diff options
author | attilio <attilio@FreeBSD.org> | 2011-10-06 14:29:38 +0000 |
---|---|---|
committer | attilio <attilio@FreeBSD.org> | 2011-10-06 14:29:38 +0000 |
commit | c4edda3ba97ae28934bcd16da62ce32bade59346 (patch) | |
tree | e23b256ad451e0a1195130eafa8d4872104c603c /sys/netinet | |
parent | 09d49031a0cff62063dace959ea1df65d7cf1a5a (diff) | |
download | FreeBSD-src-c4edda3ba97ae28934bcd16da62ce32bade59346.zip FreeBSD-src-c4edda3ba97ae28934bcd16da62ce32bade59346.tar.gz |
For the INP_TIMEWAIT case, there is no valid tcpcb object tied to the
inpcb object.
Skip the TCP_SIGNATURE check in that case as it is consistent with the
output path (no TCP_SIGNATURE for outcoming packets in TIMEWAIT state)
and also because for TIMEWAIT state the verify may be less effective.
Sponsored by: Sandvine Incorporated
Reported by: rwatson
No objections by: rwatson
MFC after: 3 days
Diffstat (limited to 'sys/netinet')
-rw-r--r-- | sys/netinet/tcp_input.c | 16 |
1 files changed, 0 insertions, 16 deletions
diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c index b1a8b33..91517b3 100644 --- a/sys/netinet/tcp_input.c +++ b/sys/netinet/tcp_input.c @@ -948,24 +948,8 @@ relocked: } INP_INFO_WLOCK_ASSERT(&V_tcbinfo); -#ifdef TCP_SIGNATURE - tcp_dooptions(&to, optp, optlen, - (thflags & TH_SYN) ? TO_SYN : 0); - if (sig_checked == 0) { - tp = intotcpcb(inp); - if (tp == NULL || tp->t_state == TCPS_CLOSED) { - rstreason = BANDLIM_RST_CLOSEDPORT; - goto dropwithreset; - } - if (!tcp_signature_verify_input(m, off0, tlen, optlen, - &to, th, tp->t_flags)) - goto dropunlock; - sig_checked = 1; - } -#else if (thflags & TH_SYN) tcp_dooptions(&to, optp, optlen, TO_SYN); -#endif /* * NB: tcp_twcheck unlocks the INP and frees the mbuf. */ |