Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/net-2.6

* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/net-2.6: (27 commits) [INET]: Fix inet_diag dead-lock regression [NETNS]: Fix /proc/net breakage [TEXTSEARCH]: Do not allow zero length patterns in the textsearch infrastructure [NETFILTER]: fix forgotten module release in xt_CONNMARK and xt_CONNSECMARK [NETFILTER]: xt_TCPMSS: remove network triggerable WARN_ON [DECNET]: dn_nl_deladdr() almost always returns no error [IPV6]: Restore IPv6 when MTU is big enough [RXRPC]: Add missing select on CRYPTO mac80211: rate limit wep decrypt failed messages rfkill: fix double-mutex-locking mac80211: drop unencrypted frames if encryption is expected mac80211: Fix behavior of ieee80211_open and ieee80211_close ieee80211: fix unaligned access in ieee80211_copy_snap mac80211: free ifsta->extra_ie and clear IEEE80211_STA_PRIVACY_INVOKED SCTP: Fix build issues with SCTP AUTH. SCTP: Fix chunk acceptance when no authenticated chunks were listed. SCTP: Fix the supported extensions paramter SCTP: Fix SCTP-AUTH to correctly add HMACS paramter. SCTP: Fix the number of HB transmissions. [TCP] illinois: Incorrect beta usage ...
author: Linus Torvalds <torvalds@woody.linux-foundation.org> 2007-12-03 11:15:36 -0500
committer: Linus Torvalds <torvalds@woody.linux-foundation.org> 2007-12-03 11:15:36 -0500
commit: 8002cedc1adbf51e2d56091534ef7551b88329b4 (patch)
tree: 2c65c82b2b5300eac581a0ee794d98f0b61593b6 /net/sctp
parent: e87cb5db0dc357473ac71801051954ddd6ff604f (diff)
parent: d523a328fb0271e1a763e985a21f2488fd816e7e (diff)
4 files changed, 16 insertions, 21 deletions
diff --git a/net/sctp/Kconfig b/net/sctp/Kconfig
index 8210f549c4..5390bc7921 100644
--- a/net/sctp/Kconfig
+++ b/net/sctp/Kconfig
@@ -6,9 +6,9 @@ menuconfig IP_SCTP
        tristate "The SCTP Protocol (EXPERIMENTAL)"
        depends on INET && EXPERIMENTAL
        depends on IPV6 || IPV6=n
-        select CRYPTO if SCTP_HMAC_SHA1 || SCTP_HMAC_MD5
+        select CRYPTO
-        select CRYPTO_HMAC if SCTP_HMAC_SHA1 || SCTP_HMAC_MD5
+        select CRYPTO_HMAC
-        select CRYPTO_SHA1 if SCTP_HMAC_SHA1
+        select CRYPTO_SHA1
        select CRYPTO_MD5 if SCTP_HMAC_MD5
        ---help---
          Stream Control Transmission Protocol
diff --git a/net/sctp/auth.c b/net/sctp/auth.c
index 6d5fa6bb37..97e6ebd145 100644
--- a/net/sctp/auth.c
+++ b/net/sctp/auth.c
@@ -54,11 +54,13 @@ static struct sctp_hmac sctp_hmac_list[SCTP_AUTH_NUM_HMACS] = {
                /* id 2 is reserved as well */
                .hmac_id = SCTP_AUTH_HMAC_ID_RESERVED_2,
        },
+#if defined (CONFIG_CRYPTO_SHA256) || defined (CONFIG_CRYPTO_SHA256_MODULE)
        {
                .hmac_id = SCTP_AUTH_HMAC_ID_SHA256,
                .hmac_name="hmac(sha256)",
                .hmac_len = SCTP_SHA256_SIG_SIZE,
        }
+#endif
 };
@@ -631,7 +633,7 @@ static int __sctp_auth_cid(sctp_cid_t chunk, struct sctp_chunks_param *param)
        int found = 0;
        int i;
-        if (!param)
