upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-03-09 09:41:05 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/sys/netipsec
History
Kornel Dulęba 863871d369 ipsec: Improve validation of PMTU 
Currently there is no upper bound on the PMTU value that is accepted.
Update hostcache only if the new pmtu is smaller than the current entry
and the link MTU.

Approved by:	mw(mentor)
Sponsored by:	Stormshield
Obtained from:	Semihalf
Differential Revision: https://reviews.freebsd.org/D35872
2022-07-27 16:12:34 +02:00
..
ah.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
ah_var.h Migrate structs ahstat, espstat, ipcompstat, ipipstat, pfkeystat, 2013-07-09 10:08:13 +00:00
esp.h net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
esp_var.h Migrate structs ahstat, espstat, ipcompstat, ipipstat, pfkeystat, 2013-07-09 10:08:13 +00:00
ipcomp.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
ipcomp_var.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
ipsec.c ipsec: replace SECASVAR mtx by rmlock 2022-07-19 05:27:20 +02:00
ipsec.h ipsec: Check PMTU before sending a frame. 2021-08-13 09:22:24 +02:00
ipsec6.h ipsec: Add support for PMTUD for IPv6 tunnels 2021-09-24 10:27:21 +02:00
ipsec_input.c ipsec: Improve validation of PMTU 2022-07-27 16:12:34 +02:00
ipsec_mbuf.c Fix unused variable warning in ipsec_mbuf.c 2022-07-21 22:12:01 +02:00
ipsec_mod.c ipsec: Handle ICMP NEEDFRAG message. 2021-08-09 12:01:46 +02:00
ipsec_output.c ipsec_encap: setdf is only used for INET. 2022-04-13 16:08:21 -07:00
ipsec_pcb.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
ipsec_support.h ipsec: Handle ICMP NEEDFRAG message. 2021-08-09 12:01:46 +02:00
key.c Adjust function definitions in netipsec's key.c to avoid clang 15 warnings 2022-07-26 21:25:09 +02:00
key.h netipsec: use SYSINIT(9) instead of dom_init/dom_destroy 2022-01-03 10:15:21 -08:00
key_debug.c Fix unused variable warning in netipsec's key_debug.c 2022-07-26 21:25:09 +02:00
key_debug.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
key_var.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
keydb.h ipsec: replace SECASVAR mtx by rmlock 2022-07-19 05:27:20 +02:00
keysock.c netipsec: use SYSINIT(9) instead of dom_init/dom_destroy 2022-01-03 10:15:21 -08:00
keysock.h Remove obsoleted and unused key_sendup() function. 2018-03-11 18:03:55 +00:00
subr_ipsec.c ipsec: Handle ICMP NEEDFRAG message. 2021-08-09 12:01:46 +02:00
udpencap.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
xform.h Simplify IPsec transform-specific teardown. 2020-06-25 23:59:16 +00:00
xform_ah.c ipsec: replace SECASVAR mtx by rmlock 2022-07-19 05:27:20 +02:00
xform_esp.c ipsec: replace SECASVAR mtx by rmlock 2022-07-19 05:27:20 +02:00
xform_ipcomp.c ipsec: replace SECASVAR mtx by rmlock 2022-07-19 05:27:20 +02:00
xform_tcp.c syncache: accept packet with no SA when TCP_MD5SIG is set 2022-01-08 16:32:14 -09:00