diff options
author | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-01-31 19:58:12 -0500 |
---|---|---|
committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-01-31 19:58:12 -0500 |
commit | 190ff5b3a168b666925897558998b5d97fec8731 (patch) | |
tree | 9c87169011f48e1ef10a46fcb2050a8795c69161 | |
parent | 6fd6b17c6d9713f56b5f20903ec3e00fa6cc435e (diff) | |
parent | 2e5530236645a042e1481aa19879b819c3e8f5c9 (diff) |
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6:
[NETFILTER]: xt_hashlimit: fix ip6tables dependency
[SCTP]: Force update of the rto when processing HB-ACK
[IPV6]: fix BUG of ndisc_send_redirect()
[IPV6]: Fix up some CONFIG typos
[NETFILTER]: SIP conntrack: fix out of bounds memory access
[NETFILTER]: SIP conntrack: fix skipping over user info in SIP headers
[NETFILTER]: xt_connbytes: fix division by zero
[MAINTAINERS]: netfilter@ is subscribers-only
-rw-r--r-- | MAINTAINERS | 2 | ||||
-rw-r--r-- | net/ipv4/netfilter/ip_conntrack_sip.c | 10 | ||||
-rw-r--r-- | net/ipv6/addrconf.c | 4 | ||||
-rw-r--r-- | net/ipv6/ndisc.c | 7 | ||||
-rw-r--r-- | net/netfilter/Kconfig | 2 | ||||
-rw-r--r-- | net/netfilter/nf_conntrack_sip.c | 10 | ||||
-rw-r--r-- | net/netfilter/xt_connbytes.c | 29 | ||||
-rw-r--r-- | net/sctp/sm_sideeffect.c | 6 |
8 files changed, 45 insertions, 25 deletions
diff --git a/MAINTAINERS b/MAINTAINERS index 1446cc41c12f..a275f72ed5f7 100644 --- a/MAINTAINERS +++ b/MAINTAINERS | |||
@@ -2288,7 +2288,7 @@ P: Jozsef Kadlecsik | |||
2288 | P: Patrick McHardy | 2288 | P: Patrick McHardy |
2289 | M: kaber@trash.net | 2289 | M: kaber@trash.net |
2290 | L: netfilter-devel@lists.netfilter.org | 2290 | L: netfilter-devel@lists.netfilter.org |
2291 | L: netfilter@lists.netfilter.org | 2291 | L: netfilter@lists.netfilter.org (subscribers-only) |
2292 | L: coreteam@netfilter.org | 2292 | L: coreteam@netfilter.org |
2293 | W: http://www.netfilter.org/ | 2293 | W: http://www.netfilter.org/ |
2294 | W: http://www.iptables.org/ | 2294 | W: http://www.iptables.org/ |
diff --git a/net/ipv4/netfilter/ip_conntrack_sip.c b/net/ipv4/netfilter/ip_conntrack_sip.c index 3a26d63eed88..11c588a10e6b 100644 --- a/net/ipv4/netfilter/ip_conntrack_sip.c +++ b/net/ipv4/netfilter/ip_conntrack_sip.c | |||
@@ -283,10 +283,16 @@ static int skp_epaddr_len(const char *dptr, const char *limit, int *shift) | |||
283 | { | 283 | { |
284 | int s = *shift; | 284 | int s = *shift; |
285 | 285 | ||
286 | for (; dptr <= limit && *dptr != '@'; dptr++) | 286 | /* Search for @, but stop at the end of the line. |
287 | * We are inside a sip: URI, so we don't need to worry about | ||
288 | * continuation lines. */ | ||
289 | while (dptr <= limit && | ||
290 | *dptr != '@' && *dptr != '\r' && *dptr != '\n') { | ||
287 | (*shift)++; | 291 | (*shift)++; |
292 | dptr++; | ||
293 | } | ||
288 | 294 | ||
289 | if (*dptr == '@') { | 295 | if (dptr <= limit && *dptr == '@') { |
290 | dptr++; | 296 | dptr++; |
291 | (*shift)++; | 297 | (*shift)++; |
292 | } else | 298 | } else |
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index 2a7e4618f526..e3854696988d 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c | |||
@@ -3393,7 +3393,7 @@ static void inline ipv6_store_devconf(struct ipv6_devconf *cnf, | |||
3393 | #ifdef CONFIG_IPV6_ROUTER_PREF | 3393 | #ifdef CONFIG_IPV6_ROUTER_PREF |
3394 | array[DEVCONF_ACCEPT_RA_RTR_PREF] = cnf->accept_ra_rtr_pref; | 3394 | array[DEVCONF_ACCEPT_RA_RTR_PREF] = cnf->accept_ra_rtr_pref; |
