X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fvnet%2Ftcp%2Ftcp_input.c;h=6a376350595997a0ee52558fcd1aa8ea2a43b3d8;hb=e67c1d8242fec255e7449fedcbdec5c66bb3f7b2;hp=ee7f4ae72a9652a95e62e6d2d3c89649009d8b46;hpb=d12ff50773b0b078ec6fa94201035b7d7bcc7d34;p=vpp.git diff --git a/src/vnet/tcp/tcp_input.c b/src/vnet/tcp/tcp_input.c index ee7f4ae72a9..6a376350595 100644 --- a/src/vnet/tcp/tcp_input.c +++ b/src/vnet/tcp/tcp_input.c @@ -359,6 +359,7 @@ tcp_segment_validate (tcp_worker_ctx_t * wrk, tcp_connection_t * tc0, /* 4th: check the SYN bit */ if (PREDICT_FALSE (tcp_syn (th0))) { + *error0 = tcp_ack (th0) ? TCP_ERROR_SYN_ACKS_RCVD : TCP_ERROR_SYNS_RCVD; /* TODO implement RFC 5961 */ if (tc0->state == TCP_STATE_SYN_RCVD) { @@ -1639,7 +1640,7 @@ tcp_handle_disconnects (tcp_worker_ctx_t * wrk) { tc = tcp_connection_get (pending_disconnects[i], thread_index); tcp_disconnect_pending_off (tc); - stream_session_disconnect_notify (&tc->connection); + session_transport_closing_notify (&tc->connection); } _vec_len (wrk->pending_disconnects) = 0; } @@ -2671,7 +2672,8 @@ tcp46_rcv_process_inline (vlib_main_t * vm, vlib_node_runtime_t * node, is_ip4); if (tmp->state != tc0->state) { - clib_warning ("state changed"); + if (tc0->state != TCP_STATE_CLOSED) + clib_warning ("state changed"); goto drop; } } @@ -2711,8 +2713,7 @@ tcp46_rcv_process_inline (vlib_main_t * vm, vlib_node_runtime_t * node, } /* Make sure the ack is exactly right */ - if (tc0->rcv_nxt != vnet_buffer (b0)->tcp.seq_number || is_fin0 - || vnet_buffer (b0)->tcp.data_len) + if (tc0->rcv_nxt != vnet_buffer (b0)->tcp.seq_number || is_fin0) { tcp_connection_reset (tc0); error0 = TCP_ERROR_SEGMENT_INVALID; @@ -3143,6 +3144,7 @@ tcp46_listen_inline (vlib_main_t * vm, vlib_node_runtime_t * node, child0->snd_wl2 = vnet_buffer (b0)->tcp.ack_number; tcp_connection_init_vars (child0); + child0->rto = TCP_RTO_MIN; TCP_EVT_DBG (TCP_EVT_SYN_RCVD, child0, 1); if (stream_session_accept (&child0->connection, lc0->c_s_index, @@ -3294,7 +3296,7 @@ tcp_input_trace_frame (vlib_main_t * vm, vlib_node_runtime_t * node, static void tcp_input_set_error_next (tcp_main_t * tm, u16 * next, u32 * error, u8 is_ip4) { - if (*error == TCP_ERROR_FILTERED) + if (*error == TCP_ERROR_FILTERED || *error == TCP_ERROR_WRONG_THREAD) { *next = TCP_INPUT_NEXT_DROP; } @@ -3318,7 +3320,7 @@ tcp_input_lookup_buffer (vlib_buffer_t * b, u8 thread_index, u32 * error, int n_advance_bytes, n_data_bytes; transport_connection_t *tc; tcp_header_t *tcp; - u8 is_filtered = 0; + u8 result = 0; if (is_ip4) { @@ -3344,7 +3346,7 @@ tcp_input_lookup_buffer (vlib_buffer_t * b, u8 thread_index, u32 * error, tc = session_lookup_connection_wt4 (fib_index, &ip4->dst_address, &ip4->src_address, tcp->dst_port, tcp->src_port, TRANSPORT_PROTO_TCP, - thread_index, &is_filtered); + thread_index, &result); } else { @@ -3370,7 +3372,7 @@ tcp_input_lookup_buffer (vlib_buffer_t * b, u8 thread_index, u32 * error, tc = session_lookup_connection_wt6 (fib_index, &ip6->dst_address, &ip6->src_address, tcp->dst_port, tcp->src_port, TRANSPORT_PROTO_TCP, - thread_index, &is_filtered); + thread_index, &result); } vnet_buffer (b)->tcp.seq_number = clib_net_to_host_u32 (tcp->seq_number); @@ -3381,7 +3383,7 @@ tcp_input_lookup_buffer (vlib_buffer_t * b, u8 thread_index, u32 * error, + n_data_bytes; vnet_buffer (b)->tcp.flags = 0; - *error = is_filtered ? TCP_ERROR_FILTERED : *error; + *error = result ? TCP_ERROR_NONE + result : *error; return tcp_get_connection_from_transport (tc); } @@ -3716,13 +3718,31 @@ do { \ _(FIN_WAIT_1, TCP_FLAG_RST, TCP_INPUT_NEXT_RCV_PROCESS, TCP_ERROR_NONE); _(FIN_WAIT_1, TCP_FLAG_RST | TCP_FLAG_ACK, TCP_INPUT_NEXT_RCV_PROCESS, TCP_ERROR_NONE); + _(CLOSING, 0, TCP_INPUT_NEXT_DROP, TCP_ERROR_SEGMENT_INVALID); _(CLOSING, TCP_FLAG_ACK, TCP_INPUT_NEXT_RCV_PROCESS, TCP_ERROR_NONE); _(CLOSING, TCP_FLAG_SYN, TCP_INPUT_NEXT_RCV_PROCESS, TCP_ERROR_NONE); + _(CLOSING, TCP_FLAG_SYN | TCP_FLAG_RST, TCP_INPUT_NEXT_RCV_PROCESS, + TCP_ERROR_NONE); + _(CLOSING, TCP_FLAG_SYN | TCP_FLAG_ACK, TCP_INPUT_NEXT_RCV_PROCESS, + TCP_ERROR_NONE); + _(CLOSING, TCP_FLAG_SYN | TCP_FLAG_RST | TCP_FLAG_ACK, + TCP_INPUT_NEXT_RCV_PROCESS, TCP_ERROR_NONE); _(CLOSING, TCP_FLAG_RST, TCP_INPUT_NEXT_RCV_PROCESS, TCP_ERROR_NONE); _(CLOSING, TCP_FLAG_RST | TCP_FLAG_ACK, TCP_INPUT_NEXT_RCV_PROCESS, TCP_ERROR_NONE); + _(CLOSING, TCP_FLAG_FIN, TCP_INPUT_NEXT_RCV_PROCESS, TCP_ERROR_NONE); _(CLOSING, TCP_FLAG_FIN | TCP_FLAG_ACK, TCP_INPUT_NEXT_RCV_PROCESS, TCP_ERROR_NONE); + _(CLOSING, TCP_FLAG_FIN | TCP_FLAG_RST, TCP_INPUT_NEXT_RCV_PROCESS, + TCP_ERROR_NONE); + _(CLOSING, TCP_FLAG_FIN | TCP_FLAG_RST | TCP_FLAG_ACK, + TCP_INPUT_NEXT_RCV_PROCESS, TCP_ERROR_NONE); + _(CLOSING, TCP_FLAG_FIN | TCP_FLAG_SYN, TCP_INPUT_NEXT_RCV_PROCESS, + TCP_ERROR_NONE); + _(CLOSING, TCP_FLAG_FIN | TCP_FLAG_SYN | TCP_FLAG_ACK, + TCP_INPUT_NEXT_RCV_PROCESS, TCP_ERROR_NONE); + _(CLOSING, TCP_FLAG_FIN | TCP_FLAG_SYN | TCP_FLAG_RST | TCP_FLAG_ACK, + TCP_INPUT_NEXT_RCV_PROCESS, TCP_ERROR_NONE); /* FIN confirming that the peer (app) has closed */ _(FIN_WAIT_2, TCP_FLAG_FIN, TCP_INPUT_NEXT_RCV_PROCESS, TCP_ERROR_NONE); _(FIN_WAIT_2, TCP_FLAG_ACK, TCP_INPUT_NEXT_RCV_PROCESS, TCP_ERROR_NONE); @@ -3764,6 +3784,7 @@ do { \ TCP_ERROR_NONE); _(LAST_ACK, TCP_FLAG_SYN | TCP_FLAG_RST | TCP_FLAG_ACK, TCP_INPUT_NEXT_RCV_PROCESS, TCP_ERROR_NONE); + _(TIME_WAIT, TCP_FLAG_SYN, TCP_INPUT_NEXT_RCV_PROCESS, TCP_ERROR_NONE); _(TIME_WAIT, TCP_FLAG_FIN, TCP_INPUT_NEXT_RCV_PROCESS, TCP_ERROR_NONE); _(TIME_WAIT, TCP_FLAG_FIN | TCP_FLAG_ACK, TCP_INPUT_NEXT_RCV_PROCESS, TCP_ERROR_NONE);