mirror of
https://git.FreeBSD.org/src.git
synced 2025-01-30 16:51:41 +00:00
When checking the TCP fast cookie length, conststently also check
for the minimum length. This fixes a bug where cookies of length 2 bytes (which is smaller than the minimum length of 4) is provided by the server. Sponsored by: Netflix, Inc.
This commit is contained in:
parent
fb7275bedb
commit
1c714531e8
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=330089
@ -1071,7 +1071,8 @@ tcp_fastopen_ccache_create(struct tcp_fastopen_ccache_bucket *ccb,
|
||||
cce->cce_server_ip.v6 = inc->inc6_faddr;
|
||||
}
|
||||
cce->server_port = inc->inc_fport;
|
||||
if ((cookie_len <= TCP_FASTOPEN_MAX_COOKIE_LEN) &&
|
||||
if ((cookie_len >= TCP_FASTOPEN_MIN_COOKIE_LEN) &&
|
||||
(cookie_len <= TCP_FASTOPEN_MAX_COOKIE_LEN) &&
|
||||
((cookie_len & 0x1) == 0)) {
|
||||
cce->server_mss = mss;
|
||||
cce->cookie_len = cookie_len;
|
||||
|
Loading…
Reference in New Issue
Block a user