tcp: rfc 7323: adding PAWS timestamp check on Receive

[a-star]

PAWS = Protection against wrapped sequences

rfc 7323 tells us that “PAWS processing MUST take precedence over the regular TCP acceptability check” and defines two new rules:

R1) If there is a Timestamps option in the arriving segment, SEG.TSval < TS.Recent, TS.Recent is valid (see later discussion), and if the RST bit is not set, then treat the arriving segment as not acceptable:

Send an acknowledgment in reply as specified in Section 3.9 of [RFC0793], page 69, and drop the segment.

R3) If an arriving segment satisfies SEG.TSval >= TS.Recent and SEG.SEQ <= Last.ACK.sent (see Section 4.3), then record its timestamp in TS.Recent.

The rule R3 was already implemented so I implemented R1.

Under section 3.2, the rfc also states that:

“If a non-<RST> segment is received without a TSopt, a TCP SHOULD silently drop the segment. A TCP MUST NOT abort a TCP connection because any segment lacks an expected Tsopt.”

&&

“If a TSopt is received on a connection where TSopt was not negotiated in the initial three-way handshake, the TSopt MUST be ignored and the packet processed normally.”

[axeld]

In line 1527 you manage to write the same test in two different ways, only the second one is correct in terms of our style guide (ie. (a & b) != 0).

[a-star]

Network byte order conversion was not being applied to the timestamp.value field since we simply had to echo it back to the sender. But now with PAWS processing, it checks if segment.timestamp value is less than fReceivedTimestamp and if so discards the packet. Thus the network byte conversion is important otherwise packets will keep on getting dropped.

[a-star]

Modified the patch to include protection against wrapped up time sequences.

[jessicah]

Applied in hrev51385.