UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity

tcp: heed result of security_inet_conn_request() in tcp_v6_conn_request() 

If security_inet_conn_request() returns non-zero then TCP/IPv6 should
drop the request, just as in TCP/IPv4 and DCCP in both IPv4 and IPv6.

Signed-off-by: Neal Cardwell <ncardwell@google.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Neal Cardwell 2012-06-23 19:22:00 +00:00 committed by David S. Miller
parent fa809e2fd6
commit 437c5b53f6
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
net/ipv6/tcp_ipv6.c
View File

@ -1212,7 +1212,8 @@ have_isn:
tcp_rsk(req)->snt_isn = isn;
tcp_rsk(req)->snt_synack = tcp_time_stamp;
security_inet_conn_request(sk, skb, req);
if (security_inet_conn_request(sk, skb, req))
goto drop_and_release;
if (tcp_v6_send_synack(sk, req,
(struct request_values *)&tmp_ext,