- 28 8月, 2008 1 次提交
-
-
由 Vlad Yasevich 提交于
The number of identifiers needs to be checked against the option length. Also, the identifier index provided needs to be verified to make sure that it doesn't exceed the bounds of the array. Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 26 8月, 2008 1 次提交
-
-
由 Vlad Yasevich 提交于
The structure used for SCTP_AUTH_KEY option contains a length that needs to be verfied to prevent buffer overflow conditions. Spoted by Eugene Teo <eteo@redhat.com>. Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 29 2月, 2008 1 次提交
-
-
由 Vlad Yasevich 提交于
The new SCTP socket api (draft 16) updates the AUTH API structures. We never exported these since we knew they would change. Update the rest to match the draft. Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com>
-
- 05 2月, 2008 2 次提交
-
-
由 Vlad Yasevich 提交于
I was notified by Randy Stewart that lksctp claims to be "the reference implementation". First of all, "the refrence implementation" was the original implementation of SCTP in usersapce written ty Randy and a few others. Second, after looking at the definiton of 'reference implementation', we don't really meet the requirements. Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com>
-
由 Wei Yongjun 提交于
If SCTP-AUTH is enabled, received AUTH chunk with BAD shared key identifier will cause kernel panic. Test as following: step1: enabled /proc/sys/net/sctp/auth_enable step 2: connect to SCTP server with auth capable. Association is established between endpoints. Then send a AUTH chunk with a bad shareid, SCTP server will kernel panic after received that AUTH chunk. SCTP client SCTP server INIT ----------> (with auth capable) <---------- INIT-ACK (with auth capable) COOKIE-ECHO ----------> <---------- COOKIE-ACK AUTH ----------> AUTH chunk is like this: AUTH chunk Chunk type: AUTH (15) Chunk flags: 0x00 Chunk length: 28 Shared key identifier: 10 HMAC identifier: SHA-1 (1) HMAC: 0000000000000000000000000000000000000000 The assignment of NULL to key can safely be removed, since key_for_each (which is just list_for_each_entry under the covers does an initial assignment to key anyway). If the endpoint_shared_keys list is empty, or if the key_id being requested does not exist, the function as it currently stands returns the actuall list_head (in this case endpoint_shared_keys. Since that list_head isn't surrounded by an actuall data structure, the last iteration through list_for_each_entry will do a container_of on key, and we wind up returning a bogus pointer, instead of NULL, as we should. > Neil Horman wrote: >> On Tue, Jan 22, 2008 at 05:29:20PM +0900, Wei Yongjun wrote: >> >> FWIW, Ack from me. The assignment of NULL to key can safely be >> removed, since >> key_for_each (which is just list_for_each_entry under the covers does >> an initial >> assignment to key anyway). >> If the endpoint_shared_keys list is empty, or if the key_id being >> requested does >> not exist, the function as it currently stands returns the actuall >> list_head (in >> this case endpoint_shared_keys. Since that list_head isn't >> surrounded by an >> actuall data structure, the last iteration through >> list_for_each_entry will do a >> container_of on key, and we wind up returning a bogus pointer, >> instead of NULL, >> as we should. Wei's patch corrects that. >> >> Regards >> Neil >> >> Acked-by: Neil Horman <nhorman@tuxdriver.com> >> > > Yep, the patch is correct. > > Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com> > > -vlad > Signed-off-by: NWei Yongjun <yjwei@cn.fujitsu.com> Acked-by: NNeil Horman <nhorman@tuxdriver.com> Acked-by: NVlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 29 11月, 2007 2 次提交
-
-
由 Vlad Yasevich 提交于
SCTP-AUTH requires selection of CRYPTO, HMAC and SHA1 since SHA1 is a MUST requirement for AUTH. We also support SHA256, but that's optional, so fix the code to treat it as such. Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com>
-
由 Vlad Yasevich 提交于
In the case where no autheticated chunks were specified, we were still trying to verify that a given chunk needs authentication and doing so incorrectly. Add a check for parameter length to make sure we don't try to use an empty auth_chunks parameter to verify against. Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com>
-
- 29 10月, 2007 1 次提交
-
-
由 Al Viro 提交于
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk> Acked-by: NDavid S. Miller <davem@davemloft.net> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
- 27 10月, 2007 1 次提交
-
-
由 Herbert Xu 提交于
This patch fixes the errors made in the users of the crypto layer during the sg_init_table conversion. It also adds a few conversions that were missing altogether. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 26 10月, 2007 1 次提交
-
-
由 Adrian Bunk 提交于
This patch makes three needlessly global functions static. Signed-off-by: NAdrian Bunk <bunk@kernel.org> Acked-by: NVlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 24 10月, 2007 1 次提交
-
-
由 Jens Axboe 提交于
Most drivers need to set length and offset as well, so may as well fold those three lines into one. Add sg_assign_page() for those two locations that only needed to set the page, where the offset/length is set outside of the function context. Signed-off-by: NJens Axboe <jens.axboe@oracle.com>
-
- 23 10月, 2007 1 次提交
-
-
由 Jens Axboe 提交于
Signed-off-by: NJens Axboe <jens.axboe@oracle.com>
-
- 11 10月, 2007 2 次提交
-
-
由 Vlad Yasevich 提交于
Add SCTP-AUTH API. The API implemented here was agreed to between implementors at the 9th SCTP Interop. It will be documented in the next revision of the SCTP socket API spec. Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Vlad Yasevich 提交于
This patch implements the internals operations of the AUTH, such as key computation and storage. It also adds necessary variables to the SCTP data structures. Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-