Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 3 Jun 1997 20:39:11 +1000 (EST)
From:      Darren Reed <darrenr@cyber.com.au>
To:        security@freebsd.org
Subject:   Re: TCP RST Handling in 2.2 (fwd)
Message-ID:  <199706031039.UAA02820@plum.cyber.com.au>
In-Reply-To: <199706030324.XAA20211@homeport.org> from "Adam Shostack" at Jun 2, 97 11:24:15 pm

next in thread | previous in thread | raw e-mail | index | archive | help

I've hacked on tcp_input() a bit and changed the handling of an RST.

I'd like it if a few others also tested this patch, seems to work ok
for me.

Cheers,
Darren

*** /sys/netinet/tcp_input.c.orig       Tue Jun  3 20:26:02 1997
--- /sys/netinet/tcp_input.c    Tue Jun  3 20:27:35 1997
***************
*** 1118,1145 ****
  	 *    CLOSING, LAST_ACK, TIME_WAIT STATES
  	 *      Close the tcb.
  	 */
! 	if (tiflags&TH_RST) switch (tp->t_state) {
  
! 	case TCPS_SYN_RECEIVED:
! 		so->so_error = ECONNREFUSED;
! 		goto close;
  
! 	case TCPS_ESTABLISHED:
! 	case TCPS_FIN_WAIT_1:
! 	case TCPS_FIN_WAIT_2:
! 	case TCPS_CLOSE_WAIT:
! 		so->so_error = ECONNRESET;
! 	close:
! 		tp->t_state = TCPS_CLOSED;
! 		tcpstat.tcps_drops++;
! 		tp = tcp_close(tp);
! 		goto drop;
  
! 	case TCPS_CLOSING:
! 	case TCPS_LAST_ACK:
! 	case TCPS_TIME_WAIT:
! 		tp = tcp_close(tp);
! 		goto drop;
  	}
  
  	/*
--- 1118,1153 ----
  	 *    CLOSING, LAST_ACK, TIME_WAIT STATES
  	 *      Close the tcb.
  	 */
! 	if (tiflags&TH_RST) {
  
! 		if ((ti->ti_seq != tp->rcv_nxt) ||
! 		    (ti->ti_ack && ((SEQ_LEQ(ti->ti_ack, tp->iss) ||
! 		      SEQ_GT(ti->ti_ack, tp->snd_max)))))
! 			goto drop;
  
! 		switch (tp->t_state) {
! 		
! 		case TCPS_SYN_RECEIVED:
! 			so->so_error = ECONNREFUSED;
! 			goto close;
  
! 		case TCPS_ESTABLISHED:
! 		case TCPS_FIN_WAIT_1:
! 		case TCPS_FIN_WAIT_2:
! 		case TCPS_CLOSE_WAIT:
! 			so->so_error = ECONNRESET;
! 		close:
! 			tp->t_state = TCPS_CLOSED;
! 			tcpstat.tcps_drops++;
! 			tp = tcp_close(tp);
! 			goto drop;
! 
! 		case TCPS_CLOSING:
! 		case TCPS_LAST_ACK:
! 		case TCPS_TIME_WAIT:
! 			tp = tcp_close(tp);
! 			goto drop;
! 		}
  	}
  
  	/*




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706031039.UAA02820>