From mboxrd@z Thu Jan 1 00:00:00 1970 From: Christoph Paasch Subject: [RFC 08/14] tcp_md5: Detect key inside tcp_v4_send_ack instead of passing it as an argument Date: Mon, 18 Dec 2017 13:51:03 -0800 Message-ID: <20171218215109.38700-9-cpaasch@apple.com> References: <20171218215109.38700-1-cpaasch@apple.com> Content-Transfer-Encoding: 7BIT Cc: Eric Dumazet , Mat Martineau , Alexei Starovoitov To: netdev@vger.kernel.org Return-path: Received: from mail-out6.apple.com ([17.151.62.28]:48858 "EHLO mail-in6.apple.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S935637AbdLRVvl (ORCPT ); Mon, 18 Dec 2017 16:51:41 -0500 In-reply-to: <20171218215109.38700-1-cpaasch@apple.com> Sender: netdev-owner@vger.kernel.org List-ID: This will simplify to consolidate the TCP_MD5-code into a single place. Signed-off-by: Christoph Paasch Reviewed-by: Mat Martineau --- net/ipv4/tcp_ipv4.c | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index dee296097b8f..397975203e14 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -764,7 +764,6 @@ static void tcp_v4_send_reset(const struct sock *sk, struct sk_buff *skb) static void tcp_v4_send_ack(const struct sock *sk, struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 tsval, u32 tsecr, int oif, - struct tcp_md5sig_key *key, int reply_flags, u8 tos) { const struct tcphdr *th = tcp_hdr(skb); @@ -773,6 +772,9 @@ static void tcp_v4_send_ack(const struct sock *sk, __be32 opt[(MAX_TCP_OPTION_SPACE >> 2)]; } rep; struct hlist_head *extopt_list = NULL; +#ifdef CONFIG_TCP_MD5SIG + struct tcp_md5sig_key *key; +#endif struct net *net = sock_net(sk); struct ip_reply_arg arg; int offset = 0; @@ -803,6 +805,17 @@ static void tcp_v4_send_ack(const struct sock *sk, rep.th.ack = 1; rep.th.window = htons(win); +#ifdef CONFIG_TCP_MD5SIG + if (sk->sk_state == TCP_TIME_WAIT) { + key = tcp_twsk_md5_key(tcp_twsk(sk)); + } else if (sk->sk_state == TCP_NEW_SYN_RECV) { + key = tcp_md5_do_lookup(sk, (union tcp_md5_addr *)&ip_hdr(skb)->saddr, + AF_INET); + } else { + key = NULL; /* Should not happen */ + } +#endif + if (unlikely(extopt_list && !hlist_empty(extopt_list))) { unsigned int remaining; struct tcp_out_options opts; @@ -872,7 +885,6 @@ static void tcp_v4_timewait_ack(struct sock *sk, struct sk_buff *skb) tcp_time_stamp_raw() + tcptw->tw_ts_offset, tcptw->tw_ts_recent, tw->tw_bound_dev_if, - tcp_twsk_md5_key(tcptw), tw->tw_transparent ? IP_REPLY_ARG_NOSRCCHECK : 0, tw->tw_tos ); @@ -900,8 +912,6 @@ static void tcp_v4_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb, tcp_time_stamp_raw() + tcp_rsk(req)->ts_off, req->ts_recent, 0, - tcp_md5_do_lookup(sk, (union tcp_md5_addr *)&ip_hdr(skb)->saddr, - AF_INET), inet_rsk(req)->no_srccheck ? IP_REPLY_ARG_NOSRCCHECK : 0, ip_hdr(skb)->tos); } -- 2.15.0