Module Name: src
Committed By: martin
Date: Mon Feb 26 13:10:52 UTC 2018
Modified Files:
src/sys/netipsec [netbsd-8]: xform_ah.c xform_esp.c xform_ipcomp.c
Log Message:
Pull up following revision(s) (requested by ozaki-r in ticket #587):
sys/netipsec/xform_ipcomp.c: revision 1.54-1.56
sys/netipsec/xform_ah.c: revision 1.78,1.79(patch),1.82-1.84
sys/netipsec/xform_esp.c: revision 1.74-1.76
Fix mbuf leaks on error paths
Dedup common codes in error paths (NFCI)
Don't relook up an SP/SA in opencrpyto callbacks
We don't need to do so because we have a reference to it. And also
relooking-up one there may return an sp/sav that has different
parameters from an original one.
Fix kernel panic (assertion failure) on receiving an IPv6 packet with large
options
If an IPv6 packet has large options, a necessary space for evacuation can
exceed the expected size (ah_pool_item_size). Give up using the pool_cache
if it happens.
Style.
Commonalize error paths (NFC)
Fix buffer overflow on sending an IPv6 packet with large options
If an IPv6 packet has large options, a necessary space for evacuation can
exceed the expected size (ah_pool_item_size). Give up using the pool_cache
if it happens.
Pointed out by maxv@
To generate a diff of this commit:
cvs rdiff -u -r1.54.2.3 -r1.54.2.4 src/sys/netipsec/xform_ah.c
cvs rdiff -u -r1.55.2.1 -r1.55.2.2 src/sys/netipsec/xform_esp.c
cvs rdiff -u -r1.38.2.1 -r1.38.2.2 src/sys/netipsec/xform_ipcomp.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
