Gitlab 现已全面支持 git over ssh 与 git over https。通过 HTTPS 访问请配置带有 read_repository / write_repository 权限的 Personal access token。通过 SSH 端口访问请使用 22 端口或 13389 端口。如果使用CAS注册了账户但不知道密码，可以自行至设置中更改；如有其他问题，请发邮件至 service@cra.moe 寻求协助。

Commit 4fddbf8a authored Jun 17, 2019 by David S. Miller

Merge branch 'tcp-fixes'



Eric Dumazet says:

====================
tcp: make sack processing more robust

Jonathan Looney brought to our attention multiple problems
in TCP stack at the sender side.

SACK processing can be abused by malicious peers to either
cause overflows, or increase of memory usage.

First two patches fix the immediate problems.

Since the malicious peers abuse senders by advertizing a very
small MSS in their SYN or SYNACK packet, the last two
patches add a new sysctl so that admins can chose a higher
limit for MSS clamping.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>

parents 6be8e297 967c05ae

Documentation/networking/ip-sysctl.txt

+8 −0

Original line number	Diff line number	Diff line
		@@ -255,6 +255,14 @@ tcp_base_mss - INTEGER
		Path MTU discovery (MTU probing). If MTU probing is enabled,
		this is the initial MSS used by the connection.

		tcp_min_snd_mss - INTEGER
		TCP SYN and SYNACK messages usually advertise an ADVMSS option,
		as described in RFC 1122 and RFC 6691.
		If this ADVMSS option is smaller than tcp_min_snd_mss,
		it is silently capped to tcp_min_snd_mss.

		Default : 48 (at least 8 bytes of payload per segment)

		tcp_congestion_control - STRING
		Set the congestion control algorithm to be used for new
		connections. The algorithm "reno" is always available, but

include/linux/tcp.h

+4 −0

Original line number	Diff line number	Diff line
		@@ -484,4 +484,8 @@ static inline u16 tcp_mss_clamp(const struct tcp_sock *tp, u16 mss)

		return (user_mss && user_mss < mss) ? user_mss : mss;
		}

		int tcp_skb_shift(struct sk_buff to, struct sk_buff from, int pcount,
		int shiftlen);

		#endif /* _LINUX_TCP_H */

include/net/netns/ipv4.h

+1 −0

Original line number	Diff line number	Diff line
		@@ -117,6 +117,7 @@ struct netns_ipv4 {
		#endif
		int sysctl_tcp_mtu_probing;
		int sysctl_tcp_base_mss;
		int sysctl_tcp_min_snd_mss;
		int sysctl_tcp_probe_threshold;
		u32 sysctl_tcp_probe_interval;

include/net/tcp.h

+2 −0

Original line number	Diff line number	Diff line
		@@ -51,6 +51,8 @@ void tcp_time_wait(struct sock *sk, int state, int timeo);

		#define MAX_TCP_HEADER (128 + MAX_HEADER)
		#define MAX_TCP_OPTION_SPACE 40
		#define TCP_MIN_SND_MSS 48
		#define TCP_MIN_GSO_SIZE (TCP_MIN_SND_MSS - MAX_TCP_OPTION_SPACE)

		/*
		* Never offer a window over 32767 without using window scaling. Some

include/uapi/linux/snmp.h

+1 −0

Original line number	Diff line number	Diff line
		@@ -283,6 +283,7 @@ enum
		LINUX_MIB_TCPACKCOMPRESSED, /* TCPAckCompressed */
		LINUX_MIB_TCPZEROWINDOWDROP, /* TCPZeroWindowDrop */
		LINUX_MIB_TCPRCVQDROP, /* TCPRcvQDrop */
		LINUX_MIB_TCPWQUEUETOOBIG, /* TCPWqueueTooBig */
		__LINUX_MIB_MAX
		};

CRA Git | Maintained and supported by SUSTech CRA and CCSE