From owner-svn-src-all@FreeBSD.ORG Thu Oct 6 14:29:38 2011 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F127C106566B; Thu, 6 Oct 2011 14:29:38 +0000 (UTC) (envelope-from attilio@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id E137F8FC13; Thu, 6 Oct 2011 14:29:38 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p96ETcwc064535; Thu, 6 Oct 2011 14:29:38 GMT (envelope-from attilio@svn.freebsd.org) Received: (from attilio@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p96ETcDY064533; Thu, 6 Oct 2011 14:29:38 GMT (envelope-from attilio@svn.freebsd.org) Message-Id: <201110061429.p96ETcDY064533@svn.freebsd.org> From: Attilio Rao Date: Thu, 6 Oct 2011 14:29:38 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r226060 - head/sys/netinet X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Oct 2011 14:29:39 -0000 Author: attilio Date: Thu Oct 6 14:29:38 2011 New Revision: 226060 URL: http://svn.freebsd.org/changeset/base/226060 Log: For the INP_TIMEWAIT case, there is no valid tcpcb object tied to the inpcb object. Skip the TCP_SIGNATURE check in that case as it is consistent with the output path (no TCP_SIGNATURE for outcoming packets in TIMEWAIT state) and also because for TIMEWAIT state the verify may be less effective. Sponsored by: Sandvine Incorporated Reported by: rwatson No objections by: rwatson MFC after: 3 days Modified: head/sys/netinet/tcp_input.c Modified: head/sys/netinet/tcp_input.c ============================================================================== --- head/sys/netinet/tcp_input.c Thu Oct 6 14:24:37 2011 (r226059) +++ head/sys/netinet/tcp_input.c Thu Oct 6 14:29:38 2011 (r226060) @@ -948,24 +948,8 @@ relocked: } INP_INFO_WLOCK_ASSERT(&V_tcbinfo); -#ifdef TCP_SIGNATURE - tcp_dooptions(&to, optp, optlen, - (thflags & TH_SYN) ? TO_SYN : 0); - if (sig_checked == 0) { - tp = intotcpcb(inp); - if (tp == NULL || tp->t_state == TCPS_CLOSED) { - rstreason = BANDLIM_RST_CLOSEDPORT; - goto dropwithreset; - } - if (!tcp_signature_verify_input(m, off0, tlen, optlen, - &to, th, tp->t_flags)) - goto dropunlock; - sig_checked = 1; - } -#else if (thflags & TH_SYN) tcp_dooptions(&to, optp, optlen, TO_SYN); -#endif /* * NB: tcp_twcheck unlocks the INP and frees the mbuf. */