Remove the check for SYN in SYN_RECEIVED state; it breaks simultaneous
connect. This check was added as part of the defense against the "land" attack, to prevent attacks which guess the ISS from going into ESTABLISHED. The "src == dst" check will still prevent the single-homed case of the "land" attack, and guessing ISS's should be hard anyway. Submitted by: David Borman <dab@bsdi.com>
This commit is contained in:
Bill Fenner
parent
34f72be5af
commit
75daa6a53f
@ -31,7 +31,7 @@
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* @(#)tcp_input.c 8.12 (Berkeley) 5/24/95
|
||||
* $Id: tcp_input.c,v 1.69 1998/01/27 09:15:08 davidg Exp $
|
||||
* $Id: tcp_input.c,v 1.70 1998/02/26 05:25:28 dg Exp $
|
||||
*/
|
||||
|
||||
#include "opt_tcpdebug.h"
|
||||
@ -736,19 +736,13 @@ tcp_input(m, iphlen)
|
||||
|
||||
/*
|
||||
* If the state is SYN_RECEIVED:
|
||||
* if seg contains SYN/ACK, send a RST.
|
||||
* if seg contains an ACK, but not for our SYN/ACK, send a RST.
|
||||
*/
|
||||
case TCPS_SYN_RECEIVED:
|
||||
if (tiflags & TH_ACK) {
|
||||
if (tiflags & TH_SYN) {
|
||||
tcpstat.tcps_badsyn++;
|
||||
if ((tiflags & TH_ACK) &&
|
||||
(SEQ_LEQ(ti->ti_ack, tp->snd_una) ||
|
||||
SEQ_GT(ti->ti_ack, tp->snd_max)))
|
||||
goto dropwithreset;
|
||||
}
|
||||
if (SEQ_LEQ(ti->ti_ack, tp->snd_una) ||
|
||||
SEQ_GT(ti->ti_ack, tp->snd_max))
|
||||
goto dropwithreset;
|
||||
}
|
||||
break;
|
||||
|
||||
/*
|
||||
|
||||
@ -31,7 +31,7 @@
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* @(#)tcp_input.c 8.12 (Berkeley) 5/24/95
|
||||
* $Id: tcp_input.c,v 1.69 1998/01/27 09:15:08 davidg Exp $
|
||||
* $Id: tcp_input.c,v 1.70 1998/02/26 05:25:28 dg Exp $
|
||||
*/
|
||||
|
||||
#include "opt_tcpdebug.h"
|
||||
@ -736,19 +736,13 @@ tcp_input(m, iphlen)
|
||||
|
||||
/*
|
||||
* If the state is SYN_RECEIVED:
|
||||
* if seg contains SYN/ACK, send a RST.
|
||||
* if seg contains an ACK, but not for our SYN/ACK, send a RST.
|
||||
*/
|
||||
case TCPS_SYN_RECEIVED:
|
||||
if (tiflags & TH_ACK) {
|
||||
if (tiflags & TH_SYN) {
|
||||
tcpstat.tcps_badsyn++;
|
||||
if ((tiflags & TH_ACK) &&
|
||||
(SEQ_LEQ(ti->ti_ack, tp->snd_una) ||
|
||||
SEQ_GT(ti->ti_ack, tp->snd_max)))
|
||||
goto dropwithreset;
|
||||
}
|
||||
if (SEQ_LEQ(ti->ti_ack, tp->snd_una) ||
|
||||
SEQ_GT(ti->ti_ack, tp->snd_max))
|
||||
goto dropwithreset;
|
||||
}
|
||||
break;
|
||||
|
||||
/*
|
||||
|
||||
Loading…
Reference in New Issue
Block a user