+        if (!param || param->param_hdr.length == 0)
                return 0;
        len = ntohs(param->param_hdr.length) - sizeof(sctp_paramhdr_t);
diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c
index 5a9783c38d..f4876291bb 100644
--- a/net/sctp/sm_make_chunk.c
+++ b/net/sctp/sm_make_chunk.c
@@ -77,6 +77,8 @@ static int sctp_process_param(struct sctp_association *asoc,
                              union sctp_params param,
                              const union sctp_addr *peer_addr,
                              gfp_t gfp);
+static void *sctp_addto_param(struct sctp_chunk *chunk, int len,
+                              const void *data);
 /* What was the inbound interface for this chunk? */
 int sctp_chunk_iif(const struct sctp_chunk *chunk)
@@ -207,11 +209,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
        chunksize = sizeof(init) + addrs_len + SCTP_SAT_LEN(num_types);
        chunksize += sizeof(ecap_param);
-        if (sctp_prsctp_enable) {
-                chunksize += sizeof(prsctp_param);
-                extensions[num_ext] = SCTP_CID_FWD_TSN;
-                num_ext += 1;
-        }
        /* ADDIP: Section 4.2.7:
         *  An implementation supporting this extension [ADDIP] MUST list
         *  the ASCONF,the ASCONF-ACK, and the AUTH  chunks in its INIT and
@@ -243,7 +241,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
                if (auth_chunks->length)
                        chunksize += ntohs(auth_chunks->length);
                else
-                        auth_hmacs = NULL;
+                        auth_chunks = NULL;
                extensions[num_ext] = SCTP_CID_AUTH;
                num_ext += 1;
@@ -297,7 +295,7 @@ struct sctp_chunk *sctp_make_init(const struct sctp_association *asoc,
                            htons(sizeof(sctp_supported_ext_param_t) + num_ext);
                sctp_addto_chunk(retval, sizeof(sctp_supported_ext_param_t),
                                &ext_param);
-                sctp_addto_chunk(retval, num_ext, extensions);
+                sctp_addto_param(retval, num_ext, extensions);
        }
        if (sctp_prsctp_enable)
@@ -371,20 +369,12 @@ struct sctp_chunk *sctp_make_init_ack(const struct sctp_association *asoc,
        if (asoc->peer.ecn_capable)
                chunksize += sizeof(ecap_param);
-        /* Tell peer that we'll do PR-SCTP only if peer advertised.  */
-        if (asoc->peer.prsctp_capable) {
-                chunksize += sizeof(prsctp_param);
-                extensions[num_ext] = SCTP_CID_FWD_TSN;
-                num_ext += 1;
-        }
        if (sctp_addip_enable) {
                extensions[num_ext] = SCTP_CID_ASCONF;
                extensions[num_ext+1] = SCTP_CID_ASCONF_ACK;
                num_ext += 2;
        }
-        chunksize += sizeof(ext_param) + num_ext;
        chunksize += sizeof(aiparam);
        if (asoc->peer.auth_capable) {
@@ -407,6 +397,9 @@ struct sctp_chunk *sctp_make_init_ack(const struct sctp_association *asoc,
                num_ext += 1;
        }
+        if (num_ext)
