Add Matt Dillon's quick fix hack for the self-connect DoS.

PR: 5103
svn path=/head/; revision=31323
2024-12-01 21:33:04 +00:00 · 1997-11-20 20:04:49 +00:00 · 1997-11-20 20:04:49 +00:00 · 76d3eadb53 · 2020-12-20 02:59:44 +00:00
commit 76d3eadb53
parent d447dbee36
2 changed files with 28 additions and 2 deletions
--- a/sys/netinet/tcp_input.c
+++ b/sys/netinet/tcp_input.c
@ -31,7 +31,7 @@
 * SUCH DAMAGE.
 *
 *	@(#)tcp_input.c	8.12 (Berkeley) 5/24/95
- *	$Id: tcp_input.c,v 1.64 1997/10/28 15:58:52 bde Exp $
+ *	$Id: tcp_input.c,v 1.65 1997/11/07 08:53:21 phk Exp $
 */

 #include "opt_tcpdebug.h"
@ -316,6 +316,19 @@ tcp_input(m, iphlen)
 	}
 #endif /* TUBA_INCLUDE */

+	/*
+	 * Reject attempted self-connects.  XXX This actually masks
+	 * a bug elsewhere, since self-connect should work.
+	 * However, a urrently-active DoS attack in the Internet
+	 * sends a phony self-connect request which causes an infinite
+	 * loop.
+	 */
+	if (ti->ti_src.s_addr == ti->ti_dst.s_addr
+	    && ti->ti_sport == ti->ti_dport) {
+		tcpstat.tcps_badsyn++;
+		goto drop;
+	}
+
 	/*
 	 * Check that TCP offset makes sense,
 	 * pull out TCP options and adjust length.		XXX
--- a/sys/netinet/tcp_reass.c
+++ b/sys/netinet/tcp_reass.c
@ -31,7 +31,7 @@
 * SUCH DAMAGE.
 *
 *	@(#)tcp_input.c	8.12 (Berkeley) 5/24/95
- *	$Id: tcp_input.c,v 1.64 1997/10/28 15:58:52 bde Exp $
+ *	$Id: tcp_input.c,v 1.65 1997/11/07 08:53:21 phk Exp $
 */

 #include "opt_tcpdebug.h"
@ -316,6 +316,19 @@ tcp_input(m, iphlen)
 	}
 #endif /* TUBA_INCLUDE */

+	/*
+	 * Reject attempted self-connects.  XXX This actually masks
+	 * a bug elsewhere, since self-connect should work.
+	 * However, a urrently-active DoS attack in the Internet
+	 * sends a phony self-connect request which causes an infinite
+	 * loop.
+	 */
+	if (ti->ti_src.s_addr == ti->ti_dst.s_addr
+	    && ti->ti_sport == ti->ti_dport) {
+		tcpstat.tcps_badsyn++;
+		goto drop;
+	}
+
 	/*
 	 * Check that TCP offset makes sense,
 	 * pull out TCP options and adjust length.		XXX