diff options
author | Vlad Yasevich <vladislav.yasevich@hp.com> | 2007-09-16 19:32:45 -0700 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2007-10-10 16:51:31 -0700 |
commit | 4cd57c8078fae0a4b1bf421191e94626d0cba92a (patch) | |
tree | e17a54c65a7859b6283a341e0124d200da64ee3a /net/sctp/chunk.c | |
parent | 730fc3d05cd4ba4c9ce2de91f3d43349e95dbbf5 (diff) | |
download | linux-4cd57c8078fae0a4b1bf421191e94626d0cba92a.tar.gz linux-4cd57c8078fae0a4b1bf421191e94626d0cba92a.tar.bz2 linux-4cd57c8078fae0a4b1bf421191e94626d0cba92a.zip |
[SCTP]: Enable the sending of the AUTH chunk.
SCTP-AUTH, Section 6.2:
Endpoints MUST send all requested chunks authenticated where this has
been requested by the peer. The other chunks MAY be sent
authenticated or not. If endpoint pair shared keys are used, one of
them MUST be selected for authentication.
To send chunks in an authenticated way, the sender MUST include these
chunks after an AUTH chunk. This means that a sender MUST bundle
chunks in order to authenticate them.
If the endpoint has no endpoint pair shared key for the peer, it MUST
use Shared Key Identifier 0 with an empty endpoint pair shared key.
If there are multiple endpoint shared keys the sender selects one and
uses the corresponding Shared Key Identifier
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/sctp/chunk.c')
-rw-r--r-- | net/sctp/chunk.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/net/sctp/chunk.c b/net/sctp/chunk.c index 77fb7b06a9c4..619d0f2dee51 100644 --- a/net/sctp/chunk.c +++ b/net/sctp/chunk.c @@ -194,6 +194,18 @@ struct sctp_datamsg *sctp_datamsg_from_user(struct sctp_association *asoc, max = asoc->frag_point; + /* If the the peer requested that we authenticate DATA chunks + * we need to accound for bundling of the AUTH chunks along with + * DATA. + */ + if (sctp_auth_send_cid(SCTP_CID_DATA, asoc)) { + struct sctp_hmac *hmac_desc = sctp_auth_asoc_get_hmac(asoc); + + if (hmac_desc) + max -= WORD_ROUND(sizeof(sctp_auth_chunk_t) + + hmac_desc->hmac_len); + } + whole = 0; first_len = max; |