+                chunksize += sizeof(sctp_supported_ext_param_t) + num_ext;
        /* Now allocate and fill out the chunk.  */
        retval = sctp_make_chunk(asoc, SCTP_CID_INIT_ACK, 0, chunksize);
        if (!retval)
@@ -428,7 +421,7 @@ struct sctp_chunk *sctp_make_init_ack(const struct sctp_association *asoc,
                            htons(sizeof(sctp_supported_ext_param_t) + num_ext);
                sctp_addto_chunk(retval, sizeof(sctp_supported_ext_param_t),
                                 &ext_param);
-                sctp_addto_chunk(retval, num_ext, extensions);
+                sctp_addto_param(retval, num_ext, extensions);
        }
        if (asoc->peer.prsctp_capable)
                sctp_addto_chunk(retval, sizeof(prsctp_param), &prsctp_param);
diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c
index b8bbb96072..5fb8477884 100644
--- a/net/sctp/sm_statefuns.c
+++ b/net/sctp/sm_statefuns.c
@@ -959,7 +959,7 @@ sctp_disposition_t sctp_sf_sendbeat_8_3(const struct sctp_endpoint *ep,
 {
        struct sctp_transport *transport = (struct sctp_transport *) arg;
-        if (asoc->overall_error_count >= asoc->max_retrans) {
+        if (asoc->overall_error_count > asoc->max_retrans) {
                sctp_add_cmd_sf(commands, SCTP_CMD_SET_SK_ERR,
                                SCTP_ERROR(ETIMEDOUT));
                /* CMD_ASSOC_FAILED calls CMD_DELETE_TCB. */
author	Linus Torvalds <torvalds@woody.linux-foundation.org>	2007-12-03 11:15:36 -0500
committer	Linus Torvalds <torvalds@woody.linux-foundation.org>	2007-12-03 11:15:36 -0500
commit	8002cedc1adbf51e2d56091534ef7551b88329b4 (patch)
tree	2c65c82b2b5300eac581a0ee794d98f0b61593b6 /net/sctp
parent	e87cb5db0dc357473ac71801051954ddd6ff604f (diff)
parent	d523a328fb0271e1a763e985a21f2488fd816e7e (diff)

diff --git a/net/sctp/Kconfig b/net/sctp/Kconfig index 8210f549c4..5390bc7921 100644 --- a/net/sctp/Kconfig +++ b/net/sctp/Kconfig
@@ -6,9 +6,9 @@ menuconfig IP_SCTP
6	tristate "The SCTP Protocol (EXPERIMENTAL)"	6	tristate "The SCTP Protocol (EXPERIMENTAL)"
7	depends on INET && EXPERIMENTAL	7	depends on INET && EXPERIMENTAL
8	depends on IPV6 \|\| IPV6=n	8	depends on IPV6 \|\| IPV6=n
9	select CRYPTO if SCTP_HMAC_SHA1 \|\| SCTP_HMAC_MD5	9	select CRYPTO
10	select CRYPTO_HMAC if SCTP_HMAC_SHA1 \|\| SCTP_HMAC_MD5	10	select CRYPTO_HMAC
11	select CRYPTO_SHA1 if SCTP_HMAC_SHA1	11	select CRYPTO_SHA1
12	select CRYPTO_MD5 if SCTP_HMAC_MD5	12	select CRYPTO_MD5 if SCTP_HMAC_MD5
13	---help---	13	---help---
14	Stream Control Transmission Protocol	14	Stream Control Transmission Protocol


diff --git a/net/sctp/auth.c b/net/sctp/auth.c index 6d5fa6bb37..97e6ebd145 100644 --- a/net/sctp/auth.c +++ b/net/sctp/auth.c
@@ -54,11 +54,13 @@ static struct sctp_hmac sctp_hmac_list[SCTP_AUTH_NUM_HMACS] = {
54	/* id 2 is reserved as well */	54	/* id 2 is reserved as well */
55	.hmac_id = SCTP_AUTH_HMAC_ID_RESERVED_2,	55	.hmac_id = SCTP_AUTH_HMAC_ID_RESERVED_2,
56	},	56	},
		57	#if defined (CONFIG_CRYPTO_SHA256) \|\| defined (CONFIG_CRYPTO_SHA256_MODULE)
57	{	58	{
58	.hmac_id = SCTP_AUTH_HMAC_ID_SHA256,	59	.hmac_id = SCTP_AUTH_HMAC_ID_SHA256,
59	.hmac_name="hmac(sha256)",	60	.hmac_name="hmac(sha256)",
60	.hmac_len = SCTP_SHA256_SIG_SIZE,	61	.hmac_len = SCTP_SHA256_SIG_SIZE,
61	}	62	}
		63	#endif
62	};	64	};
63		65
64		66
@@ -631,7 +633,7 @@ static int __sctp_auth_cid(sctp_cid_t chunk, struct sctp_chunks_param *param)
631	int found = 0;	633	int found = 0;
632	int i;	634	int i;
633		635
634	if (!param)	636	if (!param \|\| param->param_hdr.length == 0)
635	return 0;	637	return 0;
636		638
637	len = ntohs(param->param_hdr.length) - sizeof(sctp_paramhdr_t);	639	len = ntohs(param->param_hdr.length) - sizeof(sctp_paramhdr_t);


diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c index 5a9783c38d..f4876291bb 100644 --- a/net/sctp/sm_make_chunk.c +++ b/net/sctp/sm_make_chunk.c
@@ -77,6 +77,8 @@ static int sctp_process_param(struct sctp_association *asoc,
77	union sctp_params param,	77	union sctp_params param,
78	const union sctp_addr *peer_addr,	78	const union sctp_addr *peer_addr,
79	gfp_t gfp);	79	gfp_t gfp);
		80	static void sctp_addto_param(struct sctp_chunk chunk, int len,
		81	const void *data);
80		82
81	/* What was the inbound interface for this chunk? */	83	/* What was the inbound interface for this chunk? */
82	int sctp_chunk_iif(const struct sctp_chunk *chunk)	84	int sctp_chunk_iif(const struct sctp_chunk *chunk)
@@ -207,11 +209,7 @@ struct sctp_chunk sctp_make_init(const struct sctp_association asoc,
207		209
208	chunksize = sizeof(init) + addrs_len + SCTP_SAT_LEN(num_types);	210	chunksize = sizeof(init) + addrs_len + SCTP_SAT_LEN(num_types);
209	chunksize += sizeof(ecap_param);	211	chunksize += sizeof(ecap_param);
210	if (sctp_prsctp_enable) {	212
211	chunksize += sizeof(prsctp_param);
212	extensions[num_ext] = SCTP_CID_FWD_TSN;
213	num_ext += 1;
214	}
215	/* ADDIP: Section 4.2.7:	213	/* ADDIP: Section 4.2.7:
216	* An implementation supporting this extension [ADDIP] MUST list	214	* An implementation supporting this extension [ADDIP] MUST list
217	* the ASCONF,the ASCONF-ACK, and the AUTH chunks in its INIT and	215	* the ASCONF,the ASCONF-ACK, and the AUTH chunks in its INIT and
@@ -243,7 +241,7 @@ struct sctp_chunk sctp_make_init(const struct sctp_association asoc,
243	if (auth_chunks->length)	241	if (auth_chunks->length)
244	chunksize += ntohs(auth_chunks->length);	242	chunksize += ntohs(auth_chunks->length);
245	else	243	else
246	auth_hmacs = NULL;	244	auth_chunks = NULL;
247		245
248	extensions[num_ext] = SCTP_CID_AUTH;	246	extensions[num_ext] = SCTP_CID_AUTH;
249	num_ext += 1;	247	num_ext += 1;
@@ -297,7 +295,7 @@ struct sctp_chunk sctp_make_init(const struct sctp_association asoc,
297	htons(sizeof(sctp_supported_ext_param_t) + num_ext);	295	htons(sizeof(sctp_supported_ext_param_t) + num_ext);
298	sctp_addto_chunk(retval, sizeof(sctp_supported_ext_param_t),	296	sctp_addto_chunk(retval, sizeof(sctp_supported_ext_param_t),
299	&ext_param);	297	&ext_param);
300	sctp_addto_chunk(retval, num_ext, extensions);	298	sctp_addto_param(retval, num_ext, extensions);
301	}	299	}
302		300
303	if (sctp_prsctp_enable)	301	if (sctp_prsctp_enable)
@@ -371,20 +369,12 @@ struct sctp_chunk sctp_make_init_ack(const struct sctp_association asoc,
371	if (asoc->peer.ecn_capable)	369	if (asoc->peer.ecn_capable)
372	chunksize += sizeof(ecap_param);	370	chunksize += sizeof(ecap_param);
373		371
374	/* Tell peer that we'll do PR-SCTP only if peer advertised. */
375	if (asoc->peer.prsctp_capable) {
376	chunksize += sizeof(prsctp_param);
377	extensions[num_ext] = SCTP_CID_FWD_TSN;
378	num_ext += 1;
379	}
380
381	if (sctp_addip_enable) {	372	if (sctp_addip_enable) {
382	extensions[num_ext] = SCTP_CID_ASCONF;	373	extensions[num_ext] = SCTP_CID_ASCONF;
383	extensions[num_ext+1] = SCTP_CID_ASCONF_ACK;	374	extensions[num_ext+1] = SCTP_CID_ASCONF_ACK;
384	num_ext += 2;	375	num_ext += 2;
385	}	376	}
386		377
387	chunksize += sizeof(ext_param) + num_ext;
388	chunksize += sizeof(aiparam);	378	chunksize += sizeof(aiparam);
389		379
390	if (asoc->peer.auth_capable) {	380	if (asoc->peer.auth_capable) {
@@ -407,6 +397,9 @@ struct sctp_chunk sctp_make_init_ack(const struct sctp_association asoc,
407	num_ext += 1;	397	num_ext += 1;
408	}	398	}
409		399
		400	if (num_ext)
		401	chunksize += sizeof(sctp_supported_ext_param_t) + num_ext;
		402
410	/* Now allocate and fill out the chunk. */	403	/* Now allocate and fill out the chunk. */
411	retval = sctp_make_chunk(asoc, SCTP_CID_INIT_ACK, 0, chunksize);	404	retval = sctp_make_chunk(asoc, SCTP_CID_INIT_ACK, 0, chunksize);
412	if (!retval)	405	if (!retval)
@@ -428,7 +421,7 @@ struct sctp_chunk sctp_make_init_ack(const struct sctp_association asoc,
428	htons(sizeof(sctp_supported_ext_param_t) + num_ext);	421	htons(sizeof(sctp_supported_ext_param_t) + num_ext);
429	sctp_addto_chunk(retval, sizeof(sctp_supported_ext_param_t),	422	sctp_addto_chunk(retval, sizeof(sctp_supported_ext_param_t),
430	&ext_param);	423	&ext_param);
431	sctp_addto_chunk(retval, num_ext, extensions);	424	sctp_addto_param(retval, num_ext, extensions);
432	}	425	}
433	if (asoc->peer.prsctp_capable)	426	if (asoc->peer.prsctp_capable)
434	sctp_addto_chunk(retval, sizeof(prsctp_param), &prsctp_param);	427	sctp_addto_chunk(retval, sizeof(prsctp_param), &prsctp_param);


diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c index b8bbb96072..5fb8477884 100644 --- a/net/sctp/sm_statefuns.c +++ b/net/sctp/sm_statefuns.c
@@ -959,7 +959,7 @@ sctp_disposition_t sctp_sf_sendbeat_8_3(const struct sctp_endpoint *ep,
959	{	959	{
960	struct sctp_transport transport = (struct sctp_transport ) arg;	960	struct sctp_transport transport = (struct sctp_transport ) arg;
961		961
962	if (asoc->overall_error_count >= asoc->max_retrans) {	962	if (asoc->overall_error_count > asoc->max_retrans) {
963	sctp_add_cmd_sf(commands, SCTP_CMD_SET_SK_ERR,	963	sctp_add_cmd_sf(commands, SCTP_CMD_SET_SK_ERR,
964	SCTP_ERROR(ETIMEDOUT));	964	SCTP_ERROR(ETIMEDOUT));
965	/* CMD_ASSOC_FAILED calls CMD_DELETE_TCB. */	965	/* CMD_ASSOC_FAILED calls CMD_DELETE_TCB. */