| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
|
|
|
| |
When receiving an SCTP/UDP packet and the interface performed
the UDP checksum computation and signals that it was OK,
clear this bit when passing the packet to SCTP. Since the
bits indicating a valid UDP checksum and a valid SCTP
checksum are the same, the SCTP stack would assume
that also an SCTP checksum check has been performed.
|
|
|
|
|
| |
Fix the handling of IPSec policies in the SCTP stack. At least
make sure they are not leaked...
|
|
|
|
|
| |
Revert part of r291137 which seems correct, bit does not fix the
resource problem I'm currently hunting down.
|
|
|
|
| |
Clear the so_pcb pointer in case of ipsec_init_policy() fails.
|
|
|
|
|
|
| |
Don't send SHUTDOWN chunk when the association is in a front state
and the applications calls shutdown(..., SHUT_WR) or
shutdown(..., SHUT_RDWR).
|
|
|
|
|
| |
Fix a bug where an SCTP association was moved back to SHUTDOWN_SENT
state when the user issued a shutdown() call.
|
|
|
|
| |
Use the correct length. The wrong one was too large.
|
|
|
|
|
| |
The field sinfo_timetolive should have been sinfo_pr_value.
Thanks to Jens Hoelscher for making me aware of the bug.
|
|
|
|
|
|
| |
Fix typos in field names of struct sctp_extrcvinfo.
Provide defines to allow applications to compile.
Thanks to Jens Hoelscher for making me aware of the typos.
|
|
|
|
|
|
| |
When processing a cookie, any mismatch in port numbers or the vtag results
in failing the check.
This fixes https://github.com/nplab/ETSI-SCTP-Conformance-Testsuite/blob/master/sctp-imh-tests/sctp-imh-i-3-3.pkt
|
|
|
|
|
|
|
| |
Use __func__ instead of __FUNCTION__.
This allows to compile the userland stack without errors using gcc5.
Thanks to saghul for makeing me aware and providing the patch.
|
|
|
|
|
| |
Fix the timeout for INIT retransmissions in the case where RTO_MIN is
smaller than RTO_INITIAL.
|
|
|
|
|
| |
Fix compilation issue introduced in r287717.
Thanks to bz@ for making me aware of it.
|
|
|
|
| |
Address a compile warning.
|
|
|
|
|
|
| |
Cleanup the handling of error causes for ERROR chunks. This fixes
an inconsistency of the padding handling. The final padding is
now considered to be a chunk padding.
|
|
|
|
|
|
|
| |
Ensure that ERROR chunks are always padded by implementing this
in the routine, which queues an ERROR chunk, instead on relyinh
on the callers to do so. Since one caller missed this, this actially
fixes a bug.
|
|
|
|
|
|
| |
RFC 4960 requires that packets containing an INIT chunk bundled with
another chunk are silently discarded. Do so, instead of sending an
ABORT.
|
|
|
|
| |
Don't leak memory in an error case.
|
|
|
|
| |
Add a NULL pointer check to silence the clang code analyzer.
|
|
|
|
|
| |
Fix a bug where two SHUTDOWN_ACK chunks were sent if a SHUTDOWN chunk was
received acking all outstanding data.
|
|
|
|
|
|
| |
Use 5 times RTO.Max as the default for the shutdown guard timer
as required by RFC 4960. The sysctl variable can be used to
overwrite this.
|
|
|
|
|
| |
Fix the exporting of SCTP association states to userland. Without this,
associations in SHUTDOWN-PENDING were never reported correctly.
|
|
|
|
| |
Allow the path MTU to grow up to the outgoing interface MTU.
|
|
|
|
|
| |
Don't take the port numbers for packets containing ABORT chunks from
a freed mbuf. Just use them from the stcb.
|
|
|
|
| |
Fix a typo reported by Erik Cederstrand.
|
|
|
|
| |
Provide consistent error causes whenever an ABORT chunk is sent.
|
|
|
|
|
| |
Improve locking on Mac OS X. This does not change the functionality
on FreeBSD.
|
|
|
|
| |
Fix and improve a debug message. The SID was reported as an SSN.
|
|
|
|
|
|
| |
Move including netinet/icmp6.h around to avoid a problem when including
netinet/icmp6.h and net/netmap.h. Both use ni_flags...
This allows to build multistack with SCTP support.
|
|
|
|
|
|
|
| |
Fix an issue with MAC OS locking and also optimize the case
where we are sending back a stream-reset and a sack timer is running, in
that case we should just send the SACK.
Fix silly syntax error emacs chugged in for me.. gesh.
|
|
|
|
|
|
|
|
| |
Fix several problems with Stream Reset.
1) We were not handling (or sending) the IN_PROGRESS case if
the other side (or our side) was not able to reset (awaiting more data).
2) We would improperly send a stream-reset when we should not. Not
waiting until the TSN had been assigned when data was inqueue.
|
|
|
|
| |
Export the ssthresh value per SCTP path via the sysctl interface.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
o Fix Linux compatibility layer incorrect futex handling. [SA-16:03.linux]
o Fix Linux compatibility layer setgroups(2) system call. [SA-16:04.linux]
o Fix TCP MD5 signature denial of service. [SA-16:05.tcp]
o Fix insecure default bsnmpd.conf permissions. [SA-16:06.bsnmpd]
Security: FreeBSD-SA-16:01.sctp, CVE-2016-1879
Security: FreeBSD-SA-16:03.linux, CVE-2016-1880
Security: FreeBSD-SA-16:04.linux, CVE-2016-1881
Security: FreeBSD-SA-16:05.tcp, CVE-2016-1882
Security: FreeBSD-SA-16:06.bsnmpd, CVE-2015-5677
|
|
|
|
|
|
|
| |
MFC: r292012
Add an option to use rfc6675 based pipe/inflight bytes calculation in cubic and
newreno.
|
|
|
|
| |
Improve tcp duplicate ack processing when SACK is present.
|
|
|
|
|
|
|
|
|
| |
Calculate the correct amount of bytes that are in-flight for a connection as
suggested by RFC 6675.
