summaryrefslogtreecommitdiffstats
path: root/sys/netinet/tcp_input.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* whitespaceitojun2002-06-091-119/+119
|
* avoid is_ipv6 construct. a step towards IPv4-less kernelitojun2002-06-071-5/+3
|
* no need for IPv4 mapped addr supportitojun2002-06-071-14/+6
|
* missing bzero! - now linklocal tcp works correctlyitojun2002-06-071-1/+3
|
* Socket-specific IPsec policy.angelos2002-05-311-28/+23
|
* attach nd_ifinfo structure to if_afdata.itojun2002-05-291-2/+2
| | | | | split IPv6 MTU (advertised by RA) from real link MTU. sync with kame
* bring in ECN support from KAME.kjc2002-05-161-4/+128
| | | | | | | | | | | | it consists of - ECN support in TCP - tunnel-egress and fragment reassembly rules in layer-3 not to lose congestion info at tunnel-egress and fragment reassembly to enable ECN in TCP, build a kernel with TCP_ECN, and then, turn it on by "sysctl -w net.inet.tcp.ecn=1". ok deraadt@
* drop TCP connections to broadcast address.itojun2002-03-191-6/+5
| | | | From: "Crist J. Clark" <cjclark@alum.mit.edu>
* Kill #if __STDC__ used to do K&R vs. ANSI varargs/stdarg; just do thingsmillert2002-03-151-6/+1
| | | | the ANSI way.
* check tiflags instead of th as th might point to freed memory; pointed outprovos2002-03-091-25/+25
| | | | by wayne@stallion.oz.au; also whack register.
* use timeout(9) to schedule TCP timers. this avoid traversing allprovos2002-03-081-13/+15
| | | | tcp connections during tcp_slowtimo. apdapted from thorpej@netbsd.org
* disable immediate ack on TH_PUSH. make behaviour sysctl tuneable.provos2002-03-021-9/+20
| | | | | from netbsd; also fix a bug where setting TF_ACKNOW didn't actually result in an ack.
* remove tcp_fasttimo and convert delayed acks to the timeout(9) API instead.provos2002-03-011-3/+3
| | | | adapated from netbsd. okay angelos@
* allocate tcp reassembly queue via pool; based on netbsd; okay art@ angelos@provos2002-01-241-5/+5
|
* allocate sackholes with poolprovos2002-01-151-9/+9
|
* knfprovos2002-01-141-33/+26
|
* use macros to manage tcp timers; based on netbsdprovos2002-01-141-20/+20
|
* fix comment to make life easier for my special friend darren.provos2001-07-071-2/+2
|
* Make preprocessor happier, don't give it untasty tokens at end of input.espie2001-07-041-2/+2
| | | | Ok millert@
* Save tdb_remote_auth on the PCB on latching; also save information onangelos2001-06-241-1/+7
| | | | UDP PCB's if the socket is connected.
* Clear the checksum flags after verification. Also, don't countangelos2001-06-231-2/+4
| | | | checksum errors as hardware checksum packets as well.
* Keep stats on TCP/UDP hardware checksumming.angelos2001-06-231-4/+9
|
* TCP, UDP, IPv4 input hardware checksumming processing; also IPv4angelos2001-06-231-4/+7
| | | | | | | | | output hardware checksumming. Not tested yet, but should be done tonight. Remain to be solved: interactions with bridge, TCP/UDP output checksumming, interactions of TCP/UDP checksumming with routing changes.
* IPsec-related socket options; these can be set/removed/retrieved, butangelos2001-06-121-4/+10
| | | | are not taken into consideration in anything just yet.
* Cut down on include files.angelos2001-06-081-15/+1
|
* repair copyright notices for NRL & cmetz; cmetzderaadt2001-06-051-14/+38
|
* Also copy the authentication material to the new socket.angelos2001-05-271-5/+9
|
* Update pointers to IPsec-related PCB information when allocating newangelos2001-05-271-4/+33
| | | | | PCB; store information from the TDB to the PCB, if it's not initialized, so processed can eventually retrieve it.
* Use the new IPsec tags.angelos2001-05-271-2/+2
|
* Use packet tags instead of tdbi.angelos2001-05-201-7/+8
|
* Less verbose; angelos@ okaaron2001-05-121-3/+1
|
* Check m_pullup() and m_pullup2() return for NULL, not 0; itojun@ okaaron2001-05-111-3/+3
|
* Typo in comment.aaron2001-05-011-2/+2
|
* do not check ip_mtudisc on IPv6 TCP.itojun2001-04-041-10/+15
| | | | | with IPv6 TCP PMTUD is mandatory, compute mss size accordingly. sync with kame
* Allow tdbi's to appear in mbufs throughout the stack; this allowsangelos2001-03-281-52/+14
| | | | | | | | | security properties of the packets to be pushed up to the application (not done yet). Eventually, this will be turned into a packet attributes framework. Make sure tdbi's are free'd/cleared properly whenever drivers (or NFS) does weird things with mbufs.
* witch raw ip6 socket code from NRL to kame.itojun2001-02-081-3/+1
| | | | makes upgrades/code sharing much easier.
* more random tcp sequence numbers. okay deraadt@, angelos@provos2000-12-131-5/+6
|
* nuke #ifdef TCP6 (no longer supported).itojun2000-12-111-2/+2
| | | | | | | validate ICMPv6 too big messages (pmtud) based on pcb. we accept certain amount of non-validated ones, as IPv6 mandates ICMPv6 (so even for traffic from unconnected pcb, we need pmtud). sync with kame
* implement net.inet.tcp.rstppslimit. rate-limits outbound TCP RST trafficitojun2000-10-141-3/+21
| | | | to less than N per 1 second.
* nuke inp_flags bits for controlling IPv4 mapped address.itojun2000-10-111-8/+4
| | | | | we don't support IPv4 mapped address, and there are inconsistent bit manipulation code so it's safer to nuke them.
* on expiry of pmtu route, retry higher mtu. okay angelos@provos2000-09-251-3/+5
|
* Angelos you forgot this one !!chris2000-09-231-3/+3
|
* calculate maxopd at the right placeprovos2000-09-211-13/+13
|
* correctly calculate mssprovos2000-09-201-100/+110
|
* only free tdbi if IPSECderaadt2000-09-191-1/+3
|
* Lots and lots of changes.angelos2000-09-191-38/+66
|
* fix compilation problem on systems w/o inet6.fgsch2000-09-181-2/+5
|
* Path MTU discovery based on NetBSD but with the decision to use the DFprovos2000-09-181-39/+52
| | | | | flag delayed to ip_output(). That halves the code and reduces most of the route lookups. okay deraadt@
* various fixes to SACK and FACK from adesai@cisco.com, tomh@tomh.org andprovos2000-09-051-9/+19
| | | | osuga@mml.yrp.nttdocomo.co.jp
* be proactive about unspecified IPv6 source address. pcb layer usesitojun2000-07-271-1/+14
| | | | | | | | | | | | | | | | | | | unspecified address (::) to mean "unbounded" or "unconnected", and can be confused by packets from outside. use of :: as source is not documented well in IPv6 specification. not sure if it presents a real threat. the worst case scenario is a DoS against TCP listening socket: - outsider transmit TCP SYN with :: as IPv6 source - receiving side creates TCP control block with: local address = my addres remote address = :: (meaning "unconnected") state = SYN_RCVD note that SYN ACK will not be sent due to ip6_output() filter. this stays until it timeouts. - the TCP control block prevents listening TCP control block from being contacted (DoS).
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.