git: 462dbcf3ce60 - stable/13 - sctp: enforce Kahn's rule during the handshake

From: Michael Tuexen <tuexen_at_FreeBSD.org>
Date: Sun, 25 Jun 2023 19:34:56 UTC
The branch stable/13 has been updated by tuexen:

URL: https://cgit.FreeBSD.org/src/commit/?id=462dbcf3ce60ecc3dedca61999e52372b8552810

commit 462dbcf3ce60ecc3dedca61999e52372b8552810
Author:     Michael Tuexen <tuexen@FreeBSD.org>
AuthorDate: 2023-03-16 16:40:40 +0000
Commit:     Michael Tuexen <tuexen@FreeBSD.org>
CommitDate: 2023-06-25 19:34:34 +0000

    sctp: enforce Kahn's rule during the handshake
    
    Don't take RTT measurements on packets containing INIT or COOKIE-ECHO
    chunks, when they were retransmitted.
    
    (cherry picked from commit 8ed1e2c88012cfca9fc4131a2637452cc9106b81)
---
 sys/netinet/sctp_input.c | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

diff --git a/sys/netinet/sctp_input.c b/sys/netinet/sctp_input.c
index a0e0d683b5fe..9eeb8f3fbd23 100644
--- a/sys/netinet/sctp_input.c
+++ b/sys/netinet/sctp_input.c
@@ -508,8 +508,6 @@ sctp_process_init_ack(struct mbuf *m, int iphlen, int offset,
 		    SCTP_FROM_SCTP_INPUT,
 		    __LINE__);
 	}
-	stcb->asoc.overall_error_count = 0;
-	net->error_count = 0;
 
 	/*
 	 * Cancel the INIT timer, We do this first before queueing the
@@ -521,8 +519,12 @@ sctp_process_init_ack(struct mbuf *m, int iphlen, int offset,
 	    asoc->primary_destination, SCTP_FROM_SCTP_INPUT + SCTP_LOC_3);
 
 	/* calculate the RTO */
-	sctp_calculate_rto(stcb, asoc, net, &asoc->time_entered,
-	    SCTP_RTT_FROM_NON_DATA);
+	if (asoc->overall_error_count == 0) {
+		sctp_calculate_rto(stcb, asoc, net, &asoc->time_entered,
+		    SCTP_RTT_FROM_NON_DATA);
+	}
+	stcb->asoc.overall_error_count = 0;
+	net->error_count = 0;
 	retval = sctp_send_cookie_echo(m, offset, initack_limit, stcb, net);
 	return (retval);
 }
@@ -2756,7 +2758,6 @@ sctp_handle_cookie_ack(struct sctp_cookie_ack_chunk *cp SCTP_UNUSED,
 		    SCTP_FROM_SCTP_INPUT,
 		    __LINE__);
 	}
-	asoc->overall_error_count = 0;
 	sctp_stop_all_cookie_timers(stcb);
 	/* process according to association state */
 	if (SCTP_GET_STATE(stcb) == SCTP_STATE_COOKIE_ECHOED) {
@@ -2775,6 +2776,12 @@ sctp_handle_cookie_ack(struct sctp_cookie_ack_chunk *cp SCTP_UNUSED,
 			sctp_calculate_rto(stcb, asoc, net, &asoc->time_entered,
 			    SCTP_RTT_FROM_NON_DATA);
 		}
+		/*
+		 * Since we did not send a HB make sure we don't double
+		 * things.
+		 */
+		asoc->overall_error_count = 0;
+		net->hb_responded = 1;
 		(void)SCTP_GETTIME_TIMEVAL(&asoc->time_entered);
 		sctp_ulp_notify(SCTP_NOTIFY_ASSOC_UP, stcb, 0, NULL, SCTP_SO_NOT_LOCKED);
 		if ((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_TCPTYPE) ||
@@ -2784,11 +2791,6 @@ sctp_handle_cookie_ack(struct sctp_cookie_ack_chunk *cp SCTP_UNUSED,
 				soisconnected(stcb->sctp_socket);
 			}
 		}
-		/*
-		 * since we did not send a HB make sure we don't double
-		 * things
-		 */
-		net->hb_responded = 1;
 
 		if (stcb->asoc.state & SCTP_STATE_CLOSED_SOCKET) {
 			/*