![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to tcp_input.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [Apple XNU] / XNU / bsd / netinet|
Return to tcp_input.c CVS log | Up to [Apple XNU] / XNU / bsd / netinet |
1.1 ! root 1: /* ! 2: * Copyright (c) 2000 Apple Computer, Inc. All rights reserved. ! 3: * ! 4: * @APPLE_LICENSE_HEADER_START@ ! 5: * ! 6: * The contents of this file constitute Original Code as defined in and ! 7: * are subject to the Apple Public Source License Version 1.1 (the ! 8: * "License"). You may not use this file except in compliance with the ! 9: * License. Please obtain a copy of the License at ! 10: * http://www.apple.com/publicsource and read it before using this file. ! 11: * ! 12: * This Original Code and all software distributed under the License are ! 13: * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER ! 14: * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, ! 15: * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, ! 16: * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the ! 17: * License for the specific language governing rights and limitations ! 18: * under the License. ! 19: * ! 20: * @APPLE_LICENSE_HEADER_END@ ! 21: */ ! 22: /* ! 23: * Copyright (c) 1982, 1986, 1988, 1990, 1993, 1994, 1995 ! 24: * The Regents of the University of California. All rights reserved. ! 25: * ! 26: * Redistribution and use in source and binary forms, with or without ! 27: * modification, are permitted provided that the following conditions ! 28: * are met: ! 29: * 1. Redistributions of source code must retain the above copyright ! 30: * notice, this list of conditions and the following disclaimer. ! 31: * 2. Redistributions in binary form must reproduce the above copyright ! 32: * notice, this list of conditions and the following disclaimer in the ! 33: * documentation and/or other materials provided with the distribution. ! 34: * 3. All advertising materials mentioning features or use of this software ! 35: * must display the following acknowledgement: ! 36: * This product includes software developed by the University of ! 37: * California, Berkeley and its contributors. ! 38: * 4. Neither the name of the University nor the names of its contributors ! 39: * may be used to endorse or promote products derived from this software ! 40: * without specific prior written permission. ! 41: * ! 42: * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND ! 43: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ! 44: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ! 45: * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE ! 46: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL ! 47: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS ! 48: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ! 49: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT ! 50: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY ! 51: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF ! 52: * SUCH DAMAGE. ! 53: * ! 54: * @(#)tcp_input.c 8.12 (Berkeley) 5/24/95 ! 55: */ ! 56: ! 57: #if ISFB31 ! 58: #include "opt_ipfw.h" /* for ipfw_fwd */ ! 59: #include "opt_tcpdebug.h" ! 60: #endif ! 61: ! 62: #include <sys/param.h> ! 63: #include <sys/systm.h> ! 64: #include <sys/kernel.h> ! 65: #include <sys/sysctl.h> ! 66: #include <sys/malloc.h> ! 67: #include <sys/mbuf.h> ! 68: #include <sys/proc.h> /* for proc0 declaration */ ! 69: #include <sys/protosw.h> ! 70: #include <sys/socket.h> ! 71: #include <sys/socketvar.h> ! 72: #include <sys/syslog.h> ! 73: ! 74: #include <kern/cpu_number.h> /* before tcp_seq.h, for tcp_random18() */ ! 75: ! 76: #include <net/if.h> ! 77: #include <net/route.h> ! 78: ! 79: #include <netinet/in.h> ! 80: #include <netinet/in_systm.h> ! 81: #include <netinet/ip.h> ! 82: #include <netinet/ip_icmp.h> /* for ICMP_BANDLIM */ ! 83: #include <netinet/in_pcb.h> ! 84: #include <netinet/ip_var.h> ! 85: #include <netinet/icmp_var.h> /* for ICMP_BANDLIM */ ! 86: #include <netinet/tcp.h> ! 87: #include <netinet/tcp_fsm.h> ! 88: #include <netinet/tcp_seq.h> ! 89: #include <netinet/tcp_timer.h> ! 90: #include <netinet/tcp_var.h> ! 91: #include <netinet/tcpip.h> ! 92: #if TCPDEBUG ! 93: #include <netinet/tcp_debug.h> ! 94: static struct tcpiphdr tcp_saveti; ! 95: #endif ! 96: ! 97: static int tcprexmtthresh = 3; ! 98: tcp_seq tcp_iss; ! 99: tcp_cc tcp_ccgen; ! 100: ! 101: struct tcpstat tcpstat; ! 102: SYSCTL_STRUCT(_net_inet_tcp, TCPCTL_STATS, stats, ! 103: CTLFLAG_RD, &tcpstat , tcpstat, ""); ! 104: ! 105: static int log_in_vain = 0; ! 106: SYSCTL_INT(_net_inet_tcp, OID_AUTO, log_in_vain, CTLFLAG_RW, ! 107: &log_in_vain, 0, ""); ! 108: ! 109: int tcp_delack_enabled = 1; ! 110: SYSCTL_INT(_net_inet_tcp, OID_AUTO, delayed_ack, CTLFLAG_RW, ! 111: &tcp_delack_enabled, 0, ""); ! 112: ! 113: u_long tcp_now; ! 114: struct inpcbhead tcb; ! 115: struct inpcbinfo tcbinfo; ! 116: ! 117: static void tcp_dooptions __P((struct tcpcb *, ! 118: u_char *, int, struct tcpiphdr *, struct tcpopt *)); ! 119: static void tcp_pulloutofband __P((struct socket *, ! 120: struct tcpiphdr *, struct mbuf *)); ! 121: static int tcp_reass __P((struct tcpcb *, struct tcpiphdr *, struct mbuf *)); ! 122: static void tcp_xmit_timer __P((struct tcpcb *, int)); ! 123: ! 124: ! 125: /* ! 126: * Insert segment ti into reassembly queue of tcp with ! 127: * control block tp. Return TH_FIN if reassembly now includes ! 128: * a segment with FIN. The macro form does the common case inline ! 129: * (segment is the next to be received on an established connection, ! 130: * and the queue is empty), avoiding linkage into and removal ! 131: * from the queue and repetition of various conversions. ! 132: * Set DELACK for segments received in order, but ack immediately ! 133: * when segments are out of order (so fast retransmit can work). ! 134: */ ! 135: #define TCP_REASS(tp, ti, m, so, flags) { \ ! 136: if ((ti)->ti_seq == (tp)->rcv_nxt && \ ! 137: (tp)->t_segq == NULL && \ ! 138: (tp)->t_state == TCPS_ESTABLISHED) { \ ! 139: if (tcp_delack_enabled) \ ! 140: tp->t_flags |= TF_DELACK; \ ! 141: else \ ! 142: tp->t_flags |= TF_ACKNOW; \ ! 143: (tp)->rcv_nxt += (ti)->ti_len; \ ! 144: flags = (ti)->ti_flags & TH_FIN; \ ! 145: tcpstat.tcps_rcvpack++;\ ! 146: tcpstat.tcps_rcvbyte += (ti)->ti_len;\ ! 147: sbappend(&(so)->so_rcv, (m)); \ ! 148: sorwakeup(so); \ ! 149: } else { \ ! 150: (flags) = tcp_reass((tp), (ti), (m)); \ ! 151: tp->t_flags |= TF_ACKNOW; \ ! 152: } \ ! 153: } ! 154: ! 155: static int ! 156: tcp_reass(tp, ti, m) ! 157: register struct tcpcb *tp; ! 158: register struct tcpiphdr *ti; ! 159: struct mbuf *m; ! 160: { ! 161: struct mbuf *q; ! 162: struct mbuf *p; ! 163: struct mbuf *nq; ! 164: struct socket *so = tp->t_inpcb->inp_socket; ! 165: int flags; ! 166: ! 167: #define GETTCP(m) ((struct tcpiphdr *)m->m_pkthdr.header) ! 168: ! 169: /* ! 170: * Call with ti==0 after become established to ! 171: * force pre-ESTABLISHED data up to user socket. ! 172: */ ! 173: if (ti == 0) ! 174: goto present; ! 175: ! 176: m->m_pkthdr.header = ti; ! 177: ! 178: /* ! 179: * Find a segment which begins after this one does. ! 180: */ ! 181: for (q = tp->t_segq, p = NULL; q; p = q, q = q->m_nextpkt) ! 182: if (SEQ_GT(GETTCP(q)->ti_seq, ti->ti_seq)) ! 183: break; ! 184: ! 185: /* ! 186: * If there is a preceding segment, it may provide some of ! 187: * our data already. If so, drop the data from the incoming ! 188: * segment. If it provides all of our data, drop us. ! 189: */ ! 190: if (p != NULL) { ! 191: register int i; ! 192: /* conversion to int (in i) handles seq wraparound */ ! 193: i = GETTCP(p)->ti_seq + GETTCP(p)->ti_len - ti->ti_seq; ! 194: if (i > 0) { ! 195: if (i >= ti->ti_len) { ! 196: tcpstat.tcps_rcvduppack++; ! 197: tcpstat.tcps_rcvdupbyte += ti->ti_len; ! 198: m_freem(m); ! 199: /* ! 200: * Try to present any queued data ! 201: * at the left window edge to the user. ! 202: * This is needed after the 3-WHS ! 203: * completes. ! 204: */ ! 205: goto present; /* ??? */ ! 206: } ! 207: m_adj(m, i); ! 208: ti->ti_len -= i; ! 209: ti->ti_seq += i; ! 210: } ! 211: } ! 212: tcpstat.tcps_rcvoopack++; ! 213: tcpstat.tcps_rcvoobyte += ti->ti_len; ! 214: ! 215: /* ! 216: * While we overlap succeeding segments trim them or, ! 217: * if they are completely covered, dequeue them. ! 218: */ ! 219: while (q) { ! 220: register int i = (ti->ti_seq + ti->ti_len) - GETTCP(q)->ti_seq; ! 221: if (i <= 0) ! 222: break; ! 223: if (i < GETTCP(q)->ti_len) { ! 224: GETTCP(q)->ti_seq += i; ! 225: GETTCP(q)->ti_len -= i; ! 226: m_adj(q, i); ! 227: break; ! 228: } ! 229: ! 230: nq = q->m_nextpkt; ! 231: if (p) ! 232: p->m_nextpkt = nq; ! 233: else ! 234: tp->t_segq = nq; ! 235: m_freem(q); ! 236: q = nq; ! 237: } ! 238: ! 239: if (p == NULL) { ! 240: m->m_nextpkt = tp->t_segq; ! 241: tp->t_segq = m; ! 242: } else { ! 243: m->m_nextpkt = p->m_nextpkt; ! 244: p->m_nextpkt = m; ! 245: } ! 246: ! 247: present: ! 248: /* ! 249: * Present data to user, advancing rcv_nxt through ! 250: * completed sequence space. ! 251: */ ! 252: if (!TCPS_HAVEESTABLISHED(tp->t_state)) ! 253: return (0); ! 254: q = tp->t_segq; ! 255: if (!q || GETTCP(q)->ti_seq != tp->rcv_nxt) ! 256: return (0); ! 257: do { ! 258: tp->rcv_nxt += GETTCP(q)->ti_len; ! 259: flags = GETTCP(q)->ti_flags & TH_FIN; ! 260: nq = q->m_nextpkt; ! 261: tp->t_segq = nq; ! 262: q->m_nextpkt = NULL; ! 263: if (so->so_state & SS_CANTRCVMORE) ! 264: m_freem(q); ! 265: else ! 266: sbappend(&so->so_rcv, q); ! 267: q = nq; ! 268: } while (q && GETTCP(q)->ti_seq == tp->rcv_nxt); ! 269: sorwakeup(so); ! 270: return (flags); ! 271: ! 272: #undef GETTCP ! 273: } ! 274: ! 275: /* ! 276: * TCP input routine, follows pages 65-76 of the ! 277: * protocol specification dated September, 1981 very closely. ! 278: */ ! 279: void ! 280: tcp_input(m, iphlen) ! 281: register struct mbuf *m; ! 282: int iphlen; ! 283: { ! 284: register struct tcpiphdr *ti; ! 285: register struct inpcb *inp; ! 286: u_char *optp = NULL; ! 287: int optlen = 0; ! 288: int len, tlen, off; ! 289: register struct tcpcb *tp = 0; ! 290: register int tiflags; ! 291: struct socket *so = 0; ! 292: int todrop, acked, ourfinisacked, needoutput = 0; ! 293: struct in_addr laddr; ! 294: int dropsocket = 0; ! 295: int iss = 0; ! 296: u_long tiwin; ! 297: struct tcpopt to; /* options in this segment */ ! 298: struct rmxp_tao *taop; /* pointer to our TAO cache entry */ ! 299: struct rmxp_tao tao_noncached; /* in case there's no cached entry */ ! 300: #if TCPDEBUG ! 301: short ostate = 0; ! 302: #endif ! 303: struct proc *proc0=current_proc(); ! 304: ! 305: bzero((char *)&to, sizeof(to)); ! 306: ! 307: tcpstat.tcps_rcvtotal++; ! 308: /* ! 309: * Get IP and TCP header together in first mbuf. ! 310: * Note: IP leaves IP header in first mbuf. ! 311: */ ! 312: ti = mtod(m, struct tcpiphdr *); ! 313: if (iphlen > sizeof (struct ip)) ! 314: ip_stripoptions(m, (struct mbuf *)0); ! 315: if (m->m_len < sizeof (struct tcpiphdr)) { ! 316: if ((m = m_pullup(m, sizeof (struct tcpiphdr))) == 0) { ! 317: tcpstat.tcps_rcvshort++; ! 318: return; ! 319: } ! 320: ti = mtod(m, struct tcpiphdr *); ! 321: } ! 322: ! 323: /* ! 324: * Checksum extended TCP header and data. ! 325: */ ! 326: tlen = ((struct ip *)ti)->ip_len; ! 327: len = sizeof (struct ip) + tlen; ! 328: bzero(ti->ti_x1, sizeof(ti->ti_x1)); ! 329: ti->ti_len = (u_short)tlen; ! 330: HTONS(ti->ti_len); ! 331: ti->ti_sum = in_cksum(m, len); ! 332: if (ti->ti_sum) { ! 333: tcpstat.tcps_rcvbadsum++; ! 334: goto drop; ! 335: } ! 336: ! 337: /* ! 338: * Check that TCP offset makes sense, ! 339: * pull out TCP options and adjust length. XXX ! 340: */ ! 341: off = ti->ti_off << 2; ! 342: if (off < sizeof (struct tcphdr) || off > tlen) { ! 343: tcpstat.tcps_rcvbadoff++; ! 344: goto drop; ! 345: } ! 346: tlen -= off; ! 347: ti->ti_len = tlen; ! 348: if (off > sizeof (struct tcphdr)) { ! 349: if (m->m_len < sizeof(struct ip) + off) { ! 350: if ((m = m_pullup(m, sizeof (struct ip) + off)) == 0) { ! 351: tcpstat.tcps_rcvshort++; ! 352: return; ! 353: } ! 354: ti = mtod(m, struct tcpiphdr *); ! 355: } ! 356: optlen = off - sizeof (struct tcphdr); ! 357: optp = mtod(m, u_char *) + sizeof (struct tcpiphdr); ! 358: } ! 359: tiflags = ti->ti_flags; ! 360: ! 361: /* ! 362: * Convert TCP protocol specific fields to host format. ! 363: */ ! 364: NTOHL(ti->ti_seq); ! 365: NTOHL(ti->ti_ack); ! 366: NTOHS(ti->ti_win); ! 367: NTOHS(ti->ti_urp); ! 368: ! 369: /* ! 370: * Drop TCP, IP headers and TCP options. ! 371: */ ! 372: m->m_data += sizeof(struct tcpiphdr)+off-sizeof(struct tcphdr); ! 373: m->m_len -= sizeof(struct tcpiphdr)+off-sizeof(struct tcphdr); ! 374: ! 375: /* ! 376: * Locate pcb for segment. ! 377: */ ! 378: findpcb: ! 379: #if IPFIREWALL_FORWARD ! 380: if (ip_fw_fwd_addr != NULL) { ! 381: /* ! 382: * Diverted. Pretend to be the destination. ! 383: * already got one like this? ! 384: */ ! 385: inp = in_pcblookup_hash(&tcbinfo, ti->ti_src, ti->ti_sport, ! 386: ti->ti_dst, ti->ti_dport, 0); ! 387: if (!inp) { ! 388: /* ! 389: * No, then it's new. Try find the ambushing socket ! 390: */ ! 391: if (!ip_fw_fwd_addr->sin_port) { ! 392: inp = in_pcblookup_hash(&tcbinfo, ti->ti_src, ! 393: ti->ti_sport, ip_fw_fwd_addr->sin_addr, ! 394: ti->ti_dport, 1); ! 395: } else { ! 396: inp = in_pcblookup_hash(&tcbinfo, ! 397: ti->ti_src, ti->ti_sport, ! 398: ip_fw_fwd_addr->sin_addr, ! 399: ntohs(ip_fw_fwd_addr->sin_port), 1); ! 400: } ! 401: } ! 402: ip_fw_fwd_addr = NULL; ! 403: } else ! 404: #endif /* IPFIREWALL_FORWARD */ ! 405: ! 406: inp = in_pcblookup_hash(&tcbinfo, ti->ti_src, ti->ti_sport, ! 407: ti->ti_dst, ti->ti_dport, 1); ! 408: ! 409: /* ! 410: * If the state is CLOSED (i.e., TCB does not exist) then ! 411: * all data in the incoming segment is discarded. ! 412: * If the TCB exists but is in CLOSED state, it is embryonic, ! 413: * but should either do a listen or a connect soon. ! 414: */ ! 415: if (inp == NULL) { ! 416: if (log_in_vain && tiflags & TH_SYN) { ! 417: char buf[4*sizeof "123"]; ! 418: ! 419: strcpy(buf, inet_ntoa(ti->ti_dst)); ! 420: log(LOG_INFO, ! 421: "Connection attempt to TCP %s:%d from %s:%d\n", ! 422: buf, ntohs(ti->ti_dport), inet_ntoa(ti->ti_src), ! 423: ntohs(ti->ti_sport)); ! 424: } ! 425: #if ICMP_BANDLIM ! 426: if (badport_bandlim(1) < 0) ! 427: goto drop; ! 428: #endif ! 429: goto dropwithreset; ! 430: } ! 431: tp = intotcpcb(inp); ! 432: if (tp == 0) ! 433: goto dropwithreset; ! 434: if (tp->t_state == TCPS_CLOSED) ! 435: goto drop; ! 436: ! 437: /* Unscale the window into a 32-bit value. */ ! 438: if ((tiflags & TH_SYN) == 0) ! 439: tiwin = ti->ti_win << tp->snd_scale; ! 440: else ! 441: tiwin = ti->ti_win; ! 442: ! 443: so = inp->inp_socket; ! 444: if (so->so_options & (SO_DEBUG|SO_ACCEPTCONN)) { ! 445: #if TCPDEBUG ! 446: if (so->so_options & SO_DEBUG) { ! 447: ostate = tp->t_state; ! 448: tcp_saveti = *ti; ! 449: } ! 450: #endif ! 451: if (so->so_options & SO_ACCEPTCONN) { ! 452: register struct tcpcb *tp0 = tp; ! 453: struct socket *so2; ! 454: if ((tiflags & (TH_RST|TH_ACK|TH_SYN)) != TH_SYN) { ! 455: /* ! 456: * Note: dropwithreset makes sure we don't ! 457: * send a RST in response to a RST. ! 458: */ ! 459: if (tiflags & TH_ACK) { ! 460: tcpstat.tcps_badsyn++; ! 461: goto dropwithreset; ! 462: } ! 463: goto drop; ! 464: } ! 465: so2 = sonewconn(so, 0); ! 466: if (so2 == 0) { ! 467: tcpstat.tcps_listendrop++; ! 468: so2 = sodropablereq(so); ! 469: if (so2) { ! 470: tcp_drop(sototcpcb(so2), ETIMEDOUT); ! 471: so2 = sonewconn(so, 0); ! 472: } ! 473: if (!so2) ! 474: goto drop; ! 475: } ! 476: so = so2; ! 477: /* ! 478: * This is ugly, but .... ! 479: * ! 480: * Mark socket as temporary until we're ! 481: * committed to keeping it. The code at ! 482: * ``drop'' and ``dropwithreset'' check the ! 483: * flag dropsocket to see if the temporary ! 484: * socket created here should be discarded. ! 485: * We mark the socket as discardable until ! 486: * we're committed to it below in TCPS_LISTEN. ! 487: */ ! 488: dropsocket++; ! 489: inp = (struct inpcb *)so->so_pcb; ! 490: inp->inp_laddr = ti->ti_dst; ! 491: inp->inp_lport = ti->ti_dport; ! 492: if (in_pcbinshash(inp) != 0) { ! 493: /* ! 494: * Undo the assignments above if we failed to put ! 495: * the PCB on the hash lists. ! 496: */ ! 497: inp->inp_laddr.s_addr = INADDR_ANY; ! 498: inp->inp_lport = 0; ! 499: goto drop; ! 500: } ! 501: inp->inp_options = ip_srcroute(); ! 502: tp = intotcpcb(inp); ! 503: tp->t_state = TCPS_LISTEN; ! 504: tp->t_flags |= tp0->t_flags & (TF_NOPUSH|TF_NOOPT); ! 505: ! 506: /* Compute proper scaling value from buffer space */ ! 507: while (tp->request_r_scale < TCP_MAX_WINSHIFT && ! 508: TCP_MAXWIN << tp->request_r_scale < so->so_rcv.sb_hiwat) ! 509: tp->request_r_scale++; ! 510: } ! 511: } ! 512: ! 513: /* ! 514: * Segment received on connection. ! 515: * Reset idle time and keep-alive timer. ! 516: */ ! 517: tp->t_idle = 0; ! 518: if (TCPS_HAVEESTABLISHED(tp->t_state)) ! 519: tp->t_timer[TCPT_KEEP] = tcp_keepidle; ! 520: ! 521: /* ! 522: * Process options if not in LISTEN state, ! 523: * else do it below (after getting remote address). ! 524: */ ! 525: if (tp->t_state != TCPS_LISTEN) ! 526: tcp_dooptions(tp, optp, optlen, ti, &to); ! 527: ! 528: /* ! 529: * Header prediction: check for the two common cases ! 530: * of a uni-directional data xfer. If the packet has ! 531: * no control flags, is in-sequence, the window didn't ! 532: * change and we're not retransmitting, it's a ! 533: * candidate. If the length is zero and the ack moved ! 534: * forward, we're the sender side of the xfer. Just ! 535: * free the data acked & wake any higher level process ! 536: * that was blocked waiting for space. If the length ! 537: * is non-zero and the ack didn't move, we're the ! 538: * receiver side. If we're getting packets in-order ! 539: * (the reassembly queue is empty), add the data to ! 540: * the socket buffer and note that we need a delayed ack. ! 541: * Make sure that the hidden state-flags are also off. ! 542: * Since we check for TCPS_ESTABLISHED above, it can only ! 543: * be TH_NEEDSYN. ! 544: */ ! 545: if (tp->t_state == TCPS_ESTABLISHED && ! 546: (tiflags & (TH_SYN|TH_FIN|TH_RST|TH_URG|TH_ACK)) == TH_ACK && ! 547: ((tp->t_flags & (TF_NEEDSYN|TF_NEEDFIN)) == 0) && ! 548: ((to.to_flag & TOF_TS) == 0 || ! 549: TSTMP_GEQ(to.to_tsval, tp->ts_recent)) && ! 550: /* ! 551: * Using the CC option is compulsory if once started: ! 552: * the segment is OK if no T/TCP was negotiated or ! 553: * if the segment has a CC option equal to CCrecv ! 554: */ ! 555: ((tp->t_flags & (TF_REQ_CC|TF_RCVD_CC)) != (TF_REQ_CC|TF_RCVD_CC) || ! 556: (to.to_flag & TOF_CC) != 0 && to.to_cc == tp->cc_recv) && ! 557: ti->ti_seq == tp->rcv_nxt && ! 558: tiwin && tiwin == tp->snd_wnd && ! 559: tp->snd_nxt == tp->snd_max) { ! 560: ! 561: /* ! 562: * If last ACK falls within this segment's sequence numbers, ! 563: * record the timestamp. ! 564: * NOTE that the test is modified according to the latest ! 565: * proposal of the [email protected] list (Braden 1993/04/26). ! 566: */ ! 567: if ((to.to_flag & TOF_TS) != 0 && ! 568: SEQ_LEQ(ti->ti_seq, tp->last_ack_sent)) { ! 569: tp->ts_recent_age = tcp_now; ! 570: tp->ts_recent = to.to_tsval; ! 571: } ! 572: ! 573: if (ti->ti_len == 0) { ! 574: if (SEQ_GT(ti->ti_ack, tp->snd_una) && ! 575: SEQ_LEQ(ti->ti_ack, tp->snd_max) && ! 576: tp->snd_cwnd >= tp->snd_wnd && ! 577: tp->t_dupacks < tcprexmtthresh) { ! 578: /* ! 579: * this is a pure ack for outstanding data. ! 580: */ ! 581: ++tcpstat.tcps_predack; ! 582: if ((to.to_flag & TOF_TS) != 0) ! 583: tcp_xmit_timer(tp, ! 584: tcp_now - to.to_tsecr + 1); ! 585: else if (tp->t_rtt && ! 586: SEQ_GT(ti->ti_ack, tp->t_rtseq)) ! 587: tcp_xmit_timer(tp, tp->t_rtt); ! 588: acked = ti->ti_ack - tp->snd_una; ! 589: tcpstat.tcps_rcvackpack++; ! 590: tcpstat.tcps_rcvackbyte += acked; ! 591: sbdrop(&so->so_snd, acked); ! 592: tp->snd_una = ti->ti_ack; ! 593: m_freem(m); ! 594: ! 595: /* ! 596: * If all outstanding data are acked, stop ! 597: * retransmit timer, otherwise restart timer ! 598: * using current (possibly backed-off) value. ! 599: * If process is waiting for space, ! 600: * wakeup/selwakeup/signal. If data ! 601: * are ready to send, let tcp_output ! 602: * decide between more output or persist. ! 603: */ ! 604: if (tp->snd_una == tp->snd_max) ! 605: tp->t_timer[TCPT_REXMT] = 0; ! 606: else if (tp->t_timer[TCPT_PERSIST] == 0) ! 607: tp->t_timer[TCPT_REXMT] = tp->t_rxtcur; ! 608: ! 609: sowwakeup(so); ! 610: if (so->so_snd.sb_cc) ! 611: (void) tcp_output(tp); ! 612: return; ! 613: } ! 614: } else if (ti->ti_ack == tp->snd_una && ! 615: tp->t_segq == NULL && ! 616: ti->ti_len <= sbspace(&so->so_rcv)) { ! 617: /* ! 618: * this is a pure, in-sequence data packet ! 619: * with nothing on the reassembly queue and ! 620: * we have enough buffer space to take it. ! 621: */ ! 622: ++tcpstat.tcps_preddat; ! 623: tp->rcv_nxt += ti->ti_len; ! 624: tcpstat.tcps_rcvpack++; ! 625: tcpstat.tcps_rcvbyte += ti->ti_len; ! 626: /* ! 627: * Add data to socket buffer. ! 628: */ ! 629: sbappend(&so->so_rcv, m); ! 630: sorwakeup(so); ! 631: if (tcp_delack_enabled) { ! 632: tp->t_flags |= TF_DELACK; ! 633: } else { ! 634: tp->t_flags |= TF_ACKNOW; ! 635: tcp_output(tp); ! 636: } ! 637: return; ! 638: } ! 639: } ! 640: ! 641: /* ! 642: * Calculate amount of space in receive window, ! 643: * and then do TCP input processing. ! 644: * Receive window is amount of space in rcv queue, ! 645: * but not less than advertised window. ! 646: */ ! 647: { int win; ! 648: ! 649: win = sbspace(&so->so_rcv); ! 650: if (win < 0) ! 651: win = 0; ! 652: tp->rcv_wnd = imax(win, (int)(tp->rcv_adv - tp->rcv_nxt)); ! 653: } ! 654: ! 655: switch (tp->t_state) { ! 656: ! 657: /* ! 658: * If the state is LISTEN then ignore segment if it contains an RST. ! 659: * If the segment contains an ACK then it is bad and send a RST. ! 660: * If it does not contain a SYN then it is not interesting; drop it. ! 661: * If it is from this socket, drop it, it must be forged. ! 662: * Don't bother responding if the destination was a broadcast. ! 663: * Otherwise initialize tp->rcv_nxt, and tp->irs, select an initial ! 664: * tp->iss, and send a segment: ! 665: * <SEQ=ISS><ACK=RCV_NXT><CTL=SYN,ACK> ! 666: * Also initialize tp->snd_nxt to tp->iss+1 and tp->snd_una to tp->iss. ! 667: * Fill in remote peer address fields if not previously specified. ! 668: * Enter SYN_RECEIVED state, and process any other fields of this ! 669: * segment in this state. ! 670: */ ! 671: case TCPS_LISTEN: { ! 672: register struct sockaddr_in *sin; ! 673: ! 674: if (tiflags & TH_RST) ! 675: goto drop; ! 676: if (tiflags & TH_ACK) ! 677: goto dropwithreset; ! 678: if ((tiflags & TH_SYN) == 0) ! 679: goto drop; ! 680: if ((ti->ti_dport == ti->ti_sport) && ! 681: (ti->ti_dst.s_addr == ti->ti_src.s_addr)) ! 682: goto drop; ! 683: /* ! 684: * RFC1122 4.2.3.10, p. 104: discard bcast/mcast SYN ! 685: * in_broadcast() should never return true on a received ! 686: * packet with M_BCAST not set. ! 687: */ ! 688: if (m->m_flags & (M_BCAST|M_MCAST) || ! 689: IN_MULTICAST(ntohl(ti->ti_dst.s_addr))) ! 690: goto drop; ! 691: MALLOC(sin, struct sockaddr_in *, sizeof *sin, M_SONAME, ! 692: M_NOWAIT); ! 693: if (sin == NULL) ! 694: goto drop; ! 695: sin->sin_family = AF_INET; ! 696: sin->sin_len = sizeof(*sin); ! 697: sin->sin_addr = ti->ti_src; ! 698: sin->sin_port = ti->ti_sport; ! 699: bzero((caddr_t)sin->sin_zero, sizeof(sin->sin_zero)); ! 700: laddr = inp->inp_laddr; ! 701: if (inp->inp_laddr.s_addr == INADDR_ANY) ! 702: inp->inp_laddr = ti->ti_dst; ! 703: if (in_pcbconnect(inp, (struct sockaddr *)sin, proc0)) { ! 704: inp->inp_laddr = laddr; ! 705: FREE(sin, M_SONAME); ! 706: goto drop; ! 707: } ! 708: FREE(sin, M_SONAME); ! 709: tp->t_template = tcp_template(tp); ! 710: if (tp->t_template == 0) { ! 711: tp = tcp_drop(tp, ENOBUFS); ! 712: dropsocket = 0; /* socket is already gone */ ! 713: goto drop; ! 714: } ! 715: if ((taop = tcp_gettaocache(inp)) == NULL) { ! 716: taop = &tao_noncached; ! 717: bzero(taop, sizeof(*taop)); ! 718: } ! 719: tcp_dooptions(tp, optp, optlen, ti, &to); ! 720: if (iss) ! 721: tp->iss = iss; ! 722: else ! 723: tp->iss = tcp_iss; ! 724: tcp_iss += TCP_ISSINCR/4; ! 725: tp->irs = ti->ti_seq; ! 726: tcp_sendseqinit(tp); ! 727: tcp_rcvseqinit(tp); ! 728: /* ! 729: * Initialization of the tcpcb for transaction; ! 730: * set SND.WND = SEG.WND, ! 731: * initialize CCsend and CCrecv. ! 732: */ ! 733: tp->snd_wnd = tiwin; /* initial send-window */ ! 734: tp->cc_send = CC_INC(tcp_ccgen); ! 735: tp->cc_recv = to.to_cc; ! 736: /* ! 737: * Perform TAO test on incoming CC (SEG.CC) option, if any. ! 738: * - compare SEG.CC against cached CC from the same host, ! 739: * if any. ! 740: * - if SEG.CC > chached value, SYN must be new and is accepted ! 741: * immediately: save new CC in the cache, mark the socket ! 742: * connected, enter ESTABLISHED state, turn on flag to ! 743: * send a SYN in the next segment. ! 744: * A virtual advertised window is set in rcv_adv to ! 745: * initialize SWS prevention. Then enter normal segment ! 746: * processing: drop SYN, process data and FIN. ! 747: * - otherwise do a normal 3-way handshake. ! 748: */ ! 749: if ((to.to_flag & TOF_CC) != 0) { ! 750: if (((tp->t_flags & TF_NOPUSH) != 0) && ! 751: taop->tao_cc != 0 && CC_GT(to.to_cc, taop->tao_cc)) { ! 752: ! 753: taop->tao_cc = to.to_cc; ! 754: tp->t_state = TCPS_ESTABLISHED; ! 755: ! 756: /* ! 757: * If there is a FIN, or if there is data and the ! 758: * connection is local, then delay SYN,ACK(SYN) in ! 759: * the hope of piggy-backing it on a response ! 760: * segment. Otherwise must send ACK now in case ! 761: * the other side is slow starting. ! 762: */ ! 763: if (tcp_delack_enabled && ((tiflags & TH_FIN) || (ti->ti_len != 0 && ! 764: in_localaddr(inp->inp_faddr)))) ! 765: tp->t_flags |= (TF_DELACK | TF_NEEDSYN); ! 766: else ! 767: tp->t_flags |= (TF_ACKNOW | TF_NEEDSYN); ! 768: ! 769: /* ! 770: * Limit the `virtual advertised window' to TCP_MAXWIN ! 771: * here. Even if we requested window scaling, it will ! 772: * become effective only later when our SYN is acked. ! 773: */ ! 774: tp->rcv_adv += min(tp->rcv_wnd, TCP_MAXWIN); ! 775: tcpstat.tcps_connects++; ! 776: soisconnected(so); ! 777: tp->t_timer[TCPT_KEEP] = tcp_keepinit; ! 778: dropsocket = 0; /* committed to socket */ ! 779: tcpstat.tcps_accepts++; ! 780: goto trimthenstep6; ! 781: } ! 782: /* else do standard 3-way handshake */ ! 783: } else { ! 784: /* ! 785: * No CC option, but maybe CC.NEW: ! 786: * invalidate cached value. ! 787: */ ! 788: taop->tao_cc = 0; ! 789: } ! 790: /* ! 791: * TAO test failed or there was no CC option, ! 792: * do a standard 3-way handshake. ! 793: */ ! 794: tp->t_flags |= TF_ACKNOW; ! 795: tp->t_state = TCPS_SYN_RECEIVED; ! 796: tp->t_timer[TCPT_KEEP] = tcp_keepinit; ! 797: dropsocket = 0; /* committed to socket */ ! 798: tcpstat.tcps_accepts++; ! 799: goto trimthenstep6; ! 800: } ! 801: ! 802: /* ! 803: * If the state is SYN_RECEIVED: ! 804: * if seg contains an ACK, but not for our SYN/ACK, send a RST. ! 805: */ ! 806: case TCPS_SYN_RECEIVED: ! 807: if ((tiflags & TH_ACK) && ! 808: (SEQ_LEQ(ti->ti_ack, tp->snd_una) || ! 809: SEQ_GT(ti->ti_ack, tp->snd_max))) ! 810: goto dropwithreset; ! 811: break; ! 812: ! 813: /* ! 814: * If the state is SYN_SENT: ! 815: * if seg contains an ACK, but not for our SYN, drop the input. ! 816: * if seg contains a RST, then drop the connection. ! 817: * if seg does not contain SYN, then drop it. ! 818: * Otherwise this is an acceptable SYN segment ! 819: * initialize tp->rcv_nxt and tp->irs ! 820: * if seg contains ack then advance tp->snd_una ! 821: * if SYN has been acked change to ESTABLISHED else SYN_RCVD state ! 822: * arrange for segment to be acked (eventually) ! 823: * continue processing rest of data/controls, beginning with URG ! 824: */ ! 825: case TCPS_SYN_SENT: ! 826: if ((taop = tcp_gettaocache(inp)) == NULL) { ! 827: taop = &tao_noncached; ! 828: bzero(taop, sizeof(*taop)); ! 829: } ! 830: ! 831: if ((tiflags & TH_ACK) && ! 832: (SEQ_LEQ(ti->ti_ack, tp->iss) || ! 833: SEQ_GT(ti->ti_ack, tp->snd_max))) { ! 834: /* ! 835: * If we have a cached CCsent for the remote host, ! 836: * hence we haven't just crashed and restarted, ! 837: * do not send a RST. This may be a retransmission ! 838: * from the other side after our earlier ACK was lost. ! 839: * Our new SYN, when it arrives, will serve as the ! 840: * needed ACK. ! 841: */ ! 842: if (taop->tao_ccsent != 0) ! 843: goto drop; ! 844: else ! 845: goto dropwithreset; ! 846: } ! 847: if (tiflags & TH_RST) { ! 848: if (tiflags & TH_ACK) { ! 849: tp = tcp_drop(tp, ECONNREFUSED); ! 850: postevent(so, 0, EV_RESET); ! 851: } ! 852: goto drop; ! 