summaryrefslogtreecommitdiffstats
path: root/sys/netinet/tcp_input.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Kill #if __STDC__ used to do K&R vs. ANSI varargs/stdarg; just do thingsmillert2002-03-151-6/+1
| | | | the ANSI way.
* check tiflags instead of th as th might point to freed memory; pointed outprovos2002-03-091-25/+25
| | | | by wayne@stallion.oz.au; also whack register.
* use timeout(9) to schedule TCP timers. this avoid traversing allprovos2002-03-081-13/+15
| | | | tcp connections during tcp_slowtimo. apdapted from thorpej@netbsd.org
* disable immediate ack on TH_PUSH. make behaviour sysctl tuneable.provos2002-03-021-9/+20
| | | | | from netbsd; also fix a bug where setting TF_ACKNOW didn't actually result in an ack.
* remove tcp_fasttimo and convert delayed acks to the timeout(9) API instead.provos2002-03-011-3/+3
| | | | adapated from netbsd. okay angelos@
* allocate tcp reassembly queue via pool; based on netbsd; okay art@ angelos@provos2002-01-241-5/+5
|
* allocate sackholes with poolprovos2002-01-151-9/+9
|
* knfprovos2002-01-141-33/+26
|
* use macros to manage tcp timers; based on netbsdprovos2002-01-141-20/+20
|
* fix comment to make life easier for my special friend darren.provos2001-07-071-2/+2
|
* Make preprocessor happier, don't give it untasty tokens at end of input.espie2001-07-041-2/+2
| | | | Ok millert@
* Save tdb_remote_auth on the PCB on latching; also save information onangelos2001-06-241-1/+7
| | | | UDP PCB's if the socket is connected.
* Clear the checksum flags after verification. Also, don't countangelos2001-06-231-2/+4
| | | | checksum errors as hardware checksum packets as well.
* Keep stats on TCP/UDP hardware checksumming.angelos2001-06-231-4/+9
|
* TCP, UDP, IPv4 input hardware checksumming processing; also IPv4angelos2001-06-231-4/+7
| | | | | | | | | output hardware checksumming. Not tested yet, but should be done tonight. Remain to be solved: interactions with bridge, TCP/UDP output checksumming, interactions of TCP/UDP checksumming with routing changes.
* IPsec-related socket options; these can be set/removed/retrieved, butangelos2001-06-121-4/+10
| | | | are not taken into consideration in anything just yet.
* Cut down on include files.angelos2001-06-081-15/+1
|
* repair copyright notices for NRL & cmetz; cmetzderaadt2001-06-051-14/+38
|
* Also copy the authentication material to the new socket.angelos2001-05-271-5/+9
|
* Update pointers to IPsec-related PCB information when allocating newangelos2001-05-271-4/+33
| | | | | PCB; store information from the TDB to the PCB, if it's not initialized, so processed can eventually retrieve it.
* Use the new IPsec tags.angelos2001-05-271-2/+2
|
* Use packet tags instead of tdbi.angelos2001-05-201-7/+8
|
* Less verbose; angelos@ okaaron2001-05-121-3/+1
|
* Check m_pullup() and m_pullup2() return for NULL, not 0; itojun@ okaaron2001-05-111-3/+3
|
* Typo in comment.aaron2001-05-011-2/+2
|
* do not check ip_mtudisc on IPv6 TCP.itojun2001-04-041-10/+15
| | | | | with IPv6 TCP PMTUD is mandatory, compute mss size accordingly. sync with kame
* Allow tdbi's to appear in mbufs throughout the stack; this allowsangelos2001-03-281-52/+14
| | | | | | | | | security properties of the packets to be pushed up to the application (not done yet). Eventually, this will be turned into a packet attributes framework. Make sure tdbi's are free'd/cleared properly whenever drivers (or NFS) does weird things with mbufs.
* witch raw ip6 socket code from NRL to kame.itojun2001-02-081-3/+1
| | | | makes upgrades/code sharing much easier.
* more random tcp sequence numbers. okay deraadt@, angelos@provos2000-12-131-5/+6
|
* nuke #ifdef TCP6 (no longer supported).itojun2000-12-111-2/+2
| | | | | | | validate ICMPv6 too big messages (pmtud) based on pcb. we accept certain amount of non-validated ones, as IPv6 mandates ICMPv6 (so even for traffic from unconnected pcb, we need pmtud). sync with kame
* implement net.inet.tcp.rstppslimit. rate-limits outbound TCP RST trafficitojun2000-10-141-3/+21
| | | | to less than N per 1 second.
* nuke inp_flags bits for controlling IPv4 mapped address.itojun2000-10-111-8/+4
| | | | | we don't support IPv4 mapped address, and there are inconsistent bit manipulation code so it's safer to nuke them.
* on expiry of pmtu route, retry higher mtu. okay angelos@provos2000-09-251-3/+5
|
* Angelos you forgot this one !!chris2000-09-231-3/+3
|
* calculate maxopd at the right placeprovos2000-09-211-13/+13
|
* correctly calculate mssprovos2000-09-201-100/+110
|
* only free tdbi if IPSECderaadt2000-09-191-1/+3
|
* Lots and lots of changes.angelos2000-09-191-38/+66
|
* fix compilation problem on systems w/o inet6.fgsch2000-09-181-2/+5
|
* Path MTU discovery based on NetBSD but with the decision to use the DFprovos2000-09-181-39/+52
| | | | | flag delayed to ip_output(). That halves the code and reduces most of the route lookups. okay deraadt@
* various fixes to SACK and FACK from adesai@cisco.com, tomh@tomh.org andprovos2000-09-051-9/+19
| | | | osuga@mml.yrp.nttdocomo.co.jp
* be proactive about unspecified IPv6 source address. pcb layer usesitojun2000-07-271-1/+14
| | | | | | | | | | | | | | | | | | | unspecified address (::) to mean "unbounded" or "unconnected", and can be confused by packets from outside. use of :: as source is not documented well in IPv6 specification. not sure if it presents a real threat. the worst case scenario is a DoS against TCP listening socket: - outsider transmit TCP SYN with :: as IPv6 source - receiving side creates TCP control block with: local address = my addres remote address = :: (meaning "unconnected") state = SYN_RCVD note that SYN ACK will not be sent due to ip6_output() filter. this stays until it timeouts. - the TCP control block prevents listening TCP control block from being contacted (DoS).
* compute correct window scale when recvpipe option is set in route; basedprovos2000-07-111-4/+6
| | | | on diff from "Pete Kazmier" <pete@kazmier.com>
* be more cautious about tcp option length field. drop bogus ones earlier.itojun2000-07-091-2/+4
| | | | | not sure if there is a real threat or not, but it seems that there's possibility for overrun/underrun (like non-NOP option with optlen > cnt).
* Move domain.h above so this compiles again.fgsch2000-07-061-5/+2
| | | | Remove netinet.h within ifdef INET6; this is already included.
* - more icmp6/ip6 stats.itojun2000-07-061-2/+2
| | | | | | | | | - protect IPv6 ND from being hosed (due to neighbor unreachability detection hint) by wrong tcp traffic. still not sure if there's real attack, but it is good to be cautious. - avoid bitfield for router renumbering header decl. - implement packet-per-sec limitation for icmp6 errors, turn interval limit off (it is not very useful due to unix timer resolution).
* completely remove ipv4 mapped cases from tcp_input().itojun2000-07-061-197/+239
| | | | cleanup (indentation, v4-or-v6 conditions)
* more cleanup for IPv4 mapped address support. there seem to be someitojun2000-07-051-97/+72
| | | | | | | | | inconsistency in corner cases (from NRL I believe). todd (fries) and I have seen panic, with the following call chain: ip6_input -> tcp_input -> tcp_respond -> ip_input -> bang! more cleanups should be done, to decrease complexity. for example, INP_IPV6_MAPPED should be nuked.
* Add comment on input MSS calculation based on previous PMTUD results,angelos2000-05-151-1/+8
| | | | | as per TCP-imply IETF WG draft(s). The correct approach is to just use the relevant interface's MTU.
* actually m_adj tries to drop tcp header part. it is better toitojun2000-04-281-2/+2
| | | | | | touch tcp header before m_adj, than the other way around. (no behavior change with the current m_adj code, new code is safer against any future m_adj changes)
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.