| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
| |
| |
| |
| |
| | |
This is mainly provided for debug aid and should not be used in common cases.
The fastforward sysctl is enabled by default.
|
| |\ \
| |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Loopback addresses are 127.0.0.0/8, not 127.0.0.1/32.
MFC r295668:
Improve the teardown of the SCTP stack.
MFC r295670:
Whitespace changes.
MFC r295708:
Address a warning reported by D5245 / PVS.
MFC r295709:
Code cleanup which will silence a warning in PVS / D5245.
MFC r295710:
Add protection code for issues reported by PVS / D5245.
MFC r295771:
Fix reporting of mapped addressed in getpeername() and getsockname() for
IPv6 SCTP sockets.
This bugs were found because of an issue reported by PVS / D5245.
MFC r295772:
Add some protection code.
MFC r295773:
Add protection code.
MFC r295805:
Use the SCTP level pointer, not the interface level.
MFC r295929:
Don't leak an address in an error path.
Approved by: re (marius)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
(r290383,295282,295283)"
We are keeping tryforward enabled on pfSense since we do not use IPFW +
NAT
This reverts commit b899cad3faf3673f41a3fcf021164dcd7ee19a7e.
|
| |\ \
| |/ |
|
| | |
| |
| |
| |
| |
| |
| | |
In the IPFW+NAT+divergent MTU case there is a bug in sening ICMP MTU updates.
Approved by: re (marius, gjb)
Sponsored by: Rubicon Communications (Netgate)
|
| |\ \
| |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since r256624 (head) we have been leaking routing table allocations
on vnet enabled jail shutdown. Call the provided cleanup
routines for IP versions 4 and 6 to plug these leaks.
Sponsored by: The FreeBSD Foundation
Reviewed by: gnn
Differential Revision:https://reviews.freebsd.org/D4530
Approved by: re (gjb)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The variable is write once only and not used.
Recover the vertical space.
Sponsored by: The FreeBSD Foundation
Obtained from: p4 CH=180830
Reviewed by: gnn, hiren
Differential Revision:https://reviews.freebsd.org/D4898
Approved by: re (marius, gjb)
|
| |\ \
| |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Replace the fastforward path with tryforward which does not require a
sysctl and will always be on. The former split between default and
fast forwarding is removed by this commit while preserving the ability
to use all network stack features.
Differential Revision: https://reviews.freebsd.org/D4042
Reviewed by: ae, melifaro, olivier, rwatson
Approved by: re (glebius)
Sponsored by: Rubicon Communications (Netgate)
|
| | |
| |
| |
| | |
This reverts commit 5e6268df600406a1570e822ac652576059d820e3.
|
| |\ \
| |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Always look in the TCP pool.
This fixes issues with a restarting peer when the listening
1-to-1 style socket is closed.
MFC r295021:
Remove debug output which was committed by accident.
Thanks to Oliver Pinter for reporting.
MFC r295069:
Ignore peer addresses in a consistent way also when checking for
new addresses during restart. If this is not done, restart doesn't
work when the local socket is IPv4 only and the peer uses
IPv4 and IPv6 addresses.
MFC r295070:
Don't change the remote UDP encapsulation port for SCTP packets
containing an INIT chunk.
MFC r295072:
Don't allow a remote encapsulation port change during the
SCTP restart procedure.
MFC r295075:
Update the path mtu when turning on/off UDP encapsulation for SCTP.
MFC r295077:
Add missing parentheses. This was reported by ccaughie via GitHub
for the userland stack.
Approved by: re (kib)
|
| | |
| |
| |
| |
| |
| | |
Persist timers TCPTV_PERSMIN and TCPTV_PERSMAX are hardcoded with 5 seconds and
60 seconds, respectively. Turn them into sysctls that can be tuned live. The
default values of 5 seconds and 60 seconds have been retained.
|
| |\ \
| |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
If bootverbose is enabled every vnet startup and virtual interface
creation will print extra lines on the console. We are generally not
interested in this (repeated) information for each VNET. Thus only
print it for the default VNET. Virtual interfaces on the base system
will remain printing information, but e.g. each loopback in each vnet
will no longer cause a "bpf attached" line.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix a bug in INIT handling on accepted 1-to-1 style sockets when the
listener is closed.
This fix allows the following packetdrill test to pass:
// Setup a connected, blocking 1-to-1 style socket
+0.0 socket(..., SOCK_STREAM, IPPROTO_SCTP) = 3
// Check the handshake with en empty(!) cookie
+0.0 bind(3, ..., ...) = 0
+0.0 listen(3, 1) = 0
+0.0 < sctp: INIT[flgs=0, tag=1, a_rwnd=1500, os=1, is=1, tsn=1]
+0.0 > sctp: INIT_ACK[flgs=0, tag=2, a_rwnd=..., os=..., is=..., tsn=1, ...]
+0.0 < sctp: COOKIE_ECHO[flgs=0, len=..., val=...]