MFC: r292046
r290122 added 4 bytes and removed 8 in struct sackhint. Add a pad entry of 4
bytes to restore the size.
|
|
|
|
| |
hash.
|
|
|
|
|
|
|
|
|
|
| |
Implementation of server-side TCP Fast Open (TFO) [RFC7413].
TFO is disabled by default in the kernel build. See the top comment
in sys/netinet/tcp_fastopen.c for implementation particulars.
Differential Revision: https://reviews.freebsd.org/D4350
Sponsored by: Verisign, Inc.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the same way fix the problem described in r291578 for IGMPv3.
In case when router has a lot of multicast groups, the reply can take
several packets due to MTU limitation.
Also we have a limit IGMP_MAX_RESPONSE_BURST == 4, that limits the number
of packets we send in one shot. Then we recalculate the timer value and
schedule the remaining packets for sending.
The problem is that when we call igmp_v3_dispatch_general_query() to send
remaining packets, we queue new reply in the same mbuf queue. And when
number of packets is bigger than IGMP_MAX_RESPONSE_BURST, we get endless
reply of IGMPv3 reports.
To fix this, add the check for remaining packets in the queue.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The r241129 description was wrong that the scenario is possible
only for read locks on pcbs. The same race can happen with write
lock semantics as well.
The race scenario:
- Two threads (1 and 2) locate pcb with writer semantics (INPLOOKUP_WLOCKPCB)
and do in_pcbref() on it.
- 1 and 2 both drop the inp hash lock.
- Another thread (3) grabs the inp hash lock. Then it runs in_pcbfree(),
which wlocks the pcb. They must happen faster than 1 or 2 come INP_WLOCK()!
- 1 and 2 congest in INP_WLOCK().
- 3 does in_pcbremlists(), drops hash lock, and runs in_pcbrele_wlocked(),
which doesn't free the pcb due to two references on it.
Then it unlocks the pcb.
- 1 (or 2) gets wlock on the pcb, runs in_pcbrele_wlocked(), which doesn't
report inp as freed, due to 2 (or 1) still helding extra reference on it.
The thread tries to do smth with a disconnected pcb and crashes.
Submitted by: emeric.poupon@stormshield.eu
Reviewed by: glebius@
Sponsored by: Stormshield
Tested by: Cassiano Peixoto, Stormshield
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Turning on IPSEC used to introduce a slight amount of performance
degradation (7%) for host host TCP connections over 10Gbps links,
even when there were no secuirty policies in place. There is no
change in performance on 1Gbps network links. Testing GENERIC vs.
GENERIC-NOIPSEC vs. GENERIC with this change shows that the new
code removes any overhead introduced by having IPSEC always in the
kernel.
Differential Revision: D3993
Sponsored by: Rubicon Communications (Netgate)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix an unnecessarily aggressive behavior where mtu clamping begins on first
retransmission timeout (rto) when blackhole detection is enabled. Make
sure it only happens when the second attempt to send the same segment also fails
with rto.
Also make sure that each mtu probing stage (usually 1448 -> 1188 -> 524) follows
the same pattern and gets 2 chances (rto) before further clamping down.
Note: RFC4821 doesn't specify implementation details on how this situation
should be handled.
|
|
|
|
| |
Add a comment specifying how we implement rfc3042.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update TSO limits to include all headers.
To make driver programming easier the TSO limits are changed to
reflect the values used in the BUSDMA tag a network adapter driver is
using. The TCP/IP network stack will subtract space for all linklevel
and protocol level headers and ensure that the full mbuf chain passed
to the network adapter fits within the given limits. See r287775
for a more detailed description.
Differential Revision: https://reviews.freebsd.org/D3477
Reviewed by: rmacklem
|
|
|
|
| |
Remove unnecessary tcp state transition call.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix wrong formatting of 0.0.0.0/X table records in ipfw(8).
Add `flags` u16 field to the hole in ipfw_table_xentry structure.
Kernel has been guessing address family for supplied record based
on xent length size.
Userland, however, has been getting fixed-size ipfw_table_xentry structures
guessing address family by checking address by IN6_IS_ADDR_V4COMPAT().
Fix this behavior by providing specific IPFW_TCF_INET flag for IPv4 records.
PR: bin/189471,kern/200169
|
|
|
|
|
|
|
|
|
|
|
| |
Since the IETF has redefined the meaning of the tos field to accommodate
a set of differentiated services, set IPTOS_PREC_* macros using
IPTOS_DSCP_* macro definitions.
While here, add IPTOS_DSCP_VA macro according to RFC 5865.
Differential Revision: https://reviews.freebsd.org/D3119
Reviewed by: gnn
|
|
|
|
|
|
| |
Correct issue presented in r285051 by properly initializing variable.
Differential Revision: https://reviews.freebsd.org/D3036
|
|
|
|
|
|
| |
Avoid doing multiple route lookups for the same destination IP during forwarding.
Differential Revision: https://reviews.freebsd.org/D2964
|
|
|
|
|
|
| |
Fix resource exhaustion in TCP reassembly. [SA-15:15]
Fix OpenSSH multiple vulnerabilities. [SA-15:16]
|