git: 20a2fe68faac - main - pf: correctly reset max_win if the SYN-ACK lacks a wscale option.
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 12 Jun 2024 21:33:43 UTC
The branch main has been updated by kp:
URL: https://cgit.FreeBSD.org/src/commit/?id=20a2fe68faacb98b3c87ce7ea46a16b0d6c2462b
commit 20a2fe68faacb98b3c87ce7ea46a16b0d6c2462b
Author: Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2024-06-12 18:01:58 +0000
Commit: Kristof Provost <kp@FreeBSD.org>
CommitDate: 2024-06-12 21:33:11 +0000
pf: correctly reset max_win if the SYN-ACK lacks a wscale option.
pf was setting max_win to 0 and discarded retransmitted SYN-ACK segments without
wscale if the original SYN contained a wscale option. with gerhard@, ok
henning@
Obtained From: OpenBSD
Sponsored by: Rubicon Communications, LLC ("Netgate")
---
sys/netpfil/pf/pf.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index 8c97d1bf200d..c635251c3490 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -5315,8 +5315,9 @@ pf_tcp_track_full(struct pf_kstate **state, struct pfi_kkif *kif,
dws = dst->wscale & PF_WSCALE_MASK;
} else {
/* fixup other window */
- dst->max_win <<= dst->wscale &
- PF_WSCALE_MASK;
+ dst->max_win = MIN(TCP_MAXWIN,
+ (u_int32_t)dst->max_win <<
+ (dst->wscale & PF_WSCALE_MASK));
/* in case of a retrans SYN|ACK */
dst->wscale = 0;
}