commit 610ab73ac4cc8912fc253bbdc6d1f74bad3c8e3a · tjh.dev/kernel

tjh.dev / kernel

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

[SCTP]: Correctly handle unexpected INIT-ACK chunk.

Consider the chunk as Out-of-the-Blue if we don't have
an endpoint. Otherwise discard it as before.

Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by Vlad Yasevich and committed by David S. Miller 19 years ago 610ab73a d023f629

+24 -1

3 changed files

expand all

unified split

include

net

sctp

sm.h

net

sctp

sm_statefuns.c

sm_statetable.c

include/net/sctp/sm.h

··· 134 134 sctp_state_fn_t sctp_sf_discard_chunk; 135 135 sctp_state_fn_t sctp_sf_do_5_2_1_siminit; 136 136 sctp_state_fn_t sctp_sf_do_5_2_2_dupinit; 137 + sctp_state_fn_t sctp_sf_do_5_2_3_initack; 137 138 sctp_state_fn_t sctp_sf_do_5_2_4_dupcook; 138 139 sctp_state_fn_t sctp_sf_unk_chunk; 139 140 sctp_state_fn_t sctp_sf_do_8_5_1_E_sa;

+22

net/sctp/sm_statefuns.c

··· 1534 1534 } 1535 1535 1536 1536 1537 + /* 1538 + * Unexpected INIT-ACK handler. 1539 + * 1540 + * Section 5.2.3 1541 + * If an INIT ACK received by an endpoint in any state other than the 1542 + * COOKIE-WAIT state, the endpoint should discard the INIT ACK chunk. 1543 + * An unexpected INIT ACK usually indicates the processing of an old or 1544 + * duplicated INIT chunk. 1545 + */ 1546 + sctp_disposition_t sctp_sf_do_5_2_3_initack(const struct sctp_endpoint *ep, 1547 + const struct sctp_association *asoc, 1548 + const sctp_subtype_t type, 1549 + void *arg, sctp_cmd_seq_t *commands) 1550 + { 1551 + /* Per the above section, we'll discard the chunk if we have an 1552 + * endpoint. If this is an OOTB INIT-ACK, treat it as such. 1553 + */ 1554 + if (ep == sctp_sk((sctp_get_ctl_sock()))->ep) 1555 + return sctp_sf_ootb(ep, asoc, type, arg, commands); 1556 + else 1557 + return sctp_sf_discard_chunk(ep, asoc, type, arg, commands); 1558 + } 1537 1559 1538 1560 /* Unexpected COOKIE-ECHO handler for peer restart (Table 2, action 'A') 1539 1561 *

+1 -1

net/sctp/sm_statetable.c

··· 152 152 /* SCTP_STATE_EMPTY */ \ 153 153 TYPE_SCTP_FUNC(sctp_sf_ootb), \ 154 154 /* SCTP_STATE_CLOSED */ \ 155 - TYPE_SCTP_FUNC(sctp_sf_discard_chunk), \ 155 + TYPE_SCTP_FUNC(sctp_sf_do_5_2_3_initack), \ 156 156 /* SCTP_STATE_COOKIE_WAIT */ \ 157 157 TYPE_SCTP_FUNC(sctp_sf_do_5_1C_ack), \ 158 158 /* SCTP_STATE_COOKIE_ECHOED */ \