lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Fri, 22 Nov 2013 21:19:10 +0400
From:	Sergei Shtylyov <sergei.shtylyov@...entembedded.com>
To:	Pablo Neira Ayuso <pablo@...filter.org>,
	netfilter-devel@...r.kernel.org
CC:	davem@...emloft.net, netdev@...r.kernel.org
Subject: Re: [PATCH 3/7] netfilter: synproxy: correct wscale option passing

Hello.

On 21-11-2013 13:05, Pablo Neira Ayuso wrote:

> From: Martin Topholm <mph@....com>

> Timestamp are used to store additional syncookie parameters such as sack,
> ecn, and wscale. The wscale value we need to encode is the client's
> wscale, since we can't recover that later in the session. Next overwrite
> the wscale option so the later synproxy_send_client_synack will send
> the backend's wscale to the client.

> Signed-off-by: Martin Topholm <mph@....com>
> Reviewed-by: Jesper Dangaard Brouer <brouer@...hat.com>
> Signed-off-by: Pablo Neira Ayuso <pablo@...filter.org>
> ---
>   net/netfilter/nf_synproxy_core.c |    7 ++++---
>   1 file changed, 4 insertions(+), 3 deletions(-)

> diff --git a/net/netfilter/nf_synproxy_core.c b/net/netfilter/nf_synproxy_core.c
> index cdf4567..9858e3e 100644
> --- a/net/netfilter/nf_synproxy_core.c
> +++ b/net/netfilter/nf_synproxy_core.c
> @@ -151,9 +151,10 @@ void synproxy_init_timestamp_cookie(const struct xt_synproxy_info *info,
>   	opts->tsecr = opts->tsval;
>   	opts->tsval = tcp_time_stamp & ~0x3f;
>
> -	if (opts->options & XT_SYNPROXY_OPT_WSCALE)
> -		opts->tsval |= info->wscale;
> -	else
> +	if (opts->options & XT_SYNPROXY_OPT_WSCALE) {
> +		opts->tsval |= opts->wscale;
> +		opts->wscale = info->wscale;
> +	} else
>   		opts->tsval |= 0xf;

    According to Documentation/CodingStyle, both arms of *if* statement should 
have {} if one arm has it.

WBR, Sergei

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