diff options
| author | David Gibson <david@gibson.dropbear.id.au> | 2022-11-17 16:58:59 +1100 |
|---|---|---|
| committer | Stefano Brivio <sbrivio@redhat.com> | 2022-11-25 01:35:41 +0100 |
| commit | a93bfada5bdcdf4dc644c705e24c42a3dd586649 (patch) | |
| tree | 4a442d798503948ca0406ad43fffcabcb97a7a27 | |
| parent | 7114fc92eb2d32251c9f21c56572a4e7cb1f1254 (diff) | |
| download | passt-a93bfada5bdcdf4dc644c705e24c42a3dd586649.tar passt-a93bfada5bdcdf4dc644c705e24c42a3dd586649.tar.gz passt-a93bfada5bdcdf4dc644c705e24c42a3dd586649.tar.bz2 passt-a93bfada5bdcdf4dc644c705e24c42a3dd586649.tar.lz passt-a93bfada5bdcdf4dc644c705e24c42a3dd586649.tar.xz passt-a93bfada5bdcdf4dc644c705e24c42a3dd586649.tar.zst passt-a93bfada5bdcdf4dc644c705e24c42a3dd586649.zip | |
tcp: Unify initial sequence number calculation for IPv4 and IPv6
tcp_seq_init() has separate paths for IPv4 and IPv6 addresses, which means
we will calculate different sequence numbers for IPv4 and equivalent
IPv4-mapped IPv6 addresses.
Change it to treat these the same by always converting the input address
into an inany_addr representation and use that to calculate the sequence
number.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
| -rw-r--r-- | siphash.c | 1 | ||||
| -rw-r--r-- | tcp.c | 46 |
2 files changed, 19 insertions, 28 deletions
@@ -123,6 +123,7 @@ uint64_t siphash_8b(const uint8_t *in, const uint64_t *k) * * Return: 32 bits obtained by XORing the two halves of the 64-bit hash output */ +/* cppcheck-suppress unusedFunction */ uint32_t siphash_12b(const uint8_t *in, const uint64_t *k) { uint32_t *in32 = (uint32_t *)in; @@ -1942,37 +1942,27 @@ static uint32_t tcp_seq_init(const struct ctx *c, int af, const void *addr, in_port_t dstport, in_port_t srcport, const struct timespec *now) { + union inany_addr aany; + struct { + union inany_addr src; + in_port_t srcport; + union inany_addr dst; + in_port_t dstport; + } __attribute__((__packed__)) in = { + .srcport = srcport, + .dstport = dstport, + }; uint32_t ns, seq = 0; - if (af == AF_INET) { - struct { - struct in_addr src; - in_port_t srcport; - struct in_addr dst; - in_port_t dstport; - } __attribute__((__packed__)) in = { - .src = *(struct in_addr *)addr, - .srcport = srcport, - .dst = c->ip4.addr, - .dstport = dstport, - }; - - seq = siphash_12b((uint8_t *)&in, c->tcp.hash_secret); - } else if (af == AF_INET6) { - struct { - struct in6_addr src; - in_port_t srcport; - struct in6_addr dst; - in_port_t dstport; - } __attribute__((__packed__)) in = { - .src = *(struct in6_addr *)addr, - .srcport = srcport, - .dst = c->ip6.addr, - .dstport = dstport, - }; + inany_from_af(&aany, af, addr); + in.src = aany; + if (af == AF_INET) + inany_from_af(&aany, AF_INET, &c->ip4.addr); + else + inany_from_af(&aany, AF_INET6, &c->ip6.addr); + in.dst = aany; - seq = siphash_36b((uint8_t *)&in, c->tcp.hash_secret); - } + seq = siphash_36b((uint8_t *)&in, c->tcp.hash_secret); ns = now->tv_sec * 1E9; ns += now->tv_nsec >> 5; /* 32ns ticks, overflows 32 bits every 137s */ |