lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <47CEA5E9.80202@hp.com>
Date:	Wed, 05 Mar 2008 08:53:45 -0500
From:	Vlad Yasevich <vladislav.yasevich@...com>
To:	Gui Jianfeng <guijianfeng@...fujitsu.com>
Cc:	netdev <netdev@...r.kernel.org>, David Miller <davem@...emloft.net>
Subject: Re: [PATCH] SCTP: Fix chunk parameter processing bug

Gui Jianfeng wrote:
> If an address family is not listed in "Supported Address Types" parameter(INIT Chunk), 
> but the packet is sent by that family, this address family should be considered as supported by peer.
> Otherwise, an error condition will occur. For instance, if kernel receives an IPV6 SCTP INIT chunk with
> "Support Address Types" parameter which indicates just supporting IPV4 Address family. Kernel will reply
> an IPV6 SCTP INIT ACK packet, but the source ipv6 address in ipv6 header will be vacant. This is not correct.
> 
> refer to RFC4460 as following:
>       IMPLEMENTATION NOTE: If an SCTP endpoint lists in the 'Supported
>       Address Types' parameter either IPv4 or IPv6, but uses the other
>       family for sending the packet containing the INIT chunk, or if it
>       also lists addresses of the other family in the INIT chunk, then
>       the address family that is not listed in the 'Supported Address
>       Types' parameter SHOULD also be considered as supported by the
>       receiver of the INIT chunk.  The receiver of the INIT chunk SHOULD
>       NOT respond with any kind of error indication.
> 
> Here is a fix to comply to RFC.
> 
> Signed-off-by: Gui Jianfeng <guijianfeng@...fujitsu.com>

Acked-by: Vlad Yasevich <vladislav.yasevich@...com>

Thanks for catching this.
-vlad

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