Hi, as it seems, 2.6.26 will be our linux kernel for lenny. The recommended version of lksctp-tools for kernel 2.6.26 is 1.0.9 (lksctp-tool is the userspace library for the in-kernel SCTP network protocol implementation). 1.0.9.dfsg-1 has been in unstable for 21 days. The package has no open bugs. The complete debdiff (without the auto* goo) is attached. (Note: the ChangeLog entries marked K: are the kernel related changes, T: are the changes in lksctp-tools). Please consider unblocking lksctp-tools 1.0.9.dfsg-1 Thanks, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/ChangeLog lksctp-tools-1.0.9.dfsg/ChangeLog
--- lksctp-tools-1.0.8.dfsg/ChangeLog 2008-02-26 18:08:55.000000000 +0100
+++ lksctp-tools-1.0.9.dfsg/ChangeLog 2008-08-05 21:19:04.000000000 +0200
@@ -1,10 +1,88 @@
-Version 2.6.24-1.0.8 of the Developers' Release of the SCTP
+Version 2.6.26-1.0.9 of the Developers' Release of the SCTP
Linux Kernel Implementation is available from
http://sf.net/projects/lksctp/
+lksctp-2.6.26-1.0.9: Sun Jul 13 14:51:29 PDT 2008
+T:Patch Make frame tests work with 2.6.26 kernel.
+T:Patch Implement and export SCTP-AUTH API extensions based on
+ sctpsocket-16 draft
+T:NA Process withsctp.in at build time
+K:Patch Add documentation for sctp sysctl variable
+K:NA Mark the tsn as received after all allocations finish
+K:NA Make sure N * sizeof(union sctp_addr) does not overflow.
+K:NA Correclty set changeover_active for SFR-CACC
+K:NA Correctly cleanup procfs entries upon failure.
+K:NA Fix ECN markings for IPv6
+K:NA Flush the queue only once during fast retransmit.
+K:NA Start T3-RTX timer when fast retransmitting lowest TSN
+K:NA Correctly implement Fast Recovery cwnd manipulations.
+K:NA Move sctp_v4_dst_saddr out of loop
+K:NA retran_path update bug fix
+K:NA Fix NULL dereference of asoc.
+K:NA Fix use of uninitialized pointer
+K:NA Add address type check while process paramaters of ASCONF chunk
+K:NA Do not enable peer IPv6 address support on PF_INET socket
+K:NA Initialize partial_bytes_acked to 0, when all of the data is acked
+K:NA IPv4 vs IPv6 addresses mess in sctp_inet[6]addr_event.
+K:NA Fix compiler warning about const qualifiers
+K:NA Fix protocol violation when receiving an error lenght INIT-ACK
+K:NA Add check for hmac_algo parameter in sctp_verify_param()
+K:Patch New sctp mailing list
+K:NA Remove an unused parameter from sctp_cmd_hb_timer_update
+K:Patch "list_for_each()" -> "list_for_each_entry()" where appropriate.
+K:NA Correct /proc/net/assocs formatting error
+K:Patch Use snmp_mib_{init,free}().
+K:Patch Remove useless assignment from __sctp_rcv_lookup_endpoint
+K:NA fix wrong debug counting of bind_bucket
+K:NA fix wrong debug counting of datamsg
+K:Patch Replace socket with sock for SCTP control socket.
+K:Patch Use inet_ctl_sock_create for control socket creation.
+K:Patch Remove sctp_add_cmd_sf wrapper bloat
+K:Patch Remove redundant wrapper functions.
+K:Patch Replace char msg[] with static const char[]
+K:NA Fix a race between module load and protosw access
+K:NA fix misannotated __sctp_rcv_asconf_lookup()
+K:NA Fix local_addr deletions during list traversals.
+K:Patch Bring MAX_BURST socket option into ietf API extension compliance
+K:NA Fix chunk parameter processing bug
+K:Patch Kill unused static inline sctp_sysctl_jiffies_ms
+K:Patch extend exported data in /proc/net/sctp/assoc
+K:Patch Use proc_create to setup de->proc_fops.
+K:Patch Update AUTH structures to match declarations in draft-16.
+K:NA Incorrect length was used in SCTP_*_AUTH_CHUNKS socket option
+K:Patch Clean up naming conventions of sctp protocol/address family
+ registration
+K:NA Correctly set the length of sctp_assoc_change notification
+K:NA Pick up an orphaned sctp_sockets_allocated counter.
