From 4ac1a263960dd8d535dcc15f30856d07c01ac2e4 Mon Sep 17 00:00:00 2001
From: fendo <fendo@bi12info.com>
Date: Sun, 17 Mar 2013 20:14:05 +0100
Subject: [PATCH] Fix possible IPv6 spoofing

---
 ppp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ppp.c b/ppp.c
index 893ceb9..bd70e4d 100644
--- a/ppp.c
+++ b/ppp.c
@@ -2244,7 +2244,7 @@ void processipv6in(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
 		return;
 
 	// no spoof
-	if (ipv4 != session[s].ip && memcmp(&config->ipv6_prefix, &ip, 8) && sessionbyipv6(ip) != s)
+	if ((ipv4 != session[s].ip || memcmp(&config->ipv6_prefix, &ip, 8)) && sessionbyipv6(ip) != s)
 	{
 		char str[INET6_ADDRSTRLEN];
 		LOG(5, s, t, "Dropping packet with spoofed IP %s\n",
-- 
2.20.1