Re: [PATCH v2 01/25] tcp: authopt: Initial support and key management
From: Leonard Crestez
Date: Fri Nov 05 2021 - 08:11:06 EST
On 11/3/21 4:29 AM, David Ahern wrote:
On 11/1/21 10:34 AM, Leonard Crestez wrote:
diff --git a/net/ipv4/tcp_authopt.c b/net/ipv4/tcp_authopt.c
new file mode 100644
index 000000000000..c412a712f229
--- /dev/null
+++ b/net/ipv4/tcp_authopt.c
@@ -0,0 +1,263 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+
+#include <linux/kernel.h>
+#include <net/tcp.h>
+#include <net/tcp_authopt.h>
+#include <crypto/hash.h>
+
+/* checks that ipv4 or ipv6 addr matches. */
+static bool ipvx_addr_match(struct sockaddr_storage *a1,
+ struct sockaddr_storage *a2)
+{
+ if (a1->ss_family != a2->ss_family)
+ return false;
+ if (a1->ss_family == AF_INET &&
+ (((struct sockaddr_in *)a1)->sin_addr.s_addr !=
+ ((struct sockaddr_in *)a2)->sin_addr.s_addr))
+ return false;
+ if (a1->ss_family == AF_INET6 &&
+ !ipv6_addr_equal(&((struct sockaddr_in6 *)a1)->sin6_addr,
+ &((struct sockaddr_in6 *)a2)->sin6_addr))
+ return false;
The above 2 could just be
if (a1->ss_family == AF_INET)
return (((struct sockaddr_in *)a1)->sin_addr.s_addr ==
((struct sockaddr_in *)a2)->sin_addr.s_addr))
OK. The function is a little weird that it has a final "return true"
which is technically also reachable if AF is unexpected but that
situation is prevented from higher up.
--
Regards,
Leonard