Hi Everyone,
Currently in tcp_rcv(), it seems that both unencrypted and encrypted packets
can be processed even when key/master_key is set.
After the key is set, which means all packets going out will be encrypted, to
respond to the unencrypted packets with encrypted packets doesn't seem
normal, from my point of view.
Besides, it may cause some potential security issues if the local node can
still receive unencrypted packets after the key is set, such as the CVE
one fixed by:
fa40d9734a57 ("tipc: fix size validations for the MSG_CRYPTO type")
So I'm thinking of only accepting the encrypted packets if any key is
set on the local node. But I'm not sure if we have any other cases
needing it to accept both kinds of packets, anyone know? Tuong?
Thanks.
_______________________________________________
tipc-discussion mailing list
tipc-discussion@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tipc-discussion
