summaryrefslogtreecommitdiffstats
path: root/netwerk/sctp
diff options
context:
space:
mode:
Diffstat (limited to 'netwerk/sctp')
-rwxr-xr-xnetwerk/sctp/src/netinet/sctp_input.c21
-rwxr-xr-xnetwerk/sctp/src/netinet/sctp_output.c21
2 files changed, 42 insertions, 0 deletions
diff --git a/netwerk/sctp/src/netinet/sctp_input.c b/netwerk/sctp/src/netinet/sctp_input.c
index 1301b430c..f469e0f5c 100755
--- a/netwerk/sctp/src/netinet/sctp_input.c
+++ b/netwerk/sctp/src/netinet/sctp_input.c
@@ -2517,6 +2517,27 @@ sctp_handle_cookie_echo(struct mbuf *m, int iphlen, int offset,
/* cookie too small */
return (NULL);
}
+#if defined(__Userspace__)
+ /*
+ * Recover the AF_CONN addresses within the cookie.
+ * This needs to be done in the buffer provided for later processing
+ * of the cookie and in the mbuf chain for HMAC validation.
+ */
+ if ((cookie->addr_type == SCTP_CONN_ADDRESS) && (src->sa_family == AF_CONN)) {
+ struct sockaddr_conn *sconnp = (struct sockaddr_conn *)src;
+
+ memcpy(cookie->address, &sconnp->sconn_addr , sizeof(void *));
+ m_copyback(m, cookie_offset + offsetof(struct sctp_state_cookie, address),
+ (int)sizeof(void *), (caddr_t)&sconnp->sconn_addr);
+ }
+ if ((cookie->laddr_type == SCTP_CONN_ADDRESS) && (dst->sa_family == AF_CONN)) {
+ struct sockaddr_conn *sconnp = (struct sockaddr_conn *)dst;
+
+ memcpy(cookie->laddress, &sconnp->sconn_addr , sizeof(void *));
+ m_copyback(m, cookie_offset + offsetof(struct sctp_state_cookie, laddress),
+ (int)sizeof(void *), (caddr_t)&sconnp->sconn_addr);
+ }
+#endif
/*
* split off the signature into its own mbuf (since it should not be
* calculated in the sctp_hmac_m() call).
diff --git a/netwerk/sctp/src/netinet/sctp_output.c b/netwerk/sctp/src/netinet/sctp_output.c
index 49447fa9d..3f1a9525d 100755
--- a/netwerk/sctp/src/netinet/sctp_output.c
+++ b/netwerk/sctp/src/netinet/sctp_output.c
@@ -6492,6 +6492,27 @@ sctp_send_initiate_ack(struct sctp_inpcb *inp, struct sctp_tcb *stcb,
(uint8_t *)inp->sctp_ep.secret_key[(int)(inp->sctp_ep.current_secret_number)],
SCTP_SECRET_SIZE, m_cookie, sizeof(struct sctp_paramhdr),
(uint8_t *)signature, SCTP_SIGNATURE_SIZE);
+#if defined(__Userspace__)
+ /*
+ * Don't put AF_CONN addresses on the wire, in case this is critical
+ * for the application. However, they are protected by the HMAC and
+ * need to be reconstructed before checking the HMAC.
+ * Clearing is only done in the mbuf chain, since the local stc is
+ * not used anymore.
+ */
+ if (stc.addr_type == SCTP_CONN_ADDRESS) {
+ const void *p = NULL;
+
+ m_copyback(m_cookie, sizeof(struct sctp_paramhdr) + offsetof(struct sctp_state_cookie, address),
+ (int)sizeof(void *), (caddr_t)&p);
+ }
+ if (stc.laddr_type == SCTP_CONN_ADDRESS) {
+ const void *p = NULL;
+
+ m_copyback(m_cookie, sizeof(struct sctp_paramhdr) + offsetof(struct sctp_state_cookie, laddress),
+ (int)sizeof(void *), (caddr_t)&p);
+ }
+#endif
/*
* We sifa 0 here to NOT set IP_DF if its IPv4, we ignore the return
* here since the timer will drive a retranmission.