[NETFILTER]: PPTP conntrack: fix PPTP_IN_CALL message types
authorPatrick McHardy <kaber@trash.net>
Wed, 20 Sep 2006 19:10:52 +0000 (12:10 -0700)
committerDavid S. Miller <davem@sunset.davemloft.net>
Fri, 22 Sep 2006 22:20:18 +0000 (15:20 -0700)
Fix incorrectly used message types and call IDs:

- PPTP_IN_CALL_REQUEST (PAC->PNS) contains a PptpInCallRequest (icreq)
  message and the PAC call ID

- PPTP_IN_CALL_REPLY (PNS->PAC) contains a PptpInCallReply (icack)
  message and the PNS call ID

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/ipv4/netfilter/ip_conntrack_helper_pptp.c
net/ipv4/netfilter/ip_nat_helper_pptp.c

index 5cb6b61cd171a39e1f66559d078c85f87cf615d4..b0225b65ca3518154ee33f69ffb57a8378f043e8 100644 (file)
@@ -355,10 +355,10 @@ pptp_inbound_pkt(struct sk_buff **pskb,
                if (info->sstate != PPTP_SESSION_CONFIRMED)
                        goto invalid;
 
-               pcid = pptpReq->icack.peersCallID;
-               DEBUGP("%s, PCID=%X\n", pptp_msg_name[msg], ntohs(pcid));
+               cid = pptpReq->icreq.callID;
+               DEBUGP("%s, CID=%X\n", pptp_msg_name[msg], ntohs(cid));
                info->cstate = PPTP_CALL_IN_REQ;
-               info->pac_call_id = pcid;
+               info->pac_call_id = cid;
                break;
 
        case PPTP_IN_CALL_CONNECT:
@@ -458,15 +458,17 @@ pptp_outbound_pkt(struct sk_buff **pskb,
                    info->cstate != PPTP_CALL_IN_REP)
                        goto invalid;
 
+               cid = pptpReq->icack.callID;
                pcid = pptpReq->icack.peersCallID;
                if (info->pac_call_id != pcid)
                        goto invalid;
-               DEBUGP("%s, CID=%X\n", pptp_msg_name[msg], ntohs(pcid));
+               DEBUGP("%s, CID=%X PCID=%X\n", pptp_msg_name[msg],
+                      ntohs(cid), ntohs(pcid));
 
                if (pptpReq->icack.resultCode == PPTP_INCALL_ACCEPT) {
                        /* part two of the three-way handshake */
                        info->cstate = PPTP_CALL_IN_REP;
-                       info->pns_call_id = pcid;
+                       info->pns_call_id = cid;
                } else
                        info->cstate = PPTP_CALL_NONE;
                break;
index 84f6bd09fcd4d84f50cb384869f2e38bed6060d4..2ff5788071237fa968a74dd1d45c7da512472d1e 100644 (file)
@@ -172,7 +172,7 @@ pptp_outbound_pkt(struct sk_buff **pskb,
                ct_pptp_info->pns_call_id = new_callid;
                break;
        case PPTP_IN_CALL_REPLY:
-               cid_off = offsetof(union pptp_ctrl_union, icreq.callID);
+               cid_off = offsetof(union pptp_ctrl_union, icack.callID);
                break;
        case PPTP_CALL_CLEAR_REQUEST:
                cid_off = offsetof(union pptp_ctrl_union, clrreq.callID);