wenquan2015 commented on code in PR #17691:
URL: https://github.com/apache/nuttx/pull/17691#discussion_r2652140612
##########
net/tcp/tcp_input.c:
##########
@@ -744,10 +744,111 @@ static void tcp_input(FAR struct net_driver_s *dev,
uint8_t domain,
conn = tcp_active(dev, tcp);
if (conn)
{
- /* We found an active connection.. Check for the subsequent SYN
+ uint32_t seq;
+ uint32_t rcvseq;
+
+ seq = tcp_getsequence(tcp->seqno);
+ rcvseq = tcp_getsequence(conn->rcvseq);
+
+ /* rfc793 p66:
+ * "If the state is SYN-SENT then
+ * first check the ACK bit
+ * If the ACK bit is set
+ * If SEG.ACK =< ISS, or SEG.ACK > SND.NXT, send
+ * a reset (unless the RST bit is set, if so drop
+ * the segment and return)"
+ */
+
+ if ((conn->tcpstateflags & TCP_STATE_MASK) == TCP_SYN_SENT)
+ {
+ uint32_t ackseq;
+ if ((tcp->flags & TCP_ACK) != 0)
+ {
+ ackseq = tcp_getsequence(tcp->ackno);
+ if (ackseq != tcp_getsequence(conn->sndseq))
+ {
+ if ((tcp->flags & TCP_RST) != 0)
+ {
+ goto drop;
+ }
+
+ goto reset;
+ }
+
+ /* rfc793 p67: Now ACK is acceptable.
+ * "If the RST bit is set
+ * If the ACK was acceptable then signal the user "error:
+ * connection reset", drop the segment, enter CLOSED state,
+ * delete TCB, and return."
+ */
+
+ if ((tcp->flags & TCP_RST) != 0)
+ {
+ /* fallback to label found rst handle */
+
+ goto found;
+ }
+
+ /* rfc793 p68: "fifth, if neither of the SYN or RST bits is set
+ * then drop the segment and return."
+ */
+
+ if ((tcp->flags & TCP_SYN) == 0)
+ {
+ goto drop;
+ }
+ }
+ else if ((tcp->flags & TCP_RST) != 0 ||
+ (tcp->flags & TCP_SYN) == 0)
+ {
+ /* rfc793 p67: 1) "If a reset was sent, discard the segment
+ * and return" p68 2) "fifth, if neither of the SYN or RST
+ * bits is set then drop the segment and return."
+ */
+
+ goto drop;
+ }
+ }
+
+ /* RFC793, 1) page 37 Reset Processing: "In all states except
+ * SYN-SENT, all reset (RST) segments are validated by checking
+ * their SEQ-fields."
+ * 2) page 69 In all states except SYN-SENT: "If an incoming
+ * segment is not acceptable, an acknowledgment should be sent
+ * in reply (unless the RST bit is set, if so drop the segment
+ * and return)".
+ */
+
+ if ((conn->tcpstateflags & TCP_STATE_MASK) != TCP_SYN_SENT &&
+ ((conn->tcpstateflags & TCP_STATE_MASK) >= TCP_SYN_RCVD &&
+ (conn->tcpstateflags & TCP_STATE_MASK) <= TCP_LAST_ACK))
Review Comment:
base on the tcp state macro define as follow,TCP_SYN_SENT is bigger than
TCP_SYN_RCVD, but the block need to exclude state TCP_SYN_SENT :
```
# define TCP_ALLOCATED 0x01 /* The connection is allocated, but not yet
initialized */
# define TCP_SYN_RCVD 0x02
# define TCP_SYN_SENT 0x03
# define TCP_ESTABLISHED 0x04
# define TCP_FIN_WAIT_1 0x05
# define TCP_FIN_WAIT_2 0x06
# define TCP_CLOSE_WAIT 0x07
# define TCP_CLOSING 0x08
# define TCP_TIME_WAIT 0x09
# define TCP_LAST_ACK 0x0a
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
