sun purge

[unix-history] / usr / src / sys / netinet / tcp_input.c
diff --git a/usr/src/sys/netinet/tcp_input.c b/usr/src/sys/netinet/tcp_input.c

index 64c1e62..46d7b9d 100644 (file)
--- a/usr/src/sys/netinet/tcp_input.c
+++ b/usr/src/sys/netinet/tcp_input.c
@@ -1,4 +1,4 @@
-/*     tcp_input.c     1.76    82/10/09        */
+/*     tcp_input.c     1.95    83/06/14        */
  
  #include "../h/param.h"
  #include "../h/systm.h"
  
  #include "../h/param.h"
  #include "../h/systm.h"
@@ -6,11 +6,14 @@
  #include "../h/protosw.h"
  #include "../h/socket.h"
  #include "../h/socketvar.h"
  #include "../h/protosw.h"
  #include "../h/socket.h"
  #include "../h/socketvar.h"
-#include "../netinet/in.h"
+#include "../h/errno.h"
+
+#include "../net/if.h"
  #include "../net/route.h"
  #include "../net/route.h"
+
+#include "../netinet/in.h"
  #include "../netinet/in_pcb.h"
  #include "../netinet/in_systm.h"
  #include "../netinet/in_pcb.h"
  #include "../netinet/in_systm.h"
-#include "../net/if.h"
  #include "../netinet/ip.h"
  #include "../netinet/ip_var.h"
  #include "../netinet/tcp.h"
  #include "../netinet/ip.h"
  #include "../netinet/ip_var.h"
  #include "../netinet/tcp.h"
@@ -20,11 +23,9 @@
  #include "../netinet/tcp_var.h"
  #include "../netinet/tcpip.h"
  #include "../netinet/tcp_debug.h"
  #include "../netinet/tcp_var.h"
  #include "../netinet/tcpip.h"
  #include "../netinet/tcp_debug.h"
-#include <errno.h>
  
  int    tcpprintfs = 0;
  int    tcpcksum = 1;
  
  int    tcpprintfs = 0;
  int    tcpcksum = 1;
-struct mbuf tcp_mb;
  struct tcpiphdr tcp_saveti;
  extern tcpnodelack;
  
  struct tcpiphdr tcp_saveti;
  extern tcpnodelack;
  
@@ -47,6 +48,7 @@ tcp_input(m0)
         int todrop, acked;
         short ostate;
         struct in_addr laddr;
         int todrop, acked;
         short ostate;
         struct in_addr laddr;
+       int dropsocket = 0;
  
         /*
          * Get IP and TCP header together in first mbuf.
  
