tcp: drop data received after a FIN has been processed
RFC 9293 describes the handling of data in the CLOSE-WAIT, CLOSING, LAST-ACK, and TIME-WAIT states: This should not occur since a FIN has been received from the remote side. Ignore the segment text. Therefore, implement this handling. Reviewed by: rrs, rscheff MFC after: 3 days Sponsored by: Netflix, Inc. Differential Revision: https://reviews.freebsd.org/D44746
This commit is contained in:
@@ -2337,9 +2337,11 @@ tcp_do_segment(struct tcpcb *tp, struct mbuf *m, struct tcphdr *th,
|
||||
|
||||
/*
|
||||
* If new data are received on a connection after the
|
||||
* user processes are gone, then RST the other end.
|
||||
* user processes are gone, then RST the other end if
|
||||
* no FIN has been processed.
|
||||
*/
|
||||
if ((tp->t_flags & TF_CLOSED) && tlen) {
|
||||
if ((tp->t_flags & TF_CLOSED) && tlen > 0 &&
|
||||
TCPS_HAVERCVDFIN(tp->t_state) == 0) {
|
||||
if ((s = tcp_log_addrs(inc, th, NULL, NULL))) {
|
||||
log(LOG_DEBUG, "%s; %s: %s: Received %d bytes of data "
|
||||
"after socket was closed, "
|
||||
|
||||
@@ -9555,15 +9555,6 @@ bbr_do_closing(struct mbuf *m, struct tcphdr *th, struct socket *so,
|
||||
if (ctf_drop_checks(to, m, th, tp, &tlen, &thflags, &drop_hdrlen, &ret_val)) {
|
||||
return (ret_val);
|
||||
}
|
||||
/*
|
||||
* If new data are received on a connection after the user processes
|
||||
* are gone, then RST the other end.
|
||||
* We call a new function now so we might continue and setup
|
||||
* to reset at all data being ack'd.
|
||||
*/
|
||||
if ((tp->t_flags & TF_CLOSED) && tlen &&
|
||||
bbr_check_data_after_close(m, bbr, tp, &tlen, th, so))
|
||||
return (1);
|
||||
/*
|
||||
* If last ACK falls within this segment's sequence numbers, record
|
||||
* its timestamp. NOTE: 1) That the test incorporates suggestions
|
||||
@@ -9666,15 +9657,6 @@ bbr_do_lastack(struct mbuf *m, struct tcphdr *th, struct socket *so,
|
||||
if (ctf_drop_checks(to, m, th, tp, &tlen, &thflags, &drop_hdrlen, &ret_val)) {
|
||||
return (ret_val);
|
||||
}
|
||||
/*
|
||||
* If new data are received on a connection after the user processes
|
||||
* are gone, then RST the other end.
|
||||
* We call a new function now so we might continue and setup
|
||||
* to reset at all data being ack'd.
|
||||
*/
|
||||
if ((tp->t_flags & TF_CLOSED) && tlen &&
|
||||
bbr_check_data_after_close(m, bbr, tp, &tlen, th, so))
|
||||
return (1);
|
||||
/*
|
||||
* If last ACK falls within this segment's sequence numbers, record
|
||||
* its timestamp. NOTE: 1) That the test incorporates suggestions
|
||||
|
||||
@@ -14997,13 +14997,6 @@ rack_do_closing(struct mbuf *m, struct tcphdr *th, struct socket *so,
|
||||
&rack->r_ctl.challenge_ack_cnt)) {
|
||||
return (ret_val);
|
||||
}
|
||||
/*
|
||||
* If new data are received on a connection after the user processes
|
||||
* are gone, then RST the other end.
|
||||
*/
|
||||
if ((tp->t_flags & TF_CLOSED) && tlen &&
|
||||
rack_check_data_after_close(m, tp, &tlen, th, so))
|
||||
return (1);
|
||||
/*
|
||||
* If last ACK falls within this segment's sequence numbers, record
|
||||
* its timestamp. NOTE: 1) That the test incorporates suggestions
|
||||
@@ -15112,13 +15105,6 @@ rack_do_lastack(struct mbuf *m, struct tcphdr *th, struct socket *so,
|
||||
&rack->r_ctl.challenge_ack_cnt)) {
|
||||
return (ret_val);
|
||||
}
|
||||
/*
|
||||
* If new data are received on a connection after the user processes
|
||||
* are gone, then RST the other end.
|
||||
*/
|
||||
if ((tp->t_flags & TF_CLOSED) && tlen &&
|
||||
rack_check_data_after_close(m, tp, &tlen, th, so))
|
||||
return (1);
|
||||
/*
|
||||
* If last ACK falls within this segment's sequence numbers, record
|
||||
* its timestamp. NOTE: 1) That the test incorporates suggestions
|
||||
|
||||
Reference in New Issue
Block a user