diff --git a/sys/netinet/tcp_syncache.c b/sys/netinet/tcp_syncache.c index e2e92549f78c..b95efb66c20a 100644 --- a/sys/netinet/tcp_syncache.c +++ b/sys/netinet/tcp_syncache.c @@ -977,17 +977,14 @@ syncache_add(inc, to, th, sop, m) sc->sc_flags = SCF_NOOPT; #ifdef TCP_SIGNATURE /* - * If listening socket requested TCP digests, flag this in the - * syncache so that syncache_respond() will do the right thing - * with the SYN+ACK. - * - * RFC 2395, Section 2.0, says - * "Unlike other TCP extensions (e.g., the Window Scale option - * [RFC1323]), the absence of the option in the SYN,ACK segment must not - * cause the sender to disable its sending of signatures". + * If listening socket requested TCP digests, and received SYN + * contains the option, flag this in the syncache so that + * syncache_respond() will do the right thing with the SYN+ACK. + * XXX Currently we always record the option by default and will + * attempt to use it in syncache_respond(). */ - if (tp->t_flags & TF_SIGNATURE) - sc->sc_flags |= SCF_SIGNATURE; + if (to->to_flags & TOF_SIGNATURE) + sc->sc_flags = SCF_SIGNATURE; #endif if (to->to_flags & TOF_SACK)