From: Thomas Graf <tgraf@redhat.com>
Date: Fri, 18 Jan 2008 15:58:55 +0100
Subject: [net] IPv6 TAHI RH0 RFC5095 update
Message-id: 20080118145855.GA9906@deb
O-Subject: [RHEL5.2 PATCH] BZ426904: IPv6 TAHI RH0 RFC5095 update
Bugzilla: 426904
The original fix for the RH0 security issues broke some IPv6
semantics and the TAHI test failed.
Instead of silently dropping RH0 messages, an icmp error
message must be sent back in order to conform to the standards
and pass the TAHI tests.
The patch has been run on the TAHI testsuite, results can be
found here:
http://focus.brisbane.redhat.com/~zwu/RHEL5.1-Server-20071017.0/20080118/Self_Test_1-5-0b2/spec.p2/39.html
Please ACK.
Acked-by: "David S. Miller" <davem@redhat.com>
diff --git a/net/ipv6/exthdrs.c b/net/ipv6/exthdrs.c
index 2b2cd28..baefe8e 100644
--- a/net/ipv6/exthdrs.c
+++ b/net/ipv6/exthdrs.c
@@ -241,20 +241,6 @@ static int ipv6_rthdr_rcv(struct sk_buff **skbp)
hdr = (struct ipv6_rt_hdr *) skb->h.raw;
- switch (hdr->type) {
- case IPV6_SRCRT_TYPE_0:
- /* Completely disallow routing header type 0 for now, it can be
- * made conditional at a later point if needed. Even though the
- * code is non functional at the moment, it is left intact to
- * allow backporting Mobile IPv6 later on. */
- kfree_skb(skb);
- return -1;
- default:
- IP6_INC_STATS_BH(ip6_dst_idev(skb->dst), IPSTATS_MIB_INHDRERRORS);
- icmpv6_param_prob(skb, ICMPV6_HDR_FIELD, (&hdr->type) - skb->nh.raw);
- return -1;
- }
-
if (ipv6_addr_is_multicast(&skb->nh.ipv6h->daddr) ||
skb->pkt_type != PACKET_HOST) {
IP6_INC_STATS_BH(ip6_dst_idev(skb->dst),
@@ -274,6 +260,12 @@ looped_back:
return 1;
}
+ /* Disallow rthdr until MIP6 code is back ported. */
+ IP6_INC_STATS_BH(ip6_dst_idev(skb->dst), IPSTATS_MIB_INHDRERRORS);
+ icmpv6_param_prob(skb, ICMPV6_HDR_FIELD,
+ (&hdr->type) - skb->nh.raw);
+ return -1;
+
if (hdr->hdrlen & 0x01) {
IP6_INC_STATS_BH(ip6_dst_idev(skb->dst), IPSTATS_MIB_INHDRERRORS);
icmpv6_param_prob(skb, ICMPV6_HDR_FIELD, (&hdr->hdrlen) - skb->nh.raw);
distrib
>
Scientific%20Linux
>
5x
>
x86_64
>
by-pkgid
>
27922b4260f65d317aabda37e42bbbff
>
files
>
2797
