aboutsummaryrefslogtreecommitdiffstats
path: root/net/dccp
diff options
context:
space:
mode:
authorGerrit Renker <gerrit@erg.abdn.ac.uk>2006-11-10 09:32:01 -0500
committerDavid S. Miller <davem@sunset.davemloft.net>2006-12-03 00:21:58 -0500
commit8a73cd09d96aa01743316657fc4e6864fe79b703 (patch)
treefa22ed8ac78c5c76cc8ee3afd8bf72607290d42d /net/dccp
parentf6484f7c7ad22e4bb018875c386d6a7aaa441426 (diff)
[DCCP]: calling dccp_v{4,6}_reqsk_send_ack is a BUG
This patch removes two functions, the send_ack functions of request_sock, which are not called/used by the DCCP code. It is correct that these functions are not called, below is a justification why calling these functions (on a passive socket in the LISTEN/RESPOND state) would mean a DCCP protocol violation. A) Background: using request_sock in TCP:
Diffstat (limited to 'net/dccp')
-rw-r--r--net/dccp/dccp.h2
-rw-r--r--net/dccp/ipv4.c48
-rw-r--r--net/dccp/ipv6.c57
-rw-r--r--net/dccp/minisocks.c10
4 files changed, 14 insertions, 103 deletions
diff --git a/net/dccp/dccp.h b/net/dccp/dccp.h
index 8964b188aba3..3d4b4a908d11 100644
--- a/net/dccp/dccp.h
+++ b/net/dccp/dccp.h
@@ -131,6 +131,8 @@ extern int dccp_retransmit_skb(struct sock *sk, struct sk_buff *skb);
131 131
132extern void dccp_send_ack(struct sock *sk); 132extern void dccp_send_ack(struct sock *sk);
133extern void dccp_send_delayed_ack(struct sock *sk); 133extern void dccp_send_delayed_ack(struct sock *sk);
134extern void dccp_reqsk_send_ack(struct sk_buff *sk, struct request_sock *rsk);
135
134extern void dccp_send_sync(struct sock *sk, const u64 seq, 136extern void dccp_send_sync(struct sock *sk, const u64 seq,
135 const enum dccp_pkt_type pkt_type); 137 const enum dccp_pkt_type pkt_type);
136 138
diff --git a/net/dccp/ipv4.c b/net/dccp/ipv4.c
index 7107885ada7e..8dd9f5aa27a2 100644
--- a/net/dccp/ipv4.c
+++ b/net/dccp/ipv4.c
@@ -193,52 +193,6 @@ static inline void dccp_do_pmtu_discovery(struct sock *sk,
193 } /* else let the usual retransmit timer handle it */ 193 } /* else let the usual retransmit timer handle it */
194} 194}
195 195
196static void dccp_v4_reqsk_send_ack(struct sk_buff *rxskb,
197 struct request_sock *req)
198{
199 int err;
200 struct dccp_hdr *rxdh = dccp_hdr(rxskb), *dh;
201 const u32 dccp_hdr_ack_len = sizeof(struct dccp_hdr) +
202 sizeof(struct dccp_hdr_ext) +
203 sizeof(struct dccp_hdr_ack_bits);
204 struct sk_buff *skb;
205
206 if (((struct rtable *)rxskb->dst)->rt_type != RTN_LOCAL)
207 return;
208
209 skb = alloc_skb(dccp_v4_ctl_socket->sk->sk_prot->max_header, GFP_ATOMIC);
210 if (skb == NULL)
211 return;
212
213 /* Reserve space for headers. */
214 skb_reserve(skb, dccp_v4_ctl_socket->sk->sk_prot->max_header);
215 skb->dst = dst_clone(rxskb->dst);
216
217 dh = dccp_zeroed_hdr(skb, dccp_hdr_ack_len);
218
219 /* Build DCCP header and checksum it. */
