diff options
| author |   Florin Coras <fcoras@cisco.com> | 2018-12-06 17:24:59 -0800 |
|---|---|---|
| committer |   Damjan Marion <dmarion@me.com> | 2018-12-07 15:08:58 +0000 |
| commit | ea41aac320cc47ae00e7dd6e870e6ca32dcdc0b5 (patch) | |
| tree | 0d57e2ea05a1b02ae5d0033817e397afcfc2414f /src/vnet | |
| parent | 8023111319244fbc1d0c88f192c767324d561c5a (diff) | |
tcp: fix timestamp check and paws
Change-Id: I5a5ee48755befc370a1f89ddbb0d91f164ed564f
Signed-off-by: Florin Coras <fcoras@cisco.com>
Diffstat (limited to 'src/vnet')
| -rw-r--r-- | src/vnet/tcp/tcp_input.c | 7 |
1 files changed, 2 insertions, 5 deletions
diff --git a/src/vnet/tcp/tcp_input.c b/src/vnet/tcp/tcp_input.c index d1736e9fb4e..0e915505d37 100644 --- a/src/vnet/tcp/tcp_input.c +++ b/src/vnet/tcp/tcp_input.c @@ -245,7 +245,7 @@ tcp_options_parse (tcp_header_t * th, tcp_options_t * to, u8 is_syn) always_inline int tcp_segment_check_paws (tcp_connection_t * tc) { - return tcp_opts_tstamp (&tc->rcv_opts) && tc->tsval_recent + return tcp_opts_tstamp (&tc->rcv_opts) && timestamp_lt (tc->rcv_opts.tsval, tc->tsval_recent); } @@ -307,8 +307,6 @@ tcp_segment_validate (tcp_worker_ctx_t * wrk, tcp_connection_t * tc0, if (PREDICT_FALSE (tcp_segment_check_paws (tc0))) { *error0 = TCP_ERROR_PAWS; - if (CLIB_DEBUG > 2) - clib_warning ("paws failed\n%U", format_tcp_connection, tc0, 2); TCP_EVT_DBG (TCP_EVT_PAWS_FAIL, tc0, vnet_buffer (b0)->tcp.seq_number, vnet_buffer (b0)->tcp.seq_end); @@ -317,8 +315,7 @@ tcp_segment_validate (tcp_worker_ctx_t * wrk, tcp_connection_t * tc0, if (timestamp_lt (tc0->tsval_recent_age + TCP_PAWS_IDLE, tcp_time_now_w_thread (tc0->c_thread_index))) { - /* Age isn't reset until we get a valid tsval (bsd inspired) */ - tc0->tsval_recent = 0; + tc0->tsval_recent = tc0->rcv_opts.tsval; clib_warning ("paws failed - really old segment. REALLY?"); } else |