* Rewrite destination address in case we will connect to loopback address. * * Returns 0 on success, EAFNOSUPPORT if the jail doesn't allow IPv4. * Address passed in in NBO and returned in NBO. */
| 333 | * Address passed in in NBO and returned in NBO. |
| 334 | */ |
| 335 | int |
| 336 | prison_remote_ip4(struct ucred *cred, struct in_addr *ia) |
| 337 | { |
| 338 | struct prison *pr; |
| 339 | |
| 340 | KASSERT(cred != NULL, ("%s: cred is NULL", __func__)); |
| 341 | KASSERT(ia != NULL, ("%s: ia is NULL", __func__)); |
| 342 | |
| 343 | pr = cred->cr_prison; |
| 344 | if (!(pr->pr_flags & PR_IP4)) |
| 345 | return (0); |
| 346 | mtx_lock(&pr->pr_mtx); |
| 347 | if (!(pr->pr_flags & PR_IP4)) { |
| 348 | mtx_unlock(&pr->pr_mtx); |
| 349 | return (0); |
| 350 | } |
| 351 | if (pr->pr_ip4 == NULL) { |
| 352 | mtx_unlock(&pr->pr_mtx); |
| 353 | return (EAFNOSUPPORT); |
| 354 | } |
| 355 | |
| 356 | if (ntohl(ia->s_addr) == INADDR_LOOPBACK && |
| 357 | prison_check_ip4_locked(pr, ia) == EADDRNOTAVAIL) { |
| 358 | ia->s_addr = pr->pr_ip4[0].s_addr; |
| 359 | mtx_unlock(&pr->pr_mtx); |
| 360 | return (0); |
| 361 | } |
| 362 | |
| 363 | /* |
| 364 | * Return success because nothing had to be changed. |
| 365 | */ |
| 366 | mtx_unlock(&pr->pr_mtx); |
| 367 | return (0); |
| 368 | } |
| 369 | |
| 370 | /* |
| 371 | * Check if given address belongs to the jail referenced by cred/prison. |
no test coverage detected