diff options
author | Hannes Frederic Sowa <hannes@stressinduktion.org> | 2013-10-19 15:48:58 -0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2013-10-19 19:45:35 -0400 |
commit | 222e83d2e0aecb6a5e8d42b1a8d51332a1eba960 (patch) | |
tree | 395011fb151ed3ce911333e1ab70602b2cfbc3e0 /net/ipv4/sysctl_net_ipv4.c | |
parent | 1bbdceef1e535add893bf71d7b7ab102e4eb69eb (diff) |
tcp: switch tcp_fastopen key generation to net_get_random_once
Changed key initialization of tcp_fastopen cookies to net_get_random_once.
If the user sets a custom key net_get_random_once must be called at
least once to ensure we don't overwrite the user provided key when the
first cookie is generated later on.
Cc: Yuchung Cheng <ycheng@google.com>
Cc: Eric Dumazet <edumazet@google.com>
Cc: "David S. Miller" <davem@davemloft.net>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4/sysctl_net_ipv4.c')
-rw-r--r-- | net/ipv4/sysctl_net_ipv4.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c index c08f096d46b5..4b161d5aba0b 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c | |||
@@ -274,6 +274,11 @@ static int proc_tcp_fastopen_key(struct ctl_table *ctl, int write, | |||
274 | ret = -EINVAL; | 274 | ret = -EINVAL; |
275 | goto bad_key; | 275 | goto bad_key; |
276 | } | 276 | } |
277 | /* Generate a dummy secret but don't publish it. This | ||
278 | * is needed so we don't regenerate a new key on the | ||
279 | * first invocation of tcp_fastopen_cookie_gen | ||
280 | */ | ||
281 | tcp_fastopen_init_key_once(false); | ||
277 | tcp_fastopen_reset_cipher(user_key, TCP_FASTOPEN_KEY_LENGTH); | 282 | tcp_fastopen_reset_cipher(user_key, TCP_FASTOPEN_KEY_LENGTH); |
278 | } | 283 | } |
279 | 284 | ||