forked from Minki/linux
65907a433a
This fixes an oversight from an earlier patch, ensuring that Ack Vectors are not processed on request sockets. The issue is that Ack Vectors must not be parsed on request sockets, since the Ack Vector feature depends on the selection of the (TX) CCID. During the initial handshake the CCIDs are undefined, and so RFC 4340, 10.3 applies: "Using CCID-specific options and feature options during a negotiation for the corresponding CCID feature is NOT RECOMMENDED [...]" And it is not even possible: when the server receives the Request from the client, the CCID and Ack vector features are undefined; when the Ack finalising the 3-way hanshake arrives, the request socket has not been cloned yet into a full socket. (This order is necessary, since otherwise the newly created socket would have to be destroyed whenever an option error occurred - a malicious hacker could simply send garbage options and exploit this.) Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk> |
||
|---|---|---|
| .. | ||
| ccids | ||
| ackvec.c | ||
| ackvec.h | ||
| ccid.c | ||
| ccid.h | ||
| dccp.h | ||
| diag.c | ||
| feat.c | ||
| feat.h | ||
| input.c | ||
| ipv4.c | ||
| ipv6.c | ||
| ipv6.h | ||
| Kconfig | ||
| Makefile | ||
| minisocks.c | ||
| options.c | ||
| output.c | ||
| probe.c | ||
| proto.c | ||
| sysctl.c | ||
| timer.c | ||