svn commit: r201652 - stable/7/sys/netinet

Bjoern A. Zeeb bz at FreeBSD.org
Wed Jan 6 16:39:16 UTC 2010 

Author: bz
Date: Wed Jan  6 16:39:16 2010
New Revision: 201652
URL: http://svn.freebsd.org/changeset/base/201652

Log:
  MFC 182846:
  
    Convert SYSCTL_INTs for tcp_mssdflt and tcp_v6mssdflt to
    SYSCTL_PROCs and check that the default mss for neither v4 nor
    v6 goes below the minimum MSS constant (216).
  
    This prevents people from shooting themselves in the foot.

Modified:
  stable/7/sys/netinet/tcp_subr.c
Directory Properties:
  stable/7/sys/   (props changed)
  stable/7/sys/cddl/contrib/opensolaris/   (props changed)
  stable/7/sys/contrib/dev/acpica/   (props changed)
  stable/7/sys/contrib/pf/   (props changed)

Modified: stable/7/sys/netinet/tcp_subr.c
==============================================================================
--- stable/7/sys/netinet/tcp_subr.c	Wed Jan  6 16:09:58 2010	(r201651)
+++ stable/7/sys/netinet/tcp_subr.c	Wed Jan  6 16:39:16 2010	(r201652)
@@ -111,14 +111,50 @@ __FBSDID("$FreeBSD$");
 #include <security/mac/mac_framework.h>
 
 int	tcp_mssdflt = TCP_MSS;
-SYSCTL_INT(_net_inet_tcp, TCPCTL_MSSDFLT, mssdflt, CTLFLAG_RW,
-    &tcp_mssdflt, 0, "Default TCP Maximum Segment Size");
-
 #ifdef INET6
 int	tcp_v6mssdflt = TCP6_MSS;
-SYSCTL_INT(_net_inet_tcp, TCPCTL_V6MSSDFLT, v6mssdflt,
-    CTLFLAG_RW, &tcp_v6mssdflt , 0,
-    "Default TCP Maximum Segment Size for IPv6");
+#endif
+
+static int
+sysctl_net_inet_tcp_mss_check(SYSCTL_HANDLER_ARGS)
+{
+	int error, new;
+
+	new = tcp_mssdflt;
+	error = sysctl_handle_int(oidp, &new, 0, req);
+	if (error == 0 && req->newptr) {
+		if (new < TCP_MINMSS)
+			error = EINVAL;
+		else
+			tcp_mssdflt = new;
+	}
+	return (error);
+}
+
+SYSCTL_PROC(_net_inet_tcp, TCPCTL_MSSDFLT, mssdflt, CTLTYPE_INT|CTLFLAG_RW,
+	   &tcp_mssdflt, 0, &sysctl_net_inet_tcp_mss_check, "I",
+	   "Default TCP Maximum Segment Size");
+
+#ifdef INET6
+static int
+sysctl_net_inet_tcp_mss_v6_check(SYSCTL_HANDLER_ARGS)
+{
+	int error, new;
+
+	new = tcp_v6mssdflt;
+	error = sysctl_handle_int(oidp, &new, 0, req);
+	if (error == 0 && req->newptr) {
+		if (new < TCP_MINMSS)
+			error = EINVAL;
+		else
+			tcp_v6mssdflt = new;
+	}
+	return (error);
+}
+
+SYSCTL_PROC(_net_inet_tcp, TCPCTL_V6MSSDFLT, v6mssdflt, CTLTYPE_INT|CTLFLAG_RW,
+	   &tcp_v6mssdflt, 0, &sysctl_net_inet_tcp_mss_v6_check, "I",
+	   "Default TCP Maximum Segment Size for IPv6");
 #endif
 
 /*

More information about the svn-src-stable mailing list