From 47aac6fa4bc4ddf5227ae47d0c46ba69b886dc8e Mon Sep 17 00:00:00 2001 From: Michael Tuexen Date: Fri, 1 Aug 2014 20:49:27 +0000 Subject: [PATCH] Remove the asconf_auth_nochk sysctl. This was off by default and only existed to be able to test with non-compliant peers a long time ago. --- sys/netinet/sctp_auth.c | 3 +-- sys/netinet/sctp_pcb.c | 3 +-- sys/netinet/sctp_sysctl.c | 6 ------ sys/netinet/sctp_sysctl.h | 7 ------- 4 files changed, 2 insertions(+), 17 deletions(-) diff --git a/sys/netinet/sctp_auth.c b/sys/netinet/sctp_auth.c index d4d40595791b..cd55e2558085 100644 --- a/sys/netinet/sctp_auth.c +++ b/sys/netinet/sctp_auth.c @@ -1949,8 +1949,7 @@ sctp_validate_init_auth_params(struct mbuf *m, int offset, int limit) "SCTP: peer sent chunk list w/o AUTH\n"); return (-1); } - if (!SCTP_BASE_SYSCTL(sctp_asconf_auth_nochk) && peer_supports_asconf && - !peer_supports_auth) { + if (peer_supports_asconf && !peer_supports_auth) { SCTPDBG(SCTP_DEBUG_AUTH1, "SCTP: peer supports ASCONF but not AUTH\n"); return (-1); diff --git a/sys/netinet/sctp_pcb.c b/sys/netinet/sctp_pcb.c index fa5a2885c264..ef103cd186ba 100644 --- a/sys/netinet/sctp_pcb.c +++ b/sys/netinet/sctp_pcb.c @@ -6625,8 +6625,7 @@ sctp_load_addresses_from_init(struct sctp_tcb *stcb, struct mbuf *m, /* peer does not support auth but sent a chunks list? */ return (-31); } - if (!SCTP_BASE_SYSCTL(sctp_asconf_auth_nochk) && stcb->asoc.peer_supports_asconf && - !stcb->asoc.peer_supports_auth) { + if (stcb->asoc.peer_supports_asconf && !stcb->asoc.peer_supports_auth) { /* peer supports asconf but not auth? */ return (-32); } else if ((stcb->asoc.peer_supports_asconf) && (stcb->asoc.peer_supports_auth) && diff --git a/sys/netinet/sctp_sysctl.c b/sys/netinet/sctp_sysctl.c index 6d18b6318cd1..dc0074560847 100644 --- a/sys/netinet/sctp_sysctl.c +++ b/sys/netinet/sctp_sysctl.c @@ -88,7 +88,6 @@ sctp_init_sysctls() SCTP_BASE_SYSCTL(sctp_nr_sack_on_off) = SCTPCTL_NR_SACK_ON_OFF_DEFAULT; SCTP_BASE_SYSCTL(sctp_cmt_use_dac) = SCTPCTL_CMT_USE_DAC_DEFAULT; SCTP_BASE_SYSCTL(sctp_use_cwnd_based_maxburst) = SCTPCTL_CWND_MAXBURST_DEFAULT; - SCTP_BASE_SYSCTL(sctp_asconf_auth_nochk) = SCTPCTL_ASCONF_AUTH_NOCHK_DEFAULT; SCTP_BASE_SYSCTL(sctp_auth_disable) = SCTPCTL_AUTH_DISABLE_DEFAULT; SCTP_BASE_SYSCTL(sctp_nat_friendly) = SCTPCTL_NAT_FRIENDLY_DEFAULT; SCTP_BASE_SYSCTL(sctp_L2_abc_variable) = SCTPCTL_ABC_L_VAR_DEFAULT; @@ -635,7 +634,6 @@ sysctl_sctp_check(SYSCTL_HANDLER_ARGS) RANGECHK(SCTP_BASE_SYSCTL(sctp_nr_sack_on_off), SCTPCTL_NR_SACK_ON_OFF_MIN, SCTPCTL_NR_SACK_ON_OFF_MAX); RANGECHK(SCTP_BASE_SYSCTL(sctp_cmt_use_dac), SCTPCTL_CMT_USE_DAC_MIN, SCTPCTL_CMT_USE_DAC_MAX); RANGECHK(SCTP_BASE_SYSCTL(sctp_use_cwnd_based_maxburst), SCTPCTL_CWND_MAXBURST_MIN, SCTPCTL_CWND_MAXBURST_MAX); - RANGECHK(SCTP_BASE_SYSCTL(sctp_asconf_auth_nochk), SCTPCTL_ASCONF_AUTH_NOCHK_MIN, SCTPCTL_ASCONF_AUTH_NOCHK_MAX); RANGECHK(SCTP_BASE_SYSCTL(sctp_auth_disable), SCTPCTL_AUTH_DISABLE_MIN, SCTPCTL_AUTH_DISABLE_MAX); RANGECHK(SCTP_BASE_SYSCTL(sctp_nat_friendly), SCTPCTL_NAT_FRIENDLY_MIN, SCTPCTL_NAT_FRIENDLY_MAX); RANGECHK(SCTP_BASE_SYSCTL(sctp_L2_abc_variable), SCTPCTL_ABC_L_VAR_MIN, SCTPCTL_ABC_L_VAR_MAX); @@ -996,10 +994,6 @@ SYSCTL_VNET_PROC(_net_inet_sctp, OID_AUTO, cwnd_maxburst, CTLTYPE_UINT | CTLFLAG &SCTP_BASE_SYSCTL(sctp_use_cwnd_based_maxburst), 0, sysctl_sctp_check, "IU", SCTPCTL_CWND_MAXBURST_DESC); -SYSCTL_VNET_PROC(_net_inet_sctp, OID_AUTO, asconf_auth_nochk, CTLTYPE_UINT | CTLFLAG_RW, - &SCTP_BASE_SYSCTL(sctp_asconf_auth_nochk), 0, sysctl_sctp_check, "IU", - SCTPCTL_ASCONF_AUTH_NOCHK_DESC); - SYSCTL_VNET_PROC(_net_inet_sctp, OID_AUTO, auth_disable, CTLTYPE_UINT | CTLFLAG_RW, &SCTP_BASE_SYSCTL(sctp_auth_disable), 0, sysctl_sctp_check, "IU", SCTPCTL_AUTH_DISABLE_DESC); diff --git a/sys/netinet/sctp_sysctl.h b/sys/netinet/sctp_sysctl.h index 432d36a4c6b9..e258db875e76 100644 --- a/sys/netinet/sctp_sysctl.h +++ b/sys/netinet/sctp_sysctl.h @@ -79,7 +79,6 @@ struct sctp_sysctl { /* EY 5/5/08 - nr_sack flag variable */ uint32_t sctp_nr_sack_on_off; uint32_t sctp_use_cwnd_based_maxburst; - uint32_t sctp_asconf_auth_nochk; uint32_t sctp_auth_disable; uint32_t sctp_nat_friendly; uint32_t sctp_L2_abc_variable; @@ -360,12 +359,6 @@ struct sctp_sysctl { #define SCTPCTL_CWND_MAXBURST_MAX 1 #define SCTPCTL_CWND_MAXBURST_DEFAULT 1 -/* asconf_auth_nochk: Disable SCTP ASCONF AUTH requirement */ -#define SCTPCTL_ASCONF_AUTH_NOCHK_DESC "Disable SCTP ASCONF AUTH requirement" -#define SCTPCTL_ASCONF_AUTH_NOCHK_MIN 0 -#define SCTPCTL_ASCONF_AUTH_NOCHK_MAX 1 -#define SCTPCTL_ASCONF_AUTH_NOCHK_DEFAULT 0 - /* auth_disable: Disable SCTP AUTH function */ #define SCTPCTL_AUTH_DISABLE_DESC "Disable SCTP AUTH function" #define SCTPCTL_AUTH_DISABLE_MIN 0