tcp: improve invalid packet handling in syn-rcvd

Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie356b4d45d47e30c185caf2e66cdb16f1a97046f

diff --git a/src/vnet/session/session.c b/src/vnet/session/session.c
index 0b66cf8..b006cfa 100644 (file)
--- a/src/vnet/session/session.c
+++ b/src/vnet/session/session.c
@@ -1003,7 +1003,14 @@ session_stream_accept_notify (transport_connection_t * tc)
   if (!app_wrk)
     return -1;
   s->session_state = SESSION_STATE_ACCEPTING;
-  return app_worker_accept_notify (app_wrk, s);
+  if (app_worker_accept_notify (app_wrk, s))
+    {
+      /* On transport delete, no notifications should be sent. Unless, the
+       * accept is retried and successful. */
+      s->session_state = SESSION_STATE_CREATED;
+      return -1;
+    }
+  return 0;
 }
 
 /**

diff --git a/src/vnet/tcp/tcp_input.c b/src/vnet/tcp/tcp_input.c
index 164a1b3..f907750 100755 (executable)
--- a/src/vnet/tcp/tcp_input.c
+++ b/src/vnet/tcp/tcp_input.c
@@ -2945,7 +2945,7 @@ tcp46_rcv_process_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
          /* Make sure the segment is exactly right */
          if (tc0->rcv_nxt != vnet_buffer (b0)->tcp.seq_number || is_fin0)
            {
-             tcp_rcv_rst (wrk, tc0);
+             tcp_send_reset_w_pkt (tc0, b0, thread_index, is_ip4);
              error0 = TCP_ERROR_SEGMENT_INVALID;
              goto drop;
            }
@@ -2958,7 +2958,8 @@ tcp46_rcv_process_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
           */
          if (tcp_rcv_ack_no_cc (tc0, b0, &error0))
            {
-             tcp_rcv_rst (wrk, tc0);
+             tcp_send_reset_w_pkt (tc0, b0, thread_index, is_ip4);
+             error0 = TCP_ERROR_SEGMENT_INVALID;
              goto drop;
            }
 
@@ -2985,7 +2986,9 @@ tcp46_rcv_process_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
          if (session_stream_accept_notify (&tc0->connection))
            {
              error0 = TCP_ERROR_MSG_QUEUE_FULL;
-             tcp_rcv_rst (wrk, tc0);
+             tcp_send_reset (tc0);
+             session_transport_delete_notify (&tc0->connection);
+             tcp_connection_cleanup (tc0);
              goto drop;
            }
          error0 = TCP_ERROR_ACK_OK;