From cc2ebfd5f2c73b61590a28ff7d088520ce2c1502 Mon Sep 17 00:00:00 2001
From: Stefano Brivio <sbrivio@redhat.com>
Date: Tue, 24 Aug 2021 18:27:24 +0200
Subject: tcp: Never send ACK because of pending unacknowleged data when
 sending SYN

With a kernel older than 5.3 (no_snd_wnd set), ack_pending in
tcp_send_to_tap() might be true at the beginning of a new connection
initiated by a socket. This means we send the first SYN segment to the
tap together with ACK set, which is clearly invalid and triggers the
receiver to reply with an RST segment right away.

Set ack_pending to 0 whenever we're sending a SYN segment. In case of a
SYN, ACK segment sent by the caller, the caller passes the ACK flag
explicitly.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
---
 tcp.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/tcp.c b/tcp.c
index a4c9114..093f95f 100644
--- a/tcp.c
+++ b/tcp.c
@@ -1137,7 +1137,9 @@ static int tcp_send_to_tap(struct ctx *c, struct tcp_tap_conn *conn,
 		conn->seq_to_tap += len;
 	}
 
-	if (conn->no_snd_wnd) {
+	if (flags & SYN) {
+		ack_pending = 0;
+	} else if (conn->no_snd_wnd) {
 		ack_pending = (conn->seq_from_tap - conn->seq_ack_to_tap) <
 			      MAX_WINDOW;
 	} else {
-- 
cgit v1.2.3