summaryrefslogtreecommitdiff
path: root/netwerk
diff options
context:
space:
mode:
authorMoonchild <moonchild@palemoon.org>2020-05-06 10:54:14 +0000
committerwolfbeast <mcwerewolf@wolfbeast.com>2020-05-06 19:16:40 +0200
commit82b6d2cf9d50a0eaf15697501f62848cf6316c07 (patch)
tree76901a9a5d241ba5f8540fbe4be1a50948da7a32 /netwerk
parent09b4a7828e91f69069b4241b7d465266d930476b (diff)
downloaduxp-82b6d2cf9d50a0eaf15697501f62848cf6316c07.tar.gz
[WebRTC] Port some upstream sctp fixes
- add SCTP auth token boundary check. - turn off SCTP auth and address reconfiguration.
Diffstat (limited to 'netwerk')
-rw-r--r--netwerk/sctp/datachannel/DataChannel.cpp7
-rwxr-xr-xnetwerk/sctp/src/netinet/sctp_input.c22
2 files changed, 22 insertions, 7 deletions
diff --git a/netwerk/sctp/datachannel/DataChannel.cpp b/netwerk/sctp/datachannel/DataChannel.cpp
index 19be43d1cd..4797353ca1 100644
--- a/netwerk/sctp/datachannel/DataChannel.cpp
+++ b/netwerk/sctp/datachannel/DataChannel.cpp
@@ -354,6 +354,13 @@ DataChannelConnection::Init(unsigned short aPort, uint16_t aNumStreams, bool aUs
usrsctp_sysctl_set_sctp_blackhole(2);
// ECN is currently not supported by the Firefox code
usrsctp_sysctl_set_sctp_ecn_enable(0);
+
+ // Disabling authentication and dynamic address reconfiguration as neither
+ // of them are used for data channel and only result in additional code
+ // paths being used.
+ usrsctp_sysctl_set_sctp_asconf_enable(0);
+ usrsctp_sysctl_set_sctp_auth_enable(0);
+
sctp_initialized = true;
RefPtr<DataChannelShutdown> shutdown = new DataChannelShutdown();
diff --git a/netwerk/sctp/src/netinet/sctp_input.c b/netwerk/sctp/src/netinet/sctp_input.c
index 54f2f9ba35..1301b430c8 100755
--- a/netwerk/sctp/src/netinet/sctp_input.c
+++ b/netwerk/sctp/src/netinet/sctp_input.c
@@ -2073,7 +2073,7 @@ sctp_process_cookie_new(struct mbuf *m, int iphlen, int offset,
int init_offset, initack_offset, initack_limit;
int retval;
int error = 0;
- uint8_t auth_chunk_buf[SCTP_PARAM_BUFFER_SIZE];
+ uint8_t auth_chunk_buf[SCTP_CHUNK_BUFFER_SIZE];
#if defined(__APPLE__) || defined(SCTP_SO_LOCK_TESTING)
struct socket *so;
@@ -2264,8 +2264,12 @@ sctp_process_cookie_new(struct mbuf *m, int iphlen, int offset,
if (auth_skipped) {
struct sctp_auth_chunk *auth;
- auth = (struct sctp_auth_chunk *)
- sctp_m_getptr(m, auth_offset, auth_len, auth_chunk_buf);
+ if (auth_len <= SCTP_CHUNK_BUFFER_SIZE) {
+ auth = (struct sctp_auth_chunk *)
+ sctp_m_getptr(m, auth_offset, auth_len, auth_chunk_buf);
+ } else {
+ auth = NULL;
+ }
if ((auth == NULL) || sctp_handle_auth(stcb, auth, m, auth_offset)) {
/* auth HMAC failed, dump the assoc and packet */
SCTPDBG(SCTP_DEBUG_AUTH1,
@@ -4655,11 +4659,15 @@ sctp_process_control(struct mbuf *m, int iphlen, int *offset, int length,
if (auth_skipped && (stcb != NULL)) {
struct sctp_auth_chunk *auth;
- auth = (struct sctp_auth_chunk *)
- sctp_m_getptr(m, auth_offset,
+ if (auth_len <= SCTP_CHUNK_BUFFER_SIZE) {
+ auth = (struct sctp_auth_chunk *)
+ sctp_m_getptr(m, auth_offset,
auth_len, chunk_buf);
- got_auth = 1;
- auth_skipped = 0;
+ got_auth = 1;
+ auth_skipped = 0;
+ } else {
+ auth = NULL;
+ }
if ((auth == NULL) || sctp_handle_auth(stcb, auth, m,
auth_offset)) {
/* auth HMAC failed so dump it */