         /*
          * Get IP and TCP header together in first mbuf.
@@ -73,13 +75,11 @@ tcp_input(m0)
                 ti->ti_next = ti->ti_prev = 0;
                 ti->ti_x1 = 0;
                 ti->ti_len = (u_short)tlen;
                 ti->ti_next = ti->ti_prev = 0;
                 ti->ti_x1 = 0;
                 ti->ti_len = (u_short)tlen;
-#if vax || pdp11
                 ti->ti_len = htons((u_short)ti->ti_len);
                 ti->ti_len = htons((u_short)ti->ti_len);
-#endif
                 if (ti->ti_sum = in_cksum(m, len)) {
                 if (ti->ti_sum = in_cksum(m, len)) {
-                       tcpstat.tcps_badsum++;
                         if (tcpprintfs)
                         if (tcpprintfs)
-                               printf("tcp cksum %x\n", ti->ti_sum);
+                               printf("tcp sum: src %x\n", ti->ti_src);
+                       tcpstat.tcps_badsum++;
                         goto drop;
                 }
         }
                         goto drop;
                 }
         }
@@ -90,6 +90,8 @@ tcp_input(m0)
          */
         off = ti->ti_off << 2;
         if (off < sizeof (struct tcphdr) || off > tlen) {
          */
         off = ti->ti_off << 2;
         if (off < sizeof (struct tcphdr) || off > tlen) {
+               if (tcpprintfs)
+                       printf("tcp off: src %x off %d\n", ti->ti_src, off);
                 tcpstat.tcps_badoff++;
                 goto drop;
         }
                 tcpstat.tcps_badoff++;
                 goto drop;
         }
@@ -98,10 +100,10 @@ tcp_input(m0)
         if (off > sizeof (struct tcphdr)) {
                 if ((m = m_pullup(m, sizeof (struct ip) + off)) == 0) {
                         tcpstat.tcps_hdrops++;
         if (off > sizeof (struct tcphdr)) {
                 if ((m = m_pullup(m, sizeof (struct ip) + off)) == 0) {
                         tcpstat.tcps_hdrops++;
-                       goto drop;
+                       return;
                 }
                 ti = mtod(m, struct tcpiphdr *);
                 }
                 ti = mtod(m, struct tcpiphdr *);
-               om = m_get(M_DONTWAIT);
+               om = m_get(M_DONTWAIT, MT_DATA);
                 if (om == 0)
                         goto drop;
                 om->m_len = off - sizeof (struct tcphdr);
                 if (om == 0)
                         goto drop;
                 om->m_len = off - sizeof (struct tcphdr);
@@ -121,7 +123,6 @@ tcp_input(m0)
         m->m_off += off;
         m->m_len -= off;
  
         m->m_off += off;
         m->m_len -= off;
  
-#if vax || pdp11
         /*
          * Convert TCP protocol specific fields to host format.
          */
         /*
          * Convert TCP protocol specific fields to host format.
          */
@@ -129,7 +130,6 @@ tcp_input(m0)
         ti->ti_ack = ntohl(ti->ti_ack);
         ti->ti_win = ntohs(ti->ti_win);
         ti->ti_urp = ntohs(ti->ti_urp);
         ti->ti_ack = ntohl(ti->ti_ack);
         ti->ti_win = ntohs(ti->ti_win);
         ti->ti_urp = ntohs(ti->ti_urp);
-#endif
  
         /*
          * Locate pcb for segment.
  
         /*
          * Locate pcb for segment.
@@ -156,6 +156,18 @@ tcp_input(m0)
                 so = sonewconn(so);
                 if (so == 0)
                         goto drop;
                 so = sonewconn(so);
                 if (so == 0)
                         goto drop;
+               /*
+                * This is ugly, but ....
+                *
+                * Mark socket as temporary until we're
+                * committed to keeping it.  The code at
+                * ``drop'' and ``dropwithreset'' check the
+                * flag dropsocket to see if the temporary
+                * socket created here should be discarded.
+                * We mark the socket as discardable until
+                * we're committed to it below in TCPS_LISTEN.
+                */
+               dropsocket++;
                 inp = (struct inpcb *)so->so_pcb;
                 inp->inp_laddr = ti->ti_dst;
                 inp->inp_lport = ti->ti_dport;
                 inp = (struct inpcb *)so->so_pcb;
                 inp->inp_laddr = ti->ti_dst;
                 inp->inp_lport = ti->ti_dport;
@@ -201,31 +213,32 @@ tcp_input(m0)
          * segment in this state.
          */
         case TCPS_LISTEN: {
          * segment in this state.
          */
         case TCPS_LISTEN: {
-               struct mbuf *m = m_get(M_DONTWAIT);
+               struct mbuf *am;
                 register struct sockaddr_in *sin;
  
                 register struct sockaddr_in *sin;
  
