- Tighten up the Timestamp checks to prevent a spoofed segment from

setting ts_recent to an arbitrary value, stopping further
  communication between the two hosts.
- If the Echoed Timestamp is greater than the current time,
  fall back to the non RFC 1323 RTT calculation.

Submitted by:	Raja Mukerji (raja at moselle dot com)
Reviewed by:	Noritoshi Demizu, Mohan Srinivasan
This commit is contained in:
ps 2005-04-10 05:24:59 +00:00
parent 14286eefcf
commit 9d037f02fa
3 changed files with 47 additions and 6 deletions

View File

@ -1701,11 +1701,25 @@ tcp_input(m, off0)
/*
* If last ACK falls within this segment's sequence numbers,
* record its timestamp.
* NOTE that the test is modified according to the latest
* proposal of the tcplw@cray.com list (Braden 1993/04/26).
* NOTE:
* 1) That the test incorporates suggestions from the latest
* proposal of the tcplw@cray.com list (Braden 1993/04/26).
* 2) That updating only on newer timestamps interferes with
* our earlier PAWS tests, so this check should be solely
* predicated on the sequence space of this segment.
* 3) That we modify the segment boundary check to be
* Last.ACK.Sent <= SEG.SEQ + SEG.Len
* instead of RFC1323's
* Last.ACK.Sent < SEG.SEQ + SEG.Len,
* This modified check allows us to overcome RFC1323's
* limitations as described in Stevens TCP/IP Illustrated
* Vol. 2 p.869. In such cases, we can still calculate the
* RTT correctly when RCV.NXT == Last.ACK.Sent.
*/
if ((to.to_flags & TOF_TS) != 0 &&
SEQ_LEQ(th->th_seq, tp->last_ack_sent)) {
SEQ_LEQ(th->th_seq, tp->last_ack_sent) &&
SEQ_LEQ(tp->last_ack_sent, th->th_seq + tlen +
((thflags & (TH_SYN|TH_FIN)) != 0))) {
tp->ts_recent_age = ticks;
tp->ts_recent = to.to_tsval;
}
@ -2560,6 +2574,12 @@ tcp_dooptions(tp, to, cp, cnt, is_syn, th)
bcopy((char *)cp + 6,
(char *)&to->to_tsecr, sizeof(to->to_tsecr));
to->to_tsecr = ntohl(to->to_tsecr);
/*
* If echoed timestamp is later than the current time,
* fall back to non RFC1323 RTT calculation.
*/
if ((to->to_tsecr != 0) && TSTMP_GT(to->to_tsecr, ticks))
to->to_tsecr = 0;
break;
#ifdef TCP_SIGNATURE
/*

View File

@ -1701,11 +1701,25 @@ tcp_input(m, off0)
/*
* If last ACK falls within this segment's sequence numbers,
* record its timestamp.
* NOTE that the test is modified according to the latest
* proposal of the tcplw@cray.com list (Braden 1993/04/26).
* NOTE:
* 1) That the test incorporates suggestions from the latest
* proposal of the tcplw@cray.com list (Braden 1993/04/26).
* 2) That updating only on newer timestamps interferes with
* our earlier PAWS tests, so this check should be solely
* predicated on the sequence space of this segment.
* 3) That we modify the segment boundary check to be
* Last.ACK.Sent <= SEG.SEQ + SEG.Len
* instead of RFC1323's
* Last.ACK.Sent < SEG.SEQ + SEG.Len,
* This modified check allows us to overcome RFC1323's
* limitations as described in Stevens TCP/IP Illustrated
* Vol. 2 p.869. In such cases, we can still calculate the
* RTT correctly when RCV.NXT == Last.ACK.Sent.
*/
if ((to.to_flags & TOF_TS) != 0 &&
SEQ_LEQ(th->th_seq, tp->last_ack_sent)) {
SEQ_LEQ(th->th_seq, tp->last_ack_sent) &&
SEQ_LEQ(tp->last_ack_sent, th->th_seq + tlen +
((thflags & (TH_SYN|TH_FIN)) != 0))) {
tp->ts_recent_age = ticks;
tp->ts_recent = to.to_tsval;
}
@ -2560,6 +2574,12 @@ tcp_dooptions(tp, to, cp, cnt, is_syn, th)
bcopy((char *)cp + 6,
(char *)&to->to_tsecr, sizeof(to->to_tsecr));
to->to_tsecr = ntohl(to->to_tsecr);
/*
* If echoed timestamp is later than the current time,
* fall back to non RFC1323 RTT calculation.
*/
if ((to->to_tsecr != 0) && TSTMP_GT(to->to_tsecr, ticks))
to->to_tsecr = 0;
break;
#ifdef TCP_SIGNATURE
/*

View File

@ -47,6 +47,7 @@
/* for modulo comparisons of timestamps */
#define TSTMP_LT(a,b) ((int)((a)-(b)) < 0)
#define TSTMP_GT(a,b) ((int)((a)-(b)) > 0)
#define TSTMP_GEQ(a,b) ((int)((a)-(b)) >= 0)
/*