, sizeof(fl2));
+ fl2.daddr = dst->ip;
+ if (!afinfo->route((struct dst_entry **)&rt1,
+ flowi4_to_flowi(&fl1))) {
+ if (!afinfo->route((struct dst_entry **)&rt2,
+ flowi4_to_flowi(&fl2))) {
if (rt1->rt_gateway == rt2->rt_gateway &&
rt1->dst.dev == rt2->dst.dev)
ret = 1;
@@ -745,12 +747,18 @@ static int callforward_do_filter(const union nf_inet_addr *src,
#if defined(CONFIG_NF_CONNTRACK_IPV6) || \
defined(CONFIG_NF_CONNTRACK_IPV6_MODULE)
case AF_INET6: {
+ struct flowi6 fl1, fl2;
struct rt6_info *rt1, *rt2;
- memcpy(&fl1.fl6_dst, src, sizeof(fl1.fl6_dst));
- memcpy(&fl2.fl6_dst, dst, sizeof(fl2.fl6_dst));
- if (!afinfo->route((struct dst_entry **)&rt1, &fl1)) {
- if (!afinfo->route((struct dst_entry **)&rt2, &fl2)) {
+ memset(&fl1, 0, sizeof(fl1));
+ ipv6_addr_copy(&fl1.daddr, &src->in6);
+
+ memset(&fl2, 0, sizeof(fl2));
+ ipv6_addr_copy(&fl2.daddr, &dst->in6);
+ if (!afinfo->route((struct dst_entry **)&rt1,
+ flowi6_to_flowi(&fl1))) {
+ if (!afinfo->route((struct dst_entry **)&rt2,
+ flowi6_to_flowi(&fl2))) {
if (!memcmp(&rt1->rt6i_gateway, &rt2->rt6i_gateway,
sizeof(rt1->rt6i_gateway)) &&
rt1->dst.dev == rt2->dst.dev)
--
1.7.4.1
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists