diff options
author | YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> | 2008-04-25 00:30:38 -0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2008-04-25 00:30:38 -0400 |
commit | 1a98d05f59704d60be85b03f727964e15c77224c (patch) | |
tree | ae125c4ff89a650368dbedcc5337ce2cfa5f1d98 /net/ipv6 | |
parent | 8d390efd903485923419584275fd0c2aa4c94183 (diff) |
ipv6 RAW: Disallow IPPROTO_IPV6-level IPV6_CHECKSUM socket option on ICMPv6 sockets.
RFC3542 tells that IPV6_CHECKSUM socket option in the IPPROTO_IPV6
level is not allowed on ICMPv6 sockets. IPPROTO_RAW level
IPV6_CHECKSUM socket option (a Linux extension) is still allowed.
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv6')
-rw-r--r-- | net/ipv6/raw.c | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c index 6193b124cbc7..396f0ea11090 100644 --- a/net/ipv6/raw.c +++ b/net/ipv6/raw.c | |||
@@ -971,6 +971,19 @@ static int do_rawv6_setsockopt(struct sock *sk, int level, int optname, | |||
971 | 971 | ||
972 | switch (optname) { | 972 | switch (optname) { |
973 | case IPV6_CHECKSUM: | 973 | case IPV6_CHECKSUM: |
974 | if (inet_sk(sk)->num == IPPROTO_ICMPV6 && | ||
975 | level == IPPROTO_IPV6) { | ||
976 | /* | ||
977 | * RFC3542 tells that IPV6_CHECKSUM socket | ||
978 | * option in the IPPROTO_IPV6 level is not | ||
979 | * allowed on ICMPv6 sockets. | ||
980 | * If you want to set it, use IPPROTO_RAW | ||
981 | * level IPV6_CHECKSUM socket option | ||
982 | * (Linux extension). | ||
983 | */ | ||
984 | return -EINVAL; | ||
985 | } | ||
986 | |||
974 | /* You may get strange result with a positive odd offset; | 987 | /* You may get strange result with a positive odd offset; |
975 | RFC2292bis agrees with me. */ | 988 | RFC2292bis agrees with me. */ |
976 | if (val > 0 && (val&1)) | 989 | if (val > 0 && (val&1)) |
@@ -1046,6 +1059,11 @@ static int do_rawv6_getsockopt(struct sock *sk, int level, int optname, | |||
1046 | 1059 | ||
1047 | switch (optname) { | 1060 | switch (optname) { |
1048 | case IPV6_CHECKSUM: | 1061 | case IPV6_CHECKSUM: |
1062 | /* | ||
1063 | * We allow getsockopt() for IPPROTO_IPV6-level | ||
1064 | * IPV6_CHECKSUM socket option on ICMPv6 sockets | ||
1065 | * since RFC3542 is silent about it. | ||
1066 | */ | ||
1049 | if (rp->checksum == 0) | 1067 | if (rp->checksum == 0) |
1050 | val = -1; | 1068 | val = -1; |
1051 | else | 1069 | else |