Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/netinet Don't put segment on the wire if security reques...
details: https://anonhg.NetBSD.org/src/rev/66d04b240375
branches: trunk
changeset: 808384:66d04b240375
user: kefren <kefren%NetBSD.org@localhost>
date: Sat May 16 01:15:34 2015 +0000
description:
Don't put segment on the wire if security request can't be fulfilled
diffstat:
sys/netinet/tcp_output.c | 9 ++++++---
1 files changed, 6 insertions(+), 3 deletions(-)
diffs (30 lines):
diff -r 167c5bda10dd -r 66d04b240375 sys/netinet/tcp_output.c
--- a/sys/netinet/tcp_output.c Fri May 15 18:28:36 2015 +0000
+++ b/sys/netinet/tcp_output.c Sat May 16 01:15:34 2015 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: tcp_output.c,v 1.182 2015/04/27 16:50:17 christos Exp $ */
+/* $NetBSD: tcp_output.c,v 1.183 2015/05/16 01:15:34 kefren Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -135,7 +135,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: tcp_output.c,v 1.182 2015/04/27 16:50:17 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: tcp_output.c,v 1.183 2015/05/16 01:15:34 kefren Exp $");
#include "opt_inet.h"
#include "opt_ipsec.h"
@@ -1238,7 +1238,10 @@
*bp++ = TCPOPT_NOP;
*bp++ = TCPOPT_EOL;
optlen += 2;
- }
+ } else if ((tp->t_flags & TF_SIGNATURE) != 0) {
+ error = ECONNABORTED;
+ goto out;
+ }
#endif /* TCP_SIGNATURE */
hdrlen += optlen;
Home |
Main Index |
Thread Index |
Old Index