From owner-freebsd-security  Tue Jun  3 04:19:03 1997
Return-Path: <owner-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id EAA22865
          for security-outgoing; Tue, 3 Jun 1997 04:19:03 -0700 (PDT)
Received: from implode.root.com (implode.root.com [198.145.90.17])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id EAA22860
          for <security@FreeBSD.ORG>; Tue, 3 Jun 1997 04:19:01 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
	by implode.root.com (8.8.5/8.8.5) with SMTP id EAA06181;
	Tue, 3 Jun 1997 04:20:16 -0700 (PDT)
Message-Id: <199706031120.EAA06181@implode.root.com>
X-Authentication-Warning: implode.root.com: localhost [127.0.0.1] didn't use HELO protocol
To: Darren Reed <darrenr@cyber.com.au>
cc: security@FreeBSD.ORG
Subject: Re: TCP RST Handling in 2.2 (fwd) 
In-reply-to: Your message of "Tue, 03 Jun 1997 20:39:11 +1000."
             <199706031039.UAA02820@plum.cyber.com.au> 
From: David Greenman <dg@root.com>
Reply-To: dg@root.com
Date: Tue, 03 Jun 1997 04:20:16 -0700
Sender: owner-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

>! 	if (tiflags&TH_RST) {
>  
>! 		if ((ti->ti_seq != tp->rcv_nxt) ||
>! 		    (ti->ti_ack && ((SEQ_LEQ(ti->ti_ack, tp->iss) ||
>! 		      SEQ_GT(ti->ti_ack, tp->snd_max)))))
>! 			goto drop;

   This looks highly bogus to me. What happens if the server crashes and comes
back up? The code as written above appears to drop all attempts by the server
to issue an RST...right?

-DG

David Greenman
Core-team/Principal Architect, The FreeBSD Project