3395 | array[DEVCONF_RTR_PROBE_INTERVAL] = cnf->rtr_probe_interval; | 3395 | array[DEVCONF_RTR_PROBE_INTERVAL] = cnf->rtr_probe_interval; |
3396 | #ifdef CONFIV_IPV6_ROUTE_INFO | 3396 | #ifdef CONFIG_IPV6_ROUTE_INFO |
3397 | array[DEVCONF_ACCEPT_RA_RT_INFO_MAX_PLEN] = cnf->accept_ra_rt_info_max_plen; | 3397 | array[DEVCONF_ACCEPT_RA_RT_INFO_MAX_PLEN] = cnf->accept_ra_rt_info_max_plen; |
3398 | #endif | 3398 | #endif |
3399 | #endif | 3399 | #endif |
@@ -3898,7 +3898,7 @@ static struct addrconf_sysctl_table | |||
3898 | .proc_handler = &proc_dointvec_jiffies, | 3898 | .proc_handler = &proc_dointvec_jiffies, |
3899 | .strategy = &sysctl_jiffies, | 3899 | .strategy = &sysctl_jiffies, |
3900 | }, | 3900 | }, |
3901 | #ifdef CONFIV_IPV6_ROUTE_INFO | 3901 | #ifdef CONFIG_IPV6_ROUTE_INFO |
3902 | { | 3902 | { |
3903 | .ctl_name = NET_IPV6_ACCEPT_RA_RT_INFO_MAX_PLEN, | 3903 | .ctl_name = NET_IPV6_ACCEPT_RA_RT_INFO_MAX_PLEN, |
3904 | .procname = "accept_ra_rt_info_max_plen", | 3904 | .procname = "accept_ra_rt_info_max_plen", |
diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c index 6a9f616de37d..39bb658f3c44 100644 --- a/net/ipv6/ndisc.c +++ b/net/ipv6/ndisc.c | |||
@@ -1413,6 +1413,13 @@ void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh, | |||
1413 | return; | 1413 | return; |
1414 | } | 1414 | } |
1415 | 1415 | ||
1416 | if (!ipv6_addr_equal(&skb->nh.ipv6h->daddr, target) && | ||
1417 | !(ipv6_addr_type(target) & IPV6_ADDR_LINKLOCAL)) { | ||
1418 | ND_PRINTK2(KERN_WARNING | ||
1419 | "ICMPv6 Redirect: target address is not link-local.\n"); | ||
1420 | return; | ||
1421 | } | ||
1422 | |||
1416 | ndisc_flow_init(&fl, NDISC_REDIRECT, &saddr_buf, &skb->nh.ipv6h->saddr, | 1423 | ndisc_flow_init(&fl, NDISC_REDIRECT, &saddr_buf, &skb->nh.ipv6h->saddr, |
1417 | dev->ifindex); | 1424 | dev->ifindex); |
1418 | 1425 | ||
diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig index cd10e44db015..2a2bcb303bfa 100644 --- a/net/netfilter/Kconfig +++ b/net/netfilter/Kconfig | |||
@@ -628,7 +628,7 @@ config NETFILTER_XT_MATCH_TCPMSS | |||
628 | 628 | ||
629 | config NETFILTER_XT_MATCH_HASHLIMIT | 629 | config NETFILTER_XT_MATCH_HASHLIMIT |
630 | tristate '"hashlimit" match support' | 630 | tristate '"hashlimit" match support' |
631 | depends on NETFILTER_XTABLES | 631 | depends on NETFILTER_XTABLES && (IP6_NF_IPTABLES || IP6_NF_IPTABLES=n) |
632 | help | 632 | help |
633 | This option adds a `hashlimit' match. | 633 | This option adds a `hashlimit' match. |
634 | 634 | ||
diff --git a/net/netfilter/nf_conntrack_sip.c b/net/netfilter/nf_conntrack_sip.c index eb2a2411f97b..9dec11534678 100644 --- a/net/netfilter/nf_conntrack_sip.c +++ b/net/netfilter/nf_conntrack_sip.c | |||
@@ -303,10 +303,16 @@ static int skp_epaddr_len(struct nf_conn *ct, const char *dptr, | |||
303 | { | 303 | { |
304 | int s = *shift; | 304 | int s = *shift; |
305 | 305 | ||
306 | for (; dptr <= limit && *dptr != '@'; dptr++) | 306 | /* Search for @, but stop at the end of the line. |
307 | * We are inside a sip: URI, so we don't need to worry about | ||
308 | * continuation lines. */ | ||
309 | while (dptr <= limit && | ||
310 | *dptr != '@' && *dptr != '\r' && *dptr != '\n') { | ||
307 | (*shift)++; | 311 | (*shift)++; |
312 | dptr++; | ||
313 | } | ||
308 | 314 | ||
309 | if (*dptr == '@') { | 315 | if (dptr <= limit && *dptr == '@') { |
310 | dptr++; | 316 | dptr++; |
311 | (*shift)++; | 317 | (*shift)++; |
312 | } else | 318 | } else |
diff --git a/net/netfilter/xt_connbytes.c b/net/netfilter/xt_connbytes.c index d93cb096a675..5e32dfa2668b 100644 --- a/net/netfilter/xt_connbytes.c +++ b/net/netfilter/xt_connbytes.c | |||
