diff options
| author |   angelos <angelos@openbsd.org> | 1998-03-18 02:37:47 +0000 |
|---|---|---|
| committer | angelos <angelos@openbsd.org> | 1998-03-18 02:37:47 +0000 |
| commit | e96da05183a5e39382b77c5a392cbbf12ca70a39 (patch) | |
| tree | ac5bddad59719509ef4c6f21172ad6a49aed64c2 /sys/netinet/tcp_input.c | |
| parent | Update. (diff) | |
| download | wireguard-openbsd-e96da05183a5e39382b77c5a392cbbf12ca70a39.tar.xz wireguard-openbsd-e96da05183a5e39382b77c5a392cbbf12ca70a39.zip | |
Add FreeBSD patch (check for SYN packets arriving at a socket in
LISTEN state with source address/port == destination address/port).
Diffstat (limited to 'sys/netinet/tcp_input.c')
| -rw-r--r-- | sys/netinet/tcp_input.c | 33 |
1 files changed, 26 insertions, 7 deletions
diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c index 9138f15d703..e6d4a443d89 100644 --- a/sys/netinet/tcp_input.c +++ b/sys/netinet/tcp_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_input.c,v 1.17 1997/11/12 20:59:44 deraadt Exp $ */ +/* $OpenBSD: tcp_input.c,v 1.18 1998/03/18 02:37:47 angelos Exp $ */ /* $NetBSD: tcp_input.c,v 1.23 1996/02/13 23:43:44 christos Exp $ */ /* @@ -740,6 +740,7 @@ findpcb: * If the state is LISTEN then ignore segment if it contains an RST. * If the segment contains an ACK then it is bad and send a RST. * If it does not contain a SYN then it is not interesting; drop it. + * If it is from this socket, drop it, it must be forged. * Don't bother responding if the destination was a broadcast. * Otherwise initialize tp->rcv_nxt, and tp->irs, select an initial * tp->iss, and send a segment: @@ -759,6 +760,9 @@ findpcb: goto dropwithreset; if ((tiflags & TH_SYN) == 0) goto drop; + if ((ti->ti_dport == ti->ti_sport) && + (ti->ti_dst.s_addr == ti->ti_src.s_addr)) + goto drop; #ifdef TCPCOOKIE /* @@ -836,6 +840,24 @@ findpcb: } /* + * If the state is SYN_RECEIVED: + * if seg contains SYN/ACK, send an RST. + * if seg contains an ACK, but not for our SYN/ACK, send an RST + */ + + case TCPS_SYN_RECEIVED: + if (tiflags & TH_ACK) { + if (tiflags & TH_SYN) { + tcpstat.tcps_badsyn++; + goto dropwithreset; + } + if (SEQ_LEQ(ti->ti_ack, tp->snd_una) || + SEQ_GT(ti->ti_ack, tp->snd_max)) + goto dropwithreset; + } + break; + + /* * If the state is SYN_SENT: * if seg contains an ACK, but not for our SYN, drop the input. * if seg contains a RST, then drop the connection. @@ -1108,14 +1130,11 @@ trimthenstep6: switch (tp->t_state) { /* - * In SYN_RECEIVED state if the ack ACKs our SYN then enter - * ESTABLISHED state and continue processing, otherwise - * send an RST. + * In SYN_RECEIVED state, the ack ACKs our SYN, so enter + * ESTABLISHED state and continue processing. + * The ACK was checked above. */ case TCPS_SYN_RECEIVED: - if (SEQ_GT(tp->snd_una, ti->ti_ack) || - SEQ_GT(ti->ti_ack, tp->snd_max)) - goto dropwithreset; tcpstat.tcps_connects++; soisconnected(so); tp->t_state = TCPS_ESTABLISHED; |