IETF Logo Mail Archive

Re: [tcpm] SYN/ACK Payloads, draft 01

Joe Touch <touch@ISI.EDU> Thu, 14 August 2008 01:02 UTC

Return-Path: <tcpm-bounces@ietf.org>
X-Original-To: tcpm-archive@megatron.ietf.org
Delivered-To: ietfarch-tcpm-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3110A3A6D5C; Wed, 13 Aug 2008 18:02:49 -0700 (PDT)
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D75D23A6D56 for <tcpm@core3.amsl.com>; Wed, 13 Aug 2008 18:02:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.605
X-Spam-Level:
X-Spam-Status: No, score=-0.605 tagged_above=-999 required=5 tests=[AWL=-1.994, BAYES_00=-2.599, FRT_STOCK2=3.988]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ibmr2Zbdbx-5 for <tcpm@core3.amsl.com>; Wed, 13 Aug 2008 18:02:47 -0700 (PDT)
Received: from vapor.isi.edu (vapor.isi.edu [128.9.64.64]) by core3.amsl.com (Postfix) with ESMTP id 2319D3A694C for <tcpm@ietf.org>; Wed, 13 Aug 2008 18:02:47 -0700 (PDT)
Received: from [192.168.1.46] (pool-71-106-119-240.lsanca.dsl-w.verizon.net [71.106.119.240]) by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id m7E12JxZ016063 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Wed, 13 Aug 2008 18:02:21 -0700 (PDT)
Message-ID: <48A383F0.9030601@isi.edu>
Date: Wed, 13 Aug 2008 18:01:36 -0700
From: Joe Touch <touch@ISI.EDU>
User-Agent: Thunderbird 2.0.0.16 (Windows/20080708)
MIME-Version: 1.0
To: Adam Langley <agl@imperialviolet.org>
References: <396556a20808111035s2b974233o1e9d3671e82e3350@mail.gmail.com> <20080813172752.AA7A650846@romeo.rtfm.com> <396556a20808131047q781675a3if23d727ef5ae918f@mail.gmail.com> <20080813181630.A1E6750848@romeo.rtfm.com> <396556a20808131145y1be0fb4saeb7bbf74d078268@mail.gmail.com> <20080813195027.C4C5B50848@romeo.rtfm.com> <396556a20808131307r65a9f6a0oe4365be029620b2c@mail.gmail.com> <48A35CFA.4060709@isi.edu> <396556a20808131525i20dabf06w7a7a11e3468e541a@mail.gmail.com> <48A36104.6000000@isi.edu> <396556a20808131605w2ccac3ceo21160401e4545c15@mail.gmail.com>
In-Reply-To: <396556a20808131605w2ccac3ceo21160401e4545c15@mail.gmail.com>
X-Enigmail-Version: 0.95.6
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Cc: tcpm@ietf.org
Subject: Re: [tcpm] SYN/ACK Payloads, draft 01
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://www.ietf.org/mailman/private/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Sender: tcpm-bounces@ietf.org
Errors-To: tcpm-bounces@ietf.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Adam Langley wrote:
...
| The existing patches make the change fairly easy. From the comments:
|
| "A listening socket is configured with a setsockopt with non-zero
payload len
| and, optionally, TCP_SADATA_INC_NONCE and tcpsa_nonce_offset if the kernel
| should include random data.
|
| On a resulting, accepted socket, a getsockopt reveals:
|   TCP_SADATA_REQ - a SYN/ACK payload was requested
|   TCP_SADATA_NONCE - the 8 random bytes generated are in tcpsa_payload"
|
| So the code looks like:
|
| int newsocket = accept(...)
| getsockopt(newsocket, SOL_TCP, &tcpsa, ...)
| if (TCP_SADATA_REQ & tcpsa.tcpsa_flags) {
|    // The first data from the socket is the client's draft-agl handshake
|    decode_tagged_data(newsocket);
|    ...
| } else {
|    // No special case,
|    continue_as_normal();
| }

I'm wondering why an implementation in user space would expect to find
out anything about a TCP connection that hadn't finished handshaking,
i.e., the accept call above (AFAIR) ought to return only after the end
of the three-way handshake (I'll have to dig out my Stephens book to
confirm, though):

	syn ->
		<- syn/ack
	ack ->
				--->accept returns

The above code would do what you intend only if the accept returns on
the initial SYN. At the very least, even if the accept returns when the
initial SYN is received, by the time the accept returns the syn/ack
ought to have been sent. unix doesn't wait for the accept call to
actually return the syn/ack - various discussions confirm this - or are
you also modifying that code?

Joe

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkijg/AACgkQE5f5cImnZrtQXQCfegdXCInIO9WTnwfjPPGxEbxL
S9EAmwR29E5/8jSnStzOKnSykzAHAfar
=CQVT
-----END PGP SIGNATURE-----
_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www.ietf.org/mailman/listinfo/tcpm

v2.23.0 | Report a Bug | By Email