diff options
| author | William Allen Simpson <william.allen.simpson@gmail.com> | 2009-12-02 13:25:27 -0500 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2009-12-03 01:07:26 -0500 |
| commit | 4957faade11b3a278c3b3cade3411ddc20afa791 (patch) | |
| tree | 57f994bab69353baf5f554b89cf9107c3372ecce /net/ipv4/syncookies.c | |
| parent | bd0388ae77075026d6a9f9eb6026dfd1d52ce0e9 (diff) | |
TCPCT part 1g: Responder Cookie => Initiator
Parse incoming TCP_COOKIE option(s).
Calculate <SYN,ACK> TCP_COOKIE option.
Send optional <SYN,ACK> data.
This is a significantly revised implementation of an earlier (year-old)
patch that no longer applies cleanly, with permission of the original
author (Adam Langley):
http://thread.gmane.org/gmane.linux.network/102586
Requires:
TCPCT part 1a: add request_values parameter for sending SYNACK
TCPCT part 1b: generate Responder Cookie secret
TCPCT part 1c: sysctl_tcp_cookie_size, socket option TCP_COOKIE_TRANSACTIONS
TCPCT part 1d: define TCP cookie option, extend existing struct's
TCPCT part 1e: implement socket option TCP_COOKIE_TRANSACTIONS
TCPCT part 1f: Initiator Cookie => Responder
Signed-off-by: William.Allen.Simpson@gmail.com
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4/syncookies.c')
| -rw-r--r-- | net/ipv4/syncookies.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/net/ipv4/syncookies.c b/net/ipv4/syncookies.c index 3146cc401748..26399ad2a289 100644 --- a/net/ipv4/syncookies.c +++ b/net/ipv4/syncookies.c | |||
| @@ -253,6 +253,8 @@ EXPORT_SYMBOL(cookie_check_timestamp); | |||
| 253 | struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, | 253 | struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, |
| 254 | struct ip_options *opt) | 254 | struct ip_options *opt) |
| 255 | { | 255 | { |
| 256 | struct tcp_options_received tcp_opt; | ||
| 257 | u8 *hash_location; | ||
| 256 | struct inet_request_sock *ireq; | 258 | struct inet_request_sock *ireq; |
| 257 | struct tcp_request_sock *treq; | 259 | struct tcp_request_sock *treq; |
| 258 | struct tcp_sock *tp = tcp_sk(sk); | 260 | struct tcp_sock *tp = tcp_sk(sk); |
| @@ -263,7 +265,6 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, | |||
| 263 | int mss; | 265 | int mss; |
| 264 | struct rtable *rt; | 266 | struct rtable *rt; |
| 265 | __u8 rcv_wscale; | 267 | __u8 rcv_wscale; |
| 266 | struct tcp_options_received tcp_opt; | ||
| 267 | 268 | ||
| 268 | if (!sysctl_tcp_syncookies || !th->ack) | 269 | if (!sysctl_tcp_syncookies || !th->ack) |
| 269 | goto out; | 270 | goto out; |
| @@ -341,7 +342,7 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, | |||
| 341 | 342 | ||
| 342 | /* check for timestamp cookie support */ | 343 | /* check for timestamp cookie support */ |
| 343 | memset(&tcp_opt, 0, sizeof(tcp_opt)); | 344 | memset(&tcp_opt, 0, sizeof(tcp_opt)); |
| 344 | tcp_parse_options(skb, &tcp_opt, 0, &rt->u.dst); | 345 | tcp_parse_options(skb, &tcp_opt, &hash_location, 0, &rt->u.dst); |
| 345 | 346 | ||
| 346 | if (tcp_opt.saw_tstamp) | 347 | if (tcp_opt.saw_tstamp) |
| 347 | cookie_check_timestamp(&tcp_opt); | 348 | cookie_check_timestamp(&tcp_opt); |