, Jason Thorpe <thorpej@nas.nasa.gov>
From: Don Lewis <Don.Lewis@tsc.tdk.com>
List: current-users
Date: 11/21/1997 17:01:53
On Nov 21, 5:05am, Don Lewis wrote:
} Subject: Re: Fix for "land" bug committed
} This is the untested patch I sent to one of the FreeBSD lists. It doesn't
} apply cleanly to the NetBSD version of this file, but you should be
} able to apply it by hand.
}
} --- tcp_input.c.prev Fri Nov 21 04:34:51 1997
} +++ tcp_input.c Fri Nov 21 05:00:07 1997
} @@ -752,6 +752,17 @@
} }
}
} /*
} + * If the state is SYN_RCVD:
} + * if seg contains an ACK, but not for our SYN,ACK, drop the input.
} + * Otherwise continue processing
} + */
} + case TCPS_SYN_RECEIVED:
} + if (SEQ_GT(tp->snd_una, ti->ti_ack) ||
} + SEQ_GT(ti->ti_ack, tp->snd_max))
} + goto dropwithreset;
} + break; /* continue normal processing */
This is broken because it should only do this check if the ACK bit is
set.
} +
} + /*
} * If the state is SYN_SENT:
} * if seg contains an ACK, but not for our SYN, drop the input.
} * if seg contains a RST, then drop the connection.
} @@ -1171,9 +1182,7 @@
} * send an RST.
} */
} case TCPS_SYN_RECEIVED:
} - if (SEQ_GT(tp->snd_una, ti->ti_ack) ||
} - SEQ_GT(ti->ti_ack, tp->snd_max))
} - goto dropwithreset;
} + /* ACK validation was done earlier, before window trim */
}
} tcpstat.tcps_connects++;
} soisconnected(so);
}-- End of excerpt from Don Lewis
I like the following patch better since it is both smaller and doesn't
require investigating all the different possible relationships between
sequence numbers. Comments?
--- tcp_input.c.prev Fri Nov 21 04:34:51 1997
+++ tcp_input.c Fri Nov 21 16:32:10 1997
@@ -752,6 +752,18 @@
}
/*
+ * If the state is SYN_RCVD:
+ * If seg contains a SYN,ACK, then drop it and send a RST.
+ * We should only ever get an ACK or a duplicate SYN (if our
+ * SYN,ACK was lost) in this state.
+ * Otherwise continue processing
+ */
+ case TCPS_SYN_RECEIVED:
+ if ((tiflags & (TH_SYN|TH_ACK)) == (TH_SYN|TH_ACK))
+ goto dropwithreset;
+ break; /* continue normal processing */
+
+ /*
* If the state is SYN_SENT:
* if seg contains an ACK, but not for our SYN, drop the input.
* if seg contains a RST, then drop the connection.