lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <48D31609.2090406@hp.com>
Date:	Thu, 18 Sep 2008 23:01:29 -0400
From:	Vlad Yasevich <vladislav.yasevich@...com>
To:	David Miller <davem@...emloft.net>
Cc:	linux-sctp@...r.kernel.org,
	lksctp-developers@...ts.sourceforge.net, netdev@...r.kernel.org
Subject: Re: [PATCH 1/2] sctp: do not enable peer features if we can't do
 them.

David Miller wrote:
> From: Vlad Yasevich <vladislav.yasevich@...com>
> Date: Thu, 18 Sep 2008 17:31:03 -0400
> 
>> Do not enable peer features like addip and auth, if they
>> are administratively disabled localy.  If the peer resports
>> that he supports something that we don't, neither end can
>> use it so enabling it is pointless.  This solves a problem
>> when talking to a peer that has auth and addip enabled while
>> we do not.  Found by Andrei Pelinescu-Onciul <andrei@...el.org>.
>>
>> Signed-off-by: Vlad Yasevich <vladislav.yasevich@...com>
> 
> I applied this, but it is at best borderline for outside the
> merge window.  It doesn't fix an OOPS nor a security issue nor
> an entry in the 2.6.x regression list, therefore strictly speaking
> this fix is not appropriate at this time.
> 
> Please apply this criteria when deciding whether to submit future
> fixes for net-2.6 inclusion.
> 

It is a major interoperability issue.  With the default sysctl settings,
we can not establish connection to BSD systems.  Yes, there is a workaround
of turning on the 2 required sysctl settings, but that is totally suboptimal.

I've thought about this fix for a while, and in my opinion, the interoperability
problem is large enough to warrant the fix at this time and the backport to
table.

Of course you are free to not include this in net-2.6, but I hope you will.

Thanks
-vlad
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