From 547763d6583564afaacd4c4592d3bda5ac41f7c2 Mon Sep 17 00:00:00 2001 From: bluhm Date: Wed, 14 Jul 2021 21:07:36 +0000 Subject: [PATCH] Resend the TCP packet only if the MTU locked flag appears at the route and was not there before. This should prevent a recursion in path MTU discovery with TCP over IPsec. reported and tested Matthias Schmidt; tested and OK tobhe@ --- sys/netinet/tcp_subr.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c index 6b83571c777..249c1aada3e 100644 --- a/sys/netinet/tcp_subr.c +++ b/sys/netinet/tcp_subr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_subr.c,v 1.178 2021/07/08 21:07:19 bluhm Exp $ */ +/* $OpenBSD: tcp_subr.c,v 1.179 2021/07/14 21:07:36 bluhm Exp $ */ /* $NetBSD: tcp_subr.c,v 1.22 1996/02/13 23:44:00 christos Exp $ */ /* @@ -845,6 +845,8 @@ tcp_mtudisc(struct inpcb *inp, int errno) rt = in_pcbrtentry(inp); if (rt != NULL) { + unsigned int orig_mtulock = (rt->rt_locks & RTV_MTU); + /* * If this was not a host route, remove and realloc. */ @@ -853,7 +855,7 @@ tcp_mtudisc(struct inpcb *inp, int errno) if ((rt = in_pcbrtentry(inp)) == NULL) return; } - if (rt->rt_locks & RTV_MTU) + if (orig_mtulock < (rt->rt_locks & RTV_MTU)) change = 1; } tcp_mss(tp, -1); -- 2.20.1