| sctp_pcb.c (270361) | sctp_pcb.c (270362) |
|---|---|
| 1/*- 2 * Copyright (c) 2001-2008, by Cisco Systems, Inc. All rights reserved. 3 * Copyright (c) 2008-2012, by Randall Stewart. All rights reserved. 4 * Copyright (c) 2008-2012, by Michael Tuexen. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions are met: 8 * --- 17 unchanged lines hidden (view full) --- 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 30 * THE POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33#include <sys/cdefs.h> | 1/*- 2 * Copyright (c) 2001-2008, by Cisco Systems, Inc. All rights reserved. 3 * Copyright (c) 2008-2012, by Randall Stewart. All rights reserved. 4 * Copyright (c) 2008-2012, by Michael Tuexen. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions are met: 8 * --- 17 unchanged lines hidden (view full) --- 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 30 * THE POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33#include <sys/cdefs.h> |
| 34__FBSDID("$FreeBSD: stable/10/sys/netinet/sctp_pcb.c 270361 2014-08-22 20:16:26Z tuexen $"); | 34__FBSDID("$FreeBSD: stable/10/sys/netinet/sctp_pcb.c 270362 2014-08-22 20:22:12Z tuexen $"); |
| 35 36#include <netinet/sctp_os.h> 37#include <sys/proc.h> 38#include <netinet/sctp_var.h> 39#include <netinet/sctp_sysctl.h> 40#include <netinet/sctp_pcb.h> 41#include <netinet/sctputil.h> 42#include <netinet/sctp.h> --- 2437 unchanged lines hidden (view full) --- 2480 } 2481#endif 2482 inp->sctp_associd_counter = 1; 2483 inp->partial_delivery_point = SCTP_SB_LIMIT_RCV(so) >> SCTP_PARTIAL_DELIVERY_SHIFT; 2484 inp->sctp_frag_point = SCTP_DEFAULT_MAXSEGMENT; 2485 inp->sctp_cmt_on_off = SCTP_BASE_SYSCTL(sctp_cmt_on_off); 2486 inp->ecn_supported = (uint8_t) SCTP_BASE_SYSCTL(sctp_ecn_enable); 2487 inp->prsctp_supported = (uint8_t) SCTP_BASE_SYSCTL(sctp_pr_enable); | 35 36#include <netinet/sctp_os.h> 37#include <sys/proc.h> 38#include <netinet/sctp_var.h> 39#include <netinet/sctp_sysctl.h> 40#include <netinet/sctp_pcb.h> 41#include <netinet/sctputil.h> 42#include <netinet/sctp.h> --- 2437 unchanged lines hidden (view full) --- 2480 } 2481#endif 2482 inp->sctp_associd_counter = 1; 2483 inp->partial_delivery_point = SCTP_SB_LIMIT_RCV(so) >> SCTP_PARTIAL_DELIVERY_SHIFT; 2484 inp->sctp_frag_point = SCTP_DEFAULT_MAXSEGMENT; 2485 inp->sctp_cmt_on_off = SCTP_BASE_SYSCTL(sctp_cmt_on_off); 2486 inp->ecn_supported = (uint8_t) SCTP_BASE_SYSCTL(sctp_ecn_enable); 2487 inp->prsctp_supported = (uint8_t) SCTP_BASE_SYSCTL(sctp_pr_enable); |
| 2488 if (SCTP_BASE_SYSCTL(sctp_auth_disable)) { 2489 inp->auth_supported = 0; 2490 } else { 2491 inp->auth_supported = 1; 2492 } 2493 inp->asconf_supported = (uint8_t) SCTP_BASE_SYSCTL(sctp_asconf_enable); |
|
| 2488 inp->reconfig_supported = (uint8_t) SCTP_BASE_SYSCTL(sctp_reconfig_enable); 2489 inp->nrsack_supported = (uint8_t) SCTP_BASE_SYSCTL(sctp_nrsack_enable); 2490 inp->pktdrop_supported = (uint8_t) SCTP_BASE_SYSCTL(sctp_pktdrop_enable); 2491 /* init the small hash table we use to track asocid <-> tcb */ 2492 inp->sctp_asocidhash = SCTP_HASH_INIT(SCTP_STACK_VTAG_HASH_SIZE, &inp->hashasocidmark); 2493 if (inp->sctp_asocidhash == NULL) { 2494 crfree(inp->ip_inp.inp.inp_cred); 2495 SCTP_ZONE_FREE(SCTP_BASE_INFO(ipi_zone_ep), inp); --- 150 unchanged lines hidden (view full) --- 2646 2647 /* How long is a cookie good for ? */ 2648 m->def_cookie_life = MSEC_TO_TICKS(SCTP_BASE_SYSCTL(sctp_valid_cookie_life_default)); 2649 /* 2650 * Initialize authentication parameters 2651 */ 2652 m->local_hmacs = sctp_default_supported_hmaclist(); 2653 m->local_auth_chunks = sctp_alloc_chunklist(); | 2494 inp->reconfig_supported = (uint8_t) SCTP_BASE_SYSCTL(sctp_reconfig_enable); 2495 inp->nrsack_supported = (uint8_t) SCTP_BASE_SYSCTL(sctp_nrsack_enable); 2496 inp->pktdrop_supported = (uint8_t) SCTP_BASE_SYSCTL(sctp_pktdrop_enable); 2497 /* init the small hash table we use to track asocid <-> tcb */ 2498 inp->sctp_asocidhash = SCTP_HASH_INIT(SCTP_STACK_VTAG_HASH_SIZE, &inp->hashasocidmark); 2499 if (inp->sctp_asocidhash == NULL) { 2500 crfree(inp->ip_inp.inp.inp_cred); 2501 SCTP_ZONE_FREE(SCTP_BASE_INFO(ipi_zone_ep), inp); --- 150 unchanged lines hidden (view full) --- 2652 2653 /* How long is a cookie good for ? */ 2654 m->def_cookie_life = MSEC_TO_TICKS(SCTP_BASE_SYSCTL(sctp_valid_cookie_life_default)); 2655 /* 2656 * Initialize authentication parameters 2657 */ 2658 m->local_hmacs = sctp_default_supported_hmaclist(); 2659 m->local_auth_chunks = sctp_alloc_chunklist(); |
| 2660 if (inp->asconf_supported) { 2661 sctp_auth_add_chunk(SCTP_ASCONF, m->local_auth_chunks); 2662 sctp_auth_add_chunk(SCTP_ASCONF_ACK, m->local_auth_chunks); 2663 } |
|
| 2654 m->default_dscp = 0; 2655#ifdef INET6 2656 m->default_flowlabel = 0; 2657#endif 2658 m->port = 0; /* encapsulation disabled by default */ | 2664 m->default_dscp = 0; 2665#ifdef INET6 2666 m->default_flowlabel = 0; 2667#endif 2668 m->port = 0; /* encapsulation disabled by default */ |
| 2659 sctp_auth_set_default_chunks(m->local_auth_chunks); | |
| 2660 LIST_INIT(&m->shared_keys); 2661 /* add default NULL key as key id 0 */ 2662 null_key = sctp_alloc_sharedkey(); 2663 sctp_insert_sharedkey(&m->shared_keys, null_key); 2664 SCTP_INP_WUNLOCK(inp); 2665#ifdef SCTP_LOG_CLOSING 2666 sctp_log_closing(inp, NULL, 12); 2667#endif --- 3412 unchanged lines hidden (view full) --- 6080 uint8_t saw_asconf = 0; 6081 uint8_t saw_asconf_ack = 0; 6082 uint8_t chunks_store[SCTP_PARAM_BUFFER_SIZE]; 6083 struct sctp_auth_chunk_list *chunks = NULL; 6084 uint16_t num_chunks = 0; 6085 sctp_key_t *new_key; 6086 uint32_t keylen; 6087 int got_random = 0, got_hmacs = 0, got_chklist = 0; | 2669 LIST_INIT(&m->shared_keys); 2670 /* add default NULL key as key id 0 */ 2671 null_key = sctp_alloc_sharedkey(); 2672 sctp_insert_sharedkey(&m->shared_keys, null_key); 2673 SCTP_INP_WUNLOCK(inp); 2674#ifdef SCTP_LOG_CLOSING 2675 sctp_log_closing(inp, NULL, 12); 2676#endif --- 3412 unchanged lines hidden (view full) --- 6089 uint8_t saw_asconf = 0; 6090 uint8_t saw_asconf_ack = 0; 6091 uint8_t chunks_store[SCTP_PARAM_BUFFER_SIZE]; 6092 struct sctp_auth_chunk_list *chunks = NULL; 6093 uint16_t num_chunks = 0; 6094 sctp_key_t *new_key; 6095 uint32_t keylen; 6096 int got_random = 0, got_hmacs = 0, got_chklist = 0; |
