gnunet-developers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [GNUnet-developers] [PATCH] tcp_stealth: fix compilation if TCP_MD5S

From: Julian Kirsch
Subject: Re: [GNUnet-developers] [PATCH] tcp_stealth: fix compilation if TCP_MD5SIG is not enabled
Date: Tue, 19 Aug 2014 12:57:41 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 
Following up on this: I've updated the online version of the patch [0]
and also verified run-time functionality with CONFIG_TCP_MD5SIG
disabled. The logic of the code changed a bit but it's cleaner (and
smaller) now. No need to apply the updated version of the patch to your
kernels if you didn't encounter problems during compiling, though.

Thanks again for pointing me towards this issue, Alexander.

-Julian

---
[0] https://gnunet.org/knock

On 2014-08-18 21:24, Alexander Holler wrote:
> This patch was just compile-time tested (besides that it might not match
> the style Linux kernel devs do want).
> 
> As I'm just starting to setup kernels and test this nice feature, this
> patch might just be handled as a bugreport. I haven't look in deep at
> what af_specific->md5_lookup() is used for, so currently I assume it
> isn't needed for operation if CONFIG_TCP_MD5SIG is disabled.
> 
> Otherwise the tcp_stealth patch would need a
> 
> select TCP_MD5SIG
> 
> in Kconfig.
> 
> Signed-off-by: Alexander Holler <address@hidden>
> ---
>  net/ipv4/tcp_ipv4.c | 7 +++++--
>  net/ipv6/tcp_ipv6.c | 7 +++++--
>  2 files changed, 10 insertions(+), 4 deletions(-)
> 
> diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
> index 6148bb5..5947dbd 100644
> --- a/net/ipv4/tcp_ipv4.c
> +++ b/net/ipv4/tcp_ipv4.c
> @@ -245,8 +245,11 @@ int tcp_v4_connect(struct sock *sk, struct sockaddr 
> *uaddr, int addr_len)
>  
>       if (!tp->write_seq && likely(!tp->repair) &&
>           unlikely(tp->stealth.mode & TCP_STEALTH_MODE_AUTH)) {
> -             if (likely(sysctl_tcp_timestamps &&
> -                        !tp->af_specific->md5_lookup(sk, sk))) {
> +             if (likely(sysctl_tcp_timestamps
> +#ifdef CONFIG_TCP_MD5SIG
> +                 && !tp->af_specific->md5_lookup(sk, sk)
> +#endif
> +                 )) {
>                       tp->write_seq = tcp_stealth_sequence_number(sk,
>                                               &inet->inet_daddr,
>                                               sizeof(inet->inet_daddr),
> diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c
> index 33c87df..d8d7b2b 100644
> --- a/net/ipv6/tcp_ipv6.c
> +++ b/net/ipv6/tcp_ipv6.c
> @@ -303,8 +303,11 @@ static int tcp_v6_connect(struct sock *sk, struct 
> sockaddr *uaddr,
>  
>       if (!tp->write_seq && likely(!tp->repair) &&
>           unlikely(tp->stealth.mode & TCP_STEALTH_MODE_AUTH)) {
> -             if (likely(sysctl_tcp_timestamps &&
> -                        !tp->af_specific->md5_lookup(sk, sk))) {
> +             if (likely(sysctl_tcp_timestamps
> +#ifdef CONFIG_TCP_MD5SIG
> +                 && !tp->af_specific->md5_lookup(sk, sk)
> +#endif
> +                 )) {
>                       tp->write_seq = tcp_stealth_sequence_number(sk,
>                                               sk->sk_v6_daddr.s6_addr32,
>                                               sizeof(sk->sk_v6_daddr),
>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]