Commit a981d85
committed
- add esp encapsulation to tcp_send_empty_immediate so pure acks on ipsec
- basedd connections are not sent in plaintext when the tx fifo is full
- (and the link layer is being used)
- add esp encapsulation to tcp_send_zero_wnd_probe so zero_window probes on ipsec-protected connections are not sent in plaintext
- add esp encapsulation to wolfip_forwad_packet so forwarded ip packets
- are not sent in plaintext when the egresse interface has esp sa
- ocnfigureed
- reset sift-sdown cursor to root on each iteration of
- timers_binheapp_poop so that skipping cancelled timers does not b reak
- the min-heap invariant
- send syn-ack immediately in the listen to syn_rcvd transition instead of deferring it until accept() or the ctrl_rto timer fires.
- validate arp reply sender ip against broadcast, multicast, zero and own address before caching, matching the existing arp request handler checks
- deconfigure the offered ip address when dhcp request retries are exhausted so the device does not keep using unconfirmed lease.
- extend multicast classification tests to cover the 225-239 range and boundaries so mask constant mutations are detected
- add ssrr source routine drop test to cover 0x89 variant type branch alongside the existing lsrr test
- add multicast source address test for ip_recv to cover the wolfip_ip_is_multicast branch of the rfc 1122 source validation
- add multicast sender test for arp request validation to cover the wolfip_ip_is_multicast branch of the cache poisoning guard.
- add esp encapsulation to tcp_send_reset_reply so rst segments toward esp_protected peers are not sent in plaintext
- nclude tcp timestamp option in zero-window probes when timestamps are negotiated, per rfc 7323 (around section 3.2)
- process ack+fin segments in syn_rcvd state per rfc 9293 instead of silently discarding non-pure acks.
- Compute ICMP TTL exceeded and destination unreachable original packet
- quote size from the actual IP header length so packets with IP options
- include the full header plus 8 bytes of transport data.
- seed ipcounter with a random value at init so ip identification fields on non-df packets are not predictable from zero
- set the df bit on tcp rst replies to match the normal tcp output patch and prevent ip id observability
- zero hmac hash buffers on the stack after icv comparison and copy to prevent residual keyed hash output from persisting
- zero gcm/gmac nonce buffers on the stack after use to prevent residual implicit salt bytes from persisting1 parent 3092f6f commit a981d85
9 files changed
Lines changed: 1087 additions & 106 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
104 | 104 | | |
105 | 105 | | |
106 | 106 | | |
| 107 | + | |
| 108 | + | |
| 109 | + | |
107 | 110 | | |
108 | 111 | | |
109 | 112 | | |
| |||
216 | 219 | | |
217 | 220 | | |
218 | 221 | | |
| 222 | + | |
219 | 223 | | |
| 224 | + | |
220 | 225 | | |
221 | 226 | | |
222 | 227 | | |
| |||
230 | 235 | | |
231 | 236 | | |
232 | 237 | | |
| 238 | + | |
233 | 239 | | |
234 | 240 | | |
235 | 241 | | |
| |||
324 | 330 | | |
325 | 331 | | |
326 | 332 | | |
| 333 | + | |
327 | 334 | | |
328 | 335 | | |
329 | 336 | | |
| |||
342 | 349 | | |
343 | 350 | | |
344 | 351 | | |
| 352 | + | |
345 | 353 | | |
346 | 354 | | |
347 | 355 | | |
| |||
493 | 501 | | |
494 | 502 | | |
495 | 503 | | |
| 504 | + | |
496 | 505 | | |
497 | 506 | | |
498 | 507 | | |
| |||
580 | 589 | | |
581 | 590 | | |
582 | 591 | | |
| 592 | + | |
583 | 593 | | |
584 | 594 | | |
585 | 595 | | |
| |||
637 | 647 | | |
638 | 648 | | |
639 | 649 | | |
| 650 | + | |
640 | 651 | | |
641 | 652 | | |
642 | 653 | | |
| |||
648 | 659 | | |
649 | 660 | | |
650 | 661 | | |
| 662 | + | |
651 | 663 | | |
652 | 664 | | |
653 | 665 | | |
| |||
0 commit comments