system/linux
system/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux synced 2024-11-05 18:23:50 +00:00
Code Issues Projects Releases Packages Wiki Activity
linux/net
History
Eric Dumazet 354e4aa391 tcp: RFC 5961 5.2 Blind Data Injection Attack Mitigation 
RFC 5961 5.2 [Blind Data Injection Attack].[Mitigation]

  All TCP stacks MAY implement the following mitigation.  TCP stacks
  that implement this mitigation MUST add an additional input check to
  any incoming segment.  The ACK value is considered acceptable only if
  it is in the range of ((SND.UNA - MAX.SND.WND) <= SEG.ACK <=
  SND.NXT).  All incoming segments whose ACK value doesn't satisfy the
  above condition MUST be discarded and an ACK sent back.

Move tcp_send_challenge_ack() before tcp_ack() to avoid a forward
declaration.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Neal Cardwell <ncardwell@google.com>
Cc: Yuchung Cheng <ycheng@google.com>
Cc: Jerry Chu <hkchu@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-10-22 14:29:06 -04:00
..
9p The following changes since commit 4cbe5a555f: 2012-10-12 09:59:23 +09:00
802
8021q vlan: allow to change type when no vlan device is hooked on netdev 2012-10-18 15:34:30 -04:00
appletalk
atm
ax25
batman-adv batman-adv: Fix potential broadcast BLA-duplicate-check race condition 2012-10-18 18:17:31 +02:00
bluetooth userns: Properly print bluetooth socket uids 2012-10-12 13:16:47 -07:00
bridge
caif
can
ceph Merge branch 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux 2012-10-14 13:39:34 -07:00
core net:dev: remove double indentical assignment in dev_change_net_namespace(). 2012-10-21 20:44:39 -04:00
dcb
dccp
decnet
dns_resolver Merge branch 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux 2012-10-14 13:39:34 -07:00
dsa
ethernet
ieee802154
ipv4 tcp: RFC 5961 5.2 Blind Data Injection Attack Mitigation 2012-10-22 14:29:06 -04:00
ipv6 ipv6: addrconf: fix /proc/net/if_inet6 2012-10-16 14:41:47 -04:00
ipx
irda
iucv
key
l2tp
lapb
llc
mac80211
mac802154
netfilter netfilter: xt_TEE: don't use destination address found in header 2012-10-17 11:00:31 +02:00
netlabel
netlink netlink: use kfree_rcu() in netlink_release() 2012-10-18 15:34:30 -04:00
netrom
nfc
openvswitch
packet
phonet
rds
rfkill
rose
rxrpc Merge branch 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux 2012-10-14 13:39:34 -07:00
sched pkt_sched: use ns_to_ktime() helper 2012-10-21 22:21:27 -04:00
sctp sctp: fix call to SCTP_CMD_PROCESS_SACK in sctp_cmd_interpreter() 2012-10-16 14:41:46 -04:00
sunrpc Merge branch 'for-3.7' of git://linux-nfs.org/~bfields/linux 2012-10-13 10:53:54 +09:00
tipc
unix
wanrouter
wimax
wireless
x25
xfrm
compat.c
Kconfig
Makefile
nonet.c
socket.c
sysctl_net.c