system/freebsd-src
system/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src synced 2024-07-24 03:37:16 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

When checking the TCP fast cookie length, conststently also check

Browse source 
for the minimum length.

This fixes a bug where cookies of length 2 bytes (which is smaller
than the minimum length of 4) is provided by the server.

Sponsored by:	Netflix, Inc.
This commit is contained in:
Michael Tuexen 2018-02-27 22:12:38 +00:00
parent fb7275bedb
commit 1c714531e8
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=330089
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
sys/netinet/tcp_fastopen.c
View file

@ -1071,7 +1071,8 @@ tcp_fastopen_ccache_create(struct tcp_fastopen_ccache_bucket *ccb,
cce->cce_server_ip.v6 = inc->inc6_faddr;
}
cce->server_port = inc->inc_fport;
if ((cookie_len <= TCP_FASTOPEN_MAX_COOKIE_LEN) &&
if ((cookie_len >= TCP_FASTOPEN_MIN_COOKIE_LEN) &&
(cookie_len <= TCP_FASTOPEN_MAX_COOKIE_LEN) &&
((cookie_len & 0x1) == 0)) {
cce->server_mss = mss;
cce->cookie_len = cookie_len;