| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <48513BA4.9030403@hp.com> Date: Thu, 12 Jun 2008 11:07:16 -0400 From: Vlad Yasevich <vladislav.yasevich@...com> To: Gui Jianfeng <guijianfeng@...fujitsu.com> Cc: David Miller <davem@...emloft.net>, linux-sctp@...r.kernel.org, netdev <netdev@...r.kernel.org> Subject: Re: [PATCH] SCTP: enable cookie-echo retransmission transport switch Gui Jianfeng wrote: > Vlad, > This patch enables cookie-echo retransmission transport switch > feature. If COOKIE-ECHO retransmission happens, it will be sent > to the address other than the one last sent to. > NAK. You can't blindly choose a different transport since they could be unconfirmed and can't really be used until we confirm them with HBs. So, you can only do this when the user issued an sctp_connectx() and we have multiple confirmed transports. In this case only confirmed transports are allowed, otherwise there is a possibility of hijacking associations. Also, looking at this, the same problem exists in current code for selection INIT transports. We don't correctly treat peers passed to connectx() as confirmed and don't select the correct transport. Once you fix that above, you can just re-use the function and re-use init_last_sent_to. -vlad -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists