tcp_input.c (86744) | tcp_input.c (86764) |
---|---|
1/* 2 * Copyright (c) 1982, 1986, 1988, 1990, 1993, 1994, 1995 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 17 unchanged lines hidden (view full) --- 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)tcp_input.c 8.12 (Berkeley) 5/24/95 | 1/* 2 * Copyright (c) 1982, 1986, 1988, 1990, 1993, 1994, 1995 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 17 unchanged lines hidden (view full) --- 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)tcp_input.c 8.12 (Berkeley) 5/24/95 |
34 * $FreeBSD: head/sys/netinet/tcp_input.c 86744 2001-11-21 18:45:51Z jlemon $ | 34 * $FreeBSD: head/sys/netinet/tcp_input.c 86764 2001-11-22 04:50:44Z jlemon $ |
35 */ 36 37#include "opt_ipfw.h" /* for ipfw_fwd */ 38#include "opt_inet6.h" 39#include "opt_ipsec.h" 40#include "opt_tcpdebug.h" 41#include "opt_tcp_input.h" 42 --- 72 unchanged lines hidden (view full) --- 115SYSCTL_INT(_net_inet_tcp, OID_AUTO, blackhole, CTLFLAG_RW, 116 &blackhole, 0, "Do not send RST when dropping refused connections"); 117 118int tcp_delack_enabled = 1; 119SYSCTL_INT(_net_inet_tcp, OID_AUTO, delayed_ack, CTLFLAG_RW, 120 &tcp_delack_enabled, 0, 121 "Delay ACK to try and piggyback it onto a data packet"); 122 | 35 */ 36 37#include "opt_ipfw.h" /* for ipfw_fwd */ 38#include "opt_inet6.h" 39#include "opt_ipsec.h" 40#include "opt_tcpdebug.h" 41#include "opt_tcp_input.h" 42 --- 72 unchanged lines hidden (view full) --- 115SYSCTL_INT(_net_inet_tcp, OID_AUTO, blackhole, CTLFLAG_RW, 116 &blackhole, 0, "Do not send RST when dropping refused connections"); 117 118int tcp_delack_enabled = 1; 119SYSCTL_INT(_net_inet_tcp, OID_AUTO, delayed_ack, CTLFLAG_RW, 120 &tcp_delack_enabled, 0, 121 "Delay ACK to try and piggyback it onto a data packet"); 122 |
123int tcp_lq_overflow = 1; 124SYSCTL_INT(_net_inet_tcp, OID_AUTO, tcp_lq_overflow, CTLFLAG_RW, 125 &tcp_lq_overflow, 0, 126 "Listen Queue Overflow"); 127 | |
128#ifdef TCP_DROP_SYNFIN 129static int drop_synfin = 0; 130SYSCTL_INT(_net_inet_tcp, OID_AUTO, drop_synfin, CTLFLAG_RW, 131 &drop_synfin, 0, "Drop TCP packets with SYN+FIN set"); 132#endif 133 134struct inpcbhead tcb; 135#define tcb6 tcb /* for KAME src sync over BSD*'s */ 136struct inpcbinfo tcbinfo; 137 | 123#ifdef TCP_DROP_SYNFIN 124static int drop_synfin = 0; 125SYSCTL_INT(_net_inet_tcp, OID_AUTO, drop_synfin, CTLFLAG_RW, 126 &drop_synfin, 0, "Drop TCP packets with SYN+FIN set"); 127#endif 128 129struct inpcbhead tcb; 130#define tcb6 tcb /* for KAME src sync over BSD*'s */ 131struct inpcbinfo tcbinfo; 132 |
138static void tcp_dooptions __P((struct tcpcb *, 139 u_char *, int, struct tcphdr *, struct tcpopt *)); | 133static void tcp_dooptions __P((struct tcpopt *, u_char *, int, int)); |
140static void tcp_pulloutofband __P((struct socket *, | 134static void tcp_pulloutofband __P((struct socket *, |
141 struct tcphdr *, struct mbuf *, int)); | 135 struct tcphdr *, struct mbuf *, int)); |
142static int tcp_reass __P((struct tcpcb *, struct tcphdr *, int *, 143 struct mbuf *)); 144static void tcp_xmit_timer __P((struct tcpcb *, int)); 145static int tcp_newreno __P((struct tcpcb *, struct tcphdr *)); 146 147/* Neighbor Discovery, Neighbor Unreachability Detection Upper layer hint. */ 148#ifdef INET6 149#define ND6_HINT(tp) \ --- 189 unchanged lines hidden (view full) --- 339 u_char *optp = NULL; 340 int optlen = 0; 341 int len, tlen, off; 342 int drop_hdrlen; 343 register struct tcpcb *tp = 0; 344 register int thflags; 345 struct socket *so = 0; 346 int todrop, acked, ourfinisacked, needoutput = 0; | 136static int tcp_reass __P((struct tcpcb *, struct tcphdr *, int *, 137 struct mbuf *)); 138static void tcp_xmit_timer __P((struct tcpcb *, int)); 139static int tcp_newreno __P((struct tcpcb *, struct tcphdr *)); 140 141/* Neighbor Discovery, Neighbor Unreachability Detection Upper layer hint. */ 142#ifdef INET6 143#define ND6_HINT(tp) \ --- 189 unchanged lines hidden (view full) --- 333 u_char *optp = NULL; 334 int optlen = 0; 335 int len, tlen, off; 336 int drop_hdrlen; 337 register struct tcpcb *tp = 0; 338 register int thflags; 339 struct socket *so = 0; 340 int todrop, acked, ourfinisacked, needoutput = 0; |
347 struct in_addr laddr; 348#ifdef INET6 349 struct in6_addr laddr6; 350#endif 351 int dropsocket = 0; | |
352 int iss = 0; 353 u_long tiwin; 354 struct tcpopt to; /* options in this segment */ 355 struct rmxp_tao *taop; /* pointer to our TAO cache entry */ 356 struct rmxp_tao tao_noncached; /* in case there's no cached entry */ 357#ifdef TCPDEBUG 358 short ostate = 0; 359#endif --- 278 unchanged lines hidden (view full) --- 638 /* Unscale the window into a 32-bit value. */ 639 if ((thflags & TH_SYN) == 0) 640 tiwin = th->th_win << tp->snd_scale; 641 else 642 tiwin = th->th_win; 643 644 so = inp->inp_socket; 645 if (so->so_options & (SO_DEBUG|SO_ACCEPTCONN)) { | 341 int iss = 0; 342 u_long tiwin; 343 struct tcpopt to; /* options in this segment */ 344 struct rmxp_tao *taop; /* pointer to our TAO cache entry */ 345 struct rmxp_tao tao_noncached; /* in case there's no cached entry */ 346#ifdef TCPDEBUG 347 short ostate = 0; 348#endif --- 278 unchanged lines hidden (view full) --- 627 /* Unscale the window into a 32-bit value. */ 628 if ((thflags & TH_SYN) == 0) 629 tiwin = th->th_win << tp->snd_scale; 630 else 631 tiwin = th->th_win; 632 633 so = inp->inp_socket; 634 if (so->so_options & (SO_DEBUG|SO_ACCEPTCONN)) { |
635 struct in_conninfo inc; |
|
646#ifdef TCPDEBUG 647 if (so->so_options & SO_DEBUG) { 648 ostate = tp->t_state; 649#ifdef INET6 650 if (isipv6) 651 bcopy((char *)ip6, (char *)tcp_saveipgen, 652 sizeof(*ip6)); 653 else 654#endif /* INET6 */ 655 bcopy((char *)ip, (char *)tcp_saveipgen, sizeof(*ip)); 656 tcp_savetcp = *th; 657 } 658#endif | 636#ifdef TCPDEBUG 637 if (so->so_options & SO_DEBUG) { 638 ostate = tp->t_state; 639#ifdef INET6 640 if (isipv6) 641 bcopy((char *)ip6, (char *)tcp_saveipgen, 642 sizeof(*ip6)); 643 else 644#endif /* INET6 */ 645 bcopy((char *)ip, (char *)tcp_saveipgen, sizeof(*ip)); 646 tcp_savetcp = *th; 647 } 648#endif |
659 if (so->so_options & SO_ACCEPTCONN) { 660 register struct tcpcb *tp0 = tp; 661 struct socket *so2; 662#ifdef IPSEC 663 struct socket *oso; 664#endif | 649 /* skip if this isn't a listen socket */ 650 if ((so->so_options & SO_ACCEPTCONN) == 0) 651 goto after_listen; |
665#ifdef INET6 | 652#ifdef INET6 |
666 struct inpcb *oinp = sotoinpcb(so); | 653 inc.inc_isipv6 = isipv6; 654 if (isipv6) { 655 inc.inc6_faddr = ip6->ip6_src; 656 inc.inc6_laddr = ip6->ip6_dst; 657 inc.inc6_route.ro_rt = NULL; /* XXX */ 658 659 } else |
