SACK + MD5 overflows TCP options space

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: "Adam Langley" <agl@imperialviolet.org>
To: netdev@vger.kernel.org
Subject: SACK + MD5 overflows TCP options space
Date: Wed, 28 May 2008 19:30:37 -0700	[thread overview]
Message-ID: <396556a20805281930j4a4521d6r1720f50b02a77476@mail.gmail.com> (raw)

in tcp_output.c:tcp_transmit_skb we have:

ifdef CONFIG_TCP_MD5SIG
	/*
	 * Are we doing MD5 on this segment? If so - make
	 * room for it.
	 */
	md5 = tp->af_specific->md5_lookup(sk, sk);
	if (md5)
		tcp_header_size += TCPOLEN_MD5SIG_ALIGNED;
#endif

However, the SACK option can be at least 18 bytes long (I've not
checked the code here, I've just observed a packet go by with that
much SACK in it). With alignment padding, that's 20 bytes. Plus 12
bytes of timestamp option (aligned). Then, adding 18 bytes of MD5SIG
rolls the TCP header size over and we produce garbage, right?

I'm only asking because I've a patch which adds a similar option and,
when SACK kicks in, I'm getting TCP header sizes of 0 or 8 bytes. If
there's a solution to the MD5 case that I'm missing I'd love to use
it. (Otherwise, I've another bodge up my sleeves)

Cheers

-- 
Adam Langley agl@imperialviolet.org http://www.imperialviolet.org

                 reply	other threads:[~2008-05-29  2:30 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=396556a20805281930j4a4521d6r1720f50b02a77476@mail.gmail.com \
    --to=agl@imperialviolet.org \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).