Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 21 Apr 2005 12:37:13 +0000 (UTC)
From:      Andre Oppermann <andre@FreeBSD.org>
To:        src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   cvs commit: src/sys/netinet tcp_output.c tcp_subr.c tcp_var.h
Message-ID:  <200504211237.j3LCbDhu006796@repoman.freebsd.org>

next in thread | raw e-mail | index | archive | help
andre       2005-04-21 12:37:13 UTC

  FreeBSD src repository

  Modified files:
    sys/netinet          tcp_output.c tcp_subr.c tcp_var.h 
  Log:
  Ignore ICMP Source Quench messages for TCP sessions.  Source Quench is
  ineffective, depreciated and can be abused to degrade the performance
  of active TCP sessions if spoofed.
  
  Replace a bogus call to tcp_quench() in tcp_output() with the direct
  equivalent tcpcb variable assignment.
  
  Security:       draft-gont-tcpm-icmp-attacks-03.txt Section 7.1
  MFC after:      3 days
  
  Revision  Changes    Path
  1.109     +1 -1      src/sys/netinet/tcp_output.c
  1.222     +11 -24    src/sys/netinet/tcp_subr.c
  1.120     +0 -2      src/sys/netinet/tcp_var.h



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200504211237.j3LCbDhu006796>