Author: tuexen
Date: Tue Feb 27 22:12:38 2018
New Revision: 330089
URL: https://svnweb.freebsd.org/changeset/base/330089
Log:
When checking the TCP fast cookie length, conststently also check
for the minimum length.
This fixes a bug where cookies of length 2 bytes (which is smaller
than the minimum length of 4) is provided by the server.
Sponsored by: Netflix, Inc.
Modified:
head/sys/netinet/tcp_fastopen.c
Modified: head/sys/netinet/tcp_fastopen.c
==============================================================================
--- head/sys/netinet/tcp_fastopen.c Tue Feb 27 22:07:41 2018
(r330088)
+++ head/sys/netinet/tcp_fastopen.c Tue Feb 27 22:12:38 2018
(r330089)
@@ -1071,7 +1071,8 @@ tcp_fastopen_ccache_create(struct tcp_fastopen_ccache_
cce->cce_server_ip.v6 = inc->inc6_faddr;
}
cce->server_port = inc->inc_fport;
- if ((cookie_len <= TCP_FASTOPEN_MAX_COOKIE_LEN) &&
+ if ((cookie_len >= TCP_FASTOPEN_MIN_COOKIE_LEN) &&
+ (cookie_len <= TCP_FASTOPEN_MAX_COOKIE_LEN) &&
((cookie_len & 0x1) == 0)) {
cce->server_mss = mss;
cce->cookie_len = cookie_len;
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "[email protected]"
