From b7f035ff4c56cbfd8548c8f1a27fcffb79be6d1f Mon Sep 17 00:00:00 2001 From: Florin Coras Date: Fri, 27 Dec 2019 09:27:52 -0800 Subject: tcp: validate port reuse Type: fix Make sure existing connection is in time-wait Change-Id: I8e8bef151f81bcd589b4da0d4bf63cc59f9f451b Signed-off-by: Florin Coras --- src/vnet/tcp/tcp_input.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'src/vnet/tcp') diff --git a/src/vnet/tcp/tcp_input.c b/src/vnet/tcp/tcp_input.c index 675bc3f4283..de79e3e19ab 100755 --- a/src/vnet/tcp/tcp_input.c +++ b/src/vnet/tcp/tcp_input.c @@ -3195,20 +3195,25 @@ tcp46_listen_inline (vlib_main_t * vm, vlib_node_runtime_t * node, { tc0 = tcp_connection_get (vnet_buffer (b0)->tcp.connection_index, my_thread_index); - /* clean up the old session */ + if (tc0->state != TCP_STATE_TIME_WAIT) + { + error0 = TCP_ERROR_CREATE_EXISTS; + goto drop; + } lc0 = tcp_lookup_listener (b0, tc0->c_fib_index, is_ip4); + /* clean up the old session */ tcp_connection_del (tc0); } if (is_ip4) { ip40 = vlib_buffer_get_current (b0); - th0 = ip4_next_header (ip40); + th0 = tcp_buffer_hdr (b0); } else { ip60 = vlib_buffer_get_current (b0); - th0 = ip6_next_header (ip60); + th0 = tcp_buffer_hdr (b0); } /* Create child session. For syn-flood protection use filter */ -- cgit 1.2.3-korg