853: } ! 854: if ((tiflags & TH_SYN) == 0) ! 855: goto drop; ! 856: tp->snd_wnd = ti->ti_win; /* initial send window */ ! 857: tp->cc_recv = to.to_cc; /* foreign CC */ ! 858: ! 859: tp->irs = ti->ti_seq; ! 860: tcp_rcvseqinit(tp); ! 861: if (tiflags & TH_ACK) { ! 862: /* ! 863: * Our SYN was acked. If segment contains CC.ECHO ! 864: * option, check it to make sure this segment really ! 865: * matches our SYN. If not, just drop it as old ! 866: * duplicate, but send an RST if we're still playing ! 867: * by the old rules. If no CC.ECHO option, make sure ! 868: * we don't get fooled into using T/TCP. ! 869: */ ! 870: if (to.to_flag & TOF_CCECHO) { ! 871: if (tp->cc_send != to.to_ccecho) ! 872: if (taop->tao_ccsent != 0) ! 873: goto drop; ! 874: else ! 875: goto dropwithreset; ! 876: } else ! 877: tp->t_flags &= ~TF_RCVD_CC; ! 878: tcpstat.tcps_connects++; ! 879: soisconnected(so); ! 880: /* Do window scaling on this connection? */ ! 881: if ((tp->t_flags & (TF_RCVD_SCALE|TF_REQ_SCALE)) == ! 882: (TF_RCVD_SCALE|TF_REQ_SCALE)) { ! 883: tp->snd_scale = tp->requested_s_scale; ! 884: tp->rcv_scale = tp->request_r_scale; ! 885: } ! 886: /* Segment is acceptable, update cache if undefined. */ ! 887: if (taop->tao_ccsent == 0) ! 888: taop->tao_ccsent = to.to_ccecho; ! 889: ! 890: tp->rcv_adv += tp->rcv_wnd; ! 891: tp->snd_una++; /* SYN is acked */ ! 892: /* ! 893: * If there's data, delay ACK; if there's also a FIN ! 894: * ACKNOW will be turned on later. ! 895: */ ! 896: if (tcp_delack_enabled && ti->ti_len != 0) ! 897: tp->t_flags |= TF_DELACK; ! 898: else ! 899: tp->t_flags |= TF_ACKNOW; ! 900: /* ! 901: * Received <SYN,ACK> in SYN_SENT[*] state. ! 902: * Transitions: ! 903: * SYN_SENT --> ESTABLISHED ! 904: * SYN_SENT* --> FIN_WAIT_1 ! 905: */ ! 906: if (tp->t_flags & TF_NEEDFIN) { ! 907: tp->t_state = TCPS_FIN_WAIT_1; ! 908: tp->t_flags &= ~TF_NEEDFIN; ! 909: tiflags &= ~TH_SYN; ! 910: } else { ! 911: tp->t_state = TCPS_ESTABLISHED; ! 912: tp->t_timer[TCPT_KEEP] = tcp_keepidle; ! 913: } ! 914: } else { ! 915: /* ! 916: * Received initial SYN in SYN-SENT[*] state => simul- ! 917: * taneous open. If segment contains CC option and there is ! 918: * a cached CC, apply TAO test; if it succeeds, connection is ! 919: * half-synchronized. Otherwise, do 3-way handshake: ! 920: * SYN-SENT -> SYN-RECEIVED ! 921: * SYN-SENT* -> SYN-RECEIVED* ! 922: * If there was no CC option, clear cached CC value. ! 923: */ ! 924: tp->t_flags |= TF_ACKNOW; ! 925: tp->t_timer[TCPT_REXMT] = 0; ! 926: if (to.to_flag & TOF_CC) { ! 927: if (taop->tao_cc != 0 && ! 928: CC_GT(to.to_cc, taop->tao_cc)) { ! 929: /* ! 930: * update cache and make transition: ! 931: * SYN-SENT -> ESTABLISHED* ! 932: * SYN-SENT* -> FIN-WAIT-1* ! 933: */ ! 934: taop->tao_cc = to.to_cc; ! 935: if (tp->t_flags & TF_NEEDFIN) { ! 936: tp->t_state = TCPS_FIN_WAIT_1; ! 937: tp->t_flags &= ~TF_NEEDFIN; ! 938: } else { ! 939: tp->t_state = TCPS_ESTABLISHED; ! 940: tp->t_timer[TCPT_KEEP] = tcp_keepidle; ! 941: } ! 942: tp->t_flags |= TF_NEEDSYN; ! 943: } else ! 944: tp->t_state = TCPS_SYN_RECEIVED; ! 945: } else { ! 946: /* CC.NEW or no option => invalidate cache */ ! 947: taop->tao_cc = 0; ! 948: tp->t_state = TCPS_SYN_RECEIVED; ! 949: } ! 950: } ! 951: ! 952: trimthenstep6: ! 953: /* ! 954: * Advance ti->ti_seq to correspond to first data byte. ! 955: * If data, trim to stay within window, ! 956: * dropping FIN if necessary. ! 957: */ ! 958: ti->ti_seq++; ! 959: if (ti->ti_len > tp->rcv_wnd) { ! 960: todrop = ti->ti_len - tp->rcv_wnd; ! 961: m_adj(m, -todrop); ! 962: ti->ti_len = tp->rcv_wnd; ! 963: tiflags &= ~TH_FIN; ! 964: tcpstat.tcps_rcvpackafterwin++; ! 965: tcpstat.tcps_rcvbyteafterwin += todrop; ! 966: } ! 967: tp->snd_wl1 = ti->ti_seq - 1; ! 968: tp->rcv_up = ti->ti_seq; ! 969: /* ! 970: * Client side of transaction: already sent SYN and data. ! 971: * If the remote host used T/TCP to validate the SYN, ! 972: * our data will be ACK'd; if so, enter normal data segment ! 973: * processing in the middle of step 5, ack processing. ! 974: * Otherwise, goto step 6. ! 975: */ ! 976: if (tiflags & TH_ACK) ! 977: goto process_ACK; ! 978: goto step6; ! 979: /* ! 980: * If the state is LAST_ACK or CLOSING or TIME_WAIT: ! 981: * if segment contains a SYN and CC [not CC.NEW] option: ! 982: * if state == TIME_WAIT and connection duration > MSL, ! 983: * drop packet and send RST; ! 984: * ! 985: * if SEG.CC > CCrecv then is new SYN, and can implicitly ! 986: * ack the FIN (and data) in retransmission queue. ! 987: * Complete close and delete TCPCB. Then reprocess ! 988: * segment, hoping to find new TCPCB in LISTEN state; ! 989: * ! 990: * else must be old SYN; drop it. ! 991: * else do normal processing. ! 992: */ ! 993: case TCPS_LAST_ACK: ! 994: case TCPS_CLOSING: ! 995: case TCPS_TIME_WAIT: ! 996: if ((tiflags & TH_SYN) && ! 997: (to.to_flag & TOF_CC) && tp->cc_recv != 0) { ! 998: if (tp->t_state == TCPS_TIME_WAIT && ! 999: tp->t_duration > TCPTV_MSL) ! 1000: goto dropwithreset; ! 1001: if (CC_GT(to.to_cc, tp->cc_recv)) { ! 1002: tp = tcp_close(tp); ! 1003: goto findpcb; ! 1004: } ! 1005: else ! 1006: goto drop; ! 1007: } ! 1008: break; /* continue normal processing */ ! 1009: } ! 1010: ! 1011: /* ! 1012: * States other than LISTEN or SYN_SENT. ! 1013: * First check the RST flag and sequence number since reset segments ! 1014: * are exempt from the timestamp and connection count tests. This ! 1015: * fixes a bug introduced by the Stevens, vol. 2, p. 960 bugfix ! 1016: * below which allowed reset segments in half the sequence space ! 1017: * to fall though and be processed (which gives forged reset ! 1018: * segments with a random sequence number a 50 percent chance of ! 1019: * killing a connection). ! 1020: * Then check timestamp, if present. ! 1021: * Then check the connection count, if present. ! 1022: * Then check that at least some bytes of segment are within ! 1023: * receive window. If segment begins before rcv_nxt, ! 1024: * drop leading data (and SYN); if nothing left, just ack. ! 1025: * ! 1026: * ! 1027: * If the RST bit is set, check the sequence number to see ! 1028: * if this is a valid reset segment. ! 1029: * RFC 793 page 37: ! 1030: * In all states except SYN-SENT, all reset (RST) segments ! 1031: * are validated by checking their SEQ-fields. A reset is ! 1032: * valid if its sequence number is in the window. ! 1033: * Note: this does not take into account delayed ACKs, so ! 1034: * we should test against last_ack_sent instead of rcv_nxt. ! 1035: * Also, it does not make sense to allow reset segments with ! 1036: * sequence numbers greater than last_ack_sent to be processed ! 1037: * since these sequence numbers are just the acknowledgement ! 1038: * numbers in our outgoing packets being echoed back at us, ! 1039: * and these acknowledgement numbers are monotonically ! 1040: * increasing. ! 1041: * If we have multiple segments in flight, the intial reset ! 1042: * segment sequence numbers will be to the left of last_ack_sent, ! 1043: * but they will eventually catch up. ! 1044: * In any case, it never made sense to trim reset segments to ! 1045: * fit the receive window since RFC 1122 says: ! 1046: * 4.2.2.12 RST Segment: RFC-793 Section 3.4 ! 1047: * ! 1048: * A TCP SHOULD allow a received RST segment to include data. ! 1049: * ! 1050: * DISCUSSION ! 1051: * It has been suggested that a RST segment could contain ! 1052: * ASCII text that encoded and explained the cause of the ! 1053: * RST. No standard has yet been established for such ! 1054: * data. ! 1055: * ! 1056: * If the reset segment passes the sequence number test examine ! 1057: * the state: ! 1058: * SYN_RECEIVED STATE: ! 1059: * If passive open, return to LISTEN state. ! 1060: * If active open, inform user that connection was refused. ! 1061: * ESTABLISHED, FIN_WAIT_1, FIN_WAIT2, CLOSE_WAIT STATES: ! 1062: * Inform user that connection was reset, and close tcb. ! 1063: * CLOSING, LAST_ACK, TIME_WAIT STATES ! 1064: * Close the tcb. ! 1065: * TIME_WAIT state: ! 1066: * Drop the segment - see Stevens, vol. 2, p. 964 and ! 1067: * RFC 1337. ! 1068: */ ! 1069: if (tiflags & TH_RST) { ! 1070: if (tp->last_ack_sent == ti->ti_seq) { ! 1071: switch (tp->t_state) { ! 1072: ! 1073: case TCPS_SYN_RECEIVED: ! 1074: so->so_error = ECONNREFUSED; ! 1075: goto close; ! 1076: ! 1077: case TCPS_ESTABLISHED: ! 1078: case TCPS_FIN_WAIT_1: ! 1079: case TCPS_FIN_WAIT_2: ! 1080: case TCPS_CLOSE_WAIT: ! 1081: so->so_error = ECONNRESET; ! 1082: close: ! 1083: postevent(so, 0, EV_RESET); ! 1084: tp->t_state = TCPS_CLOSED; ! 1085: tcpstat.tcps_drops++; ! 1086: tp = tcp_close(tp); ! 1087: break; ! 1088: ! 1089: case TCPS_CLOSING: ! 1090: case TCPS_LAST_ACK: ! 1091: tp = tcp_close(tp); ! 1092: break; ! 1093: ! 1094: case TCPS_TIME_WAIT: ! 1095: break; ! 1096: } ! 1097: } ! 1098: goto drop; ! 1099: } ! 1100: ! 1101: /* ! 1102: * RFC 1323 PAWS: If we have a timestamp reply on this segment ! 1103: * and it's less than ts_recent, drop it. ! 1104: */ ! 1105: if ((to.to_flag & TOF_TS) != 0 && tp->ts_recent && ! 1106: TSTMP_LT(to.to_tsval, tp->ts_recent)) { ! 1107: ! 1108: /* Check to see if ts_recent is over 24 days old. */ ! 1109: if ((int)(tcp_now - tp->ts_recent_age) > TCP_PAWS_IDLE) { ! 1110: /* ! 1111: * Invalidate ts_recent. If this segment updates ! 1112: * ts_recent, the age will be reset later and ts_recent ! 1113: * will get a valid value. If it does not, setting ! 1114: * ts_recent to zero will at least satisfy the ! 1115: * requirement that zero be placed in the timestamp ! 1116: * echo reply when ts_recent isn't valid. The ! 