summaryrefslogtreecommitdiffstats
path: root/sys/netinet/tcp_input.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Allow to adjust tcp_syn_use_limit with sysctl net.inet.tcp.synuselimit.bluhm2016-03-291-9/+2
| | | | | | | | This is convenient to test the feature and may be useful to defend against syn flooding in a denial of service condition. It is consistent to the existing syn cache sysctls. Move some declarations to tcp_var.h to access the syn cache sets from tcp_sysctl(). OK mpi@
* To prevent attacks on the hash buckets of the syn cache, our TCPbluhm2016-03-271-49/+78
| | | | | | | | | | | stack reseeds the hash function every time the cache is empty. Unfortunatly the attacker can prevent the reseeding by sending unanswered SYN packes periodically. Fix this by having an active syn cache that gets new entries and a passive one that is idling out. When the passive one is empty and the active one has been used 100000 times, they switch roles and the hash function is reseeded with new random. tedu@ agrees; OK mpi@
* Add a tcps_sc_seedrandom counter in TCP SYN cache and netstat -s.bluhm2016-03-211-2/+4
| | | | | | This shows how often the hash function is reseeded and the random bucket distribution changes. OK mpi@ claudio@
* Sync no-argument function declaration and definition by adding (void).naddy2016-03-071-2/+2
| | | | ok mpi@ millert@
* fix a missing if_put() in the default af path of tcp_mss()jsg2016-01-221-3/+3
| | | | ok mpi@
* upgrade tcp/ip to use the latest in C89 technology: memcpy.tedu2015-12-051-17/+16
| | | | ok henning
* To avoid that the stack manipules the pf statekeys directly, introducebluhm2015-12-031-23/+4
| | | | | | | | | pf_inp_...() lookup, link and unlink functions as an interface. Locking can be added to them later. Remove the first linking at the beginning of tcp_input() and udp_input() as it is not necessary. It will be done later anyway. That code was a relict, from the time before I had added the second linking. Input from mikeb@ and sashan@; OK sashan@
* Fix an hypotetical NULL dereference which might become true once the TCPmpi2015-11-291-9/+5
| | | | | | layer will be turned mpsafe. We're not there yet. Reported by David Hill, ok florian@
* Make use if_get() and get rid of rt_ifp.mpi2015-11-201-5/+4
| | | | Tested by and ok sthen@, ok visa@
* Change nd6_nud_hint() to no longer manipulate rt_ifp directly.mpi2015-11-061-5/+4
| | | | | | | While here remove unused argument and convert the route check to rtisvalid(9). ok bluhm@
* Remove linkmtu and maxmtu from struct nd_ifinfo. IN6_LINKMTU can nowflorian2015-10-281-12/+3
| | | | | die and ifp->if_mtu is the one true mtu. Suggested by and OK mpi@
* Ignore Router Advertisment's current hop limit.mpi2015-10-241-3/+2
| | | | | | | | Appart from the usual inet6 axe murdering exercise to keep you fit, this allows us to get rid of a lot of layer violation due to the use of per- ifp variables to store the current hop limit. Imputs from bluhm@, ok phessler@, florian@, bluhm@
* Kill yet another argument to functions in IPv6. This time ip6_output'sclaudio2015-09-111-2/+2
| | | | | | | ifpp - XXX: just for statistics ifpp is always NULL in all callers so that statistic confirms ifpp is dying OK mpi@
* Only half of the IPv6 source address was used as input for the synbluhm2015-09-101-11/+11
| | | | | | | cache hash. That makes it trivial to create syn cache collisions. Take the full address, xor it with random data and put it into the hash function. OK markus@
* if_put added to the if_get calls. Reshuffle some code to make this easier.claudio2015-09-101-10/+22
| | | | OK dlg@
* The syn cache is completely implemented in tcp_input.c. So all itsbluhm2015-08-271-1/+8
| | | | | global variables should also live there. OK markus@
* Set the required IPL at the syn-cache pool instead of doing abluhm2015-08-241-10/+5
| | | | | | | splsoftnet() explicitly. The function syn_cache_lookup() is always called at IPL_SOFTNET so a splsoftassert() is better than a needless splsoftnet(). OK markus@ dlg@
* Rename the syn cache counter into tcp_syn_cache_count to have thebluhm2015-08-241-7/+9
| | | | | | | | same prefix for all variables. Convert the counter type to int, the limit is also int. Before searching the cache, check that it is not empty. Do not access the counter outside of the syn cache from tcp_ctlinput(), let the syn_cache_lookup() function handle it. OK dlg@
* Use foreach queue macros in tcp syn cache.bluhm2015-08-131-6/+3
| | | | OK markus@
* In tcp syn cache convert the struct sockaddr casts to satosin()bluhm2015-08-131-13/+12
| | | | | | inline functions. They have the advantage to check the old type before casting. OK dlg@
* Expand ancient NTOHL/NTOHS/HTONS/HTONL macros.mpi2015-07-161-10/+10
| | | | ok guenther@, henning@
* m_freem() can handle NULL, do not check for this condition beforehands.deraadt2015-07-151-9/+5
| | | | ok stsp mpi
* Make KASSERT in tcp_input() less strict, tcpcb may be NULL.bluhm2015-07-101-2/+2
| | | | OK deraadt@
* Remove unused arguments and the associated code from nd6_nud_hint().mpi2015-07-091-2/+2
| | | | ok claudio@
* Store a unique ID, an interface index, rather than a pointer to thempi2015-06-161-6/+7
| | | | | | | | | | | | | | | receiving interface in the packet header of every mbuf. The interface pointer should now be retrieved when necessary with if_get(). If a NULL pointer is returned by if_get(), the interface has probably been destroy/removed and the mbuf should be freed. Such mechanism will simplify garbage collection of mbufs and limit problems with dangling ifp pointers. Tested by jmatthew@ and krw@, discussed with many. ok mikeb@, bluhm@, dlg@
* Introduce unhandled_af() for cases where code conditionally doesjsg2015-06-071-3/+5
| | | | | | | | | | | something based on an address family and later assumes one of the paths was taken. This was initially just calls to panic until guenther suggested a function to reduce the amount of strings needed. This reduces the amount of noise with static analysers and acts as a sanity check. ok guenther@ bluhm@
* Replace a bunch of == 0 with == NULL in pointer tests. Nuke somekrw2015-06-071-21/+21
| | | | | | | annoying trailing, leading and embedded whitespace. No change to .o files. ok deraadt@
* test mbuf pointers against NULL not 0jsg2015-05-131-2/+2
| | | | ok krw@ miod@
* remove unfinished/unused support for socket-attached ipsec-policiesmarkus2015-04-161-29/+1
| | | | ok mikeb
* Remove support for storing credentials and auth information in the kernel.mikeb2015-04-141-22/+1
| | | | | | | | | This code is largely unfinished and is not used for anything. The change leaves identities as only objects referenced by ipsec_ref structure and their handling requires some changes to support more advanced matching of IPsec connections. No objections from reyk and hshoexer, with and OK markus.
