Shawn Lu 658ddaaf66 tcp: md5: RST: getting md5 key from listener ... TCP RST mechanism is broken in TCP md5(RFC2385). When connection is gone, md5 key is lost, sending RST without md5 hash is deem to ignored by peer. This can be a problem since RST help protocal like bgp to fast recove from peer crash. In most case, users of tcp md5, such as bgp and ldp, have listener on both sides to accept connection from peer. md5 keys for peers are saved in listening socket. There are two cases in finding md5 key when connection is lost: 1.Passive receive RST: The message is send to well known port, tcp will associate it with listner. md5 key is gotten from listener. 2.Active receive RST (no sock): The message is send to ative side, there is no socket associated with the message. In this case, finding listener from source port, then find md5 key from listener. we are not loosing sercuriy here: packet is checked with md5 hash. No RST is generated if md5 hash doesn't match or no md5 key can be found. Signed-off-by: Shawn Lu <shawn.lu@ericsson.com> Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>		2012-02-01 12:43:54 -05:00
..
9p	virtio: rename virtqueue_add_buf_gfp to virtqueue_add_buf	2012-01-12 15:44:42 +10:30
802	net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules	2011-10-31 19:30:30 -04:00
8021q	vlan: static functions	2011-12-14 02:39:30 -05:00
appletalk	net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules	2011-10-31 19:30:30 -04:00
atm	net: Rename dst_get_neighbour{, _raw} to dst_get_neighbour_noref{, _raw}.	2011-12-05 15:20:19 -05:00
ax25	ax25: avoid overflows in ax25_setsockopt()	2011-12-28 14:08:08 -05:00
batman-adv	batman-adv: Fix merge error.	2011-12-16 15:07:28 -05:00
bluetooth	bluetooth: hci: Fix type of "enable_hs" to bool.	2012-01-22 15:08:46 -05:00
bridge	bridge: BH already disabled in br_fdb_cleanup()	2012-01-17 10:17:32 -05:00
caif	caif: Remove bad WARN_ON in caif_dev	2012-01-17 10:46:55 -05:00
can	can: remove references to berlios mailinglist	2011-10-17 19:22:46 -04:00
ceph	libceph: remove useless return value for osd_client __send_request()	2012-01-10 08:57:03 -08:00
core	net: Allow ipv6 proxies and arp proxies be shown with iproute2	2012-01-30 12:57:34 -05:00
dcb	net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules	2011-10-31 19:30:30 -04:00
dccp	inet_diag: Rename inet_diag_req into inet_diag_req_v2	2012-01-11 12:56:06 -08:00
decnet	Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-security	2012-01-14 18:36:33 -08:00
dns_resolver	KEYS: Improve /proc/keys	2011-03-17 11:59:32 +11:00
dsa	dsa: Move switch drivers to new directory drivers/net/dsa	2011-11-29 00:21:36 -05:00
econet	net: Remove all uses of LL_ALLOCATED_SPACE	2011-11-18 14:37:09 -05:00
ethernet	net: don't clear IFF_XMIT_DST_RELEASE in ether_setup	2011-09-15 14:49:44 -04:00
ieee802154	net: Remove all uses of LL_ALLOCATED_SPACE	2011-11-18 14:37:09 -05:00
ipv4	tcp: md5: RST: getting md5 key from listener	2012-02-01 12:43:54 -05:00
ipv6	tcp: md5: RST: getting md5 key from listener	2012-02-01 12:43:54 -05:00
ipx	net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules	2011-10-31 19:30:30 -04:00
irda	irda: use msecs_to_jiffies() rather than manual calculation	2011-12-21 15:46:22 -05:00
iucv	af_iucv: get rid of state IUCV_SEVERED	2011-12-20 14:05:03 -05:00
key	net: use IS_ENABLED(CONFIG_IPV6)	2011-12-11 18:25:16 -05:00
l2tp	l2tp: ensure sk->dst is still valid	2011-11-26 15:57:36 -05:00
lapb	wan: make LAPB callbacks const	2011-09-16 19:20:20 -04:00
llc	llc: Fix race condition in llc_ui_recvmsg	2012-01-24 15:33:19 -05:00
mac80211	mac80211: fix work removal on deauth request	2012-01-18 14:38:06 -05:00
netfilter	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2012-01-17 22:26:41 -08:00
netlabel	net: reintroduce missing rcu_assign_pointer() calls	2012-01-12 12:26:56 -08:00
netlink	net: Deinline __nlmsg_put and genlmsg_put. -7k code on i386 defconfig.	2012-01-30 15:22:06 -05:00
netrom	netrom: avoid overflows in nr_setsockopt()	2011-12-28 14:08:08 -05:00
nfc	NFC: Export a new attribute nfcid1 in target info	2012-01-04 14:30:43 -05:00
openvswitch	openvswitch: Fix multipart datapath dumps.	2012-01-17 23:56:19 -05:00
packet	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2011-12-30 13:04:14 -05:00
phonet	net: reintroduce missing rcu_assign_pointer() calls	2012-01-12 12:26:56 -08:00
rds	rds: Make rds_sock_lock BH rather than IRQ safe.	2012-01-24 17:03:44 -05:00
rfkill	Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next into for-davem	2012-01-05 10:13:24 -05:00
rose	net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules	2011-10-31 19:30:30 -04:00
rxrpc	net: fix assignment of 0/1 to bool variables.	2011-12-19 22:27:29 -05:00
sched	netem: Fix off-by-one bug in reordering	2012-01-22 15:08:44 -05:00
sctp	Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial	2012-01-08 13:21:22 -08:00
sunrpc	Merge branch 'for-3.3' of git://linux-nfs.org/~bfields/linux	2012-01-14 12:26:41 -08:00
tipc	tipc: rename struct bearer_name to struct tipc_bearer_names	2011-12-29 21:53:30 -05:00
unix	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2012-01-09 14:46:52 -08:00
wanrouter	wanrouter: Remove kernel_lock annotations	2011-11-07 13:27:30 -05:00
wimax	net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules	2011-10-31 19:30:30 -04:00
wireless	nl80211: fix old station flags compatibility	2012-01-11 15:14:50 -05:00
x25	net:x25: use IS_ENABLED	2011-12-16 15:49:52 -05:00
xfrm	Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-security	2012-01-14 18:36:33 -08:00
Kconfig	net: Add Open vSwitch kernel components.	2011-12-03 09:35:17 -08:00
Makefile	net: Add Open vSwitch kernel components.	2011-12-03 09:35:17 -08:00
compat.c	net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules	2011-10-31 19:30:30 -04:00
nonet.c	…
socket.c	net: reintroduce missing rcu_assign_pointer() calls	2012-01-12 12:26:56 -08:00
sysctl_net.c	net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules	2011-10-31 19:30:30 -04:00