Fix possible IPv6 spoofing

2013-03-17 20:14:05 +01:00 · 2013-03-17 20:14:05 +01:00 · 4ac1a26396
commit 4ac1a26396
parent 500bd3b1ae
1 changed files with 1 additions and 1 deletions
--- a/ppp.c
+++ b/ppp.c
@ -2244,7 +2244,7 @@ void processipv6in(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
 		return;

 	// no spoof
-	if (ipv4 != session[s].ip && memcmp(&config->ipv6_prefix, &ip, 8) && sessionbyipv6(ip) != s)
+	if ((ipv4 != session[s].ip || memcmp(&config->ipv6_prefix, &ip, 8)) && sessionbyipv6(ip) != s)
 	{
 		char str[INET6_ADDRSTRLEN];
 		LOG(5, s, t, "Dropping packet with spoofed IP %s\n",