1117: * age isn't reset until we get a valid ts_recent ! 1118: * because we don't want out-of-order segments to be ! 1119: * dropped when ts_recent is old. ! 1120: */ ! 1121: tp->ts_recent = 0; ! 1122: } else { ! 1123: tcpstat.tcps_rcvduppack++; ! 1124: tcpstat.tcps_rcvdupbyte += ti->ti_len; ! 1125: tcpstat.tcps_pawsdrop++; ! 1126: goto dropafterack; ! 1127: } ! 1128: } ! 1129: ! 1130: /* ! 1131: * T/TCP mechanism ! 1132: * If T/TCP was negotiated and the segment doesn't have CC, ! 1133: * or if its CC is wrong then drop the segment. ! 1134: * RST segments do not have to comply with this. ! 1135: */ ! 1136: if ((tp->t_flags & (TF_REQ_CC|TF_RCVD_CC)) == (TF_REQ_CC|TF_RCVD_CC) && ! 1137: ((to.to_flag & TOF_CC) == 0 || tp->cc_recv != to.to_cc)) ! 1138: goto dropafterack; ! 1139: ! 1140: /* ! 1141: * In the SYN-RECEIVED state, validate that the packet belongs to ! 1142: * this connection before trimming the data to fit the receive ! 1143: * window. Check the sequence number versus IRS since we know ! 1144: * the sequence numbers haven't wrapped. This is a partial fix ! 1145: * for the "LAND" DoS attack. ! 1146: */ ! 1147: if (tp->t_state == TCPS_SYN_RECEIVED && SEQ_LT(ti->ti_seq, tp->irs)) ! 1148: goto dropwithreset; ! 1149: ! 1150: todrop = tp->rcv_nxt - ti->ti_seq; ! 1151: if (todrop > 0) { ! 1152: if (tiflags & TH_SYN) { ! 1153: tiflags &= ~TH_SYN; ! 1154: ti->ti_seq++; ! 1155: if (ti->ti_urp > 1) ! 1156: ti->ti_urp--; ! 1157: else ! 1158: tiflags &= ~TH_URG; ! 1159: todrop--; ! 1160: } ! 1161: /* ! 1162: * Following if statement from Stevens, vol. 2, p. 960. ! 1163: */ ! 1164: if (todrop > ti->ti_len ! 1165: || (todrop == ti->ti_len && (tiflags & TH_FIN) == 0)) { ! 1166: /* ! 1167: * Any valid FIN must be to the left of the window. ! 1168: * At this point the FIN must be a duplicate or out ! 1169: * of sequence; drop it. ! 1170: */ ! 1171: tiflags &= ~TH_FIN; ! 1172: ! 1173: /* ! 1174: * Send an ACK to resynchronize and drop any data. ! 1175: * But keep on processing for RST or ACK. ! 1176: */ ! 1177: tp->t_flags |= TF_ACKNOW; ! 1178: todrop = ti->ti_len; ! 1179: tcpstat.tcps_rcvduppack++; ! 1180: tcpstat.tcps_rcvdupbyte += todrop; ! 1181: } else { ! 1182: tcpstat.tcps_rcvpartduppack++; ! 1183: tcpstat.tcps_rcvpartdupbyte += todrop; ! 1184: } ! 1185: m_adj(m, todrop); ! 1186: ti->ti_seq += todrop; ! 1187: ti->ti_len -= todrop; ! 1188: if (ti->ti_urp > todrop) ! 1189: ti->ti_urp -= todrop; ! 1190: else { ! 1191: tiflags &= ~TH_URG; ! 1192: ti->ti_urp = 0; ! 1193: } ! 1194: } ! 1195: ! 1196: /* ! 1197: * If new data are received on a connection after the ! 1198: * user processes are gone, then RST the other end. ! 1199: */ ! 1200: if ((so->so_state & SS_NOFDREF) && ! 1201: tp->t_state > TCPS_CLOSE_WAIT && ti->ti_len) { ! 1202: tp = tcp_close(tp); ! 1203: tcpstat.tcps_rcvafterclose++; ! 1204: goto dropwithreset; ! 1205: } ! 1206: ! 1207: /* ! 1208: * If segment ends after window, drop trailing data ! 1209: * (and PUSH and FIN); if nothing left, just ACK. ! 1210: */ ! 1211: todrop = (ti->ti_seq+ti->ti_len) - (tp->rcv_nxt+tp->rcv_wnd); ! 1212: if (todrop > 0) { ! 1213: tcpstat.tcps_rcvpackafterwin++; ! 1214: if (todrop >= ti->ti_len) { ! 1215: tcpstat.tcps_rcvbyteafterwin += ti->ti_len; ! 1216: /* ! 1217: * If a new connection request is received ! 1218: * while in TIME_WAIT, drop the old connection ! 1219: * and start over if the sequence numbers ! 1220: * are above the previous ones. ! 1221: */ ! 1222: if (tiflags & TH_SYN && ! 1223: tp->t_state == TCPS_TIME_WAIT && ! 1224: SEQ_GT(ti->ti_seq, tp->rcv_nxt)) { ! 1225: iss = tp->rcv_nxt + TCP_ISSINCR; ! 1226: tp = tcp_close(tp); ! 1227: goto findpcb; ! 1228: } ! 1229: /* ! 1230: * If window is closed can only take segments at ! 1231: * window edge, and have to drop data and PUSH from ! 1232: * incoming segments. Continue processing, but ! 1233: * remember to ack. Otherwise, drop segment ! 1234: * and ack. ! 1235: */ ! 1236: if (tp->rcv_wnd == 0 && ti->ti_seq == tp->rcv_nxt) { ! 1237: tp->t_flags |= TF_ACKNOW; ! 1238: tcpstat.tcps_rcvwinprobe++; ! 1239: } else ! 1240: goto dropafterack; ! 1241: } else ! 1242: tcpstat.tcps_rcvbyteafterwin += todrop; ! 1243: m_adj(m, -todrop); ! 1244: ti->ti_len -= todrop; ! 1245: tiflags &= ~(TH_PUSH|TH_FIN); ! 1246: } ! 1247: ! 1248: /* ! 1249: * If last ACK falls within this segment's sequence numbers, ! 1250: * record its timestamp. ! 1251: * NOTE that the test is modified according to the latest ! 1252: * proposal of the [email protected] list (Braden 1993/04/26). ! 1253: */ ! 1254: if ((to.to_flag & TOF_TS) != 0 && ! 1255: SEQ_LEQ(ti->ti_seq, tp->last_ack_sent)) { ! 1256: tp->ts_recent_age = tcp_now; ! 1257: tp->ts_recent = to.to_tsval; ! 1258: } ! 1259: ! 1260: /* ! 1261: * If a SYN is in the window, then this is an ! 1262: * error and we send an RST and drop the connection. ! 1263: */ ! 1264: if (tiflags & TH_SYN) { ! 1265: tp = tcp_drop(tp, ECONNRESET); ! 1266: postevent(so, 0, EV_RESET); ! 1267: goto dropwithreset; ! 1268: } ! 1269: ! 1270: /* ! 1271: * If the ACK bit is off: if in SYN-RECEIVED state or SENDSYN ! 1272: * flag is on (half-synchronized state), then queue data for ! 1273: * later processing; else drop segment and return. ! 1274: */ ! 1275: if ((tiflags & TH_ACK) == 0) { ! 1276: if (tp->t_state == TCPS_SYN_RECEIVED || ! 1277: (tp->t_flags & TF_NEEDSYN)) ! 1278: goto step6; ! 1279: else ! 1280: goto drop; ! 1281: } ! 1282: ! 1283: /* ! 1284: * Ack processing. ! 1285: */ ! 1286: switch (tp->t_state) { ! 1287: ! 1288: /* ! 1289: * In SYN_RECEIVED state, the ack ACKs our SYN, so enter ! 1290: * ESTABLISHED state and continue processing. ! 1291: * The ACK was checked above. ! 1292: */ ! 1293: case TCPS_SYN_RECEIVED: ! 1294: ! 1295: tcpstat.tcps_connects++; ! 1296: soisconnected(so); ! 1297: /* Do window scaling? */ ! 1298: if ((tp->t_flags & (TF_RCVD_SCALE|TF_REQ_SCALE)) == ! 1299: (TF_RCVD_SCALE|TF_REQ_SCALE)) { ! 1300: tp->snd_scale = tp->requested_s_scale; ! 1301: tp->rcv_scale = tp->request_r_scale; ! 1302: } ! 1303: /* ! 1304: * Upon successful completion of 3-way handshake, ! 1305: * update cache.CC if it was undefined, pass any queued ! 1306: * data to the user, and advance state appropriately. ! 1307: */ ! 1308: if ((taop = tcp_gettaocache(inp)) != NULL && ! 1309: taop->tao_cc == 0) ! 1310: taop->tao_cc = tp->cc_recv; ! 1311: ! 1312: /* ! 1313: * Make transitions: ! 1314: * SYN-RECEIVED -> ESTABLISHED ! 1315: * SYN-RECEIVED* -> FIN-WAIT-1 ! 1316: */ ! 1317: if (tp->t_flags & TF_NEEDFIN) { ! 1318: tp->t_state = TCPS_FIN_WAIT_1; ! 1319: tp->t_flags &= ~TF_NEEDFIN; ! 1320: } else { ! 1321: tp->t_state = TCPS_ESTABLISHED; ! 1322: tp->t_timer[TCPT_KEEP] = tcp_keepidle; ! 1323: } ! 1324: /* ! 1325: * If segment contains data or ACK, will call tcp_reass() ! 1326: * later; if not, do so now to pass queued data to user. ! 1327: */ ! 1328: if (ti->ti_len == 0 && (tiflags & TH_FIN) == 0) ! 1329: (void) tcp_reass(tp, (struct tcpiphdr *)0, ! 1330: (struct mbuf *)0); ! 1331: tp->snd_wl1 = ti->ti_seq - 1; ! 1332: /* fall into ... */ ! 1333: ! 1334: /* ! 1335: * In ESTABLISHED state: drop duplicate ACKs; ACK out of range ! 1336: * ACKs. If the ack is in the range ! 1337: * tp->snd_una < ti->ti_ack <= tp->snd_max ! 1338: * then advance tp->snd_una to ti->ti_ack and drop ! 1339: * data from the retransmission queue. If this ACK reflects ! 1340: * more up to date window information we update our window information. ! 1341: */ ! 1342: case TCPS_ESTABLISHED: ! 1343: case TCPS_FIN_WAIT_1: ! 1344: case TCPS_FIN_WAIT_2: ! 1345: case TCPS_CLOSE_WAIT: ! 1346: case TCPS_CLOSING: ! 1347: case TCPS_LAST_ACK: ! 1348: case TCPS_TIME_WAIT: ! 1349: ! 1350: if (SEQ_LEQ(ti->ti_ack, tp->snd_una)) { ! 1351: if (ti->ti_len == 0 && tiwin == tp->snd_wnd) { ! 1352: tcpstat.tcps_rcvdupack++; ! 1353: /* ! 1354: * If we have outstanding data (other than ! 1355: * a window probe), this is a completely ! 1356: * duplicate ack (ie, window info didn't ! 1357: * change), the ack is the biggest we've ! 1358: * seen and we've seen exactly our rexmt ! 1359: * threshhold of them, assume a packet ! 1360: * has been dropped and retransmit it. ! 1361: * Kludge snd_nxt & the congestion ! 1362: * window so we send only this one ! 1363: * packet. ! 1364: * ! 1365: * We know we're losing at the current ! 1366: * window size so do congestion avoidance ! 1367: * (set ssthresh to half the current window ! 1368: * and pull our congestion window back to ! 1369: * the new ssthresh). ! 1370: * ! 1371: * Dup acks mean that packets have left the ! 1372: * network (they're now cached at the receiver) ! 1373: * so bump cwnd by the amount in the receiver ! 1374: * to keep a constant cwnd packets in the ! 1375: * network. ! 1376: */ ! 1377: if (tp->t_timer[TCPT_REXMT] == 0 || ! 1378: ti->ti_ack != tp->snd_una) ! 1379: tp->t_dupacks = 0; ! 1380: else if (++tp->t_dupacks == tcprexmtthresh) { ! 1381: tcp_seq onxt = tp->snd_nxt; ! 1382: u_int win = ! 1383: min(tp->snd_wnd, tp->snd_cwnd) / 2 / ! 1384: tp->t_maxseg; ! 1385: ! 1386: if (win < 2) ! 1387: win = 2; ! 1388: tp->snd_ssthresh = win * tp->t_maxseg; ! 1389: tp->t_timer[TCPT_REXMT] = 0; ! 1390: tp->t_rtt = 0; ! 1391: tp->snd_nxt = ti->ti_ack; ! 1392: tp->snd_cwnd = tp->t_maxseg; ! 1393: (void) tcp_output(tp); ! 1394: tp->snd_cwnd = tp->snd_ssthresh + ! 1395: tp->t_maxseg * tp->t_dupacks; ! 1396: if (SEQ_GT(onxt, tp->snd_nxt)) ! 1397: tp->snd_nxt = onxt; ! 1398: goto drop; ! 1399: } else if (tp->t_dupacks > tcprexmtthresh) { ! 1400: tp->snd_cwnd += tp->t_maxseg; ! 1401: (void) tcp_output(tp); ! 1402: goto drop; ! 1403: } ! 1404: } else ! 1405: tp->t_dupacks = 0; ! 1406: break; ! 1407: } ! 1408: /* ! 1409: * If the congestion window was inflated to account ! 1410: * for the other side's cached packets, retract it. ! 1411: */ ! 1412: if (tp->t_dupacks >= tcprexmtthresh && ! 1413: tp->snd_cwnd > tp->snd_ssthresh) ! 1414: tp->snd_cwnd = tp->snd_ssthresh; ! 1415: tp->t_dupacks = 0; ! 1416: if (SEQ_GT(ti->ti_ack, tp->snd_max)) { ! 1417: tcpstat.tcps_rcvacktoomuch++; ! 1418: goto dropafterack; ! 1419: } ! 1420: /* ! 1421: * If we reach this point, ACK is not a duplicate, ! 1422: * i.e., it ACKs something we sent. ! 1423: */ ! 1424: if (tp->t_flags & TF_NEEDSYN) { ! 1425: /* ! 1426: * T/TCP: Connection was half-synchronized, and our ! 1427: * SYN has been ACK'd (so connection is now fully ! 1428: * synchronized). Go to non-starred state, ! 1429: * increment snd_una for ACK of SYN, and check if ! 1430: * we can do window scaling. ! 1431: */ ! 1432: tp->t_flags &= ~TF_NEEDSYN; ! 1433: tp->snd_una++; ! 1434: /* Do window scaling? */ ! 1435: if ((tp->t_flags & (TF_RCVD_SCALE|TF_REQ_SCALE)) == ! 1436: (TF_RCVD_SCALE|TF_REQ_SCALE)) { ! 1437: tp->snd_scale = tp->requested_s_scale; ! 1438: tp->rcv_scale = tp->request_r_scale; ! 1439: } ! 1440: } ! 1441: ! 1442: process_ACK: ! 1443: acked = ti->ti_ack - tp->snd_una; ! 1444: tcpstat.tcps_rcvackpack++; ! 1445: tcpstat.tcps_rcvackbyte += acked; ! 1446: ! 1447: /* ! 1448: * If we have a timestamp reply, update smoothed ! 1449: * round trip time. If no timestamp is present but ! 1450: * transmit timer is running and timed sequence ! 1451: * number was acked, update smoothed round trip time. ! 1452: * Since we now have an rtt measurement, cancel the ! 1453: * timer backoff (cf., Phil Karn's retransmit alg.). ! 1454: * Recompute the initial retransmit timer. ! 1455: */ ! 1456: if (to.to_flag & TOF_TS) ! 1457: tcp_xmit_timer(tp, tcp_now - to.to_tsecr + 1); ! 1458: else if (tp->t_rtt && SEQ_GT(ti->ti_ack, tp->t_rtseq)) ! 1459: tcp_xmit_timer(tp,tp->t_rtt); ! 1460: ! 1461: /* ! 1462: * If all outstanding data is acked, stop retransmit ! 1463: * timer and remember to restart (more output or persist). ! 1464: * If there is more data to be acked, restart retransmit ! 1465: * timer, using current (possibly backed-off) value. ! 1466: */ ! 1467: if (ti->ti_ack == tp->snd_max) { ! 1468: tp->t_timer[TCPT_REXMT] = 0; ! 1469: needoutput = 1; ! 1470: } else if (tp->t_timer[TCPT_PERSIST] == 0) ! 1471: tp->t_timer[TCPT_REXMT] = tp->t_rxtcur; ! 1472: ! 1473: /* ! 1474: * If no data (only SYN) was ACK'd, ! 1475: * skip rest of ACK processing. ! 1476: */ ! 1477: if (acked == 0) ! 1478: goto step6; ! 1479: ! 1480: /* ! 1481: * When new data is acked, open the congestion window. ! 1482: * If the window gives us less than ssthresh packets ! 1483: * in flight, open exponentially (maxseg per packet). ! 1484: * Otherwise open linearly: maxseg per window ! 1485: * (maxseg^2 / cwnd per packet). ! 1486: */ ! 1487: { ! 1488: register u_int cw = tp->snd_cwnd; ! 1489: register u_int incr = tp->t_maxseg; ! 1490: ! 1491: if (cw > tp->snd_ssthresh) ! 1492: incr = incr * incr / cw; ! 1493: tp->snd_cwnd = min(cw + incr, TCP_MAXWIN<<tp->snd_scale); ! 1494: } ! 1495: if (acked > so->so_snd.sb_cc) { ! 1496: tp->snd_wnd -= so->so_snd.sb_cc; ! 1497: sbdrop(&so->so_snd, (int)so->so_snd.sb_cc); ! 1498: ourfinisacked = 1; ! 1499: } else { ! 1500: sbdrop(&so->so_snd, acked); ! 1501: tp->snd_wnd -= acked; ! 1502: ourfinisacked = 0; ! 1503: } ! 1504: sowwakeup(so); ! 1505: tp->snd_una = ti->ti_ack; ! 1506: if (SEQ_LT(tp->snd_nxt, tp->snd_una)) ! 1507: tp->snd_nxt = tp->snd_una; ! 1508: ! 1509: switch (tp->t_state) { ! 1510: ! 1511: /* ! 1512: * In FIN_WAIT_1 STATE in addition to the processing ! 1513: * for the ESTABLISHED state if our FIN is now acknowledged ! 1514: * then enter FIN_WAIT_2. ! 1515: */ ! 1516: case TCPS_FIN_WAIT_1: ! 1517: if (ourfinisacked) { ! 1518: /* ! 1519: * If we can't receive any more ! 1520: * data, then closing user can proceed. ! 1521: * Starting the timer is contrary to the ! 1522: * specification, but if we don't get a FIN ! 1523: * we'll hang forever. ! 1524: */ ! 1525: if (so->so_state & SS_CANTRCVMORE) { ! 1526: soisdisconnected(so); ! 1527: tp->t_timer[TCPT_2MSL] = tcp_maxidle; ! 1528: } ! 1529: tp->t_state = TCPS_FIN_WAIT_2; ! 1530: } ! 1531: break; ! 1532: ! 1533: /* ! 1534: * In CLOSING STATE in addition to the processing for ! 1535: * the ESTABLISHED state if the ACK acknowledges our FIN ! 1536: * then enter the TIME-WAIT state, otherwise ignore ! 1537: * the segment. ! 1538: */ ! 1539: case TCPS_CLOSING: ! 1540: if (ourfinisacked) { ! 1541: tp->t_state = TCPS_TIME_WAIT; ! 1542: tcp_canceltimers(tp); ! 1543: /* Shorten TIME_WAIT [RFC-1644, p.28] */ ! 1544: if (tp->cc_recv != 0 && ! 1545: tp->t_duration < TCPTV_MSL) ! 1546: tp->t_timer[TCPT_2MSL] = ! 1547: tp->t_rxtcur * TCPTV_TWTRUNC; ! 1548: else ! 1549: tp->t_timer[TCPT_2MSL] = 2 * TCPTV_MSL; ! 1550: soisdisconnected(so); ! 1551: } ! 1552: break; ! 1553: ! 1554: /* ! 1555: * In LAST_ACK, we may still be waiting for data to drain ! 1556: * and/or to be acked, as well as for the ack of our FIN. ! 1557: * If our FIN is now acknowledged, delete the TCB, ! 1558: * enter the closed state and return. ! 1559: */ ! 1560: case TCPS_LAST_ACK: ! 1561: if (ourfinisacked) { ! 1562: tp = tcp_close(tp); ! 1563: goto drop; ! 1564: } ! 1565: break; ! 1566: ! 1567: /* ! 1568: * In TIME_WAIT state the only thing that should arrive ! 1569: * is a retransmission of the remote FIN. Acknowledge ! 1570: * it and restart the finack timer. ! 1571: */ ! 1572: case TCPS_TIME_WAIT: ! 1573: tp->t_timer[TCPT_2MSL] = 2 * TCPTV_MSL; ! 1574: goto dropafterack; ! 1575: } ! 1576: } ! 1577: ! 1578: step6: ! 1579: /* ! 1580: * Update window information. ! 1581: * Don't look at window if no ACK: TAC's send garbage on first SYN. ! 1582: */ ! 1583: if ((tiflags & TH_ACK) && ! 1584: (SEQ_LT(tp->snd_wl1, ti->ti_seq) || ! 1585: (tp->snd_wl1 == ti->ti_seq && (SEQ_LT(tp->snd_wl2, ti->ti_ack) || ! 1586: (tp->snd_wl2 == ti->ti_ack && tiwin > tp->snd_wnd))))) { ! 1587: /* keep track of pure window updates */ ! 1588: if (ti->ti_len == 0 && ! 1589: tp->snd_wl2 == ti->ti_ack && tiwin > tp->snd_wnd) ! 1590: tcpstat.tcps_rcvwinupd++; ! 1591: tp->snd_wnd = tiwin; ! 1592: tp->snd_wl1 = ti->ti_seq; ! 1593: tp->snd_wl2 = ti->ti_ack; ! 1594: if (tp->snd_wnd > tp->max_sndwnd) ! 1595: tp->max_sndwnd = tp->snd_wnd; ! 1596: needoutput = 1; ! 1597: } ! 1598: ! 1599: /* ! 1600: * Process segments with URG. ! 1601: */ ! 1602: if ((tiflags & TH_URG) && ti->ti_urp && ! 1603: TCPS_HAVERCVDFIN(tp->t_state) == 0) { ! 1604: /* ! 1605: * This is a kludge, but if we receive and accept ! 1606: * random urgent pointers, we'll crash in ! 1607: * soreceive. It's hard to imagine someone ! 1608: * actually wanting to send this much urgent data. ! 1609: */ ! 1610: if (ti->ti_urp + so->so_rcv.sb_cc > sb_max) { ! 1611: ti->ti_urp = 0; /* XXX */ ! 1612: tiflags &= ~TH_URG; /* XXX */ ! 1613: goto dodata; /* XXX */ ! 1614: } ! 1615: /* ! 1616: * If this segment advances the known urgent pointer, ! 1617: * then mark the data stream. This should not happen ! 1618: * in CLOSE_WAIT, CLOSING, LAST_ACK or TIME_WAIT STATES since ! 1619: * a FIN has been received from the remote side. ! 1620: * In these states we ignore the URG. ! 1621: * ! 1622: * According to RFC961 (Assigned Protocols), ! 1623: * the urgent pointer points to the last octet ! 1624: * of urgent data. We continue, however, ! 1625: * to consider it to indicate the first octet ! 1626: * of data past the urgent section as the original ! 1627: * spec states (in one of two places). ! 1628: */ ! 1629: if (SEQ_GT(ti->ti_seq+ti->ti_urp, tp->rcv_up)) { ! 1630: tp->rcv_up = ti->ti_seq + ti->ti_urp; ! 1631: so->so_oobmark = so->so_rcv.sb_cc + ! 1632: (tp->rcv_up - tp->rcv_nxt) - 1; ! 1633: if (so->so_oobmark == 0) { ! 1634: so->so_state |= SS_RCVATMARK; ! 1635: postevent(so, 0, EV_OOB); ! 1636: } ! 1637: sohasoutofband(so); ! 1638: tp->t_oobflags &= ~(TCPOOB_HAVEDATA | TCPOOB_HADDATA); ! 1639: } ! 1640: /* ! 1641: * Remove out of band data so doesn't get presented to user. ! 1642: * This can happen independent of advancing the URG pointer, ! 1643: * but if two URG's are pending at once, some out-of-band ! 1644: * data may creep in... ick. ! 1645: */ ! 1646: if (ti->ti_urp <= (u_long)ti->ti_len ! 1647: #if SO_OOBINLINE ! 1648: && (so->so_options & SO_OOBINLINE) == 0 ! 1649: #endif ! 1650: ) ! 1651: tcp_pulloutofband(so, ti, m); ! 1652: } else ! 1653: /* ! 1654: * If no out of band data is expected, ! 1655: * pull receive urgent pointer along ! 1656: * with the receive window. ! 1657: */ ! 1658: if (SEQ_GT(tp->rcv_nxt, tp->rcv_up)) ! 1659: tp->rcv_up = tp->rcv_nxt; ! 1660: dodata: /* XXX */ ! 1661: ! 1662: /* ! 1663: * Process the segment text, merging it into the TCP sequencing queue, ! 1664: * and arranging for acknowledgment of receipt if necessary. ! 1665: * This process logically involves adjusting tp->rcv_wnd as data ! 1666: * is presented to the user (this happens in tcp_usrreq.c, ! 1667: * case PRU_RCVD). If a FIN has already been received on this ! 1668: * connection then we just ignore the text. ! 1669: */ ! 1670: if ((ti->ti_len || (tiflags&TH_FIN)) && ! 1671: TCPS_HAVERCVDFIN(tp->t_state) == 0) { ! 1672: TCP_REASS(tp, ti, m, so, tiflags); ! 1673: /* ! 1674: * Note the amount of data that peer has sent into ! 1675: * our window, in order to estimate the sender's ! 1676: * buffer size. ! 1677: */ ! 1678: len = so->so_rcv.sb_hiwat - (tp->rcv_adv - tp->rcv_nxt); ! 1679: } else { ! 1680: m_freem(m); ! 1681: tiflags &= ~TH_FIN; ! 1682: } ! 