667#endif /* INET6 */ | 660#endif /* INET6 */ |
661 { 662 inc.inc_faddr = ip->ip_src; 663 inc.inc_laddr = ip->ip_dst; 664 inc.inc_route.ro_rt = NULL; /* XXX */ 665 } 666 inc.inc_fport = th->th_sport; 667 inc.inc_lport = th->th_dport; |
|
668 | 668 |
669#ifndef IPSEC 670 /* 671 * Current IPsec implementation makes incorrect IPsec 672 * cache if this check is done here. 673 * So delay this until duplicated socket is created. 674 */ 675 if ((thflags & (TH_RST|TH_ACK|TH_SYN)) != TH_SYN) { 676 /* 677 * Note: dropwithreset makes sure we don't 678 * send a RST in response to a RST. 679 */ 680 if (thflags & TH_ACK) { | 669 /* 670 * If the state is LISTEN then ignore segment if it contains 671 * a RST. If the segment contains an ACK then it is bad and 672 * send a RST. If it does not contain a SYN then it is not 673 * interesting; drop it. 674 * 675 * If the state is SYN_RECEIVED (syncache) and seg contains 676 * an ACK, but not for our SYN/ACK, send a RST. If the seg 677 * contains a RST, check the sequence number to see if it 678 * is a valid reset segment. 679 */ 680 if ((thflags & (TH_RST|TH_ACK|TH_SYN)) != TH_SYN) { 681 if ((thflags & (TH_RST|TH_ACK|TH_SYN)) == TH_ACK) { 682 if (!syncache_expand(&inc, th, &so, m)) { 683 /* 684 * No syncache entry, or ACK was not 685 * for our SYN/ACK. Send a RST. 686 */ |
681 tcpstat.tcps_badsyn++; 682 rstreason = BANDLIM_RST_OPENPORT; 683 goto dropwithreset; 684 } | 687 tcpstat.tcps_badsyn++; 688 rstreason = BANDLIM_RST_OPENPORT; 689 goto dropwithreset; 690 } |
691 if (so == NULL) 692 /* 693 * Could not complete 3-way handshake, 694 * connection is being closed down, and 695 * syncache will free mbuf. 696 */ 697 return; 698 /* 699 * Socket is created in state SYN_RECEIVED. 700 * Continue processing segment. 701 */ 702 inp = sotoinpcb(so); 703 tp = intotcpcb(inp); 704 /* 705 * This is what would have happened in 706 * tcp_ouput() when the SYN,ACK was sent. 707 */ 708 tp->snd_up = tp->snd_una; 709 tp->snd_max = tp->snd_nxt = tp->iss + 1; 710 tp->last_ack_sent = tp->rcv_nxt; 711/* 712 * XXX possible bug - it doesn't appear that tp->snd_wnd is unscaled 713 * until the _second_ ACK is received: 714 * rcv SYN (set wscale opts) --> send SYN/ACK, set snd_wnd = window. 715 * rcv ACK, calculate tiwin --> process SYN_RECEIVED, determine wscale, 716 * move to ESTAB, set snd_wnd to tiwin. 717 */ 718 tp->snd_wnd = tiwin; /* unscaled */ 719 goto after_listen; 720 } 721 if (thflags & TH_RST) { 722 syncache_chkrst(&inc, th); |
|
685 goto drop; 686 } | 723 goto drop; 724 } |
687#endif | 725 if (thflags & TH_ACK) { 726 syncache_badack(&inc); 727 tcpstat.tcps_badsyn++; 728 rstreason = BANDLIM_RST_OPENPORT; 729 goto dropwithreset; 730 } 731 goto drop; 732 } |
688 | 733 |
734 /* 735 * Segment's flags are (SYN) or (SYN|FIN). 736 */ |
|
689#ifdef INET6 | 737#ifdef INET6 |
690 /* 691 * If deprecated address is forbidden, 692 * we do not accept SYN to deprecated interface 693 * address to prevent any new inbound connection from 694 * getting established. 695 * When we do not accept SYN, we send a TCP RST, 696 * with deprecated source address (instead of dropping 697 * it). We compromise it as it is much better for peer 698 * to send a RST, and RST will be the final packet 699 * for the exchange. 700 * 701 * If we do not forbid deprecated addresses, we accept 702 * the SYN packet. RFC2462 does not suggest dropping 703 * SYN in this case. 704 * If we decipher RFC2462 5.5.4, it says like this: 705 * 1. use of deprecated addr with existing 706 * communication is okay - "SHOULD continue to be 707 * used" 708 * 2. use of it with new communication: 709 * (2a) "SHOULD NOT be used if alternate address 710 * with sufficient scope is available" 711 * (2b) nothing mentioned otherwise. 712 * Here we fall into (2b) case as we have no choice in 713 * our source address selection - we must obey the peer. 714 * 715 * The wording in RFC2462 is confusing, and there are 716 * multiple description text for deprecated address 717 * handling - worse, they are not exactly the same. 718 * I believe 5.5.4 is the best one, so we follow 5.5.4. 719 */ 720 if (isipv6 && !ip6_use_deprecated) { 721 struct in6_ifaddr *ia6; | 738 /* 739 * If deprecated address is forbidden, 740 * we do not accept SYN to deprecated interface 741 * address to prevent any new inbound connection from 742 * getting established. 743 * When we do not accept SYN, we send a TCP RST, 744 * with deprecated source address (instead of dropping 745 * it). We compromise it as it is much better for peer 746 * to send a RST, and RST will be the final packet 747 * for the exchange. 748 * 749 * If we do not forbid deprecated addresses, we accept 750 * the SYN packet. RFC2462 does not suggest dropping 751 * SYN in this case. 752 * If we decipher RFC2462 5.5.4, it says like this: 753 * 1. use of deprecated addr with existing 754 * communication is okay - "SHOULD continue to be 755 * used" 756 * 2. use of it with new communication: 757 * (2a) "SHOULD NOT be used if alternate address 758 * with sufficient scope is available" 759 * (2b) nothing mentioned otherwise. 760 * Here we fall into (2b) case as we have no choice in 761 * our source address selection - we must obey the peer. 762 * 763 * The wording in RFC2462 is confusing, and there are 764 * multiple description text for deprecated address 765 * handling - worse, they are not exactly the same. 766 * I believe 5.5.4 is the best one, so we follow 5.5.4. 767 */ 768 if (isipv6 && !ip6_use_deprecated) { 769 struct in6_ifaddr *ia6; |
722 | 770 |
723 if ((ia6 = ip6_getdstifaddr(m)) && 724 (ia6->ia6_flags & IN6_IFF_DEPRECATED)) { 725 tp = NULL; 726 rstreason = BANDLIM_RST_OPENPORT; 727 goto dropwithreset; 728 } | 771 if ((ia6 = ip6_getdstifaddr(m)) && 772 (ia6->ia6_flags & IN6_IFF_DEPRECATED)) { 773 tp = NULL; 774 rstreason = BANDLIM_RST_OPENPORT; 775 goto dropwithreset; |
729 } | 776 } |
777 } |
|
730#endif | 778#endif |
731 732 so2 = sonewconn(so, 0); 733 if (so2 == 0) { 734 /* 735 * If we were unable to create a new socket 736 * for this SYN, we call sodropablereq to 737 * see if there are any other sockets we 738 * can kick out of the listen queue. If 739 * so, we'll silently drop the socket 740 * sodropablereq told us to drop and 741 * create a new one. 742 * 743 * If sodropablereq returns 0, we'll 744 * simply drop the incoming SYN, as we 745 * can not allocate a socket for it. 746 */ 747 tcpstat.tcps_listendrop++; 748 so2 = sodropablereq(so); 749 if (so2) { 750 if (tcp_lq_overflow) 751 sototcpcb(so2)->t_flags |= 752 TF_LQ_OVERFLOW; 753 tcp_close(sototcpcb(so2)); 754 so2 = sonewconn(so, 0); 755 } 756 if (!so2) 757 goto drop; 758 } 759#ifdef IPSEC 760 oso = so; 761#endif 762 so = so2; 763 /* 764 * This is ugly, but .... 765 * 766 * Mark socket as temporary until we're 767 * committed to keeping it. The code at 768 * ``drop'' and ``dropwithreset'' check the 769 * flag dropsocket to see if the temporary 770 * socket created here should be discarded. 771 * We mark the socket as discardable until 772 * we're committed to it below in TCPS_LISTEN. 773 */ 774 dropsocket++; 775 inp = (struct inpcb *)so->so_pcb; | 779 /* 780 * If it is from this socket, drop it, it must be forged. 781 * Don't bother responding if the destination was a broadcast. 782 */ 783 if (th->th_dport == th->th_sport) { |
