syncookies: fix inclusion of tcp options in syn-ack
David Miller noticed that commit33ad798c92
'(tcp: options clean up') did not move the req->cookie_ts check. This essentially disabled commit4dfc281702
'[Syncookies]: Add support for TCP options via timestamps.'. This restores the original logic. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
b700a98c70
commit
8b5f12d04b
1 changed files with 5 additions and 5 deletions
|
@ -2279,6 +2279,11 @@ struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst,
|
||||||
}
|
}
|
||||||
|
|
||||||
memset(&opts, 0, sizeof(opts));
|
memset(&opts, 0, sizeof(opts));
|
||||||
|
#ifdef CONFIG_SYN_COOKIES
|
||||||
|
if (unlikely(req->cookie_ts))
|
||||||
|
TCP_SKB_CB(skb)->when = cookie_init_timestamp(req);
|
||||||
|
else
|
||||||
|
#endif
|
||||||
TCP_SKB_CB(skb)->when = tcp_time_stamp;
|
TCP_SKB_CB(skb)->when = tcp_time_stamp;
|
||||||
tcp_header_size = tcp_synack_options(sk, req, mss,
|
tcp_header_size = tcp_synack_options(sk, req, mss,
|
||||||
skb, &opts, &md5) +
|
skb, &opts, &md5) +
|
||||||
|
@ -2304,11 +2309,6 @@ struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst,
|
||||||
|
|
||||||
/* RFC1323: The window in SYN & SYN/ACK segments is never scaled. */
|
/* RFC1323: The window in SYN & SYN/ACK segments is never scaled. */
|
||||||
th->window = htons(min(req->rcv_wnd, 65535U));
|
th->window = htons(min(req->rcv_wnd, 65535U));
|
||||||
#ifdef CONFIG_SYN_COOKIES
|
|
||||||
if (unlikely(req->cookie_ts))
|
|
||||||
TCP_SKB_CB(skb)->when = cookie_init_timestamp(req);
|
|
||||||
else
|
|
||||||
#endif
|
|
||||||
tcp_options_write((__be32 *)(th + 1), tp, &opts, &md5_hash_location);
|
tcp_options_write((__be32 *)(th + 1), tp, &opts, &md5_hash_location);
|
||||||
th->doff = (tcp_header_size >> 2);
|
th->doff = (tcp_header_size >> 2);
|
||||||
TCP_INC_STATS(sock_net(sk), TCP_MIB_OUTSEGS);
|
TCP_INC_STATS(sock_net(sk), TCP_MIB_OUTSEGS);
|
||||||
|
|
Loading…
Reference in a new issue