Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 20 Mar 2017 02:35:53 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-net@FreeBSD.org
Subject:   [Bug 217637] One TCP connection accepted TWO times
Message-ID:  <bug-217637-2472-m5iLBBFLKO@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-217637-2472@https.bugs.freebsd.org/bugzilla/>
References:  <bug-217637-2472@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D217637

--- Comment #40 from Sepherosa Ziehau <sepherosa@gmail.com> ---
(In reply to Michael Tuexen from comment #33)

I think the code that transit the FIN-WAIT-1 to CLOSED is this:
        /*
         * If new data are received on a connection after the
         * user processes are gone, then RST the other end.
         */
        if ((so->so_state & SS_NOFDREF) &&
            tp->t_state > TCPS_CLOSE_WAIT && tlen) {
                KASSERT(ti_locked =3D=3D TI_RLOCKED, ("%s: SS_NOFDEREF && "
                    "CLOSE_WAIT && tlen ti_locked %d", __func__, ti_locked)=
);
                INP_INFO_RLOCK_ASSERT(&V_tcbinfo);

                if ((s =3D tcp_log_addrs(inc, th, NULL, NULL))) {
                        log(LOG_DEBUG, "%s; %s: %s: Received %d bytes of da=
ta "
                            "after socket was closed, "
                            "sending RST and removing tcpcb\n",
                            s, __func__, tcpstates[tp->t_state], tlen);
                        free(s, M_TCPLOG);
                }
                tp =3D tcp_close(tp);
                TCPSTAT_INC(tcps_rcvafterclose);
                rstreason =3D BANDLIM_UNLIMITED;
                goto dropwithreset;
        }

I don't completely understand the background for the ->CLOSED transition he=
re.
RFC 793 on page 36 seems to say:

    If an incoming segment has a security level, or compartment, or
    precedence which does not exactly match the level, and compartment,
    and precedence requested for the connection,a reset is sent and
    connection goes to the CLOSED state.  The reset takes its sequence
    number from the ACK field of the incoming segment.

I don't think we actually implemented any security
level/compartment/precedence.  So do we really need to do the ->CLOSED
transition here?

Thanks,
sephe

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-217637-2472-m5iLBBFLKO>