mirror of
https://github.com/freebsd/freebsd-src
synced 2024-09-24 02:34:59 +00:00
Killed the SYN_RECEIVED addition from rev 1.52. It results in legitimate
RST's being ignored, keeping a connection around until it times out, and thus has the opposite effect of what was intended (which is to make the system more robust to DoS attacks).
This commit is contained in:
parent
5611e231f1
commit
4281faf253
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=30052
|
@ -31,7 +31,7 @@
|
|||
* SUCH DAMAGE.
|
||||
*
|
||||
* @(#)tcp_input.c 8.12 (Berkeley) 5/24/95
|
||||
* $Id: tcp_input.c,v 1.61 1997/09/16 18:36:05 joerg Exp $
|
||||
* $Id: tcp_input.c,v 1.62 1997/09/30 16:38:09 fenner Exp $
|
||||
*/
|
||||
|
||||
#include "opt_tcpdebug.h"
|
||||
|
@ -752,8 +752,6 @@ tcp_input(m, iphlen)
|
|||
}
|
||||
|
||||
/*
|
||||
* If the state is SYN_RECEIVED:
|
||||
* do just the ack and RST checks from SYN_SENT state.
|
||||
* If the state is SYN_SENT:
|
||||
* if seg contains an ACK, but not for our SYN, drop the input.
|
||||
* if seg contains a RST, then drop the connection.
|
||||
|
@ -765,7 +763,6 @@ tcp_input(m, iphlen)
|
|||
* arrange for segment to be acked (eventually)
|
||||
* continue processing rest of data/controls, beginning with URG
|
||||
*/
|
||||
case TCPS_SYN_RECEIVED:
|
||||
case TCPS_SYN_SENT:
|
||||
if ((taop = tcp_gettaocache(inp)) == NULL) {
|
||||
taop = &tao_noncached;
|
||||
|
@ -793,8 +790,6 @@ tcp_input(m, iphlen)
|
|||
tp = tcp_drop(tp, ECONNREFUSED);
|
||||
goto drop;
|
||||
}
|
||||
if (tp->t_state == TCPS_SYN_RECEIVED)
|
||||
break;
|
||||
if ((tiflags & TH_SYN) == 0)
|
||||
goto drop;
|
||||
tp->snd_wnd = ti->ti_win; /* initial send window */
|
||||
|
|
|
@ -31,7 +31,7 @@
|
|||
* SUCH DAMAGE.
|
||||
*
|
||||
* @(#)tcp_input.c 8.12 (Berkeley) 5/24/95
|
||||
* $Id: tcp_input.c,v 1.61 1997/09/16 18:36:05 joerg Exp $
|
||||
* $Id: tcp_input.c,v 1.62 1997/09/30 16:38:09 fenner Exp $
|
||||
*/
|
||||
|
||||
#include "opt_tcpdebug.h"
|
||||
|
@ -752,8 +752,6 @@ tcp_input(m, iphlen)
|
|||
}
|
||||
|
||||
/*
|
||||
* If the state is SYN_RECEIVED:
|
||||
* do just the ack and RST checks from SYN_SENT state.
|
||||
* If the state is SYN_SENT:
|
||||
* if seg contains an ACK, but not for our SYN, drop the input.
|
||||
* if seg contains a RST, then drop the connection.
|
||||
|
@ -765,7 +763,6 @@ tcp_input(m, iphlen)
|
|||
* arrange for segment to be acked (eventually)
|
||||
* continue processing rest of data/controls, beginning with URG
|
||||
*/
|
||||
case TCPS_SYN_RECEIVED:
|
||||
case TCPS_SYN_SENT:
|
||||
if ((taop = tcp_gettaocache(inp)) == NULL) {
|
||||
taop = &tao_noncached;
|
||||
|
@ -793,8 +790,6 @@ tcp_input(m, iphlen)
|
|||
tp = tcp_drop(tp, ECONNREFUSED);
|
||||
goto drop;
|
||||
}
|
||||
if (tp->t_state == TCPS_SYN_RECEIVED)
|
||||
break;
|
||||
if ((tiflags & TH_SYN) == 0)
|
||||
goto drop;
|
||||
tp->snd_wnd = ti->ti_win; /* initial send window */
|
||||
|
|
Loading…
Reference in a new issue