peter
a3fa0e8e3f
Initialize h4 and h6 to NULL.
...
Fixes a panic reported by Mipam on -current-users.
2006-05-23 22:24:32 +00:00
christos
a75306c3a4
Fix strict aliasing issues and while I am here fix a memory leak on error
2006-05-21 04:30:03 +00:00
elad
fc9422c9d9
integrate kauth.
2006-05-14 21:31:52 +00:00
christos
ca0ec852e6
XXX: GCC uninitialized
2006-05-14 03:40:02 +00:00
martti
0f3d8a43c2
Make sure IPF can correctly pullup short headers. Patch received from
...
darrenr@. This fixes kern/33423.
2006-05-11 07:37:09 +00:00
mrg
84ab62db88
quell GCC 4.1 uninitialised variable warnings.
...
XXX: we should audit the tree for which old ones are no longer needed
after getting the older compilers out of the tree..
2006-05-11 01:08:38 +00:00
mrg
1e7e4f5c0c
caddr_t -> u_char *, to match the variable type
2006-05-11 01:08:19 +00:00
mrg
5755809507
- include <sys/selinfo.h> on BSD, for ipfselwait[].
...
- mask off the bits that don't fit in IP_HL_A().
2006-05-11 01:07:01 +00:00
mrg
084c052803
quell GCC 4.1 uninitialised variable warnings.
...
XXX: we should audit the tree for which old ones are no longer needed
after getting the older compilers out of the tree..
2006-05-10 21:53:14 +00:00
darrenr
0df9b5fe68
ipf -Z returns junk and/or can cause a panic (seen on solaris.)
2006-04-18 12:40:49 +00:00
darrenr
b817a6b4f0
This change corrects what 1.6 tried to do. This feels like a coverity fix
...
for a code path that should never actually happen (fr_newauth() should only
be called for auth rules - i.e. when fin_fr != NULL. If it is possible to
call fr_newauth() with fin_fr == NULL then this change introduces a
regression compared to prior importing of 4.1.13.
2006-04-15 13:58:43 +00:00
garbled
2355e5cd00
Fix a typo. fin->fin->fr should be fin->fin_fr
2006-04-14 04:32:26 +00:00
christos
0a1c2ab0b8
Coverity CID 2855: If fin->fin_fr is NULL, return 0, don't crash.
2006-04-13 18:59:58 +00:00
kochi
62f4a841c7
Fix return without free (resource leakage).
...
Detected by Coverity (CID 2309).
2006-04-13 08:43:17 +00:00
kochi
656c03f555
This is better fix than the previous commit for
...
saner cleanup path.
2006-04-13 07:31:29 +00:00
kochi
691e781111
Fix usage after free of NextWalkState.
...
Closes Coverity CID 2672 and this is reported to intel people.
2006-04-13 07:21:20 +00:00
cube
7db196715b
Protect config(1)-generated include files inclusion with
...
#ifdef _KERNEL_OPT. ACPI-CA might be used by standalone code in the
future. Suggested by cherry@.
2006-04-07 13:49:20 +00:00
martti
7967220333
Removed BROKEN_TCP_WINDOW_CHECK hack.
2006-04-04 16:19:05 +00:00
martti
9ea58d54bc
Upgraded IPFilter to 4.1.13
2006-04-04 16:17:18 +00:00
kochi
ec7315b11c
Moved from sys/dev/acpi/acpica/Subsystem.
...
suggested by cube.
2006-03-23 13:36:31 +00:00
christos
5a57baa413
don't use MALLOC with a non-constant size; use malloc instead.
2006-03-17 23:29:07 +00:00
lukem
a1f606d3fd
Use the SI capitalization for "Hz", "kHz", and "MHz" in comments and strings.
...
Add a space between numbers and Hz unit.
2006-03-08 23:46:22 +00:00
peter
8f83cde4e3
Fix TCP/UDP checksum handling as pointed out by Daniel Hartmeier in:
...
http://mail-index.netbsd.org/tech-net/2006/01/21/0000.html .
Problem reported and patch tested by der Mouse & Nino Dehne (PR/32874).
2006-02-19 12:15:33 +00:00
rpaulo
99513cfd59
In pf_socket_lookup() fix copy & paste problem when in6_pcblookup_bind()
...
returns NULL.
2006-02-07 22:53:03 +00:00
peter
10f6d07582
apply a fix from OpenBSD:
...
