Make syncookie_mac() use 'tcp_seq irs' in computing hash.

This fixes what seems like a simple oversight when the function was added in
r253210.

Reported by:            Daniel Borkmann <dborkman@redhat.com>
                        Florian Westphal <fw@strlen.de>
Differential Revision:  https://reviews.freebsd.org/D1628
Reviewed by:            gnn
MFC after:              1 month
Sponsored by:           Limelight Networks
This commit is contained in:
Hiren Panchasara 2015-01-30 17:29:07 +00:00
parent c47ef15f23
commit ec446b1375

View File

@ -1742,6 +1742,7 @@ syncookie_mac(struct in_conninfo *inc, tcp_seq irs, uint8_t flags,
}
SipHash_Update(&ctx, &inc->inc_fport, sizeof(inc->inc_fport));
SipHash_Update(&ctx, &inc->inc_lport, sizeof(inc->inc_lport));
SipHash_Update(&ctx, &irs, sizeof(irs));
SipHash_Update(&ctx, &flags, sizeof(flags));
SipHash_Update(&ctx, &secmod, sizeof(secmod));
SipHash_Final((u_int8_t *)&siphash, &ctx);