sctp: add SCTP_AUTH_SUPPORTED sockopt
SCTP_AUTH_SUPPORTED sockopt is used to set enpoint's auth flag. With this feature, each endpoint will have its own flag for its future asoc's auth_capable, instead of netns auth flag. Note that when both ep's auth_enable is enabled, endpoint auth related data should be initialized. If asconf_enable is also set, SCTP_CID_ASCONF/SCTP_CID_ASCONF_ACK should be added into auth_chunk_list. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Родитель
03f961270f
Коммит
56dd525abd
|
@ -135,6 +135,7 @@ typedef __s32 sctp_assoc_t;
|
|||
#define SCTP_SENDMSG_CONNECT 126
|
||||
#define SCTP_EVENT 127
|
||||
#define SCTP_ASCONF_SUPPORTED 128
|
||||
#define SCTP_AUTH_SUPPORTED 129
|
||||
|
||||
/* PR-SCTP policies */
|
||||
#define SCTP_PR_SCTP_NONE 0x0000
|
||||
|
|
|
@ -4520,6 +4520,46 @@ out:
|
|||
return retval;
|
||||
}
|
||||
|
||||
static int sctp_setsockopt_auth_supported(struct sock *sk,
|
||||
char __user *optval,
|
||||
unsigned int optlen)
|
||||
{
|
||||
struct sctp_assoc_value params;
|
||||
struct sctp_association *asoc;
|
||||
struct sctp_endpoint *ep;
|
||||
int retval = -EINVAL;
|
||||
|
||||
if (optlen != sizeof(params))
|
||||
goto out;
|
||||
|
||||
if (copy_from_user(¶ms, optval, optlen)) {
|
||||
retval = -EFAULT;
|
||||
goto out;
|
||||
}
|
||||
|
||||
asoc = sctp_id2assoc(sk, params.assoc_id);
|
||||
if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC &&
|
||||
sctp_style(sk, UDP))
|
||||
goto out;
|
||||
|
||||
ep = sctp_sk(sk)->ep;
|
||||
if (params.assoc_value) {
|
||||
retval = sctp_auth_init(ep, GFP_KERNEL);
|
||||
if (retval)
|
||||
goto out;
|
||||
if (ep->asconf_enable) {
|
||||
sctp_auth_ep_add_chunkid(ep, SCTP_CID_ASCONF);
|
||||
sctp_auth_ep_add_chunkid(ep, SCTP_CID_ASCONF_ACK);
|
||||
}
|
||||
}
|
||||
|
||||
ep->auth_enable = !!params.assoc_value;
|
||||
retval = 0;
|
||||
|
||||
out:
|
||||
return retval;
|
||||
}
|
||||
|
||||
/* API 6.2 setsockopt(), getsockopt()
|
||||
*
|
||||
* Applications use setsockopt() and getsockopt() to set or retrieve
|
||||
|
@ -4723,6 +4763,9 @@ static int sctp_setsockopt(struct sock *sk, int level, int optname,
|
|||
case SCTP_ASCONF_SUPPORTED:
|
||||
retval = sctp_setsockopt_asconf_supported(sk, optval, optlen);
|
||||
break;
|
||||
case SCTP_AUTH_SUPPORTED:
|
||||
retval = sctp_setsockopt_auth_supported(sk, optval, optlen);
|
||||
break;
|
||||
default:
|
||||
retval = -ENOPROTOOPT;
|
||||
break;
|
||||
|
@ -7746,6 +7789,45 @@ out:
|
|||
return retval;
|
||||
}
|
||||
|
||||
static int sctp_getsockopt_auth_supported(struct sock *sk, int len,
|
||||
char __user *optval,
|
||||
int __user *optlen)
|
||||
{
|
||||
struct sctp_assoc_value params;
|
||||
struct sctp_association *asoc;
|
||||
int retval = -EFAULT;
|
||||
|
||||
if (len < sizeof(params)) {
|
||||
retval = -EINVAL;
|
||||
goto out;
|
||||
}
|
||||
|
||||
len = sizeof(params);
|
||||
if (copy_from_user(¶ms, optval, len))
|
||||
goto out;
|
||||
|
||||
asoc = sctp_id2assoc(sk, params.assoc_id);
|
||||
if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC &&
|
||||
sctp_style(sk, UDP)) {
|
||||
retval = -EINVAL;
|
||||
goto out;
|
||||
}
|
||||
|
||||
params.assoc_value = asoc ? asoc->peer.auth_capable
|
||||
: sctp_sk(sk)->ep->auth_enable;
|
||||
|
||||
if (put_user(len, optlen))
|
||||
goto out;
|
||||
|
||||
if (copy_to_user(optval, ¶ms, len))
|
||||
goto out;
|
||||
|
||||
retval = 0;
|
||||
|
||||
out:
|
||||
return retval;
|
||||
}
|
||||
|
||||
static int sctp_getsockopt(struct sock *sk, int level, int optname,
|
||||
char __user *optval, int __user *optlen)
|
||||
{
|
||||
|
@ -7951,6 +8033,10 @@ static int sctp_getsockopt(struct sock *sk, int level, int optname,
|
|||
retval = sctp_getsockopt_asconf_supported(sk, len, optval,
|
||||
optlen);
|
||||
break;
|
||||
case SCTP_AUTH_SUPPORTED:
|
||||
retval = sctp_getsockopt_auth_supported(sk, len, optval,
|
||||
optlen);
|
||||
break;
|
||||
default:
|
||||
retval = -ENOPROTOOPT;
|
||||
break;
|
||||
|
|
Загрузка…
Ссылка в новой задаче