Date: Thu, 21 Apr 2005 12:37:13 +0000 (UTC) From: Andre Oppermann <andre@FreeBSD.org> To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/netinet tcp_output.c tcp_subr.c tcp_var.h Message-ID: <200504211237.j3LCbDhu006796@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
andre 2005-04-21 12:37:13 UTC
FreeBSD src repository
Modified files:
sys/netinet tcp_output.c tcp_subr.c tcp_var.h
Log:
Ignore ICMP Source Quench messages for TCP sessions. Source Quench is
ineffective, depreciated and can be abused to degrade the performance
of active TCP sessions if spoofed.
Replace a bogus call to tcp_quench() in tcp_output() with the direct
equivalent tcpcb variable assignment.
Security: draft-gont-tcpm-icmp-attacks-03.txt Section 7.1
MFC after: 3 days
Revision Changes Path
1.109 +1 -1 src/sys/netinet/tcp_output.c
1.222 +11 -24 src/sys/netinet/tcp_subr.c
1.120 +0 -2 src/sys/netinet/tcp_var.h
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200504211237.j3LCbDhu006796>