776#ifdef INET6 | 784#ifdef INET6 |
777 if (isipv6) 778 inp->in6p_laddr = ip6->ip6_dst; 779 else { 780 inp->inp_vflag &= ~INP_IPV6; 781 inp->inp_vflag |= INP_IPV4; | 785 if (isipv6) { 786 if (IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, 787 &ip6->ip6_src)) 788 goto drop; 789 } else |
782#endif /* INET6 */ | 790#endif /* INET6 */ |
783 inp->inp_laddr = ip->ip_dst; | 791 if (ip->ip_dst.s_addr == ip->ip_src.s_addr) 792 goto drop; 793 } 794 /* 795 * RFC1122 4.2.3.10, p. 104: discard bcast/mcast SYN 796 * in_broadcast() should never return true on a received 797 * packet with M_BCAST not set. 798 * 799 * Packets with a multicast source address should also 800 * be discarded. 801 */ 802 if (m->m_flags & (M_BCAST|M_MCAST)) 803 goto drop; |
784#ifdef INET6 | 804#ifdef INET6 |
785 } 786#endif /* INET6 */ 787 inp->inp_lport = th->th_dport; 788 if (in_pcbinshash(inp) != 0) { | 805 if (isipv6) { 806 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) || 807 IN6_IS_ADDR_MULTICAST(&ip6->ip6_src)) 808 goto drop; 809 } else 810#endif 811 if (IN_MULTICAST(ntohl(ip->ip_dst.s_addr)) || 812 IN_MULTICAST(ntohl(ip->ip_src.s_addr)) || 813 ip->ip_src.s_addr == htonl(INADDR_BROADCAST)) 814 goto drop; 815 /* 816 * SYN appears to be valid; create compressed TCP state 817 * for syncache, or perform t/tcp connection. 818 */ 819 if (so->so_qlen <= so->so_qlimit) { 820 tcp_dooptions(&to, optp, optlen, 1); 821 if (!syncache_add(&inc, &to, th, &so, m)) 822 goto drop; 823 if (so == NULL) |
789 /* | 824 /* |
790 * Undo the assignments above if we failed to 791 * put the PCB on the hash lists. | 825 * Entry added to syncache, mbuf used to 826 * send SYN,ACK packet. |
792 */ | 827 */ |
793#ifdef INET6 794 if (isipv6) 795 inp->in6p_laddr = in6addr_any; 796 else 797#endif /* INET6 */ 798 inp->inp_laddr.s_addr = INADDR_ANY; 799 inp->inp_lport = 0; 800 goto drop; 801 } 802#ifdef IPSEC | 828 return; |
803 /* | 829 /* |
804 * To avoid creating incorrectly cached IPsec 805 * association, this is need to be done here. 806 * 807 * Subject: (KAME-snap 748) 808 * From: Wayne Knowles <w.knowles@niwa.cri.nz> 809 * ftp://ftp.kame.net/pub/mail-list/snap-users/748 | 830 * Segment passed TAO tests. |
810 */ | 831 */ |
811 if ((thflags & (TH_RST|TH_ACK|TH_SYN)) != TH_SYN) { 812 /* 813 * Note: dropwithreset makes sure we don't 814 * send a RST in response to a RST. 815 */ 816 if (thflags & TH_ACK) { 817 tcpstat.tcps_badsyn++; 818 rstreason = BANDLIM_RST_OPENPORT; 819 goto dropwithreset; 820 } 821 goto drop; 822 } | 832 inp = sotoinpcb(so); 833 tp = intotcpcb(inp); 834 tp->snd_wnd = tiwin; 835 tp->t_starttime = ticks; 836 tp->t_state = TCPS_ESTABLISHED; 837 838 /* 839 * If there is a FIN, or if there is data and the 840 * connection is local, then delay SYN,ACK(SYN) in 841 * the hope of piggy-backing it on a response 842 * segment. Otherwise must send ACK now in case 843 * the other side is slow starting. 844 */ 845 if (DELAY_ACK(tp) && ((thflags & TH_FIN) || 846 (tlen != 0 && 847#ifdef INET6 848 ((isipv6 && in6_localaddr(&inp->in6p_faddr)) 849 || 850 (!isipv6 && |
823#endif | 851#endif |
852 in_localaddr(inp->inp_faddr) |
|
824#ifdef INET6 | 853#ifdef INET6 |
825 if (isipv6) { 826 /* 827 * Inherit socket options from the listening 828 * socket. 829 * Note that in6p_inputopts are not (even 830 * should not be) copied, since it stores 831 * previously received options and is used to 832 * detect if each new option is different than 833 * the previous one and hence should be passed 834 * to a user. 835 * If we copied in6p_inputopts, a user would 836 * not be able to receive options just after 837 * calling the accept system call. 838 */ 839 inp->inp_flags |= 840 oinp->inp_flags & INP_CONTROLOPTS; 841 if (oinp->in6p_outputopts) 842 inp->in6p_outputopts = 843 ip6_copypktopts(oinp->in6p_outputopts, 844 M_NOWAIT); 845 } else 846#endif /* INET6 */ 847 inp->inp_options = ip_srcroute(); 848#ifdef IPSEC 849 /* copy old policy into new socket's */ 850 if (ipsec_copy_policy(sotoinpcb(oso)->inp_sp, 851 inp->inp_sp)) 852 printf("tcp_input: could not copy policy\n"); | 854 )) |
853#endif | 855#endif |
854 tp = intotcpcb(inp); 855 tp->t_state = TCPS_LISTEN; 856 tp->t_flags |= tp0->t_flags & (TF_NOPUSH|TF_NOOPT); | 856 ))) { 857 callout_reset(tp->tt_delack, tcp_delacktime, 858 tcp_timer_delack, tp); 859 tp->t_flags |= TF_NEEDSYN; 860 } else 861 tp->t_flags |= (TF_ACKNOW | TF_NEEDSYN); |
857 | 862 |
858 /* Compute proper scaling value from buffer space */ 859 while (tp->request_r_scale < TCP_MAX_WINSHIFT && 860 TCP_MAXWIN << tp->request_r_scale < 861 so->so_rcv.sb_hiwat) 862 tp->request_r_scale++; | 863 tcpstat.tcps_connects++; 864 soisconnected(so); 865 goto trimthenstep6; |
863 } | 866 } |
867 goto drop; |
|
864 } | 868 } |
869after_listen: |
|
865 | 870 |
871/* XXX temp debugging */ 872 /* should not happen - syncache should pick up these connections */ 873 if (tp->t_state == TCPS_LISTEN) 874 panic("tcp_input: TCPS_LISTEN"); 875 |
|
866 /* 867 * Segment received on connection. 868 * Reset idle time and keep-alive timer. 869 */ 870 tp->t_rcvtime = ticks; 871 if (TCPS_HAVEESTABLISHED(tp->t_state)) 872 callout_reset(tp->tt_keep, tcp_keepidle, tcp_timer_keep, tp); 873 874 /* | 876 /* 877 * Segment received on connection. 878 * Reset idle time and keep-alive timer. 879 */ 880 tp->t_rcvtime = ticks; 881 if (TCPS_HAVEESTABLISHED(tp->t_state)) 882 callout_reset(tp->tt_keep, tcp_keepidle, tcp_timer_keep, tp); 883 884 /* |
875 * Process options if not in LISTEN state, 876 * else do it below (after getting remote address). | 885 * Process options. 886 * XXX this is tradtitional behavior, may need to be cleaned up. |
877 */ | 887 */ |
