diff options
author | Vlad Yasevich <vladislav.yasevich@hp.com> | 2007-10-24 23:24:26 +0200 |
---|---|---|
committer | Vlad Yasevich <vladislav.yasevich@hp.com> | 2007-11-07 17:39:27 +0100 |
commit | 73d9c4fd1a6ec4950b2eac8135d35506bf400d6c (patch) | |
tree | b2d6fe707cdc790c9b42a2487d2892e97c6561ba /net/sctp/sm_make_chunk.c | |
parent | SCTP: Correctly disable ADD-IP when AUTH is not supported. (diff) | |
download | linux-73d9c4fd1a6ec4950b2eac8135d35506bf400d6c.tar.xz linux-73d9c4fd1a6ec4950b2eac8135d35506bf400d6c.zip |
SCTP: Allow ADD_IP to work with AUTH for backward compatibility.
This patch adds a tunable that will allow ADD_IP to work without
AUTH for backward compatibility. The default value is off since
the default value for ADD_IP is off as well. People who need
to use ADD-IP with older implementations take risks of connection
hijacking and should consider upgrading or turning this tunable on.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Diffstat (limited to 'net/sctp/sm_make_chunk.c')
-rw-r--r-- | net/sctp/sm_make_chunk.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c index 2ff3a3df049d..43e8de1228f9 100644 --- a/net/sctp/sm_make_chunk.c +++ b/net/sctp/sm_make_chunk.c @@ -2137,8 +2137,10 @@ int sctp_process_init(struct sctp_association *asoc, sctp_cid_t cid, /* If the peer claims support for ADD-IP without support * for AUTH, disable support for ADD-IP. + * Do this only if backward compatible mode is turned off. */ - if (asoc->peer.asconf_capable && !asoc->peer.auth_capable) { + if (!sctp_addip_noauth && + (asoc->peer.asconf_capable && !asoc->peer.auth_capable)) { asoc->peer.addip_disabled_mask |= (SCTP_PARAM_ADD_IP | SCTP_PARAM_DEL_IP | SCTP_PARAM_SET_PRIMARY); |