linux/include/net
David S. Miller 6e5714eaf7 net: Compute protocol sequence numbers and fragment IDs using MD5.
Computers have become a lot faster since we compromised on the
partial MD4 hash which we use currently for performance reasons.

MD5 is a much safer choice, and is inline with both RFC1948 and
other ISS generators (OpenBSD, Solaris, etc.)

Furthermore, only having 24-bits of the sequence number be truly
unpredictable is a very serious limitation.  So the periodic
regeneration and 8-bit counter have been removed.  We compute and
use a full 32-bit sequence number.

For ipv6, DCCP was found to use a 32-bit truncated initial sequence
number (it needs 43-bits) and that is fixed here as well.

Reported-by: Dan Kaminsky <dan@doxpara.com>
Tested-by: Willy Tarreau <w@1wt.eu>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-08-06 18:33:19 -07:00
..
9p fs/9p: add 9P2000.L unlinkat operation 2011-07-23 09:32:52 -05:00
bluetooth Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem 2011-07-15 10:05:24 -04:00
caif caif: Add CAIF HSI Link layer driver 2011-06-01 21:15:38 -07:00
irda Fix common misspellings 2011-03-31 11:26:23 -03:00
iucv Fix common misspellings 2011-03-31 11:26:23 -03:00
netfilter atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
netns atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
phonet net: dont hold rtnl mutex during netlink dump callbacks 2011-05-02 15:26:28 -07:00
sctp atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
tc_act net/sched: add ACT_CSUM action to update packets checksums 2010-08-20 01:42:59 -07:00
act_api.h net: sched: constify tcf_proto and tc_action 2011-07-06 02:52:16 -07:00
addrconf.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
af_ieee802154.h
af_rxrpc.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
af_unix.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
ah.h ipsec: update MAX_AH_AUTH_LEN to support sha512 2011-01-13 21:48:25 -08:00
arp.h net: Add ->neigh_lookup() operation to dst_ops 2011-07-18 00:40:17 -07:00
atmclip.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
ax25.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
ax88796.h
cfg80211.h cfg80211: allow userspace to control supported rates in scan 2011-07-19 16:49:58 -04:00
checksum.h
cipso_ipv4.h doc: Update the email address for Paul Moore in various source files 2011-08-01 17:58:33 -07:00
cls_cgroup.h Merge commit 'v2.6.36-rc7' into core/rcu 2010-10-07 09:43:45 +02:00
compat.h net: Add sendmmsg socket system call 2011-05-05 11:10:14 -07:00
datalink.h
dcbevent.h net_dcb: add application notifiers 2010-12-31 10:47:46 -08:00
dcbnl.h dcbnl: Add CEE notification 2011-07-05 23:42:17 -07:00
dn_dev.h decnet: RCU conversion and get rid of dev_base_lock 2010-11-08 13:50:08 -08:00
dn_fib.h decnet: Convert to use flowidn where applicable. 2011-03-12 15:08:55 -08:00
dn_neigh.h
dn_nsp.h net: use __packed annotation 2010-06-03 03:21:52 -07:00
dn_route.h decnet: Convert to use flowidn where applicable. 2011-03-12 15:08:55 -08:00
dn.h decnet: Convert to use flowidn where applicable. 2011-03-12 15:08:55 -08:00
dsa.h
dsfield.h
dst_ops.h net: Add ->neigh_lookup() operation to dst_ops 2011-07-18 00:40:17 -07:00
dst.h net: fix NULL dereferences in check_peer_redir() 2011-08-03 03:34:12 -07:00
esp.h
ethoc.h
fib_rules.h fib_rules: __rcu annotates ctarget 2010-10-27 11:37:32 -07:00
flow.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
garp.h garp: remove last synchronize_rcu() call 2011-05-12 17:46:56 -04:00
gen_stats.h Fix common misspellings 2011-03-31 11:26:23 -03:00
genetlink.h netlink: advertise incomplete dumps 2011-06-22 16:09:45 -04:00
gre.h PPTP: PPP over IPv4 (Point-to-Point Tunneling Protocol) 2010-08-21 23:05:39 -07:00
icmp.h inetpeer: Move ICMP rate limiting state into inet_peer entries. 2011-02-04 15:59:53 -08:00
ieee80211_radiotap.h mac80211: add MCS information to radiotap 2011-01-28 15:44:29 -05:00
ieee802154_netdev.h ieee802154: add an mlme_ops call to retrieve PHY object 2009-11-06 14:32:18 +03:00
ieee802154.h
if_inet6.h ipv6: reduce per device ICMP mib sizes 2011-05-19 16:21:22 -04:00
inet6_connection_sock.h inet: Pass flowi to ->queue_xmit(). 2011-05-08 15:28:28 -07:00
inet6_hashtables.h tcp: Fix a connect() race with timewait sockets 2009-12-08 20:17:51 -08:00
inet_common.h inet, inet6: make tcp_sendmsg() and tcp_sendpage() through inet_sendmsg() and inet_sendpage() 2010-07-12 20:21:46 -07:00
inet_connection_sock.h ipv4: Make caller provide flowi4 key to inet_csk_route_req(). 2011-05-18 18:32:03 -04:00
inet_ecn.h ipv6: restore correct ECN handling on TCP xmit 2011-05-12 18:52:14 -04:00
inet_frag.h fragment: add fast path for in-order fragments 2010-06-30 13:44:29 -07:00
