microsoft
/
WSL2-Linux-Kernel
зеркало из https://github.com/microsoft/WSL2-Linux-Kernel.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

tcp: MD5: Use MIB counter instead of warning for MD5 mismatch. 

From a report by Matti Aarnio, and preliminary patch by Adam Langley.

Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
David S. Miller 2008-07-30 03:03:15 -07:00
Родитель 8d50b53d66
Коммит 785957d3e8
4 изменённых файлов: 14 добавлений и 27 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

2
include/linux/snmp.h
Просмотреть файл

@ -214,6 +214,8 @@ enum
LINUX_MIB_TCPDSACKIGNOREDOLD, /* TCPSACKIgnoredOld */ LINUX_MIB_TCPDSACKIGNOREDOLD, /* TCPSACKIgnoredOld */
LINUX_MIB_TCPDSACKIGNOREDNOUNDO, /* TCPSACKIgnoredNoUndo */ LINUX_MIB_TCPDSACKIGNOREDNOUNDO, /* TCPSACKIgnoredNoUndo */
LINUX_MIB_TCPSPURIOUSRTOS, /* TCPSpuriousRTOs */ LINUX_MIB_TCPSPURIOUSRTOS, /* TCPSpuriousRTOs */
LINUX_MIB_TCPMD5NOTFOUND, /* TCPMD5NotFound */
LINUX_MIB_TCPMD5UNEXPECTED, /* TCPMD5Unexpected */
__LINUX_MIB_MAX __LINUX_MIB_MAX
}; };

2
net/ipv4/proc.c
Просмотреть файл

@ -232,6 +232,8 @@ static const struct snmp_mib snmp4_net_list[] = {
SNMP_MIB_ITEM("TCPDSACKIgnoredOld", LINUX_MIB_TCPDSACKIGNOREDOLD), SNMP_MIB_ITEM("TCPDSACKIgnoredOld", LINUX_MIB_TCPDSACKIGNOREDOLD),
SNMP_MIB_ITEM("TCPDSACKIgnoredNoUndo", LINUX_MIB_TCPDSACKIGNOREDNOUNDO), SNMP_MIB_ITEM("TCPDSACKIgnoredNoUndo", LINUX_MIB_TCPDSACKIGNOREDNOUNDO),
SNMP_MIB_ITEM("TCPSpuriousRTOs", LINUX_MIB_TCPSPURIOUSRTOS), SNMP_MIB_ITEM("TCPSpuriousRTOs", LINUX_MIB_TCPSPURIOUSRTOS),
SNMP_MIB_ITEM("TCPMD5NotFound", LINUX_MIB_TCPMD5NOTFOUND),
SNMP_MIB_ITEM("TCPMD5Unexpected", LINUX_MIB_TCPMD5UNEXPECTED),
SNMP_MIB_SENTINEL SNMP_MIB_SENTINEL
}; };

10
net/ipv4/tcp_ipv4.c
Просмотреть файл

@ -1116,18 +1116,12 @@ static int tcp_v4_inbound_md5_hash(struct sock *sk, struct sk_buff *skb)
return 0; return 0;
if (hash_expected && !hash_location) { if (hash_expected && !hash_location) {
LIMIT_NETDEBUG(KERN_INFO "MD5 Hash expected but NOT found " NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
"(" NIPQUAD_FMT ", %d)->(" NIPQUAD_FMT ", %d)\n",
NIPQUAD(iph->saddr), ntohs(th->source),
NIPQUAD(iph->daddr), ntohs(th->dest));
return 1; return 1;
} }
if (!hash_expected && hash_location) { if (!hash_expected && hash_location) {
LIMIT_NETDEBUG(KERN_INFO "MD5 Hash NOT expected but found " NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
"(" NIPQUAD_FMT ", %d)->(" NIPQUAD_FMT ", %d)\n",
NIPQUAD(iph->saddr), ntohs(th->source),
NIPQUAD(iph->daddr), ntohs(th->dest));
return 1; return 1;
} }

27
net/ipv6/tcp_ipv6.c
Просмотреть файл

@ -849,28 +849,17 @@ static int tcp_v6_inbound_md5_hash (struct sock *sk, struct sk_buff *skb)
hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr); hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
hash_location = tcp_parse_md5sig_option(th); hash_location = tcp_parse_md5sig_option(th);
/* do we have a hash as expected? */ /* We've parsed the options - do we have a hash? */
if (!hash_expected) { if (!hash_expected && !hash_location)
if (!hash_location) return 0;
return 0;
if (net_ratelimit()) { if (hash_expected && !hash_location) {
printk(KERN_INFO "MD5 Hash NOT expected but found " NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
"(" NIP6_FMT ", %u)->"
"(" NIP6_FMT ", %u)\n",
NIP6(ip6h->saddr), ntohs(th->source),
NIP6(ip6h->daddr), ntohs(th->dest));
}
return 1; return 1;
} }
if (!hash_location) { if (!hash_expected && hash_location) {
if (net_ratelimit()) { NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
printk(KERN_INFO "MD5 Hash expected but NOT found "
"(" NIP6_FMT ", %u)->"
"(" NIP6_FMT ", %u)\n",
NIP6(ip6h->saddr), ntohs(th->source),
NIP6(ip6h->daddr), ntohs(th->dest));
}
return 1; return 1;
} }