d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

tcp: Don't "negotiate" MSS.

Browse Source 
_NO_ OSes actually "negotiate" MSS.

RFC 879:
"... This Maximum Segment Size (MSS) announcement (often mistakenly
called a negotiation) ..."

This negotiation behaviour was introduced 11 years ago by r159955
without any explaination about why FreeBSD had to "negotiate" MSS:

    In syncache_respond() do not reply with a MSS that is larger than what
    the peer announced to us but make it at least tcp_minmss in size.

    Sponsored by:   TCP/IP Optimization Fundraise 2005

The tcp_minmss behaviour is still kept.

Syncookie fix was prodded by tuexen, who also helped to test this
patch w/ packetdrill.

Reviewed by:	tuexen, karels, bz (previous version)
MFC after:	2 week
Sponsored by:	Microsoft
Differential Revision:	https://reviews.freebsd.org/D12430
This commit is contained in:
Sepherosa Ziehau 2017-09-27 05:52:37 +00:00
parent 2be266caf2
commit fc572e261f
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=324050
1 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
sys/netinet/tcp_syncache.c
View File

@ -1634,9 +1634,7 @@ syncache_respond(struct syncache *sc, struct syncache_head *sch, int locked,
tlen = hlen + sizeof(struct tcphdr);
/* Determine MSS we advertize to other end of connection. */
mssopt = tcp_mssopt(&sc->sc_inc);
if (sc->sc_peer_mss)
mssopt = max( min(sc->sc_peer_mss, mssopt), V_tcp_minmss);
mssopt = max(tcp_mssopt(&sc->sc_inc), V_tcp_minmss);
/* XXX: Assume that the entire packet will fit in a header mbuf. */
KASSERT(max_linkhdr + tlen + TCP_MAXOLEN <= MHLEN,
@ -1985,7 +1983,7 @@ syncookie_mac(struct in_conninfo *inc, tcp_seq irs, uint8_t flags,
static tcp_seq
syncookie_generate(struct syncache_head *sch, struct syncache *sc)
{
u_int i, mss, secbit, wscale;
u_int i, secbit, wscale;
uint32_t iss, hash;
uint8_t *secbits;
union syncookie cookie;
@ -1995,8 +1993,8 @@ syncookie_generate(struct syncache_head *sch, struct syncache *sc)
cookie.cookie = 0;
/* Map our computed MSS into the 3-bit index. */
mss = min(tcp_mssopt(&sc->sc_inc), max(sc->sc_peer_mss, V_tcp_minmss));
for (i = nitems(tcp_sc_msstab) - 1; tcp_sc_msstab[i] > mss && i > 0;
for (i = nitems(tcp_sc_msstab) - 1;
tcp_sc_msstab[i] > sc->sc_peer_mss && i > 0;
i--)
;
cookie.flags.mss_idx = i;