Date: Fri, 8 Jun 2007 18:26:41 +0400 From: Yar Tikhiy <yar@comp.chem.msu.su> To: andre@freebsd.org, net@freebsd.org Subject: A small window-related bug in tcp_input.c? Message-ID: <20070608142641.GA25127@comp.chem.msu.su>
next in thread | raw e-mail | index | archive | help
There is the following code in tcp_input.c (I "underlined" two
questionable lines):
/*
* Process options only when we get SYN/ACK back. The SYN case
* for incoming connections is handled in tcp_syncache.
* XXX this is traditional behavior, may need to be cleaned up.
*/
if (tp->t_state == TCPS_SYN_SENT && (thflags & TH_SYN)) {
if ((to.to_flags & TOF_SCALE) &&
(tp->t_flags & TF_REQ_SCALE)) {
tp->t_flags |= TF_RCVD_SCALE;
tp->snd_scale = to.to_wscale;
tp->snd_wnd = th->th_win << tp->snd_scale;
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
tiwin = tp->snd_wnd;
}
if (to.to_flags & TOF_TS) {
tp->t_flags |= TF_RCVD_TSTMP;
tp->ts_recent = to.to_tsval;
tp->ts_recent_age = ticks;
}
/* Initial send window, already scaled. */
tp->snd_wnd = th->th_win;
^^^^^^^^^^^^^^^^^^^^^^^^^
if (to.to_flags & TOF_MSS)
tcp_mss(tp, to.to_mss);
if ((tp->t_flags & TF_SACK_PERMIT) &&
(to.to_flags & TOF_SACKPERM) == 0)
tp->t_flags &= ~TF_SACK_PERMIT;
}
Is it correct that the scaled value in tp->snd_wnd is later overwritten
with the unscaled value from th->th_win?
--
Yar
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070608142641.GA25127>