linux/include/net
David S. Miller 6e5714eaf7 net: Compute protocol sequence numbers and fragment IDs using MD5.
Computers have become a lot faster since we compromised on the
partial MD4 hash which we use currently for performance reasons.

MD5 is a much safer choice, and is inline with both RFC1948 and
other ISS generators (OpenBSD, Solaris, etc.)

Furthermore, only having 24-bits of the sequence number be truly
unpredictable is a very serious limitation.  So the periodic
regeneration and 8-bit counter have been removed.  We compute and
use a full 32-bit sequence number.

For ipv6, DCCP was found to use a 32-bit truncated initial sequence
number (it needs 43-bits) and that is fixed here as well.

Reported-by: Dan Kaminsky <dan@doxpara.com>
Tested-by: Willy Tarreau <w@1wt.eu>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-08-06 18:33:19 -07:00
..
9p fs/9p: add 9P2000.L unlinkat operation 2011-07-23 09:32:52 -05:00
bluetooth Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem 2011-07-15 10:05:24 -04:00
caif caif: Add CAIF HSI Link layer driver 2011-06-01 21:15:38 -07:00
irda Fix common misspellings 2011-03-31 11:26:23 -03:00
iucv Fix common misspellings 2011-03-31 11:26:23 -03:00
netfilter atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
netns atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
phonet net: dont hold rtnl mutex during netlink dump callbacks 2011-05-02 15:26:28 -07:00
sctp atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
tc_act
act_api.h net: sched: constify tcf_proto and tc_action 2011-07-06 02:52:16 -07:00
addrconf.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
af_ieee802154.h
af_rxrpc.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
af_unix.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
ah.h
arp.h net: Add ->neigh_lookup() operation to dst_ops 2011-07-18 00:40:17 -07:00
atmclip.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
ax25.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
ax88796.h
cfg80211.h cfg80211: allow userspace to control supported rates in scan 2011-07-19 16:49:58 -04:00
checksum.h
cipso_ipv4.h doc: Update the email address for Paul Moore in various source files 2011-08-01 17:58:33 -07:00
cls_cgroup.h
compat.h net: Add sendmmsg socket system call 2011-05-05 11:10:14 -07:00
datalink.h
dcbevent.h
dcbnl.h dcbnl: Add CEE notification 2011-07-05 23:42:17 -07:00
dn_dev.h
dn_fib.h decnet: Convert to use flowidn where applicable. 2011-03-12 15:08:55 -08:00
dn_neigh.h
dn_nsp.h
dn_route.h decnet: Convert to use flowidn where applicable. 2011-03-12 15:08:55 -08:00
dn.h decnet: Convert to use flowidn where applicable. 2011-03-12 15:08:55 -08:00
dsa.h
dsfield.h
dst_ops.h net: Add ->neigh_lookup() operation to dst_ops 2011-07-18 00:40:17 -07:00
dst.h net: fix NULL dereferences in check_peer_redir() 2011-08-03 03:34:12 -07:00
esp.h
ethoc.h
fib_rules.h
flow.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
garp.h garp: remove last synchronize_rcu() call 2011-05-12 17:46:56 -04:00
gen_stats.h Fix common misspellings 2011-03-31 11:26:23 -03:00
genetlink.h netlink: advertise incomplete dumps 2011-06-22 16:09:45 -04:00
gre.h
icmp.h
ieee80211_radiotap.h
ieee802154_netdev.h
ieee802154.h
if_inet6.h ipv6: reduce per device ICMP mib sizes 2011-05-19 16:21:22 -04:00
inet6_connection_sock.h inet: Pass flowi to ->queue_xmit(). 2011-05-08 15:28:28 -07:00
inet6_hashtables.h
inet_common.h
inet_connection_sock.h ipv4: Make caller provide flowi4 key to inet_csk_route_req(). 2011-05-18 18:32:03 -04:00
inet_ecn.h ipv6: restore correct ECN handling on TCP xmit 2011-05-12 18:52:14 -04:00
inet_frag.h
inet_hashtables.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
inet_sock.h inet: Decrease overhead of on-stack inet_cork. 2011-05-06 15:37:57 -07:00
inet_timewait_sock.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
inetpeer.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
ip6_checksum.h
ip6_fib.h ipv6: Get rid of rt6i_nexthop macro. 2011-07-17 23:11:35 -07:00
ip6_route.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
ip6_tunnel.h
ip_fib.h ipv4: Call fib_select_default() only when actually necessary. 2011-04-14 15:05:22 -07:00
ip_vs.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
ip.h ipv4: Add ip_defrag() agent IP_DEFRAG_AF_PACKET. 2011-07-05 22:34:52 -07:00
ipcomp.h
ipconfig.h
ipip.h
ipv6.h ipv6: make fragment identifications less predictable 2011-07-21 21:25:58 -07:00
ipx.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
iw_handler.h Fix common misspellings 2011-03-31 11:26:23 -03:00
lapb.h
lib80211.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h
llc_if.h
llc_pdu.h bonding,llc: Fix structure sizeof incompatibility for some PDUs 2011-05-13 15:13:24 -04:00
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
llc.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
mac80211.h mac80211: sync driver before TX 2011-07-20 15:04:35 -04:00
mip6.h
mld.h
ndisc.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
neighbour.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
net_namespace.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
net_ratelimit.h net: Kill ratelimit.h dependency in linux/net.h 2011-05-27 13:41:33 -04:00
netdma.h
netevent.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
netlabel.h doc: Update the email address for Paul Moore in various source files 2011-08-01 17:58:33 -07:00
netlink.h netlink: advertise incomplete dumps 2011-06-22 16:09:45 -04:00
netrom.h
nexthop.h
nfc.h NFC: add nfc generic netlink interface 2011-07-05 15:26:57 -04:00
nl802154.h
p8022.h
ping.h net: ping: fix build failure 2011-05-17 14:16:58 -04:00
pkt_cls.h
pkt_sched.h net: sched: constify tcf_proto and tc_action 2011-07-06 02:52:16 -07:00
protocol.h
psnap.h
raw.h
rawv6.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
red.h
regulatory.h
request_sock.h
rose.h rose: Add length checks to CALL_REQUEST parsing 2011-03-27 17:59:04 -07:00
route.h ipv4: Pass explicit destination address to rt_bind_peer(). 2011-05-18 18:42:43 -04:00
rtnetlink.h rtnetlink: Compute and store minimum ifinfo dump size 2011-06-09 20:38:07 -07:00
sch_generic.h net: sched: constify tcf_proto and tc_action 2011-07-06 02:52:16 -07:00
scm.h
secure_seq.h net: Compute protocol sequence numbers and fragment IDs using MD5. 2011-08-06 18:33:19 -07:00
slhc_vj.h
snmp.h snmp: reduce percpu needs by 50% 2011-06-11 16:23:59 -07:00
sock.h Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2011-07-25 13:56:39 -07:00
stp.h
tcp_states.h
tcp.h tcp: RFC2988bis + taking RTT sample from 3WHS for the passive open side 2011-06-08 17:05:30 -07:00
timewait_sock.h
transp_v6.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
udp.h udp: Switch to ip_finish_skb 2011-03-01 12:35:03 -08:00
udplite.h udp: Switch to ip_finish_skb 2011-03-01 12:35:03 -08:00
wext.h
wimax.h net: wimax: Remove of unused 'rfkill_input' pointer 2011-06-24 17:50:44 -07:00
wpan-phy.h Fix common misspellings 2011-03-31 11:26:23 -03:00
x25.h
x25device.h
xfrm.h Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-3.6 2011-05-11 14:26:58 -04:00