aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2006-09-20 12:10:37 -0700
committerDavid S. Miller <davem@sunset.davemloft.net>2006-09-22 15:20:17 -0700
commit750a58423309b56751076329e9edf61b93213e0f (patch)
tree8b57331ec4cec74b148a8189c265c167d1037001
parent87a0117afdfe64473a6c802501bc15aee145ebb8 (diff)
downloadkernel_samsung_aries-750a58423309b56751076329e9edf61b93213e0f.zip
kernel_samsung_aries-750a58423309b56751076329e9edf61b93213e0f.tar.gz
kernel_samsung_aries-750a58423309b56751076329e9edf61b93213e0f.tar.bz2
[NETFILTER]: PPTP conntrack: check call ID before changing state
For rejected calls the state is set to PPTP_CALL_NONE even for non-matching call ids. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/ipv4/netfilter/ip_conntrack_helper_pptp.c32
1 files changed, 13 insertions, 19 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_helper_pptp.c b/net/ipv4/netfilter/ip_conntrack_helper_pptp.c
index 7b6d5aa..5cb6b61 100644
--- a/net/ipv4/netfilter/ip_conntrack_helper_pptp.c
+++ b/net/ipv4/netfilter/ip_conntrack_helper_pptp.c
@@ -335,25 +335,19 @@ pptp_inbound_pkt(struct sk_buff **pskb,
info->cstate != PPTP_CALL_OUT_CONF)
goto invalid;
- if (pptpReq->ocack.resultCode != PPTP_OUTCALL_CONNECT) {
- info->cstate = PPTP_CALL_NONE;
- break;
- }
-
cid = pptpReq->ocack.callID;
pcid = pptpReq->ocack.peersCallID;
-
- info->pac_call_id = cid;
-
if (info->pns_call_id != pcid)
goto invalid;
-
DEBUGP("%s, CID=%X, PCID=%X\n", pptp_msg_name[msg],
ntohs(cid), ntohs(pcid));
- info->cstate = PPTP_CALL_OUT_CONF;
-
- exp_gre(ct, cid, pcid);
+ if (pptpReq->ocack.resultCode == PPTP_OUTCALL_CONNECT) {
+ info->cstate = PPTP_CALL_OUT_CONF;
+ info->pac_call_id = cid;
+ exp_gre(ct, cid, pcid);
+ } else
+ info->cstate = PPTP_CALL_NONE;
break;
case PPTP_IN_CALL_REQUEST:
@@ -464,17 +458,17 @@ pptp_outbound_pkt(struct sk_buff **pskb,
info->cstate != PPTP_CALL_IN_REP)
goto invalid;
- if (pptpReq->icack.resultCode != PPTP_INCALL_ACCEPT) {
- info->cstate = PPTP_CALL_NONE;
- break;
- }
pcid = pptpReq->icack.peersCallID;
if (info->pac_call_id != pcid)
goto invalid;
DEBUGP("%s, CID=%X\n", pptp_msg_name[msg], ntohs(pcid));
- /* part two of the three-way handshake */
- info->cstate = PPTP_CALL_IN_REP;
- info->pns_call_id = pcid;
+
+ if (pptpReq->icack.resultCode == PPTP_INCALL_ACCEPT) {
+ /* part two of the three-way handshake */
+ info->cstate = PPTP_CALL_IN_REP;
+ info->pns_call_id = pcid;
+ } else
+ info->cstate = PPTP_CALL_NONE;
break;
case PPTP_CALL_CLEAR_REQUEST: