From b77bbffe7b4efcb1eeb6f2da9f16e1ba8ecb3053 Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Tue, 9 Dec 2014 13:47:31 +0100
Subject: [PATCH 015/257] ggated: Remove connection if the initial packet
 couldn't be sent

Should help to mitigate DoS after flooding ggated
with incomplete requests:

error: accept(): Software caused connection abort.
error: Exiting.


Obtained from: ElectroBSD
---
 sbin/ggate/ggated/ggated.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sbin/ggate/ggated/ggated.c b/sbin/ggate/ggated/ggated.c
index 36a8d5203b21..7574e20d3480 100644
--- a/sbin/ggate/ggated/ggated.c
+++ b/sbin/ggate/ggated/ggated.c
@@ -928,6 +928,7 @@ handshake(struct sockaddr *from, int sfd)
 	if (data == -1) {
 		sendfail(sfd, errno, "Error while sending initial packet: %s.",
 		    strerror(errno));
+		connection_remove(conn);
 		return (0);
 	}
 
-- 
2.11.0