From f9e500e81698bbe7f78f65792e934ad6a16fa602 Mon Sep 17 00:00:00 2001
From: Florin Coras <fcoras@cisco.com>
Date: Fri, 18 Dec 2020 13:30:45 -0800
Subject: tcp: terminate options with nops

On the one hand, make sure options are terminated with NOPs to avoid
issues with clients that can't parse options that don't end on an u32
boundary. On the other, make sure the padding is rfc compliant. If
options end with EOL the padding should be zeros. The current change
does not use EOL so the padding is NOPs.

Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I608056707ef9658ca90b9c095e84a0689d8000d7
---
 src/vnet/tcp/tcp_packet.h | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

(limited to 'src/vnet/tcp/tcp_packet.h')

diff --git a/src/vnet/tcp/tcp_packet.h b/src/vnet/tcp/tcp_packet.h
index 9ccd8e0ceb3..f9c6db4f8c4 100644
--- a/src/vnet/tcp/tcp_packet.h
+++ b/src/vnet/tcp/tcp_packet.h
@@ -370,14 +370,10 @@ tcp_options_write (u8 * data, tcp_options_t * opts)
 	}
     }
 
-  /* Terminate TCP options */
-  if (opts_len % 4)
-    {
-      *data++ = TCP_OPTION_EOL;
-      opts_len += TCP_OPTION_LEN_EOL;
-    }
-
-  /* Pad with zeroes to a u32 boundary */
+  /* Terminate TCP options by padding with NOPs to a u32 boundary. Avoid using
+   * EOL because, it seems, it can break peers with broken option parsers that
+   * rely on options ending on a u32 boundary.
+   */
   while (opts_len % 4)
     {
       *data++ = TCP_OPTION_NOOP;
-- 
cgit 1.2.3-korg