[SCTP]: Fix kernel panic while received AUTH chunk while enabled auth

Tue, 05 Feb 2008 12:09:37 -0800 

Gitweb:     
http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d2f19fa13ee5e78d4195a771f8f1ff7d42a80740
Commit:     d2f19fa13ee5e78d4195a771f8f1ff7d42a80740
Parent:     b9c4d82a853713d49ac53b507964d7cf30ee408d
Author:     Wei Yongjun <[EMAIL PROTECTED]>
AuthorDate: Tue Feb 5 03:02:26 2008 -0800
Committer:  David S. Miller <[EMAIL PROTECTED]>
CommitDate: Tue Feb 5 03:02:26 2008 -0800

    [SCTP]: Fix kernel panic while received AUTH chunk while enabled auth
    
    If STCP is started while /proc/sys/net/sctp/auth_enable is set 0 and
    association is established between endpoints. Then if
    /proc/sys/net/sctp/auth_enable is set 1, a received AUTH chunk will
    cause kernel panic.
    
    Test as following:
    step 1: echo 0> /proc/sys/net/sctp/auth_enable
    step 2:
    
       SCTP client                  SCTP server
          INIT          --------->
                        <---------   INIT-ACK
          COOKIE-ECHO   --------->
                        <---------   COOKIE-ACK
    step 3:
        echo 1> /proc/sys/net/sctp/auth_enable
    step 4:
       SCTP client                  SCTP server
           AUTH        ----------->  Kernel Panic
    
    
    This patch fix this probleam to treat AUTH chunk as unknow chunk if peer
    has initialized with no auth capable.
    
    > Sorry for the delay.  Was on vacation without net access.
    >
    > Wei Yongjun wrote:
    >>
    >>
    >> This patch fix this probleam to treat AUTH chunk as unknow chunk if
    >> peer has initialized with no auth capable.
    >>
    >> Signed-off-by: Wei Yongjun <[EMAIL PROTECTED]>
    >
    > Acked-by: Vlad Yasevich <[EMAIL PROTECTED]>
    >
    >>
    
    Signed-off-by: Wei Yongjun <[EMAIL PROTECTED]>
    Acked-by: Vlad Yasevich <[EMAIL PROTECTED]>
    Signed-off-by: David S. Miller <[EMAIL PROTECTED]>
---
 net/sctp/sm_statefuns.c |    4 ++++
 1 files changed, 4 insertions(+), 0 deletions(-)

diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c
index 5df0c4b..f986587 100644
--- a/net/sctp/sm_statefuns.c
+++ b/net/sctp/sm_statefuns.c
@@ -3865,6 +3865,10 @@ sctp_disposition_t sctp_sf_eat_auth(const struct 
sctp_endpoint *ep,
        struct sctp_chunk *err_chunk;
        sctp_ierror_t error;
 
+       /* Make sure that the peer has AUTH capable */
+       if (!asoc->peer.auth_capable)
+               return sctp_sf_unk_chunk(ep, asoc, type, arg, commands);
+
        if (!sctp_vtag_verify(chunk, asoc)) {
                sctp_add_cmd_sf(commands, SCTP_CMD_REPORT_BAD_TAG,
                                SCTP_NULL());
-
To unsubscribe from this list: send the line "unsubscribe git-commits-head" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to