Author: hiren
Date: Fri Jan 30 17:29:07 2015
New Revision: 277938
URL: https://svnweb.freebsd.org/changeset/base/277938
Log:
Make syncookie_mac() use 'tcp_seq irs' in computing hash.
This fixes what seems like a simple oversight when the function was added in
r253210.
Reported by: Daniel Borkmann <dbork...@redhat.com>
Florian Westphal <f...@strlen.de>
Differential Revision: https://reviews.freebsd.org/D1628
Reviewed by: gnn
MFC after: 1 month
Sponsored by: Limelight Networks
Modified:
head/sys/netinet/tcp_syncache.c
Modified: head/sys/netinet/tcp_syncache.c
==============================================================================
--- head/sys/netinet/tcp_syncache.c Fri Jan 30 15:42:52 2015
(r277937)
+++ head/sys/netinet/tcp_syncache.c Fri Jan 30 17:29:07 2015
(r277938)
@@ -1742,6 +1742,7 @@ syncookie_mac(struct in_conninfo *inc, t
}
SipHash_Update(&ctx, &inc->inc_fport, sizeof(inc->inc_fport));
SipHash_Update(&ctx, &inc->inc_lport, sizeof(inc->inc_lport));
+ SipHash_Update(&ctx, &irs, sizeof(irs));
SipHash_Update(&ctx, &flags, sizeof(flags));
SipHash_Update(&ctx, &secmod, sizeof(secmod));
SipHash_Final((u_int8_t *)&siphash, &ctx);
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
