diff options
author | Florin Coras <fcoras@cisco.com> | 2020-02-11 05:31:49 +0000 |
---|---|---|
committer | Dave Barach <openvpp@barachs.net> | 2020-02-12 21:05:43 +0000 |
commit | 4dc10a4d560363147e58953b0301888cc57b15ce (patch) | |
tree | e4049884d72687eabbe29eceec0c607f93975f49 /src/vnet | |
parent | 0426185e65f4f1e001e62375c819fc8ed49a544d (diff) |
tcp: improve invalid packet handling in syn-rcvd
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie356b4d45d47e30c185caf2e66cdb16f1a97046f
Diffstat (limited to 'src/vnet')
-rw-r--r-- | src/vnet/session/session.c | 9 | ||||
-rwxr-xr-x | src/vnet/tcp/tcp_input.c | 9 |
2 files changed, 14 insertions, 4 deletions
diff --git a/src/vnet/session/session.c b/src/vnet/session/session.c index 0b66cf87c4d..b006cfaf2bb 100644 --- a/src/vnet/session/session.c +++ b/src/vnet/session/session.c @@ -1003,7 +1003,14 @@ session_stream_accept_notify (transport_connection_t * tc) if (!app_wrk) return -1; s->session_state = SESSION_STATE_ACCEPTING; - return app_worker_accept_notify (app_wrk, s); + if (app_worker_accept_notify (app_wrk, s)) + { + /* On transport delete, no notifications should be sent. Unless, the + * accept is retried and successful. */ + s->session_state = SESSION_STATE_CREATED; + return -1; + } + return 0; } /** diff --git a/src/vnet/tcp/tcp_input.c b/src/vnet/tcp/tcp_input.c index 164a1b3431f..f907750bccc 100755 --- a/src/vnet/tcp/tcp_input.c +++ b/src/vnet/tcp/tcp_input.c @@ -2945,7 +2945,7 @@ tcp46_rcv_process_inline (vlib_main_t * vm, vlib_node_runtime_t * node, /* Make sure the segment is exactly right */ if (tc0->rcv_nxt != vnet_buffer (b0)->tcp.seq_number || is_fin0) { - tcp_rcv_rst (wrk, tc0); + tcp_send_reset_w_pkt (tc0, b0, thread_index, is_ip4); error0 = TCP_ERROR_SEGMENT_INVALID; goto drop; } @@ -2958,7 +2958,8 @@ tcp46_rcv_process_inline (vlib_main_t * vm, vlib_node_runtime_t * node, */ if (tcp_rcv_ack_no_cc (tc0, b0, &error0)) { - tcp_rcv_rst (wrk, tc0); + tcp_send_reset_w_pkt (tc0, b0, thread_index, is_ip4); + error0 = TCP_ERROR_SEGMENT_INVALID; goto drop; } @@ -2985,7 +2986,9 @@ tcp46_rcv_process_inline (vlib_main_t * vm, vlib_node_runtime_t * node, if (session_stream_accept_notify (&tc0->connection)) { error0 = TCP_ERROR_MSG_QUEUE_FULL; - tcp_rcv_rst (wrk, tc0); + tcp_send_reset (tc0); + session_transport_delete_notify (&tc0->connection); + tcp_connection_cleanup (tc0); goto drop; } error0 = TCP_ERROR_ACK_OK; |