From bbd0d59809f923ea2b540cbd781b32110e249f6e Mon Sep 17 00:00:00 2001 From: Vlad Yasevich Date: Wed, 3 Oct 2007 17:51:34 -0700 Subject: [SCTP]: Implement the receive and verification of AUTH chunk This patch implements the receive path needed to process authenticated chunks. Add ability to process the AUTH chunk and handle edge cases for authenticated COOKIE-ECHO as well. Signed-off-by: Vlad Yasevich Signed-off-by: David S. Miller --- include/net/sctp/constants.h | 4 +++- include/net/sctp/sm.h | 1 + include/net/sctp/structs.h | 8 ++++++++ 3 files changed, 12 insertions(+), 1 deletion(-) (limited to 'include/net') diff --git a/include/net/sctp/constants.h b/include/net/sctp/constants.h index 777118f06db..da8354e8e33 100644 --- a/include/net/sctp/constants.h +++ b/include/net/sctp/constants.h @@ -183,7 +183,9 @@ typedef enum { SCTP_IERROR_NO_DATA, SCTP_IERROR_BAD_STREAM, SCTP_IERROR_BAD_PORTS, - + SCTP_IERROR_AUTH_BAD_HMAC, + SCTP_IERROR_AUTH_BAD_KEYID, + SCTP_IERROR_PROTO_VIOLATION, } sctp_ierror_t; diff --git a/include/net/sctp/sm.h b/include/net/sctp/sm.h index 148cdb4b960..bf2f5ed69c1 100644 --- a/include/net/sctp/sm.h +++ b/include/net/sctp/sm.h @@ -143,6 +143,7 @@ sctp_state_fn_t sctp_sf_do_asconf_ack; sctp_state_fn_t sctp_sf_do_9_2_reshutack; sctp_state_fn_t sctp_sf_eat_fwd_tsn; sctp_state_fn_t sctp_sf_eat_fwd_tsn_fast; +sctp_state_fn_t sctp_sf_eat_auth; /* Prototypes for primitive event state functions. */ sctp_state_fn_t sctp_sf_do_prm_asoc; diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h index 31841c3a7fe..47e54f8e2b6 100644 --- a/include/net/sctp/structs.h +++ b/include/net/sctp/structs.h @@ -724,6 +724,13 @@ struct sctp_chunk { */ struct sctp_transport *transport; + /* SCTP-AUTH: For the special case inbound processing of COOKIE-ECHO + * we need save a pointer to the AUTH chunk, since the SCTP-AUTH + * spec violates the principle premis that all chunks are processed + * in order. + */ + struct sk_buff *auth_chunk; + __u8 rtt_in_progress; /* Is this chunk used for RTT calculation? */ __u8 resent; /* Has this chunk ever been retransmitted. */ __u8 has_tsn; /* Does this chunk have a TSN yet? */ @@ -1067,6 +1074,7 @@ void sctp_inq_init(struct sctp_inq *); void sctp_inq_free(struct sctp_inq *); void sctp_inq_push(struct sctp_inq *, struct sctp_chunk *packet); struct sctp_chunk *sctp_inq_pop(struct sctp_inq *); +struct sctp_chunkhdr *sctp_inq_peek(struct sctp_inq *); void sctp_inq_set_th_handler(struct sctp_inq *, work_func_t); /* This is the structure we use to hold outbound chunks. You push -- cgit