SUNRPC: don't map EKEYEXPIRED to EACCES in call_refreshresult
[linux-3.10.git] / net / sctp / sm_make_chunk.c
index 16a1085..cf579e7 100644 (file)
@@ -804,10 +804,11 @@ struct sctp_chunk *sctp_make_sack(const struct sctp_association *asoc)
                                 gabs);
 
        /* Add the duplicate TSN information.  */
-       if (num_dup_tsns)
+       if (num_dup_tsns) {
+               aptr->stats.idupchunks += num_dup_tsns;
                sctp_addto_chunk(retval, sizeof(__u32) * num_dup_tsns,
                                 sctp_tsnmap_get_dups(map));
-
+       }
        /* Once we have a sack generated, check to see what our sack
         * generation is, if its 0, reset the transports to 0, and reset
         * the association generation to 1
@@ -1090,6 +1091,25 @@ nodata:
        return retval;
 }
 
+struct sctp_chunk *sctp_make_violation_max_retrans(
+       const struct sctp_association *asoc,
+       const struct sctp_chunk *chunk)
+{
+       struct sctp_chunk *retval;
+       static const char error[] = "Association exceeded its max_retans count";
+       size_t payload_len = sizeof(error) + sizeof(sctp_errhdr_t);
+
+       retval = sctp_make_abort(asoc, chunk, payload_len);
+       if (!retval)
+               goto nodata;
+
+       sctp_init_cause(retval, SCTP_ERROR_PROTO_VIOLATION, sizeof(error));
+       sctp_addto_chunk(retval, sizeof(error), error);
+
+nodata:
+       return retval;
+}
+
 /* Make a HEARTBEAT chunk.  */
 struct sctp_chunk *sctp_make_heartbeat(const struct sctp_association *asoc,
                                  const struct sctp_transport *transport)
@@ -1569,8 +1589,6 @@ static sctp_cookie_param_t *sctp_pack_cookie(const struct sctp_endpoint *ep,
        struct sctp_signed_cookie *cookie;
        struct scatterlist sg;
        int headersize, bodysize;
-       unsigned int keylen;
-       char *key;
 
        /* Header size is static data prior to the actual cookie, including
         * any padding.
@@ -1630,12 +1648,11 @@ static sctp_cookie_param_t *sctp_pack_cookie(const struct sctp_endpoint *ep,
 
                /* Sign the message.  */
                sg_init_one(&sg, &cookie->c, bodysize);
-               keylen = SCTP_SECRET_SIZE;
-               key = (char *)ep->secret_key[ep->current_key];
                desc.tfm = sctp_sk(ep->base.sk)->hmac;
                desc.flags = 0;
 
-               if (crypto_hash_setkey(desc.tfm, key, keylen) ||
+               if (crypto_hash_setkey(desc.tfm, ep->secret_key,
+                                      sizeof(ep->secret_key)) ||
                    crypto_hash_digest(&desc, &sg, bodysize, cookie->signature))
                        goto free_cookie;
        }
@@ -1662,8 +1679,7 @@ struct sctp_association *sctp_unpack_cookie(
        int headersize, bodysize, fixed_size;
        __u8 *digest = ep->digest;
        struct scatterlist sg;
-       unsigned int keylen, len;
-       char *key;
+       unsigned int len;
        sctp_scope_t scope;
        struct sk_buff *skb = chunk->skb;
        struct timeval tv;
@@ -1698,34 +1714,21 @@ struct sctp_association *sctp_unpack_cookie(
                goto no_hmac;
 
        /* Check the signature.  */
-       keylen = SCTP_SECRET_SIZE;
        sg_init_one(&sg, bear_cookie, bodysize);
-       key = (char *)ep->secret_key[ep->current_key];
        desc.tfm = sctp_sk(ep->base.sk)->hmac;
        desc.flags = 0;
 
        memset(digest, 0x00, SCTP_SIGNATURE_SIZE);
-       if (crypto_hash_setkey(desc.tfm, key, keylen) ||
+       if (crypto_hash_setkey(desc.tfm, ep->secret_key,
+                              sizeof(ep->secret_key)) ||
            crypto_hash_digest(&desc, &sg, bodysize, digest)) {
                *error = -SCTP_IERROR_NOMEM;
                goto fail;
        }
 
        if (memcmp(digest, cookie->signature, SCTP_SIGNATURE_SIZE)) {
-               /* Try the previous key. */
-               key = (char *)ep->secret_key[ep->last_key];
-               memset(digest, 0x00, SCTP_SIGNATURE_SIZE);
-               if (crypto_hash_setkey(desc.tfm, key, keylen) ||
-                   crypto_hash_digest(&desc, &sg, bodysize, digest)) {
-                       *error = -SCTP_IERROR_NOMEM;
-                       goto fail;
-               }
-
-               if (memcmp(digest, cookie->signature, SCTP_SIGNATURE_SIZE)) {
-                       /* Yikes!  Still bad signature! */
-                       *error = -SCTP_IERROR_BAD_SIG;
-                       goto fail;
-               }
+               *error = -SCTP_IERROR_BAD_SIG;
+               goto fail;
        }
 
 no_hmac: