tcpmd5: return ENOENT when security association not found
ClosedPublic
Actions

Authored by rew on Dec 1 2021, 11:09 PM.

Details

Reviewers

Commits

rG90aacac54b83: tcpmd5: return ENOENT when security association not found
rG91d388119ae2: tcpmd5: return ENOENT when security association not found

Summary

Return ENOENT from tcp_ipsec_input() when a security association is not
found. This allows callers of TCP_MD5_INPUT() to differentiate between a
security association not found and receiving a bad signature.

Also return ENOENT from tcp_ipsec_output() for consistency.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

rew created this revision.Dec 1 2021, 11:09 PM

Herald added subscribers: glebius, melifaro, ae, imp. · View Herald TranscriptDec 1 2021, 11:09 PM

rew requested review of this revision.Dec 1 2021, 11:09 PM

Harbormaster completed remote builds in B43100: Diff 99335.Dec 1 2021, 11:09 PM

rew added a child revision: D33227: syncache: accept packets with no SA when TCP_MD5SIG is set.Dec 1 2021, 11:09 PM

ae accepted this revision.Dec 2 2021, 5:51 AM

This revision is now accepted and ready to land.Dec 2 2021, 5:51 AM

Closed by commit rG91d388119ae2: tcpmd5: return ENOENT when security association not found (authored by rew). · Explain WhyJan 9 2022, 1:45 AM

This revision was automatically updated to reflect the committed changes.

rew added a commit: rG91d388119ae2: tcpmd5: return ENOENT when security association not found.

rew added a commit: rG90aacac54b83: tcpmd5: return ENOENT when security association not found.Feb 10 2022, 7:30 PM

Revision Contents
Changeset List

Path

Size

sys/

netipsec/

xform_tcp.c

6 lines

Diff 101151

View Options

tcpmd5: return ENOENT when security association not foundClosedPublicActions