git.kernel.dk Git - linux-2.6-block.git/commit

author	Dmitry Safonov <dima@arista.com>
	Mon, 23 Oct 2023 19:21:59 +0000 (20:21 +0100)
committer	David S. Miller <davem@davemloft.net>
	Fri, 27 Oct 2023 09:35:44 +0000 (10:35 +0100)
commit	f7dca36fc54afa2eb76bff8d0589a2ef18caea91
tree	318f2f477d23c115b66a9a1ea136f562ed588430	tree \| snapshot
parent	1e03d32bea8e782b7d31769c25a5fae8a5044488	commit \| diff

net/tcp: Add tcp_parse_auth_options()

Introduce a helper that:
(1) shares the common code with TCP-MD5 header options parsing
(2) looks for hash signature only once for both TCP-MD5 and TCP-AO
(3) fails with -EEXIST if any TCP sign option is present twice, see
    RFC5925 (2.2):
    ">> A single TCP segment MUST NOT have more than one TCP-AO in its
    options sequence. When multiple TCP-AOs appear, TCP MUST discard
    the segment."

Co-developed-by: Francesco Ruggeri <fruggeri@arista.com>
Signed-off-by: Francesco Ruggeri <fruggeri@arista.com>
Co-developed-by: Salam Noureddine <noureddine@arista.com>
Signed-off-by: Salam Noureddine <noureddine@arista.com>
Signed-off-by: Dmitry Safonov <dima@arista.com>
Acked-by: David Ahern <dsahern@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

include/net/dropreason-core.h		diff \| blob \| blame \| history
include/net/tcp.h		diff \| blob \| blame \| history
include/net/tcp_ao.h		diff \| blob \| blame \| history
net/ipv4/tcp.c		diff \| blob \| blame \| history
net/ipv4/tcp_input.c		diff \| blob \| blame \| history
net/ipv4/tcp_ipv4.c		diff \| blob \| blame \| history
net/ipv6/tcp_ipv6.c		diff \| blob \| blame \| history