linux/net
David S. Miller 6e5714eaf7 net: Compute protocol sequence numbers and fragment IDs using MD5.
Computers have become a lot faster since we compromised on the
partial MD4 hash which we use currently for performance reasons.

MD5 is a much safer choice, and is inline with both RFC1948 and
other ISS generators (OpenBSD, Solaris, etc.)

Furthermore, only having 24-bits of the sequence number be truly
unpredictable is a very serious limitation.  So the periodic
regeneration and 8-bit counter have been removed.  We compute and
use a full 32-bit sequence number.

For ipv6, DCCP was found to use a 32-bit truncated initial sequence
number (it needs 43-bits) and that is fixed here as well.

Reported-by: Dan Kaminsky <dan@doxpara.com>
Tested-by: Willy Tarreau <w@1wt.eu>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-08-06 18:33:19 -07:00
..
9p net/9p: Fix the msize calculation. 2011-07-23 09:32:52 -05:00
802 snap: remove one synchronize_net() 2011-05-23 16:29:24 -04:00
8021q net: Audit drivers to identify those needing IFF_TX_SKB_SHARING cleared 2011-07-27 22:39:30 -07:00
appletalk appletalk: Reduce switch/case indent 2011-07-01 16:11:15 -07:00
atm atm: br2864: sent packets truncated in VC routed mode 2011-08-01 17:56:14 -07:00
ax25
batman-adv netdevice: Kill 'feature' test macros. 2011-07-12 12:28:58 -07:00
bluetooth net: Audit drivers to identify those needing IFF_TX_SKB_SHARING cleared 2011-07-27 22:39:30 -07:00
bridge atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
caif Remove redundant linux/version.h includes from net/ 2011-06-21 16:03:17 -07:00
can net/can: use printk_ratelimited() instead of printk_ratelimit() 2011-06-17 00:03:03 -04:00
ceph Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client 2011-07-26 13:38:50 -07:00
core net: Compute protocol sequence numbers and fragment IDs using MD5. 2011-08-06 18:33:19 -07:00
dcb dcbnl: unlock on an error path in dcbnl_cee_fill() 2011-07-08 09:01:14 -07:00
dccp net: Compute protocol sequence numbers and fragment IDs using MD5. 2011-08-06 18:33:19 -07:00
decnet atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
dns_resolver
dsa DSA: Enable cascading in multi-chip 6131 configuration 2011-06-29 05:53:49 -07:00
econet af_econet: Use current logging styles and neatening 2011-07-03 20:05:16 -07:00
ethernet net: add IFF_SKB_TX_SHARED flag to priv_flags 2011-07-27 22:39:30 -07:00
ieee802154 ieee802154: free skb buffer if dev isn't running 2011-06-30 16:18:09 +04:00
ipv4 net: Compute protocol sequence numbers and fragment IDs using MD5. 2011-08-06 18:33:19 -07:00
ipv6 net: Compute protocol sequence numbers and fragment IDs using MD5. 2011-08-06 18:33:19 -07:00
ipx
irda Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2011-06-20 22:29:08 -07:00
iucv atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
key net: Remove casts of void * 2011-06-16 23:19:27 -04:00
l2tp Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2011-07-28 05:58:19 -07:00
lapb lapb: Reduce switch/case indent 2011-07-01 16:11:16 -07:00
llc
mac80211 net: Audit drivers to identify those needing IFF_TX_SKB_SHARING cleared 2011-07-27 22:39:30 -07:00
netfilter Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/horms/ipvs-2.6 2011-07-28 18:38:53 -07:00
netlabel doc: Update the email address for Paul Moore in various source files 2011-08-01 17:58:33 -07:00
netlink Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem 2011-06-24 15:25:51 -04:00
netrom netrom: Reduce switch/case indent 2011-07-01 16:11:16 -07:00
nfc NFC: add the NFC socket raw protocol 2011-07-05 15:26:58 -04:00
packet af-packet: fix - avoid reading stale data 2011-07-14 08:36:33 -07:00
phonet rtnetlink: Compute and store minimum ifinfo dump size 2011-06-09 20:38:07 -07:00
rds notifiers: cpu: move cpu notifiers into cpu.h 2011-07-25 20:57:14 -07:00
rfkill net: rfkill: add generic gpio rfkill driver 2011-05-19 13:53:54 -04:00
rose rose: Delete commented out references to ancient firewalling code. 2011-07-07 02:41:59 -07:00
rxrpc rxrpc: Fix set but unused variable 'usage' in rxrpc_get_transport() 2011-05-19 18:51:50 -04:00
sched sch_sfq: fix sfq_enqueue() 2011-08-01 02:27:21 -07:00
sctp Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2011-07-21 13:38:42 -07:00
sunrpc net: fix new sunrpc kernel-doc warning 2011-07-28 18:20:21 -07:00
tipc atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
unix new helpers: kern_path_create/user_path_create 2011-07-20 01:44:05 -04:00
wanrouter
wimax
wireless cfg80211: off by one in nl80211_trigger_scan() 2011-08-01 13:46:46 -04:00
x25 x25: Reduce switch/case indent 2011-07-01 16:11:16 -07:00
xfrm xfrm: Fix key lengths for rfc3686(ctr(aes)) 2011-07-28 18:10:48 -07:00
Kconfig NFC: add nfc subsystem core 2011-07-05 15:26:57 -04:00
Makefile NFC: add nfc subsystem core 2011-07-05 15:26:57 -04:00
compat.c
nonet.c
socket.c net: Fix security_socket_sendmsg() bypass problem. 2011-08-05 03:31:03 -07:00
sysctl_net.c