CVSROOT: /cvs
Module name: src
Changes by: m...@cvs.openbsd.org 2025/07/21 05:07:31
Modified files:
sys/netinet6 : frag6.c in6_proto.c ip6_input.c
Log message:
Unlock IPV6CTL_MAXFRAGPACKETS case of ip6_sysctl().
The stack and the sysctl interface are inconsistent. The stack assumed
that `ip6_maxfragpackets' could be negative, and accept all fragments
in this case, but sysctl interface doesn't allow to set negative value.
Also, frag6_slowtimo() does not handle negative values of
`ip6_maxfragpackets'.
bluhm@ pointed, that the limitation in sysctl sysctl(2) is newer that
"ip6_maxfragpackets >= 0" check. Also the unlimited fragments is bad
idea.
So, drop the "ip6_maxfragpackets >= 0" check in frag6_input() and adjust
the preceding commentary. We don't need extra "ip6_maxfragpackets == 0"
check because if `ip6_maxfragpackets' is 0 the "frag6_nfragpackets >=
ip6_maxfragpackets" check will be true in any case.
Use cached value of `ip6_maxfragpackets' in frag6_slowtimo().
Discussed with and ok from bluhm
