tcp: add server ip to encrypt cookie in fast open

Encrypt the cookie with both server and client IPv4 addresses, such that multi-homed server will grant different cookies based on both the source and destination IPs. No client change is needed since cookie is opaque to the client. Signed-off-by: Yuchung Cheng <ycheng@google.com> Reviewed-by: Eric Dumazet <edumazet@google.com> Acked-by: Neal Cardwell <ncardwell@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Yuchung Cheng <ycheng@google.com> 2013-08-08 14:06:22 -0700
committer: David S. Miller <davem@davemloft.net> 2013-08-10 00:35:33 -0700
commit: 149479d019e06df5a7f4096f95c00cfb1380309c (patch)
tree: 693d54479d3377a5b4bd7ddfb61394f26706defd /include/net
parent: 469230d118dc0822f6bf46c75ab147fa9f00741f (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/include/net/tcp.h b/include/net/tcp.h
index 27b652f379ef..09cb5c11ceea 100644
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -1300,7 +1300,8 @@ void tcp_free_fastopen_req(struct tcp_sock *tp);
 
 extern struct tcp_fastopen_context __rcu *tcp_fastopen_ctx;
 int tcp_fastopen_reset_cipher(void *key, unsigned int len);
-void tcp_fastopen_cookie_gen(__be32 addr, struct tcp_fastopen_cookie *foc);
+extern void tcp_fastopen_cookie_gen(__be32 src, __be32 dst,
+				    struct tcp_fastopen_cookie *foc);
 
 #define TCP_FASTOPEN_KEY_LENGTH 16
author	Yuchung Cheng <ycheng@google.com>	2013-08-08 14:06:22 -0700
committer	David S. Miller <davem@davemloft.net>	2013-08-10 00:35:33 -0700
commit	149479d019e06df5a7f4096f95c00cfb1380309c (patch)
tree	693d54479d3377a5b4bd7ddfb61394f26706defd /include/net
parent	469230d118dc0822f6bf46c75ab147fa9f00741f (diff)