| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20130810163847.GA4365@localhost> Date: Sat, 10 Aug 2013 18:38:47 +0200 From: Pablo Neira Ayuso <pablo@...filter.org> To: Jozsef Kadlecsik <kadlec@...ckhole.kfki.hu> Cc: Yuchung Cheng <ycheng@...gle.com>, netfilter-devel@...r.kernel.org, netdev@...r.kernel.org, edumazet@...gle.com Subject: Re: [PATCH] netfilter: nf_conntrack: fix tcp_in_window for Fast Open On Sat, Aug 10, 2013 at 03:01:36PM +0200, Jozsef Kadlecsik wrote: > On Fri, 9 Aug 2013, Yuchung Cheng wrote: > > > Currently the conntrack checks if the ending sequence of a packet > > falls within the observed receive window. However it does so even > > if it has not observe any packet from the remote yet and uses an > > uninitialized receive window (td_maxwin). > > > > If a connection uses Fast Open to send a SYN-data packet which is > > dropped afterward in the network. The subsequent SYNs retransmits > > will all fail this check and be discarded, leading to a connection > > timeout. This is because the SYN retransmit does not contain data > > payload so > > > > end == initial sequence number (isn) + 1 > > sender->td_end == isn + syn_data_len > > receiver->td_maxwin == 0 > > > > The fix is to only apply this check after td_maxwin is initialized. > > > > Reported-by: Michael Chan <mcfchan@...nford.edu> > > Signed-off-by: Yuchung Cheng <ycheng@...gle.com> > > Acked-by: Jozsef Kadlecsik <kadlec@...ckhole.kfki.hu> Applied, thanks everyone. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists