summaryrefslogtreecommitdiffstats
path: root/sys/netinet
Commit message (Collapse)AuthorAgeFilesLines
...
* MFC r291364:tuexen2016-01-161-0/+12
| | | | | | | | | When receiving an SCTP/UDP packet and the interface performed the UDP checksum computation and signals that it was OK, clear this bit when passing the packet to SCTP. Since the bits indicating a valid UDP checksum and a valid SCTP checksum are the same, the SCTP stack would assume that also an SCTP checksum check has been performed.
* MFC r291141:tuexen2016-01-162-47/+9
| | | | | Fix the handling of IPSec policies in the SCTP stack. At least make sure they are not leaked...
* MFC r291140:tuexen2016-01-161-2/+4
| | | | | Revert part of r291137 which seems correct, bit does not fix the resource problem I'm currently hunting down.
* MFC r291138:tuexen2016-01-161-1/+2
| | | | Clear the so_pcb pointer in case of ipsec_init_policy() fails.
* MFC r291137:tuexen2016-01-162-8/+5
| | | | | | Don't send SHUTDOWN chunk when the association is in a front state and the applications calls shutdown(..., SHUT_WR) or shutdown(..., SHUT_RDWR).
* MFC r291078:tuexen2016-01-161-51/+52
| | | | | Fix a bug where an SCTP association was moved back to SHUTDOWN_SENT state when the user issued a shutdown() call.
* MFC r290468:tuexen2016-01-161-1/+1
| | | | Use the correct length. The wrong one was too large.
* MFC r290444:tuexen2016-01-161-1/+2
| | | | | The field sinfo_timetolive should have been sinfo_pr_value. Thanks to Jens Hoelscher for making me aware of the bug.
* MFC r290442:tuexen2016-01-163-27/+33
| | | | | | Fix typos in field names of struct sctp_extrcvinfo. Provide defines to allow applications to compile. Thanks to Jens Hoelscher for making me aware of the typos.
* MFC r290023:tuexen2016-01-161-2/+2
| | | | | | When processing a cookie, any mismatch in port numbers or the vtag results in failing the check. This fixes https://github.com/nplab/ETSI-SCTP-Conformance-Testsuite/blob/master/sctp-imh-tests/sctp-imh-i-3-3.pkt
* MFC r289570:tuexen2016-01-166-26/+26
| | | | | | | Use __func__ instead of __FUNCTION__. This allows to compile the userland stack without errors using gcc5. Thanks to saghul for makeing me aware and providing the patch.
* MFC r289240:tuexen2016-01-161-1/+5
| | | | | Fix the timeout for INIT retransmissions in the case where RTO_MIN is smaller than RTO_INITIAL.
* MFC r287725:tuexen2016-01-161-1/+1
| | | | | Fix compilation issue introduced in r287717. Thanks to bz@ for making me aware of it.
* MFC r287719:tuexen2016-01-161-2/+2
| | | | Address a compile warning.
* MFC r287717:tuexen2016-01-165-156/+82
| | | | | | Cleanup the handling of error causes for ERROR chunks. This fixes an inconsistency of the padding handling. The final padding is now considered to be a chunk padding.
* MFC r287669:tuexen2016-01-164-26/+38
| | | | | | | Ensure that ERROR chunks are always padded by implementing this in the routine, which queues an ERROR chunk, instead on relyinh on the callers to do so. Since one caller missed this, this actially fixes a bug.
* MFC r287535:tuexen2016-01-161-6/+4
| | | | | | RFC 4960 requires that packets containing an INIT chunk bundled with another chunk are silently discarded. Do so, instead of sending an ABORT.
* MFC r287457:tuexen2016-01-161-0/+5
| | | | Don't leak memory in an error case.
* MFC r287456:tuexen2016-01-161-0/+3
| | | | Add a NULL pointer check to silence the clang code analyzer.
* MFC r287444:tuexen2016-01-161-10/+15
| | | | | Fix a bug where two SHUTDOWN_ACK chunks were sent if a SHUTDOWN chunk was received acking all outstanding data.
* MFC r287294:tuexen2016-01-163-7/+7
| | | | | | Use 5 times RTO.Max as the default for the shutdown guard timer as required by RFC 4960. The sysctl variable can be used to overwrite this.
* MFC r287282:tuexen2016-01-165-8/+49
| | | | | Fix the exporting of SCTP association states to userland. Without this, associations in SHUTDOWN-PENDING were never reported correctly.
* MFC r286781:tuexen2016-01-161-0/+2
| | | | Allow the path MTU to grow up to the outgoing interface MTU.
