diff options
author | Moonchild <moonchild@palemoon.org> | 2020-05-06 10:54:14 +0000 |
---|---|---|
committer | wolfbeast <mcwerewolf@wolfbeast.com> | 2020-05-06 19:16:40 +0200 |
commit | 82b6d2cf9d50a0eaf15697501f62848cf6316c07 (patch) | |
tree | 76901a9a5d241ba5f8540fbe4be1a50948da7a32 | |
parent | 09b4a7828e91f69069b4241b7d465266d930476b (diff) | |
download | UXP-82b6d2cf9d50a0eaf15697501f62848cf6316c07.tar UXP-82b6d2cf9d50a0eaf15697501f62848cf6316c07.tar.gz UXP-82b6d2cf9d50a0eaf15697501f62848cf6316c07.tar.lz UXP-82b6d2cf9d50a0eaf15697501f62848cf6316c07.tar.xz UXP-82b6d2cf9d50a0eaf15697501f62848cf6316c07.zip |
[WebRTC] Port some upstream sctp fixes
- add SCTP auth token boundary check.
- turn off SCTP auth and address reconfiguration.
-rw-r--r-- | netwerk/sctp/datachannel/DataChannel.cpp | 7 | ||||
-rwxr-xr-x | netwerk/sctp/src/netinet/sctp_input.c | 22 |
2 files changed, 22 insertions, 7 deletions
diff --git a/netwerk/sctp/datachannel/DataChannel.cpp b/netwerk/sctp/datachannel/DataChannel.cpp index 19be43d1c..4797353ca 100644 --- a/netwerk/sctp/datachannel/DataChannel.cpp +++ b/netwerk/sctp/datachannel/DataChannel.cpp @@ -354,6 +354,13 @@ DataChannelConnection::Init(unsigned short aPort, uint16_t aNumStreams, bool aUs usrsctp_sysctl_set_sctp_blackhole(2); // ECN is currently not supported by the Firefox code usrsctp_sysctl_set_sctp_ecn_enable(0); + + // Disabling authentication and dynamic address reconfiguration as neither + // of them are used for data channel and only result in additional code + // paths being used. + usrsctp_sysctl_set_sctp_asconf_enable(0); + usrsctp_sysctl_set_sctp_auth_enable(0); + sctp_initialized = true; RefPtr<DataChannelShutdown> shutdown = new DataChannelShutdown(); diff --git a/netwerk/sctp/src/netinet/sctp_input.c b/netwerk/sctp/src/netinet/sctp_input.c index 54f2f9ba3..1301b430c 100755 --- a/netwerk/sctp/src/netinet/sctp_input.c +++ b/netwerk/sctp/src/netinet/sctp_input.c @@ -2073,7 +2073,7 @@ sctp_process_cookie_new(struct mbuf *m, int iphlen, int offset, int init_offset, initack_offset, initack_limit; int retval; int error = 0; - uint8_t auth_chunk_buf[SCTP_PARAM_BUFFER_SIZE]; + uint8_t auth_chunk_buf[SCTP_CHUNK_BUFFER_SIZE]; #if defined(__APPLE__) || defined(SCTP_SO_LOCK_TESTING) struct socket *so; @@ -2264,8 +2264,12 @@ sctp_process_cookie_new(struct mbuf *m, int iphlen, int offset, if (auth_skipped) { struct sctp_auth_chunk *auth; - auth = (struct sctp_auth_chunk *) - sctp_m_getptr(m, auth_offset, auth_len, auth_chunk_buf); + if (auth_len <= SCTP_CHUNK_BUFFER_SIZE) { + auth = (struct sctp_auth_chunk *) + sctp_m_getptr(m, auth_offset, auth_len, auth_chunk_buf); + } else { + auth = NULL; + } if ((auth == NULL) || sctp_handle_auth(stcb, auth, m, auth_offset)) { /* auth HMAC failed, dump the assoc and packet */ SCTPDBG(SCTP_DEBUG_AUTH1, @@ -4655,11 +4659,15 @@ sctp_process_control(struct mbuf *m, int iphlen, int *offset, int length, if (auth_skipped && (stcb != NULL)) { struct sctp_auth_chunk *auth; - auth = (struct sctp_auth_chunk *) - sctp_m_getptr(m, auth_offset, + if (auth_len <= SCTP_CHUNK_BUFFER_SIZE) { + auth = (struct sctp_auth_chunk *) + sctp_m_getptr(m, auth_offset, auth_len, chunk_buf); - got_auth = 1; - auth_skipped = 0; + got_auth = 1; + auth_skipped = 0; + } else { + auth = NULL; + } if ((auth == NULL) || sctp_handle_auth(stcb, auth, m, auth_offset)) { /* auth HMAC failed so dump it */ |