xref: /linux/tools/testing/selftests/net/packetdrill/tcp_md5_md5-only-on-client-ack.pkt (revision c532de5a67a70f8533d495f8f2aaa9a0491c3ad0) 
1// SPDX-License-Identifier: GPL-2.0
2// Test what happens when client does not provide MD5 on SYN,
3// but then does on the ACK that completes the three-way handshake.
4
5`./defaults.sh`
6
7// Establish a connection.
8    0 socket(..., SOCK_STREAM, IPPROTO_TCP) = 3
9   +0 setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0
10   +0 bind(3, ..., ...) = 0
11   +0 listen(3, 1) = 0
12
13   +0 < S 0:0(0) win 32792 <mss 1000,sackOK,nop,nop,nop,wscale 10>
14   +0 > S. 0:0(0) ack 1 <mss 1460,nop,nop,sackOK,nop,wscale 8>
15// Ooh, weird: client provides MD5 option on the ACK:
16 +.01 < . 1:1(0) ack 1 win 514 <md5 000102030405060708090a0b0c0d0e0f,nop,nop>
17 +.01 < . 1:1(0) ack 1 win 514 <md5 000102030405060708090a0b0c0d0e0f,nop,nop>
18
19// The TCP listener refcount should be 2, but on buggy kernels it can be 0:
20   +0 `grep " 0A " /proc/net/tcp /proc/net/tcp6 | grep ":1F90"`
21
22// Now here comes the legit ACK:
23 +.01 < . 1:1(0) ack 1 win 514
24
25// Make sure the connection is OK:
26   +0 accept(3, ..., ...) = 4
27
28 +.01 write(4, ..., 1000) = 1000
29