int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb)
{
    struct inet_request_sock *ireq;
    struct tcp_options_received tmp_opt;
    struct request_sock *req;
    __be32 saddr = ip_hdr(skb)->saddr;
    __be32 daddr = ip_hdr(skb)->daddr;
    __u32 isn = TCP_SKB_CB(skb)->when;
    struct dst_entry *dst = NULL;
#ifdef CONFIG_SYN_COOKIES
    int want_cookie = 0;
#else
#define want_cookie 0 /* Argh, why doesn't gcc optimize this :( */
#endif

    /* Never answer to SYNs send to broadcast or multicast */
    if (skb->rtable->rt_flags & (RTCF_BROADCAST | RTCF_MULTICAST))
        goto drop;

    /* TW buckets are converted to open requests without
     * limitations, they conserve resources and peer is
     * evidently real one.
     */
    if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
#ifdef CONFIG_SYN_COOKIES
        if (sysctl_tcp_syncookies) {
            want_cookie = 1;
        } else
#endif
        goto drop;
    }

    /* Accept backlog is full. If we have already queued enough
     * of warm entries in syn queue, drop request. It is better than
     * clogging syn queue with openreqs with exponentially increasing
     * timeout.
     */
    if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
        goto drop;

    req = inet_reqsk_alloc(&tcp_request_sock_ops);
    if (!req)
        goto drop;

#ifdef CONFIG_TCP_MD5SIG
    tcp_rsk(req)->af_specific = &tcp_request_sock_ipv4_ops;
#endif


tcp_clear_options(&tmp_opt);
    tmp_opt.mss_clamp = 536;
    tmp_opt.user_mss = tcp_sk(sk)->rx_opt.user_mss;

    tcp_parse_options(skb, &tmp_opt, 0);

    if (want_cookie && !tmp_opt.saw_tstamp)
        tcp_clear_options(&tmp_opt);

    if (tmp_opt.saw_tstamp && !tmp_opt.rcv_tsval) {
        /* Some OSes (unknown ones, but I see them on web server, which
         * contains information interesting only for windows'
         * users) do not send their stamp in SYN. It is easy case.
         * We simply do not advertise TS support.
         */
        tmp_opt.saw_tstamp = 0;
        tmp_opt.tstamp_ok = 0;
    }
    tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;

    tcp_openreq_init(req, &tmp_opt, skb);

    if (security_inet_conn_request(sk, skb, req))
        goto drop_and_free;

    ireq = inet_rsk(req);
    ireq->loc_addr = daddr;
    ireq->rmt_addr = saddr;
    ireq->opt = tcp_v4_save_options(sk, skb);


struct tcp_options_received {
/*    PAWS/RTTM data    */
    long    ts_recent_stamp;/* Time we stored ts_recent (for aging) */
    u32    ts_recent;    /* Time stamp to echo next        */
    u32    rcv_tsval;    /* Time stamp value     */
    u32    rcv_tsecr;    /* Time stamp echo reply     */
    u16     saw_tstamp : 1,    /* Saw TIMESTAMP on last packet        */
        tstamp_ok : 1,    /* TIMESTAMP seen on SYN packet        */
        dsack : 1,    /* D-SACK is scheduled            */
        wscale_ok : 1,    /* Wscale seen on SYN packet        */
        sack_ok : 4,    /* SACK seen on SYN packet        */
        snd_wscale : 4,    /* Window scaling received from sender    */
        rcv_wscale : 4;    /* Window scaling to send to receiver    */
/*    SACKs data    */
    u8    eff_sacks;    /* Size of SACK array to send with next packet */
    u8    num_sacks;    /* Number of SACK blocks        */
    u16    user_mss;     /* mss requested by user in ioctl */
    u16    mss_clamp;    /* Maximal mss, negotiated at connection setup */
};


struct inet_request_sock {
    struct request_sock    req;
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
    u16            inet6_rsk_offset;
    /* 2 bytes hole, try to pack */
#endif
    __be32            loc_addr;
    __be32            rmt_addr;
    __be16            rmt_port;
    u16            snd_wscale : 4,
                rcv_wscale : 4,
                tstamp_ok : 1,
                sack_ok     : 1,
                wscale_ok : 1,
                ecn_ok     : 1,
                acked     : 1;
    struct ip_options    *opt;
};


