1 year ago · cec04d9da6
--- a/src/iface/interface/mod.rs
+++ b/src/iface/interface/mod.rs
@@ -1337,8 +1337,12 @@ impl InterfaceInner {
 
				             }
			
 
				         }
			
 
				 
			
 
				-        if tcp_repr.control == TcpControl::Rst {
			
 
				-            // Never reply to a TCP RST packet with another TCP RST packet.
			
 
				+        if tcp_repr.control == TcpControl::Rst
			
 
				+            || ip_repr.dst_addr().is_unspecified()
			
 
				+            || ip_repr.src_addr().is_unspecified()
			
 
				+        {
			
 
				+            // Never reply to a TCP RST packet with another TCP RST packet. We also never want to
			
 
				+            // send a TCP RST packet with unspecified addresses.
			
 
				             None
			
 
				         } else {
			
 
				             // The packet wasn't handled by a socket, send a TCP RST packet.
			
--- a/src/iface/interface/tests/mod.rs
+++ b/src/iface/interface/tests/mod.rs
@@ -147,3 +147,99 @@ fn test_handle_udp_broadcast(
 
				         Ok((&UDP_PAYLOAD[..], IpEndpoint::new(src_ip.into(), 67).into()))
			
 
				     );
			
 
				 }
			
 
				+
			
 
				+#[test]
			
 
				+#[cfg(all(feature = "socket-tcp", feature = "proto-ipv6"))]
			
 
				+pub fn tcp_not_accepted() {
			
 
				+    use crate::iface::ip_packet::{IpPacket, IpPayload, Ipv6Packet};
			
 
				+
			
 
				+    let (mut iface, mut sockets, _) = setup(Medium::Ip);
			
 
				+    let tcp = TcpRepr {
			
 
				+        src_port: 4242,
			
 
				+        dst_port: 4243,
			
 
				+        control: TcpControl::Syn,
			
 
				+        seq_number: TcpSeqNumber(-10001),
			
 
				+        ack_number: None,
			
 
				+        window_len: 256,
			
 
				+        window_scale: None,
			
 
				+        max_seg_size: None,
			
 
				+        sack_permitted: false,
			
 
				+        sack_ranges: [None, None, None],
			
 
				+        payload: &[],
			
 
				+    };
			
 
				+
			
 
				+    let mut tcp_bytes = vec![0u8; tcp.buffer_len()];
			
 
				+
			
 
				+    tcp.emit(
			
 
				+        &mut TcpPacket::new_unchecked(&mut tcp_bytes),
			
 
				+        &Ipv6Address::new(0xfe80, 0, 0, 0, 0, 0, 0, 2).into(),
			
 
				+        &Ipv6Address::new(0xfe80, 0, 0, 0, 0, 0, 0, 1).into(),
			
 
				+        &ChecksumCapabilities::default(),
			
 
				+    );
			
 
				+
			
 
				+    assert_eq!(
			
 
				+        iface.inner.process_tcp(
			
 
				+            &mut sockets,
			
 
				+            IpRepr::Ipv6(Ipv6Repr {
			
 
				+                src_addr: Ipv6Address::new(0xfe80, 0, 0, 0, 0, 0, 0, 2),
			
 
				+                dst_addr: Ipv6Address::new(0xfe80, 0, 0, 0, 0, 0, 0, 1),
			
 
				+                next_header: IpProtocol::Tcp,
			
 
				+                payload_len: tcp.buffer_len(),
			
 
				+                hop_limit: 64,
			
 
				+            }),
			
 
				+            &tcp_bytes,
			
 
				+        ),
			
 
				+        Some(IpPacket::Ipv6(Ipv6Packet {
			
 
				+            header: Ipv6Repr {
			
 
				+                src_addr: Ipv6Address::new(0xfe80, 0, 0, 0, 0, 0, 0, 1),
			
 
				+                dst_addr: Ipv6Address::new(0xfe80, 0, 0, 0, 0, 0, 0, 2),
			
 
				+                next_header: IpProtocol::Tcp,
			
 
				+                payload_len: tcp.buffer_len(),
			
 
				+                hop_limit: 64,
			
 
				+            },
			
 
				+
			
 
				+            #[cfg(feature = "proto-ipv6-hbh")]
			
 
				+            hop_by_hop: None,
			
 
				+            #[cfg(feature = "proto-ipv6-fragmentation")]
			
 
				+            fragment: None,
			
 
				+            #[cfg(feature = "proto-ipv6-routing")]
			
 
				+            routing: None,
			
 
				+
			
 
				+            payload: IpPayload::Tcp(TcpRepr {
			
 
				+                src_port: 4243,
			
 
				+                dst_port: 4242,
			
 
				+                control: TcpControl::Rst,
			
 
				+                seq_number: TcpSeqNumber(0),
			
 
				+                ack_number: Some(TcpSeqNumber(-10000)),
			
 
				+                window_len: 0,
			
 
				+                window_scale: None,
			
 
				+                max_seg_size: None,
			
 
				+                sack_permitted: false,
			
 
				+                sack_ranges: [None, None, None],
			
 
				+                payload: &[],
			
 
				+            })
			
 
				+        })),
			
 
				+    );
			
 
				+    // Unspecified destination address.
			
 
				+    tcp.emit(
			
 
				+        &mut TcpPacket::new_unchecked(&mut tcp_bytes),
			
 
				+        &Ipv6Address::new(0xfe80, 0, 0, 0, 0, 0, 0, 2).into(),
			
 
				+        &Ipv6Address::UNSPECIFIED.into(),
			
 
				+        &ChecksumCapabilities::default(),
			
 
				+    );
			
 
				+
			
 
				+    assert_eq!(
			
 
				+        iface.inner.process_tcp(
			
 
				+            &mut sockets,
			
 
				+            IpRepr::Ipv6(Ipv6Repr {
			
 
				+                src_addr: Ipv6Address::new(0xfe80, 0, 0, 0, 0, 0, 0, 2),
			
 
				+                dst_addr: Ipv6Address::UNSPECIFIED,
			
 
				+                next_header: IpProtocol::Tcp,
			
 
				+                payload_len: tcp.buffer_len(),
			
 
				+                hop_limit: 64,
			
 
				+            }),
			
 
				+            &tcp_bytes,
			
 
				+        ),
			
 
				+        None,
			
 
				+    );
			
 
				+}