| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 28 Jan 2019 15:08:40 +0800
From: Xin Long <lucien.xin@...il.com>
To: network dev <netdev@...r.kernel.org>, linux-sctp@...r.kernel.org
Cc: Marcelo Ricardo Leitner <marcelo.leitner@...il.com>,
Neil Horman <nhorman@...driver.com>, davem@...emloft.net
Subject: [PATCH net-next 18/24] sctp: use SCTP_FUTURE_ASSOC and add SCTP_CURRENT_ASSOC for SCTP_AUTH_ACTIVE_KEY sockopt
Check with SCTP_ALL_ASSOC instead in sctp_setsockopt_auth_key.
SCTP_CURRENT_ASSOC is supported for SCTP_AUTH_ACTIVE_KEY in this patch.
Signed-off-by: Xin Long <lucien.xin@...il.com>
---
net/sctp/socket.c | 29 ++++++++++++++++++++++++++---
1 file changed, 26 insertions(+), 3 deletions(-)
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index ec969c0..3345eb1 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -3832,8 +3832,9 @@ static int sctp_setsockopt_active_key(struct sock *sk,
unsigned int optlen)
{
struct sctp_endpoint *ep = sctp_sk(sk)->ep;
- struct sctp_authkeyid val;
struct sctp_association *asoc;
+ struct sctp_authkeyid val;
+ int ret = 0;
if (!ep->auth_enable)
return -EACCES;
@@ -3844,10 +3845,32 @@ static int sctp_setsockopt_active_key(struct sock *sk,
return -EFAULT;
asoc = sctp_id2assoc(sk, val.scact_assoc_id);
- if (!asoc && val.scact_assoc_id && sctp_style(sk, UDP))
+ if (!asoc && val.scact_assoc_id > SCTP_ALL_ASSOC &&
+ sctp_style(sk, UDP))
return -EINVAL;
- return sctp_auth_set_active_key(ep, asoc, val.scact_keynumber);
+ if (asoc)
+ return sctp_auth_set_active_key(ep, asoc, val.scact_keynumber);
+
+ if (val.scact_assoc_id == SCTP_FUTURE_ASSOC ||
+ val.scact_assoc_id == SCTP_ALL_ASSOC) {
+ ret = sctp_auth_set_active_key(ep, asoc, val.scact_keynumber);
+ if (ret)
+ return ret;
+ }
+
+ if (val.scact_assoc_id == SCTP_CURRENT_ASSOC ||
+ val.scact_assoc_id == SCTP_ALL_ASSOC) {
+ list_for_each_entry(asoc, &ep->asocs, asocs) {
+ int res = sctp_auth_set_active_key(ep, asoc,
+ val.scact_keynumber);
+
+ if (res && !ret)
+ ret = res;
+ }
+ }
+
+ return ret;
}
/*
--
2.1.0
Powered by blists - more mailing lists