Commit 190ff5b3 authored by Linus Torvalds's avatar Linus Torvalds

Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6

* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6:
  [NETFILTER]: xt_hashlimit: fix ip6tables dependency
  [SCTP]: Force update of the rto when processing HB-ACK
  [IPV6]: fix BUG of ndisc_send_redirect()
  [IPV6]: Fix up some CONFIG typos
  [NETFILTER]: SIP conntrack: fix out of bounds memory access
  [NETFILTER]: SIP conntrack: fix skipping over user info in SIP headers
  [NETFILTER]: xt_connbytes: fix division by zero
  [MAINTAINERS]: netfilter@ is subscribers-only
parents 6fd6b17c 2e553023
...@@ -2288,7 +2288,7 @@ P: Jozsef Kadlecsik ...@@ -2288,7 +2288,7 @@ P: Jozsef Kadlecsik
P: Patrick McHardy P: Patrick McHardy
M: kaber@trash.net M: kaber@trash.net
L: netfilter-devel@lists.netfilter.org L: netfilter-devel@lists.netfilter.org
L: netfilter@lists.netfilter.org L: netfilter@lists.netfilter.org (subscribers-only)
L: coreteam@netfilter.org L: coreteam@netfilter.org
W: http://www.netfilter.org/ W: http://www.netfilter.org/
W: http://www.iptables.org/ W: http://www.iptables.org/
......
...@@ -283,10 +283,16 @@ static int skp_epaddr_len(const char *dptr, const char *limit, int *shift) ...@@ -283,10 +283,16 @@ static int skp_epaddr_len(const char *dptr, const char *limit, int *shift)
{ {
int s = *shift; int s = *shift;
for (; dptr <= limit && *dptr != '@'; dptr++) /* Search for @, but stop at the end of the line.
* We are inside a sip: URI, so we don't need to worry about
* continuation lines. */
while (dptr <= limit &&
*dptr != '@' && *dptr != '\r' && *dptr != '\n') {
(*shift)++; (*shift)++;
dptr++;
}
if (*dptr == '@') { if (dptr <= limit && *dptr == '@') {
dptr++; dptr++;
(*shift)++; (*shift)++;
} else } else
......
...@@ -3393,7 +3393,7 @@ static void inline ipv6_store_devconf(struct ipv6_devconf *cnf, ...@@ -3393,7 +3393,7 @@ static void inline ipv6_store_devconf(struct ipv6_devconf *cnf,
#ifdef CONFIG_IPV6_ROUTER_PREF #ifdef CONFIG_IPV6_ROUTER_PREF
array[DEVCONF_ACCEPT_RA_RTR_PREF] = cnf->accept_ra_rtr_pref; array[DEVCONF_ACCEPT_RA_RTR_PREF] = cnf->accept_ra_rtr_pref;
array[DEVCONF_RTR_PROBE_INTERVAL] = cnf->rtr_probe_interval; array[DEVCONF_RTR_PROBE_INTERVAL] = cnf->rtr_probe_interval;
#ifdef CONFIV_IPV6_ROUTE_INFO #ifdef CONFIG_IPV6_ROUTE_INFO
array[DEVCONF_ACCEPT_RA_RT_INFO_MAX_PLEN] = cnf->accept_ra_rt_info_max_plen; array[DEVCONF_ACCEPT_RA_RT_INFO_MAX_PLEN] = cnf->accept_ra_rt_info_max_plen;
#endif #endif
#endif #endif
...@@ -3898,7 +3898,7 @@ static struct addrconf_sysctl_table ...@@ -3898,7 +3898,7 @@ static struct addrconf_sysctl_table
.proc_handler = &proc_dointvec_jiffies, .proc_handler = &proc_dointvec_jiffies,
.strategy = &sysctl_jiffies, .strategy = &sysctl_jiffies,
}, },
#ifdef CONFIV_IPV6_ROUTE_INFO #ifdef CONFIG_IPV6_ROUTE_INFO
{ {
.ctl_name = NET_IPV6_ACCEPT_RA_RT_INFO_MAX_PLEN, .ctl_name = NET_IPV6_ACCEPT_RA_RT_INFO_MAX_PLEN,
.procname = "accept_ra_rt_info_max_plen", .procname = "accept_ra_rt_info_max_plen",
......
...@@ -1413,6 +1413,13 @@ void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh, ...@@ -1413,6 +1413,13 @@ void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh,
return; return;
} }
if (!ipv6_addr_equal(&skb->nh.ipv6h->daddr, target) &&
!(ipv6_addr_type(target) & IPV6_ADDR_LINKLOCAL)) {
ND_PRINTK2(KERN_WARNING
"ICMPv6 Redirect: target address is not link-local.\n");
return;
}
ndisc_flow_init(&fl, NDISC_REDIRECT, &saddr_buf, &skb->nh.ipv6h->saddr, ndisc_flow_init(&fl, NDISC_REDIRECT, &saddr_buf, &skb->nh.ipv6h->saddr,
dev->ifindex); dev->ifindex);
......