1683: ! 1684: /* ! 1685: * If FIN is received ACK the FIN and let the user know ! 1686: * that the connection is closing. ! 1687: */ ! 1688: if (tiflags & TH_FIN) { ! 1689: if (TCPS_HAVERCVDFIN(tp->t_state) == 0) { ! 1690: socantrcvmore(so); ! 1691: postevent(so, 0, EV_FIN); ! 1692: /* ! 1693: * If connection is half-synchronized ! 1694: * (ie NEEDSYN flag on) then delay ACK, ! 1695: * so it may be piggybacked when SYN is sent. ! 1696: * Otherwise, since we received a FIN then no ! 1697: * more input can be expected, send ACK now. ! 1698: */ ! 1699: if (tcp_delack_enabled && (tp->t_flags & TF_NEEDSYN)) ! 1700: tp->t_flags |= TF_DELACK; ! 1701: else ! 1702: tp->t_flags |= TF_ACKNOW; ! 1703: tp->rcv_nxt++; ! 1704: } ! 1705: switch (tp->t_state) { ! 1706: ! 1707: /* ! 1708: * In SYN_RECEIVED and ESTABLISHED STATES ! 1709: * enter the CLOSE_WAIT state. ! 1710: */ ! 1711: case TCPS_SYN_RECEIVED: ! 1712: case TCPS_ESTABLISHED: ! 1713: tp->t_state = TCPS_CLOSE_WAIT; ! 1714: break; ! 1715: ! 1716: /* ! 1717: * If still in FIN_WAIT_1 STATE FIN has not been acked so ! 1718: * enter the CLOSING state. ! 1719: */ ! 1720: case TCPS_FIN_WAIT_1: ! 1721: tp->t_state = TCPS_CLOSING; ! 1722: break; ! 1723: ! 1724: /* ! 1725: * In FIN_WAIT_2 state enter the TIME_WAIT state, ! 1726: * starting the time-wait timer, turning off the other ! 1727: * standard timers. ! 1728: */ ! 1729: case TCPS_FIN_WAIT_2: ! 1730: tp->t_state = TCPS_TIME_WAIT; ! 1731: tcp_canceltimers(tp); ! 1732: /* Shorten TIME_WAIT [RFC-1644, p.28] */ ! 1733: if (tp->cc_recv != 0 && ! 1734: tp->t_duration < TCPTV_MSL) { ! 1735: tp->t_timer[TCPT_2MSL] = ! 1736: tp->t_rxtcur * TCPTV_TWTRUNC; ! 1737: /* For transaction client, force ACK now. */ ! 1738: tp->t_flags |= TF_ACKNOW; ! 1739: } ! 1740: else ! 1741: tp->t_timer[TCPT_2MSL] = 2 * TCPTV_MSL; ! 1742: soisdisconnected(so); ! 1743: break; ! 1744: ! 1745: /* ! 1746: * In TIME_WAIT state restart the 2 MSL time_wait timer. ! 1747: */ ! 1748: case TCPS_TIME_WAIT: ! 1749: tp->t_timer[TCPT_2MSL] = 2 * TCPTV_MSL; ! 1750: break; ! 1751: } ! 1752: } ! 1753: #if TCPDEBUG ! 1754: if (so->so_options & SO_DEBUG) ! 1755: tcp_trace(TA_INPUT, ostate, tp, &tcp_saveti, 0); ! 1756: #endif ! 1757: ! 1758: /* ! 1759: * Return any desired output. ! 1760: */ ! 1761: if (needoutput || (tp->t_flags & TF_ACKNOW)) ! 1762: (void) tcp_output(tp); ! 1763: return; ! 1764: ! 1765: dropafterack: ! 1766: /* ! 1767: * Generate an ACK dropping incoming segment if it occupies ! 1768: * sequence space, where the ACK reflects our state. ! 1769: * ! 1770: * We can now skip the test for the RST flag since all ! 1771: * paths to this code happen after packets containing ! 1772: * RST have been dropped. ! 1773: * ! 1774: * In the SYN-RECEIVED state, don't send an ACK unless the ! 1775: * segment we received passes the SYN-RECEIVED ACK test. ! 1776: * If it fails send a RST. This breaks the loop in the ! 1777: * "LAND" DoS attack, and also prevents an ACK storm ! 1778: * between two listening ports that have been sent forged ! 1779: * SYN segments, each with the source address of the other. ! 1780: */ ! 1781: if (tp->t_state == TCPS_SYN_RECEIVED && (tiflags & TH_ACK) && ! 1782: (SEQ_GT(tp->snd_una, ti->ti_ack) || ! 1783: SEQ_GT(ti->ti_ack, tp->snd_max)) ) ! 1784: goto dropwithreset; ! 1785: #if TCPDEBUG ! 1786: if (so->so_options & SO_DEBUG) ! 1787: tcp_trace(TA_DROP, ostate, tp, &tcp_saveti, 0); ! 1788: #endif ! 1789: m_freem(m); ! 1790: tp->t_flags |= TF_ACKNOW; ! 1791: (void) tcp_output(tp); ! 1792: return; ! 1793: ! 1794: dropwithreset: ! 1795: /* ! 1796: * Generate a RST, dropping incoming segment. ! 1797: * Make ACK acceptable to originator of segment. ! 1798: * Don't bother to respond if destination was broadcast/multicast. ! 1799: */ ! 1800: if ((tiflags & TH_RST) || m->m_flags & (M_BCAST|M_MCAST) || ! 1801: IN_MULTICAST(ntohl(ti->ti_dst.s_addr))) ! 1802: goto drop; ! 1803: #if TCPDEBUG ! 1804: if (tp == 0 || (tp->t_inpcb->inp_socket->so_options & SO_DEBUG)) ! 1805: tcp_trace(TA_DROP, ostate, tp, &tcp_saveti, 0); ! 1806: #endif ! 1807: if (tiflags & TH_ACK) ! 1808: tcp_respond(tp, ti, m, (tcp_seq)0, ti->ti_ack, TH_RST); ! 1809: else { ! 1810: if (tiflags & TH_SYN) ! 1811: ti->ti_len++; ! 1812: tcp_respond(tp, ti, m, ti->ti_seq+ti->ti_len, (tcp_seq)0, ! 1813: TH_RST|TH_ACK); ! 1814: } ! 1815: /* destroy temporarily created socket */ ! 1816: if (dropsocket) ! 1817: (void) soabort(so); ! 1818: return; ! 1819: ! 1820: drop: ! 1821: /* ! 1822: * Drop space held by incoming segment and return. ! 1823: */ ! 1824: #if TCPDEBUG ! 1825: if (tp == 0 || (tp->t_inpcb->inp_socket->so_options & SO_DEBUG)) ! 1826: tcp_trace(TA_DROP, ostate, tp, &tcp_saveti, 0); ! 1827: #endif ! 1828: m_freem(m); ! 1829: /* destroy temporarily created socket */ ! 1830: if (dropsocket) ! 1831: (void) soabort(so); ! 1832: return; ! 1833: } ! 1834: ! 1835: static void ! 1836: tcp_dooptions(tp, cp, cnt, ti, to) ! 1837: struct tcpcb *tp; ! 1838: u_char *cp; ! 1839: int cnt; ! 1840: struct tcpiphdr *ti; ! 1841: struct tcpopt *to; ! 1842: { ! 1843: u_short mss = 0; ! 1844: int opt, optlen; ! 1845: ! 1846: for (; cnt > 0; cnt -= optlen, cp += optlen) { ! 1847: opt = cp[0]; ! 1848: if (opt == TCPOPT_EOL) ! 1849: break; ! 1850: if (opt == TCPOPT_NOP) ! 1851: optlen = 1; ! 1852: else { ! 1853: optlen = cp[1]; ! 1854: if (optlen <= 0) ! 1855: break; ! 1856: } ! 1857: switch (opt) { ! 1858: ! 1859: default: ! 1860: continue; ! 1861: ! 1862: case TCPOPT_MAXSEG: ! 1863: if (optlen != TCPOLEN_MAXSEG) ! 1864: continue; ! 1865: if (!(ti->ti_flags & TH_SYN)) ! 1866: continue; ! 1867: bcopy((char *) cp + 2, (char *) &mss, sizeof(mss)); ! 1868: NTOHS(mss); ! 1869: break; ! 1870: ! 1871: case TCPOPT_WINDOW: ! 1872: if (optlen != TCPOLEN_WINDOW) ! 1873: continue; ! 1874: if (!(ti->ti_flags & TH_SYN)) ! 1875: continue; ! 1876: tp->t_flags |= TF_RCVD_SCALE; ! 1877: tp->requested_s_scale = min(cp[2], TCP_MAX_WINSHIFT); ! 1878: break; ! 1879: ! 1880: case TCPOPT_TIMESTAMP: ! 1881: if (optlen != TCPOLEN_TIMESTAMP) ! 1882: continue; ! 1883: to->to_flag |= TOF_TS; ! 1884: bcopy((char *)cp + 2, ! 1885: (char *)&to->to_tsval, sizeof(to->to_tsval)); ! 1886: NTOHL(to->to_tsval); ! 1887: bcopy((char *)cp + 6, ! 1888: (char *)&to->to_tsecr, sizeof(to->to_tsecr)); ! 1889: NTOHL(to->to_tsecr); ! 1890: ! 1891: /* ! 1892: * A timestamp received in a SYN makes ! 1893: * it ok to send timestamp requests and replies. ! 1894: */ ! 1895: if (ti->ti_flags & TH_SYN) { ! 1896: tp->t_flags |= TF_RCVD_TSTMP; ! 1897: tp->ts_recent = to->to_tsval; ! 1898: tp->ts_recent_age = tcp_now; ! 1899: } ! 1900: break; ! 1901: case TCPOPT_CC: ! 1902: if (optlen != TCPOLEN_CC) ! 1903: continue; ! 1904: to->to_flag |= TOF_CC; ! 1905: bcopy((char *)cp + 2, ! 1906: (char *)&to->to_cc, sizeof(to->to_cc)); ! 1907: NTOHL(to->to_cc); ! 1908: /* ! 1909: * A CC or CC.new option received in a SYN makes ! 1910: * it ok to send CC in subsequent segments. ! 1911: */ ! 1912: if (ti->ti_flags & TH_SYN) ! 1913: tp->t_flags |= TF_RCVD_CC; ! 1914: break; ! 1915: case TCPOPT_CCNEW: ! 1916: if (optlen != TCPOLEN_CC) ! 1917: continue; ! 1918: if (!(ti->ti_flags & TH_SYN)) ! 1919: continue; ! 1920: to->to_flag |= TOF_CCNEW; ! 1921: bcopy((char *)cp + 2, ! 1922: (char *)&to->to_cc, sizeof(to->to_cc)); ! 1923: NTOHL(to->to_cc); ! 1924: /* ! 1925: * A CC or CC.new option received in a SYN makes ! 1926: * it ok to send CC in subsequent segments. ! 1927: */ ! 1928: tp->t_flags |= TF_RCVD_CC; ! 1929: break; ! 1930: case TCPOPT_CCECHO: ! 1931: if (optlen != TCPOLEN_CC) ! 1932: continue; ! 1933: if (!(ti->ti_flags & TH_SYN)) ! 1934: continue; ! 1935: to->to_flag |= TOF_CCECHO; ! 1936: bcopy((char *)cp + 2, ! 1937: (char *)&to->to_ccecho, sizeof(to->to_ccecho)); ! 1938: NTOHL(to->to_ccecho); ! 1939: break; ! 1940: } ! 1941: } ! 1942: if (ti->ti_flags & TH_SYN) ! 1943: tcp_mss(tp, mss); /* sets t_maxseg */ ! 1944: } ! 1945: ! 1946: /* ! 1947: * Pull out of band byte out of a segment so ! 1948: * it doesn't appear in the user's data queue. ! 1949: * It is still reflected in the segment length for ! 1950: * sequencing purposes. ! 1951: */ ! 1952: static void ! 1953: tcp_pulloutofband(so, ti, m) ! 1954: struct socket *so; ! 1955: struct tcpiphdr *ti; ! 1956: register struct mbuf *m; ! 1957: { ! 1958: int cnt = ti->ti_urp - 1; ! 1959: ! 1960: while (cnt >= 0) { ! 1961: if (m->m_len > cnt) { ! 1962: char *cp = mtod(m, caddr_t) + cnt; ! 1963: struct tcpcb *tp = sototcpcb(so); ! 1964: ! 1965: tp->t_iobc = *cp; ! 1966: tp->t_oobflags |= TCPOOB_HAVEDATA; ! 1967: bcopy(cp+1, cp, (unsigned)(m->m_len - cnt - 1)); ! 1968: m->m_len--; ! 1969: return; ! 1970: } ! 1971: cnt -= m->m_len; ! 1972: m = m->m_next; ! 1973: if (m == 0) ! 1974: break; ! 1975: } ! 1976: panic("tcp_pulloutofband"); ! 1977: } ! 1978: ! 1979: /* ! 1980: * Collect new round-trip time estimate ! 1981: * and update averages and current timeout. ! 1982: */ ! 1983: static void ! 1984: tcp_xmit_timer(tp, rtt) ! 1985: register struct tcpcb *tp; ! 1986: short rtt; ! 1987: { ! 1988: register int delta; ! 1989: ! 1990: tcpstat.tcps_rttupdated++; ! 1991: tp->t_rttupdated++; ! 1992: if (tp->t_srtt != 0) { ! 1993: /* ! 1994: * srtt is stored as fixed point with 5 bits after the ! 1995: * binary point (i.e., scaled by 8). The following magic ! 1996: * is equivalent to the smoothing algorithm in rfc793 with ! 1997: * an alpha of .875 (srtt = rtt/8 + srtt*7/8 in fixed ! 1998: * point). Adjust rtt to origin 0. ! 1999: */ ! 2000: delta = ((rtt - 1) << TCP_DELTA_SHIFT) ! 2001: - (tp->t_srtt >> (TCP_RTT_SHIFT - TCP_DELTA_SHIFT)); ! 2002: ! 