| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
| |
When setting the primary address, return an error whenever it fails.
|
| |
|
|
|
| |
Fix a bug related to flow assignment I introduced in
https://svnweb.freebsd.org/base?view=revision&revision=275483
|
| |
|
|
|
|
|
| |
Add FIB support for SCTP.
This fixes https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200379
PR: 200379
|
| |
|
|
|
|
|
|
| |
Ensure that the flowid hashtype is assigned to the inp if the flowid
is also assigned.
Spotted by: gallatin
Tested by: gallatin
|
| |
|
|
| |
Correctly detect the case where the last address is removed.
|
| |
|
|
|
|
|
| |
Stop the heartbeat timer when removing a net.
Thanks to the reporter of
https://code.google.com/p/sctp-refimpl/issues/detail?id=14
for reporting the issue.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Extend fixes made in r278103 and r38754 by copying the complete packet
header and not only partial flags and fields. Firewalls can attach
classification tags to the outgoing mbufs which should be copied to
all the new fragments. Else only the first fragment will be let
through by the firewall. This can easily be tested by sending a large
ping packet through a firewall. It was also discovered that VLAN
related flags and fields should be copied for packets traversing
through VLANs. This is all handled by "m_dup_pkthdr()".
Regarding the MAC policy check in ip_fragment(), the tag provided by
the originating mbuf is copied instead of using the default one
provided by m_gethdr().
Tested by: Karim Fodil-Lemelin <fodillemlinkarim at gmail.com>
Sponsored by: Mellanox Technologies
PR: 7802
|
| |
|
|
| |
Fix the reporting of the PMTUD state for specific paths.
|
| |
|
|
| |
Code cleanup.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In case of an output error, continue with the next net, don't try to
continue sending on the same net.
This fixes a bug where an invalid mbuf chain was constructed, if a
full size frame of control chunks should be sent and there is a
output error.
Based on a discussion with rrs@, change move to the next net. This fixes
the bug and improves the behaviour.
Thanks to Irene Ruengeler for spending a lot of time in narrowing this
problem down.
|
| |
|
|
|
|
|
| |
Fix a callout race condition introduced in TCP timers callouts with r281599.
In TCP timer context, it is not enough to check callout_stop() return value
to decide if a callout is still running or not, previous callout_reset()
return values have also to be checked.
|
| |
|
|
|
| |
Export a pointer to the SCTP socket. This is needed to add SCTP support
to sockstat.
|
| |
|
|
|
|
| |
Change struct attribute to avoid aligned operations mismatch
Previous __alignment(4) allowed compiler to assume that operations are
performed on aligned region. On ARM processor, this led to alignment fault
|
| |
|
|
|
|
|
|
|
|
| |
Remove in_gif.h and in6_gif.h files. They only contain function
declarations used by gif(4). Instead declare these functions in C files.
Also make some variables static.
MFC r276215:
Extern declarations in C files loses compile-time checking that
the functions' calls match their definitions. Move them to header files.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Overhaul if_gre(4).
Split it into two modules: if_gre(4) for GRE encapsulation and
if_me(4) for minimal encapsulation within IP.
gre(4) changes:
* convert to if_transmit;
* rework locking: protect access to softc with rmlock,
protect from concurrent ioctls with sx lock;
* correct interface accounting for outgoing datagramms (count only payload size);
* implement generic support for using IPv6 as delivery header;
* make implementation conform to the RFC 2784 and partially to RFC 2890;
* add support for GRE checksums - calculate for outgoing datagramms and check
for inconming datagramms;
* add support for sending sequence number in GRE header;
* remove support of cached routes. This fixes problem, when gre(4) doesn't
work at system startup. But this also removes support for having tunnels with
the same addresses for inner and outer header.
* deprecate support for various GREXXX ioctls, that doesn't used in FreeBSD.
Use our standard ioctls for tunnels.
me(4):
* implementation conform to RFC 2004;
* use if_transmit;
* use the same locking model as gre(4);
PR: 164475
MFC r274289 (by bz):
gcc requires variables to be initialised in two places. One of them
is correctly used only under the same conditional though.
For module builds properly check if the kernel supports INET or INET6,
as otherwise various mips kernels without IPv6 support would fail to build.
MFC r274964:
Add ip_gre.h to ObsoleteFiles.inc.
|
| |
|
|
|
|
|
| |
- Virtualize interface cloner for gre(4). This fixes a panic when destroying
a vnet jail which has a gre(4) interface.
- Make net.link.gre.max_nesting vnet-local.
|
| |
|
|
|
|
|
|
|
|
| |
Remove route chaching support from ipsec code. It isn't used for some time.
* remove sa_route_union declaration and route_cache member from struct secashead;
* remove key_sa_routechange() call from ICMP and ICMPv6 code;
* simplify ip_ipsec_mtu();
* remove #include <net/route.h>;
Sponsored by: Yandex LLC
|
| |
|
|
|
|
|
|
|
|
| |
Add an ability accept encapsulated packets from different sources by one
gif(4) interface. Add new option "ignore_source" for gif(4) interface.
When it is enabled, gif's encapcheck function requires match only for
packet's destination address.
Differential Revision: https://reviews.freebsd.org/D2004
Sponsored by: Yandex LLC
|
| |
|
|
| |
Remove printf() noise...
|
| |
|
|
|
|
| |
Report the MTU consistently as specified in
https://tools.ietf.org/html/rfc6458
Thanks to Irene Ruengeler for helping me to fix this bug.
|
| |
|
|
|
|
|
|
| |
Take source and destination address into account when determining
the scope.
This fixes a problem when a client with a global address
connects to a server with a private address.