...@@ -628,7 +628,7 @@ config NETFILTER_XT_MATCH_TCPMSS ...@@ -628,7 +628,7 @@ config NETFILTER_XT_MATCH_TCPMSS
config NETFILTER_XT_MATCH_HASHLIMIT config NETFILTER_XT_MATCH_HASHLIMIT
tristate '"hashlimit" match support' tristate '"hashlimit" match support'
depends on NETFILTER_XTABLES depends on NETFILTER_XTABLES && (IP6_NF_IPTABLES || IP6_NF_IPTABLES=n)
help help
This option adds a `hashlimit' match. This option adds a `hashlimit' match.
......
...@@ -303,10 +303,16 @@ static int skp_epaddr_len(struct nf_conn *ct, const char *dptr, ...@@ -303,10 +303,16 @@ static int skp_epaddr_len(struct nf_conn *ct, const char *dptr,
{ {
int s = *shift; int s = *shift;
for (; dptr <= limit && *dptr != '@'; dptr++) /* Search for @, but stop at the end of the line.
* We are inside a sip: URI, so we don't need to worry about
* continuation lines. */
while (dptr <= limit &&
*dptr != '@' && *dptr != '\r' && *dptr != '\n') {
(*shift)++; (*shift)++;
dptr++;
}
if (*dptr == '@') { if (dptr <= limit && *dptr == '@') {
dptr++; dptr++;
(*shift)++; (*shift)++;
} else } else
......
...@@ -52,6 +52,8 @@ match(const struct sk_buff *skb, ...@@ -52,6 +52,8 @@ match(const struct sk_buff *skb,
{ {
const struct xt_connbytes_info *sinfo = matchinfo; const struct xt_connbytes_info *sinfo = matchinfo;
u_int64_t what = 0; /* initialize to make gcc happy */ u_int64_t what = 0; /* initialize to make gcc happy */
u_int64_t bytes = 0;
u_int64_t pkts = 0;
const struct ip_conntrack_counter *counters; const struct ip_conntrack_counter *counters;
if (!(counters = nf_ct_get_counters(skb))) if (!(counters = nf_ct_get_counters(skb)))
...@@ -89,29 +91,22 @@ match(const struct sk_buff *skb, ...@@ -89,29 +91,22 @@ match(const struct sk_buff *skb,
case XT_CONNBYTES_AVGPKT: case XT_CONNBYTES_AVGPKT:
switch (sinfo->direction) { switch (sinfo->direction) {
case XT_CONNBYTES_DIR_ORIGINAL: case XT_CONNBYTES_DIR_ORIGINAL:
what = div64_64(counters[IP_CT_DIR_ORIGINAL].bytes, bytes = counters[IP_CT_DIR_ORIGINAL].bytes;
counters[IP_CT_DIR_ORIGINAL].packets); pkts = counters[IP_CT_DIR_ORIGINAL].packets;
break; break;
case XT_CONNBYTES_DIR_REPLY: case XT_CONNBYTES_DIR_REPLY:
what = div64_64(counters[IP_CT_DIR_REPLY].bytes, bytes = counters[IP_CT_DIR_REPLY].bytes;
counters[IP_CT_DIR_REPLY].packets); pkts = counters[IP_CT_DIR_REPLY].packets;
break; break;
case XT_CONNBYTES_DIR_BOTH: case XT_CONNBYTES_DIR_BOTH:
{
u_int64_t bytes;
u_int64_t pkts;
bytes = counters[IP_CT_DIR_ORIGINAL].bytes + bytes = counters[IP_CT_DIR_ORIGINAL].bytes +
counters[IP_CT_DIR_REPLY].bytes; counters[IP_CT_DIR_REPLY].bytes;
pkts = counters[IP_CT_DIR_ORIGINAL].packets+ pkts = counters[IP_CT_DIR_ORIGINAL].packets +
counters[IP_CT_DIR_REPLY].packets; counters[IP_CT_DIR_REPLY].packets;
/* FIXME_THEORETICAL: what to do if sum
* overflows ? */
what = div64_64(bytes, pkts);
}
break; break;
} }
if (pkts != 0)
what = div64_64(bytes, pkts);
break; break;
} }
......
...@@ -621,7 +621,13 @@ static void sctp_cmd_transport_on(sctp_cmd_seq_t *cmds, ...@@ -621,7 +621,13 @@ static void sctp_cmd_transport_on(sctp_cmd_seq_t *cmds,
/* The receiver of the HEARTBEAT ACK should also perform an /* The receiver of the HEARTBEAT ACK should also perform an
* RTT measurement for that destination transport address * RTT measurement for that destination transport address
* using the time value carried in the HEARTBEAT ACK chunk. * using the time value carried in the HEARTBEAT ACK chunk.
* If the transport's rto_pending variable has been cleared,
* it was most likely due to a retransmit. However, we want
* to re-enable it to properly update the rto.
*/ */
if (t->rto_pending == 0)
t->rto_pending = 1;
hbinfo = (sctp_sender_hb_info_t *) chunk->skb->data; hbinfo = (sctp_sender_hb_info_t *) chunk->skb->data;
sctp_transport_update_rto(t, (jiffies - hbinfo->sent_at)); sctp_transport_update_rto(t, (jiffies - hbinfo->sent_at));
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment