| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20170829222954.24863-1-colona@arista.com>
Date: Tue, 29 Aug 2017 15:29:52 -0700
From: Ivan Delalande <colona@...sta.com>
To: David Miller <davem@...emloft.net>
Cc: Eric Dumazet <eric.dumazet@...il.com>, netdev@...r.kernel.org,
Ivan Delalande <colona@...sta.com>
Subject: [PATCH net-next v3 0/2] report TCP MD5 signing keys and addresses
Allow userspace to retrieve MD5 signature keys and addresses configured
on TCP sockets through inet_diag.
Thank you Eric Dumazet for the useful explanations and feedback.
v3: - rename inet_diag_*md5sig in tcp_diag.c to tcp_diag_* for
consistency,
- don't lock the socket tcp_diag_put_md5sig,
- add checks on md5sig_count in tcp_diag_put_md5sig to not create
the netlink attribute if the list is empty, and to avoid overflows
or memory leaks if the list has changed in the meantime.
v2: - move changes to tcp_diag.c and extend inet_diag_handler to allow
protocols to provide additional data on INET_DIAG_INFO,
- lock socket before calling tcp_diag_put_md5sig.
I also have a patch for iproute2/ss to test this change, making it print
this new attribute. I'm planning to polish and send it if this series
gets applied.
Ivan Delalande (2):
inet_diag: allow protocols to provide additional data
tcp_diag: report TCP MD5 signing keys and addresses
include/linux/inet_diag.h | 7 +++
include/uapi/linux/inet_diag.h | 1 +
net/ipv4/inet_diag.c | 22 ++++++--
net/ipv4/tcp_diag.c | 115 ++++++++++++++++++++++++++++++++++++++---
4 files changed, 135 insertions(+), 10 deletions(-)
--
2.14.1
Powered by blists - more mailing lists