878 if (tp->t_state != TCPS_LISTEN) 879 tcp_dooptions(tp, optp, optlen, th, &to); | 888 tcp_dooptions(&to, optp, optlen, thflags & TH_SYN); 889 if (thflags & TH_SYN) { 890 if (to.to_flags & TOF_SCALE) { 891 tp->t_flags |= TF_RCVD_SCALE; 892 tp->requested_s_scale = to.to_requested_s_scale; 893 } 894 if (to.to_flags & TOF_TS) { 895 tp->t_flags |= TF_RCVD_TSTMP; 896 tp->ts_recent = to.to_tsval; 897 tp->ts_recent_age = ticks; 898 } 899 if (to.to_flags & (TOF_CC|TOF_CCNEW)) 900 tp->t_flags |= TF_RCVD_CC; 901 if (to.to_flags & TOF_MSS) 902 tcp_mss(tp, to.to_mss); 903 } |
880 881 /* 882 * Header prediction: check for the two common cases 883 * of a uni-directional data xfer. If the packet has 884 * no control flags, is in-sequence, the window didn't 885 * change and we're not retransmitting, it's a 886 * candidate. If the length is zero and the ack moved 887 * forward, we're the sender side of the xfer. Just --- 5 unchanged lines hidden (view full) --- 893 * the socket buffer and note that we need a delayed ack. 894 * Make sure that the hidden state-flags are also off. 895 * Since we check for TCPS_ESTABLISHED above, it can only 896 * be TH_NEEDSYN. 897 */ 898 if (tp->t_state == TCPS_ESTABLISHED && 899 (thflags & (TH_SYN|TH_FIN|TH_RST|TH_URG|TH_ACK)) == TH_ACK && 900 ((tp->t_flags & (TF_NEEDSYN|TF_NEEDFIN)) == 0) && | 904 905 /* 906 * Header prediction: check for the two common cases 907 * of a uni-directional data xfer. If the packet has 908 * no control flags, is in-sequence, the window didn't 909 * change and we're not retransmitting, it's a 910 * candidate. If the length is zero and the ack moved 911 * forward, we're the sender side of the xfer. Just --- 5 unchanged lines hidden (view full) --- 917 * the socket buffer and note that we need a delayed ack. 918 * Make sure that the hidden state-flags are also off. 919 * Since we check for TCPS_ESTABLISHED above, it can only 920 * be TH_NEEDSYN. 921 */ 922 if (tp->t_state == TCPS_ESTABLISHED && 923 (thflags & (TH_SYN|TH_FIN|TH_RST|TH_URG|TH_ACK)) == TH_ACK && 924 ((tp->t_flags & (TF_NEEDSYN|TF_NEEDFIN)) == 0) && |
901 ((to.to_flag & TOF_TS) == 0 || | 925 ((to.to_flags & TOF_TS) == 0 || |
902 TSTMP_GEQ(to.to_tsval, tp->ts_recent)) && 903 /* 904 * Using the CC option is compulsory if once started: 905 * the segment is OK if no T/TCP was negotiated or 906 * if the segment has a CC option equal to CCrecv 907 */ 908 ((tp->t_flags & (TF_REQ_CC|TF_RCVD_CC)) != (TF_REQ_CC|TF_RCVD_CC) || | 926 TSTMP_GEQ(to.to_tsval, tp->ts_recent)) && 927 /* 928 * Using the CC option is compulsory if once started: 929 * the segment is OK if no T/TCP was negotiated or 930 * if the segment has a CC option equal to CCrecv 931 */ 932 ((tp->t_flags & (TF_REQ_CC|TF_RCVD_CC)) != (TF_REQ_CC|TF_RCVD_CC) || |
909 ((to.to_flag & TOF_CC) != 0 && to.to_cc == tp->cc_recv)) && | 933 ((to.to_flags & TOF_CC) != 0 && to.to_cc == tp->cc_recv)) && |
910 th->th_seq == tp->rcv_nxt && 911 tiwin && tiwin == tp->snd_wnd && 912 tp->snd_nxt == tp->snd_max) { 913 914 /* 915 * If last ACK falls within this segment's sequence numbers, 916 * record the timestamp. 917 * NOTE that the test is modified according to the latest 918 * proposal of the tcplw@cray.com list (Braden 1993/04/26). 919 */ | 934 th->th_seq == tp->rcv_nxt && 935 tiwin && tiwin == tp->snd_wnd && 936 tp->snd_nxt == tp->snd_max) { 937 938 /* 939 * If last ACK falls within this segment's sequence numbers, 940 * record the timestamp. 941 * NOTE that the test is modified according to the latest 942 * proposal of the tcplw@cray.com list (Braden 1993/04/26). 943 */ |
920 if ((to.to_flag & TOF_TS) != 0 && | 944 if ((to.to_flags & TOF_TS) != 0 && |
921 SEQ_LEQ(th->th_seq, tp->last_ack_sent)) { 922 tp->ts_recent_age = ticks; 923 tp->ts_recent = to.to_tsval; 924 } 925 926 if (tlen == 0) { 927 if (SEQ_GT(th->th_ack, tp->snd_una) && 928 SEQ_LEQ(th->th_ack, tp->snd_max) && --- 9 unchanged lines hidden (view full) --- 938 if (tp->t_rxtshift == 1 && 939 ticks < tp->t_badrxtwin) { 940 tp->snd_cwnd = tp->snd_cwnd_prev; 941 tp->snd_ssthresh = 942 tp->snd_ssthresh_prev; 943 tp->snd_nxt = tp->snd_max; 944 tp->t_badrxtwin = 0; 945 } | 945 SEQ_LEQ(th->th_seq, tp->last_ack_sent)) { 946 tp->ts_recent_age = ticks; 947 tp->ts_recent = to.to_tsval; 948 } 949 950 if (tlen == 0) { 951 if (SEQ_GT(th->th_ack, tp->snd_una) && 952 SEQ_LEQ(th->th_ack, tp->snd_max) && --- 9 unchanged lines hidden (view full) --- 962 if (tp->t_rxtshift == 1 && 963 ticks < tp->t_badrxtwin) { 964 tp->snd_cwnd = tp->snd_cwnd_prev; 965 tp->snd_ssthresh = 966 tp->snd_ssthresh_prev; 967 tp->snd_nxt = tp->snd_max; 968 tp->t_badrxtwin = 0; 969 } |
946 if ((to.to_flag & TOF_TS) != 0) | 970 if ((to.to_flags & TOF_TS) != 0) |
947 tcp_xmit_timer(tp, 948 ticks - to.to_tsecr + 1); 949 else if (tp->t_rtttime && 950 SEQ_GT(th->th_ack, tp->t_rtseq)) 951 tcp_xmit_timer(tp, ticks - tp->t_rtttime); 952 acked = th->th_ack - tp->snd_una; 953 tcpstat.tcps_rcvackpack++; 954 tcpstat.tcps_rcvackbyte += acked; --- 65 unchanged lines hidden (view full) --- 1020 if (win < 0) 1021 win = 0; 1022 tp->rcv_wnd = imax(win, (int)(tp->rcv_adv - tp->rcv_nxt)); 1023 } 1024 1025 switch (tp->t_state) { 1026 1027 /* | 971 tcp_xmit_timer(tp, 972 ticks - to.to_tsecr + 1); 973 else if (tp->t_rtttime && 974 SEQ_GT(th->th_ack, tp->t_rtseq)) 975 tcp_xmit_timer(tp, ticks - tp->t_rtttime); 976 acked = th->th_ack - tp->snd_una; 977 tcpstat.tcps_rcvackpack++; 978 tcpstat.tcps_rcvackbyte += acked; --- 65 unchanged lines hidden (view full) --- 1044 if (win < 0) 1045 win = 0; 1046 tp->rcv_wnd = imax(win, (int)(tp->rcv_adv - tp->rcv_nxt)); 1047 } 1048 1049 switch (tp->t_state) { 1050 1051 /* |
1028 * If the state is LISTEN then ignore segment if it contains an RST. 1029 * If the segment contains an ACK then it is bad and send a RST. 1030 * If it does not contain a SYN then it is not interesting; drop it. 1031 * If it is from this socket, drop it, it must be forged. 1032 * Don't bother responding if the destination was a broadcast. 1033 * Otherwise initialize tp->rcv_nxt, and tp->irs, select an initial 1034 * tp->iss, and send a segment: 1035 * <SEQ=ISS><ACK=RCV_NXT><CTL=SYN,ACK> 1036 * Also initialize tp->snd_nxt to tp->iss+1 and tp->snd_una to tp->iss. 1037 * Fill in remote peer address fields if not previously specified. 1038 * Enter SYN_RECEIVED state, and process any other fields of this 1039 * segment in this state. 1040 */ 1041 case TCPS_LISTEN: { 1042 register struct sockaddr_in *sin; 1043#ifdef INET6 1044 register struct sockaddr_in6 *sin6; 1045#endif 1046 1047 if (thflags & TH_RST) 1048 goto drop; 1049 if (thflags & TH_ACK) { 1050 rstreason = BANDLIM_RST_OPENPORT; 1051 goto dropwithreset; 1052 } 1053 if ((thflags & TH_SYN) == 0) 1054 goto drop; 1055 if (th->th_dport == th->th_sport) { 1056#ifdef INET6 1057 if (isipv6) { 1058 if (IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, 1059 &ip6->ip6_src)) 1060 goto drop; 1061 } else 1062#endif /* INET6 */ 1063 if (ip->ip_dst.s_addr == ip->ip_src.s_addr) 1064 goto drop; 1065 } 1066 /* 1067 * RFC1122 4.2.3.10, p. 104: discard bcast/mcast SYN 1068 * in_broadcast() should never return true on a received 1069 * packet with M_BCAST not set. 1070 * 1071 * Packets with a multicast source address should also 1072 * be discarded. 