| 6088 uint8_t ecn_supported; 6089 uint8_t prsctp_supported; 6090 uint8_t reconfig_supported; 6091 uint8_t nrsack_supported; 6092 uint8_t pktdrop_supported; | 6097 uint8_t peer_supports_ecn; 6098 uint8_t peer_supports_prsctp; 6099 uint8_t peer_supports_auth; 6100 uint8_t peer_supports_asconf; 6101 uint8_t peer_supports_asconf_ack; 6102 uint8_t peer_supports_reconfig; 6103 uint8_t peer_supports_nrsack; 6104 uint8_t peer_supports_pktdrop; |
| 6093 6094#ifdef INET 6095 struct sockaddr_in sin; 6096 6097#endif 6098#ifdef INET6 6099 struct sockaddr_in6 sin6; 6100 --- 12 unchanged lines hidden (view full) --- 6113 sin6.sin6_len = sizeof(struct sockaddr_in6); 6114 sin6.sin6_port = stcb->rport; 6115#endif 6116 if (altsa) { 6117 sa = altsa; 6118 } else { 6119 sa = src; 6120 } | 6105 6106#ifdef INET 6107 struct sockaddr_in sin; 6108 6109#endif 6110#ifdef INET6 6111 struct sockaddr_in6 sin6; 6112 --- 12 unchanged lines hidden (view full) --- 6125 sin6.sin6_len = sizeof(struct sockaddr_in6); 6126 sin6.sin6_port = stcb->rport; 6127#endif 6128 if (altsa) { 6129 sa = altsa; 6130 } else { 6131 sa = src; 6132 } |
| 6121 ecn_supported = 0; 6122 prsctp_supported = 0; 6123 reconfig_supported = 0; 6124 nrsack_supported = 0; 6125 pktdrop_supported = 0; | 6133 peer_supports_ecn = 0; 6134 peer_supports_prsctp = 0; 6135 peer_supports_auth = 0; 6136 peer_supports_asconf = 0; 6137 peer_supports_asconf = 0; 6138 peer_supports_reconfig = 0; 6139 peer_supports_nrsack = 0; 6140 peer_supports_pktdrop = 0; |
| 6126 TAILQ_FOREACH(net, &stcb->asoc.nets, sctp_next) { 6127 /* mark all addresses that we have currently on the list */ 6128 net->dest_state |= SCTP_ADDR_NOT_IN_ASSOC; 6129 } 6130 /* does the source address already exist? if so skip it */ 6131 inp = stcb->sctp_ep; 6132 atomic_add_int(&stcb->asoc.refcnt, 1); 6133 stcb_tmp = sctp_findassociation_ep_addr(&inp, sa, &net_tmp, dst, stcb); --- 33 unchanged lines hidden (view full) --- 6167 SCTP_TCB_UNLOCK(stcb_tmp); 6168 return (-3); 6169 } 6170 } 6171 if (stcb->asoc.state == 0) { 6172 /* the assoc was freed? */ 6173 return (-4); 6174 } | 6141 TAILQ_FOREACH(net, &stcb->asoc.nets, sctp_next) { 6142 /* mark all addresses that we have currently on the list */ 6143 net->dest_state |= SCTP_ADDR_NOT_IN_ASSOC; 6144 } 6145 /* does the source address already exist? if so skip it */ 6146 inp = stcb->sctp_ep; 6147 atomic_add_int(&stcb->asoc.refcnt, 1); 6148 stcb_tmp = sctp_findassociation_ep_addr(&inp, sa, &net_tmp, dst, stcb); --- 33 unchanged lines hidden (view full) --- 6182 SCTP_TCB_UNLOCK(stcb_tmp); 6183 return (-3); 6184 } 6185 } 6186 if (stcb->asoc.state == 0) { 6187 /* the assoc was freed? */ 6188 return (-4); 6189 } |
| 6175 /* 6176 * peer must explicitly turn this on. This may have been initialized 6177 * to be "on" in order to allow local addr changes while INIT's are 6178 * in flight. 6179 */ 6180 stcb->asoc.peer_supports_asconf = 0; | |
