iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ae36806a62
linux/net
History
Marcelo Ricardo Leitner ae36806a62 sctp: allow authenticating DATA chunks that are bundled with COOKIE_ECHO 
Currently, we can ask to authenticate DATA chunks and we can send DATA
chunks on the same packet as COOKIE_ECHO, but if you try to combine
both, the DATA chunk will be sent unauthenticated and peer won't accept
it, leading to a communication failure.

This happens because even though the data was queued after it was
requested to authenticate DATA chunks, it was also queued before we
could know that remote peer can handle authenticating, so
sctp_auth_send_cid() returns false.

The fix is whenever we set up an active key, re-check send queue for
chunks that now should be authenticated. As a result, such packet will
now contain COOKIE_ECHO + AUTH + DATA chunks, in that order.

Reported-by: Liu Wei <weliu@redhat.com>
Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
Acked-by: Vlad Yasevich <vyasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-06-12 14:18:20 -07:00
..
6lowpan
9p 9p: patches for 4.1 merge window 2015-04-18 17:45:30 -04:00
802
8021q vlan: Correctly propagate promisc|allmulti flags in notifier. 2015-05-14 00:54:32 -04:00
appletalk
atm Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2015-04-15 09:00:47 -07:00
ax25
batman-adv dev: introduce dev_get_iflink() 2015-04-02 14:04:59 -04:00
bluetooth Bluetooth: Fix remote name event return directly. 2015-05-14 10:35:04 +02:00
bridge bridge: fix multicast router rlist endless loop 2015-06-10 22:07:50 -07:00
caif unix/caif: sk_socket can disappear when state is unlocked 2015-05-26 23:19:29 -04:00
can can: introduce new raw socket option to join the given CAN filters 2015-04-01 11:28:22 +02:00
ceph Revert "libceph: clear r_req_lru_item in __unregister_linger_request()" 2015-05-20 21:02:46 +03:00
core net: don't wait for order-3 page allocation 2015-06-11 17:33:44 -07:00
dcb
dccp inet: fix possible panic in reqsk_queue_unlink() 2015-04-24 11:39:15 -04:00
decnet netfilter: Pass socket pointer down through okfn(). 2015-04-07 15:25:55 -04:00
dns_resolver
dsa net: dsa: Properly propagate errors from dsa_switch_setup_one 2015-05-31 21:50:34 -07:00
ethernet
hsr
ieee802154 ieee802154: trace: fix endian convertion 2015-04-30 18:48:11 +02:00
ipv4 ipv4/udp: Verify multicast group is ours in upd_v4_early_demux() 2015-06-04 00:46:26 -07:00
ipv6 Revert "ipv6: Fix protocol resubmission" 2015-06-10 15:29:31 -07:00
ipx
irda
iucv Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-04-02 16:16:53 -04:00
key xfrm: simplify xfrm_address_t use 2015-03-31 13:58:35 -04:00
l2tp Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-04-06 22:34:15 -04:00
lapb
llc
mac80211 mac80211: fix AP_VLAN crypto tailroom calculation 2015-05-20 15:10:11 +02:00
mac802154 Merge branch 'for-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth 2015-05-09 15:51:00 -04:00
mpls mpls: handle device renames for per-device sysctls 2015-06-11 16:47:16 -07:00
netfilter netfilter: nfnetlink_{log,queue}: Register pernet in first place 2015-05-20 13:46:48 +02:00
netlabel netlink: implement nla_put_in_addr and nla_put_in6_addr 2015-03-31 13:58:35 -04:00
netlink netlink: Reset portid after netlink_insert failure 2015-05-16 17:08:57 -04:00
netrom
nfc nfc: Fix portid type in urelease_work 2015-04-13 16:35:16 -04:00
openvswitch openvswitch: disable LRO 2015-06-03 19:39:35 -07:00
packet af_packet / TX_RING not fully non-blocking (w/ MSG_DONTWAIT). 2015-05-10 19:40:08 -04:00
phonet
rds net/rds: RDS-TCP: only initiate reconnect attempt on outgoing TCP socket. 2015-05-09 16:03:28 -04:00
rfkill
rose
rxrpc new helper: msg_data_left() 2015-04-11 15:53:35 -04:00
sched net_sched: invoke ->attach() after setting dev->qdisc 2015-05-27 14:09:55 -04:00
sctp sctp: allow authenticating DATA chunks that are bundled with COOKIE_ECHO 2015-06-12 14:18:20 -07:00
sunrpc svcrpc: fix potential GSSX_ACCEPT_SEC_CONTEXT decoding failures 2015-05-04 12:02:40 -04:00
switchdev rename RTNH_F_EXTERNAL to RTNH_F_OFFLOAD 2015-05-14 22:45:39 -04:00
tipc tipc: disconnect socket directly after probe failure 2015-06-10 22:05:20 -07:00
unix unix/caif: sk_socket can disappear when state is unlocked 2015-05-26 23:19:29 -04:00
vmw_vsock
wimax
wireless cfg80211: wext: clear sinfo struct before calling driver 2015-06-09 13:54:58 -07:00
x25
xfrm xfrm: Override skb->mark with tunnel->parm.i_key in xfrm_input 2015-05-28 06:23:31 +02:00
compat.c net: switch importing msghdr from userland to {compat_,}import_iovec() 2015-04-09 00:02:26 -04:00
Kconfig
Makefile
socket.c VFS: net/: d_inode() annotations 2015-04-15 15:06:56 -04:00
sysctl_net.c