From fe36bd947fa17e3c7c8f2079091bcdfeb9832dc8 Mon Sep 17 00:00:00 2001 From: Marco Pfatschbacher Date: Tue, 9 Sep 2008 15:26:13 +0000 Subject: The pf state to pcb linking code change didn't account for the TIME_WAIT socket recycling code to redo the pcb lookup w/out resetting the inp pointer. Therefore we used the stale pcb, which leads us to reply with a RST to SYNs received on TIME_WAIT sockets. Also move the findpcb label below the pf pcb cache lookup, to avoid using a stale pcb when the caching code gets activated. OK markus@, henning@ --- sys/netinet/tcp_input.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'sys') diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c index 15e6dde0424..331e13ec05e 100644 --- a/sys/netinet/tcp_input.c +++ b/sys/netinet/tcp_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_input.c,v 1.220 2008/07/03 15:46:24 henning Exp $ */ +/* $OpenBSD: tcp_input.c,v 1.221 2008/09/09 15:26:12 mpf Exp $ */ /* $NetBSD: tcp_input.c,v 1.23 1996/02/13 23:43:44 christos Exp $ */ /* @@ -594,11 +594,11 @@ tcp_input(struct mbuf *m, ...) /* * Locate pcb for segment. */ -findpcb: #if NPF > 0 if (m->m_pkthdr.pf.statekey) inp = ((struct pf_state_key *)m->m_pkthdr.pf.statekey)->inp; #endif +findpcb: if (inp == NULL) { switch (af) { #ifdef INET6 @@ -1309,6 +1309,7 @@ trimthenstep6: ((arc4random() & 0x7fffffff) | 0x8000); reuse = &iss; tp = tcp_close(tp); + inp = NULL; goto findpcb; } } -- cgit v1.2.3