Date: Thu, 6 Oct 2011 14:29:38 +0000 (UTC) From: Attilio Rao <attilio@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r226060 - head/sys/netinet Message-ID: <201110061429.p96ETcDY064533@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: attilio Date: Thu Oct 6 14:29:38 2011 New Revision: 226060 URL: http://svn.freebsd.org/changeset/base/226060 Log: For the INP_TIMEWAIT case, there is no valid tcpcb object tied to the inpcb object. Skip the TCP_SIGNATURE check in that case as it is consistent with the output path (no TCP_SIGNATURE for outcoming packets in TIMEWAIT state) and also because for TIMEWAIT state the verify may be less effective. Sponsored by: Sandvine Incorporated Reported by: rwatson No objections by: rwatson MFC after: 3 days Modified: head/sys/netinet/tcp_input.c Modified: head/sys/netinet/tcp_input.c ============================================================================== --- head/sys/netinet/tcp_input.c Thu Oct 6 14:24:37 2011 (r226059) +++ head/sys/netinet/tcp_input.c Thu Oct 6 14:29:38 2011 (r226060) @@ -948,24 +948,8 @@ relocked: } INP_INFO_WLOCK_ASSERT(&V_tcbinfo); -#ifdef TCP_SIGNATURE - tcp_dooptions(&to, optp, optlen, - (thflags & TH_SYN) ? TO_SYN : 0); - if (sig_checked == 0) { - tp = intotcpcb(inp); - if (tp == NULL || tp->t_state == TCPS_CLOSED) { - rstreason = BANDLIM_RST_CLOSEDPORT; - goto dropwithreset; - } - if (!tcp_signature_verify_input(m, off0, tlen, optlen, - &to, th, tp->t_flags)) - goto dropunlock; - sig_checked = 1; - } -#else if (thflags & TH_SYN) tcp_dooptions(&to, optp, optlen, TO_SYN); -#endif /* * NB: tcp_twcheck unlocks the INP and frees the mbuf. */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201110061429.p96ETcDY064533>