summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbz <bz@FreeBSD.org>2007-11-30 23:46:51 +0000
committerbz <bz@FreeBSD.org>2007-11-30 23:46:51 +0000
commitc9229e59697c2fb149ac56eaa614c7efa9888960 (patch)
tree68fa8877ac6e7a5e266b8cb25ea55a004ca069a7
parent376bf60faf3610490a76c7d8bfefa6b9c7965d83 (diff)
downloadFreeBSD-src-c9229e59697c2fb149ac56eaa614c7efa9888960.zip
FreeBSD-src-c9229e59697c2fb149ac56eaa614c7efa9888960.tar.gz
Centralize and correct computation of TCP-MD5 signature offset within
the packet (tcp header options field). Reviewed by: tools/regression/netinet/tcpconnect MFC after: 3 days Tested by: Nick Hilliard (see net@)
-rw-r--r--sys/netinet/tcp_output.c11
1 files changed, 3 insertions, 8 deletions
diff --git a/sys/netinet/tcp_output.c b/sys/netinet/tcp_output.c
index 64a95a5..1c0ef90 100644
--- a/sys/netinet/tcp_output.c
+++ b/sys/netinet/tcp_output.c
@@ -128,9 +128,6 @@ tcp_output(struct tcpcb *tp)
struct socket *so = tp->t_inpcb->inp_socket;
long len, recwin, sendwin;
int off, flags, error;
-#ifdef TCP_SIGNATURE
- int sigoff = 0;
-#endif
struct mbuf *m;
struct ip *ip = NULL;
struct ipovly *ipov = NULL;
@@ -694,10 +691,6 @@ send:
/* Processing the options. */
hdrlen += optlen = tcp_addoptions(&to, opt);
-
-#ifdef TCP_SIGNATURE
- sigoff = to.to_signature - (u_char *)&to;
-#endif /* TCP_SIGNATURE */
}
#ifdef INET6
@@ -964,9 +957,11 @@ send:
#ifdef INET6
if (!isipv6)
#endif
- if (tp->t_flags & TF_SIGNATURE)
+ if (tp->t_flags & TF_SIGNATURE) {
+ int sigoff = to.to_signature - opt;
tcp_signature_compute(m, sizeof(struct ip), len, optlen,
(u_char *)(th + 1) + sigoff, IPSEC_DIR_OUTBOUND);
+ }
#endif
/*
OpenPOWER on IntegriCloud