-               if (m == 0)
-                       goto drop;
-               m->m_len = sizeof (struct sockaddr_in);
                 if (tiflags & TH_RST)
                         goto drop;
                 if (tiflags & TH_ACK)
                         goto dropwithreset;
                 if ((tiflags & TH_SYN) == 0)
                         goto drop;
                 if (tiflags & TH_RST)
                         goto drop;
                 if (tiflags & TH_ACK)
                         goto dropwithreset;
                 if ((tiflags & TH_SYN) == 0)
                         goto drop;
-               sin = mtod(m, struct sockaddr_in *);
+               am = m_get(M_DONTWAIT, MT_SONAME);
+               if (am == NULL)
+                       goto drop;
+               am->m_len = sizeof (struct sockaddr_in);
+               sin = mtod(am, struct sockaddr_in *);
                 sin->sin_family = AF_INET;
                 sin->sin_addr = ti->ti_src;
                 sin->sin_port = ti->ti_sport;
                 laddr = inp->inp_laddr;
                 sin->sin_family = AF_INET;
                 sin->sin_addr = ti->ti_src;
                 sin->sin_port = ti->ti_sport;
                 laddr = inp->inp_laddr;
-               if (inp->inp_laddr.s_addr == 0)
+               if (inp->inp_laddr.s_addr == INADDR_ANY)
                         inp->inp_laddr = ti->ti_dst;
                         inp->inp_laddr = ti->ti_dst;
-               if (in_pcbconnect(inp, m)) {
+               if (in_pcbconnect(inp, am)) {
                         inp->inp_laddr = laddr;
                         inp->inp_laddr = laddr;
-                       m_free(m);
+                       (void) m_free(am);
                         goto drop;
                 }
                         goto drop;
                 }
-               m_free(m);
+               (void) m_free(am);
                 tp->t_template = tcp_template(tp);
                 if (tp->t_template == 0) {
                         in_pcbdisconnect(inp);
                 tp->t_template = tcp_template(tp);
                 if (tp->t_template == 0) {
                         in_pcbdisconnect(inp);
@@ -239,6 +252,7 @@ tcp_input(m0)
                 tcp_rcvseqinit(tp);
                 tp->t_state = TCPS_SYN_RECEIVED;
                 tp->t_timer[TCPT_KEEP] = TCPTV_KEEP;
                 tcp_rcvseqinit(tp);
                 tp->t_state = TCPS_SYN_RECEIVED;
                 tp->t_timer[TCPT_KEEP] = TCPTV_KEEP;
+               dropsocket = 0;         /* committed to socket */
                 goto trimthenstep6;
                 }
  
                 goto trimthenstep6;
                 }
  
@@ -261,10 +275,8 @@ tcp_input(m0)
                      SEQ_GT(ti->ti_ack, tp->snd_max)))
                         goto dropwithreset;
                 if (tiflags & TH_RST) {
                      SEQ_GT(ti->ti_ack, tp->snd_max)))
                         goto dropwithreset;
                 if (tiflags & TH_RST) {
-                       if (tiflags & TH_ACK) {
-                               tcp_drop(tp, ECONNREFUSED);
-                               tp = 0;
-                       }
+                       if (tiflags & TH_ACK)
+                               tp = tcp_drop(tp, ECONNREFUSED);
                         goto drop;
                 }
                 if ((tiflags & TH_SYN) == 0)
                         goto drop;
                 }
                 if ((tiflags & TH_SYN) == 0)
@@ -365,12 +377,12 @@ trimthenstep6:
         }
  
         /*
         }
  
         /*
-        * If a segment is received on a connection after the
+        * If data is received on a connection after the
          * user processes are gone, then RST the other end.
          */
          * user processes are gone, then RST the other end.
          */
-       if (so->so_state & SS_NOFDREF) {
-               tcp_close(tp);
-               tp = 0;
+       if ((so->so_state & SS_NOFDREF) && tp->t_state > TCPS_CLOSE_WAIT &&
+           ti->ti_len) {
+               tp = tcp_close(tp);
                 goto dropwithreset;
         }
  
                 goto dropwithreset;
         }
  
@@ -387,23 +399,20 @@ trimthenstep6:
         if (tiflags&TH_RST) switch (tp->t_state) {
  