1073 */ 1074 if (m->m_flags & (M_BCAST|M_MCAST)) 1075 goto drop; 1076#ifdef INET6 1077 if (isipv6) { 1078 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) || 1079 IN6_IS_ADDR_MULTICAST(&ip6->ip6_src)) 1080 goto drop; 1081 } else 1082#endif 1083 if (IN_MULTICAST(ntohl(ip->ip_dst.s_addr)) || 1084 IN_MULTICAST(ntohl(ip->ip_src.s_addr)) || 1085 ip->ip_src.s_addr == htonl(INADDR_BROADCAST)) 1086 goto drop; 1087#ifdef INET6 1088 if (isipv6) { 1089 MALLOC(sin6, struct sockaddr_in6 *, sizeof *sin6, 1090 M_SONAME, M_NOWAIT | M_ZERO); 1091 if (sin6 == NULL) 1092 goto drop; 1093 sin6->sin6_family = AF_INET6; 1094 sin6->sin6_len = sizeof(*sin6); 1095 sin6->sin6_addr = ip6->ip6_src; 1096 sin6->sin6_port = th->th_sport; 1097 laddr6 = inp->in6p_laddr; 1098 if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) 1099 inp->in6p_laddr = ip6->ip6_dst; 1100 if (in6_pcbconnect(inp, (struct sockaddr *)sin6, 1101 thread0)) { 1102 inp->in6p_laddr = laddr6; 1103 FREE(sin6, M_SONAME); 1104 goto drop; 1105 } 1106 FREE(sin6, M_SONAME); 1107 } else 1108#endif 1109 { 1110 MALLOC(sin, struct sockaddr_in *, sizeof *sin, M_SONAME, 1111 M_NOWAIT); 1112 if (sin == NULL) 1113 goto drop; 1114 sin->sin_family = AF_INET; 1115 sin->sin_len = sizeof(*sin); 1116 sin->sin_addr = ip->ip_src; 1117 sin->sin_port = th->th_sport; 1118 bzero((caddr_t)sin->sin_zero, sizeof(sin->sin_zero)); 1119 laddr = inp->inp_laddr; 1120 if (inp->inp_laddr.s_addr == INADDR_ANY) 1121 inp->inp_laddr = ip->ip_dst; 1122 if (in_pcbconnect(inp, (struct sockaddr *)sin, thread0)) { 1123 inp->inp_laddr = laddr; 1124 FREE(sin, M_SONAME); 1125 goto drop; 1126 } 1127 FREE(sin, M_SONAME); 1128 } 1129 if ((taop = tcp_gettaocache(inp)) == NULL) { 1130 taop = &tao_noncached; 1131 bzero(taop, sizeof(*taop)); 1132 } 1133 tcp_dooptions(tp, optp, optlen, th, &to); 1134 if (iss) 1135 tp->iss = iss; 1136 else { 1137 tp->iss = tcp_new_isn(tp); 1138 } 1139 tp->irs = th->th_seq; 1140 tcp_sendseqinit(tp); 1141 tcp_rcvseqinit(tp); 1142 /* 1143 * Initialization of the tcpcb for transaction; 1144 * set SND.WND = SEG.WND, 1145 * initialize CCsend and CCrecv. 1146 */ 1147 tp->snd_wnd = tiwin; /* initial send-window */ 1148 tp->cc_send = CC_INC(tcp_ccgen); 1149 tp->cc_recv = to.to_cc; 1150 /* 1151 * Perform TAO test on incoming CC (SEG.CC) option, if any. 1152 * - compare SEG.CC against cached CC from the same host, 1153 * if any. 1154 * - if SEG.CC > chached value, SYN must be new and is accepted 1155 * immediately: save new CC in the cache, mark the socket 1156 * connected, enter ESTABLISHED state, turn on flag to 1157 * send a SYN in the next segment. 1158 * A virtual advertised window is set in rcv_adv to 1159 * initialize SWS prevention. Then enter normal segment 1160 * processing: drop SYN, process data and FIN. 1161 * - otherwise do a normal 3-way handshake. 1162 */ 1163 if ((to.to_flag & TOF_CC) != 0) { 1164 if (((tp->t_flags & TF_NOPUSH) != 0) && 1165 taop->tao_cc != 0 && CC_GT(to.to_cc, taop->tao_cc)) { 1166 1167 taop->tao_cc = to.to_cc; 1168 tp->t_starttime = ticks; 1169 tp->t_state = TCPS_ESTABLISHED; 1170 1171 /* 1172 * If there is a FIN, or if there is data and the 1173 * connection is local, then delay SYN,ACK(SYN) in 1174 * the hope of piggy-backing it on a response 1175 * segment. Otherwise must send ACK now in case 1176 * the other side is slow starting. 1177 */ 1178 if (DELAY_ACK(tp) && ((thflags & TH_FIN) || 1179 (tlen != 0 && 1180#ifdef INET6 1181 ((isipv6 && in6_localaddr(&inp->in6p_faddr)) 1182 || 1183 (!isipv6 && 1184#endif 1185 in_localaddr(inp->inp_faddr) 1186#ifdef INET6 1187 )) 1188#endif 1189 ))) { 1190 callout_reset(tp->tt_delack, tcp_delacktime, 1191 tcp_timer_delack, tp); 1192 tp->t_flags |= TF_NEEDSYN; 1193 } else 1194 tp->t_flags |= (TF_ACKNOW | TF_NEEDSYN); 1195 1196 /* 1197 * Limit the `virtual advertised window' to TCP_MAXWIN 1198 * here. Even if we requested window scaling, it will 1199 * become effective only later when our SYN is acked. 1200 */ 1201 tp->rcv_adv += min(tp->rcv_wnd, TCP_MAXWIN); 1202 tcpstat.tcps_connects++; 1203 soisconnected(so); 1204 callout_reset(tp->tt_keep, tcp_keepinit, 1205 tcp_timer_keep, tp); 1206 dropsocket = 0; /* committed to socket */ 1207 tcpstat.tcps_accepts++; 1208 goto trimthenstep6; 1209 } 1210 /* else do standard 3-way handshake */ 1211 } else { 1212 /* 1213 * No CC option, but maybe CC.NEW: 1214 * invalidate cached value. 1215 */ 1216 taop->tao_cc = 0; 1217 } 1218 /* 1219 * TAO test failed or there was no CC option, 1220 * do a standard 3-way handshake. 1221 */ 1222 tp->t_flags |= TF_ACKNOW; 1223 tp->t_state = TCPS_SYN_RECEIVED; 1224 callout_reset(tp->tt_keep, tcp_keepinit, tcp_timer_keep, tp); 1225 dropsocket = 0; /* committed to socket */ 1226 tcpstat.tcps_accepts++; 1227 goto trimthenstep6; 1228 } 1229 1230 /* | |
1231 * If the state is SYN_RECEIVED: 1232 * if seg contains an ACK, but not for our SYN/ACK, send a RST. 1233 */ 1234 case TCPS_SYN_RECEIVED: 1235 if ((thflags & TH_ACK) && 1236 (SEQ_LEQ(th->th_ack, tp->snd_una) || 1237 SEQ_GT(th->th_ack, tp->snd_max))) { 1238 rstreason = BANDLIM_RST_OPENPORT; --- 9 unchanged lines hidden (view full) --- 1248 * Otherwise this is an acceptable SYN segment 1249 * initialize tp->rcv_nxt and tp->irs 1250 * if seg contains ack then advance tp->snd_una 1251 * if SYN has been acked change to ESTABLISHED else SYN_RCVD state 1252 * arrange for segment to be acked (eventually) 1253 * continue processing rest of data/controls, beginning with URG 1254 */ 1255 case TCPS_SYN_SENT: | 1052 * If the state is SYN_RECEIVED: 1053 * if seg contains an ACK, but not for our SYN/ACK, send a RST. 1054 */ 1055 case TCPS_SYN_RECEIVED: 1056 if ((thflags & TH_ACK) && 1057 (SEQ_LEQ(th->th_ack, tp->snd_una) || 1058 SEQ_GT(th->th_ack, tp->snd_max))) { 1059 rstreason = BANDLIM_RST_OPENPORT; --- 9 unchanged lines hidden (view full) --- 1069 * Otherwise this is an acceptable SYN segment 1070 * initialize tp->rcv_nxt and tp->irs 1071 * if seg contains ack then advance tp->snd_una 1072 * if SYN has been acked change to ESTABLISHED else SYN_RCVD state 1073 * arrange for segment to be acked (eventually) 1074 * continue processing rest of data/controls, beginning with URG 1075 */ 1076 case TCPS_SYN_SENT: |
