commit f4ad85ca3ef8a1ede76c5020a28a8f4057b4d24f
author Gui Jianfeng <guijianfeng@cn.fujitsu.com> Sat Apr 12 18:39:34 2008 -0700
committer David S. Miller <davem@davemloft.net> Sat Apr 12 18:39:34 2008 -0700
tree cfab9dcd7b29eb150bd6168cf40c375bd9006bbe
parent 72da7b3860cabf427590b4982bc880bafab4d5c8

[SCTP]: Fix protocol violation when receiving an error lenght INIT-ACK

When receiving an error length INIT-ACK during COOKIE-WAIT,
a 0-vtag ABORT will be responsed. This action violates the
protocol apparently. This patch achieves the following things.
1 If the INIT-ACK contains all the fixed parameters, use init-tag
  recorded from INIT-ACK as vtag.
2 If the INIT-ACK doesn't contain all the fixed parameters,
  just reflect its vtag.

Signed-off-by: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

net/sctp/sm_sideeffect.c

diff --git a/net/sctp/sm_sideeffect.c b/net/sctp/sm_sideeffect.c
index 28eb38e..a4763fd 100644
--- a/net/sctp/sm_sideeffect.c
+++ b/net/sctp/sm_sideeffect.c
@@ -1536,6 +1536,9 @@
 			error = sctp_auth_asoc_init_active_key(asoc,
 						GFP_ATOMIC);
 			break;
+		case SCTP_CMD_UPDATE_INITTAG:
+			asoc->peer.i.init_tag = cmd->obj.u32;
+			break;
 
 		default:
 			printk(KERN_WARNING "Impossible command: %u, %p\n",