diff options
| author | John Dykstra <john.dykstra1@gmail.com> | 2009-07-17 05:23:22 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2009-07-20 10:49:08 -0400 |
| commit | e547bc1eccf539b7403138d8ded913ffd2b7fd0d (patch) | |
| tree | a5d776438864387bdc305ef3ce186ba527f5b5d4 /net/ipv6/tcp_ipv6.c | |
| parent | e3afe7b75ed8f809c1473ea9b39267487c187ccb (diff) | |
tcp: Use correct peer adr when copying MD5 keys
When the TCP connection handshake completes on the passive
side, a variety of state must be set up in the "child" sock,
including the key if MD5 authentication is being used. Fix TCP
for both address families to label the key with the peer's
destination address, rather than the address from the listening
sock, which is usually the wildcard.
Reported-by: Stephen Hemminger <shemminger@vyatta.com>
Signed-off-by: John Dykstra <john.dykstra1@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv6/tcp_ipv6.c')
| -rw-r--r-- | net/ipv6/tcp_ipv6.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index ae3d65753562..d849dd53b788 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c | |||
| @@ -1442,7 +1442,7 @@ static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb, | |||
| 1442 | */ | 1442 | */ |
| 1443 | char *newkey = kmemdup(key->key, key->keylen, GFP_ATOMIC); | 1443 | char *newkey = kmemdup(key->key, key->keylen, GFP_ATOMIC); |
| 1444 | if (newkey != NULL) | 1444 | if (newkey != NULL) |
| 1445 | tcp_v6_md5_do_add(newsk, &inet6_sk(sk)->daddr, | 1445 | tcp_v6_md5_do_add(newsk, &newnp->daddr, |
| 1446 | newkey, key->keylen); | 1446 | newkey, key->keylen); |
| 1447 | } | 1447 | } |
| 1448 | #endif | 1448 | #endif |