220 dh->dccph_type = DCCP_PKT_ACK;
221 dh->dccph_sport = rxdh->dccph_dport;
222 dh->dccph_dport = rxdh->dccph_sport;
223 dh->dccph_doff = dccp_hdr_ack_len / 4;
224 dh->dccph_x = 1;
225
226 dccp_hdr_set_seq(dh, DCCP_SKB_CB(rxskb)->dccpd_ack_seq);
227 dccp_hdr_set_ack(dccp_hdr_ack_bits(skb),
228 DCCP_SKB_CB(rxskb)->dccpd_seq);
229
230 bh_lock_sock(dccp_v4_ctl_socket->sk);
231 err = ip_build_and_send_pkt(skb, dccp_v4_ctl_socket->sk,
232 rxskb->nh.iph->daddr,
233 rxskb->nh.iph->saddr, NULL);
234 bh_unlock_sock(dccp_v4_ctl_socket->sk);
235
236 if (err == NET_XMIT_CN || err == 0) {
237 DCCP_INC_STATS_BH(DCCP_MIB_OUTSEGS);
238 DCCP_INC_STATS_BH(DCCP_MIB_OUTRSTS);
239 }
240}
241
242static int dccp_v4_send_response(struct sock *sk, struct request_sock *req, 196static int dccp_v4_send_response(struct sock *sk, struct request_sock *req,
243 struct dst_entry *dst) 197 struct dst_entry *dst)
244{ 198{
@@ -1014,7 +968,7 @@ static struct request_sock_ops dccp_request_sock_ops __read_mostly = {
1014 .family = PF_INET, 968 .family = PF_INET,
1015 .obj_size = sizeof(struct dccp_request_sock), 969 .obj_size = sizeof(struct dccp_request_sock),
1016 .rtx_syn_ack = dccp_v4_send_response, 970 .rtx_syn_ack = dccp_v4_send_response,
1017 .send_ack = dccp_v4_reqsk_send_ack, 971 .send_ack = dccp_reqsk_send_ack,
1018 .destructor = dccp_v4_reqsk_destructor, 972 .destructor = dccp_v4_reqsk_destructor,
1019 .send_reset = dccp_v4_ctl_send_reset, 973 .send_reset = dccp_v4_ctl_send_reset,
1020}; 974};
diff --git a/net/dccp/ipv6.c b/net/dccp/ipv6.c
index dee085301576..718509dcb24d 100644
--- a/net/dccp/ipv6.c
+++ b/net/dccp/ipv6.c
@@ -37,8 +37,6 @@
37static struct socket *dccp_v6_ctl_socket; 37static struct socket *dccp_v6_ctl_socket;
38 38
39static void dccp_v6_ctl_send_reset(struct sk_buff *skb); 39static void dccp_v6_ctl_send_reset(struct sk_buff *skb);
40static void dccp_v6_reqsk_send_ack(struct sk_buff *skb,
41 struct request_sock *req);
42static void dccp_v6_send_check(struct sock *sk, int len, struct sk_buff *skb); 40static void dccp_v6_send_check(struct sock *sk, int len, struct sk_buff *skb);
43 41
44static int dccp_v6_do_rcv(struct sock *sk, struct sk_buff *skb); 42static int dccp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
@@ -493,7 +491,7 @@ static struct request_sock_ops dccp6_request_sock_ops = {
493 .family = AF_INET6, 491 .family = AF_INET6,
494 .obj_size = sizeof(struct dccp6_request_sock), 492 .obj_size = sizeof(struct dccp6_request_sock),
495 .rtx_syn_ack = dccp_v6_send_response, 493 .rtx_syn_ack = dccp_v6_send_response,
496 .send_ack = dccp_v6_reqsk_send_ack, 494 .send_ack = dccp_reqsk_send_ack,
497 .destructor = dccp_v6_reqsk_destructor, 495 .destructor = dccp_v6_reqsk_destructor,
498 .send_reset = dccp_v6_ctl_send_reset, 496 .send_reset = dccp_v6_ctl_send_reset,
499}; 497};
@@ -582,59 +580,6 @@ static void dccp_v6_ctl_send_reset(struct sk_buff *rxskb)
582 kfree_skb(skb); 580 kfree_skb(skb);
583} 581}
584 582
585static void dccp_v6_reqsk_send_ack(struct sk_buff *rxskb,
586 struct request_sock *req)
587{
588 struct flowi fl;
589 struct dccp_hdr *rxdh = dccp_hdr(rxskb), *dh;
590 const u32 dccp_hdr_ack_len = sizeof(struct dccp_hdr) +
591 sizeof(struct dccp_hdr_ext) +
592 sizeof(struct dccp_hdr_ack_bits);
593 struct sk_buff *skb;
594
595 skb = alloc_skb(dccp_v6_ctl_socket->sk->sk_prot->max_header,
596 GFP_ATOMIC);
597 if (skb == NULL)
598 return;
599
600 skb_reserve(skb, dccp_v6_ctl_socket->sk->sk_prot->max_header);
601
602 dh = dccp_zeroed_hdr(skb, dccp_hdr_ack_len);
603
604 /* Build DCCP header and checksum it. */
605 dh->dccph_type = DCCP_PKT_ACK;
606 dh->dccph_sport = rxdh->dccph_dport;
607 dh->dccph_dport = rxdh->dccph_sport;
608 dh->dccph_doff = dccp_hdr_ack_len / 4;
609 dh->dccph_x = 1;
610
611 dccp_hdr_set_seq(dh, DCCP_SKB_CB(rxskb)->dccpd_ack_seq);
612 dccp_hdr_set_ack(dccp_hdr_ack_bits(skb),
613 DCCP_SKB_CB(rxskb)->dccpd_seq);
614
615 memset(&fl, 0, sizeof(fl));
616 ipv6_addr_copy(&fl.fl6_dst, &rxskb->nh.ipv6h->saddr);
617 ipv6_addr_copy(&fl.fl6_src, &rxskb->nh.ipv6h->daddr);
618
619 /* FIXME: calculate checksum, IPv4 also should... */
620
621 fl.proto = IPPROTO_DCCP;
622 fl.oif = inet6_iif(rxskb);
623 fl.fl_ip_dport = dh->dccph_dport;
624 fl.fl_ip_sport = dh->dccph_sport;
625 security_req_classify_flow(req, &fl);
626
627 if (!ip6_dst_lookup(NULL, &skb->dst, &fl)) {
628 if (xfrm_lookup(&skb->dst, &fl, NULL, 0) >= 0) {
629 ip6_xmit(dccp_v6_ctl_socket->sk, skb, &fl, NULL, 0);
630 DCCP_INC_STATS_BH(DCCP_MIB_OUTSEGS);
631 return;
632 }
633 }
634
635 kfree_skb(skb);
636}
637
638static struct sock *dccp_v6_hnd_req(struct sock *sk,struct sk_buff *skb) 583static struct sock *dccp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
639{ 584{
640 const struct dccp_hdr *dh = dccp_hdr(skb); 585 const struct dccp_hdr *dh = dccp_hdr(skb);
diff --git a/net/dccp/minisocks.c b/net/dccp/minisocks.c
index 9045438d6b36..5f3e1a4c036b 100644
--- a/net/dccp/minisocks.c
+++ b/net/dccp/minisocks.c
@@ -11,6 +11,7 @@
11 */ 11 */
12 12
13#include <linux/dccp.h> 13#include <linux/dccp.h>
14#include <linux/kernel.h>
14#include <linux/skbuff.h> 15#include <linux/skbuff.h>
15#include <linux/timer.h> 16#include <linux/timer.h>
16 17
@@ -283,3 +284,12 @@ int dccp_child_process(struct sock *parent, struct sock *child,
283} 284}
284 285
285EXPORT_SYMBOL_GPL(dccp_child_process); 286EXPORT_SYMBOL_GPL(dccp_child_process);
287
288void dccp_reqsk_send_ack(struct sk_buff *skb, struct request_sock *rsk)
289{
290 pr_info(KERN_WARNING "DCCP: ACK packets are never sent in "
291 "LISTEN/RESPOND state\n");
292 dump_stack();
293}
294
295EXPORT_SYMBOL_GPL(dccp_reqsk_send_ack);