| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Loopback addresses are 127.0.0.0/8, not 127.0.0.1/32.
MFC r295668:
Improve the teardown of the SCTP stack.
MFC r295670:
Whitespace changes.
MFC r295708:
Address a warning reported by D5245 / PVS.
MFC r295709:
Code cleanup which will silence a warning in PVS / D5245.
MFC r295710:
Add protection code for issues reported by PVS / D5245.
MFC r295771:
Fix reporting of mapped addressed in getpeername() and getsockname() for
IPv6 SCTP sockets.
This bugs were found because of an issue reported by PVS / D5245.
MFC r295772:
Add some protection code.
MFC r295773:
Add protection code.
MFC r295805:
Use the SCTP level pointer, not the interface level.
MFC r295929:
Don't leak an address in an error path.
Approved by: re (marius)
|
| |\ \
| |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Always look in the TCP pool.
This fixes issues with a restarting peer when the listening
1-to-1 style socket is closed.
MFC r295021:
Remove debug output which was committed by accident.
Thanks to Oliver Pinter for reporting.
MFC r295069:
Ignore peer addresses in a consistent way also when checking for
new addresses during restart. If this is not done, restart doesn't
work when the local socket is IPv4 only and the peer uses
IPv4 and IPv6 addresses.
MFC r295070:
Don't change the remote UDP encapsulation port for SCTP packets
containing an INIT chunk.
MFC r295072:
Don't allow a remote encapsulation port change during the
SCTP restart procedure.
MFC r295075:
Update the path mtu when turning on/off UDP encapsulation for SCTP.
MFC r295077:
Add missing parentheses. This was reported by ccaughie via GitHub
for the userland stack.
Approved by: re (kib)
|
| |\ \
| |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Retire sctp_validate_no_locks().
This routine checks that there are no locks held for an inp,
without having any lock on the inp. This breaks if the inp
goes away when it is called. This happens on stress tests
on a RPi B+.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix the allocation of outgoing streams:
* When processing a cookie, use the number of
streams announced in the INIT-ACK.
* When sending an INIT-ACK for an existing
association, use the value from the association,
not from the end-point.
|
| | |
| |
| |
| |
| | |
Fix a bug where a stream reset request wasn't retranmitted when the
peer indicated "In progress".
|
| | |
| |
| |
| | |
Ensure that outgoing streams get reset when they run dry.
|
| | |
| |
| |
| |
| | |
Adjust the MTU when accepting an SCTP association using
UDP encapsulation.
|
| | |
| |
| |
| |
| |
| | |
When processing a cookie, any mismatch in port numbers or the vtag results
in failing the check.
This fixes https://github.com/nplab/ETSI-SCTP-Conformance-Testsuite/blob/master/sctp-imh-tests/sctp-imh-i-3-3.pkt
|
| | |
| |
| |
| |
| |
| |
| | |
Use __func__ instead of __FUNCTION__.
This allows to compile the userland stack without errors using gcc5.
Thanks to saghul for makeing me aware and providing the patch.
|
| | |
| |
| |
| |
| | |
Fix compilation issue introduced in r287717.
Thanks to bz@ for making me aware of it.
|
| | |
| |
| |
| | |
Address a compile warning.
|
| | |
| |
| |
| |
| |
| | |
Cleanup the handling of error causes for ERROR chunks. This fixes
an inconsistency of the padding handling. The final padding is
now considered to be a chunk padding.
|
| | |
| |
| |
| |
| |
| |
| | |
Ensure that ERROR chunks are always padded by implementing this
in the routine, which queues an ERROR chunk, instead on relyinh
on the callers to do so. Since one caller missed this, this actially
fixes a bug.
|
| | |
| |
| |
| |
| |
| | |
RFC 4960 requires that packets containing an INIT chunk bundled with
another chunk are silently discarded. Do so, instead of sending an
ABORT.
|
| | |
| |
| |
| |
| | |
Fix a bug where two SHUTDOWN_ACK chunks were sent if a SHUTDOWN chunk was
received acking all outstanding data.
|
| | |
| |
| |
| |
| | |
Don't take the port numbers for packets containing ABORT chunks from
a freed mbuf. Just use them from the stcb.
|
| | |
| |
| |
| | |
Provide consistent error causes whenever an ABORT chunk is sent.
|
| | |
| |
| |
| |
| |
| |
| | |
Fix an issue with MAC OS locking and also optimize the case
where we are sending back a stream-reset and a sack timer is running, in
that case we should just send the SACK.
