Link [ NetBSD | NetBSD OpenGrok source search | PR fulltext-search | Summary of daily snapshot builds | history of daily build result | pkgsrc commit viewer ]


   
        usage: [branch:branch] [user:user] [path@revision] keyword [... [-excludekeyword [...]]] (e.g. branch:MAIN sys/arch/arm, if_wm.c@1.234 )


[ 1 ]


switch to index mode

recent branches: MAIN (21m)  netbsd-10 (30d)  netbsd-9 (30d)  netbsd-8 (35d) 

2024-06-15 20:24:43 UTC Now

2018-04-09 17:01:20 UTC netbsd-8 commitmail json YAML

src/sys/net/if_ipsec.c@1.3.2.5 / diff / nxr@1.3.2.5
src/sys/netipsec/ipsecif.c@1.1.2.6 / diff / nxr@1.1.2.6
src/sys/netipsec/ipsecif.h@1.1.2.3 / diff / nxr@1.1.2.3

Pull up following revision(s) (requested by knakahara in ticket #714):

sys/net/if_ipsec.c: revision 1.8 - 1.11
sys/netipsec/ipsecif.h: revision 1.2
sys/netipsec/ipsecif.c: revision 1.6,1.7

fix ipsec(4) encap_lock leak.

fix ipsecif(4) unmatch curlwp_bind.

fix ipsecif(4) stack overflow.

Add IPv4 ID when the ipsecif(4) packet can be fragmented. Implemented by hsuenaga@IIJ and ohishi@IIJ, thanks.
This modification reduces packet loss of fragmented packets on a
network where reordering occurs.

Alghough this modification has been applied, IPv4 ID is not set for
the packet smaller then IP_MINFRAGSIZE. According to RFC 6864, that
must not cause problems.

Fix unexpected failure when ipsecif(4) over IPv6 is changed port number only.
Here is an example of the operation which causes this problem.
    # ifconfig ipsec0 create link0
    # ifconfig ipsec0 tunnel fc00:1001::2,4500 fc00:1001::1,4501
    # ifconfig ipsec0 tunnel fc00:1001::2,4500 fc00:1001::1,4502

(martin)

[ 1 ]