infinite loop in esp6_ctlinput()?
blue
susan.lan at zyxel.com.tw
Mon Aug 27 19:15:29 PDT 2007
Dear all:
When receiving a "packet too big" ICMP error message, FreeBSD will call
the ctlinput() function of the upper protocol. If the preceding packet
is an ESP IPv6 packet, then FreeBSD will call esp6_ctlinput(). In
esp6_ctlinput(), pfctlinput2() will be executed to traverse all possible
upper protocols, and call their registered ctlinput() function. However,
that would call esp6_ctlinput() again since ESP is one of the upper
protocols! Then an infinite loop occurs!!
After comparing both IPSEC and FAST_IPSEC, the operations are exactly
the same. Is it a bug?
Best regards,
Yi-Wen
More information about the freebsd-net
mailing list