tcp: Handle <RST,ACK> in SYN-RCVD
Patch base stack to correctly handle the RST bit independently of other header flags per TCP RFC. MFC after: 1 week Reviewed By: tuexen, #transport Sponsored by: NetApp, Inc. Differential Revision: https://reviews.freebsd.org/D40982
This commit is contained in:
@@ -1963,6 +1963,10 @@ tcp_do_segment(struct tcpcb *tp, struct mbuf *m, struct tcphdr *th,
|
||||
* if seg contains an ACK, but not for our SYN/ACK, send a RST.
|
||||
*/
|
||||
case TCPS_SYN_RECEIVED:
|
||||
if (thflags & TH_RST) {
|
||||
/* Handle RST segments later. */
|
||||
break;
|
||||
}
|
||||
if ((thflags & TH_ACK) &&
|
||||
(SEQ_LEQ(th->th_ack, tp->snd_una) ||
|
||||
SEQ_GT(th->th_ack, tp->snd_max))) {
|
||||
|
||||
@@ -623,18 +623,6 @@ syncache_chkrst(struct in_conninfo *inc, struct tcphdr *th, struct mbuf *m,
|
||||
sc = syncache_lookup(inc, &sch); /* returns locked sch */
|
||||
SCH_LOCK_ASSERT(sch);
|
||||
|
||||
/*
|
||||
* Any RST to our SYN|ACK must not carry ACK, SYN or FIN flags.
|
||||
* See RFC 793 page 65, section SEGMENT ARRIVES.
|
||||
*/
|
||||
if (tcp_get_flags(th) & (TH_ACK|TH_SYN|TH_FIN)) {
|
||||
if ((s = tcp_log_addrs(inc, th, NULL, NULL)))
|
||||
log(LOG_DEBUG, "%s; %s: Spurious RST with ACK, SYN or "
|
||||
"FIN flag set, segment ignored\n", s, __func__);
|
||||
TCPSTAT_INC(tcps_badrst);
|
||||
goto done;
|
||||
}
|
||||
|
||||
/*
|
||||
* No corresponding connection was found in syncache.
|
||||
* If syncookies are enabled and possibly exclusively
|
||||
|
||||
Reference in New Issue
Block a user