Date: Mon, 3 Jan 2005 12:14:35 -0800 (PST) From: Don Lewis <truckman@FreeBSD.org> To: silby@silby.com Cc: net@FreeBSD.org Subject: Re: Fixing "Slipping in the window" before 4.11-release Message-ID: <200501032014.j03KEZdB002233@gw.catspoiler.org> In-Reply-To: <200501031855.j03Itnmh002076@gw.catspoiler.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 3 Jan, Don Lewis wrote:
> /*
> * If a SYN is in the window, then this is an
> * error and we send an RST and drop the connection.
> */
> if (thflags & TH_SYN) {
> if (tcp_insecure_syn == 0)
> goto drop;
> else {
> tp = tcp_drop(tp, ECONNRESET);
> rstreason = BANDLIM_UNLIMITED;
> goto dropwithreset;
> }
Writing and posting while sleepy is not a good thing. The braces are
unbalanced and the else after the goto drop isn't necessary, so just
adding
if (tcp_insecure_syn == 0)
goto drop;
in the obvious place would do the trick.
This is probably the same section of code that would need to be modified
to implement the behaviour recommended in the Internet Draft.
A new version of the draft was release in November, but I haven't had a
chance to look at it yet. It is at:
<http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-02.txt>.
There was a presentation at an IETF meeting about the issues relating to
the Cisco IPR claims:
<http://www.ietf.org/proceedings/04aug/slides/tcpm-4/>.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200501032014.j03KEZdB002233>