         case TCPS_SYN_RECEIVED:
         if (tiflags&TH_RST) switch (tp->t_state) {
  
         case TCPS_SYN_RECEIVED:
-               tcp_drop(tp, ECONNREFUSED);
-               tp = 0;
+               tp = tcp_drop(tp, ECONNREFUSED);
                 goto drop;
  
         case TCPS_ESTABLISHED:
         case TCPS_FIN_WAIT_1:
         case TCPS_FIN_WAIT_2:
         case TCPS_CLOSE_WAIT:
                 goto drop;
  
         case TCPS_ESTABLISHED:
         case TCPS_FIN_WAIT_1:
         case TCPS_FIN_WAIT_2:
         case TCPS_CLOSE_WAIT:
-               tcp_drop(tp, ECONNRESET);
-               tp = 0;
+               tp = tcp_drop(tp, ECONNRESET);
                 goto drop;
  
         case TCPS_CLOSING:
         case TCPS_LAST_ACK:
         case TCPS_TIME_WAIT:
                 goto drop;
  
         case TCPS_CLOSING:
         case TCPS_LAST_ACK:
         case TCPS_TIME_WAIT:
-               tcp_close(tp);
-               tp = 0;
+               tp = tcp_close(tp);
                 goto drop;
         }
  
                 goto drop;
         }
  
@@ -412,8 +421,7 @@ trimthenstep6:
          * error and we send an RST and drop the connection.
          */
         if (tiflags & TH_SYN) {
          * error and we send an RST and drop the connection.
          */
         if (tiflags & TH_SYN) {
-               tcp_drop(tp, ECONNRESET);
-               tp = 0;
+               tp = tcp_drop(tp, ECONNRESET);
                 goto dropwithreset;
         }
  
                 goto dropwithreset;
         }
  
@@ -481,7 +489,6 @@ trimthenstep6:
                                 tp->t_srtt =
                                     tcp_alpha * tp->t_srtt +
                                     (1 - tcp_alpha) * tp->t_rtt;
                                 tp->t_srtt =
                                     tcp_alpha * tp->t_srtt +
                                     (1 - tcp_alpha) * tp->t_rtt;
-/* printf("rtt %d srtt*100 now %d\n", tp->t_rtt, (int)(tp->t_srtt*100)); */
                         tp->t_rtt = 0;
                 }
  
                         tp->t_rtt = 0;
                 }
  
@@ -548,10 +555,8 @@ trimthenstep6:
                  * and return.
                  */
                 case TCPS_LAST_ACK:
                  * and return.
                  */
                 case TCPS_LAST_ACK:
-                       if (ourfinisacked) {
-                               tcp_close(tp);
-                               tp = 0;
-                       }
+                       if (ourfinisacked)
+                               tp = tcp_close(tp);
                         goto drop;
  
                 /*
                         goto drop;
  
                 /*
@@ -576,7 +581,7 @@ step6:
                 tp->snd_wnd = ti->ti_win;
                 tp->snd_wl1 = ti->ti_seq;
                 tp->snd_wl2 = ti->ti_ack;
                 tp->snd_wnd = ti->ti_win;
                 tp->snd_wl1 = ti->ti_seq;
                 tp->snd_wl2 = ti->ti_ack;
-               if (tp->snd_wnd > 0)
+               if (tp->snd_wnd != 0)
                         tp->t_timer[TCPT_PERSIST] = 0;
         }
  
