tcp: allow timestamps even if SYN packet has tsval=0
Some systems send SYN packets with apparently wrong RFC1323 timestamp option values [timestamp tsval=0 tsecr=0]. It might be for security reasons (http://www.secuobs.com/plugs/25220.shtml ) Linux TCP stack ignores this option and sends back a SYN+ACK packet without timestamp option, thus many TCP flows cannot use timestamps and lose some benefit of RFC1323. Other operating systems seem to not care about initial tsval value, and let tcp flows to negotiate timestamp option. Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
3e1a3ce2f1
commit
fc1ad92dfc
@ -1226,15 +1226,6 @@ int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb)
|
|||||||
if (want_cookie && !tmp_opt.saw_tstamp)
|
if (want_cookie && !tmp_opt.saw_tstamp)
|
||||||
tcp_clear_options(&tmp_opt);
|
tcp_clear_options(&tmp_opt);
|
||||||
|
|
||||||
if (tmp_opt.saw_tstamp && !tmp_opt.rcv_tsval) {
|
|
||||||
/* Some OSes (unknown ones, but I see them on web server, which
|
|
||||||
* contains information interesting only for windows'
|
|
||||||
* users) do not send their stamp in SYN. It is easy case.
|
|
||||||
* We simply do not advertise TS support.
|
|
||||||
*/
|
|
||||||
tmp_opt.saw_tstamp = 0;
|
|
||||||
tmp_opt.tstamp_ok = 0;
|
|
||||||
}
|
|
||||||
tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
|
tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
|
||||||
|
|
||||||
tcp_openreq_init(req, &tmp_opt, skb);
|
tcp_openreq_init(req, &tmp_opt, skb);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user