diff options
author | David S. Miller <davem@sunset.davemloft.net> | 2007-09-28 18:18:35 -0400 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2007-09-28 18:18:35 -0400 |
commit | f8ab18d2d987a59ccbf0495032b2aef05b730037 (patch) | |
tree | 7a24c79632c91e22235888875813950c6c30d929 /net/ipv4 | |
parent | e79ad711a0108475c1b3a03815527e7237020b08 (diff) |
[TCP]: Fix MD5 signature handling on big-endian.
Based upon a report and initial patch by Peter Lieven.
tcp4_md5sig_key and tcp6_md5sig_key need to start with
the exact same members as tcp_md5sig_key. Because they
are both cast to that type by tcp_v{4,6}_md5_do_lookup().
Unfortunately tcp{4,6}_md5sig_key use a u16 for the key
length instead of a u8, which is what tcp_md5sig_key
uses. This just so happens to work by accident on
little-endian, but on big-endian it doesn't.
Instead of casting, just place tcp_md5sig_key as the first member of
the address-family specific structures, adjust the access sites, and
kill off the ugly casts.
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4')
-rw-r--r-- | net/ipv4/tcp_ipv4.c | 19 |
1 files changed, 9 insertions, 10 deletions
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index 9c94627c8c7e..e089a978e128 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c | |||
@@ -833,8 +833,7 @@ static struct tcp_md5sig_key * | |||
833 | return NULL; | 833 | return NULL; |
834 | for (i = 0; i < tp->md5sig_info->entries4; i++) { | 834 | for (i = 0; i < tp->md5sig_info->entries4; i++) { |
835 | if (tp->md5sig_info->keys4[i].addr == addr) | 835 | if (tp->md5sig_info->keys4[i].addr == addr) |
836 | return (struct tcp_md5sig_key *) | 836 | return &tp->md5sig_info->keys4[i].base; |
837 | &tp->md5sig_info->keys4[i]; | ||
838 | } | 837 | } |
839 | return NULL; | 838 | return NULL; |
840 | } | 839 | } |
@@ -865,9 +864,9 @@ int tcp_v4_md5_do_add(struct sock *sk, __be32 addr, | |||
865 | key = (struct tcp4_md5sig_key *)tcp_v4_md5_do_lookup(sk, addr); | 864 | key = (struct tcp4_md5sig_key *)tcp_v4_md5_do_lookup(sk, addr); |
866 | if (key) { | 865 | if (key) { |
867 | /* Pre-existing entry - just update that one. */ | 866 | /* Pre-existing entry - just update that one. */ |
868 | kfree(key->key); | 867 | kfree(key->base.key); |
869 | key->key = newkey; | 868 | key->base.key = newkey; |
870 | key->keylen = newkeylen; | 869 | key->base.keylen = newkeylen; |
871 | } else { | 870 | } else { |
872 | struct tcp_md5sig_info *md5sig; | 871 | struct tcp_md5sig_info *md5sig; |
873 | 872 | ||
@@ -906,9 +905,9 @@ int tcp_v4_md5_do_add(struct sock *sk, __be32 addr, | |||
906 | md5sig->alloced4++; | 905 | md5sig->alloced4++; |
907 | } | 906 | } |
908 | md5sig->entries4++; | 907 | md5sig->entries4++; |
909 | md5sig->keys4[md5sig->entries4 - 1].addr = addr; | 908 | md5sig->keys4[md5sig->entries4 - 1].addr = addr; |
910 | md5sig->keys4[md5sig->entries4 - 1].key = newkey; | 909 | md5sig->keys4[md5sig->entries4 - 1].base.key = newkey; |
911 | md5sig->keys4[md5sig->entries4 - 1].keylen = newkeylen; | 910 | md5sig->keys4[md5sig->entries4 - 1].base.keylen = newkeylen; |
912 | } | 911 | } |
913 | return 0; | 912 | return 0; |
914 | } | 913 | } |
@@ -930,7 +929,7 @@ int tcp_v4_md5_do_del(struct sock *sk, __be32 addr) | |||
930 | for (i = 0; i < tp->md5sig_info->entries4; i++) { | 929 | for (i = 0; i < tp->md5sig_info->entries4; i++) { |
931 | if (tp->md5sig_info->keys4[i].addr == addr) { | 930 | if (tp->md5sig_info->keys4[i].addr == addr) { |
932 | /* Free the key */ | 931 | /* Free the key */ |
933 | kfree(tp->md5sig_info->keys4[i].key); | 932 | kfree(tp->md5sig_info->keys4[i].base.key); |
934 | tp->md5sig_info->entries4--; | 933 | tp->md5sig_info->entries4--; |
935 | 934 | ||
936 | if (tp->md5sig_info->entries4 == 0) { | 935 | if (tp->md5sig_info->entries4 == 0) { |
@@ -964,7 +963,7 @@ static void tcp_v4_clear_md5_list(struct sock *sk) | |||
964 | if (tp->md5sig_info->entries4) { | 963 | if (tp->md5sig_info->entries4) { |
965 | int i; | 964 | int i; |
966 | for (i = 0; i < tp->md5sig_info->entries4; i++) | 965 | for (i = 0; i < tp->md5sig_info->entries4; i++) |
967 | kfree(tp->md5sig_info->keys4[i].key); | 966 | kfree(tp->md5sig_info->keys4[i].base.key); |
968 | tp->md5sig_info->entries4 = 0; | 967 | tp->md5sig_info->entries4 = 0; |
969 | tcp_free_md5sig_pool(); | 968 | tcp_free_md5sig_pool(); |
970 | } | 969 | } |