[SCTP]: Implement SCTP-AUTH initializations.

The patch initializes AUTH related members of the generic SCTP structures and provides a way to enable/disable auth extension. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Vlad Yasevich <vladislav.yasevich@hp.com> 2007-09-16 22:31:35 -0400
committer: David S. Miller <davem@sunset.davemloft.net> 2007-10-10 19:51:30 -0400
commit: a29a5bd4f5c3e8ba2e89688feab8b01c44f1654f (patch)
tree: 2b98f0d572fee7dff79373c64f95a61f940db7e9 /net/sctp/associola.c
parent: 1f485649f52929d9937b346a920a522a7363e202 (diff)
1 files changed, 34 insertions, 0 deletions
diff --git a/net/sctp/associola.c b/net/sctp/associola.c
index 9bad8ba0feda..ee4b212e66b1 100644
--- a/net/sctp/associola.c
+++ b/net/sctp/associola.c
@@ -74,6 +74,8 @@ static struct sctp_association *sctp_association_init(struct sctp_association *a
 {
        struct sctp_sock *sp;
        int i;
+        sctp_paramhdr_t *p;
+        int err;
        /* Retrieve the SCTP per socket area.  */
        sp = sctp_sk((struct sock *)sk);
@@ -298,6 +300,30 @@ static struct sctp_association *sctp_association_init(struct sctp_association *a
        asoc->default_timetolive = sp->default_timetolive;
        asoc->default_rcv_context = sp->default_rcv_context;
+        /* AUTH related initializations */
+        INIT_LIST_HEAD(&asoc->endpoint_shared_keys);
+        err = sctp_auth_asoc_copy_shkeys(ep, asoc, gfp);
+        if (err)
+                goto fail_init;
+        asoc->active_key_id = ep->active_key_id;
+        asoc->asoc_shared_key = NULL;
+        asoc->default_hmac_id = 0;
+        /* Save the hmacs and chunks list into this association */
+        if (ep->auth_hmacs_list)
+                memcpy(asoc->c.auth_hmacs, ep->auth_hmacs_list,
+                        ntohs(ep->auth_hmacs_list->param_hdr.length));
+        if (ep->auth_chunk_list)
+                memcpy(asoc->c.auth_chunks, ep->auth_chunk_list,
+                        ntohs(ep->auth_chunk_list->param_hdr.length));
+        /* Get the AUTH random number for this association */
+        p = (sctp_paramhdr_t *)asoc->c.auth_random;
+        p->type = SCTP_PARAM_RANDOM;
+        p->length = htons(sizeof(sctp_paramhdr_t) + SCTP_AUTH_RANDOM_LENGTH);
+        get_random_bytes(p+1, SCTP_AUTH_RANDOM_LENGTH);
        return asoc;
 fail_init:
@@ -407,6 +433,12 @@ void sctp_association_free(struct sctp_association *asoc)
        if (asoc->addip_last_asconf)
                sctp_chunk_free(asoc->addip_last_asconf);
+        /* AUTH - Free the endpoint shared keys */
+        sctp_auth_destroy_keys(&asoc->endpoint_shared_keys);
+        /* AUTH - Free the association shared key */
+        sctp_auth_key_put(asoc->asoc_shared_key);
        sctp_association_put(asoc);
 }
@@ -1112,6 +1144,8 @@ void sctp_assoc_update(struct sctp_association *asoc,
                        sctp_assoc_set_id(asoc, GFP_ATOMIC);
                }
        }
+        /* SCTP-AUTH: XXX something needs to be done here*/
 }
 /* Update the retran path for sending a retransmitted packet.
author	Vlad Yasevich <vladislav.yasevich@hp.com>	2007-09-16 22:31:35 -0400
committer	David S. Miller <davem@sunset.davemloft.net>	2007-10-10 19:51:30 -0400
commit	a29a5bd4f5c3e8ba2e89688feab8b01c44f1654f (patch)
tree	2b98f0d572fee7dff79373c64f95a61f940db7e9 /net/sctp/associola.c
parent	1f485649f52929d9937b346a920a522a7363e202 (diff)

diff --git a/net/sctp/associola.c b/net/sctp/associola.c index 9bad8ba0feda..ee4b212e66b1 100644 --- a/net/sctp/associola.c +++ b/net/sctp/associola.c
@@ -74,6 +74,8 @@ static struct sctp_association sctp_association_init(struct sctp_association a
74	{	74	{
75	struct sctp_sock *sp;	75	struct sctp_sock *sp;
76	int i;	76	int i;
		77	sctp_paramhdr_t *p;
		78	int err;
77		79
78	/* Retrieve the SCTP per socket area. */	80	/* Retrieve the SCTP per socket area. */
79	sp = sctp_sk((struct sock *)sk);	81	sp = sctp_sk((struct sock *)sk);
@@ -298,6 +300,30 @@ static struct sctp_association sctp_association_init(struct sctp_association a
298	asoc->default_timetolive = sp->default_timetolive;	300	asoc->default_timetolive = sp->default_timetolive;
299	asoc->default_rcv_context = sp->default_rcv_context;	301	asoc->default_rcv_context = sp->default_rcv_context;
300		302
		303	/* AUTH related initializations */
		304	INIT_LIST_HEAD(&asoc->endpoint_shared_keys);
		305	err = sctp_auth_asoc_copy_shkeys(ep, asoc, gfp);
		306	if (err)
		307	goto fail_init;
		308
		309	asoc->active_key_id = ep->active_key_id;
		310	asoc->asoc_shared_key = NULL;
		311
		312	asoc->default_hmac_id = 0;
		313	/* Save the hmacs and chunks list into this association */
		314	if (ep->auth_hmacs_list)
		315	memcpy(asoc->c.auth_hmacs, ep->auth_hmacs_list,
		316	ntohs(ep->auth_hmacs_list->param_hdr.length));
		317	if (ep->auth_chunk_list)
		318	memcpy(asoc->c.auth_chunks, ep->auth_chunk_list,
		319	ntohs(ep->auth_chunk_list->param_hdr.length));
		320
		321	/* Get the AUTH random number for this association */
		322	p = (sctp_paramhdr_t *)asoc->c.auth_random;
		323	p->type = SCTP_PARAM_RANDOM;
		324	p->length = htons(sizeof(sctp_paramhdr_t) + SCTP_AUTH_RANDOM_LENGTH);
		325	get_random_bytes(p+1, SCTP_AUTH_RANDOM_LENGTH);
		326
301	return asoc;	327	return asoc;
302		328
303	fail_init:	329	fail_init:
@@ -407,6 +433,12 @@ void sctp_association_free(struct sctp_association *asoc)
407	if (asoc->addip_last_asconf)	433	if (asoc->addip_last_asconf)
408	sctp_chunk_free(asoc->addip_last_asconf);	434	sctp_chunk_free(asoc->addip_last_asconf);
409		435
		436	/* AUTH - Free the endpoint shared keys */
		437	sctp_auth_destroy_keys(&asoc->endpoint_shared_keys);
		438
		439	/* AUTH - Free the association shared key */
		440	sctp_auth_key_put(asoc->asoc_shared_key);
		441
410	sctp_association_put(asoc);	442	sctp_association_put(asoc);
411	}	443	}
412		444
@@ -1112,6 +1144,8 @@ void sctp_assoc_update(struct sctp_association *asoc,
1112	sctp_assoc_set_id(asoc, GFP_ATOMIC);	1144	sctp_assoc_set_id(asoc, GFP_ATOMIC);
1113	}	1145	}
1114	}	1146	}
		1147
		1148	/* SCTP-AUTH: XXX something needs to be done here*/
1115	}	1149	}
1116		1150
1117	/* Update the retran path for sending a retransmitted packet.	1151	/* Update the retran path for sending a retransmitted packet.