aboutsummaryrefslogtreecommitdiff
path: root/net/sctp
diff options
context:
space:
mode:
authorXin Long2019-01-28 15:08:42 +0800
committerDavid S. Miller2019-01-30 00:44:08 -0800
commit2af66ff3edc79d225e52821fe2464a4cf0c8ba18 (patch)
treeebcc88d33543c3ea1ec19fc14c5dcbba5096b32b /net/sctp
parent3adcc300603ee58038bc9e524160a625f3510e53 (diff)
sctp: use SCTP_FUTURE_ASSOC and add SCTP_CURRENT_ASSOC for SCTP_AUTH_DEACTIVATE_KEY sockopt
Check with SCTP_ALL_ASSOC instead in sctp_setsockopt_deactivate_key. SCTP_CURRENT_ASSOC is supported for SCTP_AUTH_DEACTIVATE_KEY in this patch. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/sctp')
-rw-r--r--net/sctp/socket.c29
1 files changed, 26 insertions, 3 deletions
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index c3463f77d706..3a954aceeb88 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -3933,8 +3933,9 @@ static int sctp_setsockopt_deactivate_key(struct sock *sk, char __user *optval,
unsigned int optlen)
{
struct sctp_endpoint *ep = sctp_sk(sk)->ep;
- struct sctp_authkeyid val;
struct sctp_association *asoc;
+ struct sctp_authkeyid val;
+ int ret = 0;
if (!ep->auth_enable)
return -EACCES;
@@ -3945,10 +3946,32 @@ static int sctp_setsockopt_deactivate_key(struct sock *sk, char __user *optval,
return -EFAULT;
asoc = sctp_id2assoc(sk, val.scact_assoc_id);
- if (!asoc && val.scact_assoc_id && sctp_style(sk, UDP))
+ if (!asoc && val.scact_assoc_id > SCTP_ALL_ASSOC &&
+ sctp_style(sk, UDP))
return -EINVAL;
- return sctp_auth_deact_key_id(ep, asoc, val.scact_keynumber);
+ if (asoc)
+ return sctp_auth_deact_key_id(ep, asoc, val.scact_keynumber);
+
+ if (val.scact_assoc_id == SCTP_FUTURE_ASSOC ||
+ val.scact_assoc_id == SCTP_ALL_ASSOC) {
+ ret = sctp_auth_deact_key_id(ep, asoc, val.scact_keynumber);
+ if (ret)
+ return ret;
+ }
+
+ if (val.scact_assoc_id == SCTP_CURRENT_ASSOC ||
+ val.scact_assoc_id == SCTP_ALL_ASSOC) {
+ list_for_each_entry(asoc, &ep->asocs, asocs) {
+ int res = sctp_auth_deact_key_id(ep, asoc,
+ val.scact_keynumber);
+
+ if (res && !ret)
+ ret = res;
+ }
+ }
+
+ return ret;
}
/*