]> err.no Git - linux-2.6/commitdiff
ipv6 RAW: Disallow IPPROTO_IPV6-level IPV6_CHECKSUM socket option on ICMPv6 sockets.
authorYOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Fri, 25 Apr 2008 04:30:38 +0000 (21:30 -0700)
committerDavid S. Miller <davem@davemloft.net>
Fri, 25 Apr 2008 04:30:38 +0000 (21:30 -0700)
RFC3542 tells that IPV6_CHECKSUM socket option in the IPPROTO_IPV6
level is not allowed on ICMPv6 sockets.  IPPROTO_RAW level
IPV6_CHECKSUM socket option (a Linux extension) is still allowed.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/ipv6/raw.c

index 6193b124cbc764bd367df15addead75c07ae0322..396f0ea11090a98d6a07898d0e79d58fb7652313 100644 (file)
@@ -971,6 +971,19 @@ static int do_rawv6_setsockopt(struct sock *sk, int level, int optname,
 
        switch (optname) {
                case IPV6_CHECKSUM:
+                       if (inet_sk(sk)->num == IPPROTO_ICMPV6 &&
+                           level == IPPROTO_IPV6) {
+                               /*
+                                * RFC3542 tells that IPV6_CHECKSUM socket
+                                * option in the IPPROTO_IPV6 level is not
+                                * allowed on ICMPv6 sockets.
+                                * If you want to set it, use IPPROTO_RAW
+                                * level IPV6_CHECKSUM socket option
+                                * (Linux extension).
+                                */
+                               return -EINVAL;
+                       }
+
                        /* You may get strange result with a positive odd offset;
                           RFC2292bis agrees with me. */
                        if (val > 0 && (val&1))
@@ -1046,6 +1059,11 @@ static int do_rawv6_getsockopt(struct sock *sk, int level, int optname,
 
        switch (optname) {
        case IPV6_CHECKSUM:
+               /*
+                * We allow getsockopt() for IPPROTO_IPV6-level
+                * IPV6_CHECKSUM socket option on ICMPv6 sockets
+                * since RFC3542 is silent about it.
+                */
                if (rp->checksum == 0)
                        val = -1;
                else