summaryrefslogtreecommitdiff
path: root/sys/netinet/tcp_input.c
AgeCommit message (Collapse)Author
2006-12-11allow RST with th_seq incremented (seen from windows tcp clients); ok dhartmeiMarkus Friedl
2006-12-05make the syncache code respect (inherit) the ttl from the listening socketHenning Brauer
when sending the synack response. ok markus
2006-10-31do not re-generate the timestamp modulation offset for SYN-ACK retransmits;Markus Friedl
this unbreaks TCP for high RTT (~3s); ok mcbride@
2006-10-11implement IP_MINTTL socket option fo tcp socketsHenning Brauer
This is for RFC3682 aka the TTL security hack - sender sets TTL to 255, receiver checks no router on the way (or, no more than expected) reduced the TTL. carp uses that technique already. modeled after FreeBSD implementation. ok claudio djm deraadt
2006-03-12mbuf use-after-free; ok henning, djm, bradMarkus Friedl
2006-02-26unbreak tcp window update (restore 4.4lite code); netbsd pr 13952;Markus Friedl
ok claudio, henning, brad, djm, tedu
2005-12-01allow RST if the th_seq matches rcv_nxt in case the RST follows theMarkus Friedl
data immediately. otherwise we would ignore RST for delayed acks; ok deraadt, dhartmei
2005-11-15Only two `h' in threshold.Miod Vallat
2005-11-02inherit sack_enable from the listen socket, this should allow connectionsMarkus Friedl
with both sack and md5 options in SYN.
2005-10-17make pf use one mbuf tag instead of 6 distinct ones. use a little structHenning Brauer
in the data part for the data from the previously distinct tags. look up the tag early and carry a pointer to it around. makes the code easier and saves some tag lookups and thus helps performance, as proven by tests run by Schberle Dniel <Schoeberle.Daniel@aamtech.hu> Initially hacked up somewhere over the atlantic ocean in an A330 early testing reyk and moritz, "put it in" theo
2005-08-11don't accept SYN-only TCP options for established connections;Markus Friedl
cf FreeBSD-SA-05:15.tcp; ok claudio, mcbride
2005-08-02change the TCP reass queue from LIST to TAILQ;Markus Friedl
ok henning claudio fgsch krw
2005-06-30implement PMTU checks fromMarkus Friedl
http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html i.e. don't act on ICMP-need-frag immediately if adhoc checks on the advertised mtu fail. the mtu update is delayed until a tcp retransmit happens. initial patch by Fernando Gont, tested by many.
2005-04-25csum -> csum_flagsBrad Smith
ok krw@ canacar@
2005-04-05add tcp sack stats, similar to freebsd; ok deraadtMarkus Friedl
2005-03-12make sure code and comment matchMarkus Friedl
2005-03-09from freebsd:Markus Friedl
1. set rcv_laststart/rcv_lastend after checking the tcp window 2. pass rcv_laststart and rcv_lastend on the stack (shrink tcp state) ok henning, djm
2005-03-04- check th_ack against snd_una/max; from Raja Mukerji via hugh@Markus Friedl
- limit pool to tcp_sackhole_limit entries (sysctl-able) - stop sack option processing on pool_get errors - use SEQ_MIN/SEQ_MAX ok henning, hshoexer, deraadt
2005-02-271. tcp_xmit_timer(): remove extra rtt decrement (t_rtttime is 0-basedMarkus Friedl
while t_rtt was 1-based), update callers 2. define and use TCP_RTT_BASE_SHIFT instead of the hardcoded 2. 3. add missing shifts when t_srtt/t_rttvar are used. 4. update the comments: t_srtt uses 5 bits of fraction (not 3) and t_rttvar uses 4 bits 5. remove obsolete/unused macros TCP_RTT_SCALE and TCP_RTTVAR_SCALE 6. make sure rttmin is not > TCPTV_REXMTMAX parts from netbsd, ok mcbride, henning
2005-01-10Make sure bogus values don't make their way into tcp_xmit_timer() calculations.Ryan Thomas McBride
- Ignore ts_ecr if it is 0, or the resulting rtt is out of range. (use tp->t_rtttime instead) - Initialise tcp_now to 1, to avoid the 500ms window where a valid ts_ecr of 0 could be ignored. - Convert out-of-range rtt values to valid ones in tcp_xmit_timer(). ok frantzen@ markus@
2004-12-30handle rtt < 0; markus okTheo de Raadt
2004-12-29fix indentMarkus Friedl
2004-11-25fix for race between invocation for timer and network inputMarkus Friedl
1) add a reaper for TCP and SYN cache states (cf. netbsd pr 20390) 2) additional check for TCP_TIMER_ISARMED(TCPT_REXMT) in tcp_timer_persist() with mickey@; ok deraadt@
2004-10-28Modulate tcp_now by a random amount on a per-connection basis.Ryan Thomas McBride
ok markus@ frantzen@
2004-09-22account for linkhdr size when choosing mbufs vs mbuf clustersTheo de Raadt
ok dhartmei markus claudio henning mcbride ...