+0.0 > sctp: COOKIE_ACK[flgs=0]
+0.0 accept(3, ..., ...) = 4
+0.0 close(3) = 0
// Inject an INIT chunk and expect an INIT-ACK
+0.0 < sctp: INIT[flgs=0, tag=3, a_rwnd=1500, os=1, is=1, tsn=1]
+0.0 > sctp: INIT_ACK[flgs=0, tag=..., a_rwnd=..., os=..., is=..., tsn=..., ...]
|
| | |
| |
| |
| |
| | |
Fail the SCTP_GET_ASSOC_NUMBER and SCTP_GET_ASSOC_ID_LIST
socket options for 1-to-1 style sockets as specified in RFC 6458.
|
| | |
| |
| |
| |
| | |
Store the timer type for logging, because the timer can be freed
during processing the timerout.
|
| | |
| |
| |
| |
| |
| |
| | |
Don't implicitly terminate a user message when moving it to the
send_queue and the socket is closed. This results in strange
race conditions for the application.
While there, remove a stray character.
|
| | |
| |
| |
| | |
Stop processing of a SACK when the association has been aborted.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Retire sctp_validate_no_locks().
This routine checks that there are no locks held for an inp,
without having any lock on the inp. This breaks if the inp
goes away when it is called. This happens on stress tests
on a RPi B+.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix the allocation of outgoing streams:
* When processing a cookie, use the number of
streams announced in the INIT-ACK.
* When sending an INIT-ACK for an existing
association, use the value from the association,
not from the end-point.
|
| | |
| |
| |
| |
| | |
Fix a bug where a stream reset request wasn't retranmitted when the
peer indicated "In progress".
|
| | |
| |
| |
| | |
Ensure that outgoing streams get reset when they run dry.
|
| | |
| |
| |
| | |
Minor cleanup. No functional change.
|
| | |
| |
| |
| |
| | |
Adjust the MTU when accepting an SCTP association using
UDP encapsulation.
|
| | |
| |
| |
| |
| | |
Take also the send queue and sent queue into account when triggering
the sending of outgoing stream reset requests.
|
| | |
| |
| |
| |
| |
| | |
When the sending of an SCTP outgoing stream reset request fails,
don't report it to the user since all stream have been marked
as pending.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
When receiving an SCTP/UDP packet and the interface performed
the UDP checksum computation and signals that it was OK,
clear this bit when passing the packet to SCTP. Since the
bits indicating a valid UDP checksum and a valid SCTP
checksum are the same, the SCTP stack would assume
that also an SCTP checksum check has been performed.
|
| | |
| |
| |
| |
| | |
Fix the handling of IPSec policies in the SCTP stack. At least
make sure they are not leaked...
|
| | |
| |
| |
| |
| | |
Revert part of r291137 which seems correct, bit does not fix the
resource problem I'm currently hunting down.
|
| | |
| |
| |
| | |
Clear the so_pcb pointer in case of ipsec_init_policy() fails.
|
| | |
| |
| |
| |
| |
| | |
Don't send SHUTDOWN chunk when the association is in a front state
and the applications calls shutdown(..., SHUT_WR) or
shutdown(..., SHUT_RDWR).
|
| | |
| |
| |
| |
| | |
Fix a bug where an SCTP association was moved back to SHUTDOWN_SENT
state when the user issued a shutdown() call.
|
| | |
| |
| |
| | |
Use the correct length. The wrong one was too large.
|
| | |
| |
| |
| |
| | |
The field sinfo_timetolive should have been sinfo_pr_value.
Thanks to Jens Hoelscher for making me aware of the bug.
|
| | |
| |
| |
| |
| |
| | |
Fix typos in field names of struct sctp_extrcvinfo.
Provide defines to allow applications to compile.
Thanks to Jens Hoelscher for making me aware of the typos.
|
| | |
| |
| |
| |
| |
| | |
When processing a cookie, any mismatch in port numbers or the vtag results
in failing the check.
This fixes https://github.com/nplab/ETSI-SCTP-Conformance-Testsuite/blob/master/sctp-imh-tests/sctp-imh-i-3-3.pkt
|
| | |
| |
| |
| |
| |
| |
| | |
Use __func__ instead of __FUNCTION__.
This allows to compile the userland stack without errors using gcc5.
Thanks to saghul for makeing me aware and providing the patch.
|
| | |
| |
| |
| |
| | |
Fix the timeout for INIT retransmissions in the case where RTO_MIN is
smaller than RTO_INITIAL.
|
| | |
| |
| |
| |
| | |
Fix compilation issue introduced in r287717.
Thanks to bz@ for making me aware of it.
|
| | |
| |
| |
| | |
Address a compile warning.
|
| | |
| |
| |
| |
| |
| | |
Cleanup the handling of error causes for ERROR chunks. This fixes
an inconsistency of the padding handling. The final padding is
now considered to be a chunk padding.
|
| | |
| |
| |
| |
| |
| |
| | |
Ensure that ERROR chunks are always padded by implementing this
in the routine, which queues an ERROR chunk, instead on relyinh
on the callers to do so. Since one caller missed this, this actially
fixes a bug.
|
| | |
| |
| |
| |
| |
| | |
RFC 4960 requires that packets containing an INIT chunk bundled with
another chunk are silently discarded. Do so, instead of sending an
ABORT.
|
| | |
| |
| |
| | |
Don't leak memory in an error case.
|
| | |
| |
| |
| | |
Add a NULL pointer check to silence the clang code analyzer.
|
| | |
| |
| |
| |
| | |
Fix a bug where two SHUTDOWN_ACK chunks were sent if a SHUTDOWN chunk was
received acking all outstanding data.
|