inet_hashtables.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
inet_sock.h inet: Decrease overhead of on-stack inet_cork. 2011-05-06 15:37:57 -07:00
inet_timewait_sock.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
inetpeer.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
ip6_checksum.h
ip6_fib.h ipv6: Get rid of rt6i_nexthop macro. 2011-07-17 23:11:35 -07:00
ip6_route.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
ip6_tunnel.h tunnels: add _rcu annotations 2010-10-25 13:09:45 -07:00
ip_fib.h ipv4: Call fib_select_default() only when actually necessary. 2011-04-14 15:05:22 -07:00
ip_vs.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
ip.h ipv4: Add ip_defrag() agent IP_DEFRAG_AF_PACKET. 2011-07-05 22:34:52 -07:00
ipcomp.h percpu: add __percpu sparse annotations to net 2010-02-16 23:05:38 -08:00
ipconfig.h
ipip.h tunnels: add __rcu annotations 2010-10-27 11:37:32 -07:00
ipv6.h ipv6: make fragment identifications less predictable 2011-07-21 21:25:58 -07:00
ipx.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
iw_handler.h Fix common misspellings 2011-03-31 11:26:23 -03:00
lapb.h
lib80211.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h llc: use a device based hash table to speed up multicast delivery 2009-12-26 20:43:57 -08:00
llc_if.h
llc_pdu.h bonding,llc: Fix structure sizeof incompatibility for some PDUs 2011-05-13 15:13:24 -04:00
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
llc.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
mac80211.h mac80211: sync driver before TX 2011-07-20 15:04:35 -04:00
mip6.h net: use __packed annotation 2010-06-03 03:21:52 -07:00
mld.h ipv6 mcast: Introduce include/net/mld.h for MLD definitions. 2010-04-23 13:35:55 +09:00
ndisc.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
neighbour.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
net_namespace.h atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
net_ratelimit.h net: Kill ratelimit.h dependency in linux/net.h 2011-05-27 13:41:33 -04:00
netdma.h
netevent.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
netlabel.h doc: Update the email address for Paul Moore in various source files 2011-08-01 17:58:33 -07:00
netlink.h netlink: advertise incomplete dumps 2011-06-22 16:09:45 -04:00
netrom.h include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
nexthop.h
nfc.h NFC: add nfc generic netlink interface 2011-07-05 15:26:57 -04:00
nl802154.h
p8022.h
ping.h net: ping: fix build failure 2011-05-17 14:16:58 -04:00
pkt_cls.h net: Fix range checks in tcf_valid_offset(). 2010-12-21 12:43:16 -08:00
pkt_sched.h net: sched: constify tcf_proto and tc_action 2011-07-06 02:52:16 -07:00
protocol.h net: change netdev->features to u32 2011-01-24 15:32:47 -08:00
psnap.h
raw.h include/net/raw.h: Convert raw_seq_private macro to inline 2010-09-08 13:42:22 -07:00
rawv6.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
red.h sched: remove unused backlog in RED stats 2011-01-12 19:00:39 -08:00
regulatory.h cfg80211: Fix regulatory bug with multiple cards and delays 2010-11-22 15:48:51 -05:00
request_sock.h tcp: account SYN-ACK timeouts & retransmissions 2010-01-17 19:09:39 -08:00
rose.h rose: Add length checks to CALL_REQUEST parsing 2011-03-27 17:59:04 -07:00
route.h ipv4: Pass explicit destination address to rt_bind_peer(). 2011-05-18 18:42:43 -04:00
rtnetlink.h rtnetlink: Compute and store minimum ifinfo dump size 2011-06-09 20:38:07 -07:00
sch_generic.h net: sched: constify tcf_proto and tc_action 2011-07-06 02:52:16 -07:00
scm.h scm: lower SCM_MAX_FD 2010-11-24 11:16:43 -08:00
secure_seq.h net: Compute protocol sequence numbers and fragment IDs using MD5. 2011-08-06 18:33:19 -07:00
slhc_vj.h
snmp.h snmp: reduce percpu needs by 50% 2011-06-11 16:23:59 -07:00
sock.h Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2011-07-25 13:56:39 -07:00
stp.h
tcp_states.h
tcp.h tcp: RFC2988bis + taking RTT sample from 3WHS for the passive open side 2011-06-08 17:05:30 -07:00
timewait_sock.h timewait_sock: Create and use getpeer op. 2010-12-01 18:09:13 -08:00
transp_v6.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
udp.h udp: Switch to ip_finish_skb 2011-03-01 12:35:03 -08:00
udplite.h udp: Switch to ip_finish_skb 2011-03-01 12:35:03 -08:00
wext.h
wimax.h net: wimax: Remove of unused 'rfkill_input' pointer 2011-06-24 17:50:44 -07:00
wpan-phy.h Fix common misspellings 2011-03-31 11:26:23 -03:00
x25.h X25 remove bkl in subscription ioctls 2010-11-28 11:12:20 -08:00
x25device.h X25: Add if_x25.h and x25 to device identifiers 2010-04-22 16:12:36 -07:00
xfrm.h Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-3.6 2011-05-11 14:26:58 -04:00