linux/net/core
David S. Miller 6e5714eaf7 net: Compute protocol sequence numbers and fragment IDs using MD5.
Computers have become a lot faster since we compromised on the
partial MD4 hash which we use currently for performance reasons.

MD5 is a much safer choice, and is inline with both RFC1948 and
other ISS generators (OpenBSD, Solaris, etc.)

Furthermore, only having 24-bits of the sequence number be truly
unpredictable is a very serious limitation.  So the periodic
regeneration and 8-bit counter have been removed.  We compute and
use a full 32-bit sequence number.

For ipv6, DCCP was found to use a 32-bit truncated initial sequence
number (it needs 43-bits) and that is fixed here as well.

Reported-by: Dan Kaminsky <dan@doxpara.com>
Tested-by: Willy Tarreau <w@1wt.eu>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-08-06 18:33:19 -07:00
..
datagram.c Fix a typo in datagram.c and sctp/socket.c. 2010-12-06 13:10:11 -08:00
dev_addr_lists.c net,rcu: convert call_rcu(ha_rcu_free) to kfree_rcu() 2011-05-07 22:50:52 -07:00
dev.c net: Convert struct net_device uc_promisc to bool 2011-07-25 16:17:35 -07:00
drop_monitor.c net,rcu: convert call_rcu(free_dm_hw_stat) to kfree_rcu() 2011-05-07 22:50:59 -07:00
dst.c net: Abstract dst->neighbour accesses behind helpers. 2011-07-17 23:11:35 -07:00
ethtool.c ethtool: Allow zero-length register dumps again 2011-07-21 15:25:30 -07:00
fib_rules.c rtnetlink: Compute and store minimum ifinfo dump size 2011-06-09 20:38:07 -07:00
filter.c bug.h: Move ratelimit warn interfaces to ratelimit.h 2011-05-26 15:00:31 -04:00
flow.c atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
gen_estimator.c net,rcu: convert call_rcu(__gen_kill_estimator) to kfree_rcu() 2011-05-07 22:50:57 -07:00
gen_stats.c net/core: EXPORT_SYMBOL cleanups 2010-07-12 12:57:55 -07:00
iovec.c net: Limit socket I/O iovec total length to INT_MAX. 2010-10-28 11:47:52 -07:00
kmap_skb.h [PATCH] severing skbuff.h -> highmem.h 2006-12-04 02:00:29 -05:00
link_watch.c net: allow netif_carrier to be called safely from IRQ 2011-07-22 17:01:14 -07:00
Makefile net: Compute protocol sequence numbers and fragment IDs using MD5. 2011-08-06 18:33:19 -07:00
neighbour.c net: Abstract dst->neighbour accesses behind helpers. 2011-07-17 23:11:35 -07:00
net_namespace.c rtnl: provide link dump consistency info 2011-07-01 15:39:53 -07:00
net-sysfs.c net: remove /sys/class/net/*/features 2011-07-14 14:45:15 -07:00
net-sysfs.h xps: Add CONFIG_XPS 2010-11-28 18:24:14 -08:00
net-traces.c core: add tracepoints for queueing skb to rcvbuf 2011-06-21 16:06:10 -07:00
netevent.c net/core: EXPORT_SYMBOL cleanups 2010-07-12 12:57:55 -07:00
netpoll.c netpoll: Remove wrapper function netpoll_poll 2011-07-03 20:02:07 -07:00
pktgen.c net: add IFF_SKB_TX_SHARED flag to priv_flags 2011-07-27 22:39:30 -07:00
request_sock.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-12-08 13:47:38 -08:00
rtnetlink.c rtnl: provide link dump consistency info 2011-07-01 15:39:53 -07:00
scm.c Allow passing O_PATH descriptors via SCM_RIGHTS datagrams 2011-03-15 02:21:45 -04:00
secure_seq.c net: Compute protocol sequence numbers and fragment IDs using MD5. 2011-08-06 18:33:19 -07:00
skbuff.c net: add kerneldoc to skb_copy_bits() 2011-08-01 18:03:06 -07:00
sock.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem 2011-07-08 11:03:36 -04:00
stream.c net: Fix the condition passed to sk_wait_event() 2010-10-03 20:41:32 -07:00
sysctl_net_core.c net: Kill ratelimit.h dependency in linux/net.h 2011-05-27 13:41:33 -04:00
timestamping.c net: export the receive time stamping hook for non-NAPI drivers 2011-06-20 13:56:53 -07:00
user_dma.c net/core/user_dma.c: Use frag list abstraction interfaces. 2009-06-09 00:19:10 -07:00
utils.c net: Kill ratelimit.h dependency in linux/net.h 2011-05-27 13:41:33 -04:00