From d2f19fa13ee5e78d4195a771f8f1ff7d42a80740 Mon Sep 17 00:00:00 2001 From: Wei Yongjun Date: Tue, 5 Feb 2008 03:02:26 -0800 Subject: [PATCH] [SCTP]: Fix kernel panic while received AUTH chunk while enabled auth If STCP is started while /proc/sys/net/sctp/auth_enable is set 0 and association is established between endpoints. Then if /proc/sys/net/sctp/auth_enable is set 1, a received AUTH chunk will cause kernel panic. Test as following: step 1: echo 0> /proc/sys/net/sctp/auth_enable step 2: SCTP client SCTP server INIT ---------> <--------- INIT-ACK COOKIE-ECHO ---------> <--------- COOKIE-ACK step 3: echo 1> /proc/sys/net/sctp/auth_enable step 4: SCTP client SCTP server AUTH -----------> Kernel Panic This patch fix this probleam to treat AUTH chunk as unknow chunk if peer has initialized with no auth capable. > Sorry for the delay. Was on vacation without net access. > > Wei Yongjun wrote: >> >> >> This patch fix this probleam to treat AUTH chunk as unknow chunk if >> peer has initialized with no auth capable. >> >> Signed-off-by: Wei Yongjun > > Acked-by: Vlad Yasevich > >> Signed-off-by: Wei Yongjun Acked-by: Vlad Yasevich Signed-off-by: David S. Miller --- net/sctp/sm_statefuns.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c index 5df0c4bd415b..f98658782d4f 100644 --- a/net/sctp/sm_statefuns.c +++ b/net/sctp/sm_statefuns.c @@ -3865,6 +3865,10 @@ sctp_disposition_t sctp_sf_eat_auth(const struct sctp_endpoint *ep, struct sctp_chunk *err_chunk; sctp_ierror_t error; + /* Make sure that the peer has AUTH capable */ + if (!asoc->peer.auth_capable) + return sctp_sf_unk_chunk(ep, asoc, type, arg, commands); + if (!sctp_vtag_verify(chunk, asoc)) { sctp_add_cmd_sf(commands, SCTP_CMD_REPORT_BAD_TAG, SCTP_NULL()); -- GitLab