                         tp->t_timer[TCPT_PERSIST] = 0;
         }
  
@@ -585,6 +590,18 @@ step6:
          */
         if ((tiflags & TH_URG) && ti->ti_urp &&
             TCPS_HAVERCVDFIN(tp->t_state) == 0) {
          */
         if ((tiflags & TH_URG) && ti->ti_urp &&
             TCPS_HAVERCVDFIN(tp->t_state) == 0) {
+               /*
+                * This is a kludge, but if we receive accept
+                * random urgent pointers, we'll crash in
+                * soreceive.  It's hard to imagine someone
+                * actually wanting to send this much urgent data.
+                */
+               if (ti->ti_urp > tp->t_maxseg) {        /* XXX */
+                       ti->ti_urp = 0;                 /* XXX */
+                       tiflags &= ~TH_URG;             /* XXX */
+                       ti->ti_flags &= ~TH_URG;        /* XXX */
+                       goto badurp;                    /* XXX */
+               }
                 /*
                  * If this segment advances the known urgent pointer,
                  * then mark the data stream.  This should not happen
                 /*
                  * If this segment advances the known urgent pointer,
                  * then mark the data stream.  This should not happen
@@ -610,6 +627,7 @@ step6:
                 if (ti->ti_urp <= ti->ti_len)
                         tcp_pulloutofband(so, ti);
         }
                 if (ti->ti_urp <= ti->ti_len)
                         tcp_pulloutofband(so, ti);
         }
+badurp:                                                        /* XXX */
  
         /*
          * Process the segment text, merging it into the TCP sequencing queue,
  
         /*
          * Process the segment text, merging it into the TCP sequencing queue,
@@ -703,8 +721,10 @@ dropafterack:
         return;
  
  dropwithreset:
         return;
  
  dropwithreset:
-       if (om)
+       if (om) {
                 (void) m_free(om);
                 (void) m_free(om);
+               om = 0;
+       }
         /*
          * Generate a RST, dropping incoming segment.
          * Make ACK acceptable to originator of segment.
         /*
          * Generate a RST, dropping incoming segment.
          * Make ACK acceptable to originator of segment.
@@ -719,15 +739,23 @@ dropwithreset:
                 tcp_respond(tp, ti, ti->ti_seq+ti->ti_len, (tcp_seq)0,
                     TH_RST|TH_ACK);
         }
                 tcp_respond(tp, ti, ti->ti_seq+ti->ti_len, (tcp_seq)0,
                     TH_RST|TH_ACK);
         }
+       /* destroy temporarily created socket */
+       if (dropsocket)
+               (void) soabort(so);
         return;
  
  drop:
         return;
  
  drop:
+       if (om)
+               (void) m_free(om);
         /*
          * Drop space held by incoming segment and return.
          */
         if (tp && (tp->t_inpcb->inp_socket->so_options & SO_DEBUG))
                 tcp_trace(TA_DROP, ostate, tp, &tcp_saveti, 0);
         m_freem(m);
         /*
          * Drop space held by incoming segment and return.
          */
         if (tp && (tp->t_inpcb->inp_socket->so_options & SO_DEBUG))
                 tcp_trace(TA_DROP, ostate, tp, &tcp_saveti, 0);
         m_freem(m);
+       /* destroy temporarily created socket */
+       if (dropsocket)
+               (void) soabort(so);
         return;
  }
  
         return;
  }
  
@@ -746,8 +774,11 @@ tcp_dooptions(tp, om)
                         break;
                 if (opt == TCPOPT_NOP)
                         optlen = 1;
                         break;
                 if (opt == TCPOPT_NOP)
                         optlen = 1;
-               else
+               else {
                         optlen = cp[1];
                         optlen = cp[1];
+                       if (optlen <= 0)
+                               break;
+               }
                 switch (opt) {
  
                 default:
                 switch (opt) {
  
                 default:
@@ -757,9 +788,7 @@ tcp_dooptions(tp, om)
                         if (optlen != 4)
                                 continue;
                         tp->t_maxseg = *(u_short *)(cp + 2);
                         if (optlen != 4)
                                 continue;
                         tp->t_maxseg = *(u_short *)(cp + 2);
-#if vax || pdp11
                         tp->t_maxseg = ntohs((u_short)tp->t_maxseg);
                         tp->t_maxseg = ntohs((u_short)tp->t_maxseg);
-#endif
                         break;
                 }
         }
                         break;
                 }
         }