Fix silly syntax error emacs chugged in for me.. gesh.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Fix several problems with Stream Reset.
1) We were not handling (or sending) the IN_PROGRESS case if
the other side (or our side) was not able to reset (awaiting more data).
2) We would improperly send a stream-reset when we should not. Not
waiting until the TSN had been assigned when data was inqueue.
|
| |/
|
|
|
|
|
|
|
|
|
| |
Do not count security policy violation twice.
ipsec*_in_reject() do this by their own.
Obtained from: Yandex LLC
Sponsored by: Yandex LLC
TAG: IPSEC-HEAD
Issue: #4841
|
| |
|
|
|
| |
Fix a bug related to flow assignment I introduced in
https://svnweb.freebsd.org/base?view=revision&revision=275483
|
| |
|
|
|
|
|
| |
Add FIB support for SCTP.
This fixes https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200379
PR: 200379
|
| |
|
|
|
| |
Fix and cleanup the debug information. This has no user-visible changes.
Thanks to Irene Ruengeler for proving a patch.
|
| |
|
|
|
|
|
| |
Ensure that the COOKIE-ACK can be sent over UDP if the COOKIE-ECHO was
received over UDP.
Thanks to Felix Weinrank for makeing me aware of the problem and to
Irene Ruengeler for providing the fix.
|
| |
|
|
| |
Add a SCTP socket option to limit the cwnd for each path.
|
| |
|
|
|
|
|
| |
Remove an unnecessary check.
Reported by: Coverity
CID: 749576
|
| |
|
|
|
|
|
| |
Remove dead code.
Reported by: Coverity
CID: 748663
|
| |
|
|
|
| |
Minimize the usage of SCTP_BUF_IS_EXTENDED.
This should help Robert...
|
| |
|
|
| |
Include the received chunk padding when reporting an unknown chunk.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
r275358:
Start process of removing the use of the deprecated "M_FLOWID" flag
from the FreeBSD network code. The flag is still kept around in the
"sys/mbuf.h" header file, but does no longer have any users. Instead
the "m_pkthdr.rsstype" field in the mbuf structure is now used to
decide the meaning of the "m_pkthdr.flowid" field. To modify the
"m_pkthdr.rsstype" field please use the existing "M_HASHTYPE_XXX"
macros as defined in the "sys/mbuf.h" header file.
This patch introduces new behaviour in the transmit direction.
Previously network drivers checked if "M_FLOWID" was set in "m_flags"
before using the "m_pkthdr.flowid" field. This check has now now been
replaced by checking if "M_HASHTYPE_GET(m)" is different from
"M_HASHTYPE_NONE". In the future more hashtypes will be added, for
example hashtypes for hardware dedicated flows.
"M_HASHTYPE_OPAQUE" indicates that the "m_pkthdr.flowid" value is
valid and has no particular type. This change removes the need for an
"if" statement in TCP transmit code checking for the presence of a
valid flowid value. The "if" statement mentioned above is now a direct
variable assignment which is then later checked by the respective
network drivers like before.
r275483:
Remove M_FLOWID from SCTP code.
r276982:
Remove no longer used "M_FLOWID" flag from mbuf.h and update the netisr
manpage.
Note: The FreeBSD version has been bumped.
Reviewed by: hps, tuexen
Sponsored by: Limelight Networks
|
| |
|
|
|
|
|
|
|
| |
and SCTP stream reset vulnerability.
