Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 27 Feb 2018 22:12:38 +0000 (UTC)
From:      Michael Tuexen <tuexen@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r330089 - head/sys/netinet
Message-ID:  <201802272212.w1RMCcfV049872@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: tuexen
Date: Tue Feb 27 22:12:38 2018
New Revision: 330089
URL: https://svnweb.freebsd.org/changeset/base/330089

Log:
  When checking the TCP fast cookie length, conststently also check
  for the minimum length.
  
  This fixes a bug where cookies of length 2 bytes (which is smaller
  than the minimum length of 4) is provided by the server.
  
  Sponsored by:	Netflix, Inc.

Modified:
  head/sys/netinet/tcp_fastopen.c

Modified: head/sys/netinet/tcp_fastopen.c
==============================================================================
--- head/sys/netinet/tcp_fastopen.c	Tue Feb 27 22:07:41 2018	(r330088)
+++ head/sys/netinet/tcp_fastopen.c	Tue Feb 27 22:12:38 2018	(r330089)
@@ -1071,7 +1071,8 @@ tcp_fastopen_ccache_create(struct tcp_fastopen_ccache_
 		cce->cce_server_ip.v6 = inc->inc6_faddr;
 	}
 	cce->server_port = inc->inc_fport;
-	if ((cookie_len <= TCP_FASTOPEN_MAX_COOKIE_LEN) &&
+	if ((cookie_len >= TCP_FASTOPEN_MIN_COOKIE_LEN) &&
+	    (cookie_len <= TCP_FASTOPEN_MAX_COOKIE_LEN) &&
 	    ((cookie_len & 0x1) == 0)) {
 		cce->server_mss = mss;
 		cce->cookie_len = cookie_len;

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201802272212.w1RMCcfV049872>