diff options
| author | David S. Miller <davem@davemloft.net> | 2017-04-18 13:39:51 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2017-04-18 13:39:51 -0400 |
| commit | 3a9ca1e2cba02365d93a8cf7bdda04c05a637f1b (patch) | |
| tree | 0f59585517a6666b758588f06c413f12b75c1f89 /include | |
| parent | b89f04c61efe3b7756434d693b9203cc0cce002e (diff) | |
| parent | 6c80138773efff75ee9598b4ebcd7aa0e3a5a2a3 (diff) | |
Merge branch 'sctp-dup-stream-reconf-events'
Xin Long says:
====================
sctp: add proper process for duplicated stream reconf requests
Now sctp stream reconf will process a request again even if it's seqno
is less than asoc->strreset_inseq. It may cause a replay attack.
This patchset is to avoid it by add proper process for all duplicated
stream reconf requests.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include')
| -rw-r--r-- | include/net/sctp/structs.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h index b751399aa6b7..a8b38e123f97 100644 --- a/include/net/sctp/structs.h +++ b/include/net/sctp/structs.h @@ -1889,6 +1889,7 @@ struct sctp_association { __u32 strreset_outseq; /* Update after receiving response */ __u32 strreset_inseq; /* Update after receiving request */ + __u32 strreset_result[2]; /* save the results of last 2 responses */ struct sctp_chunk *strreset_chunk; /* save request chunk */ |