Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
03bb22c3ac
NetBSD/sys/netipsec
History
maxv 03bb22c3ac Fix a pretty bad mistake, that has always been there. 
m_adj(m1, -(m1->m_len - roff));
		if (m1 != m)
			m->m_pkthdr.len -= (m1->m_len - roff);

This is wrong: m_adj will modify m1->m_len, so we're using a wrong value
when manually adjusting m->m_pkthdr.len.

Because of that, it is possible to exploit the attack I described in
uipc_mbuf.c::rev1.182. The exploit is more complicated, but works 100%
reliably.
2018-04-17 09:06:33 +00:00
..
ah_var.h Remove unused. 2018-02-16 10:07:07 +00:00
ah.h
esp_var.h Redo the statistics through an indirection array and put the definitions 2017-04-13 16:38:31 +00:00
esp.h
files.netipsec add ipsec(4) interface, which is used for route-based VPN. 2018-01-10 10:56:30 +00:00
ipcomp_var.h Redo the statistics through an indirection array and put the definitions 2017-04-13 16:38:31 +00:00
ipcomp.h
ipip_var.h
ipsec6.h Dedup: merge ipsec4_set_policy and ipsec6_set_policy. The content of the 2018-02-27 15:01:30 +00:00
ipsec_input.c Introduce a m_verify_packet function, that verifies the mbuf chain of a 2018-04-15 07:35:49 +00:00
ipsec_mbuf.c Fix a pretty bad mistake, that has always been there. 2018-04-17 09:06:33 +00:00
ipsec_netbsd.c Merge some minor (mostly stylistic) changes from last week. 2018-02-26 06:17:01 +00:00
ipsec_output.c Call m_pullup earlier, fixes one branch. 2018-03-05 11:50:25 +00:00
ipsec_private.h Remove unused macros, and while here style. 2018-02-28 11:19:49 +00:00
ipsec_var.h
ipsec.c Remove ipsec_copy_policy and ipsec_copy_pcbpolicy. No functional change, 2018-04-03 09:03:59 +00:00
ipsec.h Remove ipsec_copy_policy and ipsec_copy_pcbpolicy. No functional change, 2018-04-03 09:03:59 +00:00
ipsecif.c Fix unexpected failure when ipsecif(4) over IPv6 is changed port number only. 2018-04-06 10:38:53 +00:00
ipsecif.h Fix unexpected failure when ipsecif(4) over IPv6 is changed port number only. 2018-04-06 10:38:53 +00:00
key_debug.c - sanitize key debugging so that we don't print extra newlines or unassociated 2017-09-28 17:21:42 +00:00
key_debug.h - sanitize key debugging so that we don't print extra newlines or unassociated 2017-09-28 17:21:42 +00:00
key_var.h
key.c Fix panic of SADB when the state of sav is changed in timeout 2018-04-17 04:22:58 +00:00
key.h add ipsec(4) interface, which is used for route-based VPN. 2018-01-10 10:56:30 +00:00
keydb.h Added a lookup table to find an sav quickly 2018-04-16 08:56:08 +00:00
keysock.c socket: report receive buffer overflows 2018-03-19 16:26:25 +00:00
keysock.h Let PF_KEY socks hold their own lock instead of softnet_lock 2017-07-27 09:53:57 +00:00
Makefile add ipsec(4) interface, which is used for route-based VPN. 2018-01-10 10:56:30 +00:00
xform_ah.c Remove dead code. 2018-04-16 17:32:34 +00:00
xform_esp.c Add [ah/esp/ipcomp]_enable sysctls, and remove the FreeBSD #ifdefs. 2018-02-16 09:24:55 +00:00
xform_ipcomp.c Fix the computation. Normally that's harmless since ip6_output recomputes 2018-03-10 17:48:32 +00:00
xform_ipip.c Remove broken MROUTING code, rename ipo->ip4, and simplify. 2018-02-15 10:41:51 +00:00
xform_tcp.c Add XXX, it seems to me we need to free the mbuf here. 2018-02-26 06:41:27 +00:00
xform.h Style, remove unused and misleading macros and comments, localify, and 2018-02-16 15:18:41 +00:00