sctp: do not enable peer features if we can't do them.

[ Upstream commit 0ef46e285c062cbe35d60c0adbff96f530d31c86 ]

Do not enable peer features like addip and auth, if they
are administratively disabled localy.  If the peer resports
that he supports something that we don't, neither end can
use it so enabling it is pointless.  This solves a problem
when talking to a peer that has auth and addip enabled while
we do not.  Found by Andrei Pelinescu-Onciul <andrei@iptel.org>.

Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c
index 36ebb392472e3b1ae3ef4be91cda23db8b46548b..46862775d4150c48b22029e4ea0c8d1951770fbd 100644 (file)
--- a/net/sctp/sm_make_chunk.c
+++ b/net/sctp/sm_make_chunk.c
@@ -1886,11 +1886,13 @@ static void sctp_process_ext_param(struct sctp_association *asoc,
                            /* if the peer reports AUTH, assume that he
                             * supports AUTH.
                             */
-                           asoc->peer.auth_capable = 1;
+                           if (sctp_auth_enable)
+                                   asoc->peer.auth_capable = 1;
                            break;
                    case SCTP_CID_ASCONF:
                    case SCTP_CID_ASCONF_ACK:
-                           asoc->peer.asconf_capable = 1;
+                           if (sctp_addip_enable)
+                                   asoc->peer.asconf_capable = 1;
                            break;
                    default:
                            break;
@@ -2454,6 +2456,9 @@ static int sctp_process_param(struct sctp_association *asoc,
                break;
 
        case SCTP_PARAM_SET_PRIMARY:
+               if (!sctp_addip_enable)
+                       goto fall_through;
+
                addr_param = param.v + sizeof(sctp_addip_param_t);
 
                af = sctp_get_af_specific(param_type2af(param.p->type));