+K:Patch Convert sctp_dbg_objcnt to seq files.
+K:Patch Use snmp_fold_field instead of a homebrew analogue.
+K:NA Make sure the chunk is off the transmitted list prior to freeing.
+K:NA Fix kernel panic while received ASCONF chunk with bad serial
+ number
+K:NA Set ports in every address returned by sctp_getladdrs()
+K:NA Correctly reap SSNs when processing FORWARD_TSN chunk
+K:NA Fix kernel panic while received AUTH chunk with BAD shared key
+ identifier
+K:NA Fix kernel panic while received AUTH chunk while enabled auth
+K:Patch Kill silly inlines in ulpqueue.c
+K:NA Do not increase rwnd when reading partial notification.
+K:Patch Stop claiming that this is a "reference implementation"
+K:NA Fix miss of report unrecognized HMAC Algorithm parameter
+K:NA Correctly initialize error when parameter validation failed.
+K:Patch Follow Add-IP security consideratiosn wrt INIT/INIT-ACK
+K:Patch Implement ADD-IP special case processing for ABORT chunk
+K:Patch Change use_as_src into a full address state
+K:Patch Update ASCONF processing to conform to spec.
+K:Patch ADD-IP updates the states where ASCONFs can be sent
+K:Patch Update association lookup to look at ASCONF chunks as well
+K:Patch Add the handling of "Set Primary IP Address" parameter to INIT
+K:Patch Handle the wildcard ADD-IP Address parameter
+K:Patch Discard unauthenticated ASCONF and ASCONF ACK chunks
+K:Patch Use crc32c library for checksum calculations.
+K:Patch Use ipv4_is_<type>
-lksctp-2.6.24-1.0.5: Fri Feb 01 14:55:00 EST 2008
+lksctp-2.6.24-1.0.8: Fri Feb 01 14:55:00 EST 2008
K:NA Add back the code that accounted for FORWARD_TSN parameter in
INIT.
K:NA Correctly handle AUTH parameters in unexpected INIT
diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/debian/changelog lksctp-tools-1.0.9.dfsg/debian/changelog
--- lksctp-tools-1.0.8.dfsg/debian/changelog 2008-09-01 01:56:58.000000000 +0200
+++ lksctp-tools-1.0.9.dfsg/debian/changelog 2008-09-01 01:56:58.000000000 +0200
@@ -1,3 +1,12 @@
+lksctp-tools (1.0.9.dfsg-1) unstable; urgency=low
+
+ * New upstream release.
+ * Repacked upstream tarball to remove non-free documentation in doc/*.
+ * debian/control
+ - Bump Standards-Version to 3.8.0. No further changes.
+
+ -- Michael Biebl <biebl@debian.org> Sun, 10 Aug 2008 01:46:41 +0200
+
lksctp-tools (1.0.8.dfsg-2) unstable; urgency=low
* Add symbols file for libsctp1.
diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/debian/control lksctp-tools-1.0.9.dfsg/debian/control
--- lksctp-tools-1.0.8.dfsg/debian/control 2008-09-01 01:56:58.000000000 +0200
+++ lksctp-tools-1.0.9.dfsg/debian/control 2008-09-01 01:56:58.000000000 +0200
@@ -3,7 +3,7 @@
Priority: optional
Maintainer: Michael Biebl <biebl@debian.org>
Build-Depends: cdbs, debhelper (>= 5.0.0), autotools-dev
-Standards-Version: 3.7.3
+Standards-Version: 3.8.0
Homepage: http://lksctp.sf.net/
Package: libsctp1
diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/lksctp-tools.spec.in lksctp-tools-1.0.9.dfsg/lksctp-tools.spec.in
--- lksctp-tools-1.0.8.dfsg/lksctp-tools.spec.in 2008-02-26 18:08:55.000000000 +0100
+++ lksctp-tools-1.0.9.dfsg/lksctp-tools.spec.in 2008-08-05 21:21:44.000000000 +0200
