Re: [PATCH] Fix corrupt TCP packets when options space overflows with MD5SIG enabled (v2)

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: David Miller

Subject: Re: [PATCH] Fix corrupt TCP packets when options space overflows with MD5SIG enabled (v2)

Date: Tuesday, June 17, 2008 - 9:03 pm

From: "Adam Langley" <agl@imperialviolet.org>
Date: Tue, 17 Jun 2008 17:45:52 -0700

quoted text> How's this:
> 
> If we receive a SYN packet with MD5 + SACK + TS was assume that it's
> from an older kernel and reply with MD5 + TS. Not including SACK means
> that it won't send us corrupt packets and since we couldn't previously
> do SACK with these packets anyway, we're not loosing anything.

We should reject invalid packets, even those created by
Linus, regardless of the ramifications of such.

If we drop such frames, things will reset and a timeout
based retransmission will occur.

I don't see any value in trying to recognize these
invalid frames.  We should instead just fix the part
of Linux that emits the bogus packets to begin with.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[PATCH] Fix corrupt TCP packets when options space overflo ..., Adam Langley, (Tue Jun 3, 2:52 pm)

Re: [PATCH] Fix corrupt TCP packets when options space ove ..., David Miller, (Tue Jun 17, 5:07 pm)

Re: [PATCH] Fix corrupt TCP packets when options space ove ..., Adam Langley, (Tue Jun 17, 5:45 pm)

Re: [PATCH] Fix corrupt TCP packets when options space ove ..., David Miller, (Tue Jun 17, 9:03 pm)

Re: [PATCH] Fix corrupt TCP packets when options space ove ..., Bill Fink, (Tue Jun 17, 11:34 pm)

Re: [PATCH] Fix corrupt TCP packets when options space ove ..., David Miller, (Wed Jun 18, 1:52 am)

Re: [PATCH] Fix corrupt TCP packets when options space ove ..., Adam Langley, (Wed Jun 18, 12:39 pm)

Re: [PATCH] Fix corrupt TCP packets when options space ove ..., David Miller, (Wed Jun 18, 3:01 pm)

Comments requested: Long options and MD5 options, Adam Langley, (Wed Jun 18, 4:24 pm)

Re: Comments requested: Long options and MD5 options, David Miller, (Wed Jun 18, 4:36 pm)

[PATCH] Fix corrupt TCP packets when options space overflo ..., Adam Langley, (Fri Jun 20, 1:27 pm)

Re: [PATCH] Fix corrupt TCP packets when options space ove ..., David Miller, (Fri Jun 27, 7:47 pm)


linux-kernel:
Paul Turner	[tg_shares_up rewrite v4 11/11] sched: update tg->shares after cpu.shares write
Brandeburg, Jesse	RE: [regression] e1000e broke e1000 (was: Re: [ANNOUNCE] e1000 toe1000e migration ...
Mr. James W. Laferriere	Re: Linux 2.6.25-rc1 , syntax error near unexpected token `;'
Robin Lee Powell	NFS hang + umount -f: better behaviour requested.
Linus Torvalds	Linux 2.6.34-rc4
git:
Fredrik Kuivinen	Re: fatal: unable to create '.git/index': File exists
Rene Herman	"git pull . <branch>" versus "git merge <branch>"
Dan Chokola	Re: how do you "force a pull"?
Wink Saville	How-to combine several separate git repos?
Emily Ren	How to pull remote branch with specified commit id?
openbsd-misc:
Sevan / Venture37	Re: This is what Linus Torvalds calls openBSD crowd
Siju George	This is what Linus Torvalds calls openBSD crowd
new_guy	Longest Uptime?
frantisek holop	Re: splassert: vwakeup: and friends
William Boshuck	Re: obsd as domU?
linux-netdev:
Jamie Lokier	Re: POHMELFS high performance network filesystem. Transactions, failover, performa...
Paulius Zaleckas	Re: [RFC] Patch to option HSO driver to the kernel
Timo Teräs	ip xfrm policy semantics
Ron Mercer	[net-next PATCH 2/2] qlge: Version change to v1.00.00.27
Maciej W. Rozycki	Re: [PATCH] flush_work_sync vs. flush_scheduled_work Re: [PATCH] PHYLIB: IRQ event...
git-commits-head:
Linux Kernel Mailing List	powerpc/fsl_msi: enable msi allocation in all banks
Linux Kernel Mailing List	[ARM] mmp: avengers lite (pxa168) board bring up
Linux Kernel Mailing List	drivers/acpi: use kasprintf
Linux Kernel Mailing List	swiotlb: replace architecture-specific swiotlb.h with linux/swiotlb.h
Linux Kernel Mailing List	ASoC: fix registration of the SoC card in the Freescale MPC8610 drivers