Date: Tue, 3 Jun 1997 20:39:11 +1000 (EST) From: Darren Reed <darrenr@cyber.com.au> To: security@freebsd.org Subject: Re: TCP RST Handling in 2.2 (fwd) Message-ID: <199706031039.UAA02820@plum.cyber.com.au> In-Reply-To: <199706030324.XAA20211@homeport.org> from "Adam Shostack" at Jun 2, 97 11:24:15 pm
index | next in thread | previous in thread | raw e-mail
I've hacked on tcp_input() a bit and changed the handling of an RST.
I'd like it if a few others also tested this patch, seems to work ok
for me.
Cheers,
Darren
*** /sys/netinet/tcp_input.c.orig Tue Jun 3 20:26:02 1997
--- /sys/netinet/tcp_input.c Tue Jun 3 20:27:35 1997
***************
*** 1118,1145 ****
* CLOSING, LAST_ACK, TIME_WAIT STATES
* Close the tcb.
*/
! if (tiflags&TH_RST) switch (tp->t_state) {
! case TCPS_SYN_RECEIVED:
! so->so_error = ECONNREFUSED;
! goto close;
! case TCPS_ESTABLISHED:
! case TCPS_FIN_WAIT_1:
! case TCPS_FIN_WAIT_2:
! case TCPS_CLOSE_WAIT:
! so->so_error = ECONNRESET;
! close:
! tp->t_state = TCPS_CLOSED;
! tcpstat.tcps_drops++;
! tp = tcp_close(tp);
! goto drop;
! case TCPS_CLOSING:
! case TCPS_LAST_ACK:
! case TCPS_TIME_WAIT:
! tp = tcp_close(tp);
! goto drop;
}
/*
--- 1118,1153 ----
* CLOSING, LAST_ACK, TIME_WAIT STATES
* Close the tcb.
*/
! if (tiflags&TH_RST) {
! if ((ti->ti_seq != tp->rcv_nxt) ||
! (ti->ti_ack && ((SEQ_LEQ(ti->ti_ack, tp->iss) ||
! SEQ_GT(ti->ti_ack, tp->snd_max)))))
! goto drop;
! switch (tp->t_state) {
!
! case TCPS_SYN_RECEIVED:
! so->so_error = ECONNREFUSED;
! goto close;
! case TCPS_ESTABLISHED:
! case TCPS_FIN_WAIT_1:
! case TCPS_FIN_WAIT_2:
! case TCPS_CLOSE_WAIT:
! so->so_error = ECONNRESET;
! close:
! tp->t_state = TCPS_CLOSED;
! tcpstat.tcps_drops++;
! tp = tcp_close(tp);
! goto drop;
!
! case TCPS_CLOSING:
! case TCPS_LAST_ACK:
! case TCPS_TIME_WAIT:
! tp = tcp_close(tp);
! goto drop;
! }
}
/*
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706031039.UAA02820>