From: bluhm Date: Thu, 1 Feb 2018 21:18:12 +0000 (+0000) Subject: Done means to stop processing the protocol loop, but IP proto none X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=71cb9cc275573c4983b75653745e91b15666ee6f;p=openbsd Done means to stop processing the protocol loop, but IP proto none is protocol 58. Fix typo in ip6_etherip_input() to properly discard EtherIP tunnel IPv6 packets if the feature is disabled. found by Maxime Villard; with markus@; OK patrick@ deraadt@ millert@ jca@ --- diff --git a/sys/net/if_etherip.c b/sys/net/if_etherip.c index c304fcdfd6f..aebcb2d5bf4 100644 --- a/sys/net/if_etherip.c +++ b/sys/net/if_etherip.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_etherip.c,v 1.30 2018/01/22 09:06:22 mpi Exp $ */ +/* $OpenBSD: if_etherip.c,v 1.31 2018/02/01 21:18:12 bluhm Exp $ */ /* * Copyright (c) 2015 Kazuya GODA * @@ -571,7 +571,7 @@ ip6_etherip_input(struct mbuf **mp, int *offp, int proto, int af) if (!etherip_allow && (m->m_flags & (M_AUTH|M_CONF)) == 0) { m_freem(m); etheripstat_inc(etherips_pdrops); - return IPPROTO_NONE; + return IPPROTO_DONE; } ip6 = mtod(m, const struct ip6_hdr *);