summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVlad Yasevich <vladislav.yasevich@hp.com>2008-01-07 00:27:45 -0800
committerDavid S. Miller <davem@davemloft.net>2008-01-08 23:30:03 -0800
commit6df9cfc1ad45839e2a11330ab354330c6128cb73 (patch)
treeb605e2e3d0d664c81f3a4e2b04868b6ad1664c78
parentf691724c4d3b150bfa9cc8a969ea2020e20dfb12 (diff)
downloadlinux-6df9cfc1ad45839e2a11330ab354330c6128cb73.tar.bz2
[SCTP]: Correctly handle AUTH parameters in unexpected INIT
When processing an unexpected INIT chunk, we do not need to do any preservation of the old AUTH parameters. In fact, doing such preservations will nullify AUTH and allow connection stealing. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/sctp/sm_statefuns.c22
1 files changed, 0 insertions, 22 deletions
diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c
index 5fb84778846d..d247ed4ee423 100644
--- a/net/sctp/sm_statefuns.c
+++ b/net/sctp/sm_statefuns.c
@@ -1309,26 +1309,6 @@ static void sctp_tietags_populate(struct sctp_association *new_asoc,
new_asoc->c.initial_tsn = asoc->c.initial_tsn;
}
-static void sctp_auth_params_populate(struct sctp_association *new_asoc,
- const struct sctp_association *asoc)
-{
- /* Only perform this if AUTH extension is enabled */
- if (!sctp_auth_enable)
- return;
-
- /* We need to provide the same parameter information as
- * was in the original INIT. This means that we need to copy
- * the HMACS, CHUNKS, and RANDOM parameter from the original
- * assocaition.
- */
- memcpy(new_asoc->c.auth_random, asoc->c.auth_random,
- sizeof(asoc->c.auth_random));
- memcpy(new_asoc->c.auth_hmacs, asoc->c.auth_hmacs,
- sizeof(asoc->c.auth_hmacs));
- memcpy(new_asoc->c.auth_chunks, asoc->c.auth_chunks,
- sizeof(asoc->c.auth_chunks));
-}
-
/*
* Compare vtag/tietag values to determine unexpected COOKIE-ECHO
* handling action.
@@ -1486,8 +1466,6 @@ static sctp_disposition_t sctp_sf_do_unexpected_init(
sctp_tietags_populate(new_asoc, asoc);
- sctp_auth_params_populate(new_asoc, asoc);
-
/* B) "Z" shall respond immediately with an INIT ACK chunk. */
/* If there are errors need to be reported for unknown parameters,