diff options
author | andre <andre@FreeBSD.org> | 2005-04-21 12:37:12 +0000 |
---|---|---|
committer | andre <andre@FreeBSD.org> | 2005-04-21 12:37:12 +0000 |
commit | 34a84acceeef772a5b9acdda87fdf6cc6581e62d (patch) | |
tree | 7b9a0e3c485902d0bc77850e4bcc3582acddb4c4 /sys/netinet/tcp_var.h | |
parent | 50df456889d520f12a65d284becf49069ee5aa76 (diff) | |
download | FreeBSD-src-34a84acceeef772a5b9acdda87fdf6cc6581e62d.zip FreeBSD-src-34a84acceeef772a5b9acdda87fdf6cc6581e62d.tar.gz |
Ignore ICMP Source Quench messages for TCP sessions. Source Quench is
ineffective, depreciated and can be abused to degrade the performance
of active TCP sessions if spoofed.
Replace a bogus call to tcp_quench() in tcp_output() with the direct
equivalent tcpcb variable assignment.
Security: draft-gont-tcpm-icmp-attacks-03.txt Section 7.1
MFC after: 3 days
Diffstat (limited to 'sys/netinet/tcp_var.h')
-rw-r--r-- | sys/netinet/tcp_var.h | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/sys/netinet/tcp_var.h b/sys/netinet/tcp_var.h index 26e410e..2a727a0 100644 --- a/sys/netinet/tcp_var.h +++ b/sys/netinet/tcp_var.h @@ -534,8 +534,6 @@ struct inpcb * struct tcpcb * tcp_newtcpcb(struct inpcb *); int tcp_output(struct tcpcb *); -struct inpcb * - tcp_quench(struct inpcb *, int); void tcp_respond(struct tcpcb *, void *, struct tcphdr *, struct mbuf *, tcp_seq, tcp_seq, int); int tcp_twrespond(struct tcptw *, int); |