@@ -52,6 +52,8 @@ match(const struct sk_buff *skb, | |||
52 | { | 52 | { |
53 | const struct xt_connbytes_info *sinfo = matchinfo; | 53 | const struct xt_connbytes_info *sinfo = matchinfo; |
54 | u_int64_t what = 0; /* initialize to make gcc happy */ | 54 | u_int64_t what = 0; /* initialize to make gcc happy */ |
55 | u_int64_t bytes = 0; | ||
56 | u_int64_t pkts = 0; | ||
55 | const struct ip_conntrack_counter *counters; | 57 | const struct ip_conntrack_counter *counters; |
56 | 58 | ||
57 | if (!(counters = nf_ct_get_counters(skb))) | 59 | if (!(counters = nf_ct_get_counters(skb))) |
@@ -89,29 +91,22 @@ match(const struct sk_buff *skb, | |||
89 | case XT_CONNBYTES_AVGPKT: | 91 | case XT_CONNBYTES_AVGPKT: |
90 | switch (sinfo->direction) { | 92 | switch (sinfo->direction) { |
91 | case XT_CONNBYTES_DIR_ORIGINAL: | 93 | case XT_CONNBYTES_DIR_ORIGINAL: |
92 | what = div64_64(counters[IP_CT_DIR_ORIGINAL].bytes, | 94 | bytes = counters[IP_CT_DIR_ORIGINAL].bytes; |
93 | counters[IP_CT_DIR_ORIGINAL].packets); | 95 | pkts = counters[IP_CT_DIR_ORIGINAL].packets; |
94 | break; | 96 | break; |
95 | case XT_CONNBYTES_DIR_REPLY: | 97 | case XT_CONNBYTES_DIR_REPLY: |
96 | what = div64_64(counters[IP_CT_DIR_REPLY].bytes, | 98 | bytes = counters[IP_CT_DIR_REPLY].bytes; |
97 | counters[IP_CT_DIR_REPLY].packets); | 99 | pkts = counters[IP_CT_DIR_REPLY].packets; |
98 | break; | 100 | break; |
99 | case XT_CONNBYTES_DIR_BOTH: | 101 | case XT_CONNBYTES_DIR_BOTH: |
100 | { | 102 | bytes = counters[IP_CT_DIR_ORIGINAL].bytes + |
101 | u_int64_t bytes; | 103 | counters[IP_CT_DIR_REPLY].bytes; |
102 | u_int64_t pkts; | 104 | pkts = counters[IP_CT_DIR_ORIGINAL].packets + |
103 | bytes = counters[IP_CT_DIR_ORIGINAL].bytes + | 105 | counters[IP_CT_DIR_REPLY].packets; |
104 | counters[IP_CT_DIR_REPLY].bytes; | ||
105 | pkts = counters[IP_CT_DIR_ORIGINAL].packets+ | ||
106 | counters[IP_CT_DIR_REPLY].packets; | ||
107 | |||
108 | /* FIXME_THEORETICAL: what to do if sum | ||
109 | * overflows ? */ | ||
110 | |||
111 | what = div64_64(bytes, pkts); | ||
112 | } | ||
113 | break; | 106 | break; |
114 | } | 107 | } |
108 | if (pkts != 0) | ||
109 | what = div64_64(bytes, pkts); | ||
115 | break; | 110 | break; |
116 | } | 111 | } |
117 | 112 | ||
diff --git a/net/sctp/sm_sideeffect.c b/net/sctp/sm_sideeffect.c index 8bd30976cdee..6db77d1329f7 100644 --- a/net/sctp/sm_sideeffect.c +++ b/net/sctp/sm_sideeffect.c | |||
@@ -621,7 +621,13 @@ static void sctp_cmd_transport_on(sctp_cmd_seq_t *cmds, | |||
621 | /* The receiver of the HEARTBEAT ACK should also perform an | 621 | /* The receiver of the HEARTBEAT ACK should also perform an |
622 | * RTT measurement for that destination transport address | 622 | * RTT measurement for that destination transport address |
623 | * using the time value carried in the HEARTBEAT ACK chunk. | 623 | * using the time value carried in the HEARTBEAT ACK chunk. |
624 | * If the transport's rto_pending variable has been cleared, | ||
625 | * it was most likely due to a retransmit. However, we want | ||
626 | * to re-enable it to properly update the rto. | ||
624 | */ | 627 | */ |
628 | if (t->rto_pending == 0) | ||
629 | t->rto_pending = 1; | ||
630 | |||
625 | hbinfo = (sctp_sender_hb_info_t *) chunk->skb->data; | 631 | hbinfo = (sctp_sender_hb_info_t *) chunk->skb->data; |
626 | sctp_transport_update_rto(t, (jiffies - hbinfo->sent_at)); | 632 | sctp_transport_update_rto(t, (jiffies - hbinfo->sent_at)); |
627 | 633 | ||