git: e25611e85841 - stable/13 - sctp: store cookie secret change time as time_t
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 01 Aug 2024 21:06:34 UTC
The branch stable/13 has been updated by tuexen: URL: https://cgit.FreeBSD.org/src/commit/?id=e25611e8584178822a6587d74591db5557b5db69 commit e25611e8584178822a6587d74591db5557b5db69 Author: Michael Tuexen <tuexen@FreeBSD.org> AuthorDate: 2024-05-10 18:09:06 +0000 Commit: Michael Tuexen <tuexen@FreeBSD.org> CommitDate: 2024-08-01 21:05:57 +0000 sctp: store cookie secret change time as time_t Reported by: Coverity Scan CID: 1492349 CID: 1493281 (cherry picked from commit 9d8a3718e24c9ec1ffca6efba64aba3e308aee96) --- sys/netinet/sctp_input.c | 4 ++-- sys/netinet/sctp_pcb.c | 2 +- sys/netinet/sctp_pcb.h | 4 ++-- sys/netinet/sctputil.c | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/sys/netinet/sctp_input.c b/sys/netinet/sctp_input.c index b6239b0d9ad6..65a60d539a5e 100644 --- a/sys/netinet/sctp_input.c +++ b/sys/netinet/sctp_input.c @@ -2327,7 +2327,7 @@ sctp_handle_cookie_echo(struct mbuf *m, int iphlen, int offset, } ep = &(*inp_p)->sctp_ep; /* which cookie is it? */ - if ((cookie->time_entered.tv_sec < (long)ep->time_of_secret_change) && + if ((cookie->time_entered.tv_sec < ep->time_of_secret_change) && (ep->current_secret_number != ep->last_secret_number)) { /* it's the old cookie */ (void)sctp_hmac_m(SCTP_HMAC, @@ -2350,7 +2350,7 @@ sctp_handle_cookie_echo(struct mbuf *m, int iphlen, int offset, /* compare the received digest with the computed digest */ if (timingsafe_bcmp(calc_sig, sig, SCTP_SIGNATURE_SIZE) != 0) { /* try the old cookie? */ - if ((cookie->time_entered.tv_sec == (long)ep->time_of_secret_change) && + if ((cookie->time_entered.tv_sec == ep->time_of_secret_change) && (ep->current_secret_number != ep->last_secret_number)) { /* compute digest with old */ (void)sctp_hmac_m(SCTP_HMAC, diff --git a/sys/netinet/sctp_pcb.c b/sys/netinet/sctp_pcb.c index 3435377e1064..5d603a3f26d0 100644 --- a/sys/netinet/sctp_pcb.c +++ b/sys/netinet/sctp_pcb.c @@ -2569,7 +2569,7 @@ sctp_inpcb_alloc(struct socket *so, uint32_t vrf_id) /* Setup the initial secret */ (void)SCTP_GETTIME_TIMEVAL(&time); - m->time_of_secret_change = (unsigned int)time.tv_sec; + m->time_of_secret_change = time.tv_sec; for (i = 0; i < SCTP_NUMBER_OF_SECRETS; i++) { m->secret_key[0][i] = sctp_select_initial_TSN(m); diff --git a/sys/netinet/sctp_pcb.h b/sys/netinet/sctp_pcb.h index ca51f519a24d..4334595f208f 100644 --- a/sys/netinet/sctp_pcb.h +++ b/sys/netinet/sctp_pcb.h @@ -263,8 +263,8 @@ struct sctp_base_info { * access /dev/random. */ struct sctp_pcb { - unsigned int time_of_secret_change; /* number of seconds from - * timeval.tv_sec */ + time_t time_of_secret_change; /* number of seconds from + * timeval.tv_sec */ uint32_t secret_key[SCTP_HOW_MANY_SECRETS][SCTP_NUMBER_OF_SECRETS]; unsigned int size_of_a_cookie; diff --git a/sys/netinet/sctputil.c b/sys/netinet/sctputil.c index 8b2e95158ebc..68484409d038 100644 --- a/sys/netinet/sctputil.c +++ b/sys/netinet/sctputil.c @@ -1942,7 +1942,7 @@ sctp_timeout_handler(void *t) type, inp, stcb, net)); SCTP_STAT_INCR(sctps_timosecret); (void)SCTP_GETTIME_TIMEVAL(&tv); - inp->sctp_ep.time_of_secret_change = (unsigned int)tv.tv_sec; + inp->sctp_ep.time_of_secret_change = tv.tv_sec; inp->sctp_ep.last_secret_number = inp->sctp_ep.current_secret_number; inp->sctp_ep.current_secret_number++;