diff options
| author | Ed Maste <emaste@FreeBSD.org> | 2024-11-25 14:07:11 +0000 |
|---|---|---|
| committer | Ed Maste <emaste@FreeBSD.org> | 2025-05-24 18:13:09 +0000 |
| commit | cd240957d7ba43d819e9d59c6f6517fe915102c7 (patch) | |
| tree | 18e6b64e245ff41db94fab2ff516195cacd178be | |
| parent | ab4edcd552c967a400e85afc0fd3e6729fa9ee2c (diff) | |
netinet: Disallow connections to INADDR_ANY
Previously connect() or sendto() to INADDR_ANY reached some socket bound
to some host interface address. Although this was intentional it was an
artifact of a different era, and is not desirable now.
In 417b35a97b76 markj added support to disallow connect() to INADDR_ANY.
Take the next logical step and disable it by default.
PR: 280705
Reviewed by: markj, jhb, zlei
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D47740
| -rw-r--r-- | sys/netinet/in_pcb.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c index 3774f73a7a8f..bccd4b84561a 100644 --- a/sys/netinet/in_pcb.c +++ b/sys/netinet/in_pcb.c @@ -235,7 +235,7 @@ VNET_SYSINIT(in_pcbhashseed_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_FIRST, in_pcbhashseed_init, NULL); #ifdef INET -VNET_DEFINE_STATIC(int, connect_inaddr_wild) = 1; +VNET_DEFINE_STATIC(int, connect_inaddr_wild) = 0; #define V_connect_inaddr_wild VNET(connect_inaddr_wild) SYSCTL_INT(_net_inet_ip, OID_AUTO, connect_inaddr_wild, CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(connect_inaddr_wild), 0, |