Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow withholding the SYN|ACK packet by user code #863

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Allow withholding the SYN|ACK packet by user code #863

wants to merge 1 commit into from

Conversation

eeeeeta
Copy link

@eeeeeta eeeeeta commented Nov 30, 2023
edited

In certain use cases, it's desirable to not send a SYN|ACK packet immediately after receiving a SYN -- for example, a TCP proxy that doesn't want to do so until it's connected to the end destination, because the outgoing connection might get refused. (Currently, you have to send a SYN|ACK and then reset the connection afterwards in this case, which is what we do in onionmasq.)

To fix this, add a simple synack_paused flag, controllable by user code, that withholds SYN|ACK packets in SynReceived state until it is unset.

@eeeeeta
Allow withholding the SYN|ACK packet by user code
21751ec 
In certain use cases, it's desirable to not send a SYN|ACK packet
immediately after receiving a SYN -- for example, a TCP proxy that
doesn't want to do so until it's connected to the end destination,
because the outgoing connection might get refused. (Currently, you have
to send a SYN|ACK and then reset the connection afterwards in this
case.)

To fix this, add a simple `synack_paused` flag, controllable by user
code, that withholds SYN|ACK packets in `SynReceived` state until it is
unset.
@codecov Codecov
Copy link

codecov bot commented Nov 30, 2023

Codecov Report

Attention: 17 lines in your changes are missing coverage. Please review.

Comparison is base (f3be43a) 79.55% compared to head (21751ec) 79.53%.
Report is 5 commits behind head on main.

Files Patch % Lines
src/socket/raw.rs 44.44% 5 Missing ⚠️
src/socket/udp.rs 44.44% 5 Missing ⚠️
src/socket/tcp.rs 55.55% 4 Missing ⚠️
src/socket/icmp.rs 70.00% 3 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #863      +/-   ##
==========================================
- Coverage   79.55%   79.53%   -0.02%     
==========================================
  Files          78       78              
  Lines       27917    27896      -21     
==========================================
- Hits        22208    22186      -22     
- Misses       5709     5710       +1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

whitequark
whitequark reviewed Dec 2, 2023
View reviewed changes
Copy link
Contributor

@whitequark whitequark left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That seems a rather niche feature and I'm not sure it's pulling its weight in e.g. the size of the already big Socket structure. Is this even available in any other network stack?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@whitequark whitequark whitequark left review comments

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@eeeeeta @whitequark