diff options
| author | William Allen Simpson <william.allen.simpson@gmail.com> | 2009-12-02 13:25:27 -0500 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2009-12-03 01:07:26 -0500 |
| commit | 4957faade11b3a278c3b3cade3411ddc20afa791 (patch) | |
| tree | 57f994bab69353baf5f554b89cf9107c3372ecce /net/ipv6/syncookies.c | |
| parent | bd0388ae77075026d6a9f9eb6026dfd1d52ce0e9 (diff) | |
TCPCT part 1g: Responder Cookie => Initiator
Parse incoming TCP_COOKIE option(s).
Calculate <SYN,ACK> TCP_COOKIE option.
Send optional <SYN,ACK> data.
This is a significantly revised implementation of an earlier (year-old)
patch that no longer applies cleanly, with permission of the original
author (Adam Langley):
http://thread.gmane.org/gmane.linux.network/102586
Requires:
TCPCT part 1a: add request_values parameter for sending SYNACK
TCPCT part 1b: generate Responder Cookie secret
TCPCT part 1c: sysctl_tcp_cookie_size, socket option TCP_COOKIE_TRANSACTIONS
TCPCT part 1d: define TCP cookie option, extend existing struct's
TCPCT part 1e: implement socket option TCP_COOKIE_TRANSACTIONS
TCPCT part 1f: Initiator Cookie => Responder
Signed-off-by: William.Allen.Simpson@gmail.com
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv6/syncookies.c')
| -rw-r--r-- | net/ipv6/syncookies.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/net/ipv6/syncookies.c b/net/ipv6/syncookies.c index 612fc53e0bb9..5b9af508b8f2 100644 --- a/net/ipv6/syncookies.c +++ b/net/ipv6/syncookies.c | |||
| @@ -159,6 +159,8 @@ static inline int cookie_check(struct sk_buff *skb, __u32 cookie) | |||
| 159 | 159 | ||
| 160 | struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb) | 160 | struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb) |
| 161 | { | 161 | { |
| 162 | struct tcp_options_received tcp_opt; | ||
| 163 | u8 *hash_location; | ||
| 162 | struct inet_request_sock *ireq; | 164 | struct inet_request_sock *ireq; |
| 163 | struct inet6_request_sock *ireq6; | 165 | struct inet6_request_sock *ireq6; |
| 164 | struct tcp_request_sock *treq; | 166 | struct tcp_request_sock *treq; |
| @@ -171,7 +173,6 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb) | |||
| 171 | int mss; | 173 | int mss; |
| 172 | struct dst_entry *dst; | 174 | struct dst_entry *dst; |
| 173 | __u8 rcv_wscale; | 175 | __u8 rcv_wscale; |
| 174 | struct tcp_options_received tcp_opt; | ||
| 175 | 176 | ||
| 176 | if (!sysctl_tcp_syncookies || !th->ack) | 177 | if (!sysctl_tcp_syncookies || !th->ack) |
| 177 | goto out; | 178 | goto out; |
| @@ -254,7 +255,7 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb) | |||
| 254 | 255 | ||
| 255 | /* check for timestamp cookie support */ | 256 | /* check for timestamp cookie support */ |
| 256 | memset(&tcp_opt, 0, sizeof(tcp_opt)); | 257 | memset(&tcp_opt, 0, sizeof(tcp_opt)); |
| 257 | tcp_parse_options(skb, &tcp_opt, 0, dst); | 258 | tcp_parse_options(skb, &tcp_opt, &hash_location, 0, dst); |
| 258 | 259 | ||
| 259 | if (tcp_opt.saw_tstamp) | 260 | if (tcp_opt.saw_tstamp) |
| 260 | cookie_check_timestamp(&tcp_opt); | 261 | cookie_check_timestamp(&tcp_opt); |