static struct ip_options *tcp_v4_save_options(struct sock *sk,
                     struct sk_buff *skb)
{
    struct ip_options *opt = &(IPCB(skb)->opt);
    struct ip_options *dopt = NULL;

    if (opt && opt->optlen) {
        int opt_size = optlength(opt);
        dopt = kmalloc(opt_size, GFP_ATOMIC);
        if (dopt) {
            if (ip_options_echo(dopt, skb)) {
                kfree(dopt);
                dopt = NULL;
            }
        }
    }
    return dopt;
}


if (!want_cookie)
        TCP_ECN_create_request(req, tcp_hdr(skb));

    if (want_cookie) {
#ifdef CONFIG_SYN_COOKIES
        syn_flood_warning(skb);
        req->cookie_ts = tmp_opt.tstamp_ok;
#endif
        isn = cookie_v4_init_sequence(sk, skb, &req->mss);
    } else if (!isn) {
        struct inet_peer *peer = NULL;

        /* VJ's idea. We save last timestamp seen
         * from the destination in peer table, when entering
         * state TIME-WAIT, and check against it before
         * accepting new connection request.
         *
         * If "isn" is not zero, this request hit alive
         * timewait bucket, so that all the necessary checks
         * are made in the function processing timewait state.
         */
        if (tmp_opt.saw_tstamp &&
         tcp_death_row.sysctl_tw_recycle &&
         (dst = inet_csk_route_req(sk, req)) != NULL &&
         (peer = rt_get_peer((struct rtable *)dst)) != NULL &&
         peer->v4daddr == saddr) {
            if (get_seconds() < peer->tcp_ts_stamp + TCP_PAWS_MSL &&
             (s32)(peer->tcp_ts - req->ts_recent) >
                            TCP_PAWS_WINDOW) {
                NET_INC_STATS_BH(LINUX_MIB_PAWSPASSIVEREJECTED);
                goto drop_and_release;
            }
        }
        /* Kill the following clause, if you dislike this way. */
        else if (!sysctl_tcp_syncookies &&
             (sysctl_max_syn_backlog - inet_csk_reqsk_queue_len(sk) <
             (sysctl_max_syn_backlog >> 2)) &&
             (!peer || !peer->tcp_ts_stamp) &&
             (!dst || !dst_metric(dst, RTAX_RTT))) {
            /* Without syncookies last quarter of
             * backlog is filled with destinations,
             * proven to be alive.
             * It means that we continue to communicate
             * to destinations, already remembered
             * to the moment of synflood.
             */
            LIMIT_NETDEBUG(KERN_DEBUG "TCP: drop open "
                 "request from " NIPQUAD_FMT "/%u\n",
                 NIPQUAD(saddr),
                 ntohs(tcp_hdr(skb)->source));
            goto drop_and_release;
        }

        isn = tcp_v4_init_sequence(skb);
    }
    tcp_rsk(req)->snt_isn = isn;

    if (__tcp_v4_send_synack(sk, req, dst) || want_cookie)
        goto drop_and_free;

    inet_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
    return 0;

drop_and_release:
    dst_release(dst);
drop_and_free:
    reqsk_free(req);
drop:
    return 0;
}


void inet_csk_reqsk_queue_hash_add(struct sock *sk, struct request_sock *req,
                 unsigned long timeout)
{
    struct inet_connection_sock *icsk = inet_csk(sk);
    struct listen_sock *lopt = icsk->icsk_accept_queue.listen_opt;
    const u32 h = inet_synq_hash(inet_rsk(req)->rmt_addr, inet_rsk(req)->rmt_port,
                 lopt->hash_rnd, lopt->nr_table_entries);

    reqsk_queue_hash_req(&icsk->icsk_accept_queue, h, req, timeout);
    inet_csk_reqsk_queue_added(sk, timeout);
}


static inline void inet_csk_reqsk_queue_added(struct sock *sk,
                     const unsigned long timeout)
{
    if (reqsk_queue_added(&inet_csk(sk)->icsk_accept_queue) == 0)
        inet_csk_reset_keepalive_timer(sk, timeout);
}


static struct sock *tcp_v4_hnd_req(struct sock *sk, struct sk_buff *skb)
{
    struct tcphdr *th = tcp_hdr(skb);
    const struct iphdr *iph = ip_hdr(skb);
    struct sock *nsk;
    struct request_sock **prev;
    /* Find possible connection requests. */
    struct request_sock *req = inet_csk_search_req(sk, &prev, th->source,
                         iph->saddr, iph->daddr);
    if (req)
        return tcp_check_req(sk, skb, req, prev);

    nsk = inet_lookup_established(sock_net(sk), &tcp_hashinfo, iph->saddr,
            th->source, iph->daddr, th->dest, inet_iif(skb));

    if (nsk) {
        if (nsk->sk_state != TCP_TIME_WAIT) {
            bh_lock_sock(nsk);
            return nsk;
        }
        inet_twsk_put(inet_twsk(nsk));
        return NULL;
    }

#ifdef CONFIG_SYN_COOKIES
    if (!th->rst && !th->syn && th->ack)
        sk = cookie_v4_check(sk, skb, &(IPCB(skb)->opt));
#endif
    return sk;
}


struct sock *tcp_check_req(struct sock *sk,struct sk_buff *skb,
             struct request_sock *req,
             struct request_sock **prev)
{
    const struct tcphdr *th = tcp_hdr(skb);
    __be32 flg = tcp_flag_word(th) & (TCP_FLAG_RST|TCP_FLAG_SYN|TCP_FLAG_ACK);
    int paws_reject = 0;
    struct tcp_options_received tmp_opt;
    struct sock *child;

    tmp_opt.saw_tstamp = 0;
    if (th->doff > (sizeof(struct tcphdr)>>2)) {
        tcp_parse_options(skb, &tmp_opt, 0);

        if (tmp_opt.saw_tstamp) {
            tmp_opt.ts_recent = req->ts_recent;
            /* We do not store true stamp, but it is not required,
             * it can be estimated (approximately)
             * from another data.
             */
            tmp_opt.ts_recent_stamp = get_seconds() - ((TCP_TIMEOUT_INIT/HZ)<<req->retrans);
            paws_reject = tcp_paws_check(&tmp_opt, th->rst);
        }
    }

    /* Check for pure retransmitted SYN. */
    if (TCP_SKB_CB(skb)->seq == tcp_rsk(req)->rcv_isn &&
     flg == TCP_FLAG_SYN &&
     !paws_reject) {
        /*
         * RFC793 draws (Incorrectly! It was fixed in RFC1122)
         * this case on figure 6 and figure 8, but formal
         * protocol description says NOTHING.
         * To be more exact, it says that we should send ACK,
         * because this segment (at least, if it has no data)
         * is out of window.
         *
         * CONCLUSION: RFC793 (even with RFC1122) DOES NOT
         * describe SYN-RECV state. All the description
         * is wrong, we cannot believe to it and should
         * rely only on common sense and implementation
         * experience.
         *
         * Enforce "SYN-ACK" according to figure 8, figure 6
         * of RFC793, fixed by RFC1122.
         */
        req->rsk_ops->rtx_syn_ack(sk, req);
        return NULL;
    }

    /* Further reproduces section "SEGMENT ARRIVES"
     for state SYN-RECEIVED of RFC793.
     It is broken, however, it does not work only
     when SYNs are crossed.

     You would think that SYN crossing is impossible here, since
     we should have a SYN_SENT socket (from connect()) on our end,
     but this is not true if the crossed SYNs were sent to both
     ends by a malicious third party. We must defend against this,
     and to do that we first verify the ACK (as per RFC793, page
     36) and reset if it is invalid. Is this a true full defense?
     To convince ourselves, let us consider a way in which the ACK
     test can still pass in this 'malicious crossed SYNs' case.
     Malicious sender sends identical SYNs (and thus identical sequence
     numbers) to both A and B:

        A: gets SYN, seq=7
        B: gets SYN, seq=7

     By our good fortune, both A and B select the same initial
     send sequence number of seven :-)

        A: sends SYN|ACK, seq=7, ack_seq=8
        B: sends SYN|ACK, seq=7, ack_seq=8

     So we are now A eating this SYN|ACK, ACK test passes. So
     does sequence test, SYN is truncated, and thus we consider
     it a bare ACK.

     If icsk->icsk_accept_queue.rskq_defer_accept, we silently drop this
     bare ACK. Otherwise, we create an established connection. Both
     ends (listening sockets) accept the new incoming connection and try
     to talk to each other. 8-)

     Note: This case is both harmless, and rare. Possibility is about the
     same as us discovering intelligent life on another plant tomorrow.

     But generally, we should (RFC lies!) to accept ACK
     from SYNACK both here and in tcp_rcv_state_process().
     tcp_rcv_state_process() does not, hence, we do not too.