* MFC r286206:tuexen2016-01-163-28/+7
| | | | | Don't take the port numbers for packets containing ABORT chunks from a freed mbuf. Just use them from the stcb.
* MFC r285938:tuexen2016-01-161-1/+1
| | | | Fix a typo reported by Erik Cederstrand.
* MFC r285925:tuexen2016-01-167-23/+69
| | | | Provide consistent error causes whenever an ABORT chunk is sent.
* MFC r285887:tuexen2016-01-161-2/+25
| | | | | Improve locking on Mac OS X. This does not change the functionality on FreeBSD.
* MFC r285886:tuexen2016-01-161-4/+4
| | | | Fix and improve a debug message. The SID was reported as an SSN.
* MFC r285877:tuexen2016-01-161-1/+0
| | | | | | Move including netinet/icmp6.h around to avoid a problem when including netinet/icmp6.h and net/netmap.h. Both use ni_flags... This allows to build multistack with SCTP support.
* MFC r285837, r285838tuexen2016-01-164-9/+15
| | | | | | | Fix an issue with MAC OS locking and also optimize the case where we are sending back a stream-reset and a sack timer is running, in that case we should just send the SACK. Fix silly syntax error emacs chugged in for me.. gesh.
* MFC r285792:tuexen2016-01-167-63/+373
| | | | | | | | Fix several problems with Stream Reset. 1) We were not handling (or sending) the IN_PROGRESS case if the other side (or our side) was not able to reset (awaiting more data). 2) We would improperly send a stream-reset when we should not. Not waiting until the TSN had been assigned when data was inqueue.
* MFC r285237:tuexen2016-01-162-1/+3
| | | | Export the ssthresh value per SCTP path via the sysctl interface.
* o Fix SCTP ICMPv6 error message vulnerability. [SA-16:01.sctp]glebius2016-01-141-2/+4
| | | | | | | | | | | | | o Fix Linux compatibility layer incorrect futex handling. [SA-16:03.linux] o Fix Linux compatibility layer setgroups(2) system call. [SA-16:04.linux] o Fix TCP MD5 signature denial of service. [SA-16:05.tcp] o Fix insecure default bsnmpd.conf permissions. [SA-16:06.bsnmpd] Security: FreeBSD-SA-16:01.sctp, CVE-2016-1879 Security: FreeBSD-SA-16:03.linux, CVE-2016-1880 Security: FreeBSD-SA-16:04.linux, CVE-2016-1881 Security: FreeBSD-SA-16:05.tcp, CVE-2016-1882 Security: FreeBSD-SA-16:06.bsnmpd, CVE-2015-5677
* MFC: r292011hiren2016-01-112-8/+19
| | | | | | | MFC: r292012 Add an option to use rfc6675 based pipe/inflight bytes calculation in cubic and newreno.
* MFC: r292003hiren2016-01-113-13/+48
| | | | Improve tcp duplicate ack processing when SACK is present.
* MFC: r290122hiren2016-01-113-4/+40
| | | | | | | | | Calculate the correct amount of bytes that are in-flight for a connection as suggested by RFC 6675. MFC: r292046 r290122 added 4 bytes and removed 8 in struct sackhint. Add a pad entry of 4 bytes to restore the size.
* MFC r277938 (by hiren): make syncookie_mac() use 'tcp_seq irs' in computing ↵stas2016-01-081-0/+1
| | | | hash.
* MFC r292706:pkelsey2015-12-2811-19/+878
| | | | | | | | | | Implementation of server-side TCP Fast Open (TFO) [RFC7413]. TFO is disabled by default in the kernel build. See the top comment in sys/netinet/tcp_fastopen.c for implementation particulars. Differential Revision: https://reviews.freebsd.org/D4350 Sponsored by: Verisign, Inc.
* MFC r291579:ae2015-12-081-0/+10
| | | | | | | | | | | | | | | In the same way fix the problem described in r291578 for IGMPv3. In case when router has a lot of multicast groups, the reply can take several packets due to MTU limitation. Also we have a limit IGMP_MAX_RESPONSE_BURST == 4, that limits the number of packets we send in one shot. Then we recalculate the timer value and schedule the remaining packets for sending. The problem is that when we call igmp_v3_dispatch_general_query() to send remaining packets, we queue new reply in the same mbuf queue. And when number of packets is bigger than IGMP_MAX_RESPONSE_BURST, we get endless reply of IGMPv3 reports. To fix this, add the check for remaining packets in the queue.
