diff options
Diffstat (limited to 'net/ipv6/syncookies.c')
| -rw-r--r-- | net/ipv6/syncookies.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/net/ipv6/syncookies.c b/net/ipv6/syncookies.c index 6b6ae913b5d4..34d1f0690d7e 100644 --- a/net/ipv6/syncookies.c +++ b/net/ipv6/syncookies.c | |||
| @@ -159,6 +159,8 @@ static inline int cookie_check(struct sk_buff *skb, __u32 cookie) | |||
| 159 | 159 | ||
| 160 | struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb) | 160 | struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb) |
| 161 | { | 161 | { |
| 162 | struct tcp_options_received tcp_opt; | ||
| 163 | u8 *hash_location; | ||
| 162 | struct inet_request_sock *ireq; | 164 | struct inet_request_sock *ireq; |
| 163 | struct inet6_request_sock *ireq6; | 165 | struct inet6_request_sock *ireq6; |
| 164 | struct tcp_request_sock *treq; | 166 | struct tcp_request_sock *treq; |
| @@ -171,7 +173,6 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb) | |||
| 171 | int mss; | 173 | int mss; |
| 172 | struct dst_entry *dst; | 174 | struct dst_entry *dst; |
| 173 | __u8 rcv_wscale; | 175 | __u8 rcv_wscale; |
| 174 | struct tcp_options_received tcp_opt; | ||
| 175 | 176 | ||
| 176 | if (!sysctl_tcp_syncookies || !th->ack) | 177 | if (!sysctl_tcp_syncookies || !th->ack) |
| 177 | goto out; | 178 | goto out; |
| @@ -186,7 +187,7 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb) | |||
| 186 | 187 | ||
| 187 | /* check for timestamp cookie support */ | 188 | /* check for timestamp cookie support */ |
| 188 | memset(&tcp_opt, 0, sizeof(tcp_opt)); | 189 | memset(&tcp_opt, 0, sizeof(tcp_opt)); |
| 189 | tcp_parse_options(skb, &tcp_opt, 0); | 190 | tcp_parse_options(skb, &tcp_opt, &hash_location, 0); |
| 190 | 191 | ||
| 191 | if (tcp_opt.saw_tstamp) | 192 | if (tcp_opt.saw_tstamp) |
| 192 | cookie_check_timestamp(&tcp_opt); | 193 | cookie_check_timestamp(&tcp_opt); |
| @@ -252,8 +253,9 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb) | |||
| 252 | } | 253 | } |
| 253 | ipv6_addr_copy(&fl.fl6_src, &ireq6->loc_addr); | 254 | ipv6_addr_copy(&fl.fl6_src, &ireq6->loc_addr); |
| 254 | fl.oif = sk->sk_bound_dev_if; | 255 | fl.oif = sk->sk_bound_dev_if; |
| 256 | fl.mark = sk->sk_mark; | ||
| 255 | fl.fl_ip_dport = inet_rsk(req)->rmt_port; | 257 | fl.fl_ip_dport = inet_rsk(req)->rmt_port; |
| 256 | fl.fl_ip_sport = inet_sk(sk)->sport; | 258 | fl.fl_ip_sport = inet_sk(sk)->inet_sport; |
| 257 | security_req_classify_flow(req, &fl); | 259 | security_req_classify_flow(req, &fl); |
| 258 | if (ip6_dst_lookup(sk, &dst, &fl)) | 260 | if (ip6_dst_lookup(sk, &dst, &fl)) |
| 259 | goto out_free; | 261 | goto out_free; |
| @@ -267,7 +269,8 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb) | |||
| 267 | req->window_clamp = tp->window_clamp ? :dst_metric(dst, RTAX_WINDOW); | 269 | req->window_clamp = tp->window_clamp ? :dst_metric(dst, RTAX_WINDOW); |
| 268 | tcp_select_initial_window(tcp_full_space(sk), req->mss, | 270 | tcp_select_initial_window(tcp_full_space(sk), req->mss, |
| 269 | &req->rcv_wnd, &req->window_clamp, | 271 | &req->rcv_wnd, &req->window_clamp, |
| 270 | ireq->wscale_ok, &rcv_wscale); | 272 | ireq->wscale_ok, &rcv_wscale, |
| 273 | dst_metric(dst, RTAX_INITRWND)); | ||
| 271 | 274 | ||
| 272 | ireq->rcv_wscale = rcv_wscale; | 275 | ireq->rcv_wscale = rcv_wscale; |
| 273 | 276 | ||