summaryrefslogtreecommitdiff
path: root/sys/netinet/tcp_input.c
AgeCommit message (Collapse)Author
1999-09-01increase tcp_iss incrementNiels Provos
1999-08-31correctly update window informationNiels Provos
1999-08-27more SACK hole validity testing; fix a tcp seq arithmetic bug. cmetz and me.Niels Provos
1999-08-06back out all recent changes, which continue to be a source for nasty bugsTheo de Raadt
1999-07-28Moved the m_data/m_len shave of IP and TCP headers back to its originalcmetz
location, as attempts to do it differently have caused too many problems.
1999-07-22Reintroduce rev 1.41 which brings us TCP signatures again, but this timeNiklas Hallqvist
hopefully without random kernel data corruption.
1999-07-18use proper CTheo de Raadt
1999-07-17revert tcp_input.c to before 07/01/1999 - this seems to solve the mysteriousNiels Provos
data corruptions and panics that people have experienced. by reverting we loose tcp signatures and ipv6 cleanups, the code looked correct to me.
1999-07-13correct non-STDC caseTheo de Raadt
1999-07-06Added support for TCP MD5 option (RFC 2385).cmetz
1999-07-06Fixed compilation problems when INET6 is enabled.cmetz
1999-07-03indentTheo de Raadt
1999-07-02Significant cleanups in the way TCP is made to handle multiple networkcmetz
protocols. "struct tcpiphdr" is now gone from much of the code, as are separate pointers for ti and ti6. The result is fewer variables, which is generally a good thing. Simple if(is_ipv6) ... else ... tests are gone in favor of a switch(protocol family), which allows future new protocols to be added easily. This also makes it possible for someone so inclined to re-implement TUBA (TCP over CLNP?) and do it right instead of the kluged way it was done in 4.4. The TCP header template is now referenced through a mbuf rather than done through a data pointer and dtom()ed as needed. This is partly because dtom() is evil and partly because max_linkhdr + IPv6 + TCP + MSS/TS/SACK opts won't fit inside a packet header mbuf, so we need to grab a cluster for that (which the code now does, if needed).
1999-06-11removed TCPCOOKIE support.pattonme
1999-05-24instead of dropping out of window SYNs, send an ACK and drop afterwards.Niels Provos
fixes a problem with NFS over TCP reported by Jason Thorpe, fix from klm@netbsd.org
1999-04-21From Tom Henderson <tomh@cs.berkeley.edu>:Niels Provos
Fixed a sequence wraparound bug in the snd_recover variable discovered in very large (multiple GByte) transfers (in loss free conditions, snd_recover was not sufficiently tracking snd_una). Thanks to Mark Smith for finding this. Fixed a bug in tcp_newreno that was preventing retransmission of data due to partial acks. (Discovered by Jayanth Vijayaraghavan)
1999-03-27add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoingNiels Provos
SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company.
1999-02-15when allocating sack blocks check for failing malloc(), if it failsNiels Provos
just ignore the sack block + fix misleading comment. tomh@CS.Berkeley.EDU
1999-02-09correct rst handling should not consult ack field hereHugh Graham
1999-02-08init incr tcp iss from snd_nxt, not rcv_nxt; 4.4Theo de Raadt
1999-02-05indentTheo de Raadt
1999-01-27fix NEWRENO behaviour, the newreo code assumed that the send socket buffer hasNiels Provos
already been cleared of the acked data, though it was called before any sbdrop() call and always called tcp_output() with 0 index in the send socket buffer and thus causing data corruption. so do not set snd_una to th_ack.
1999-01-27reordered FIN segments caused early termination, bug introduced by ipv6 ↵Niklas Hallqvist
integration
1999-01-15IN_MULTICAST takes network order addressesNiklas Hallqvist
1999-01-11Make TCP_SACK compile with new netinetNiklas Hallqvist
1999-01-11netinet merge of NRL stuff. some indent and shrinkage needed; NRL/cmetzTheo de Raadt
1999-01-07in_pcblookup() now takes ptr to both ip address argumentsTheo de Raadt
1998-11-25more min vs. ulmin/lmin fixesTodd C. Miller
1998-11-17NewReno, SACK and FACK support for TCP, adapted from code for BSDINiels Provos
by Hari Balakrishnan (hari@lcs.mit.edu), Tom Henderson (tomh@cs.berkeley.edu) and Venkat Padmanabhan (padmanab@cs.berkeley.edu) as part of the Daedalus research group at the University of California, (http://daedalus.cs.berkeley.edu). [I was able to do this on time spent at the Center for Information Technology Integration (citi.umich.edu)]
1998-10-28- fix three bugs pointed out in Stevens, i.a. updating timestamps correctlyNiels Provos
- fix a 4.4bsd-lite2 bug, when tcp options are present the maximum segment size is not updated correctly, so that fast recovery forces out a segment which is split in two segments by tcp_output(), the fix is adpated from FreeBSD, the effective mss is recorded after option negotiation in 3way handshake. [I was able to fix this on time spent at Center for Information Technology Integration (citi.umich.edu)]
1998-06-27indentTheo de Raadt
1998-03-18Add FreeBSD patch (check for SYN packets arriving at a socket inAngelos D. Keromytis
LISTEN state with source address/port == destination address/port).
1997-11-12correct RST validity checking; fc@parkone.ci.oakland.ca.usTheo de Raadt
1997-11-12indentTheo de Raadt
1997-08-26indentTheo de Raadt
1997-08-16Just some more debugging info.Angelos D. Keromytis
1997-08-09SYN flood protection, by specifyingAngelos D. Keromytis
option TCPCOOKIE in the kernel config file. For very busy servers, consider raising the TCK_NFRIENDS value (it's currenly set to 16). Code originally from Matt Blaze and John Ioannidis.
1997-07-06unsigned calc should be signed; jdp@polstra.com; freebsd pr#3998Theo de Raadt
1997-06-10ensure RST is within window; avalon@coombs.anu.edu.auTheo de Raadt
1997-05-12arghTheo de Raadt
1997-02-05use arc4random()Theo de Raadt
1996-09-25Drop unused variableNiklas Hallqvist
1996-09-20`solve' the syn bomb problem as well as currently known; add sysctl's forTheo de Raadt
SOMAXCONN (kern.somaxconn), SOMINCONN (kern.sominconn), and TCPTV_KEEP_INIT (net.inet.tcp.keepinittime). when this is not enough (ie. overfull), start doing tail drop, but slightly prefer the same port.
1996-08-07Partial protection from TCP SYN attacksThorsten Lockert
1996-07-29Remove random() prototype, as it's not needed. Besides it was wrong for the ↵Niklas Hallqvist
alpha :-)
1996-07-29Make TCP ISS increment by random amountsThorsten Lockert
1996-03-03From NetBSD: 960217 mergeNiklas Hallqvist
1995-12-14from netbsd:Theo de Raadt
make netinet work on systems where pointers and longs are 64 bits (like the alpha). Biggest problem: IP headers were overlayed with structure which included pointers, and which therefore didn't overlay properly on 64-bit machines. Solution: instead of threading pointers through IP header overlays, add a "queue element" structure to do the threading, and point it at the ip headers.
1995-10-18initial import of NetBSD treeTheo de Raadt