tcp: switch tcp_fastopen key generation to net_get_random_once Changed key initialization of tcp_fastopen cookies to net_get_random_once. If the user sets a custom key net_get_random_once must be called at least once to ensure we don't overwrite the user provided key when the first cookie is generated later on. Cc: Yuchung Cheng <ycheng@google.com> Cc: Eric Dumazet <edumazet@google.com> Cc: "David S. Miller" <davem@davemloft.net> Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: David S. Miller <davem@davemloft.net>

commit: 222e83d2e0aecb6a5e8d42b1a8d51332a1eba960 [log] [tgz]
author: Hannes Frederic Sowa <hannes@stressinduktion.org> Sat Oct 19 21:48:58 2013 +0200
committer: David S. Miller <davem@davemloft.net> Sat Oct 19 19:45:35 2013 -0400
tree: 395011fb151ed3ce911333e1ab70602b2cfbc3e0
parent: 1bbdceef1e535add893bf71d7b7ab102e4eb69eb [diff] [blame]
diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c
index c08f096..4b161d5 100644
--- a/net/ipv4/sysctl_net_ipv4.c
+++ b/net/ipv4/sysctl_net_ipv4.c

@@ -274,6 +274,11 @@
 			ret = -EINVAL;
 			goto bad_key;
 		}
+		/* Generate a dummy secret but don't publish it. This
+		 * is needed so we don't regenerate a new key on the
+		 * first invocation of tcp_fastopen_cookie_gen
+		 */
+		tcp_fastopen_init_key_once(false);
 		tcp_fastopen_reset_cipher(user_key, TCP_FASTOPEN_KEY_LENGTH);
 	}
commit	222e83d2e0aecb6a5e8d42b1a8d51332a1eba960	[log] [tgz]
author	Hannes Frederic Sowa <hannes@stressinduktion.org>	Sat Oct 19 21:48:58 2013 +0200
committer	David S. Miller <davem@davemloft.net>	Sat Oct 19 19:45:35 2013 -0400
tree	395011fb151ed3ce911333e1ab70602b2cfbc3e0
parent	1bbdceef1e535add893bf71d7b7ab102e4eb69eb [diff] [blame]