diff options
| author |   bluhm <bluhm@openbsd.org> | 2016-03-31 13:11:14 +0000 |
|---|---|---|
| committer | bluhm <bluhm@openbsd.org> | 2016-03-31 13:11:14 +0000 |
| commit | adc4314022d6e2d94ab882cef40e98c4f88e0831 (patch) | |
| tree | d2490ffe5967f2ba0f2411c0d42f94654579142a /sys | |
| parent | The USB console port on Aruba 7xxx wireless controllers shows up as (diff) | |
| download | wireguard-openbsd-adc4314022d6e2d94ab882cef40e98c4f88e0831.tar.xz wireguard-openbsd-adc4314022d6e2d94ab882cef40e98c4f88e0831.zip | |
If one of the TCP syn cache buckets overflow, it might be a collision
attack against our hash function. In this case, switch to the
passive syn cache as soon as possible. It will start with a new
random seed for the hash.
input and OK mpi@
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/netinet/tcp_input.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c index 855a07ae017..f6d9e734347 100644 --- a/sys/netinet/tcp_input.c +++ b/sys/netinet/tcp_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_input.c,v 1.317 2016/03/29 18:13:20 bluhm Exp $ */ +/* $OpenBSD: tcp_input.c,v 1.318 2016/03/31 13:11:14 bluhm Exp $ */ /* $NetBSD: tcp_input.c,v 1.23 1996/02/13 23:43:44 christos Exp $ */ /* @@ -3393,6 +3393,11 @@ syn_cache_insert(struct syn_cache *sc, struct tcpcb *tp) if (scp->sch_length >= tcp_syn_bucket_limit) { tcpstat.tcps_sc_bucketoverflow++; /* + * Someone might attack our bucket hash function. Reseed + * with random as soon as the passive syn cache gets empty. + */ + set->scs_use = 0; + /* * The bucket is full. Toss the oldest element in the * bucket. This will be the first entry in the bucket. */ |