[WebRTC] Stop putting addresses in the cookie chunk.
parent
4b99f42c8d
commit
c7cfc244e1
|
@ -2517,6 +2517,27 @@ sctp_handle_cookie_echo(struct mbuf *m, int iphlen, int offset,
|
|||
/* cookie too small */
|
||||
return (NULL);
|
||||
}
|
||||
#if defined(__Userspace__)
|
||||
/*
|
||||
* Recover the AF_CONN addresses within the cookie.
|
||||
* This needs to be done in the buffer provided for later processing
|
||||
* of the cookie and in the mbuf chain for HMAC validation.
|
||||
*/
|
||||
if ((cookie->addr_type == SCTP_CONN_ADDRESS) && (src->sa_family == AF_CONN)) {
|
||||
struct sockaddr_conn *sconnp = (struct sockaddr_conn *)src;
|
||||
|
||||
memcpy(cookie->address, &sconnp->sconn_addr , sizeof(void *));
|
||||
m_copyback(m, cookie_offset + offsetof(struct sctp_state_cookie, address),
|
||||
(int)sizeof(void *), (caddr_t)&sconnp->sconn_addr);
|
||||
}
|
||||
if ((cookie->laddr_type == SCTP_CONN_ADDRESS) && (dst->sa_family == AF_CONN)) {
|
||||
struct sockaddr_conn *sconnp = (struct sockaddr_conn *)dst;
|
||||
|
||||
memcpy(cookie->laddress, &sconnp->sconn_addr , sizeof(void *));
|
||||
m_copyback(m, cookie_offset + offsetof(struct sctp_state_cookie, laddress),
|
||||
(int)sizeof(void *), (caddr_t)&sconnp->sconn_addr);
|
||||
}
|
||||
#endif
|
||||
/*
|
||||
* split off the signature into its own mbuf (since it should not be
|
||||
* calculated in the sctp_hmac_m() call).
|
||||
|
|
|
@ -6492,6 +6492,27 @@ sctp_send_initiate_ack(struct sctp_inpcb *inp, struct sctp_tcb *stcb,
|
|||
(uint8_t *)inp->sctp_ep.secret_key[(int)(inp->sctp_ep.current_secret_number)],
|
||||
SCTP_SECRET_SIZE, m_cookie, sizeof(struct sctp_paramhdr),
|
||||
(uint8_t *)signature, SCTP_SIGNATURE_SIZE);
|
||||
#if defined(__Userspace__)
|
||||
/*
|
||||
* Don't put AF_CONN addresses on the wire, in case this is critical
|
||||
* for the application. However, they are protected by the HMAC and
|
||||
* need to be reconstructed before checking the HMAC.
|
||||
* Clearing is only done in the mbuf chain, since the local stc is
|
||||
* not used anymore.
|
||||
*/
|
||||
if (stc.addr_type == SCTP_CONN_ADDRESS) {
|
||||
const void *p = NULL;
|
||||
|
||||
m_copyback(m_cookie, sizeof(struct sctp_paramhdr) + offsetof(struct sctp_state_cookie, address),
|
||||
(int)sizeof(void *), (caddr_t)&p);
|
||||
}
|
||||
if (stc.laddr_type == SCTP_CONN_ADDRESS) {
|
||||
const void *p = NULL;
|
||||
|
||||
m_copyback(m_cookie, sizeof(struct sctp_paramhdr) + offsetof(struct sctp_state_cookie, laddress),
|
||||
(int)sizeof(void *), (caddr_t)&p);
|
||||
}
|
||||
#endif
|
||||
/*
|
||||
* We sifa 0 here to NOT set IP_DF if its IPv4, we ignore the return
|
||||
* here since the timer will drive a retranmission.
|
||||
|
|
Loading…
Reference in New Issue