     Note that the case is absolutely generic:
     we cannot optimize anything here without
     violating protocol. All the checks must be made
     before attempt to create socket.
     */

    /* RFC793 page 36: "If the connection is in any non-synchronized state ...
     * and the incoming segment acknowledges something not yet
     * sent (the segment carries an unacceptable ACK) ...
     * a reset is sent."
     *
     * Invalid ACK: reset will be sent by listening socket
     */
    if ((flg & TCP_FLAG_ACK) &&
     (TCP_SKB_CB(skb)->ack_seq != tcp_rsk(req)->snt_isn + 1))
        return sk;

    /* Also, it would be not so bad idea to check rcv_tsecr, which
     * is essentially ACK extension and too early or too late values
     * should cause reset in unsynchronized states.
     */

    /* RFC793: "first check sequence number". */

    if (paws_reject || !tcp_in_window(TCP_SKB_CB(skb)->seq, TCP_SKB_CB(skb)->end_seq,
                     tcp_rsk(req)->rcv_isn + 1, tcp_rsk(req)->rcv_isn + 1 + req->rcv_wnd)) {
        /* Out of window: send ACK and drop. */
        if (!(flg & TCP_FLAG_RST))
            req->rsk_ops->send_ack(skb, req);
        if (paws_reject)
            NET_INC_STATS_BH(LINUX_MIB_PAWSESTABREJECTED);
        return NULL;
    }

    /* In sequence, PAWS is OK. */

    if (tmp_opt.saw_tstamp && !after(TCP_SKB_CB(skb)->seq, tcp_rsk(req)->rcv_isn + 1))
            req->ts_recent = tmp_opt.rcv_tsval;

        if (TCP_SKB_CB(skb)->seq == tcp_rsk(req)->rcv_isn) {
            /* Truncate SYN, it is out of window starting
             at tcp_rsk(req)->rcv_isn + 1. */
            flg &= ~TCP_FLAG_SYN;
        }

        /* RFC793: "second check the RST bit" and
         *     "fourth, check the SYN bit"
         */
        if (flg & (TCP_FLAG_RST|TCP_FLAG_SYN)) {
            TCP_INC_STATS_BH(TCP_MIB_ATTEMPTFAILS);
            goto embryonic_reset;
        }

        /* ACK sequence verified above, just make sure ACK is
         * set. If ACK not set, just silently drop the packet.
         */
        if (!(flg & TCP_FLAG_ACK))
            return NULL;

        /* If TCP_DEFER_ACCEPT is set, drop bare ACK. */
        if (inet_csk(sk)->icsk_accept_queue.rskq_defer_accept &&
         TCP_SKB_CB(skb)->end_seq == tcp_rsk(req)->rcv_isn + 1) {
            inet_rsk(req)->acked = 1;
            return NULL;
        }

        /* OK, ACK is valid, create big socket and
         * feed this segment to it. It will repeat all
         * the tests. THIS SEGMENT MUST MOVE SOCKET TO
         * ESTABLISHED STATE. If it will be dropped after
         * socket is created, wait for troubles.
         */
        child = inet_csk(sk)->icsk_af_ops->syn_recv_sock(sk, skb,
                                 req, NULL);
        if (child == NULL)
            goto listen_overflow;
#ifdef CONFIG_TCP_MD5SIG
        else {
            /* Copy over the MD5 key from the original socket */
            struct tcp_md5sig_key *key;
            struct tcp_sock *tp = tcp_sk(sk);
            key = tp->af_specific->md5_lookup(sk, child);
            if (key != NULL) {
                /*
                 * We're using one, so create a matching key on the
                 * newsk structure. If we fail to get memory then we
                 * end up not copying the key across. Shucks.
                 */
                char *newkey = kmemdup(key->key, key->keylen,
                         GFP_ATOMIC);
                if (newkey) {
                    if (!tcp_alloc_md5sig_pool())
                        BUG();
                    tp->af_specific->md5_add(child, child,
                                 newkey,
                                 key->keylen);
                }
            }
        }
#endif

        inet_csk_reqsk_queue_unlink(sk, req, prev);
        inet_csk_reqsk_queue_removed(sk, req);

        inet_csk_reqsk_queue_add(sk, req, child);
        return child;

    listen_overflow:
        if (!sysctl_tcp_abort_on_overflow) {
            inet_rsk(req)->acked = 1;
            return NULL;
        }