@@ -4,7 +4,7 @@
# Author : Francois-Xavier Kowalski
# Created On : Sat Jan 10 14:53:53 2004
# Last Modified By: Vlad Yasevich
-# Last Modified On: Fri Feb 1 14:09:04 2008
+# Last Modified On: Tue Aug 5 15:19:59 EDT 2008
#
# (c) Copyright Hewlett-Packard Company 2004
# (C) Copyright IBM Corp. 2004
@@ -25,7 +25,7 @@
# Free Software Foundation, Inc., 675 Mass Ave, Cambridge,
# MA 02139, USA.
-%define kernel_version 2.6.24
+%define kernel_version 2.6.26
%define kernel_extraflags
%define lksctp_version @VERSION@
@@ -129,6 +129,9 @@
%doc doc/*.txt
%changelog
+* Sun Jun 13 2008 Vlad Yasevich <vladislav.yasevich@hp.com> 1.0.9-1
+- 1.0.9 Release
+
* Fri Feb 01 2008 Vlad Yasevich <vladislav.yasevich@hp.com> 1.0.8-1
- 1.0.8 Release
diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/Makefile.rules lksctp-tools-1.0.9.dfsg/Makefile.rules
--- lksctp-tools-1.0.8.dfsg/Makefile.rules 2008-02-26 18:08:55.000000000 +0100
+++ lksctp-tools-1.0.9.dfsg/Makefile.rules 2008-07-16 16:14:16.000000000 +0200
@@ -11,3 +11,8 @@
## FIXME: Your stuff here
+
+edit = @sed \
+ -e "s|\@bindir\@|$(bindir)|" \
+ -e "s|\@libdir\@|$(libdir)|" \
+ -e "s|\@PACKAGE\@|$(PACKAGE)|"
diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/src/include/netinet/sctp.h lksctp-tools-1.0.9.dfsg/src/include/netinet/sctp.h
--- lksctp-tools-1.0.8.dfsg/src/include/netinet/sctp.h 2008-02-26 18:08:55.000000000 +0100
+++ lksctp-tools-1.0.9.dfsg/src/include/netinet/sctp.h 2008-07-16 16:14:16.000000000 +0200
@@ -105,6 +105,21 @@
#define SCTP_PARTIAL_DELIVERY_POINT SCTP_PARTIAL_DELIVERY_POINT
SCTP_MAX_BURST, /* Set/Get max burst */
#define SCTP_MAX_BURST SCTP_MAX_BURST
+ SCTP_AUTH_CHUNK, /* Set only: add a chunk type to authenticat */
+#define SCTP_AUTH_CHUNK SCTP_AUTH_CHUNK
+ SCTP_HMAC_IDENT,
+#define SCTP_HMAC_IDENT SCTP_HMAC_IDENT
+ SCTP_AUTH_KEY,
+#define SCTP_AUTH_KEY SCTP_AUTH_KEY
+ SCTP_AUTH_ACTIVE_KEY,
+#define SCTP_AUTH_ACTIVE_KEY SCTP_AUTH_ACTIVE_KEY
+ SCTP_AUTH_DELETE_KEY,
+#define SCTP_AUTH_DELETE_KEY SCTP_AUTH_DELETE_KEY
+ SCTP_PEER_AUTH_CHUNKS, /* Read only */
+#define SCTP_PEER_AUTH_CHUNKS SCTP_PEER_AUTH_CHUNKS
+ SCTP_LOCAL_AUTH_CHUNKS, /* Read only */
+#define SCTP_LOCAL_AUTH_CHUNKS SCTP_LOCAL_AUTH_CHUNKS
+
/* Internal Socket Options. Some of the sctp library functions are
* implemented using these socket options.
@@ -186,7 +201,7 @@
SCTP_UNORDERED = 1, /* Send/receive message unordered. */
SCTP_ADDR_OVER = 2, /* Override the primary destination. */
SCTP_ABORT=4, /* Send an ABORT message to the peer. */
- SCTP_EOF=MSG_FIN, /* Initiate graceful shutdown process. */
+ SCTP_EOF=MSG_FIN, /* Initiate graceful shutdown process. */
};
@@ -375,6 +390,26 @@
enum { SCTP_PARTIAL_DELIVERY_ABORTED=0, };
/*
+* 5.3.1.8. SCTP_AUTHENTICATION_EVENT
+*
+* When a receiver is using authentication this message will provide
+* notifications regarding new keys being made active as well as errors.
