From owner-freebsd-net@FreeBSD.ORG Fri Jun 19 19:32:58 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6EA191065676; Fri, 19 Jun 2009 19:32:58 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from asmtpout014.mac.com (asmtpout014.mac.com [17.148.16.89]) by mx1.freebsd.org (Postfix) with ESMTP id 5BABE8FC26; Fri, 19 Jun 2009 19:32:58 +0000 (UTC) (envelope-from cswiger@mac.com) MIME-version: 1.0 Content-transfer-encoding: 7BIT Content-type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Received: from cswiger1.apple.com ([17.227.140.124]) by asmtp014.mac.com (Sun Java(tm) System Messaging Server 6.3-8.01 (built Dec 16 2008; 32bit)) with ESMTPSA id <0KLI009GK0UWXH50@asmtp014.mac.com>; Fri, 19 Jun 2009 11:32:58 -0700 (PDT) Message-id: <82A6C509-6141-4226-B145-1DE6801256B1@mac.com> From: Chuck Swiger To: Harti Brandt In-reply-to: <20090619191756.R581@beagle.kn.op.dlr.de> Date: Fri, 19 Jun 2009 11:32:55 -0700 References: <20090619191756.R581@beagle.kn.op.dlr.de> X-Mailer: Apple Mail (2.935.3) Cc: "freebsd-net@freebsd.org Net" Subject: Re: TCP bug? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Jun 2009 19:32:58 -0000 Hi-- On Jun 19, 2009, at 10:44 AM, Harti Brandt wrote: > When the TCP is in SYN-SENT state (the user has called connect()) > and the peer answers with an almost-lamp test packet which has SYN, > FIN, ACK and data larger than the window, TCP ACKs a window full of > data, drops the rest, but processes the FIN - it goes into > CLOSE_WAIT. This looks wrong to me. When dropping the data that is > outside the window, it should also drop the FIN. Clearly, you shouldn't process a FIN which happens outside of the current window: "For sequence number purposes, the SYN is considered to occur before the first actual data octet of the segment in which it occurs, while the FIN is considered to occur after the last actual data octet in a segment in which it occurs." If the socket was in a synchronized state, RFC-793 pg 37 says: "3. If the connection is in a synchronized state (ESTABLISHED, FIN-WAIT-1, FIN-WAIT-2, CLOSE-WAIT, CLOSING, LAST-ACK, TIME-WAIT), any unacceptable segment (out of window sequence number or unacceptible acknowledgment number) must elicit only an empty acknowledgment segment containing the current send-sequence number and an acknowledgment indicating the next sequence number expected to be received, and the connection remains in the same state." ...if it's before the connection is fully setup, ie, in SYN-SENT state as you say, then the fact that the packet contains data which does not fit in the window suggests it should be handled by the rules for half- open connections: "As a general rule, reset (RST) must be sent whenever a segment arrives which apparently is not intended for the current connection. A reset must not be sent if it is not clear that this is the case." See figure 12-- I think you should be sending a RST back.... Regards, -- -Chuck