maxmustermann/linux
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
linux/net
History
Neil Horman 3c68198e75 sctp: Make hmac algorithm selection for cookie generation dynamic 
Currently sctp allows for the optional use of md5 of sha1 hmac algorithms to
generate cookie values when establishing new connections via two build time
config options.  Theres no real reason to make this a static selection.  We can
add a sysctl that allows for the dynamic selection of these algorithms at run
time, with the default value determined by the corresponding crypto library
availability.
This comes in handy when, for example running a system in FIPS mode, where use
of md5 is disallowed, but SHA1 is permitted.

Note: This new sysctl has no corresponding socket option to select the cookie
hmac algorithm.  I chose not to implement that intentionally, as RFC 6458
contains no option for this value, and I opted not to pollute the socket option
namespace.

Change notes:
v2)
	* Updated subject to have the proper sctp prefix as per Dave M.
	* Replaced deafult selection options with new options that allow
	  developers to explicitly select available hmac algs at build time
	  as per suggestion by Vlad Y.

Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
CC: Vlad Yasevich <vyasevich@gmail.com>
CC: "David S. Miller" <davem@davemloft.net>
CC: netdev@vger.kernel.org
Acked-by: Vlad Yasevich <vyasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-10-26 02:22:18 -04:00
..
9p The following changes since commit 4cbe5a555f: 2012-10-12 09:59:23 +09:00
802
8021q vlan: allow to change type when no vlan device is hooked on netdev 2012-10-18 15:34:30 -04:00
appletalk userns: Print out socket uids in a user namespace aware fashion. 2012-08-14 21:48:06 -07:00
atm net🏧fix up ENOIOCTLCMD error handling 2012-08-31 16:14:33 -04:00
ax25 userns: Convert net/ax25 to use kuid_t where appropriate 2012-08-14 21:49:42 -07:00
batman-adv batman-adv: Fix potential broadcast BLA-duplicate-check race condition 2012-10-18 18:17:31 +02:00
bluetooth userns: Properly print bluetooth socket uids 2012-10-12 13:16:47 -07:00
bridge bridge: Pull ip header into skb->data before looking into ip header. 2012-10-10 22:50:45 -04:00
caif caif: move the dereference below the NULL test 2012-09-10 16:13:31 -04:00
can sections: fix section conflicts in net/can 2012-10-06 03:04:45 +09:00
ceph Merge branch 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux 2012-10-14 13:39:34 -07:00
core netlink: cleanup the unnecessary return value check 2012-10-23 13:03:44 -04:00
dcb netlink: Rename pid to portid to avoid confusion 2012-09-10 15:30:41 -04:00
dccp dccp: fix info leak via getsockopt(DCCP_SOCKOPT_CCID_TX_INFO) 2012-08-15 21:36:31 -07:00
decnet sections: fix section conflicts in net 2012-10-06 03:04:45 +09:00
dns_resolver Merge branch 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux 2012-10-14 13:39:34 -07:00
dsa workqueue: deprecate flush[_delayed]_work_sync() 2012-08-20 14:51:24 -07:00
ethernet
ieee802154 net/ieee802154/6lowpan.c: Remove unecessary semicolon 2012-09-18 16:08:19 -04:00
ipv4 sock-diag: Report shutdown for inet and unix sockets (v2) 2012-10-23 14:57:52 -04:00
ipv6 ipv6: fix sparse warnings in rt6_info_hash_nhsfn() 2012-10-23 13:03:45 -04:00
ipx userns: Print out socket uids in a user namespace aware fashion. 2012-08-14 21:48:06 -07:00
irda silence some noisy printks in irda 2012-10-04 15:53:48 -04:00
iucv
key net/key/af_key.c: add range checks on ->sadb_x_policy_len 2012-10-01 17:15:06 -04:00
l2tp Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-09-28 14:40:49 -04:00
lapb
llc Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2012-10-02 11:11:09 -07:00
mac80211 mac80211: use ieee80211_free_txskb to fix possible skb leaks 2012-10-08 15:06:05 -04:00
mac802154
netfilter netfilter: xt_TEE: don't use destination address found in header 2012-10-17 11:00:31 +02:00
netlabel Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-10-02 13:38:27 -07:00
netlink netlink: use kfree_rcu() in netlink_release() 2012-10-18 15:34:30 -04:00
netrom net: change return values from -EACCES to -EPERM 2012-09-21 13:58:08 -04:00
nfc Remove noisy printks from llcp_sock_connect 2012-10-04 15:58:47 -04:00
openvswitch net/openvswitch/vport.c: Remove unecessary semicolon 2012-09-18 16:08:19 -04:00
packet packet: minor: remove unused err assignment 2012-10-26 02:17:20 -04:00
phonet netlink: Rename pid to portid to avoid confusion 2012-09-10 15:30:41 -04:00
rds RDS: fix rds-ping spinlock recursion 2012-10-09 13:57:23 -04:00
rfkill Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-10-02 13:38:27 -07:00
rose
rxrpc Merge branch 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux 2012-10-14 13:39:34 -07:00
sched pkt_sched: use ns_to_ktime() helper 2012-10-21 22:21:27 -04:00
sctp sctp: Make hmac algorithm selection for cookie generation dynamic 2012-10-26 02:22:18 -04:00
sunrpc Merge branch 'for-3.7' of git://linux-nfs.org/~bfields/linux 2012-10-13 10:53:54 +09:00
tipc tipc: prevent dropped connections due to rcvbuf overflow 2012-10-04 15:53:48 -04:00
unix sock-diag: Report shutdown for inet and unix sockets (v2) 2012-10-23 14:57:52 -04:00
wanrouter
wimax
wireless Merge branch 'for-davem' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next 2012-09-30 02:30:16 -04:00
x25
xfrm Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-10-02 13:38:27 -07:00
compat.c make get_file() return its argument 2012-09-26 21:10:25 -04:00
Kconfig net: Add INET dependency on aes crypto for the sake of TCP fastopen. 2012-09-04 14:20:14 -04:00
Makefile
nonet.c
socket.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-10-02 20:25:04 -07:00
sysctl_net.c