lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Fri, 21 Sep 2007 14:03:01 +0800
From:	lepton <ytht.net@...il.com>
To:	David Stevens <dlstevens@...ibm.com>
Cc:	lepton <ytht.net@...il.com>, lkm <linux-kernel@...r.kernel.org>,
	netdev@...r.kernel.org, netdev-owner@...r.kernel.org
Subject: Re: [PATCH RESEND] 2.6.22.6 networking [ipv4]: fix wrong destination when reply packetes

Now icmp_reply is only called by icmp_echo and icmp_timestamp
ip_send_reply is only called by tcp_v4_send_reset and tcp_v4_send_ack

I think in all situations the ip_hdr(skb)->saddr is set and should
be the destination of reply packets.

If using rt->rt_src as destination is correct in some situation, 
can anyone give me a example? 

I think perhaps it is a copy and paste from code like
ip_build_and_send_pkt, but reply packets in these situations 
(icmp_echo and icmp_timestamp and tcp_v4_send_ack and tcp_v4_send_reset) 
is diffrent, I think we can just use ip_hdr(skb)->saddr as 
destination address.

On Thu, Sep 20, 2007 at 09:35:09PM -0700, David Stevens wrote:
> I'm not sure why it's using rt_src here, but there are relevant cases that
> your description doesn't cover. For example, what happens if  the source
> is not set in the original packet?  Does NAT affect this?
> 
> You quote RFC text for ICMP echo and the case where the receiving machine
> is the final destination, but you're modifying code that is used for all 
> ICMP
> types and used for ICMP errors generated when acting as an intermediate
> router.
> 
> In ordinary cases, and certainly with ICMP echo when the source is set in
> the original packet and no rewriting is going on (and the address is not 
> spoofed),
> using the original source as the destination is fine. But have you tested 
> or
> considered the other cases?
> 
>                                                 +-DLS
> 
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