system/freebsd-src
system/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src synced 2024-09-24 02:34:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Killed the SYN_RECEIVED addition from rev 1.52. It results in legitimate

Browse source 
RST's being ignored, keeping a connection around until it times out, and
thus has the opposite effect of what was intended (which is to make the
system more robust to DoS attacks).
This commit is contained in:
David Greenman 1997-10-02 02:10:40 +00:00
parent 5611e231f1
commit 4281faf253
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=30052
2 changed files with 2 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
sys/netinet/tcp_input.c
View file

@ -31,7 +31,7 @@
* SUCH DAMAGE.
*
* @(#)tcp_input.c 8.12 (Berkeley) 5/24/95
* $Id: tcp_input.c,v 1.61 1997/09/16 18:36:05 joerg Exp $
* $Id: tcp_input.c,v 1.62 1997/09/30 16:38:09 fenner Exp $
*/
#include "opt_tcpdebug.h"
@ -752,8 +752,6 @@ tcp_input(m, iphlen)
}
/*
* If the state is SYN_RECEIVED:
* do just the ack and RST checks from SYN_SENT state.
* If the state is SYN_SENT:
* if seg contains an ACK, but not for our SYN, drop the input.
* if seg contains a RST, then drop the connection.
@ -765,7 +763,6 @@ tcp_input(m, iphlen)
* arrange for segment to be acked (eventually)
* continue processing rest of data/controls, beginning with URG
*/
case TCPS_SYN_RECEIVED:
case TCPS_SYN_SENT:
if ((taop = tcp_gettaocache(inp)) == NULL) {
taop = &tao_noncached;
@ -793,8 +790,6 @@ tcp_input(m, iphlen)
tp = tcp_drop(tp, ECONNREFUSED);
goto drop;
}
if (tp->t_state == TCPS_SYN_RECEIVED)
break;
if ((tiflags & TH_SYN) == 0)
goto drop;
tp->snd_wnd = ti->ti_win; /* initial send window */

7
sys/netinet/tcp_reass.c
View file

@ -31,7 +31,7 @@
* SUCH DAMAGE.
*
* @(#)tcp_input.c 8.12 (Berkeley) 5/24/95
* $Id: tcp_input.c,v 1.61 1997/09/16 18:36:05 joerg Exp $
* $Id: tcp_input.c,v 1.62 1997/09/30 16:38:09 fenner Exp $
*/
#include "opt_tcpdebug.h"
@ -752,8 +752,6 @@ tcp_input(m, iphlen)
}
/*
* If the state is SYN_RECEIVED:
* do just the ack and RST checks from SYN_SENT state.
* If the state is SYN_SENT:
* if seg contains an ACK, but not for our SYN, drop the input.
* if seg contains a RST, then drop the connection.
@ -765,7 +763,6 @@ tcp_input(m, iphlen)
* arrange for segment to be acked (eventually)
* continue processing rest of data/controls, beginning with URG
*/
case TCPS_SYN_RECEIVED:
case TCPS_SYN_SENT:
if ((taop = tcp_gettaocache(inp)) == NULL) {
taop = &tao_noncached;
@ -793,8 +790,6 @@ tcp_input(m, iphlen)
tp = tcp_drop(tp, ECONNREFUSED);
goto drop;
}
if (tp->t_state == TCPS_SYN_RECEIVED)
break;
if ((tiflags & TH_SYN) == 0)
goto drop;
tp->snd_wnd = ti->ti_win; /* initial send window */