net: tcp: First check sequence number

Previously, the connection will be reset easily due to a forged TCP
reset with a random sequence number.

As described in RFC793 p.69, we should check if the sequence number
falls into the receiver window at first.

Signed-off-by: Aska Wu <aska.wu@linaro.org>

Author: Aska Wu

subsys/net/ip/net_context.c

@@ -1116,6 +1116,28 @@ NET_CONN_CB(tcp_established)
 
 	tcp_flags = NET_TCP_FLAGS(tcp_hdr);
 
+	if (net_tcp_seq_cmp(sys_get_be32(tcp_hdr->seq),
+			    context->tcp->send_ack) < 0) {
+		/* Peer sent us packet we've already seen. Apparently,
+		 * our ack was lost.
+		 */
+
+		/* RFC793 specifies that "highest" (i.e. current from our PoV)
+		 * ack # value can/should be sent, so we just force resend.
+		 */
+		send_ack(context, &conn->remote_addr, true);
+		return NET_DROP;
+	}
+
+	if (net_tcp_seq_cmp(sys_get_be32(tcp_hdr->seq),
+			    context->tcp->send_ack) > 0) {
+		/* Don't try to reorder packets.  If it doesn't
+		 * match the next segment exactly, drop and wait for
+		 * retransmit
+		 */
+		return NET_DROP;
+	}
+
 	/*
 	 * If we receive RST here, we close the socket. See RFC 793 chapter
 	 * called "Reset Processing" for details.
@@ -1183,27 +1205,6 @@ NET_CONN_CB(tcp_established)
 		context->tcp->fin_rcvd = 1;
 	}
 
-	if (net_tcp_seq_cmp(sys_get_be32(tcp_hdr->seq),
-			    context->tcp->send_ack) < 0) {
-		/* Peer sent us packet we've already seen. Apparently,
-		 * our ack was lost.
-		 */
-
-		/* RFC793 specifies that "highest" (i.e. current from our PoV)
-		 * ack # value can/should be sent, so we just force resend.
-		 */
-		send_ack(context, &conn->remote_addr, true);
-		return NET_DROP;
-	}
-
-	if (sys_get_be32(tcp_hdr->seq) - context->tcp->send_ack) {
-		/* Don't try to reorder packets.  If it doesn't
-		 * match the next segment exactly, drop and wait for
-		 * retransmit
-		 */
-		return NET_DROP;
-	}
-
 	set_appdata_values(pkt, IPPROTO_TCP);
 
 	data_len = net_pkt_appdatalen(pkt);