Subject: possible bug in ip_forward() looking up MTU on a tunnel after EMSGSIZE
To: None <tech-kern@NetBSD.ORG>
From: David Waitzman <djw@bbn.com>
List: tech-kern
Date: 06/07/2002 08:26:59
This is a multi-part message in MIME format.
--------------040902010803000904050005
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
The following code, with my patch, is from the netbsd 1.5 branch's
netinet/ip_input.c:ip_forward(). It is how ip_forward() handles an error
from ip_output() that the packet has an sp policy, the DF bit set and is too
large for the tunnel's MTU. This code may have a bug in looking up
ro->ro_rt->rt_ifp->if_mtu' and not looking at the per-route MTU in reentry's
rt_rmx.
(In case of bad line wrapping, it is included inline and as an attachment.)
thanks,
-david waitzman
(the rcs ids are bogus because we imported netbsd into our own tree)
Index: ip_input.c
===================================================================
RCS file: netbsd/src/sys/netinet/ip_input.c,v
retrieving revision 1.1.1.1
diff -c -r1.1.1.1 ip_input.c
*** ip_input.c 2002/05/10 01:51:02 1.1.1.1
--- ip_input.c 2002/06/06 18:42:03
***************
*** 1585,1592 ****
&& sp->req->sav->sah != NULL) {
ro = &sp->req->sav->sah->sa_route;
if (ro->ro_rt && ro->ro_rt->rt_ifp) {
! dummyifp.if_mtu =
! ro->ro_rt->rt_ifp->if_mtu;
dummyifp.if_mtu -= ipsechdr;
destifp = &dummyifp;
}
--- 1585,1597 ----
&& sp->req->sav->sah != NULL) {
ro = &sp->req->sav->sah->sa_route;
if (ro->ro_rt && ro->ro_rt->rt_ifp) {
! dummyifp.if_mtu =
! o->ro_rt->rt_rmx.rmx_mtu;
! if (dummyifp.if_mtu == 0)
! dummyifp.if_mtu =
! ro->ro_rt->
! rt_ifp->if_mtu;
!
dummyifp.if_mtu -= ipsechdr;
destifp = &dummyifp;
}
--------------040902010803000904050005
Content-Type: text/plain;
name="patch_ip_input.c"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="patch_ip_input.c"
Index: ip_input.c
===================================================================
RCS file: /KEPLER-CVS/netbsd/src/sys/netinet/ip_input.c,v
retrieving revision 1.1.1.1
diff -c -r1.1.1.1 ip_input.c
*** ip_input.c 2002/05/10 01:51:02 1.1.1.1
--- ip_input.c 2002/06/06 18:42:03
***************
*** 1585,1592 ****
&& sp->req->sav->sah != NULL) {
ro = &sp->req->sav->sah->sa_route;
if (ro->ro_rt && ro->ro_rt->rt_ifp) {
! dummyifp.if_mtu =
! ro->ro_rt->rt_ifp->if_mtu;
dummyifp.if_mtu -= ipsechdr;
destifp = &dummyifp;
}
--- 1585,1597 ----
&& sp->req->sav->sah != NULL) {
ro = &sp->req->sav->sah->sa_route;
if (ro->ro_rt && ro->ro_rt->rt_ifp) {
! dummyifp.if_mtu =
! ro->ro_rt->rt_rmx.rmx_mtu;
! if (dummyifp.if_mtu == 0)
! dummyifp.if_mtu =
! ro->ro_rt->
! rt_ifp->if_mtu;
!
dummyifp.if_mtu -= ipsechdr;
destifp = &dummyifp;
}
--------------040902010803000904050005--