• Xin Long's avatar
    sctp: process duplicated strreset in and addstrm in requests correctly · d0f025e6
    Xin Long authored
    This patch is to fix the replay attack issue for strreset and addstrm in
    requests.
    
    When a duplicated strreset in or addstrm in request is received, reply it
    with bad seqno if it's seqno < asoc->strreset_inseq - 2, and reply it with
    the result saved in asoc if it's seqno >= asoc->strreset_inseq - 2.
    
    For strreset in or addstrm in request, if the receiver side processes it
    successfully, a strreset out or addstrm out request(as a response for that
    request) will be sent back to peer. reconf_time will retransmit the out
    request even if it's lost.
    
    So when receiving a duplicated strreset in or addstrm in request and it's
    result was performed, it shouldn't reply this request, but drop it instead.
    Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    d0f025e6
stream.c 22.6 KB