| sctp_input.c (235283) | sctp_input.c (235360) |
|---|---|
| 1/*- 2 * Copyright (c) 2001-2008, by Cisco Systems, Inc. All rights reserved. 3 * Copyright (c) 2008-2011, by Randall Stewart. All rights reserved. 4 * Copyright (c) 2008-2011, by Michael Tuexen. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions are met: 8 * --- 19 unchanged lines hidden (view full) --- 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 30 * THE POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33/* $KAME: sctp_input.c,v 1.27 2005/03/06 16:04:17 itojun Exp $ */ 34 35#include <sys/cdefs.h> | 1/*- 2 * Copyright (c) 2001-2008, by Cisco Systems, Inc. All rights reserved. 3 * Copyright (c) 2008-2011, by Randall Stewart. All rights reserved. 4 * Copyright (c) 2008-2011, by Michael Tuexen. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions are met: 8 * --- 19 unchanged lines hidden (view full) --- 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 30 * THE POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33/* $KAME: sctp_input.c,v 1.27 2005/03/06 16:04:17 itojun Exp $ */ 34 35#include <sys/cdefs.h> |
| 36__FBSDID("$FreeBSD: head/sys/netinet/sctp_input.c 235283 2012-05-11 19:15:33Z tuexen $"); | 36__FBSDID("$FreeBSD: head/sys/netinet/sctp_input.c 235360 2012-05-12 20:11:35Z tuexen $"); |
| 37 38#include <netinet/sctp_os.h> 39#include <netinet/sctp_var.h> 40#include <netinet/sctp_sysctl.h> 41#include <netinet/sctp_pcb.h> 42#include <netinet/sctp_header.h> 43#include <netinet/sctputil.h> 44#include <netinet/sctp_output.h> --- 378 unchanged lines hidden (view full) --- 423 abort_flag = 0; 424 op_err = NULL; 425 426 op_err = sctp_arethere_unrecognized_parameters(m, 427 (offset + sizeof(struct sctp_init_chunk)), 428 &abort_flag, (struct sctp_chunkhdr *)cp, &nat_friendly); 429 if (abort_flag) { 430 /* Send an abort and notify peer */ | 37 38#include <netinet/sctp_os.h> 39#include <netinet/sctp_var.h> 40#include <netinet/sctp_sysctl.h> 41#include <netinet/sctp_pcb.h> 42#include <netinet/sctp_header.h> 43#include <netinet/sctputil.h> 44#include <netinet/sctp_output.h> --- 378 unchanged lines hidden (view full) --- 423 abort_flag = 0; 424 op_err = NULL; 425 426 op_err = sctp_arethere_unrecognized_parameters(m, 427 (offset + sizeof(struct sctp_init_chunk)), 428 &abort_flag, (struct sctp_chunkhdr *)cp, &nat_friendly); 429 if (abort_flag) { 430 /* Send an abort and notify peer */ |
| 431 sctp_abort_an_association(stcb->sctp_ep, stcb, SCTP_CAUSE_PROTOCOL_VIOLATION, op_err, SCTP_SO_NOT_LOCKED); | 431 sctp_abort_an_association(stcb->sctp_ep, stcb, op_err, SCTP_SO_NOT_LOCKED); |
