aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv6
diff options
context:
space:
mode:
Diffstat (limited to 'net/ipv6')
-rw-r--r--net/ipv6/syncookies.c20
-rw-r--r--net/ipv6/tcp_ipv6.c5
2 files changed, 18 insertions, 7 deletions
diff --git a/net/ipv6/syncookies.c b/net/ipv6/syncookies.c
index 3a622e7abc02..938ce4ecde55 100644
--- a/net/ipv6/syncookies.c
+++ b/net/ipv6/syncookies.c
@@ -170,6 +170,7 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb)
170 int mss; 170 int mss;
171 struct dst_entry *dst; 171 struct dst_entry *dst;
172 __u8 rcv_wscale; 172 __u8 rcv_wscale;
173 struct tcp_options_received tcp_opt;
173 174
174 if (!sysctl_tcp_syncookies || !th->ack) 175 if (!sysctl_tcp_syncookies || !th->ack)
175 goto out; 176 goto out;
@@ -182,6 +183,13 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb)
182 183
183 NET_INC_STATS_BH(LINUX_MIB_SYNCOOKIESRECV); 184 NET_INC_STATS_BH(LINUX_MIB_SYNCOOKIESRECV);
184 185
186 /* check for timestamp cookie support */
187 memset(&tcp_opt, 0, sizeof(tcp_opt));
188 tcp_parse_options(skb, &tcp_opt, 0);
189
190 if (tcp_opt.saw_tstamp)
191 cookie_check_timestamp(&tcp_opt);
192
185 ret = NULL; 193 ret = NULL;
186 req = inet6_reqsk_alloc(&tcp6_request_sock_ops); 194 req = inet6_reqsk_alloc(&tcp6_request_sock_ops);
187 if (!req) 195 if (!req)
@@ -216,8 +224,12 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb)
216 224
217 req->expires = 0UL; 225 req->expires = 0UL;
218 req->retrans = 0; 226 req->retrans = 0;
219 ireq->snd_wscale = ireq->rcv_wscale = ireq->tstamp_ok = 0; 227 ireq->snd_wscale = tcp_opt.snd_wscale;
220 ireq->wscale_ok = ireq->sack_ok = 0; 228 ireq->rcv_wscale = tcp_opt.rcv_wscale;
229 ireq->sack_ok = tcp_opt.sack_ok;
230 ireq->wscale_ok = tcp_opt.wscale_ok;
231 ireq->tstamp_ok = tcp_opt.saw_tstamp;
232 req->ts_recent = tcp_opt.saw_tstamp ? tcp_opt.rcv_tsval : 0;
221 treq->rcv_isn = ntohl(th->seq) - 1; 233 treq->rcv_isn = ntohl(th->seq) - 1;
222 treq->snt_isn = cookie; 234 treq->snt_isn = cookie;
223 235
@@ -253,10 +265,10 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb)
253 goto out; 265 goto out;
254 } 266 }
255 267
256 req->window_clamp = dst_metric(dst, RTAX_WINDOW); 268 req->window_clamp = tp->window_clamp ? :dst_metric(dst, RTAX_WINDOW);
257 tcp_select_initial_window(tcp_full_space(sk), req->mss, 269 tcp_select_initial_window(tcp_full_space(sk), req->mss,
258 &req->rcv_wnd, &req->window_clamp, 270 &req->rcv_wnd, &req->window_clamp,
259 0, &rcv_wscale); 271 ireq->wscale_ok, &rcv_wscale);
260 272
261 ireq->rcv_wscale = rcv_wscale; 273 ireq->rcv_wscale = rcv_wscale;
262 274
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c
index 378cc4002a76..8ebf6de29562 100644
--- a/net/ipv6/tcp_ipv6.c
+++ b/net/ipv6/tcp_ipv6.c
@@ -1290,10 +1290,8 @@ static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1290 1290
1291 tcp_parse_options(skb, &tmp_opt, 0); 1291 tcp_parse_options(skb, &tmp_opt, 0);
1292 1292
1293 if (want_cookie) { 1293 if (want_cookie && !tmp_opt.saw_tstamp)
1294 tcp_clear_options(&tmp_opt); 1294 tcp_clear_options(&tmp_opt);
1295 tmp_opt.saw_tstamp = 0;
1296 }
1297 1295
1298 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp; 1296 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
1299 tcp_openreq_init(req, &tmp_opt, skb); 1297 tcp_openreq_init(req, &tmp_opt, skb);
@@ -1307,6 +1305,7 @@ static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1307 1305
1308 if (want_cookie) { 1306 if (want_cookie) {
1309 isn = cookie_v6_init_sequence(sk, skb, &req->mss); 1307 isn = cookie_v6_init_sequence(sk, skb, &req->mss);
1308 req->cookie_ts = tmp_opt.tstamp_ok;
1310 } else if (!isn) { 1309 } else if (!isn) {
1311 if (ipv6_opt_accepted(sk, skb) || 1310 if (ipv6_opt_accepted(sk, skb) ||
1312 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo || 1311 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-03 05:31:21 -0500