> revision 1.104
> date: 2006/01/18 22:03:21; author: dhartmei; state: Exp; lines: +2 -2
> fix a bug in the fragment cache (used for 'scrub fragment crop/drop-ovl',
> but not 'fragment reassemble'), which can cause some fragments to get
> inserted into the cache twice, thereby violating an invariant, and panic-
> ing the system subsequently. ok deraadt@
2006-01-25 10:45:20 +00:00
peter
5d1968b1c0
Include netinet/in.h, for compatibility with OpenBSD (we #ifdef'ed out a
...
header which includes netinet/in.h on OpenBSD).
Pointed out by Thomas E. Spanjaard.
No objection from yamt@.
2006-01-17 12:24:53 +00:00
christos
97dec287fc
make the kernel link without options INET.
...
XXX: this is of dubious use.
2005-12-28 09:29:48 +00:00
christos
08e11b2039
make this compile with no INET options.
2005-12-28 09:05:54 +00:00
christos
95e1ffb156
merge ktrace-lwp.
2005-12-11 12:16:03 +00:00
christos
a751ffb4fe
Adjust for icmp_error signature.
2005-10-23 19:40:20 +00:00
yamt
3a2482b78f
fr_check_wrapper6: handle M_CSUM_TCPv6|M_CSUM_UDPv6.
2005-08-11 13:01:38 +00:00
yamt
bbfb2033ff
pfil6_wrapper: handle M_CSUM_TCPv6|M_CSUM_UDPv6.
2005-08-11 13:01:24 +00:00
yamt
d6d72a6dc9
wrap INET only code by #if defined(INET). (in __NetBSD__ part)
2005-08-06 11:22:39 +00:00
peter
84fa01a154
pf_test() can set *mp to NULL, check for this before de-referencing it.
...
From Akihiro Sagawa in PR/30835.
2005-07-26 13:09:23 +00:00
christos
b132d4d5fd
Fix typo
2005-07-10 09:22:56 +00:00
christos
4a35068121
Small correction to skd's patch from darren.
2005-07-10 05:49:38 +00:00
christos
20dd96aff1
Don't drop fragments that are smalled than the ip header size. From skd
2005-07-09 14:51:11 +00:00
peter
9710741485
Resolve conflicts (pf from OpenBSD 3.7, kernel part).
2005-07-01 12:37:34 +00:00
lukem
fd8956d5fa
Use an "XXXGCC -Wuninitalized" style that is consistent with that used
...
elsewhere in the tree.
2005-06-15 01:48:20 +00:00
jmc
6724401235
Cleanup XXGCC in a few places to make it easier to see.
2005-06-14 21:20:30 +00:00
jmc
c3073778d2
Fix unitialized warnings that only crop up on m68k. XXGCC taggedd
2005-06-13 20:33:53 +00:00
darrenr
4e1ba8b46a
bin/29508 - fix "ipf -T" - kernel wasn't setting ipft_cookie and userland
...
was expecting it to be set, thus ignored it.
bin/29509 - because ipft_cookie wasn't reset to 0 before making the ioctl
call for each variable, only the first name to find was used, each successive
call just used the cookie.
CVn: ----------------------------------------------------------------------
2005-06-11 12:31:40 +00:00
darrenr
e5f523e30c
Using USE_SPL should be done after the last place it is defined.
2005-06-11 12:12:59 +00:00
darrenr
486aaa2c70
kern/30082 - fr_check() is missing SPL_NET() macros for non-mutex using
...
platforms, allowing it to be preempted and restarted in an inconsistent
state.
2005-06-11 11:25:28 +00:00
yamt
656adb750b
pf_reassemble: clear stale csum_flags.
2005-06-08 11:50:46 +00:00
christos
f9aeac0ab7
- sprinkle const
...
- avoid variable shadowing.
2005-05-29 21:57:49 +00:00
christos
966656bbac
more fallout from so_uid -> so_uidinfo.
2005-05-07 19:59:56 +00:00
martti
58b8abcbf8
Upgraded IPFilter to 4.1.8
2005-04-03 15:05:30 +00:00
martti
c775aec128
Import IPFilter 4.1.8
2005-04-03 15:01:04 +00:00
christos
3136f75efa
defopt IPFILTER_DEFAULT_BLOCK
2005-03-26 18:08:42 +00:00