diff options
author | Wei Yongjun <yjwei@cn.fujitsu.com> | 2008-06-19 23:07:48 (GMT) |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2008-06-19 23:07:48 (GMT) |
commit | 7115e632f90952454ab6426e0d2151327162a30f (patch) | |
tree | 73e075f91f62d980c6eab66b549f0ec381f75891 /net/sctp/auth.c | |
parent | 0344f1c66b544609e867bd24aa7bfa789dfa9830 (diff) | |
download | linux-7115e632f90952454ab6426e0d2151327162a30f.tar.xz |
sctp: Validate Initiate Tag when handling ICMP message
This patch add to validate initiate tag and chunk type if verification
tag is 0 when handling ICMP message.
RFC 4960, Appendix C. ICMP Handling
ICMP6) An implementation MUST validate that the Verification Tag
contained in the ICMP message matches the Verification Tag of the peer.
If the Verification Tag is not 0 and does NOT match, discard the ICMP
message. If it is 0 and the ICMP message contains enough bytes to
verify that the chunk type is an INIT chunk and that the Initiate Tag
matches the tag of the peer, continue with ICMP7. If the ICMP message
is too short or the chunk type or the Initiate Tag does not match,
silently discard the packet.
Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com>
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/sctp/auth.c')
0 files changed, 0 insertions, 0 deletions