* MFC r291301:fabient2015-12-021-1/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | The r241129 description was wrong that the scenario is possible only for read locks on pcbs. The same race can happen with write lock semantics as well. The race scenario: - Two threads (1 and 2) locate pcb with writer semantics (INPLOOKUP_WLOCKPCB) and do in_pcbref() on it. - 1 and 2 both drop the inp hash lock. - Another thread (3) grabs the inp hash lock. Then it runs in_pcbfree(), which wlocks the pcb. They must happen faster than 1 or 2 come INP_WLOCK()! - 1 and 2 congest in INP_WLOCK(). - 3 does in_pcbremlists(), drops hash lock, and runs in_pcbrele_wlocked(), which doesn't free the pcb due to two references on it. Then it unlocks the pcb. - 1 (or 2) gets wlock on the pcb, runs in_pcbrele_wlocked(), which doesn't report inp as freed, due to 2 (or 1) still helding extra reference on it. The thread tries to do smth with a disconnected pcb and crashes. Submitted by: emeric.poupon@stormshield.eu Reviewed by: glebius@ Sponsored by: Stormshield Tested by: Cassiano Peixoto, Stormshield
* MFC 290028:gnn2015-11-262-1/+6
| | | | | | | | | | | | | Turning on IPSEC used to introduce a slight amount of performance degradation (7%) for host host TCP connections over 10Gbps links, even when there were no secuirty policies in place. There is no change in performance on 1Gbps network links. Testing GENERIC vs. GENERIC-NOIPSEC vs. GENERIC with this change shows that the new code removes any overhead introduced by having IPSEC always in the kernel. Differential Revision: D3993 Sponsored by: Rubicon Communications (Netgate)
* MFC r289293hiren2015-10-291-2/+10
| | | | | | | | | | | | | Fix an unnecessarily aggressive behavior where mtu clamping begins on first retransmission timeout (rto) when blackhole detection is enabled. Make sure it only happens when the second attempt to send the same segment also fails with rto. Also make sure that each mtu probing stage (usually 1448 -> 1188 -> 524) follows the same pattern and gets 2 chances (rto) before further clamping down. Note: RFC4821 doesn't specify implementation details on how this situation should be handled.
* MFC r288914hiren2015-10-141-0/+10
| | | | Add a comment specifying how we implement rfc3042.
* MFC r287775:hselasky2015-10-081-1/+11
| | | | | | | | | | | | | | Update TSO limits to include all headers. To make driver programming easier the TSO limits are changed to reflect the values used in the BUSDMA tag a network adapter driver is using. The TCP/IP network stack will subtract space for all linklevel and protocol level headers and ensure that the full mbuf chain passed to the network adapter fits within the given limits. See r287775 for a more detailed description. Differential Revision: https://reviews.freebsd.org/D3477 Reviewed by: rmacklem
* MFC r287830hiren2015-10-021-1/+1
| | | | Remove unnecessary tcp state transition call.
* MFC r266310melifaro2015-09-181-0/+2
| | | | | | | | | | | | | | Fix wrong formatting of 0.0.0.0/X table records in ipfw(8). Add `flags` u16 field to the hole in ipfw_table_xentry structure. Kernel has been guessing address family for supplied record based on xent length size. Userland, however, has been getting fixed-size ipfw_table_xentry structures guessing address family by checking address by IN6_IS_ADDR_V4COMPAT(). Fix this behavior by providing specific IPFW_TCF_INET flag for IPv4 records. PR: bin/189471,kern/200169
* MFC r285669:kevlo2015-07-311-10/+11
| | | | | | | | | | | Since the IETF has redefined the meaning of the tos field to accommodate a set of differentiated services, set IPTOS_PREC_* macros using IPTOS_DSCP_* macro definitions. While here, add IPTOS_DSCP_VA macro according to RFC 5865. Differential Revision: https://reviews.freebsd.org/D3119 Reviewed by: gnn
* MFC 285325eri2015-07-291-1/+2
| | | | | | Correct issue presented in r285051 by properly initializing variable. Differential Revision: https://reviews.freebsd.org/D3036
* MFC r285051eri2015-07-291-17/+18
| | | | | | Avoid doing multiple route lookups for the same destination IP during forwarding. Differential Revision: https://reviews.freebsd.org/D2964
* Fix patch(1) shell injection vulnerability. [SA-15:14]delphij2015-07-283-42/+27
| | | | | | Fix resource exhaustion in TCP reassembly. [SA-15:15] Fix OpenSSH multiple vulnerabilities. [SA-15:16]
OpenPOWER on IntegriCloud