    embryonic_reset:
        NET_INC_STATS_BH(LINUX_MIB_EMBRYONICRSTS);
        if (!(flg & TCP_FLAG_RST))
            req->rsk_ops->send_reset(sk, skb);

        inet_csk_reqsk_queue_drop(sk, req, prev);
        return NULL;
}


static inline void inet_csk_reqsk_queue_add(struct sock *sk,
                     struct request_sock *req,
                     struct sock *child)
{
    reqsk_queue_add(&inet_csk(sk)->icsk_accept_queue, req, sk, child);
}
static inline void reqsk_queue_add(struct request_sock_queue *queue,
                 struct request_sock *req,
                 struct sock *parent,
                 struct sock *child)
{
    req->sk = child;
    sk_acceptq_added(parent);

    if (queue->rskq_accept_head == NULL)
        queue->rskq_accept_head = req;
    else
        queue->rskq_accept_tail->dl_next = req;

    queue->rskq_accept_tail = req;
    req->dl_next = NULL;
}


        child = inet_csk(sk)->icsk_af_ops->syn_recv_sock(sk, skb,

.syn_recv_sock = tcp_v4_syn_recv_sock,

struct sock *tcp_v4_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
                 struct request_sock *req,
                 struct dst_entry *dst)
{
    struct inet_request_sock *ireq;
    struct inet_sock *newinet;
    struct tcp_sock *newtp;
    struct sock *newsk;
#ifdef CONFIG_TCP_MD5SIG
    struct tcp_md5sig_key *key;
#endif

    if (sk_acceptq_is_full(sk))
        goto exit_overflow;

    if (!dst && (dst = inet_csk_route_req(sk, req)) == NULL)
        goto exit;

    newsk = tcp_create_openreq_child(sk, req, skb);
    if (!newsk)
        goto exit;

    newsk->sk_gso_type = SKB_GSO_TCPV4;
    sk_setup_caps(newsk, dst);

    newtp         = tcp_sk(newsk);
    newinet         = inet_sk(newsk);
    ireq         = inet_rsk(req);
    newinet->daddr     = ireq->rmt_addr;
    newinet->rcv_saddr = ireq->loc_addr;
    newinet->saddr     = ireq->loc_addr;
    newinet->opt     = ireq->opt;
    ireq->opt     = NULL;
    newinet->mc_index = inet_iif(skb);
    newinet->mc_ttl     = ip_hdr(skb)->ttl;
    inet_csk(newsk)->icsk_ext_hdr_len = 0;
    if (newinet->opt)
        inet_csk(newsk)->icsk_ext_hdr_len = newinet->opt->optlen;
    newinet->id = newtp->write_seq ^ jiffies;

    tcp_mtup_init(newsk);
    tcp_sync_mss(newsk, dst_mtu(dst));
    newtp->advmss = dst_metric(dst, RTAX_ADVMSS);
    tcp_initialize_rcv_mss(newsk);

#ifdef CONFIG_TCP_MD5SIG
    /* Copy over the MD5 key from the original socket */
    if ((key = tcp_v4_md5_do_lookup(sk, newinet->daddr)) != NULL) {
        /*
         * We're using one, so create a matching key
         * on the newsk structure. If we fail to get
         * memory, then we end up not copying the key
         * across. Shucks.
         */
        char *newkey = kmemdup(key->key, key->keylen, GFP_ATOMIC);
        if (newkey != NULL)
            tcp_v4_md5_do_add(newsk, inet_sk(sk)->daddr,
                     newkey, key->keylen);
    }
#endif

    __inet_hash_nolisten(newsk);
    __inet_inherit_port(sk, newsk);

    return newsk;

exit_overflow:
    NET_INC_STATS_BH(LINUX_MIB_LISTENOVERFLOWS);
exit:
    NET_INC_STATS_BH(LINUX_MIB_LISTENDROPS);
    dst_release(dst);
    return NULL;
}


struct sock *tcp_create_openreq_child(struct sock *sk, struct request_sock *req, struct sk_buff *skb)
{
    struct sock *newsk = inet_csk_clone(sk, req, GFP_ATOMIC);

    if (newsk != NULL) {
        const struct inet_request_sock *ireq = inet_rsk(req);
        struct tcp_request_sock *treq = tcp_rsk(req);
        struct inet_connection_sock *newicsk = inet_csk(newsk);
        struct tcp_sock *newtp;

