From: Evgeniy Polyakov <johnpol@2ka.mipt.ru>
To: Adam Langley <agl@imperialviolet.org>
Cc: Stephen Hemminger <shemminger@vyatta.com>, netdev@vger.kernel.org
Subject: Re: MD5 SG fix
Date: Wed, 2 Jul 2008 08:55:55 +0400 [thread overview]
Message-ID: <20080702045555.GB11252@2ka.mipt.ru> (raw)
In-Reply-To: <396556a20805301217k293e5718h6bbf02bfe0683153@europa>
Hi.
On Tue, Jul 01, 2008 at 03:38:14PM -0700, Adam Langley (agl@imperialviolet.org) wrote:
> @@ -1040,9 +1079,14 @@ static int tcp_v4_do_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
> bp->daddr = daddr;
> bp->pad = 0;
> bp->protocol = protocol;
> - bp->len = htons(tcplen);
> + if (frags)
> + for (i = 0; i < frags->nr_frags; ++i)
> + nbytes += frags->frags[i].size;
> + bp->len = htons(nbytes);
> + nbytes = 0;
>
> - sg_init_table(sg, 4);
> + sg_init_table(sg, 3 + (head_data_len > 0) +
> + (frags ? frags->nr_frags : 0));
>
> sg_set_buf(&sg[block++], bp, sizeof(*bp));
> nbytes += sizeof(*bp);
> @@ -1056,11 +1100,19 @@ static int tcp_v4_do_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
> nbytes += sizeof(struct tcphdr);
>
> /* 3. the TCP segment data (if any) */
> - data_len = tcplen - (th->doff << 2);
> - if (data_len > 0) {
> - unsigned char *data = (unsigned char *)th + (th->doff << 2);
> - sg_set_buf(&sg[block++], data, data_len);
> - nbytes += data_len;
> + if (head_data_len > 0) {
> + unsigned char *data = (unsigned char *)th + data_off;
> + sg_set_buf(&sg[block++], data, head_data_len);
> + nbytes += head_data_len;
> + }
> +
> + if (frags) {
> + for (i = 0; i < frags->nr_frags; ++i) {
> + const struct skb_frag_struct *f = &frags->frags[i];
> + sg_set_page(&sg[block++], f->page, f->size,
> + f->page_offset);
> + nbytes += f->size;
> + }
> }
>
> /* 4. an independently-specified key or password, known to both
Why dont't you want to iterate over all provided data/page pointers with
crypto_hash_update() and do not mess with huge scatterlist arrays?
--
Evgeniy Polyakov
next prev parent reply other threads:[~2008-07-02 4:55 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-07-01 21:16 MD5 SG fix Adam Langley
2008-07-01 21:39 ` Stephen Hemminger
2008-07-01 21:48 ` Adam Langley
2008-07-01 21:49 ` Adam Langley
2008-07-01 22:38 ` Adam Langley
2008-07-01 22:46 ` Stephen Hemminger
2008-07-01 22:49 ` Stephen Hemminger
2008-07-01 22:52 ` Adam Langley
2008-07-01 23:10 ` Stephen Hemminger
2008-07-02 4:55 ` Evgeniy Polyakov [this message]
2008-07-04 0:07 ` Adam Langley
2008-07-04 4:02 ` Stephen Hemminger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080702045555.GB11252@2ka.mipt.ru \
--to=johnpol@2ka.mipt.ru \
--cc=agl@imperialviolet.org \
--cc=netdev@vger.kernel.org \
--cc=shemminger@vyatta.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).