d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix bugs where the ng_ppp node could transmit PPP frames whose length

Browse Source 
exceeded the peer's configured MRU or MRRU.

MFC after:	1 week
This commit is contained in:
Archie Cobbs 2002-03-15 02:31:14 +00:00
parent f03a4b810a
commit 931c828ac5
1 changed files with 18 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
sys/netgraph/ng_ppp.c
View File

@ -947,8 +947,10 @@ ng_ppp_input(node_p node, int bypass, int linkNum, item_p item)
}
/*
* Deliver a frame out a link, either a real one or NG_PPP_BUNDLE_LINKNUM
* Deliver a frame out a link, either a real one or NG_PPP_BUNDLE_LINKNUM.
* If the link is not enabled then ENXIO is returned, unless "bypass" is != 0.
*
* If the frame is too big for the particular link, return EMSGSIZE.
*/
static int
ng_ppp_output(node_p node, int bypass,
@ -958,8 +960,11 @@ ng_ppp_output(node_p node, int bypass,
struct ng_ppp_link *link;
int len, error;
struct mbuf *m;
u_int16_t mru;
/* Extract mbuf */
NGI_GET_M(item, m);
NGI_GET_M(item, m); /* separate them for a while */
/* If not doing MP, map bundle virtual link to (the only) link */
if (linkNum == NG_PPP_BUNDLE_LINKNUM && !priv->conf.enableMultilink)
linkNum = priv->activeLinks[0];
@ -982,6 +987,14 @@ ng_ppp_output(node_p node, int bypass,
}
}
/* Check peer's MRU for this link */
mru = (link != NULL) ? link->conf.mru : priv->conf.mrru;
if (mru != 0 && m->m_pkthdr.len > mru) {
NG_FREE_M(m);
NG_FREE_ITEM(item);
return (EMSGSIZE);
}
/* Prepend protocol number, possibly compressed */
if ((m = ng_ppp_addproto(m, proto,
linkNum == NG_PPP_BUNDLE_LINKNUM
@ -1513,6 +1526,7 @@ static int
ng_ppp_mp_output(node_p node, struct mbuf *m, meta_p meta)
{
const priv_p priv = NG_NODE_PRIVATE(node);
const int hdr_len = priv->conf.xmitShortSeq ? 2 : 4;
int distrib[NG_PPP_MAX_LINKS];
int firstFragment;
int activeLinkNum;
@ -1571,8 +1585,8 @@ ng_ppp_mp_output(node_p node, struct mbuf *m, meta_p meta)
/* Calculate fragment length; don't exceed link MTU */
len = distrib[activeLinkNum];
if (len > link->conf.mru)
len = link->conf.mru;
if (len > link->conf.mru - hdr_len)
len = link->conf.mru - hdr_len;
distrib[activeLinkNum] -= len;
lastFragment = (len == m->m_pkthdr.len);