[Bug 265089] Connection errors with IPv6 source address validation

From: <bugzilla-noreply_at_freebsd.org>
Date: Sun, 10 Jul 2022 12:48:45 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=265089

--- Comment #1 from commit-hook@FreeBSD.org ---
A commit in branch main references this bug:

URL:
https://cgit.FreeBSD.org/src/commit/?id=50fa27e795eaae97dae87ac4532799f7aea87e9f

commit 50fa27e795eaae97dae87ac4532799f7aea87e9f
Author:     Alexander V. Chernikov <melifaro@FreeBSD.org>
AuthorDate: 2022-07-10 12:27:23 +0000
Commit:     Alexander V. Chernikov <melifaro@FreeBSD.org>
CommitDate: 2022-07-10 12:47:47 +0000

    netinet6: fix interface handling for loopback traffic

    Currently, processing of IPv6 local traffic is partially broken:
     link-local connection fails and global unicast connect() takes
     3 seconds to complete.
    This happens due to the combination of multiple factors.
    IPv6 code passes original interface "origifp" when passing
    traffic via loopack to retain the scope that is mandatory for the
    correct hadling of link-local traffic. First problem is that the logic
    of passing source interface is not working correcly for TCP connections,
    resulting in passing "origifp" on the first 2 connection attempts and
    lo0 on the subsequent ones. Second problem is that source address
    validation logic skips its checks iff the source interface is loopback,
    which doesn't cover "origifp" case.
    More detailed description is available at
https://reviews.freebsd.org/D35732

    Fix the first problem by untangling&simplifying ifp/origifp logic.
    Fix the second problem by switching source address validation check to
    using M_LOOP mbuf flag instead of interface type.

    PR:             265089
    Reviewed by:    ae, bz(previous version)
    Differential Revision:  https://reviews.freebsd.org/D35732
    MFC after:      2 weeks

 sys/netinet6/ip6_input.c              |  2 +-
 sys/netinet6/ip6_output.c             | 61 ++++++++++++++++++-----------------
 tests/sys/netinet6/test_ip6_output.py |  4 +--
 3 files changed, 35 insertions(+), 32 deletions(-)

-- 
You are receiving this mail because:
You are the assignee for the bug.