From fb2ad941958a63912c65c14eb9bb3ed2f79d9916 Mon Sep 17 00:00:00 2001
From: Gunnar Beutner <gbeutner@serenityos.org>
Date: Fri, 30 Apr 2021 21:43:37 +0200
Subject: [PATCH] Kernel: Remove socket from the listener's accept list when it
 is closed

Without this patch we end up with sockets in the listener's accept
queue with state 'closed' when doing stealth SYN scans:

Client -> Server: SYN for port 22
Server -> Client: SYN/ACK
Client -> Server: RST (i.e. don't complete the TCP handshake)
---
 Kernel/Net/TCPSocket.cpp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Kernel/Net/TCPSocket.cpp b/Kernel/Net/TCPSocket.cpp
index 393d4ac53f5..1964da40d38 100644
--- a/Kernel/Net/TCPSocket.cpp
+++ b/Kernel/Net/TCPSocket.cpp
@@ -40,6 +40,9 @@ void TCPSocket::set_state(State new_state)
     if (new_state == State::Closed) {
         Locker locker(closing_sockets().lock());
         closing_sockets().resource().remove(tuple());
+
+        if (m_originator)
+            release_to_originator();
     }
 
     if (previous_role != m_role || was_disconnected != protocol_is_disconnected())
@@ -114,6 +117,7 @@ void TCPSocket::release_to_originator()
 {
     VERIFY(!!m_originator);
     m_originator.strong_ref()->release_for_accept(this);
+    m_originator.clear();
 }
 
 void TCPSocket::release_for_accept(RefPtr<TCPSocket> socket)