netinet6: Disallow connections to IN6ADDR_ANY
Previously connect() or sendto() to INADDR_ANY or IN6ADDR_ANY reached some socket bound to some host interface address. Although this was intentional it was an artifact of a different era, and is not desirable now. In417b35a97bmarkj added support to disallow connect() to INADDR_ANY and IN6ADDR_ANY. Connections to INADDR_ANY were disabled by default incd240957d7. Follow suit with IN6ADDR_ANY. Reviewed by: glebius, markj, zlei Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D54306
This commit is contained in:
@@ -115,7 +115,7 @@
|
||||
|
||||
SYSCTL_DECL(_net_inet6);
|
||||
SYSCTL_DECL(_net_inet6_ip6);
|
||||
VNET_DEFINE_STATIC(int, connect_in6addr_wild) = 1;
|
||||
VNET_DEFINE_STATIC(int, connect_in6addr_wild) = 0;
|
||||
#define V_connect_in6addr_wild VNET(connect_in6addr_wild)
|
||||
SYSCTL_INT(_net_inet6_ip6, OID_AUTO, connect_in6addr_wild,
|
||||
CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(connect_in6addr_wild), 0,
|
||||
|
||||
Reference in New Issue
Block a user