]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit
projects / FreeBSD / FreeBSD.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 421025a) | patch
if_ovpn: cope with loops
authorKristof Provost <kp@FreeBSD.org>
Mon, 13 May 2024 10:06:47 +0000 (12:06 +0200)
committerKristof Provost <kp@FreeBSD.org>
Mon, 13 May 2024 10:11:06 +0000 (12:11 +0200)
commit59a6666ec91d71f97aaae5195bbfafd9d422db2e
tree8bce1bba80abccc603aa53a3bb35c90b3f747324tree | snapshot
parent421025a274fb5759b3ecc8bdb30b24db830b45aecommit | diff
if_ovpn: cope with loops

User misconfiguration may lead to routing loops where we try to send the tunnel
packet into the tunnel. This eventually leads to stack overflows and panics.

Avoid this using if_tunnel_check_nesting(), which will drop the packet if we're
looping or we hit three layers of nested tunnels.

MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
sys/net/if_ovpn.c diff | blob | history
tests/sys/net/if_ovpn/if_ovpn.sh diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.