>Number:         3960
>Category:       kern
>Synopsis:       bug in tcp_input.c described in the errata file to TCP/IP Illust. Vol2
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    kern-bug-people (Kernel Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Aug  9 03:50:01 1997
>Last-Modified:
>Originator:     Thorsten Frueauf
>Organization:
private
	
>Release:        <NetBSD-current source date> NetBSD current 07.08.1997
>Environment:
	
System: NetBSD cyberlap 1.2G NetBSD 1.2G (CYBERLAP) #8: Sat Aug 9 12:26:05 CEST 1997 frueauf@cyberlap:/usr/src/sys/arch/i386/compile/CYBERLAP i386


>Description:
	
In the errata file for TCP/IP Illustrated Vol. 2 (to be found at the
homepage of Richard Stevens: http://www.kohala.com/~rstevens; its called
typos.tcpipiv2.txt) at the section "The following are Comments to the
Reader, they are not typos to be fixed.", Stevens describes that
in tcp_input.c line 715 (page 958 in the book; line 816 in the NetBSD code)
`tp->rcv_nxt' should be replaced to `tp->snd_nxt'.

>How-To-Repeat:
	
Read the above cited file/book :)

>Fix:
	
Apply the following diff to /src/sys/netinet/tcp_input.c:

*** tcp_input.c-orig	Sat Aug  9 12:24:10 1997
--- tcp_input.c	Sat Aug  9 12:23:54 1997
***************
*** 813,819 ****
  			if (tiflags & TH_SYN &&
  			    tp->t_state == TCPS_TIME_WAIT &&
  			    SEQ_GT(ti->ti_seq, tp->rcv_nxt)) {
! 				iss = tp->rcv_nxt + TCP_ISSINCR;
  				tp = tcp_close(tp);
  				/*
  				 * We have already advanced the mbuf
--- 813,819 ----
  			if (tiflags & TH_SYN &&
  			    tp->t_state == TCPS_TIME_WAIT &&
  			    SEQ_GT(ti->ti_seq, tp->rcv_nxt)) {
! 				iss = tp->snd_nxt + TCP_ISSINCR;
  				tp = tcp_close(tp);
  				/*
  				 * We have already advanced the mbuf
>Audit-Trail:
>Unformatted:
bug in tcp_input.c described in the errata file to TCP/IP Illustrated Vol. 2