1256 if ((taop = tcp_gettaocache(inp)) == NULL) { | 1077 if ((taop = tcp_gettaocache(&inp->inp_inc)) == NULL) { |
1257 taop = &tao_noncached; 1258 bzero(taop, sizeof(*taop)); 1259 } 1260 1261 if ((thflags & TH_ACK) && 1262 (SEQ_LEQ(th->th_ack, tp->iss) || 1263 SEQ_GT(th->th_ack, tp->snd_max))) { 1264 /* --- 27 unchanged lines hidden (view full) --- 1292 /* 1293 * Our SYN was acked. If segment contains CC.ECHO 1294 * option, check it to make sure this segment really 1295 * matches our SYN. If not, just drop it as old 1296 * duplicate, but send an RST if we're still playing 1297 * by the old rules. If no CC.ECHO option, make sure 1298 * we don't get fooled into using T/TCP. 1299 */ | 1078 taop = &tao_noncached; 1079 bzero(taop, sizeof(*taop)); 1080 } 1081 1082 if ((thflags & TH_ACK) && 1083 (SEQ_LEQ(th->th_ack, tp->iss) || 1084 SEQ_GT(th->th_ack, tp->snd_max))) { 1085 /* --- 27 unchanged lines hidden (view full) --- 1113 /* 1114 * Our SYN was acked. If segment contains CC.ECHO 1115 * option, check it to make sure this segment really 1116 * matches our SYN. If not, just drop it as old 1117 * duplicate, but send an RST if we're still playing 1118 * by the old rules. If no CC.ECHO option, make sure 1119 * we don't get fooled into using T/TCP. 1120 */ |
1300 if (to.to_flag & TOF_CCECHO) { | 1121 if (to.to_flags & TOF_CCECHO) { |
1301 if (tp->cc_send != to.to_ccecho) { 1302 if (taop->tao_ccsent != 0) 1303 goto drop; 1304 else { 1305 rstreason = BANDLIM_UNLIMITED; 1306 goto dropwithreset; 1307 } 1308 } --- 45 unchanged lines hidden (view full) --- 1354 * a cached CC, apply TAO test; if it succeeds, connection is 1355 * half-synchronized. Otherwise, do 3-way handshake: 1356 * SYN-SENT -> SYN-RECEIVED 1357 * SYN-SENT* -> SYN-RECEIVED* 1358 * If there was no CC option, clear cached CC value. 1359 */ 1360 tp->t_flags |= TF_ACKNOW; 1361 callout_stop(tp->tt_rexmt); | 1122 if (tp->cc_send != to.to_ccecho) { 1123 if (taop->tao_ccsent != 0) 1124 goto drop; 1125 else { 1126 rstreason = BANDLIM_UNLIMITED; 1127 goto dropwithreset; 1128 } 1129 } --- 45 unchanged lines hidden (view full) --- 1175 * a cached CC, apply TAO test; if it succeeds, connection is 1176 * half-synchronized. Otherwise, do 3-way handshake: 1177 * SYN-SENT -> SYN-RECEIVED 1178 * SYN-SENT* -> SYN-RECEIVED* 1179 * If there was no CC option, clear cached CC value. 1180 */ 1181 tp->t_flags |= TF_ACKNOW; 1182 callout_stop(tp->tt_rexmt); |
1362 if (to.to_flag & TOF_CC) { | 1183 if (to.to_flags & TOF_CC) { |
1363 if (taop->tao_cc != 0 && 1364 CC_GT(to.to_cc, taop->tao_cc)) { 1365 /* 1366 * update cache and make transition: 1367 * SYN-SENT -> ESTABLISHED* 1368 * SYN-SENT* -> FIN-WAIT-1* 1369 */ 1370 taop->tao_cc = to.to_cc; --- 58 unchanged lines hidden (view full) --- 1429 * 1430 * else must be old SYN; drop it. 1431 * else do normal processing. 1432 */ 1433 case TCPS_LAST_ACK: 1434 case TCPS_CLOSING: 1435 case TCPS_TIME_WAIT: 1436 if ((thflags & TH_SYN) && | 1184 if (taop->tao_cc != 0 && 1185 CC_GT(to.to_cc, taop->tao_cc)) { 1186 /* 1187 * update cache and make transition: 1188 * SYN-SENT -> ESTABLISHED* 1189 * SYN-SENT* -> FIN-WAIT-1* 1190 */ 1191 taop->tao_cc = to.to_cc; --- 58 unchanged lines hidden (view full) --- 1250 * 1251 * else must be old SYN; drop it. 1252 * else do normal processing. 1253 */ 1254 case TCPS_LAST_ACK: 1255 case TCPS_CLOSING: 1256 case TCPS_TIME_WAIT: 1257 if ((thflags & TH_SYN) && |
1437 (to.to_flag & TOF_CC) && tp->cc_recv != 0) { | 1258 (to.to_flags & TOF_CC) && tp->cc_recv != 0) { |
1438 if (tp->t_state == TCPS_TIME_WAIT && 1439 (ticks - tp->t_starttime) > tcp_msl) { 1440 rstreason = BANDLIM_UNLIMITED; 1441 goto dropwithreset; 1442 } 1443 if (CC_GT(to.to_cc, tp->cc_recv)) { 1444 tp = tcp_close(tp); 1445 goto findpcb; --- 91 unchanged lines hidden (view full) --- 1537 } 1538 goto drop; 1539 } 1540 1541 /* 1542 * RFC 1323 PAWS: If we have a timestamp reply on this segment 1543 * and it's less than ts_recent, drop it. 1544 */ | 1259 if (tp->t_state == TCPS_TIME_WAIT && 1260 (ticks - tp->t_starttime) > tcp_msl) { 1261 rstreason = BANDLIM_UNLIMITED; 1262 goto dropwithreset; 1263 } 1264 if (CC_GT(to.to_cc, tp->cc_recv)) { 1265 tp = tcp_close(tp); 1266 goto findpcb; --- 91 unchanged lines hidden (view full) --- 1358 } 1359 goto drop; 1360 } 1361 1362 /* 1363 * RFC 1323 PAWS: If we have a timestamp reply on this segment 1364 * and it's less than ts_recent, drop it. 1365 */ |
1545 if ((to.to_flag & TOF_TS) != 0 && tp->ts_recent && | 1366 if ((to.to_flags & TOF_TS) != 0 && tp->ts_recent && |
1546 TSTMP_LT(to.to_tsval, tp->ts_recent)) { 1547 1548 /* Check to see if ts_recent is over 24 days old. */ 1549 if ((int)(ticks - tp->ts_recent_age) > TCP_PAWS_IDLE) { 1550 /* 1551 * Invalidate ts_recent. If this segment updates 1552 * ts_recent, the age will be reset later and ts_recent 1553 * will get a valid value. If it does not, setting --- 15 unchanged lines hidden (view full) --- 1569 1570 /* 1571 * T/TCP mechanism 1572 * If T/TCP was negotiated and the segment doesn't have CC, 1573 * or if its CC is wrong then drop the segment. 1574 * RST segments do not have to comply with this. 1575 */ 1576 if ((tp->t_flags & (TF_REQ_CC|TF_RCVD_CC)) == (TF_REQ_CC|TF_RCVD_CC) && | 1367 TSTMP_LT(to.to_tsval, tp->ts_recent)) { 1368 1369 /* Check to see if ts_recent is over 24 days old. */ 1370 if ((int)(ticks - tp->ts_recent_age) > TCP_PAWS_IDLE) { 1371 /* 1372 * Invalidate ts_recent. If this segment updates 1373 * ts_recent, the age will be reset later and ts_recent 1374 * will get a valid value. If it does not, setting --- 15 unchanged lines hidden (view full) --- 1390 1391 /* 1392 * T/TCP mechanism 1393 * If T/TCP was negotiated and the segment doesn't have CC, 1394 * or if its CC is wrong then drop the segment. 1395 * RST segments do not have to comply with this. 1396 */ 1397 if ((tp->t_flags & (TF_REQ_CC|TF_RCVD_CC)) == (TF_REQ_CC|TF_RCVD_CC) && |
1577 ((to.to_flag & TOF_CC) == 0 || tp->cc_recv != to.to_cc)) | 1398 ((to.to_flags & TOF_CC) == 0 || tp->cc_recv != to.to_cc)) |
1578 goto dropafterack; 1579 1580 /* 1581 * In the SYN-RECEIVED state, validate that the packet belongs to 1582 * this connection before trimming the data to fit the receive 1583 * window. Check the sequence number versus IRS since we know 1584 * the sequence numbers haven't wrapped. This is a partial fix 1585 * for the "LAND" DoS attack. --- 103 unchanged lines hidden (view full) --- 1689 } 1690 1691 /* 1692 * If last ACK falls within this segment's sequence numbers, 1693 * record its timestamp. 1694 * NOTE that the test is modified according to the latest 1695 * proposal of the tcplw@cray.com list (Braden 1993/04/26). 1696 */ | 1399 goto dropafterack; 1400 1401 /* 1402 * In the SYN-RECEIVED state, validate that the packet belongs to 1403 * this connection before trimming the data to fit the receive 1404 * window. Check the sequence number versus IRS since we know 1405 * the sequence numbers haven't wrapped. This is a partial fix 1406 * for the "LAND" DoS attack. --- 103 unchanged lines hidden (view full) --- 1510 } 1511 1512 /* 1513 * If last ACK falls within this segment's sequence numbers, 1514 * record its timestamp. 1515 * NOTE that the test is modified according to the latest 1516 * proposal of the tcplw@cray.com list (Braden 1993/04/26). 1517 */ |
