ipvs: fix AF assignment in ip_vs_conn_new()

If a fwmark is passed to ip_vs_conn_new(), it is passed in
vaddr, not daddr. Therefore we should set AF to AF_UNSPEC in
vaddr assignment (like we do in ip_vs_ct_in_get()), otherwise we
may copy only first 4 bytes of an IPv6 address into cp->daddr.

Signed-off-by: Bogdano Arendartchuk <barendartchuk@suse.com>
Signed-off-by: Michal Kubecek <mkubecek@suse.cz>
Acked-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Simon Horman <horms@verge.net.au>

1 files changed, 4 insertions, 4 deletions

diff --git a/net/netfilter/ipvs/ip_vs_conn.c b/net/netfilter/ipvs/ip_vs_conn.c
index 59a1a85bcb3e..a8eb0a89326a 100644
--- a/net/netfilter/ipvs/ip_vs_conn.c
+++ b/net/netfilter/ipvs/ip_vs_conn.c
@@ -871,11 +871,11 @@ ip_vs_conn_new(const struct ip_vs_conn_param *p,
         cp->protocol       = p->protocol;
         ip_vs_addr_set(p->af, &cp->caddr, p->caddr);
         cp->cport          = p->cport;
-        ip_vs_addr_set(p->af, &cp->vaddr, p->vaddr);
-        cp->vport          = p->vport;
-        /* proto should only be IPPROTO_IP if d_addr is a fwmark */
+        /* proto should only be IPPROTO_IP if p->vaddr is a fwmark */
         ip_vs_addr_set(p->protocol == IPPROTO_IP ? AF_UNSPEC : p->af,
-                       &cp->daddr, daddr);
+                       &cp->vaddr, p->vaddr);
+        cp->vport          = p->vport;
+        ip_vs_addr_set(p->af, &cp->daddr, daddr);
         cp->dport          = dport;
         cp->flags          = flags;
         cp->fwmark         = fwmark;