anchao commented on code in PR #17691:
URL: https://github.com/apache/nuttx/pull/17691#discussion_r2652081144
##########
net/tcp/tcp_input.c:
##########
@@ -744,10 +744,111 @@ static void tcp_input(FAR struct net_driver_s *dev,
uint8_t domain,
conn = tcp_active(dev, tcp);
if (conn)
{
- /* We found an active connection.. Check for the subsequent SYN
+ uint32_t seq;
+ uint32_t rcvseq;
+
+ seq = tcp_getsequence(tcp->seqno);
+ rcvseq = tcp_getsequence(conn->rcvseq);
+
+ /* rfc793 p66:
+ * "If the state is SYN-SENT then
+ * first check the ACK bit
+ * If the ACK bit is set
+ * If SEG.ACK =< ISS, or SEG.ACK > SND.NXT, send
+ * a reset (unless the RST bit is set, if so drop
+ * the segment and return)"
+ */
+
+ if ((conn->tcpstateflags & TCP_STATE_MASK) == TCP_SYN_SENT)
+ {
+ uint32_t ackseq;
+ if ((tcp->flags & TCP_ACK) != 0)
+ {
+ ackseq = tcp_getsequence(tcp->ackno);
+ if (ackseq != tcp_getsequence(conn->sndseq))
+ {
+ if ((tcp->flags & TCP_RST) != 0)
+ {
+ goto drop;
+ }
+
+ goto reset;
+ }
+
+ /* rfc793 p67: Now ACK is acceptable.
+ * "If the RST bit is set
+ * If the ACK was acceptable then signal the user "error:
+ * connection reset", drop the segment, enter CLOSED state,
+ * delete TCB, and return."
+ */
+
+ if ((tcp->flags & TCP_RST) != 0)
+ {
+ /* fallback to label found rst handle */
+
+ goto found;
+ }
+
+ /* rfc793 p68: "fifth, if neither of the SYN or RST bits is set
+ * then drop the segment and return."
+ */
+
+ if ((tcp->flags & TCP_SYN) == 0)
+ {
+ goto drop;
+ }
+ }
+ else if ((tcp->flags & TCP_RST) != 0 ||
+ (tcp->flags & TCP_SYN) == 0)
+ {
+ /* rfc793 p67: 1) "If a reset was sent, discard the segment
+ * and return" p68 2) "fifth, if neither of the SYN or RST
+ * bits is set then drop the segment and return."
+ */
+
+ goto drop;
+ }
+ }
+
+ /* RFC793, 1) page 37 Reset Processing: "In all states except
+ * SYN-SENT, all reset (RST) segments are validated by checking
+ * their SEQ-fields."
+ * 2) page 69 In all states except SYN-SENT: "If an incoming
+ * segment is not acceptable, an acknowledgment should be sent
+ * in reply (unless the RST bit is set, if so drop the segment
+ * and return)".
+ */
+
+ if ((conn->tcpstateflags & TCP_STATE_MASK) != TCP_SYN_SENT &&
+ ((conn->tcpstateflags & TCP_STATE_MASK) >= TCP_SYN_RCVD &&
+ (conn->tcpstateflags & TCP_STATE_MASK) <= TCP_LAST_ACK))
Review Comment:
```suggestion
else if ((conn->tcpstateflags & TCP_STATE_MASK) >= TCP_SYN_RCVD &&
(conn->tcpstateflags & TCP_STATE_MASK) <= TCP_LAST_ACK))
```
##########
net/tcp/tcp_input.c:
##########
@@ -744,10 +744,111 @@ static void tcp_input(FAR struct net_driver_s *dev,
uint8_t domain,
conn = tcp_active(dev, tcp);
if (conn)
{
- /* We found an active connection.. Check for the subsequent SYN
+ uint32_t seq;
Review Comment:
Could we encapsulate the sequence check logic into a separate function to
improve the readability of tcp_input?just suggestion won't block PR merge.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