        /* Now setup tcp_sock */
        newtp = tcp_sk(newsk);
        newtp->pred_flags = 0;
        newtp->rcv_wup = newtp->copied_seq = newtp->rcv_nxt = treq->rcv_isn + 1;
        newtp->snd_sml = newtp->snd_una = newtp->snd_nxt = treq->snt_isn + 1;

        tcp_prequeue_init(newtp);

        tcp_init_wl(newtp, treq->snt_isn, treq->rcv_isn);

        newtp->srtt = 0;
        newtp->mdev = TCP_TIMEOUT_INIT;
        newicsk->icsk_rto = TCP_TIMEOUT_INIT;

        newtp->packets_out = 0;
        newtp->retrans_out = 0;
        newtp->sacked_out = 0;
        newtp->fackets_out = 0;
        newtp->snd_ssthresh = 0x7fffffff;

        /* So many TCP implementations out there (incorrectly) count the
         * initial SYN frame in their delayed-ACK and congestion control
         * algorithms that we must have the following bandaid to talk
         * efficiently to them. -DaveM
         */
        newtp->snd_cwnd = 2;
        newtp->snd_cwnd_cnt = 0;
        newtp->bytes_acked = 0;

        newtp->frto_counter = 0;
        newtp->frto_highmark = 0;

        newicsk->icsk_ca_ops = &tcp_init_congestion_ops;

        tcp_set_ca_state(newsk, TCP_CA_Open);
        tcp_init_xmit_timers(newsk);
        skb_queue_head_init(&newtp->out_of_order_queue);
        newtp->write_seq = treq->snt_isn + 1;
        newtp->pushed_seq = newtp->write_seq;

        newtp->rx_opt.saw_tstamp = 0;

        newtp->rx_opt.dsack = 0;
        newtp->rx_opt.eff_sacks = 0;

        newtp->rx_opt.num_sacks = 0;
        newtp->urg_data = 0;

        if (sock_flag(newsk, SOCK_KEEPOPEN))
            inet_csk_reset_keepalive_timer(newsk,
                         keepalive_time_when(newtp));

        newtp->rx_opt.tstamp_ok = ireq->tstamp_ok;
        if ((newtp->rx_opt.sack_ok = ireq->sack_ok) != 0) {
            if (sysctl_tcp_fack)
                tcp_enable_fack(newtp);
        }
        newtp->window_clamp = req->window_clamp;
        newtp->rcv_ssthresh = req->rcv_wnd;
        newtp->rcv_wnd = req->rcv_wnd;
        newtp->rx_opt.wscale_ok = ireq->wscale_ok;
        if (newtp->rx_opt.wscale_ok) {
            newtp->rx_opt.snd_wscale = ireq->snd_wscale;
            newtp->rx_opt.rcv_wscale = ireq->rcv_wscale;
        } else {
            newtp->rx_opt.snd_wscale = newtp->rx_opt.rcv_wscale = 0;
            newtp->window_clamp = min(newtp->window_clamp, 65535U);
        }
        newtp->snd_wnd = (ntohs(tcp_hdr(skb)->window) <<
                 newtp->rx_opt.snd_wscale);
        newtp->max_window = newtp->snd_wnd;

        if (newtp->rx_opt.tstamp_ok) {
            newtp->rx_opt.ts_recent = req->ts_recent;
            newtp->rx_opt.ts_recent_stamp = get_seconds();
            newtp->tcp_header_len = sizeof(struct tcphdr) + TCPOLEN_TSTAMP_ALIGNED;
        } else {
            newtp->rx_opt.ts_recent_stamp = 0;
            newtp->tcp_header_len = sizeof(struct tcphdr);
        }
#ifdef CONFIG_TCP_MD5SIG
        newtp->md5sig_info = NULL;    /*XXX*/
        if (newtp->af_specific->md5_lookup(sk, newsk))
            newtp->tcp_header_len += TCPOLEN_MD5SIG_ALIGNED;
#endif
        if (skb->len >= TCP_MIN_RCVMSS+newtp->tcp_header_len)
            newicsk->icsk_ack.last_seg_size = skb->len - newtp->tcp_header_len;
        newtp->rx_opt.mss_clamp = req->mss;
        TCP_ECN_openreq_child(newtp, req);

        TCP_INC_STATS_BH(TCP_MIB_PASSIVEOPENS);
    }
    return newsk;
}