* Count dropped SYN packets on the tcpstat. They are dropped due to theyasuoka2015-02-081-2/+4
| | | | | | listen queue (backlog) limit or the memory shortage in syn-cache. ok henning reyk claudio
* unifdef INET in net code as a precursor to removing the pretend option.tedu2014-12-191-13/+1
| | | | | long live the one true internet. ok henning mikeb
* Explicitly include <net/if_var.h> instead of pulling it in <net/if.h>.mpi2014-12-051-1/+2
| | | | ok mikeb@, krw@, bluhm@, tedu@
* In TCP and UDP layers do not (ab)use the receiving interface to checkmpi2014-11-201-6/+1
| | | | | | | | | | | for a multicast/broadcast destination address. These checks have already been done in the Ethernet and IP layers and the mbuf(9) should contain all the required information at this point. But since we cannot trust this spaghetti stack, be paranoid and make sure to set the flags in the IP input routines. Use explicit comments, requested by deraadt@. ok claudio@
* move arc4random prototype to systm.h. more appropriate for most codetedu2014-11-181-3/+1
| | | | to include that than rdnvar.h. ok deraadt dlg
* Remove "pl" suffix on pool names.mpi2014-11-041-2/+2
| | | | ok dlg@, uebayasi@, mikeb@
* Fix indentation of closing brace.bluhm2014-10-241-2/+2
| | | | From Florian Riehm
* Use rtfree() instead of RTFREE(), NULLify some free'd route pointers andmpi2014-10-141-3/+5
| | | | | | kill the macro. ok mikeb@, henning@
* Remove #ifdef SO_OOBINLINE, it is always defined.bluhm2014-10-081-6/+3
| | | | OK henning@
* Fewer <netinet/in_systm.h> !mpi2014-07-221-2/+1
|
* There is a use-after-free somewhere in the code that links the pfbluhm2014-07-111-2/+5
| | | | | | state to the socket pcb. Add an additional assert to narrow down the panics. OK henning@
* Kill in_localaddr(), one less usage of the global list of IPv4 addresses.mpi2014-04-251-11/+8
| | | | | | | | | | This function is used only once in our tree to optimize the size of the MSS if the forward address correspond to a host on one of our subnets, but only if ip.mutdisc is disable, which is not the default! While here get rid of the "#ifdef RTV_MTU", it is here. ok henning@, mikeb@, bluhm@
* ip_output() using varargs always struck me as bizarre, esp since it's onlyhenning2014-04-211-2/+2
| | | | | | ever used to pass on uint32 (for ipsec). stop that madness and just pass the uint32, 0 in all cases but the two that pass the ipsec flowinfo. ok deraadt reyk guenther
* we'll do fine without casting NULL to struct foo * / void *henning2014-04-211-4/+3
| | | | ok gcc & md5 (alas, no binary change)
* "struct pkthdr" holds a routing table ID, not a routing domain one.mpi2014-04-141-11/+11
| | | | | | | | | | | | | | Avoid the confusion by using an appropriate name for the variable. Note that since routing domain IDs are a subset of the set of routing table IDs, the following idiom is correct: rtableid = rdomain But to get the routing domain ID corresponding to a given routing table ID, you must call rtable_l2(9). claudio@ likes it, ok mikeb@
* clearing the _CSUM_IN_OK flags is now utterly pointless, was only done forhenning2014-01-241-4/+2
| | | | statistics sideeffects before. ok lteo naddy
* since the cksum rewrite the counters for hardware checksummed packetshenning2014-01-231-5/+4
| | | | | | | | | | are are lie, since the software engine emulates hardware offloading and that is later indistinguishable. so kill the hw cksummed counters. introduce software checksummed packet counters instead. tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum. as before we still have a miscounting bug for inbound with pf on, to be fixed in the next step. found by, prodding & ok naddy
* Propagate an rdomain number to the nd6_lookup independently frommikeb2014-01-071-2/+3
| | | | | the ifp pointer which can be NULL. This prevents a crash reported by David Hill <dhill at mindcry ! org>. OK bluhm
* Put a large chunk of the IPv6 rdomain support in-tree.phessler2013-10-201-3/+5
| | | | | | Still some important missing pieces, and this is not yet enabled. OK bluhm@
* In one core dump the pointers to socket, inpcb, tcpcb on the stackbluhm2013-09-061-1/+3
| | | | | | | | | | | | | of tcp_input() and tcp_output() were very inconsistent. Especially the so->so_pcb is NULL which can only happen after the inp has been detached. The whole issue looks similar to the old panic: pool_do_get(inpcbpl): free list modified. http://marc.info/?l=openbsd-bugs&m=132630237316970&w=2 To get more information, add some asserts that guarantee the consistency of the socket, inpcb, tcpcb linking. They should trigger when an inp is taken from the pcb hashes after it has been freed. OK henning@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.