linux/net
Vlad Yasevich d670119132 [SCTP]: Follow Add-IP security consideratiosn wrt INIT/INIT-ACK
The Security Considerations section of RFC 5061 has the following
text:

   If an SCTP endpoint that supports this extension receives an INIT
   that indicates that the peer supports the ASCONF extension but does
   NOT support the [RFC4895] extension, the receiver of such an INIT
   MUST send an ABORT in response.  Note that an implementation is
   allowed to silently discard such an INIT as an option as well, but
   under NO circumstance is an implementation allowed to proceed with
   the association setup by sending an INIT-ACK in response.

   An implementation that receives an INIT-ACK that indicates that the
   peer does not support the [RFC4895] extension MUST NOT send the
   COOKIE-ECHO to establish the association.  Instead, the
   implementation MUST discard the INIT-ACK and report to the upper-
   layer user that an association cannot be established destroying the
   Transmission Control Block (TCB).

Follow the recomendations.

Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-01-28 14:59:25 -08:00
..
9p 9p: add missing end-of-options record for trans_fd 2007-11-06 08:02:53 -06:00
802 [TR]: Use ctl paths to register net/token-ring/ table 2008-01-28 14:56:28 -08:00
8021q [VLAN]: nested VLAN: fix lockdep's recursive locking warning 2008-01-10 22:38:31 -08:00
appletalk [NET]: Convert init_timer into setup_timer 2008-01-28 14:53:35 -08:00
atm [NET]: Name magic constants in sock_wake_async() 2008-01-28 14:55:03 -08:00
ax25 [NET]: Convert init_timer into setup_timer 2008-01-28 14:53:35 -08:00
bluetooth [NET]: Convert init_timer into setup_timer 2008-01-28 14:53:35 -08:00
bridge [NETFILTER]: Add CONFIG_NETFILTER_ADVANCED option 2008-01-28 14:59:12 -08:00
can [CAN]: Add virtual CAN netdevice driver 2008-01-28 14:54:12 -08:00
core [IPV4] net/core: Use ipv4_is_<type> 2008-01-28 14:58:15 -08:00
dccp [DCCP]: Remove unused inline function 2008-01-28 14:58:24 -08:00
decnet [NETFILTER]: Add CONFIG_NETFILTER_ADVANCED option 2008-01-28 14:59:12 -08:00
econet [NET]: Convert init_timer into setup_timer 2008-01-28 14:53:35 -08:00
ethernet [NET]: Validate device addr prior to interface-up 2007-10-23 21:27:50 -07:00
ieee80211 [IEEE80211]: Use htons() where appropriate. 2008-01-28 14:58:02 -08:00
ipv4 [IPSEC]: Rename tunnel-mode functions to avoid collisions with tunnels 2008-01-28 14:59:18 -08:00
ipv6 [IPSEC]: Rename tunnel-mode functions to avoid collisions with tunnels 2008-01-28 14:59:18 -08:00
ipx [IPX]: Use existing sock refcnt debugging infrastructure 2007-11-10 21:39:26 -08:00
irda [IRDA]: Use htons() where appropriate. 2008-01-28 14:58:03 -08:00
iucv [IUCV]: use LIST_HEAD instead of LIST_HEAD_INIT 2008-01-28 14:56:54 -08:00
key [AF_KEY]: Fix skb leak on pfkey_send_migrate() error 2008-01-20 20:31:45 -08:00
lapb [LAPB] net/lapb/lapb_iface.c: use LIST_HEAD instead of LIST_HEAD_INIT 2008-01-28 14:56:52 -08:00
llc [NET]: Convert init_timer into setup_timer 2008-01-28 14:53:35 -08:00
mac80211 mac80211: add PID controller based rate control algorithm 2008-01-28 14:59:18 -08:00
netfilter [NETFILTER]: Add CONFIG_NETFILTER_ADVANCED option 2008-01-28 14:59:12 -08:00
netlabel [NETLABEL]: Spelling fixes 2007-12-20 14:03:11 -08:00
netlink [NETLINK]: kzalloc() conversion 2008-01-28 14:57:06 -08:00
netrom [NET]: Convert init_timer into setup_timer 2008-01-28 14:53:35 -08:00
packet [PACKET]: Fix /proc/net/packet crash due to bogus private pointer 2008-01-28 14:58:19 -08:00
rfkill rfkill: call rfkill_led_trigger_unregister() on error 2008-01-20 20:31:36 -08:00
rose [NET]: Convert init_timer into setup_timer 2008-01-28 14:53:35 -08:00
rxrpc [RXRPC]: Use cpu_to_be32() where appropriate. 2008-01-28 14:58:04 -08:00
sched [NETFILTER]: Mark hooks __read_mostly 2008-01-28 14:56:07 -08:00
sctp [SCTP]: Follow Add-IP security consideratiosn wrt INIT/INIT-ACK 2008-01-28 14:59:25 -08:00
sunrpc [SUNRPC]: Use htonl() where appropriate. 2008-01-28 14:58:05 -08:00
tipc [NET]: Convert init_timer into setup_timer 2008-01-28 14:53:35 -08:00
unix [NETNS]: struct net content re-work (v3) 2008-01-28 14:57:14 -08:00
wanrouter [NET]: Make /proc/net per network namespace 2007-10-10 16:49:06 -07:00
wireless [NET]: Consolidate net namespace related proc files creation. 2008-01-28 14:54:28 -08:00
x25 [X25]: use LIST_HEAD instead of LIST_HEAD_INIT 2008-01-28 14:56:53 -08:00
xfrm [IPSEC]: Do xfrm_state_check_space before encapsulation 2008-01-28 14:59:13 -08:00
compat.c [NETFILTER]: ip6_tables: add compat support 2008-01-28 14:58:36 -08:00
Kconfig [NETFILTER]: Add CONFIG_NETFILTER_ADVANCED option 2008-01-28 14:59:12 -08:00
Makefile [CAN]: Add PF_CAN core module 2008-01-28 14:54:10 -08:00
nonet.c
socket.c [NET] sysctl: make sysctl_somaxconn per-namespace 2008-01-28 14:56:57 -08:00
sysctl_net.c [NET]: Remove the empty net_table 2008-01-28 14:56:29 -08:00
TUNABLE