diff options
| author | David S. Miller <davem@sunset.davemloft.net> | 2007-09-28 18:18:35 -0400 |
|---|---|---|
| committer | David S. Miller <davem@sunset.davemloft.net> | 2007-09-28 18:18:35 -0400 |
| commit | f8ab18d2d987a59ccbf0495032b2aef05b730037 (patch) | |
| tree | 7a24c79632c91e22235888875813950c6c30d929 /net/ipv6 | |
| parent | e79ad711a0108475c1b3a03815527e7237020b08 (diff) | |
[TCP]: Fix MD5 signature handling on big-endian.
Based upon a report and initial patch by Peter Lieven.
tcp4_md5sig_key and tcp6_md5sig_key need to start with
the exact same members as tcp_md5sig_key. Because they
are both cast to that type by tcp_v{4,6}_md5_do_lookup().
Unfortunately tcp{4,6}_md5sig_key use a u16 for the key
length instead of a u8, which is what tcp_md5sig_key
uses. This just so happens to work by accident on
little-endian, but on big-endian it doesn't.
Instead of casting, just place tcp_md5sig_key as the first member of
the address-family specific structures, adjust the access sites, and
kill off the ugly casts.
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv6')
| -rw-r--r-- | net/ipv6/tcp_ipv6.c | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index 0f7defb482e9..3e06799b37a6 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c | |||
| @@ -539,7 +539,7 @@ static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk, | |||
| 539 | 539 | ||
| 540 | for (i = 0; i < tp->md5sig_info->entries6; i++) { | 540 | for (i = 0; i < tp->md5sig_info->entries6; i++) { |
| 541 | if (ipv6_addr_cmp(&tp->md5sig_info->keys6[i].addr, addr) == 0) | 541 | if (ipv6_addr_cmp(&tp->md5sig_info->keys6[i].addr, addr) == 0) |
| 542 | return (struct tcp_md5sig_key *)&tp->md5sig_info->keys6[i]; | 542 | return &tp->md5sig_info->keys6[i].base; |
| 543 | } | 543 | } |
| 544 | return NULL; | 544 | return NULL; |
| 545 | } | 545 | } |
| @@ -567,9 +567,9 @@ static int tcp_v6_md5_do_add(struct sock *sk, struct in6_addr *peer, | |||
| 567 | key = (struct tcp6_md5sig_key*) tcp_v6_md5_do_lookup(sk, peer); | 567 | key = (struct tcp6_md5sig_key*) tcp_v6_md5_do_lookup(sk, peer); |
| 568 | if (key) { | 568 | if (key) { |
| 569 | /* modify existing entry - just update that one */ | 569 | /* modify existing entry - just update that one */ |
| 570 | kfree(key->key); | 570 | kfree(key->base.key); |
| 571 | key->key = newkey; | 571 | key->base.key = newkey; |
| 572 | key->keylen = newkeylen; | 572 | key->base.keylen = newkeylen; |
| 573 | } else { | 573 | } else { |
| 574 | /* reallocate new list if current one is full. */ | 574 | /* reallocate new list if current one is full. */ |
| 575 | if (!tp->md5sig_info) { | 575 | if (!tp->md5sig_info) { |
| @@ -603,8 +603,8 @@ static int tcp_v6_md5_do_add(struct sock *sk, struct in6_addr *peer, | |||
| 603 | 603 | ||
| 604 | ipv6_addr_copy(&tp->md5sig_info->keys6[tp->md5sig_info->entries6].addr, | 604 | ipv6_addr_copy(&tp->md5sig_info->keys6[tp->md5sig_info->entries6].addr, |
| 605 | peer); | 605 | peer); |
| 606 | tp->md5sig_info->keys6[tp->md5sig_info->entries6].key = newkey; | 606 | tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.key = newkey; |
| 607 | tp->md5sig_info->keys6[tp->md5sig_info->entries6].keylen = newkeylen; | 607 | tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.keylen = newkeylen; |
| 608 | 608 | ||
| 609 | tp->md5sig_info->entries6++; | 609 | tp->md5sig_info->entries6++; |
| 610 | } | 610 | } |
| @@ -626,7 +626,7 @@ static int tcp_v6_md5_do_del(struct sock *sk, struct in6_addr *peer) | |||
| 626 | for (i = 0; i < tp->md5sig_info->entries6; i++) { | 626 | for (i = 0; i < tp->md5sig_info->entries6; i++) { |
| 627 | if (ipv6_addr_cmp(&tp->md5sig_info->keys6[i].addr, peer) == 0) { | 627 | if (ipv6_addr_cmp(&tp->md5sig_info->keys6[i].addr, peer) == 0) { |
| 628 | /* Free the key */ | 628 | /* Free the key */ |
| 629 | kfree(tp->md5sig_info->keys6[i].key); | 629 | kfree(tp->md5sig_info->keys6[i].base.key); |
| 630 | tp->md5sig_info->entries6--; | 630 | tp->md5sig_info->entries6--; |
| 631 | 631 | ||
| 632 | if (tp->md5sig_info->entries6 == 0) { | 632 | if (tp->md5sig_info->entries6 == 0) { |
| @@ -657,7 +657,7 @@ static void tcp_v6_clear_md5_list (struct sock *sk) | |||
| 657 | 657 | ||
| 658 | if (tp->md5sig_info->entries6) { | 658 | if (tp->md5sig_info->entries6) { |
| 659 | for (i = 0; i < tp->md5sig_info->entries6; i++) | 659 | for (i = 0; i < tp->md5sig_info->entries6; i++) |
| 660 | kfree(tp->md5sig_info->keys6[i].key); | 660 | kfree(tp->md5sig_info->keys6[i].base.key); |
| 661 | tp->md5sig_info->entries6 = 0; | 661 | tp->md5sig_info->entries6 = 0; |
| 662 | tcp_free_md5sig_pool(); | 662 | tcp_free_md5sig_pool(); |
| 663 | } | 663 | } |
| @@ -668,7 +668,7 @@ static void tcp_v6_clear_md5_list (struct sock *sk) | |||
| 668 | 668 | ||
| 669 | if (tp->md5sig_info->entries4) { | 669 | if (tp->md5sig_info->entries4) { |
| 670 | for (i = 0; i < tp->md5sig_info->entries4; i++) | 670 | for (i = 0; i < tp->md5sig_info->entries4; i++) |
| 671 | kfree(tp->md5sig_info->keys4[i].key); | 671 | kfree(tp->md5sig_info->keys4[i].base.key); |
| 672 | tp->md5sig_info->entries4 = 0; | 672 | tp->md5sig_info->entries4 = 0; |
| 673 | tcp_free_md5sig_pool(); | 673 | tcp_free_md5sig_pool(); |
| 674 | } | 674 | } |