Now use a random (based on system_time()) initial sequence number - this also

revealed a bug in the recognition of faulty SYNs.


git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@19419 a95241bf-73f2-0310-859d-f6bbb57e9c96
This commit is contained in:
Axel Dörfler 2006-12-04 15:09:02 +00:00
parent 442c097946
commit 9299a7ff2a
2 changed files with 10 additions and 6 deletions

View File

@ -247,6 +247,10 @@ TCPEndpoint::Connect(const struct sockaddr *address)
TRACE((" TCP: Connect(): starting 3-way handshake...\n"));
fState = SYNCHRONIZE_SENT;
fInitialSendSequence = system_time() >> 4;
fSendNext = fInitialSendSequence;
fSendUnacknowledged = fInitialSendSequence;
fSendMax = fInitialSendSequence;
// send SYN
status = _SendQueued();
@ -583,6 +587,7 @@ TCPEndpoint::ListenReceive(tcp_segment_header &segment, net_buffer *buffer)
endpoint->fReceiveNext = segment.sequence + 1;
// account for the extra sequence number for the synchronization
endpoint->fInitialSendSequence = system_time() >> 4;
endpoint->fSendNext = endpoint->fInitialSendSequence;
endpoint->fSendUnacknowledged = endpoint->fSendNext;
endpoint->fSendMax = endpoint->fSendNext;
@ -603,9 +608,7 @@ TCPEndpoint::ListenReceive(tcp_segment_header &segment, net_buffer *buffer)
}
// send SYN+ACK
//benaphore_lock(&endpoint->fSendLock);
status_t status = endpoint->_SendQueued();
//benaphore_unlock(&endpoint->fSendLock);
endpoint->fInitialSendSequence = fSendNext;
endpoint->fSendQueue.SetInitialSequence(fSendNext);
@ -761,9 +764,10 @@ TCPEndpoint::Receive(tcp_segment_header &segment, net_buffer *buffer)
}
if ((segment.flags & TCP_FLAG_SYNCHRONIZE) != 0
|| (fState == SYNCHRONIZE_RECEIVED
&& (fSendUnacknowledged > segment.acknowledge
|| fSendMax < segment.acknowledge
|| fInitialReceiveSequence > segment.sequence))) {
&& (fInitialReceiveSequence > segment.sequence
|| (segment.flags & TCP_FLAG_ACKNOWLEDGE) != 0
&& (fSendUnacknowledged > segment.acknowledge
|| fSendMax < segment.acknowledge)))) {
// reset the connection - either the initial SYN was faulty, or we received
// a SYN within the data stream
return DROP | RESET;

View File

@ -469,7 +469,7 @@ tcp_receive_data(net_buffer *buffer)
RecursiveLocker locker(gEndpointManager->Locker());
int32 segmentAction = DROP;
TCPEndpoint *endpoint = gEndpointManager->FindConnection(
(struct sockaddr *)&buffer->destination, (struct sockaddr *)&buffer->source);
if (endpoint != NULL) {