+*/
+
+struct sctp_authkey_event {
+ __u16 auth_type;
+ __u16 auth_flags;
+ __u32 auth_length;
+ __u16 auth_keynumber;
+ __u16 auth_altkeynumber;
+ __u32 auth_indication;
+ sctp_assoc_t auth_assoc_id;
+};
+
+enum { SCTP_AUTH_NEWKEY = 0, };
+
+
+/*
* Described in Section 7.3
* Ancillary Data and Notification Interest Options
*/
@@ -387,6 +422,7 @@
__u8 sctp_shutdown_event;
__u8 sctp_partial_delivery_event;
__u8 sctp_adaptation_layer_event;
+ __u8 sctp_authentication_event;
};
/*
@@ -409,6 +445,7 @@
struct sctp_shutdown_event sn_shutdown_event;
struct sctp_adaptation_event sn_adaptation_event;
struct sctp_pdapi_event sn_pdapi_event;
+ struct sctp_authkey_event sn_authkey_event;
};
/* Section 5.3.1
@@ -425,6 +462,7 @@
SCTP_SHUTDOWN_EVENT,
SCTP_PARTIAL_DELIVERY_EVENT,
SCTP_ADAPTATION_INDICATION,
+ SCTP_AUTHENTICATION_INDICATION,
};
/* Notification error codes used to fill up the error fields in some
@@ -546,7 +584,61 @@
__u32 spp_flags;
} __attribute__((packed, aligned(4)));
-/* 7.1.24. Delayed Ack Timer (SCTP_DELAYED_ACK_TIME)
+/*
+ * 7.1.18. Add a chunk that must be authenticated (SCTP_AUTH_CHUNK)
+ *
+ * This set option adds a chunk type that the user is requesting to be
+ * received only in an authenticated way. Changes to the list of chunks
+ * will only effect future associations on the socket.
+ */
+struct sctp_authchunk {
+ __u8 sauth_chunk;
+};
+
+/*
+ * 7.1.19. Get or set the list of supported HMAC Identifiers (SCTP_HMAC_IDENT)
+ *
+ * This option gets or sets the list of HMAC algorithms that the local
+ * endpoint requires the peer to use.
+*/
+
+enum {
+ SCTP_AUTH_HMAC_ID_SHA1 = 1,
+ SCTP_AUTH_HMAC_ID_SHA256 = 3,
+};
+
+struct sctp_hmacalgo {
+ __u32 shmac_number_of_idents;
+ __u16 shmac_idents[];
+};
+
+/*
+ * 7.1.20. Set a shared key (SCTP_AUTH_KEY)
+ *
+ * This option will set a shared secret key which is used to build an
+ * association shared key.
+ */
+struct sctp_authkey {
+ sctp_assoc_t sca_assoc_id;
+ __u16 sca_keynumber;
+ __u16 sca_keylength;
+ __u8 sca_key[];
+};
+
+/*
+ * 7.1.21. Get or set the active shared key (SCTP_AUTH_ACTIVE_KEY)
+ *
+ * This option will get or set the active shared key to be used to build
+ * the association shared key.
+ */
+
+struct sctp_authkeyid {
+ sctp_assoc_t scact_assoc_id;
+ __u16 scact_keynumber;
+};
+
+
+/* 7.1.23. Delayed Ack Timer (SCTP_DELAYED_ACK_TIME)
*
* This options will get or set the delayed ack timer. The time is set
* in milliseconds. If the assoc_id is 0, then this sets or gets the
@@ -578,6 +670,14 @@
} __attribute__((packed, aligned(4)));
/* Peer addresses's state. */
+/* UNKNOWN: Peer address passed by the upper layer in sendmsg or connect[x]
+ * calls.
+ * UNCONFIRMED: Peer address received in INIT/INIT-ACK address parameters.
+ * Not yet confirmed by a heartbeat and not available for data
+ * transfers.
+ * ACTIVE : Peer address confirmed, active and available for data transfers.
+ * INACTIVE: Peer address inactive and not available for data transfers.
+ */
enum sctp_spinfo_state {
SCTP_INACTIVE,
SCTP_ACTIVE,
@@ -605,6 +705,19 @@
struct sctp_paddrinfo sstat_primary;
};
+/*
+ * 7.2.3. Get the list of chunks the peer requires to be authenticated
+ * (SCTP_PEER_AUTH_CHUNKS)
+ *
+ * This option gets a list of chunks for a specified association that
+ * the peer requires to be received authenticated only.
