git: 53da1bf035be - stable/14 - sctp: store cookie secret change time as time_t
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 03 Aug 2024 22:25:53 UTC
The branch stable/14 has been updated by tuexen: URL: https://cgit.FreeBSD.org/src/commit/?id=53da1bf035beef155fdb5d6e93215e01dc3090fd commit 53da1bf035beef155fdb5d6e93215e01dc3090fd Author: Michael Tuexen <tuexen@FreeBSD.org> AuthorDate: 2024-05-10 18:09:06 +0000 Commit: Michael Tuexen <tuexen@FreeBSD.org> CommitDate: 2024-08-03 22:25:22 +0000 sctp: store cookie secret change time as time_t Reported by: Coverity Scan CID: 1492349 CID: 1493281 (cherry picked from commit 9d8a3718e24c9ec1ffca6efba64aba3e308aee96) --- sys/netinet/sctp_input.c | 4 ++-- sys/netinet/sctp_pcb.c | 2 +- sys/netinet/sctp_pcb.h | 4 ++-- sys/netinet/sctputil.c | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/sys/netinet/sctp_input.c b/sys/netinet/sctp_input.c index 0a8372a07362..dc31ffbc2161 100644 --- a/sys/netinet/sctp_input.c +++ b/sys/netinet/sctp_input.c @@ -2329,7 +2329,7 @@ sctp_handle_cookie_echo(struct mbuf *m, int iphlen, int offset, } ep = &(*inp_p)->sctp_ep; /* which cookie is it? */ - if ((cookie->time_entered.tv_sec < (long)ep->time_of_secret_change) && + if ((cookie->time_entered.tv_sec < ep->time_of_secret_change) && (ep->current_secret_number != ep->last_secret_number)) { /* it's the old cookie */ (void)sctp_hmac_m(SCTP_HMAC, @@ -2352,7 +2352,7 @@ sctp_handle_cookie_echo(struct mbuf *m, int iphlen, int offset, /* compare the received digest with the computed digest */ if (timingsafe_bcmp(calc_sig, sig, SCTP_SIGNATURE_SIZE) != 0) { /* try the old cookie? */ - if ((cookie->time_entered.tv_sec == (long)ep->time_of_secret_change) && + if ((cookie->time_entered.tv_sec == ep->time_of_secret_change) && (ep->current_secret_number != ep->last_secret_number)) { /* compute digest with old */ (void)sctp_hmac_m(SCTP_HMAC, diff --git a/sys/netinet/sctp_pcb.c b/sys/netinet/sctp_pcb.c index a1742b2fffca..69c492bc58df 100644 --- a/sys/netinet/sctp_pcb.c +++ b/sys/netinet/sctp_pcb.c @@ -2570,7 +2570,7 @@ sctp_inpcb_alloc(struct socket *so, uint32_t vrf_id) /* Setup the initial secret */ (void)SCTP_GETTIME_TIMEVAL(&time); - m->time_of_secret_change = (unsigned int)time.tv_sec; + m->time_of_secret_change = time.tv_sec; for (i = 0; i < SCTP_NUMBER_OF_SECRETS; i++) { m->secret_key[0][i] = sctp_select_initial_TSN(m); diff --git a/sys/netinet/sctp_pcb.h b/sys/netinet/sctp_pcb.h index e57e13654073..5c6ead92bf9b 100644 --- a/sys/netinet/sctp_pcb.h +++ b/sys/netinet/sctp_pcb.h @@ -263,8 +263,8 @@ struct sctp_base_info { * access /dev/random. */ struct sctp_pcb { - unsigned int time_of_secret_change; /* number of seconds from - * timeval.tv_sec */ + time_t time_of_secret_change; /* number of seconds from + * timeval.tv_sec */ uint32_t secret_key[SCTP_HOW_MANY_SECRETS][SCTP_NUMBER_OF_SECRETS]; unsigned int size_of_a_cookie; diff --git a/sys/netinet/sctputil.c b/sys/netinet/sctputil.c index 19180b3cf725..e963c5cb466e 100644 --- a/sys/netinet/sctputil.c +++ b/sys/netinet/sctputil.c @@ -1944,7 +1944,7 @@ sctp_timeout_handler(void *t) type, inp, stcb, net)); SCTP_STAT_INCR(sctps_timosecret); (void)SCTP_GETTIME_TIMEVAL(&tv); - inp->sctp_ep.time_of_secret_change = (unsigned int)tv.tv_sec; + inp->sctp_ep.time_of_secret_change = tv.tv_sec; inp->sctp_ep.last_secret_number = inp->sctp_ep.current_secret_number; inp->sctp_ep.current_secret_number++;