Hi, as it seems, 2.6.26 will be our linux kernel for lenny.
The recommended version of lksctp-tools for kernel 2.6.26 is 1.0.9 (lksctp-tool is the userspace library for the in-kernel SCTP network protocol implementation). 1.0.9.dfsg-1 has been in unstable for 21 days. The package has no open bugs. The complete debdiff (without the auto* goo) is attached. (Note: the ChangeLog entries marked K: are the kernel related changes, T: are the changes in lksctp-tools). Please consider unblocking lksctp-tools 1.0.9.dfsg-1 Thanks, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/ChangeLog lksctp-tools-1.0.9.dfsg/ChangeLog --- lksctp-tools-1.0.8.dfsg/ChangeLog 2008-02-26 18:08:55.000000000 +0100 +++ lksctp-tools-1.0.9.dfsg/ChangeLog 2008-08-05 21:19:04.000000000 +0200 @@ -1,10 +1,88 @@ -Version 2.6.24-1.0.8 of the Developers' Release of the SCTP +Version 2.6.26-1.0.9 of the Developers' Release of the SCTP Linux Kernel Implementation is available from http://sf.net/projects/lksctp/ +lksctp-2.6.26-1.0.9: Sun Jul 13 14:51:29 PDT 2008 +T:Patch Make frame tests work with 2.6.26 kernel. +T:Patch Implement and export SCTP-AUTH API extensions based on + sctpsocket-16 draft +T:NA Process withsctp.in at build time +K:Patch Add documentation for sctp sysctl variable +K:NA Mark the tsn as received after all allocations finish +K:NA Make sure N * sizeof(union sctp_addr) does not overflow. +K:NA Correclty set changeover_active for SFR-CACC +K:NA Correctly cleanup procfs entries upon failure. +K:NA Fix ECN markings for IPv6 +K:NA Flush the queue only once during fast retransmit. +K:NA Start T3-RTX timer when fast retransmitting lowest TSN +K:NA Correctly implement Fast Recovery cwnd manipulations. +K:NA Move sctp_v4_dst_saddr out of loop +K:NA retran_path update bug fix +K:NA Fix NULL dereference of asoc. +K:NA Fix use of uninitialized pointer +K:NA Add address type check while process paramaters of ASCONF chunk +K:NA Do not enable peer IPv6 address support on PF_INET socket +K:NA Initialize partial_bytes_acked to 0, when all of the data is acked +K:NA IPv4 vs IPv6 addresses mess in sctp_inet[6]addr_event. +K:NA Fix compiler warning about const qualifiers +K:NA Fix protocol violation when receiving an error lenght INIT-ACK +K:NA Add check for hmac_algo parameter in sctp_verify_param() +K:Patch New sctp mailing list +K:NA Remove an unused parameter from sctp_cmd_hb_timer_update +K:Patch "list_for_each()" -> "list_for_each_entry()" where appropriate. +K:NA Correct /proc/net/assocs formatting error +K:Patch Use snmp_mib_{init,free}(). +K:Patch Remove useless assignment from __sctp_rcv_lookup_endpoint +K:NA fix wrong debug counting of bind_bucket +K:NA fix wrong debug counting of datamsg +K:Patch Replace socket with sock for SCTP control socket. +K:Patch Use inet_ctl_sock_create for control socket creation. +K:Patch Remove sctp_add_cmd_sf wrapper bloat +K:Patch Remove redundant wrapper functions. +K:Patch Replace char msg[] with static const char[] +K:NA Fix a race between module load and protosw access +K:NA fix misannotated __sctp_rcv_asconf_lookup() +K:NA Fix local_addr deletions during list traversals. +K:Patch Bring MAX_BURST socket option into ietf API extension compliance +K:NA Fix chunk parameter processing bug +K:Patch Kill unused static inline sctp_sysctl_jiffies_ms +K:Patch extend exported data in /proc/net/sctp/assoc +K:Patch Use proc_create to setup de->proc_fops. +K:Patch Update AUTH structures to match declarations in draft-16. +K:NA Incorrect length was used in SCTP_*_AUTH_CHUNKS socket option +K:Patch Clean up naming conventions of sctp protocol/address family + registration +K:NA Correctly set the length of sctp_assoc_change notification +K:NA Pick up an orphaned sctp_sockets_allocated counter. +K:Patch Convert sctp_dbg_objcnt to seq files. +K:Patch Use snmp_fold_field instead of a homebrew analogue. +K:NA Make sure the chunk is off the transmitted list prior to freeing. +K:NA Fix kernel panic while received ASCONF chunk with bad serial + number +K:NA Set ports in every address returned by sctp_getladdrs() +K:NA Correctly reap SSNs when processing FORWARD_TSN chunk +K:NA Fix kernel panic while received AUTH chunk with BAD shared key + identifier +K:NA Fix kernel panic while received AUTH chunk while enabled auth +K:Patch Kill silly inlines in ulpqueue.c +K:NA Do not increase rwnd when reading partial notification. +K:Patch Stop claiming that this is a "reference implementation" +K:NA Fix miss of report unrecognized HMAC Algorithm parameter +K:NA Correctly initialize error when parameter validation failed. +K:Patch Follow Add-IP security consideratiosn wrt INIT/INIT-ACK +K:Patch Implement ADD-IP special case processing for ABORT chunk +K:Patch Change use_as_src into a full address state +K:Patch Update ASCONF processing to conform to spec. +K:Patch ADD-IP updates the states where ASCONFs can be sent +K:Patch Update association lookup to look at ASCONF chunks as well +K:Patch Add the handling of "Set Primary IP Address" parameter to INIT +K:Patch Handle the wildcard ADD-IP Address parameter +K:Patch Discard unauthenticated ASCONF and ASCONF ACK chunks +K:Patch Use crc32c library for checksum calculations. +K:Patch Use ipv4_is_<type> -lksctp-2.6.24-1.0.5: Fri Feb 01 14:55:00 EST 2008 +lksctp-2.6.24-1.0.8: Fri Feb 01 14:55:00 EST 2008 K:NA Add back the code that accounted for FORWARD_TSN parameter in INIT. K:NA Correctly handle AUTH parameters in unexpected INIT diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/debian/changelog lksctp-tools-1.0.9.dfsg/debian/changelog --- lksctp-tools-1.0.8.dfsg/debian/changelog 2008-09-01 01:56:58.000000000 +0200 +++ lksctp-tools-1.0.9.dfsg/debian/changelog 2008-09-01 01:56:58.000000000 +0200 @@ -1,3 +1,12 @@ +lksctp-tools (1.0.9.dfsg-1) unstable; urgency=low + + * New upstream release. + * Repacked upstream tarball to remove non-free documentation in doc/*. + * debian/control + - Bump Standards-Version to 3.8.0. No further changes. + + -- Michael Biebl <[EMAIL PROTECTED]> Sun, 10 Aug 2008 01:46:41 +0200 + lksctp-tools (1.0.8.dfsg-2) unstable; urgency=low * Add symbols file for libsctp1. diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/debian/control lksctp-tools-1.0.9.dfsg/debian/control --- lksctp-tools-1.0.8.dfsg/debian/control 2008-09-01 01:56:58.000000000 +0200 +++ lksctp-tools-1.0.9.dfsg/debian/control 2008-09-01 01:56:58.000000000 +0200 @@ -3,7 +3,7 @@ Priority: optional Maintainer: Michael Biebl <[EMAIL PROTECTED]> Build-Depends: cdbs, debhelper (>= 5.0.0), autotools-dev -Standards-Version: 3.7.3 +Standards-Version: 3.8.0 Homepage: http://lksctp.sf.net/ Package: libsctp1 diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/lksctp-tools.spec.in lksctp-tools-1.0.9.dfsg/lksctp-tools.spec.in --- lksctp-tools-1.0.8.dfsg/lksctp-tools.spec.in 2008-02-26 18:08:55.000000000 +0100 +++ lksctp-tools-1.0.9.dfsg/lksctp-tools.spec.in 2008-08-05 21:21:44.000000000 +0200 @@ -4,7 +4,7 @@ # Author : Francois-Xavier Kowalski # Created On : Sat Jan 10 14:53:53 2004 # Last Modified By: Vlad Yasevich -# Last Modified On: Fri Feb 1 14:09:04 2008 +# Last Modified On: Tue Aug 5 15:19:59 EDT 2008 # # (c) Copyright Hewlett-Packard Company 2004 # (C) Copyright IBM Corp. 2004 @@ -25,7 +25,7 @@ # Free Software Foundation, Inc., 675 Mass Ave, Cambridge, # MA 02139, USA. -%define kernel_version 2.6.24 +%define kernel_version 2.6.26 %define kernel_extraflags %define lksctp_version @VERSION@ @@ -129,6 +129,9 @@ %doc doc/*.txt %changelog +* Sun Jun 13 2008 Vlad Yasevich <[EMAIL PROTECTED]> 1.0.9-1 +- 1.0.9 Release + * Fri Feb 01 2008 Vlad Yasevich <[EMAIL PROTECTED]> 1.0.8-1 - 1.0.8 Release diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/Makefile.rules lksctp-tools-1.0.9.dfsg/Makefile.rules --- lksctp-tools-1.0.8.dfsg/Makefile.rules 2008-02-26 18:08:55.000000000 +0100 +++ lksctp-tools-1.0.9.dfsg/Makefile.rules 2008-07-16 16:14:16.000000000 +0200 @@ -11,3 +11,8 @@ ## FIXME: Your stuff here + +edit = @sed \ + -e "s|[EMAIL PROTECTED]@|$(bindir)|" \ + -e "s|[EMAIL PROTECTED]@|$(libdir)|" \ + -e "s|[EMAIL PROTECTED]@|$(PACKAGE)|" diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/src/include/netinet/sctp.h lksctp-tools-1.0.9.dfsg/src/include/netinet/sctp.h --- lksctp-tools-1.0.8.dfsg/src/include/netinet/sctp.h 2008-02-26 18:08:55.000000000 +0100 +++ lksctp-tools-1.0.9.dfsg/src/include/netinet/sctp.h 2008-07-16 16:14:16.000000000 +0200 @@ -105,6 +105,21 @@ #define SCTP_PARTIAL_DELIVERY_POINT SCTP_PARTIAL_DELIVERY_POINT SCTP_MAX_BURST, /* Set/Get max burst */ #define SCTP_MAX_BURST SCTP_MAX_BURST + SCTP_AUTH_CHUNK, /* Set only: add a chunk type to authenticat */ +#define SCTP_AUTH_CHUNK SCTP_AUTH_CHUNK + SCTP_HMAC_IDENT, +#define SCTP_HMAC_IDENT SCTP_HMAC_IDENT + SCTP_AUTH_KEY, +#define SCTP_AUTH_KEY SCTP_AUTH_KEY + SCTP_AUTH_ACTIVE_KEY, +#define SCTP_AUTH_ACTIVE_KEY SCTP_AUTH_ACTIVE_KEY + SCTP_AUTH_DELETE_KEY, +#define SCTP_AUTH_DELETE_KEY SCTP_AUTH_DELETE_KEY + SCTP_PEER_AUTH_CHUNKS, /* Read only */ +#define SCTP_PEER_AUTH_CHUNKS SCTP_PEER_AUTH_CHUNKS + SCTP_LOCAL_AUTH_CHUNKS, /* Read only */ +#define SCTP_LOCAL_AUTH_CHUNKS SCTP_LOCAL_AUTH_CHUNKS + /* Internal Socket Options. Some of the sctp library functions are * implemented using these socket options. @@ -186,7 +201,7 @@ SCTP_UNORDERED = 1, /* Send/receive message unordered. */ SCTP_ADDR_OVER = 2, /* Override the primary destination. */ SCTP_ABORT=4, /* Send an ABORT message to the peer. */ - SCTP_EOF=MSG_FIN, /* Initiate graceful shutdown process. */ + SCTP_EOF=MSG_FIN, /* Initiate graceful shutdown process. */ }; @@ -375,6 +390,26 @@ enum { SCTP_PARTIAL_DELIVERY_ABORTED=0, }; /* +* 5.3.1.8. SCTP_AUTHENTICATION_EVENT +* +* When a receiver is using authentication this message will provide +* notifications regarding new keys being made active as well as errors. +*/ + +struct sctp_authkey_event { + __u16 auth_type; + __u16 auth_flags; + __u32 auth_length; + __u16 auth_keynumber; + __u16 auth_altkeynumber; + __u32 auth_indication; + sctp_assoc_t auth_assoc_id; +}; + +enum { SCTP_AUTH_NEWKEY = 0, }; + + +/* * Described in Section 7.3 * Ancillary Data and Notification Interest Options */ @@ -387,6 +422,7 @@ __u8 sctp_shutdown_event; __u8 sctp_partial_delivery_event; __u8 sctp_adaptation_layer_event; + __u8 sctp_authentication_event; }; /* @@ -409,6 +445,7 @@ struct sctp_shutdown_event sn_shutdown_event; struct sctp_adaptation_event sn_adaptation_event; struct sctp_pdapi_event sn_pdapi_event; + struct sctp_authkey_event sn_authkey_event; }; /* Section 5.3.1 @@ -425,6 +462,7 @@ SCTP_SHUTDOWN_EVENT, SCTP_PARTIAL_DELIVERY_EVENT, SCTP_ADAPTATION_INDICATION, + SCTP_AUTHENTICATION_INDICATION, }; /* Notification error codes used to fill up the error fields in some @@ -546,7 +584,61 @@ __u32 spp_flags; } __attribute__((packed, aligned(4))); -/* 7.1.24. Delayed Ack Timer (SCTP_DELAYED_ACK_TIME) +/* + * 7.1.18. Add a chunk that must be authenticated (SCTP_AUTH_CHUNK) + * + * This set option adds a chunk type that the user is requesting to be + * received only in an authenticated way. Changes to the list of chunks + * will only effect future associations on the socket. + */ +struct sctp_authchunk { + __u8 sauth_chunk; +}; + +/* + * 7.1.19. Get or set the list of supported HMAC Identifiers (SCTP_HMAC_IDENT) + * + * This option gets or sets the list of HMAC algorithms that the local + * endpoint requires the peer to use. +*/ + +enum { + SCTP_AUTH_HMAC_ID_SHA1 = 1, + SCTP_AUTH_HMAC_ID_SHA256 = 3, +}; + +struct sctp_hmacalgo { + __u32 shmac_number_of_idents; + __u16 shmac_idents[]; +}; + +/* + * 7.1.20. Set a shared key (SCTP_AUTH_KEY) + * + * This option will set a shared secret key which is used to build an + * association shared key. + */ +struct sctp_authkey { + sctp_assoc_t sca_assoc_id; + __u16 sca_keynumber; + __u16 sca_keylength; + __u8 sca_key[]; +}; + +/* + * 7.1.21. Get or set the active shared key (SCTP_AUTH_ACTIVE_KEY) + * + * This option will get or set the active shared key to be used to build + * the association shared key. + */ + +struct sctp_authkeyid { + sctp_assoc_t scact_assoc_id; + __u16 scact_keynumber; +}; + + +/* 7.1.23. Delayed Ack Timer (SCTP_DELAYED_ACK_TIME) * * This options will get or set the delayed ack timer. The time is set * in milliseconds. If the assoc_id is 0, then this sets or gets the @@ -578,6 +670,14 @@ } __attribute__((packed, aligned(4))); /* Peer addresses's state. */ +/* UNKNOWN: Peer address passed by the upper layer in sendmsg or connect[x] + * calls. + * UNCONFIRMED: Peer address received in INIT/INIT-ACK address parameters. + * Not yet confirmed by a heartbeat and not available for data + * transfers. + * ACTIVE : Peer address confirmed, active and available for data transfers. + * INACTIVE: Peer address inactive and not available for data transfers. + */ enum sctp_spinfo_state { SCTP_INACTIVE, SCTP_ACTIVE, @@ -605,6 +705,19 @@ struct sctp_paddrinfo sstat_primary; }; +/* + * 7.2.3. Get the list of chunks the peer requires to be authenticated + * (SCTP_PEER_AUTH_CHUNKS) + * + * This option gets a list of chunks for a specified association that + * the peer requires to be received authenticated only. + */ +struct sctp_authchunks { + sctp_assoc_t gauth_assoc_id; + __u32 guth_number_of_chunks; + uint8_t gauth_chunks[]; +}; + /* Association states. */ enum sctp_sstat_state { SCTP_EMPTY = 0, diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/src/lib/Makefile.am lksctp-tools-1.0.9.dfsg/src/lib/Makefile.am --- lksctp-tools-1.0.8.dfsg/src/lib/Makefile.am 2008-02-26 18:08:55.000000000 +0100 +++ lksctp-tools-1.0.9.dfsg/src/lib/Makefile.am 2008-08-05 21:23:02.000000000 +0200 @@ -9,4 +9,4 @@ lib_LTLIBRARIES = libsctp.la libsctp_la_SOURCES = bindx.c connectx.c peeloff.c opt_info.c addrs.c sendmsg.c recvmsg.c -libsctp_la_LDFLAGS = -version-info 1:8:0 +libsctp_la_LDFLAGS = -version-info 1:9:0 diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/src/lib/opt_info.c lksctp-tools-1.0.9.dfsg/src/lib/opt_info.c --- lksctp-tools-1.0.8.dfsg/src/lib/opt_info.c 2008-02-26 18:08:55.000000000 +0100 +++ lksctp-tools-1.0.9.dfsg/src/lib/opt_info.c 2008-07-16 16:14:16.000000000 +0200 @@ -50,6 +50,9 @@ case SCTP_MAXSEG: case SCTP_STATUS: case SCTP_GET_PEER_ADDR_INFO: + case SCTP_AUTH_ACTIVE_KEY: + case SCTP_PEER_AUTH_CHUNKS: + case SCTP_LOCAL_AUTH_CHUNKS: *(sctp_assoc_t *)arg = id; return getsockopt(sd, IPPROTO_SCTP, opt, arg, size); default: diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/src/testlib/Makefile.am lksctp-tools-1.0.9.dfsg/src/testlib/Makefile.am --- lksctp-tools-1.0.8.dfsg/src/testlib/Makefile.am 2008-02-26 18:08:55.000000000 +0100 +++ lksctp-tools-1.0.9.dfsg/src/testlib/Makefile.am 2008-08-05 21:22:27.000000000 +0200 @@ -9,4 +9,4 @@ noinst_LTLIBRARIES = libsctputil.la libsctputil_la_SOURCES = sctputil.c sctputil.h -libsctputil_la_LDFLAGS = -version-info 1:8:0 +libsctputil_la_LDFLAGS = -version-info 1:9:0 diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/src/withsctp/Makefile.am lksctp-tools-1.0.9.dfsg/src/withsctp/Makefile.am --- lksctp-tools-1.0.8.dfsg/src/withsctp/Makefile.am 2008-02-26 18:08:55.000000000 +0100 +++ lksctp-tools-1.0.9.dfsg/src/withsctp/Makefile.am 2008-08-05 21:22:16.000000000 +0200 @@ -14,7 +14,14 @@ pkglib_LTLIBRARIES = libwithsctp.la libwithsctp_la_SOURCES = sctp_load_libs.c sctp_socket.c sctp_bind.c \ sctp_sockopt.c sctp_socket.h -libwithsctp_la_LDFLAGS = -version-info 1:8:0 -ldl +libwithsctp_la_LDFLAGS = -version-info 1:9:0 -ldl pkgdoc_DATA = sctp_load_libs.c sctp_socket.c sctp_bind.c \ sctp_sockopt.c sctp_socket.h checksctp.c + +withsctp: withsctp.in + $(edit) $< >$@ + +EXTRA_DIST += withsctp.in + +CLEANFILES += withsctp diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/src/withsctp/withsctp.in lksctp-tools-1.0.9.dfsg/src/withsctp/withsctp.in --- lksctp-tools-1.0.8.dfsg/src/withsctp/withsctp.in 2008-02-26 18:08:55.000000000 +0100 +++ lksctp-tools-1.0.9.dfsg/src/withsctp/withsctp.in 2008-08-05 21:57:59.000000000 +0200 @@ -2,7 +2,7 @@ # -*- sh -*- [EMAIL PROTECTED]@/@PACKAGE@ [EMAIL PROTECTED]@ -export LD_PRELOAD=${LIBDIR}/libwithsctp.so.1.0.8 +export LD_PRELOAD=${LIBDIR}/libwithsctp.so.1.0.9 if ! ${BINDIR}/checksctp 2> /dev/null then ${BINDIR}/checksctp;
signature.asc
Description: OpenPGP digital signature