2004-07-16undo 1.148, otherwise we have assymmetric cwnd when entering ESTABLISHED:Markus Friedl
2mss on the server side, and 1mss on the client.
2004-06-20remove #ifdef TUBAJun-ichiro itojun Hagino
2004-06-14Calculate optp (pointer to beginning of TCP options) based on th, notDaniel Hartmeier
mtod(m), since the previous IP6_EXTHDR_GET() only guarantees this part to be continuous. Report from Andreas Bartelt. ok markus@, itojun@
2004-06-08factor out md5 code; ok+tests henning@, djm@, hshoexer@Markus Friedl
2004-05-31simplify; ok henning, itojunMarkus Friedl
2004-05-27the tcp header might be in a different mbuf after pulldown();Markus Friedl
fixes tcp corruption on rl(4); ok itojun, cedric
2004-05-26use sa_family not inp; netbsd merge error; ok dhartmeiMarkus Friedl
2004-05-21use 'mss' as lower limit, since 'ifp' might not be set; ok dhartmei@, henning@Markus Friedl
report and test by mpf@
2004-05-07Replace RSA-derived md5 code with code derived from Colin Plumb's PD version.Todd C. Miller
This moves md5.c out of libkern and into sys/crypto where it belongs (as requested by markus@). Note that md5.c is still mandatory (dev/rnd.c uses it). Verified with IPsec + hmac-md5 and tcp md5sig. OK henning@ and hshoexer@
2004-05-04The tcp specific routing metrics are almost never used so reduce the routingClaudio Jeker
table from these metrics. struct rt_msghdr used by the routing socket is not affected and so most userland apps don't need to be changed. some man page polishing by jmc@ OK henning@ markus@ theo@
2004-04-26- allow the user to force the TCP mss below the fail-safe 216 with a lowMike Frantzen
interface MTU. - break a tcp_output() -> tcp_mtudisc() -> tcp_output() infinite recursion when the TCP mss ends up larger than the interface MTU (when the if_mtu is smaller than the tcp header). connections will still stall feedback from itojun@, claudio@ and provos and testing from beck@
2004-04-20add tcps_rcvacktooold; ok deraadtMarkus Friedl
2004-04-15Unbreak INET6less kernels.Alexander Yurchenko
ok markus
2004-04-15allow TCP packet with IPv4 option (we have been dropping these).Jun-ichiro itojun Hagino
simplify some of the codepath by using IP6_EXTHDR_GET. markus ok
2004-04-14syn_cache_get: send RST instead of RST+ACK in response to ACK; ok deraadtMarkus Friedl
2004-04-12factor out dropafterack_ratelim code, use ratelimitMarkus Friedl
for tcps_rcvacktoomuch, too; drop very old ACKs; ok deraadt@
2004-04-04on in-window SYN, send back rate-limited ACK; ok dhartmei frantzen markusTheo de Raadt
2004-03-17typo in comment (fragment->segment); ok itojun@Markus Friedl
2004-03-02limit total number of queued out-of-order packets to NMBCLUSTERS/2; ok mcbrideMarkus Friedl
2004-02-27implement tcp_drain() similar to ip_drain(); ok mcbride@Markus Friedl
2004-02-11make mss signed; avoids large mss if ifp==NULL; ok itojun@Markus Friedl
2004-02-10check TF_SIGNATURE when calculating the mss; add TCPOLEN_SIGLEN andMarkus Friedl
avoid magic constants; ok henning@
2004-02-05take RFC2460 section 5 last paragraph into consideration when we compute MSSJun-ichiro itojun Hagino
(if path MTU < 1280, use 1280 as packet size and attach fragment header). markus ok
2004-01-31!sack_disable -> sack_enable; ok deraadt@Markus Friedl
2004-01-29reset TCPT_KEEP to tcp_keepidle when switching to ESTABLISHED;Markus Friedl
ok henning, deraadt