diff options
Diffstat (limited to 'net/ipv4/syncookies.c')
-rw-r--r-- | net/ipv4/syncookies.c | 39 |
1 files changed, 20 insertions, 19 deletions
diff --git a/net/ipv4/syncookies.c b/net/ipv4/syncookies.c index e923d2f021aa..dd47e6da6fb3 100644 --- a/net/ipv4/syncookies.c +++ b/net/ipv4/syncookies.c | |||
@@ -190,6 +190,8 @@ static inline struct sock *get_cookie_sock(struct sock *sk, struct sk_buff *skb, | |||
190 | struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, | 190 | struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, |
191 | struct ip_options *opt) | 191 | struct ip_options *opt) |
192 | { | 192 | { |
193 | struct inet_request_sock *ireq; | ||
194 | struct tcp_request_sock *treq; | ||
193 | struct tcp_sock *tp = tcp_sk(sk); | 195 | struct tcp_sock *tp = tcp_sk(sk); |
194 | __u32 cookie = ntohl(skb->h.th->ack_seq) - 1; | 196 | __u32 cookie = ntohl(skb->h.th->ack_seq) - 1; |
195 | struct sock *ret = sk; | 197 | struct sock *ret = sk; |
@@ -209,19 +211,20 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, | |||
209 | 211 | ||
210 | NET_INC_STATS_BH(LINUX_MIB_SYNCOOKIESRECV); | 212 | NET_INC_STATS_BH(LINUX_MIB_SYNCOOKIESRECV); |
211 | 213 | ||
212 | req = tcp_openreq_alloc(); | ||
213 | ret = NULL; | 214 | ret = NULL; |
215 | req = tcp_openreq_alloc(&or_ipv4); /* for safety */ | ||
214 | if (!req) | 216 | if (!req) |
215 | goto out; | 217 | goto out; |
216 | 218 | ||
217 | req->rcv_isn = htonl(skb->h.th->seq) - 1; | 219 | ireq = inet_rsk(req); |
218 | req->snt_isn = cookie; | 220 | treq = tcp_rsk(req); |
221 | treq->rcv_isn = htonl(skb->h.th->seq) - 1; | ||
222 | treq->snt_isn = cookie; | ||
219 | req->mss = mss; | 223 | req->mss = mss; |
220 | req->rmt_port = skb->h.th->source; | 224 | ireq->rmt_port = skb->h.th->source; |
221 | req->af.v4_req.loc_addr = skb->nh.iph->daddr; | 225 | ireq->loc_addr = skb->nh.iph->daddr; |
222 | req->af.v4_req.rmt_addr = skb->nh.iph->saddr; | 226 | ireq->rmt_addr = skb->nh.iph->saddr; |
223 | req->class = &or_ipv4; /* for savety */ | 227 | ireq->opt = NULL; |
224 | req->af.v4_req.opt = NULL; | ||
225 | 228 | ||
226 | /* We throwed the options of the initial SYN away, so we hope | 229 | /* We throwed the options of the initial SYN away, so we hope |
227 | * the ACK carries the same options again (see RFC1122 4.2.3.8) | 230 | * the ACK carries the same options again (see RFC1122 4.2.3.8) |
@@ -229,17 +232,15 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, | |||
229 | if (opt && opt->optlen) { | 232 | if (opt && opt->optlen) { |
230 | int opt_size = sizeof(struct ip_options) + opt->optlen; | 233 | int opt_size = sizeof(struct ip_options) + opt->optlen; |
231 | 234 | ||
232 | req->af.v4_req.opt = kmalloc(opt_size, GFP_ATOMIC); | 235 | ireq->opt = kmalloc(opt_size, GFP_ATOMIC); |
233 | if (req->af.v4_req.opt) { | 236 | if (ireq->opt != NULL && ip_options_echo(ireq->opt, skb)) { |
234 | if (ip_options_echo(req->af.v4_req.opt, skb)) { | 237 | kfree(ireq->opt); |
235 | kfree(req->af.v4_req.opt); | 238 | ireq->opt = NULL; |
236 | req->af.v4_req.opt = NULL; | ||
237 | } | ||
238 | } | 239 | } |
239 | } | 240 | } |
240 | 241 | ||
241 | req->snd_wscale = req->rcv_wscale = req->tstamp_ok = 0; | 242 | ireq->snd_wscale = ireq->rcv_wscale = ireq->tstamp_ok = 0; |
242 | req->wscale_ok = req->sack_ok = 0; | 243 | ireq->wscale_ok = ireq->sack_ok = 0; |
243 | req->expires = 0UL; | 244 | req->expires = 0UL; |
244 | req->retrans = 0; | 245 | req->retrans = 0; |
245 | 246 | ||
@@ -253,8 +254,8 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, | |||
253 | struct flowi fl = { .nl_u = { .ip4_u = | 254 | struct flowi fl = { .nl_u = { .ip4_u = |
254 | { .daddr = ((opt && opt->srr) ? | 255 | { .daddr = ((opt && opt->srr) ? |
255 | opt->faddr : | 256 | opt->faddr : |
256 | req->af.v4_req.rmt_addr), | 257 | ireq->rmt_addr), |
257 | .saddr = req->af.v4_req.loc_addr, | 258 | .saddr = ireq->loc_addr, |
258 | .tos = RT_CONN_FLAGS(sk) } }, | 259 | .tos = RT_CONN_FLAGS(sk) } }, |
259 | .proto = IPPROTO_TCP, | 260 | .proto = IPPROTO_TCP, |
260 | .uli_u = { .ports = | 261 | .uli_u = { .ports = |
@@ -272,7 +273,7 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, | |||
272 | &req->rcv_wnd, &req->window_clamp, | 273 | &req->rcv_wnd, &req->window_clamp, |
273 | 0, &rcv_wscale); | 274 | 0, &rcv_wscale); |
274 | /* BTW win scale with syncookies is 0 by definition */ | 275 | /* BTW win scale with syncookies is 0 by definition */ |
275 | req->rcv_wscale = rcv_wscale; | 276 | ireq->rcv_wscale = rcv_wscale; |
276 | 277 | ||
277 | ret = get_cookie_sock(sk, skb, req, &rt->u.dst); | 278 | ret = get_cookie_sock(sk, skb, req, &rt->u.dst); |
278 | out: return ret; | 279 | out: return ret; |