From af446eb323a81d8ed7c658886175000c1583d952 Mon Sep 17 00:00:00 2001 From: friehm Date: Mon, 17 Sep 2018 14:07:48 +0000 Subject: [PATCH] Do not acknowledge a received ack-only tcp packet that we would drop due to PAWS. Otherwise we could trigger a retransmit of the opposite party with another wrong timestamp and produce loop. I have seen this with a buggy server which messed up tcp timestamps. Suggested by Prof. Jacobson for FreeBSD. ok krw, bluhm, henning, mpi --- sys/netinet/tcp_input.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c index 899471dbbcc..0244e2907ab 100644 --- a/sys/netinet/tcp_input.c +++ b/sys/netinet/tcp_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_input.c,v 1.358 2018/07/23 21:14:00 bluhm Exp $ */ +/* $OpenBSD: tcp_input.c,v 1.359 2018/09/17 14:07:48 friehm Exp $ */ /* $NetBSD: tcp_input.c,v 1.23 1996/02/13 23:43:44 christos Exp $ */ /* @@ -1270,7 +1270,9 @@ trimthenstep6: } else { tcpstat_pkt(tcps_rcvduppack, tcps_rcvdupbyte, tlen); tcpstat_inc(tcps_pawsdrop); - goto dropafterack; + if (tlen) + goto dropafterack; + goto drop; } } -- 2.20.1