Author: attilio
Date: Thu Oct 6 14:29:38 2011
New Revision: 226060
URL: http://svn.freebsd.org/changeset/base/226060
Log:
For the INP_TIMEWAIT case, there is no valid tcpcb object tied to the
inpcb object.
Skip the TCP_SIGNATURE check in that case as it is consistent with the
output path (no TCP_SIGNATURE for outcoming packets in TIMEWAIT state)
and also because for TIMEWAIT state the verify may be less effective.
Sponsored by: Sandvine Incorporated
Reported by: rwatson
No objections by: rwatson
MFC after: 3 days
Modified:
head/sys/netinet/tcp_input.c
Modified: head/sys/netinet/tcp_input.c
==============================================================================
--- head/sys/netinet/tcp_input.c Thu Oct 6 14:24:37 2011
(r226059)
+++ head/sys/netinet/tcp_input.c Thu Oct 6 14:29:38 2011
(r226060)
@@ -948,24 +948,8 @@ relocked:
}
INP_INFO_WLOCK_ASSERT(&V_tcbinfo);
-#ifdef TCP_SIGNATURE
- tcp_dooptions(&to, optp, optlen,
- (thflags & TH_SYN) ? TO_SYN : 0);
- if (sig_checked == 0) {
- tp = intotcpcb(inp);
- if (tp == NULL || tp->t_state == TCPS_CLOSED) {
- rstreason = BANDLIM_RST_CLOSEDPORT;
- goto dropwithreset;
- }
- if (!tcp_signature_verify_input(m, off0, tlen, optlen,
- &to, th, tp->t_flags))
- goto dropunlock;
- sig_checked = 1;
- }
-#else
if (thflags & TH_SYN)
tcp_dooptions(&to, optp, optlen, TO_SYN);
-#endif
/*
* NB: tcp_twcheck unlocks the INP and frees the mbuf.
*/
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
