sctp: add SCTP_AUTH_SUPPORTED sockopt
SCTP_AUTH_SUPPORTED sockopt is used to set enpoint's auth flag. With this feature, each endpoint will have its own flag for its future asoc's auth_capable, instead of netns auth flag. Note that when both ep's auth_enable is enabled, endpoint auth related data should be initialized. If asconf_enable is also set, SCTP_CID_ASCONF/SCTP_CID_ASCONF_ACK should be added into auth_chunk_list. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
03f961270f
commit
56dd525abd
|
@ -135,6 +135,7 @@ typedef __s32 sctp_assoc_t;
|
||||||
#define SCTP_SENDMSG_CONNECT 126
|
#define SCTP_SENDMSG_CONNECT 126
|
||||||
#define SCTP_EVENT 127
|
#define SCTP_EVENT 127
|
||||||
#define SCTP_ASCONF_SUPPORTED 128
|
#define SCTP_ASCONF_SUPPORTED 128
|
||||||
|
#define SCTP_AUTH_SUPPORTED 129
|
||||||
|
|
||||||
/* PR-SCTP policies */
|
/* PR-SCTP policies */
|
||||||
#define SCTP_PR_SCTP_NONE 0x0000
|
#define SCTP_PR_SCTP_NONE 0x0000
|
||||||
|
|
|
@ -4520,6 +4520,46 @@ out:
|
||||||
return retval;
|
return retval;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int sctp_setsockopt_auth_supported(struct sock *sk,
|
||||||
|
char __user *optval,
|
||||||
|
unsigned int optlen)
|
||||||
|
{
|
||||||
|
struct sctp_assoc_value params;
|
||||||
|
struct sctp_association *asoc;
|
||||||
|
struct sctp_endpoint *ep;
|
||||||
|
int retval = -EINVAL;
|
||||||
|
|
||||||
|
if (optlen != sizeof(params))
|
||||||
|
goto out;
|
||||||
|
|
||||||
|
if (copy_from_user(¶ms, optval, optlen)) {
|
||||||
|
retval = -EFAULT;
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
|
||||||
|
asoc = sctp_id2assoc(sk, params.assoc_id);
|
||||||
|
if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC &&
|
||||||
|
sctp_style(sk, UDP))
|
||||||
|
goto out;
|
||||||
|
|
||||||
|
ep = sctp_sk(sk)->ep;
|
||||||
|
if (params.assoc_value) {
|
||||||
|
retval = sctp_auth_init(ep, GFP_KERNEL);
|
||||||
|
if (retval)
|
||||||
|
goto out;
|
||||||
|
if (ep->asconf_enable) {
|
||||||
|
sctp_auth_ep_add_chunkid(ep, SCTP_CID_ASCONF);
|
||||||
|
sctp_auth_ep_add_chunkid(ep, SCTP_CID_ASCONF_ACK);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
ep->auth_enable = !!params.assoc_value;
|
||||||
|
retval = 0;
|
||||||
|
|
||||||
|
out:
|
||||||
|
return retval;
|
||||||
|
}
|
||||||
|
|
||||||
/* API 6.2 setsockopt(), getsockopt()
|
/* API 6.2 setsockopt(), getsockopt()
|
||||||
*
|
*
|
||||||
* Applications use setsockopt() and getsockopt() to set or retrieve
|
* Applications use setsockopt() and getsockopt() to set or retrieve
|
||||||
|
@ -4723,6 +4763,9 @@ static int sctp_setsockopt(struct sock *sk, int level, int optname,
|
||||||
case SCTP_ASCONF_SUPPORTED:
|
case SCTP_ASCONF_SUPPORTED:
|
||||||
retval = sctp_setsockopt_asconf_supported(sk, optval, optlen);
|
retval = sctp_setsockopt_asconf_supported(sk, optval, optlen);
|
||||||
break;
|
break;
|
||||||
|
case SCTP_AUTH_SUPPORTED:
|
||||||
|
retval = sctp_setsockopt_auth_supported(sk, optval, optlen);
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
retval = -ENOPROTOOPT;
|
retval = -ENOPROTOOPT;
|
||||||
break;
|
break;
|
||||||
|
@ -7746,6 +7789,45 @@ out:
|
||||||
return retval;
|
return retval;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int sctp_getsockopt_auth_supported(struct sock *sk, int len,
|
||||||
|
char __user *optval,
|
||||||
|
int __user *optlen)
|
||||||
|
{
|
||||||
|
struct sctp_assoc_value params;
|
||||||
|
struct sctp_association *asoc;
|
||||||
|
int retval = -EFAULT;
|
||||||
|
|
||||||
|
if (len < sizeof(params)) {
|
||||||
|
retval = -EINVAL;
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
|
||||||
|
len = sizeof(params);
|
||||||
|
if (copy_from_user(¶ms, optval, len))
|
||||||
|
goto out;
|
||||||
|
|
||||||
|
asoc = sctp_id2assoc(sk, params.assoc_id);
|
||||||
|
if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC &&
|
||||||
|
sctp_style(sk, UDP)) {
|
||||||
|
retval = -EINVAL;
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
|
||||||
|
params.assoc_value = asoc ? asoc->peer.auth_capable
|
||||||
|
: sctp_sk(sk)->ep->auth_enable;
|
||||||
|
|
||||||
|
if (put_user(len, optlen))
|
||||||
|
goto out;
|
||||||
|
|
||||||
|
if (copy_to_user(optval, ¶ms, len))
|
||||||
|
goto out;
|
||||||
|
|
||||||
|
retval = 0;
|
||||||
|
|
||||||
|
out:
|
||||||
|
return retval;
|
||||||
|
}
|
||||||
|
|
||||||
static int sctp_getsockopt(struct sock *sk, int level, int optname,
|
static int sctp_getsockopt(struct sock *sk, int level, int optname,
|
||||||
char __user *optval, int __user *optlen)
|
char __user *optval, int __user *optlen)
|
||||||
{
|
{
|
||||||
|
@ -7951,6 +8033,10 @@ static int sctp_getsockopt(struct sock *sk, int level, int optname,
|
||||||
retval = sctp_getsockopt_asconf_supported(sk, len, optval,
|
retval = sctp_getsockopt_asconf_supported(sk, len, optval,
|
||||||
optlen);
|
optlen);
|
||||||
break;
|
break;
|
||||||
|
case SCTP_AUTH_SUPPORTED:
|
||||||
|
retval = sctp_getsockopt_auth_supported(sk, len, optval,
|
||||||
|
optlen);
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
retval = -ENOPROTOOPT;
|
retval = -ENOPROTOOPT;
|
||||||
break;
|
break;
|
||||||
|
|
Loading…
Reference in New Issue