Security: FreeBSD-SA-15:02.kmem
Security: CVE-2014-8612
Security: FreeBSD-SA-15:03.sctp
Security: CVE-2014-8613
|
| |
|
|
|
|
|
| |
Fix the reported streams in a SCTP_STREAM_RESET_EVENT, if a
sent incoming stream reset request was responded with failed
or denied.
Thanks to Peter Bostroem from Google for reporting the issue.
|
| |
|
|
|
| |
Ensure that the flags field of sctp_tmit_chunks is initialized.
Thanks to Peter Bostroem from Google for reporting the issue.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Announce SCTP support in the kern.features sysctl variables.
MFC r270859:
Enable SCTP support. It runs perfectly fine on a Wandboard quad.
MFC r271204 with manual intervention:
Fix the handling of sysctl variables when used with VIMAGE.
While there do some cleanup of the code.
MFC r271209:
Fix a leak of an address, if the address is scheduled for removal
and the stack is torn down.
Thanks to Peter Bostroem and Jiayang Liu from Google for reporting the
issue.
MFC r271219:
Use SYSCTL_PROC instead of SYSCTL_VNET_PROC.
Suggested by: glebius@
MFC r271221:
Use union sctp_sockstore instead of struct sockaddr_storage. This
eliminates some warnings when building in userland.
Thanks to Patrick Laimbock for reporting this issue.
Remove also some unnecessary casts.
There should be no functional change.
MFC r271228:
Address another warnings reported by Patrick Laimbock when compiling
in userspace. While there, improve consistency.
MFC r271230:
Address warnings generated by the clang analyzer.
Approved by: re (kib)
|
| |
|
|
|
|
|
|
| |
Add support for the SCTP_PR_STREAM_STATUS and SCTP_PR_ASSOC_STATUS
socket options. This includes managing the correspoing stat counters.
Add the SCTP_DETAILED_STR_STATS kernel option to control per policy
counters on every stream. The default is off and only an aggregated
counter is available. This is sufficient for the RTCWeb usecase.
|
| |
|
|
|
| |
Add support for the SCTP_AUTH_SUPPORTED and SCTP_ASCONF_SUPPORTED
socket options. Add also a sysctl to control the support of ASCONF.
|
| |
|
|
|
| |
Add support for the SCTP_RECONFIG_SUPPORTED and the corresponding
sysctl controlling the negotiation of the RE-CONFIG extension.
|
| |
|
|
|
|
| |
Add support for the SCTP_PKTDROP_SUPPORTED socket option and
the corresponding sysctl variable.
The default is off, since the specification is not an RFC yet.
|
| |
|
|
|
|
|
| |
Add SCTP socket option SCTP_NRSACK_SUPPORTED to control the
NRSACK extension. The default will still be off, since it
it not an RFC (yet).
Changing the sysctl name will be in a separate commit.
|
| |
|
|
|
|
| |
Add support for the SCTP_PR_SUPPORTED socket option as specified in
http://tools.ietf.org/html/draft-ietf-tsvwg-sctp-prpolicies
Add also a sysctl controlling the default of the end-points.
|
| |
|
|
|
|
|
|
| |
Cleanup the ECN configuration handling and provide an SCTP socket
option for controlling ECN on future associations and get the
status on current associations.
A simialar pattern will be used for controlling SCTP extensions in
upcoming commits.
|
| |
|
|
|
| |
Cleanup sctp_send_initiate() and sctp_send_initiate_ack() to be
in sync as much as possible. This simplifies upcoming changes.
|
| |
|
|
| |
Integrate upstream changes.
|
| |
|
|
|
|
|
|
|
|
| |
* Provide information in error causes in ASCII instead of
proprietary binary format.
* Add support for a diagnostic information error cause.
The code is sysctlable and the default is 0, which
means it is not sent.
This is joint work with rrs@.
|
| |
|
|
| |
Remove redundant code and fix a style error.
|
| | |
|
| |
|
|
|
|
| |
The upper 32bits are not occupied for now.
Sponsored by: The FreeBSD Foundation
|
