diff options
author | Hannes Frederic Sowa <hannes@stressinduktion.org> | 2013-10-19 21:48:56 +0200 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2013-10-20 01:45:35 +0200 |
commit | b23a002fc6f0c19846ee0382f019429af54a27e9 (patch) | |
tree | 9cb494a707c4145a8a42f0cf6eb6853e487f06a5 /include | |
parent | net: introduce new macro net_get_random_once (diff) | |
download | linux-b23a002fc6f0c19846ee0382f019429af54a27e9.tar.xz linux-b23a002fc6f0c19846ee0382f019429af54a27e9.zip |
inet: split syncookie keys for ipv4 and ipv6 and initialize with net_get_random_once
This patch splits the secret key for syncookies for ipv4 and ipv6 and
initializes them with net_get_random_once. This change was the reason I
did this series. I think the initialization of the syncookie_secret is
way to early.
Cc: Florian Westphal <fw@strlen.de>
Cc: Eric Dumazet <edumazet@google.com>
Cc: "David S. Miller" <davem@davemloft.net>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include')
-rw-r--r-- | include/net/tcp.h | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/include/net/tcp.h b/include/net/tcp.h index 372dcccfeed0..f30326f1c92b 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h @@ -475,7 +475,6 @@ int tcp_send_rcvq(struct sock *sk, struct msghdr *msg, size_t size); void inet_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb); /* From syncookies.c */ -extern __u32 syncookie_secret[2][16-4+SHA_DIGEST_WORDS]; int __cookie_v4_check(const struct iphdr *iph, const struct tcphdr *th, u32 cookie); struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, |