| 6181 /* now we must go through each of the params. */ 6182 phdr = sctp_get_next_param(m, offset, &parm_buf, sizeof(parm_buf)); 6183 while (phdr) { 6184 ptype = ntohs(phdr->param_type); 6185 plen = ntohs(phdr->param_length); 6186 /* 6187 * SCTP_PRINTF("ptype => %0x, plen => %d\n", 6188 * (uint32_t)ptype, (int)plen); --- 177 unchanged lines hidden (view full) --- 6366 return (-21); 6367 } 6368 return (-22); 6369 } 6370 } 6371 } else 6372#endif 6373 if (ptype == SCTP_ECN_CAPABLE) { | 6190 /* now we must go through each of the params. */ 6191 phdr = sctp_get_next_param(m, offset, &parm_buf, sizeof(parm_buf)); 6192 while (phdr) { 6193 ptype = ntohs(phdr->param_type); 6194 plen = ntohs(phdr->param_length); 6195 /* 6196 * SCTP_PRINTF("ptype => %0x, plen => %d\n", 6197 * (uint32_t)ptype, (int)plen); --- 177 unchanged lines hidden (view full) --- 6375 return (-21); 6376 } 6377 return (-22); 6378 } 6379 } 6380 } else 6381#endif 6382 if (ptype == SCTP_ECN_CAPABLE) { |
| 6374 ecn_supported = 1; | 6383 peer_supports_ecn = 1; |
| 6375 } else if (ptype == SCTP_ULP_ADAPTATION) { 6376 if (stcb->asoc.state != SCTP_STATE_OPEN) { 6377 struct sctp_adaptation_layer_indication ai, 6378 *aip; 6379 6380 phdr = sctp_get_next_param(m, offset, 6381 (struct sctp_paramhdr *)&ai, sizeof(ai)); 6382 aip = (struct sctp_adaptation_layer_indication *)phdr; --- 7 unchanged lines hidden (view full) --- 6390 int lptype; 6391 struct sockaddr *lsa = NULL; 6392 6393#ifdef INET 6394 struct sctp_asconf_addrv4_param *fii; 6395 6396#endif 6397 | 6384 } else if (ptype == SCTP_ULP_ADAPTATION) { 6385 if (stcb->asoc.state != SCTP_STATE_OPEN) { 6386 struct sctp_adaptation_layer_indication ai, 6387 *aip; 6388 6389 phdr = sctp_get_next_param(m, offset, 6390 (struct sctp_paramhdr *)&ai, sizeof(ai)); 6391 aip = (struct sctp_adaptation_layer_indication *)phdr; --- 7 unchanged lines hidden (view full) --- 6399 int lptype; 6400 struct sockaddr *lsa = NULL; 6401 6402#ifdef INET 6403 struct sctp_asconf_addrv4_param *fii; 6404 6405#endif 6406 |
| 6398 stcb->asoc.peer_supports_asconf = 1; | 6407 if (stcb->asoc.asconf_supported == 0) { 6408 return (-100); 6409 } |
| 6399 if (plen > sizeof(lstore)) { 6400 return (-23); 6401 } 6402 phdr = sctp_get_next_param(m, offset, 6403 (struct sctp_paramhdr *)&lstore, 6404 min(plen, sizeof(lstore))); 6405 if (phdr == NULL) { 6406 return (-24); --- 35 unchanged lines hidden (view full) --- 6442 } 6443 if (lsa) { 6444 (void)sctp_set_primary_addr(stcb, sa, NULL); 6445 } 6446 } else if (ptype == SCTP_HAS_NAT_SUPPORT) { 6447 stcb->asoc.peer_supports_nat = 1; 6448 } else if (ptype == SCTP_PRSCTP_SUPPORTED) { 6449 /* Peer supports pr-sctp */ | 6410 if (plen > sizeof(lstore)) { 6411 return (-23); 6412 } 6413 phdr = sctp_get_next_param(m, offset, 6414 (struct sctp_paramhdr *)&lstore, 6415 min(plen, sizeof(lstore))); 6416 if (phdr == NULL) { 6417 return (-24); --- 35 unchanged lines hidden (view full) --- 6453 } 6454 if (lsa) { 6455 (void)sctp_set_primary_addr(stcb, sa, NULL); 6456 } 6457 } else if (ptype == SCTP_HAS_NAT_SUPPORT) { 6458 stcb->asoc.peer_supports_nat = 1; 6459 } else if (ptype == SCTP_PRSCTP_SUPPORTED) { 6460 /* Peer supports pr-sctp */ |
| 6450 prsctp_supported = 1; | 6461 peer_supports_prsctp = 1; |
