In article <20180407090627.20058FBEE%cvs.NetBSD.org@localhost>,
Maxime Villard <source-changes-d%NetBSD.org@localhost> wrote:
-=-=-=-=-=-
Module Name: src
Committed By: maxv
Date: Sat Apr 7 09:06:27 UTC 2018
Modified Files:
src/sys/net/npf: npf_inet.c
Log Message:
Rewrite npf_fetch_tcpopts:
* Instead of doing several nbuf_advance/nbuf_ensure_contig and
playing with gotos, fetch the TCP options only once, and iterate over
the (safe) area. The code is similar to tcp_dooptions.
* When handling TCPOPT_MAXSEG and TCPOPT_WINDOW, ensure the length is
the one we're expecting. If it isn't, then skip the option. This
wasn't done before, and not doing it allowed a packet to bypass the
max-mss clamping procedure. Discussed on tech-net@.
This seems to break
cvs -d cvs.netbsd.org:/cvsroot diff, with write via ssh returning
ENETUNREACH.
christos