implement PMTU checks from

        http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
i.e. don't act on ICMP-need-frag immediately if adhoc checks on the
advertised mtu fail.  the mtu update is delayed until a tcp retransmit
happens.  initial patch by Fernando Gont, tested by many.

1 files changed, 27 insertions, 1 deletions

diff --git a/sys/netinet/tcp_timer.c b/sys/netinet/tcp_timer.c
index 0f8c64566f5..d8b603617e8 100644
--- a/sys/netinet/tcp_timer.c
+++ b/sys/netinet/tcp_timer.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tcp_timer.c,v 1.36 2004/12/13 12:01:49 espie Exp $	*/
+/*	$OpenBSD: tcp_timer.c,v 1.37 2005/06/30 08:51:31 markus Exp $	*/
 /*	$NetBSD: tcp_timer.c,v 1.14 1996/02/13 23:44:09 christos Exp $	*/
 
 /*
@@ -52,6 +52,7 @@
 #include <netinet/tcp_timer.h>
 #include <netinet/tcp_var.h>
 #include <netinet/ip_icmp.h>
+#include <netinet/tcp_seq.h>
 
 int	tcp_keepidle;
 int	tcp_keepintvl;
@@ -202,6 +203,31 @@ tcp_timer_rexmt(void *arg)
 		return;
 	}
 
+	if ((tp->t_flags & TF_PMTUD_PEND) && tp->t_inpcb &&
+	    SEQ_GEQ(tp->t_pmtud_th_seq, tp->snd_una) &&
+	    SEQ_LT(tp->t_pmtud_th_seq, (int)(tp->snd_una + tp->t_maxseg))) {
+		extern struct sockaddr_in icmpsrc;
+		struct icmp icmp;
+
+		tp->t_flags &= ~TF_PMTUD_PEND;
+
+		/* XXX create fake icmp message with relevant entries */
+		icmp.icmp_nextmtu = tp->t_pmtud_nextmtu;
+		icmp.icmp_ip.ip_len = tp->t_pmtud_ip_len;
+		icmp.icmp_ip.ip_hl = tp->t_pmtud_ip_hl;
+		icmpsrc.sin_addr = tp->t_inpcb->inp_faddr;
+		icmp_mtudisc(&icmp);
+
+		/*
+		 * Notify all connections to the same peer about
+		 * new mss and trigger retransmit.
+		 */
+		in_pcbnotifyall(&tcbtable, sintosa(&icmpsrc), EMSGSIZE,
+		    tcp_mtudisc);
+		splx(s);
+		return;
+	}
+
 #ifdef TCP_SACK
 	tcp_timer_freesack(tp);
 #endif