git: network - Move socket from netmsg ext to netmsg header, add port to socket

Aggelos Economopoulos aoiko at cc.ece.ntua.gr
Tue Dec 8 06:59:57 PST 2009


Matthew Dillon wrote:
> commit 48e7b118aed5eb70d42bdbf2ca5a938ef1f371b6
> Author: Matthew Dillon <dillon at apollo.backplane.com>
> Date:   Sat Dec 5 11:45:34 2009 -0800
> 
>     network - Move socket from netmsg ext to netmsg header, add port to socket

+
+	/*
+	 * Do implied connect if not yet connected.  Any data sent
+	 * with the connect is handled by tcp_connect() and friends.
+	 *
+	 * NOTE!  PROTOCOL THREAD MAY BE CHANGED BY THE CONNECT!
+	 */
+	if (nam && tp->t_state < TCPS_SYN_SENT) {
+#ifdef INET6
+		if (isipv6)
+			error = tcp6_connect(tp, flags, m, nam, td);
+		else
+#endif /* INET6 */
+		error = tcp_connect(tp, flags, m, nam, td);
+#if 0
+		/* WTF is this doing here? */
+		tp->snd_wnd = TTCP_CLIENT_SND_WND;
+		tcp_mss(tp, -1);
+#endif
+		goto out;
+	}

Those lines are there for T/TCP support. When using T/TCP, you send the
data in the SYN packet so you don't have any window information from the
server. RFC1644 suggests using a 4K window by default. Similarly, the -1
signals to tcp_mss() that it should use the MSS from the cached rmxp_tao
entry (TAO == TCP Accelerated Open), if available.

So removing that code breaks T/TCP, but a) T/TCP is off by default b)
T/TCP has major security issues http://www.mid-way.org/doc/ttcp-sec.txt
that our implementation does not even try to address.

Given that pretty much nobody uses T/TCP (Linux doesn't even implement
it) I'd suggest we remove it altogether. Otherwise, we should revert at
least the change above (of course, I would not be surprised if T/TCP has
been broken for years and nobody noticed ;)

Aggelos





More information about the Commits mailing list