1697 if ((to.to_flag & TOF_TS) != 0 && | 1518 if ((to.to_flags & TOF_TS) != 0 && |
1698 SEQ_LEQ(th->th_seq, tp->last_ack_sent)) { 1699 tp->ts_recent_age = ticks; 1700 tp->ts_recent = to.to_tsval; 1701 } 1702 1703 /* 1704 * If a SYN is in the window, then this is an 1705 * error and we send an RST and drop the connection. --- 37 unchanged lines hidden (view full) --- 1743 tp->snd_scale = tp->requested_s_scale; 1744 tp->rcv_scale = tp->request_r_scale; 1745 } 1746 /* 1747 * Upon successful completion of 3-way handshake, 1748 * update cache.CC if it was undefined, pass any queued 1749 * data to the user, and advance state appropriately. 1750 */ | 1519 SEQ_LEQ(th->th_seq, tp->last_ack_sent)) { 1520 tp->ts_recent_age = ticks; 1521 tp->ts_recent = to.to_tsval; 1522 } 1523 1524 /* 1525 * If a SYN is in the window, then this is an 1526 * error and we send an RST and drop the connection. --- 37 unchanged lines hidden (view full) --- 1564 tp->snd_scale = tp->requested_s_scale; 1565 tp->rcv_scale = tp->request_r_scale; 1566 } 1567 /* 1568 * Upon successful completion of 3-way handshake, 1569 * update cache.CC if it was undefined, pass any queued 1570 * data to the user, and advance state appropriately. 1571 */ |
1751 if ((taop = tcp_gettaocache(inp)) != NULL && | 1572 if ((taop = tcp_gettaocache(&inp->inp_inc)) != NULL && |
1752 taop->tao_cc == 0) 1753 taop->tao_cc = tp->cc_recv; 1754 1755 /* 1756 * Make transitions: 1757 * SYN-RECEIVED -> ESTABLISHED 1758 * SYN-RECEIVED* -> FIN-WAIT-1 1759 */ --- 175 unchanged lines hidden (view full) --- 1935 * If we have a timestamp reply, update smoothed 1936 * round trip time. If no timestamp is present but 1937 * transmit timer is running and timed sequence 1938 * number was acked, update smoothed round trip time. 1939 * Since we now have an rtt measurement, cancel the 1940 * timer backoff (cf., Phil Karn's retransmit alg.). 1941 * Recompute the initial retransmit timer. 1942 */ | 1573 taop->tao_cc == 0) 1574 taop->tao_cc = tp->cc_recv; 1575 1576 /* 1577 * Make transitions: 1578 * SYN-RECEIVED -> ESTABLISHED 1579 * SYN-RECEIVED* -> FIN-WAIT-1 1580 */ --- 175 unchanged lines hidden (view full) --- 1756 * If we have a timestamp reply, update smoothed 1757 * round trip time. If no timestamp is present but 1758 * transmit timer is running and timed sequence 1759 * number was acked, update smoothed round trip time. 1760 * Since we now have an rtt measurement, cancel the 1761 * timer backoff (cf., Phil Karn's retransmit alg.). 1762 * Recompute the initial retransmit timer. 1763 */ |
1943 if (to.to_flag & TOF_TS) | 1764 if (to.to_flags & TOF_TS) |
1944 tcp_xmit_timer(tp, ticks - to.to_tsecr + 1); 1945 else if (tp->t_rtttime && SEQ_GT(th->th_ack, tp->t_rtseq)) 1946 tcp_xmit_timer(tp, ticks - tp->t_rtttime); 1947 1948 /* 1949 * If all outstanding data is acked, stop retransmit 1950 * timer and remember to restart (more output or persist). 1951 * If there is more data to be acked, restart retransmit --- 414 unchanged lines hidden (view full) --- 2366 TH_RST); 2367 else { 2368 if (thflags & TH_SYN) 2369 tlen++; 2370 /* mtod() below is safe as long as hdr dropping is delayed */ 2371 tcp_respond(tp, mtod(m, void *), th, m, th->th_seq+tlen, 2372 (tcp_seq)0, TH_RST|TH_ACK); 2373 } | 1765 tcp_xmit_timer(tp, ticks - to.to_tsecr + 1); 1766 else if (tp->t_rtttime && SEQ_GT(th->th_ack, tp->t_rtseq)) 1767 tcp_xmit_timer(tp, ticks - tp->t_rtttime); 1768 1769 /* 1770 * If all outstanding data is acked, stop retransmit 1771 * timer and remember to restart (more output or persist). 1772 * If there is more data to be acked, restart retransmit --- 414 unchanged lines hidden (view full) --- 2187 TH_RST); 2188 else { 2189 if (thflags & TH_SYN) 2190 tlen++; 2191 /* mtod() below is safe as long as hdr dropping is delayed */ 2192 tcp_respond(tp, mtod(m, void *), th, m, th->th_seq+tlen, 2193 (tcp_seq)0, TH_RST|TH_ACK); 2194 } |
2374 /* destroy temporarily created socket */ 2375 if (dropsocket) 2376 (void) soabort(so); | |
2377 return; 2378 2379drop: 2380 /* 2381 * Drop space held by incoming segment and return. 2382 */ 2383#ifdef TCPDEBUG 2384 if (tp == 0 || (tp->t_inpcb->inp_socket->so_options & SO_DEBUG)) 2385 tcp_trace(TA_DROP, ostate, tp, (void *)tcp_saveipgen, 2386 &tcp_savetcp, 0); 2387#endif 2388 m_freem(m); | 2195 return; 2196 2197drop: 2198 /* 2199 * Drop space held by incoming segment and return. 2200 */ 2201#ifdef TCPDEBUG 2202 if (tp == 0 || (tp->t_inpcb->inp_socket->so_options & SO_DEBUG)) 2203 tcp_trace(TA_DROP, ostate, tp, (void *)tcp_saveipgen, 2204 &tcp_savetcp, 0); 2205#endif 2206 m_freem(m); |
2389 /* destroy temporarily created socket */ 2390 if (dropsocket) 2391 (void) soabort(so); | |
2392 return; 2393} 2394 | 2207 return; 2208} 2209 |
2210/* 2211 * Parse TCP options and place in tcpopt. 2212 */ |
|
2395static void | 2213static void |
2396tcp_dooptions(tp, cp, cnt, th, to) 2397 struct tcpcb *tp; | 2214tcp_dooptions(to, cp, cnt, is_syn) 2215 struct tcpopt *to; |
2398 u_char *cp; 2399 int cnt; | 2216 u_char *cp; 2217 int cnt; |
2400 struct tcphdr *th; 2401 struct tcpopt *to; | |
2402{ | 2218{ |
2403 u_short mss = 0; | |
2404 int opt, optlen; 2405 | 2219 int opt, optlen; 2220 |
2221 to->to_flags = 0; |
|
2406 for (; cnt > 0; cnt -= optlen, cp += optlen) { 2407 opt = cp[0]; 2408 if (opt == TCPOPT_EOL) 2409 break; 2410 if (opt == TCPOPT_NOP) 2411 optlen = 1; 2412 else { 2413 if (cnt < 2) 2414 break; 2415 optlen = cp[1]; 2416 if (optlen < 2 || optlen > cnt) 2417 break; 2418 } 2419 switch (opt) { | 2222 for (; cnt > 0; cnt -= optlen, cp += optlen) { 2223 opt = cp[0]; 2224 if (opt == TCPOPT_EOL) 2225 break; 2226 if (opt == TCPOPT_NOP) 2227 optlen = 1; 2228 else { 2229 if (cnt < 2) 2230 break; 2231 optlen = cp[1]; 2232 if (optlen < 2 || optlen > cnt) 2233 break; 2234 } 2235 switch (opt) { |
2420 2421 default: 2422 continue; 2423 | |
2424 case TCPOPT_MAXSEG: 2425 if (optlen != TCPOLEN_MAXSEG) 2426 continue; | 2236 case TCPOPT_MAXSEG: 2237 if (optlen != TCPOLEN_MAXSEG) 2238 continue; |
2427 if (!(th->th_flags & TH_SYN)) | 2239 if (!is_syn) |
2428 continue; | 2240 continue; |
2429 bcopy((char *) cp + 2, (char *) &mss, sizeof(mss)); 2430 NTOHS(mss); | 2241 to->to_flags |= TOF_MSS; 2242 bcopy((char *)cp + 2, 2243 (char *)&to->to_mss, sizeof(to->to_mss)); 2244 NTOHS(to->to_mss); |
2431 break; | 2245 break; |
2432 | |
2433 case TCPOPT_WINDOW: 2434 if (optlen != TCPOLEN_WINDOW) 2435 continue; | 2246 case TCPOPT_WINDOW: 2247 if (optlen != TCPOLEN_WINDOW) 2248 continue; |
2436 if (!(th->th_flags & TH_SYN)) | 2249 if (! is_syn) |
2437 continue; | 2250 continue; |
2438 tp->t_flags |= TF_RCVD_SCALE; 2439 tp->requested_s_scale = min(cp[2], TCP_MAX_WINSHIFT); | 2251 to->to_flags |= TOF_SCALE; 2252 to->to_requested_s_scale = min(cp[2], TCP_MAX_WINSHIFT); |
2440 break; | 2253 break; |
2441 | |
2442 case TCPOPT_TIMESTAMP: 2443 if (optlen != TCPOLEN_TIMESTAMP) 2444 continue; | 2254 case TCPOPT_TIMESTAMP: 2255 if (optlen != TCPOLEN_TIMESTAMP) 2256 continue; |
2445 to->to_flag |= TOF_TS; | 2257 to->to_flags |= TOF_TS; |
2446 bcopy((char *)cp + 2, 2447 (char *)&to->to_tsval, sizeof(to->to_tsval)); 2448 NTOHL(to->to_tsval); 2449 bcopy((char *)cp + 6, 2450 (char *)&to->to_tsecr, sizeof(to->to_tsecr)); 2451 NTOHL(to->to_tsecr); | 2258 bcopy((char *)cp + 2, 2259 (char *)&to->to_tsval, sizeof(to->to_tsval)); 2260 NTOHL(to->to_tsval); 2261 bcopy((char *)cp + 6, 2262 (char *)&to->to_tsecr, sizeof(to->to_tsecr)); 2263 NTOHL(to->to_tsecr); |
2452 2453 /* 2454 * A timestamp received in a SYN makes 2455 * it ok to send timestamp requests and replies. 2456 */ 2457 if (th->th_flags & TH_SYN) { 2458 tp->t_flags |= TF_RCVD_TSTMP; 2459 tp->ts_recent = to->to_tsval; 2460 tp->ts_recent_age = ticks; 2461 } | |
2462 break; 2463 case TCPOPT_CC: 2464 if (optlen != TCPOLEN_CC) 2465 continue; | 2264 break; 2265 case TCPOPT_CC: 2266 if (optlen != TCPOLEN_CC) 2267 continue; |
2466 to->to_flag |= TOF_CC; | 2268 to->to_flags |= TOF_CC; |
2467 bcopy((char *)cp + 2, 2468 (char *)&to->to_cc, sizeof(to->to_cc)); 2469 NTOHL(to->to_cc); | 2269 bcopy((char *)cp + 2, 2270 (char *)&to->to_cc, sizeof(to->to_cc)); 2271 NTOHL(to->to_cc); |
2470 /* 2471 * A CC or CC.new option received in a SYN makes 2472 * it ok to send CC in subsequent segments. 2473 */ 2474 if (th->th_flags & TH_SYN) 2475 tp->t_flags |= TF_RCVD_CC; | |
2476 break; 2477 case TCPOPT_CCNEW: 2478 if (optlen != TCPOLEN_CC) 2479 continue; | 2272 break; 2273 case TCPOPT_CCNEW: 2274 if (optlen != TCPOLEN_CC) 2275 continue; |
2480 if (!(th->th_flags & TH_SYN)) | 2276 if (!is_syn) |
2481 continue; | 2277 continue; |
2482 to->to_flag |= TOF_CCNEW; | 2278 to->to_flags |= TOF_CCNEW; |
2483 bcopy((char *)cp + 2, 2484 (char *)&to->to_cc, sizeof(to->to_cc)); 2485 NTOHL(to->to_cc); | 2279 bcopy((char *)cp + 2, 2280 (char *)&to->to_cc, sizeof(to->to_cc)); 2281 NTOHL(to->to_cc); |
2486 /* 2487 * A CC or CC.new option received in a SYN makes 2488 * it ok to send CC in subsequent segments. 2489 */ 2490 tp->t_flags |= TF_RCVD_CC; | |
2491 break; 2492 case TCPOPT_CCECHO: 2493 if (optlen != TCPOLEN_CC) 2494 continue; | 2282 break; 2283 case TCPOPT_CCECHO: 2284 if (optlen != TCPOLEN_CC) 2285 continue; |
2495 if (!(th->th_flags & TH_SYN)) | 2286 if (!is_syn) |
2496 continue; | 2287 continue; |
2497 to->to_flag |= TOF_CCECHO; | 2288 to->to_flags |= TOF_CCECHO; |
2498 bcopy((char *)cp + 2, 2499 (char *)&to->to_ccecho, sizeof(to->to_ccecho)); 2500 NTOHL(to->to_ccecho); 2501 break; | 2289 bcopy((char *)cp + 2, 2290 (char *)&to->to_ccecho, sizeof(to->to_ccecho)); 2291 NTOHL(to->to_ccecho); 2292 break; |
2293 default: 2294 continue; |
|
2502 } 2503 } | 2295 } 2296 } |
2504 if (th->th_flags & TH_SYN) 2505 tcp_mss(tp, mss); /* sets t_maxseg */ | |
2506} 2507 2508/* 2509 * Pull out of band byte out of a segment so 2510 * it doesn't appear in the user's data queue. 2511 * It is still reflected in the segment length for 2512 * sequencing purposes. 2513 */ --- 156 unchanged lines hidden (view full) --- 2670 isipv6 = ((inp->inp_vflag & INP_IPV6) != 0) ? 1 : 0; 2671 min_protoh = isipv6 ? sizeof (struct ip6_hdr) + sizeof (struct tcphdr) 2672 : sizeof (struct tcpiphdr); 2673#else 2674#define min_protoh (sizeof (struct tcpiphdr)) 2675#endif 2676#ifdef INET6 2677 if (isipv6) | 2297} 2298 2299/* 2300 * Pull out of band byte out of a segment so 2301 * it doesn't appear in the user's data queue. 2302 * It is still reflected in the segment length for 2303 * sequencing purposes. 2304 */ --- 156 unchanged lines hidden (view full) --- 2461 isipv6 = ((inp->inp_vflag & INP_IPV6) != 0) ? 1 : 0; 2462 min_protoh = isipv6 ? sizeof (struct ip6_hdr) + sizeof (struct tcphdr) 2463 : sizeof (struct tcpiphdr); 2464#else 2465#define min_protoh (sizeof (struct tcpiphdr)) 2466#endif 2467#ifdef INET6 2468 if (isipv6) |
2678 rt = tcp_rtlookup6(inp); | 2469 rt = tcp_rtlookup6(&inp->inp_inc); |
2679 else 2680#endif | 2470 else 2471#endif |
2681 rt = tcp_rtlookup(inp); | 2472 rt = tcp_rtlookup(&inp->inp_inc); |
2682 if (rt == NULL) { 2683 tp->t_maxopd = tp->t_maxseg = 2684#ifdef INET6 2685 isipv6 ? tcp_v6mssdflt : 2686#endif /* INET6 */ 2687 tcp_mssdflt; 2688 return; 2689 } --- 189 unchanged lines hidden (view full) --- 2879 isipv6 = ((tp->t_inpcb->inp_vflag & INP_IPV6) != 0) ? 1 : 0; 2880 min_protoh = isipv6 ? sizeof (struct ip6_hdr) + sizeof (struct tcphdr) 2881 : sizeof (struct tcpiphdr); 2882#else 2883#define min_protoh (sizeof (struct tcpiphdr)) 2884#endif 2885#ifdef INET6 2886 if (isipv6) | 2473 if (rt == NULL) { 2474 tp->t_maxopd = tp->t_maxseg = 2475#ifdef INET6 2476 isipv6 ? tcp_v6mssdflt : 2477#endif /* INET6 */ 2478 tcp_mssdflt; 2479 return; 2480 } --- 189 unchanged lines hidden (view full) --- 2670 isipv6 = ((tp->t_inpcb->inp_vflag & INP_IPV6) != 0) ? 1 : 0; 2671 min_protoh = isipv6 ? sizeof (struct ip6_hdr) + sizeof (struct tcphdr) 2672 : sizeof (struct tcpiphdr); 2673#else 2674#define min_protoh (sizeof (struct tcpiphdr)) 2675#endif 2676#ifdef INET6 2677 if (isipv6) |
2887 rt = tcp_rtlookup6(tp->t_inpcb); | 2678 rt = tcp_rtlookup6(&tp->t_inpcb->inp_inc); |
2888 else 2889#endif /* INET6 */ | 2679 else 2680#endif /* INET6 */ |
2890 rt = tcp_rtlookup(tp->t_inpcb); | 2681 rt = tcp_rtlookup(&tp->t_inpcb->inp_inc); |
2891 if (rt == NULL) 2892 return 2893#ifdef INET6 2894 isipv6 ? tcp_v6mssdflt : 2895#endif /* INET6 */ 2896 tcp_mssdflt; 2897 2898 return rt->rt_ifp->if_mtu - min_protoh; --- 40 unchanged lines hidden --- | 2682 if (rt == NULL) 2683 return 2684#ifdef INET6 2685 isipv6 ? tcp_v6mssdflt : 2686#endif /* INET6 */ 2687 tcp_mssdflt; 2688 2689 return rt->rt_ifp->if_mtu - min_protoh; --- 40 unchanged lines hidden --- |