Thanks to Irene Ruengeler in helping me to find the issue.
|
| |
|
|
| |
Retire SCTP_DONT_DO_PRIVADDR_SCOPE which was never defined.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix a bug where messages would not be sent in SHUTDOWN_RECEIVED state.
This problem was reported by Mark Bonnekessel and Markus Boese.
Thanks to Irene Ruengeler for helping me to fix the cause of
the problem. It can be tested with the following packetdrill script:
+0.0 socket(..., SOCK_STREAM, IPPROTO_SCTP) = 3
+0.0 fcntl(3, F_GETFL) = 0x2 (flags O_RDWR)
+0.0 fcntl(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
// Check the handshake with an empty(!) cookie
+0.1 connect(3, ..., ...) = -1 EINPROGRESS (Operation now in progress)
+0.0 > sctp: INIT[flgs=0, tag=1, a_rwnd=..., os=..., is=..., tsn=0, ...]
+0.1 < sctp: INIT_ACK[flgs=0, tag=2, a_rwnd=10000, os=1, is=1, tsn=0, STATE_COOKIE[len=4, val=...]]
+0.0 > sctp: COOKIE_ECHO[flgs=0, len=4, val=...]
+0.1 < sctp: COOKIE_ACK[flgs=0]
+0.0 getsockopt(3, SOL_SOCKET, SO_ERROR, [0], [4]) = 0
+0.0 write(3, ..., 1024) = 1024
+0.0 > sctp: DATA[flgs=BE, len=1040, tsn=0, sid=0, ssn=0, ppid=0]
+0.0 write(3, ..., 1024) = 1024 // Pending due to Nagle
+0.0 < sctp: SHUTDOWN[flgs=0, cum_tsn=0]
+0.0 > sctp: DATA[flgs=BE, len=1040, tsn=1, sid=0, ssn=1, ppid=0]
+0.0 < sctp: SACK[flgs=0, cum_tsn=1, a_rwnd=10000, gaps=[], dups=[]] // Do we need another SHUTDOWN here?
+0.0 > sctp: SHUTDOWN_ACK[flgs=0]
+0.0 < sctp: SHUTDOWN_COMPLETE[flgs=0]
+0.0 close(3) = 0
|
| |
|
|
|
| |
Use macros for overhead in a consistent way. No functional change.
Thanks to Irene Ruengeler for suggesting the change.
|
| |
|
|
| |
Some more debug info cleanup.
|
| |
|
|
|
| |
Fix and cleanup the debug information. This has no user-visible changes.
Thanks to Irene Ruengeler for proving a patch.
|
| |
|
|
| |
Address some compiler warnings. No functional change.
|
| |
|
|
|
|
|
| |
Ensure that the COOKIE-ACK can be sent over UDP if the COOKIE-ECHO was
received over UDP.
Thanks to Felix Weinrank for makeing me aware of the problem and to
Irene Ruengeler for providing the fix.
|
| |
|
|
|
|
| |
Don't panic under INVARIANTS when receiving a SACK which cumacks
a TSN never sent.
While there, fix two typos.
|
| |
|
|
|
|
|
| |
Improve the selection of the destination address of SACK chunks.
This fixes
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196755
and is joint work with rrs@.
|
| |
|
|
|
|
| |
Make sure that we don't free an SCTP shared key too early.
Thanks to Pouyan Sepehrdad from Qualcomm Product Security Initiative
for reporting the issue.
|
| |
|
|
|
| |
Use the reference count of the right SCTP inp.
Joint work with rrs@
|
| |
|
|
|
|
|
| |
Fix two bugs which resulted in a screwed up end point list:
* Use a save way to walk throught a list while manipulting it.
* Have to appropiate locks in place.
Joint work with rrs@
|
| |
|
|
|
|
| |
Fix the bug in the handling of fragmented abandoned SCTP user messages reported in
https://code.google.com/p/sctp-refimpl/issues/detail?id=11
Thanks to Lally Singh for reporting it.
|
| |
|
|
|
| |
Fix an accounting bug related to the per stream chunk counter.
While there, don't refer to a net articifically.
|
| |
|
|
|
| |
When an ICMP message is received and the MTU shrinks, only
mark outstanding chunks for retransmissions.
|
| |
|
|
| |
Remove a useless assignment.
|
| |
|
|
|
| |
Fix the adaptation of the path state when thresholds are changed
using the SCTP_PEER_ADDR_THLDS socket option.
|
| |
|
|
|
| |
Keep track on the socket lock state. This fixes a bug showing up on
Mac OS X.
|
| |
|
|
| |
Unlock the stcb when using setsockopt() for the SCTP_PEER_ADDR_THLDS option.
|
| |
|
|
| |
Add a SCTP socket option to limit the cwnd for each path.
|
| |
|
|
| |
Fix a typo.
|
| |
|
|
| |
Whitespace change.
|
| |
|
|
|
|
|
|
| |
Remove comparisons which are not necessary.
With manual intervention.
Reported by: Coverity
CID: 1237826, 1237844, 1237847
|
| |
|
|
|
|
|
| |
Code cleanup.
Reported by: Coverity
CID: 749578
|
| |
|
|
|
|
|
|
| |
Fix a bug which only shows up when an mbuf allocation failed.
Therefore chances are low that we hit this.
Reported by: Coverity
CID: 1018886
|
| |
|
|
|
|
|
| |
Remove an unnecessary check.
Reported by: Coverity
CID: 749576
|
| |
|
|
|
|
|
|
| |
Add protection code to free memory in case of processing an address which
is neither IPv4 or IPv6.
Reported by: Coverity
CID: 749311
|
| |
|
|
|
|
|
| |
Remove an unused variable.
Reported by: Coverity
CID: 750999
|
