| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170111195909.GL24086@oracle.com>
Date: Wed, 11 Jan 2017 14:59:09 -0500
From: Sowmini Varadhan <sowmini.varadhan@...cle.com>
To: "Jonathan T. Leighton" <jtleight@...l.edu>
Cc: Eric Dumazet <eric.dumazet@...il.com>, netdev@...r.kernel.org,
edumazet@...gle.com, Yuchung Cheng <ycheng@...gle.com>,
Neal Cardwell <ncardwell@...gle.com>
Subject: Re: TCP using IPv4-mapped IPv6 address as source
On (01/11/17 14:48), Jonathan T. Leighton wrote:
>
> I would say that an IPv6 socket binds to an IPv4-mapped IPv6
> address, but yes - using it to connect to an IPv6 address would be
> an application bug. It also think that having connect() spend 2
> minutes sending packets containing an illegal source address is a
> bug. (And unfriendly!) I'll look into writing a patch for this, and
> let you know whether or not I think I'm up to it.
>
BTW, linux probably has a number of bugs in this space.
you can do a number of "interesting" things, where the
v4-mapped address ends up being treated as a global address.
E.g., you can configure a v4 mapped address on an interface
using /sbin/ip, then you can add an onlink route, like
# ip -6 route add ::ffff:13.0.0.1 nexthop onlink dev eth1
and you can ping6 ::ffff:13.0.0.1, and (if you do this
on both sides) watch a merry little packet exchange on
the wire, where we send out an NS for ::ffff:13.0.0.1
to the solmcast of the v4 mapped address, the peer politely
responds, and the 2 nodes then have a nice chat.
I think the RFC states somewhere that you should never ever
send out a v4 mapped address on the wire.
--Sowmini
Powered by blists - more mailing lists