2003: if ((tp->t_srtt += delta) <= 0) ! 2004: tp->t_srtt = 1; ! 2005: ! 2006: /* ! 2007: * We accumulate a smoothed rtt variance (actually, a ! 2008: * smoothed mean difference), then set the retransmit ! 2009: * timer to smoothed rtt + 4 times the smoothed variance. ! 2010: * rttvar is stored as fixed point with 4 bits after the ! 2011: * binary point (scaled by 16). The following is ! 2012: * equivalent to rfc793 smoothing with an alpha of .75 ! 2013: * (rttvar = rttvar*3/4 + |delta| / 4). This replaces ! 2014: * rfc793's wired-in beta. ! 2015: */ ! 2016: if (delta < 0) ! 2017: delta = -delta; ! 2018: delta -= tp->t_rttvar >> (TCP_RTTVAR_SHIFT - TCP_DELTA_SHIFT); ! 2019: if ((tp->t_rttvar += delta) <= 0) ! 2020: tp->t_rttvar = 1; ! 2021: } else { ! 2022: /* ! 2023: * No rtt measurement yet - use the unsmoothed rtt. ! 2024: * Set the variance to half the rtt (so our first ! 2025: * retransmit happens at 3*rtt). ! 2026: */ ! 2027: tp->t_srtt = rtt << TCP_RTT_SHIFT; ! 2028: tp->t_rttvar = rtt << (TCP_RTTVAR_SHIFT - 1); ! 2029: } ! 2030: tp->t_rtt = 0; ! 2031: tp->t_rxtshift = 0; ! 2032: ! 2033: /* ! 2034: * the retransmit should happen at rtt + 4 * rttvar. ! 2035: * Because of the way we do the smoothing, srtt and rttvar ! 2036: * will each average +1/2 tick of bias. When we compute ! 2037: * the retransmit timer, we want 1/2 tick of rounding and ! 2038: * 1 extra tick because of +-1/2 tick uncertainty in the ! 2039: * firing of the timer. The bias will give us exactly the ! 2040: * 1.5 tick we need. But, because the bias is ! 2041: * statistical, we have to test that we don't drop below ! 2042: * the minimum feasible timer (which is 2 ticks). ! 2043: */ ! 2044: TCPT_RANGESET(tp->t_rxtcur, TCP_REXMTVAL(tp), ! 2045: max(tp->t_rttmin, rtt + 2), TCPTV_REXMTMAX); ! 2046: ! 2047: /* ! 2048: * We received an ack for a packet that wasn't retransmitted; ! 2049: * it is probably safe to discard any error indications we've ! 2050: * received recently. This isn't quite right, but close enough ! 2051: * for now (a route might have failed after we sent a segment, ! 2052: * and the return path might not be symmetrical). ! 2053: */ ! 2054: tp->t_softerror = 0; ! 2055: } ! 2056: ! 2057: /* ! 2058: * Determine a reasonable value for maxseg size. ! 2059: * If the route is known, check route for mtu. ! 2060: * If none, use an mss that can be handled on the outgoing ! 2061: * interface without forcing IP to fragment; if bigger than ! 2062: * an mbuf cluster (MCLBYTES), round down to nearest multiple of MCLBYTES ! 2063: * to utilize large mbufs. If no route is found, route has no mtu, ! 2064: * or the destination isn't local, use a default, hopefully conservative ! 2065: * size (usually 512 or the default IP max size, but no more than the mtu ! 2066: * of the interface), as we can't discover anything about intervening ! 2067: * gateways or networks. We also initialize the congestion/slow start ! 2068: * window to be a single segment if the destination isn't local. ! 2069: * While looking at the routing entry, we also initialize other path-dependent ! 2070: * parameters from pre-set or cached values in the routing entry. ! 2071: * ! 2072: * Also take into account the space needed for options that we ! 2073: * send regularly. Make maxseg shorter by that amount to assure ! 2074: * that we can send maxseg amount of data even when the options ! 2075: * are present. Store the upper limit of the length of options plus ! 2076: * data in maxopd. ! 2077: * ! 2078: * NOTE that this routine is only called when we process an incoming ! 2079: * segment, for outgoing segments only tcp_mssopt is called. ! 2080: * ! 2081: * In case of T/TCP, we call this routine during implicit connection ! 2082: * setup as well (offer = -1), to initialize maxseg from the cached ! 2083: * MSS of our peer. ! 2084: */ ! 2085: void ! 2086: tcp_mss(tp, offer) ! 2087: struct tcpcb *tp; ! 2088: int offer; ! 2089: { ! 2090: register struct rtentry *rt; ! 2091: struct ifnet *ifp; ! 2092: register int rtt, mss; ! 2093: u_long bufsize; ! 2094: struct inpcb *inp; ! 2095: struct socket *so; ! 2096: struct rmxp_tao *taop; ! 2097: int origoffer = offer; ! 2098: ! 2099: inp = tp->t_inpcb; ! 2100: if ((rt = tcp_rtlookup(inp)) == NULL) { ! 2101: tp->t_maxopd = tp->t_maxseg = tcp_mssdflt; ! 2102: return; ! 2103: } ! 2104: ifp = rt->rt_ifp; ! 2105: so = inp->inp_socket; ! 2106: ! 2107: taop = rmx_taop(rt->rt_rmx); ! 2108: /* ! 2109: * Offer == -1 means that we didn't receive SYN yet, ! 2110: * use cached value in that case; ! 2111: */ ! 2112: if (offer == -1) ! 2113: offer = taop->tao_mssopt; ! 2114: /* ! 2115: * Offer == 0 means that there was no MSS on the SYN segment, ! 2116: * in this case we use tcp_mssdflt. ! 2117: */ ! 2118: if (offer == 0) ! 2119: offer = tcp_mssdflt; ! 2120: else ! 2121: /* ! 2122: * Sanity check: make sure that maxopd will be large ! 2123: * enough to allow some data on segments even is the ! 2124: * all the option space is used (40bytes). Otherwise ! 2125: * funny things may happen in tcp_output. ! 2126: */ ! 2127: offer = max(offer, 64); ! 2128: taop->tao_mssopt = offer; ! 2129: ! 2130: /* ! 2131: * While we're here, check if there's an initial rtt ! 2132: * or rttvar. Convert from the route-table units ! 2133: * to scaled multiples of the slow timeout timer. ! 2134: */ ! 2135: if (tp->t_srtt == 0 && (rtt = rt->rt_rmx.rmx_rtt)) { ! 2136: /* ! 2137: * XXX the lock bit for RTT indicates that the value ! 2138: * is also a minimum value; this is subject to time. ! 2139: */ ! 2140: if (rt->rt_rmx.rmx_locks & RTV_RTT) ! 2141: tp->t_rttmin = rtt / (RTM_RTTUNIT / PR_SLOWHZ); ! 2142: tp->t_srtt = rtt / (RTM_RTTUNIT / (PR_SLOWHZ * TCP_RTT_SCALE)); ! 2143: tcpstat.tcps_usedrtt++; ! 2144: if (rt->rt_rmx.rmx_rttvar) { ! 2145: tp->t_rttvar = rt->rt_rmx.rmx_rttvar / ! 2146: (RTM_RTTUNIT / (PR_SLOWHZ * TCP_RTTVAR_SCALE)); ! 2147: tcpstat.tcps_usedrttvar++; ! 2148: } else { ! 2149: /* default variation is +- 1 rtt */ ! 2150: tp->t_rttvar = ! 2151: tp->t_srtt * TCP_RTTVAR_SCALE / TCP_RTT_SCALE; ! 2152: } ! 2153: TCPT_RANGESET(tp->t_rxtcur, ! 2154: ((tp->t_srtt >> 2) + tp->t_rttvar) >> 1, ! 2155: tp->t_rttmin, TCPTV_REXMTMAX); ! 2156: } ! 2157: /* ! 2158: * if there's an mtu associated with the route, use it ! 2159: */ ! 2160: if (rt->rt_rmx.rmx_mtu) ! 2161: mss = rt->rt_rmx.rmx_mtu - sizeof(struct tcpiphdr); ! 2162: else ! 2163: { ! 2164: mss = ifp->if_mtu - sizeof(struct tcpiphdr); ! 2165: if (!in_localaddr(inp->inp_faddr)) ! 2166: mss = min(mss, tcp_mssdflt); ! 2167: } ! 2168: mss = min(mss, offer); ! 2169: /* ! 2170: * maxopd stores the maximum length of data AND options ! 2171: * in a segment; maxseg is the amount of data in a normal ! 2172: * segment. We need to store this value (maxopd) apart ! 2173: * from maxseg, because now every segment carries options ! 2174: * and thus we normally have somewhat less data in segments. ! 2175: */ ! 2176: tp->t_maxopd = mss; ! 2177: ! 2178: /* ! 2179: * In case of T/TCP, origoffer==-1 indicates, that no segments ! 2180: * were received yet. In this case we just guess, otherwise ! 2181: * we do the same as before T/TCP. ! 2182: */ ! 2183: if ((tp->t_flags & (TF_REQ_TSTMP|TF_NOOPT)) == TF_REQ_TSTMP && ! 2184: (origoffer == -1 || ! 2185: (tp->t_flags & TF_RCVD_TSTMP) == TF_RCVD_TSTMP)) ! 2186: mss -= TCPOLEN_TSTAMP_APPA; ! 2187: if ((tp->t_flags & (TF_REQ_CC|TF_NOOPT)) == TF_REQ_CC && ! 2188: (origoffer == -1 || ! 2189: (tp->t_flags & TF_RCVD_CC) == TF_RCVD_CC)) ! 2190: mss -= TCPOLEN_CC_APPA; ! 2191: ! 2192: #if (MCLBYTES & (MCLBYTES - 1)) == 0 ! 2193: if (mss > MCLBYTES) ! 2194: mss &= ~(MCLBYTES-1); ! 2195: #else ! 2196: if (mss > MCLBYTES) ! 2197: mss = mss / MCLBYTES * MCLBYTES; ! 2198: #endif ! 2199: /* ! 2200: * If there's a pipesize, change the socket buffer ! 2201: * to that size. Make the socket buffers an integral ! 2202: * number of mss units; if the mss is larger than ! 2203: * the socket buffer, decrease the mss. ! 2204: */ ! 2205: #if RTV_SPIPE ! 2206: if ((bufsize = rt->rt_rmx.rmx_sendpipe) == 0) ! 2207: #endif ! 2208: bufsize = so->so_snd.sb_hiwat; ! 2209: if (bufsize < mss) ! 2210: mss = bufsize; ! 2211: else { ! 2212: bufsize = roundup(bufsize, mss); ! 2213: if (bufsize > sb_max) ! 2214: bufsize = sb_max; ! 2215: (void)sbreserve(&so->so_snd, bufsize); ! 2216: } ! 2217: tp->t_maxseg = mss; ! 2218: ! 2219: #if RTV_RPIPE ! 2220: if ((bufsize = rt->rt_rmx.rmx_recvpipe) == 0) ! 2221: #endif ! 2222: bufsize = so->so_rcv.sb_hiwat; ! 2223: if (bufsize > mss) { ! 2224: bufsize = roundup(bufsize, mss); ! 2225: if (bufsize > sb_max) ! 2226: bufsize = sb_max; ! 2227: (void)sbreserve(&so->so_rcv, bufsize); ! 2228: } ! 2229: /* ! 2230: * Don't force slow-start on local network. ! 2231: */ ! 2232: if (!in_localaddr(inp->inp_faddr)) ! 2233: tp->snd_cwnd = mss; ! 2234: ! 2235: if (rt->rt_rmx.rmx_ssthresh) { ! 2236: /* ! 2237: * There's some sort of gateway or interface ! 2238: * buffer limit on the path. Use this to set ! 2239: * the slow start threshhold, but set the ! 2240: * threshold to no less than 2*mss. ! 2241: */ ! 2242: tp->snd_ssthresh = max(2 * mss, rt->rt_rmx.rmx_ssthresh); ! 2243: tcpstat.tcps_usedssthresh++; ! 2244: } ! 2245: } ! 2246: ! 2247: /* ! 2248: * Determine the MSS option to send on an outgoing SYN. ! 2249: */ ! 2250: int ! 2251: tcp_mssopt(tp) ! 2252: struct tcpcb *tp; ! 2253: { ! 2254: struct rtentry *rt; ! 2255: ! 2256: rt = tcp_rtlookup(tp->t_inpcb); ! 2257: if (rt == NULL) ! 2258: return tcp_mssdflt; ! 2259: ! 2260: return rt->rt_ifp->if_mtu - sizeof(struct tcpiphdr); ! 2261: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.