When checking the TCP fast cookie length, conststently also check

for the minimum length. This fixes a bug where cookies of length 2 bytes (which is smaller than the minimum length of 4) is provided by the server. Sponsored by: Netflix, Inc.
2018-02-27 22:12:38 +00:00 · 2018-02-27 22:12:38 +00:00 · 1c714531e8
commit 1c714531e8
parent fb7275bedb
1 changed files with 2 additions and 1 deletions
--- a/sys/netinet/tcp_fastopen.c
+++ b/sys/netinet/tcp_fastopen.c
@ -1071,7 +1071,8 @@ tcp_fastopen_ccache_create(struct tcp_fastopen_ccache_bucket *ccb,
 		cce->cce_server_ip.v6 = inc->inc6_faddr;
 	}
 	cce->server_port = inc->inc_fport;
-	if ((cookie_len <= TCP_FASTOPEN_MAX_COOKIE_LEN) &&
+	if ((cookie_len >= TCP_FASTOPEN_MIN_COOKIE_LEN) &&
+	    (cookie_len <= TCP_FASTOPEN_MAX_COOKIE_LEN) &&
 	    ((cookie_len & 0x1) == 0)) {
 		cce->server_mss = mss;
 		cce->cookie_len = cookie_len;