/* Check that the LOCALLY generated tag is being used by the REMOTE peer as the verification tag */
if (sctp_conn->local_tag != sctp_data_chunk->sctp_hdr.verification_tag)
{
- return SCTP_ERROR_INVALID_TAG;
+ *next0 = sctp_next_drop (sctp_conn->sub_conn[idx].c_is_ip4);
+ sctp_conn->sub_conn[idx].enqueue_state = SCTP_ERROR_INVALID_TAG;
+ return sctp_conn->sub_conn[idx].enqueue_state;
}
vnet_buffer (b)->sctp.sid = sctp_data_chunk->stream_id;
u32 tsn = clib_net_to_host_u32 (sctp_data_chunk->tsn);
vlib_buffer_advance (b, vnet_buffer (b)->sctp.data_offset);
+ u32 chunk_len = vnet_sctp_get_chunk_length (&sctp_data_chunk->chunk_hdr) -
+ (sizeof (sctp_payload_data_chunk_t) - sizeof (sctp_header_t));
+
+ ASSERT (vnet_buffer (b)->sctp.data_len);
+ ASSERT (chunk_len);
+
+ /* Padding was added: see RFC 4096 section 3.3.1 */
+ if (vnet_buffer (b)->sctp.data_len > chunk_len)
+ {
+ /* Let's change the data_len to the right amount calculated here now.
+ * We cannot do that in the generic sctp46_input_dispatcher node since
+ * that is common to all CHUNKS handling.
+ */
+ vnet_buffer (b)->sctp.data_len = chunk_len;
+ /* We need to change b->current_length so that downstream calls to
+ * session_enqueue_stream_connection (called by sctp_session_enqueue_data)
+ * push the correct amount of data to be enqueued.
+ */
+ b->current_length = chunk_len;
+ }
n_data_bytes = vnet_buffer (b)->sctp.data_len;
- ASSERT (n_data_bytes);
sctp_is_connection_gapping (sctp_conn, tsn, &is_gapping);
sctp_connection_t * sctp_conn, u8 idx,
vlib_buffer_t * b0, u16 * next0)
{
- u32 now = sctp_time_now ();
+ u64 now = sctp_time_now ();
sctp_cookie_echo_chunk_t *cookie_echo =
(sctp_cookie_echo_chunk_t *) sctp_hdr;
/* Check that the LOCALLY generated tag is being used by the REMOTE peer as the verification tag */
if (sctp_conn->local_tag != sctp_hdr->verification_tag)
{
+ *next0 = sctp_next_drop (sctp_conn->sub_conn[idx].c_is_ip4);
return SCTP_ERROR_INVALID_TAG;
}
sctp_calculate_rto (sctp_conn, idx);
- u32 creation_time =
- clib_net_to_host_u32 (cookie_echo->cookie.creation_time);
- u32 cookie_lifespan =
+ u64 creation_time =
+ clib_net_to_host_u64 (cookie_echo->cookie.creation_time);
+ u64 cookie_lifespan =
clib_net_to_host_u32 (cookie_echo->cookie.cookie_lifespan);
+
if (now > creation_time + cookie_lifespan)
{
SCTP_DBG ("now (%u) > creation_time (%u) + cookie_lifespan (%u)",
/* Check that the LOCALLY generated tag is being used by the REMOTE peer as the verification tag */
if (sctp_conn->local_tag != sctp_hdr->verification_tag)
{
+ *next0 = sctp_next_drop (sctp_conn->sub_conn[idx].c_is_ip4);
return SCTP_ERROR_INVALID_TAG;
}
/* Check that the LOCALLY generated tag is being used by the REMOTE peer as the verification tag */
if (sctp_conn->local_tag != sctp_hdr->verification_tag)
{
+ *next0 = sctp_next_drop (sctp_conn->sub_conn[idx].c_is_ip4);
return SCTP_ERROR_INVALID_TAG;
}
/* Check that the LOCALLY generated tag is being used by the REMOTE peer as the verification tag */
if (sctp_conn->local_tag != sctp_hdr->verification_tag)
{
+ *next0 = sctp_next_drop (sctp_conn->sub_conn[idx].c_is_ip4);
return SCTP_ERROR_INVALID_TAG;
}
/* Check that the LOCALLY generated tag is being used by the REMOTE peer as the verification tag */
if (sctp_conn->local_tag != sctp_hdr->verification_tag)
{
+ *next0 = sctp_next_drop (sctp_conn->sub_conn[idx].c_is_ip4);
return SCTP_ERROR_INVALID_TAG;
}
/* Check that the LOCALLY generated tag is being used by the REMOTE peer as the verification tag */
if (sctp_conn->local_tag != sack_chunk->sctp_hdr.verification_tag)
{
+ *next0 = sctp_next_drop (sctp_conn->sub_conn[idx].c_is_ip4);
return SCTP_ERROR_INVALID_TAG;
}
/* Check that the LOCALLY generated tag is being used by the REMOTE peer as the verification tag */
if (sctp_conn->local_tag != sctp_hb_chunk->sctp_hdr.verification_tag)
{
+ *next0 = sctp_next_drop (sctp_conn->sub_conn[idx].c_is_ip4);
return SCTP_ERROR_INVALID_TAG;
}