diff options
author | Marco Pfatschbacher <mpf@cvs.openbsd.org> | 2008-09-09 15:26:13 +0000 |
---|---|---|
committer | Marco Pfatschbacher <mpf@cvs.openbsd.org> | 2008-09-09 15:26:13 +0000 |
commit | fe36bd947fa17e3c7c8f2079091bcdfeb9832dc8 (patch) | |
tree | 46ae3a155acfe43b67a6d8ac54f3da4edc08a1ea | |
parent | 5fe82ea5e7f83227ec396e3f83fcf09249e5005e (diff) |
The pf state to pcb linking code change didn't account for the
TIME_WAIT socket recycling code to redo the pcb lookup w/out
resetting the inp pointer. Therefore we used the stale pcb,
which leads us to reply with a RST to SYNs received on TIME_WAIT
sockets. Also move the findpcb label below the pf pcb cache lookup,
to avoid using a stale pcb when the caching code gets activated.
OK markus@, henning@
-rw-r--r-- | sys/netinet/tcp_input.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c index 15e6dde0424..331e13ec05e 100644 --- a/sys/netinet/tcp_input.c +++ b/sys/netinet/tcp_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_input.c,v 1.220 2008/07/03 15:46:24 henning Exp $ */ +/* $OpenBSD: tcp_input.c,v 1.221 2008/09/09 15:26:12 mpf Exp $ */ /* $NetBSD: tcp_input.c,v 1.23 1996/02/13 23:43:44 christos Exp $ */ /* @@ -594,11 +594,11 @@ tcp_input(struct mbuf *m, ...) /* * Locate pcb for segment. */ -findpcb: #if NPF > 0 if (m->m_pkthdr.pf.statekey) inp = ((struct pf_state_key *)m->m_pkthdr.pf.statekey)->inp; #endif +findpcb: if (inp == NULL) { switch (af) { #ifdef INET6 @@ -1309,6 +1309,7 @@ trimthenstep6: ((arc4random() & 0x7fffffff) | 0x8000); reuse = &iss; tp = tcp_close(tp); + inp = NULL; goto findpcb; } } |