| 6451 } else if (ptype == SCTP_SUPPORTED_CHUNK_EXT) { 6452 /* A supported extension chunk */ 6453 struct sctp_supported_chunk_types_param *pr_supported; 6454 uint8_t local_store[SCTP_PARAM_BUFFER_SIZE]; 6455 int num_ent, i; 6456 6457 phdr = sctp_get_next_param(m, offset, 6458 (struct sctp_paramhdr *)&local_store, min(sizeof(local_store), plen)); 6459 if (phdr == NULL) { 6460 return (-25); 6461 } | 6462 } else if (ptype == SCTP_SUPPORTED_CHUNK_EXT) { 6463 /* A supported extension chunk */ 6464 struct sctp_supported_chunk_types_param *pr_supported; 6465 uint8_t local_store[SCTP_PARAM_BUFFER_SIZE]; 6466 int num_ent, i; 6467 6468 phdr = sctp_get_next_param(m, offset, 6469 (struct sctp_paramhdr *)&local_store, min(sizeof(local_store), plen)); 6470 if (phdr == NULL) { 6471 return (-25); 6472 } |
| 6462 stcb->asoc.peer_supports_asconf = 0; 6463 stcb->asoc.peer_supports_auth = 0; | |
| 6464 pr_supported = (struct sctp_supported_chunk_types_param *)phdr; 6465 num_ent = plen - sizeof(struct sctp_paramhdr); 6466 for (i = 0; i < num_ent; i++) { 6467 switch (pr_supported->chunk_types[i]) { 6468 case SCTP_ASCONF: | 6473 pr_supported = (struct sctp_supported_chunk_types_param *)phdr; 6474 num_ent = plen - sizeof(struct sctp_paramhdr); 6475 for (i = 0; i < num_ent; i++) { 6476 switch (pr_supported->chunk_types[i]) { 6477 case SCTP_ASCONF: |
| 6478 peer_supports_asconf = 1; |
|
| 6469 case SCTP_ASCONF_ACK: | 6479 case SCTP_ASCONF_ACK: |
| 6470 stcb->asoc.peer_supports_asconf = 1; | 6480 peer_supports_asconf_ack = 1; |
| 6471 break; 6472 case SCTP_FORWARD_CUM_TSN: | 6481 break; 6482 case SCTP_FORWARD_CUM_TSN: |
| 6473 prsctp_supported = 1; | 6483 peer_supports_prsctp = 1; |
| 6474 break; 6475 case SCTP_PACKET_DROPPED: | 6484 break; 6485 case SCTP_PACKET_DROPPED: |
| 6476 pktdrop_supported = 1; | 6486 peer_supports_pktdrop = 1; |
| 6477 break; 6478 case SCTP_NR_SELECTIVE_ACK: | 6487 break; 6488 case SCTP_NR_SELECTIVE_ACK: |
| 6479 nrsack_supported = 1; | 6489 peer_supports_nrsack = 1; |
| 6480 break; 6481 case SCTP_STREAM_RESET: | 6490 break; 6491 case SCTP_STREAM_RESET: |
| 6482 reconfig_supported = 1; | 6492 peer_supports_reconfig = 1; |
| 6483 break; 6484 case SCTP_AUTHENTICATION: | 6493 break; 6494 case SCTP_AUTHENTICATION: |
| 6485 stcb->asoc.peer_supports_auth = 1; | 6495 peer_supports_auth = 1; |
| 6486 break; 6487 default: 6488 /* one I have not learned yet */ 6489 break; 6490 6491 } 6492 } 6493 } else if (ptype == SCTP_RANDOM) { --- 120 unchanged lines hidden (view full) --- 6614 TAILQ_REMOVE(&stcb->asoc.nets, net, sctp_next); 6615 sctp_free_remote_addr(net); 6616 if (net == stcb->asoc.primary_destination) { 6617 stcb->asoc.primary_destination = NULL; 6618 sctp_select_primary_destination(stcb); 6619 } 6620 } 6621 } | 6496 break; 6497 default: 6498 /* one I have not learned yet */ 6499 break; 6500 6501 } 6502 } 6503 } else if (ptype == SCTP_RANDOM) { --- 120 unchanged lines hidden (view full) --- 6624 TAILQ_REMOVE(&stcb->asoc.nets, net, sctp_next); 6625 sctp_free_remote_addr(net); 6626 if (net == stcb->asoc.primary_destination) { 6627 stcb->asoc.primary_destination = NULL; 6628 sctp_select_primary_destination(stcb); 6629 } 6630 } 6631 } |
| 6622 stcb->asoc.ecn_supported &= ecn_supported; 6623 stcb->asoc.prsctp_supported &= prsctp_supported; 6624 stcb->asoc.reconfig_supported &= reconfig_supported; 6625 stcb->asoc.nrsack_supported &= nrsack_supported; 6626 stcb->asoc.pktdrop_supported &= pktdrop_supported; 6627 /* validate authentication required parameters */ 6628 if (got_random && got_hmacs) { 6629 stcb->asoc.peer_supports_auth = 1; 6630 } else { 6631 stcb->asoc.peer_supports_auth = 0; | 6632 if ((stcb->asoc.ecn_supported == 1) && 6633 (peer_supports_ecn == 0)) { 6634 stcb->asoc.ecn_supported = 0; |
| 6632 } | 6635 } |
| 6633 if (!stcb->asoc.peer_supports_auth && got_chklist) { | 6636 if ((stcb->asoc.prsctp_supported == 1) && 6637 (peer_supports_prsctp == 0)) { 6638 stcb->asoc.prsctp_supported = 0; 6639 } 6640 if ((stcb->asoc.auth_supported == 1) && 6641 ((peer_supports_auth == 0) || 6642 (got_random == 0) || (got_hmacs == 0))) { 6643 stcb->asoc.auth_supported = 0; 6644 } 6645 if ((stcb->asoc.asconf_supported == 1) && 6646 ((peer_supports_asconf == 0) || (peer_supports_asconf_ack == 0) || 6647 (stcb->asoc.auth_supported == 0) || 6648 (saw_asconf == 0) || (saw_asconf_ack == 0))) { 6649 stcb->asoc.asconf_supported = 0; 6650 } 6651 if ((stcb->asoc.reconfig_supported == 1) && 6652 (peer_supports_reconfig == 0)) { 6653 stcb->asoc.reconfig_supported = 0; 6654 } 6655 if ((stcb->asoc.nrsack_supported == 1) && 6656 (peer_supports_nrsack == 0)) { 6657 stcb->asoc.nrsack_supported = 0; 6658 } 6659 if ((stcb->asoc.pktdrop_supported == 1) && 6660 (peer_supports_pktdrop == 0)) { 6661 stcb->asoc.pktdrop_supported = 0; 6662 } 6663 /* validate authentication required parameters */ 6664 if ((peer_supports_auth == 0) && (got_chklist == 1)) { |
| 6634 /* peer does not support auth but sent a chunks list? */ 6635 return (-31); 6636 } | 6665 /* peer does not support auth but sent a chunks list? */ 6666 return (-31); 6667 } |
| 6637 if (stcb->asoc.peer_supports_asconf && !stcb->asoc.peer_supports_auth) { | 6668 if ((peer_supports_asconf == 1) && (peer_supports_auth == 0)) { |
| 6638 /* peer supports asconf but not auth? */ 6639 return (-32); | 6669 /* peer supports asconf but not auth? */ 6670 return (-32); |
| 6640 } else if ((stcb->asoc.peer_supports_asconf) && (stcb->asoc.peer_supports_auth) && | 6671 } else if ((peer_supports_asconf == 1) && 6672 (peer_supports_auth == 1) && |
| 6641 ((saw_asconf == 0) || (saw_asconf_ack == 0))) { 6642 return (-33); 6643 } 6644 /* concatenate the full random key */ 6645 keylen = sizeof(*p_random) + random_len + sizeof(*hmacs) + hmacs_len; 6646 if (chunks != NULL) { 6647 keylen += sizeof(*chunks) + num_chunks; 6648 } --- 377 unchanged lines hidden --- | 6673 ((saw_asconf == 0) || (saw_asconf_ack == 0))) { 6674 return (-33); 6675 } 6676 /* concatenate the full random key */ 6677 keylen = sizeof(*p_random) + random_len + sizeof(*hmacs) + hmacs_len; 6678 if (chunks != NULL) { 6679 keylen += sizeof(*chunks) + num_chunks; 6680 } --- 377 unchanged lines hidden --- |