[Bug 211441] incorrect handling of TCPS_SYN_SENT and TCPS_SYN_RECEIVED in API tcp_usrclosed() in file tcp_usrreq.c

[bugzilla-noreply at freebsd.org]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211441

            Bug ID: 211441
           Summary: incorrect handling of TCPS_SYN_SENT and
                    TCPS_SYN_RECEIVED in API tcp_usrclosed() in file
                    tcp_usrreq.c
           Product: Base System
           Version: CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: standards
          Assignee: freebsd-standards at FreeBSD.org
          Reporter: prabhat at mtree.co.in

Created attachment 173093
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=173093&action=edit
tcp state diagram for quick reference

1) For TCPS_SYN_SENT:

As per TCP state diagram, TCPS_SYN_SENT should switch to TCPS_CLOSED state on
appl:close call or timeout. In current code, at SYN_SENT state, a FIN message
is initiated instead of call to tcp_close() to release PCB and TCP control
block, which leads to incorrect states.

To fix the issue, "case TCPS_SYN_SENT:" must be shifted with the case "case
TCPS_LISTEN:".


2) For TCPS_SYN_RECEIVED:

As per TCP state diagram, on appl:close call, if we are at TCPS_SYN_RECEIVED
state then we just need to send FIN and switch to FIN_WAIT_1 state. In current
code, we are not switching to TCPS_FIN_WAIT_1 state.

To fix this issue, "break;" statement should be removed in the case "case
TCPS_SYN_RECEIVED:" so that it falls through "case TCPS_ESTABLISHED:" where we
are changing state to TCPS_FIN_WAIT_1.

Code fix:
        case TCPS_SYN_RECEIVED:
                tp->t_flags |= TF_NEEDFIN;
                //break;

-- 
You are receiving this mail because:
You are the assignee for the bug.