• Vlad Yasevich's avatar
    sctp: Follow security requirement of responding with 1 packet · 2e3216cd
    Vlad Yasevich authored
    RFC 4960, Section 11.4. Protection of Non-SCTP-Capable Hosts
    
    When an SCTP stack receives a packet containing multiple control or
    DATA chunks and the processing of the packet requires the sending of
    multiple chunks in response, the sender of the response chunk(s) MUST
    NOT send more than one packet.  If bundling is supported, multiple
    response chunks that fit into a single packet MAY be bundled together
    into one single response packet.  If bundling is not supported, then
    the sender MUST NOT send more than one response chunk and MUST
    discard all other responses.  Note that this rule does NOT apply to a
    SACK chunk, since a SACK chunk is, in itself, a response to DATA and
    a SACK does not require a response of more DATA.
    
    We implement this by not servicing our outqueue until we reach the end
    of the packet.  This enables maximum bundling.  We also identify
    'response' chunks and make sure that we only send 1 packet when sending
    such chunks.
    Signed-off-by: default avatarVlad Yasevich <vladislav.yasevich@hp.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    2e3216cd
sm_sideeffect.c 44.1 KB