aboutsummaryrefslogtreecommitdiffstats
path: root/include/net
diff options
context:
space:
mode:
authorAdam Langley <agl@imperialviolet.org>2008-07-19 03:01:42 -0400
committerDavid S. Miller <davem@davemloft.net>2008-07-19 03:01:42 -0400
commit49a72dfb8814c2d65bd9f8c9c6daf6395a1ec58d (patch)
tree38804d609f21503573bbdd8bb9af38df99275ff5 /include/net
parent845525a642c1c9e1335c33a274d4273906ee58eb (diff)
tcp: Fix MD5 signatures for non-linear skbs
Currently, the MD5 code assumes that the SKBs are linear and, in the case that they aren't, happily goes off and hashes off the end of the SKB and into random memory. Reported by Stephen Hemminger in [1]. Advice thanks to Stephen and Evgeniy Polyakov. Also includes a couple of missed route_caps from Stephen's patch in [2]. [1] http://marc.info/?l=linux-netdev&m=121445989106145&w=2 [2] http://marc.info/?l=linux-netdev&m=121459157816964&w=2 Signed-off-by: Adam Langley <agl@imperialviolet.org> Acked-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net')
-rw-r--r--include/net/tcp.h29
1 files changed, 12 insertions, 17 deletions
diff --git a/include/net/tcp.h b/include/net/tcp.h
index 92d7b551dc55..31f5bbfc59bc 100644
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -1112,20 +1112,12 @@ struct tcp_md5sig_pool {
1112#define TCP_MD5SIG_MAXKEYS (~(u32)0) /* really?! */ 1112#define TCP_MD5SIG_MAXKEYS (~(u32)0) /* really?! */
1113 1113
1114/* - functions */ 1114/* - functions */
1115extern int tcp_calc_md5_hash(char *md5_hash, 1115extern int tcp_v4_md5_hash_skb(char *md5_hash,
1116 struct tcp_md5sig_key *key, 1116 struct tcp_md5sig_key *key,
1117 int bplen, 1117 struct sock *sk,
1118 struct tcphdr *th, 1118 struct request_sock *req,
1119 unsigned int tcplen, 1119 struct sk_buff *skb);
1120 struct tcp_md5sig_pool *hp); 1120
1121
1122extern int tcp_v4_calc_md5_hash(char *md5_hash,
1123 struct tcp_md5sig_key *key,
1124 struct sock *sk,
1125 struct dst_entry *dst,
1126 struct request_sock *req,
1127 struct tcphdr *th,
1128 unsigned int tcplen);
1129extern struct tcp_md5sig_key *tcp_v4_md5_lookup(struct sock *sk, 1121extern struct tcp_md5sig_key *tcp_v4_md5_lookup(struct sock *sk,
1130 struct sock *addr_sk); 1122 struct sock *addr_sk);
1131 1123
@@ -1152,6 +1144,11 @@ extern void tcp_free_md5sig_pool(void);
1152 1144
1153extern struct tcp_md5sig_pool *__tcp_get_md5sig_pool(int cpu); 1145extern struct tcp_md5sig_pool *__tcp_get_md5sig_pool(int cpu);
1154extern void __tcp_put_md5sig_pool(void); 1146extern void __tcp_put_md5sig_pool(void);
1147extern int tcp_md5_hash_header(struct tcp_md5sig_pool *, struct tcphdr *);
1148extern int tcp_md5_hash_skb_data(struct tcp_md5sig_pool *, struct sk_buff *,
1149 unsigned header_len);
1150extern int tcp_md5_hash_key(struct tcp_md5sig_pool *hp,
1151 struct tcp_md5sig_key *key);
1155 1152
1156static inline 1153static inline
1157struct tcp_md5sig_pool *tcp_get_md5sig_pool(void) 1154struct tcp_md5sig_pool *tcp_get_md5sig_pool(void)
@@ -1381,10 +1378,8 @@ struct tcp_sock_af_ops {
1381 int (*calc_md5_hash) (char *location, 1378 int (*calc_md5_hash) (char *location,
1382 struct tcp_md5sig_key *md5, 1379 struct tcp_md5sig_key *md5,
1383 struct sock *sk, 1380 struct sock *sk,
1384 struct dst_entry *dst,
1385 struct request_sock *req, 1381 struct request_sock *req,
1386 struct tcphdr *th, 1382 struct sk_buff *skb);
1387 unsigned int len);
1388 int (*md5_add) (struct sock *sk, 1383 int (*md5_add) (struct sock *sk,
1389 struct sock *addr_sk, 1384 struct sock *addr_sk,
1390 u8 *newkey, 1385 u8 *newkey,