Date: Wed, 21 Sep 2005 01:26:26 +0900 (JST) From: Noritoshi Demizu <demizu@dd.iij4u.or.jp> To: othermark <atkin901@yahoo.com> Cc: freebsd-net@freebsd.org Subject: Re: rfc2385 (tcp md5 checksums) in -current broken? Message-ID: <20050921.012626.74752754.Noritoshi@Demizu.ORG> In-Reply-To: <dgp7lk$sov$1@sea.gmane.org> References: <dgp7lk$sov$1@sea.gmane.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> I'm testing rfc2385 support with some of our equipment with current > as of a few days ago, and the support seems, well, rather broken. I think there is a bug in syncache_respond(). In tcp_syncache.c rev 1.77, tcp_signature_compute() is called before filling the TCP SACK Permitted option and the TCP EOL option. I guess it should be called after filling both the SACK Permitted and EOL option. If this is the cause of the problem, I think it was broken when SACK was imported. However, when we suggested the change of rev 1.73, I should notice the bug. I am sorry I did not know how to test the signature option well. I will try to make a patch tomorrow. Regards, Noritoshi Demizu
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050921.012626.74752754.Noritoshi>