+ */
+struct sctp_authchunks {
+ sctp_assoc_t gauth_assoc_id;
+ __u32 guth_number_of_chunks;
+ uint8_t gauth_chunks[];
+};
+
/* Association states. */
enum sctp_sstat_state {
SCTP_EMPTY = 0,
diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/src/lib/Makefile.am lksctp-tools-1.0.9.dfsg/src/lib/Makefile.am
--- lksctp-tools-1.0.8.dfsg/src/lib/Makefile.am 2008-02-26 18:08:55.000000000 +0100
+++ lksctp-tools-1.0.9.dfsg/src/lib/Makefile.am 2008-08-05 21:23:02.000000000 +0200
@@ -9,4 +9,4 @@
lib_LTLIBRARIES = libsctp.la
libsctp_la_SOURCES = bindx.c connectx.c peeloff.c opt_info.c addrs.c sendmsg.c recvmsg.c
-libsctp_la_LDFLAGS = -version-info 1:8:0
+libsctp_la_LDFLAGS = -version-info 1:9:0
diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/src/lib/opt_info.c lksctp-tools-1.0.9.dfsg/src/lib/opt_info.c
--- lksctp-tools-1.0.8.dfsg/src/lib/opt_info.c 2008-02-26 18:08:55.000000000 +0100
+++ lksctp-tools-1.0.9.dfsg/src/lib/opt_info.c 2008-07-16 16:14:16.000000000 +0200
@@ -50,6 +50,9 @@
case SCTP_MAXSEG:
case SCTP_STATUS:
case SCTP_GET_PEER_ADDR_INFO:
+ case SCTP_AUTH_ACTIVE_KEY:
+ case SCTP_PEER_AUTH_CHUNKS:
+ case SCTP_LOCAL_AUTH_CHUNKS:
*(sctp_assoc_t *)arg = id;
return getsockopt(sd, IPPROTO_SCTP, opt, arg, size);
default:
diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/src/testlib/Makefile.am lksctp-tools-1.0.9.dfsg/src/testlib/Makefile.am
--- lksctp-tools-1.0.8.dfsg/src/testlib/Makefile.am 2008-02-26 18:08:55.000000000 +0100
+++ lksctp-tools-1.0.9.dfsg/src/testlib/Makefile.am 2008-08-05 21:22:27.000000000 +0200
@@ -9,4 +9,4 @@
noinst_LTLIBRARIES = libsctputil.la
libsctputil_la_SOURCES = sctputil.c sctputil.h
-libsctputil_la_LDFLAGS = -version-info 1:8:0
+libsctputil_la_LDFLAGS = -version-info 1:9:0
diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/src/withsctp/Makefile.am lksctp-tools-1.0.9.dfsg/src/withsctp/Makefile.am
--- lksctp-tools-1.0.8.dfsg/src/withsctp/Makefile.am 2008-02-26 18:08:55.000000000 +0100
+++ lksctp-tools-1.0.9.dfsg/src/withsctp/Makefile.am 2008-08-05 21:22:16.000000000 +0200
@@ -14,7 +14,14 @@
pkglib_LTLIBRARIES = libwithsctp.la
libwithsctp_la_SOURCES = sctp_load_libs.c sctp_socket.c sctp_bind.c \
sctp_sockopt.c sctp_socket.h
-libwithsctp_la_LDFLAGS = -version-info 1:8:0 -ldl
+libwithsctp_la_LDFLAGS = -version-info 1:9:0 -ldl
pkgdoc_DATA = sctp_load_libs.c sctp_socket.c sctp_bind.c \
sctp_sockopt.c sctp_socket.h checksctp.c
+
+withsctp: withsctp.in
+ $(edit) $< >$@
+
+EXTRA_DIST += withsctp.in
+
+CLEANFILES += withsctp
diff -Nru --exclude Makefile.in --exclude 'configure*' --exclude bin --exclude aclocal.m4 lksctp-tools-1.0.8.dfsg/src/withsctp/withsctp.in lksctp-tools-1.0.9.dfsg/src/withsctp/withsctp.in
--- lksctp-tools-1.0.8.dfsg/src/withsctp/withsctp.in 2008-02-26 18:08:55.000000000 +0100
+++ lksctp-tools-1.0.9.dfsg/src/withsctp/withsctp.in 2008-08-05 21:57:59.000000000 +0200
@@ -2,7 +2,7 @@
# -*- sh -*-
LIBDIR=@libdir@/@PACKAGE@
BINDIR=@bindir@
-export LD_PRELOAD=${LIBDIR}/libwithsctp.so.1.0.8
+export LD_PRELOAD=${LIBDIR}/libwithsctp.so.1.0.9
if ! ${BINDIR}/checksctp 2> /dev/null
then
${BINDIR}/checksctp;
Attachment:
signature.asc
Description: OpenPGP digital signature