commit de6becdc0844ff92b38ffd9f0c4db1d3de02835f
author Wei Yongjun <yjwei@cn.fujitsu.com> Tue Apr 19 21:30:51 2011 +0000
committer David S. Miller <davem@davemloft.net> Wed Apr 20 01:51:05 2011 -0700
tree f52df91a347ece7e4efc09ca2974e8e38f38a3f8
parent 85c5ed4e44a262344ce43b4bf23204107923ca95

sctp: fix to check the source address of COOKIE-ECHO chunk

SCTP does not check whether the source address of COOKIE-ECHO
chunk is the original address of INIT chunk or part of the any
address parameters saved in COOKIE in CLOSED state. So even if
the COOKIE-ECHO chunk is from any address but with correct COOKIE,
the COOKIE-ECHO chunk still be accepted. If the COOKIE is not from
a valid address, the assoc should not be established.

Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com>
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

include/net/sctp/structs.h

diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h
index 0f6e60a..5c9bada 100644
--- a/include/net/sctp/structs.h
+++ b/include/net/sctp/structs.h
@@ -1400,7 +1400,7 @@
 int sctp_verify_init(const struct sctp_association *asoc, sctp_cid_t,
 		     sctp_init_chunk_t *peer_init, struct sctp_chunk *chunk,
 		     struct sctp_chunk **err_chunk);
-int sctp_process_init(struct sctp_association *, sctp_cid_t cid,
+int sctp_process_init(struct sctp_association *, struct sctp_chunk *chunk,
 		      const union sctp_addr *peer,
 		      sctp_init_chunk_t *init, gfp_t gfp);
 __u32 sctp_generate_tag(const struct sctp_endpoint *);