From 8124cb784050275372e05a97b1e62f9f1ba5a091 Mon Sep 17 00:00:00 2001 From: Florin Coras Date: Sun, 16 Dec 2018 20:57:29 -0800 Subject: [PATCH] tcp: fix handling of broken syn options Change-Id: Ia8b2a077ba4897ddd15cf33221b191cd7a3f1d33 Signed-off-by: Florin Coras --- src/vnet/tcp/tcp.c | 11 ++++++++++- src/vnet/tcp/tcp.h | 3 ++- src/vnet/tcp/tcp_input.c | 5 +++-- src/vnet/tcp/tcp_output.c | 1 - 4 files changed, 15 insertions(+), 5 deletions(-) diff --git a/src/vnet/tcp/tcp.c b/src/vnet/tcp/tcp.c index a3cd1f3e1bb..285ed624d56 100644 --- a/src/vnet/tcp/tcp.c +++ b/src/vnet/tcp/tcp.c @@ -246,7 +246,7 @@ tcp_connection_del (tcp_connection_t * tc) } tcp_connection_t * -tcp_connection_new (u8 thread_index) +tcp_connection_alloc (u8 thread_index) { tcp_main_t *tm = vnet_get_tcp_main (); tcp_connection_t *tc; @@ -258,6 +258,15 @@ tcp_connection_new (u8 thread_index) return tc; } +void +tcp_connection_free (tcp_connection_t * tc) +{ + tcp_main_t *tm = &tcp_main; + pool_put (tm->connections[tc->c_thread_index], tc); + if (CLIB_DEBUG > 0) + clib_memset (tc, 0xFA, sizeof (*tc)); +} + /** Notify session that connection has been reset. * * Switch state to closed and wait for session to call cleanup. diff --git a/src/vnet/tcp/tcp.h b/src/vnet/tcp/tcp.h index 46b03ac14b4..a62e01d70e1 100644 --- a/src/vnet/tcp/tcp.h +++ b/src/vnet/tcp/tcp.h @@ -565,7 +565,8 @@ void tcp_connection_close (tcp_connection_t * tc); void tcp_connection_cleanup (tcp_connection_t * tc); void tcp_connection_del (tcp_connection_t * tc); int tcp_half_open_connection_cleanup (tcp_connection_t * tc); -tcp_connection_t *tcp_connection_new (u8 thread_index); +tcp_connection_t *tcp_connection_alloc (u8 thread_index); +void tcp_connection_free (tcp_connection_t * tc); void tcp_connection_reset (tcp_connection_t * tc); int tcp_configure_v4_source_address_range (vlib_main_t * vm, ip4_address_t * start, diff --git a/src/vnet/tcp/tcp_input.c b/src/vnet/tcp/tcp_input.c index 4406d685b6c..f0ae8b11434 100644 --- a/src/vnet/tcp/tcp_input.c +++ b/src/vnet/tcp/tcp_input.c @@ -3097,7 +3097,7 @@ tcp46_listen_inline (vlib_main_t * vm, vlib_node_runtime_t * node, } /* Create child session and send SYN-ACK */ - child0 = tcp_connection_new (my_thread_index); + child0 = tcp_connection_alloc (my_thread_index); child0->c_lcl_port = th0->dst_port; child0->c_rmt_port = th0->src_port; child0->c_is_ip4 = is_ip4; @@ -3119,7 +3119,8 @@ tcp46_listen_inline (vlib_main_t * vm, vlib_node_runtime_t * node, if (tcp_options_parse (th0, &child0->rcv_opts, 1)) { - clib_warning ("options parse fail"); + error0 = TCP_ERROR_OPTIONS; + tcp_connection_free (child0); goto drop; } diff --git a/src/vnet/tcp/tcp_output.c b/src/vnet/tcp/tcp_output.c index 113fb148c37..fc4bceb58cb 100644 --- a/src/vnet/tcp/tcp_output.c +++ b/src/vnet/tcp/tcp_output.c @@ -447,7 +447,6 @@ tcp_init_mss (tcp_connection_t * tc) if (tc->snd_mss < 45) { - clib_warning ("snd mss is 0"); /* Assume that at least the min default mss works */ tc->snd_mss = default_min_mss; tc->rcv_opts.mss = default_min_mss; -- 2.16.6