| 432 *abort_no_unlock = 1; 433 return (-1); 434 } 435 asoc = &stcb->asoc; 436 asoc->peer_supports_nat = (uint8_t) nat_friendly; 437 /* process the peer's parameters in the INIT-ACK */ 438 retval = sctp_process_init((struct sctp_init_chunk *)cp, stcb); 439 if (retval < 0) { --- 294 unchanged lines hidden (view full) --- 734 return (0); 735 } 736 sctp_asconf_send_nat_state_update(stcb, net); 737 return (1); 738} 739 740 741static void | 432 *abort_no_unlock = 1; 433 return (-1); 434 } 435 asoc = &stcb->asoc; 436 asoc->peer_supports_nat = (uint8_t) nat_friendly; 437 /* process the peer's parameters in the INIT-ACK */ 438 retval = sctp_process_init((struct sctp_init_chunk *)cp, stcb); 439 if (retval < 0) { --- 294 unchanged lines hidden (view full) --- 734 return (0); 735 } 736 sctp_asconf_send_nat_state_update(stcb, net); 737 return (1); 738} 739 740 741static void |
| 742sctp_handle_abort(struct sctp_abort_chunk *cp, | 742sctp_handle_abort(struct sctp_abort_chunk *abort, |
| 743 struct sctp_tcb *stcb, struct sctp_nets *net) 744{ 745#if defined (__APPLE__) || defined(SCTP_SO_LOCK_TESTING) 746 struct socket *so; 747 748#endif 749 uint16_t len; | 743 struct sctp_tcb *stcb, struct sctp_nets *net) 744{ 745#if defined (__APPLE__) || defined(SCTP_SO_LOCK_TESTING) 746 struct socket *so; 747 748#endif 749 uint16_t len; |
| 750 uint16_t error; |
|
| 750 751 SCTPDBG(SCTP_DEBUG_INPUT2, "sctp_handle_abort: handling ABORT\n"); 752 if (stcb == NULL) 753 return; 754 | 751 752 SCTPDBG(SCTP_DEBUG_INPUT2, "sctp_handle_abort: handling ABORT\n"); 753 if (stcb == NULL) 754 return; 755 |
| 755 len = ntohs(cp->ch.chunk_length); | 756 len = ntohs(abort->ch.chunk_length); |
| 756 if (len > sizeof(struct sctp_chunkhdr)) { 757 /* 758 * Need to check the cause codes for our two magic nat 759 * aborts which don't kill the assoc necessarily. 760 */ | 757 if (len > sizeof(struct sctp_chunkhdr)) { 758 /* 759 * Need to check the cause codes for our two magic nat 760 * aborts which don't kill the assoc necessarily. 761 */ |
| 761 struct sctp_abort_chunk *cpnext; | |
| 762 struct sctp_missing_nat_state *natc; | 762 struct sctp_missing_nat_state *natc; |
| 763 uint16_t cause; | |
| 764 | 763 |
| 765 cpnext = cp; 766 cpnext++; 767 natc = (struct sctp_missing_nat_state *)cpnext; 768 cause = ntohs(natc->cause); 769 if (cause == SCTP_CAUSE_NAT_COLLIDING_STATE) { | 764 natc = (struct sctp_missing_nat_state *)(abort + 1); 765 error = ntohs(natc->cause); 766 if (error == SCTP_CAUSE_NAT_COLLIDING_STATE) { |
| 770 SCTPDBG(SCTP_DEBUG_INPUT2, "Received Colliding state abort flags:%x\n", | 767 SCTPDBG(SCTP_DEBUG_INPUT2, "Received Colliding state abort flags:%x\n", |
| 771 cp->ch.chunk_flags); | 768 abort->ch.chunk_flags); |
| 772 if (sctp_handle_nat_colliding_state(stcb)) { 773 return; 774 } | 769 if (sctp_handle_nat_colliding_state(stcb)) { 770 return; 771 } |
| 775 } else if (cause == SCTP_CAUSE_NAT_MISSING_STATE) { | 772 } else if (error == SCTP_CAUSE_NAT_MISSING_STATE) { |
| 776 SCTPDBG(SCTP_DEBUG_INPUT2, "Received missing state abort flags:%x\n", | 773 SCTPDBG(SCTP_DEBUG_INPUT2, "Received missing state abort flags:%x\n", |
| 777 cp->ch.chunk_flags); | 774 abort->ch.chunk_flags); |
| 778 if (sctp_handle_nat_missing_state(stcb, net)) { 779 return; 780 } 781 } | 775 if (sctp_handle_nat_missing_state(stcb, net)) { 776 return; 777 } 778 } |
| 779 } else { 780 error = 0; |
|
| 782 } 783 /* stop any receive timers */ 784 sctp_timer_stop(SCTP_TIMER_TYPE_RECV, stcb->sctp_ep, stcb, net, SCTP_FROM_SCTP_INPUT + SCTP_LOC_6); 785 /* notify user of the abort and clean up... */ | 781 } 782 /* stop any receive timers */ 783 sctp_timer_stop(SCTP_TIMER_TYPE_RECV, stcb->sctp_ep, stcb, net, SCTP_FROM_SCTP_INPUT + SCTP_LOC_6); 784 /* notify user of the abort and clean up... */ |
| 786 sctp_abort_notification(stcb, 0, SCTP_SO_NOT_LOCKED); | 785 sctp_abort_notification(stcb, error, abort, SCTP_SO_NOT_LOCKED); |
| 787 /* free the tcb */ 788 SCTP_STAT_INCR_COUNTER32(sctps_aborted); 789 if ((SCTP_GET_STATE(&stcb->asoc) == SCTP_STATE_OPEN) || 790 (SCTP_GET_STATE(&stcb->asoc) == SCTP_STATE_SHUTDOWN_RECEIVED)) { 791 SCTP_STAT_DECR_GAUGE32(sctps_currestab); 792 } 793#ifdef SCTP_ASOCLOG_OF_TSNS 794 sctp_print_out_track_log(stcb); --- 374 unchanged lines hidden (view full) --- 1169 int *p; 1170 1171 p = (int *)((caddr_t)phdr + sizeof(*phdr)); 1172 /* Save the time doubled */ 1173 asoc->cookie_preserve_req = ntohl(*p) << 1; 1174 asoc->stale_cookie_count++; 1175 if (asoc->stale_cookie_count > 1176 asoc->max_init_times) { | 786 /* free the tcb */ 787 SCTP_STAT_INCR_COUNTER32(sctps_aborted); 788 if ((SCTP_GET_STATE(&stcb->asoc) == SCTP_STATE_OPEN) || 789 (SCTP_GET_STATE(&stcb->asoc) == SCTP_STATE_SHUTDOWN_RECEIVED)) { 790 SCTP_STAT_DECR_GAUGE32(sctps_currestab); 791 } 792#ifdef SCTP_ASOCLOG_OF_TSNS 793 sctp_print_out_track_log(stcb); --- 374 unchanged lines hidden (view full) --- 1168 int *p; 1169 1170 p = (int *)((caddr_t)phdr + sizeof(*phdr)); 1171 /* Save the time doubled */ 1172 asoc->cookie_preserve_req = ntohl(*p) << 1; 1173 asoc->stale_cookie_count++; 1174 if (asoc->stale_cookie_count > 1175 asoc->max_init_times) { |
| 1177 sctp_abort_notification(stcb, 0, SCTP_SO_NOT_LOCKED); | 1176 sctp_abort_notification(stcb, 0, NULL, SCTP_SO_NOT_LOCKED); |
| 1178 /* now free the asoc */ 1179#if defined (__APPLE__) || defined(SCTP_SO_LOCK_TESTING) 1180 so = SCTP_INP_SO(stcb->sctp_ep); 1181 atomic_add_int(&stcb->asoc.refcnt, 1); 1182 SCTP_TCB_UNLOCK(stcb); 1183 SCTP_SOCKET_LOCK(so, 1); 1184 SCTP_TCB_LOCK(stcb); 1185 atomic_subtract_int(&stcb->asoc.refcnt, 1); --- 4921 unchanged lines hidden --- | 1177 /* now free the asoc */ 1178#if defined (__APPLE__) || defined(SCTP_SO_LOCK_TESTING) 1179 so = SCTP_INP_SO(stcb->sctp_ep); 1180 atomic_add_int(&stcb->asoc.refcnt, 1); 1181 SCTP_TCB_UNLOCK(stcb); 1182 SCTP_SOCKET_LOCK(so, 1); 1183 SCTP_TCB_LOCK(stcb); 1184 atomic_subtract_int(&stcb->asoc.refcnt, 1); --- 4921 unchanged lines hidden --- |