0d0863b020
Recently I posted commit 3c68198e75
which made selection of the cookie hmac
algorithm selectable. This is all well and good, but Linus noted that it
changes the default config:
http://marc.info/?l=linux-netdev&m=135536629004808&w=2
I've modified the sctp Kconfig file to reflect the recommended way of making
this choice, using the thermal driver example specified, and brought the
defaults back into line with the way they were prior to my origional patch
Also, on Linus' suggestion, re-adding ability to select default 'none' hmac
algorithm, so we don't needlessly bloat the kernel by forcing a non-none
default. This also led me to note that we won't honor the default none
condition properly because of how sctp_net_init is encoded. Fix that up as
well.
Tested by myself (allbeit fairly quickly). All configuration combinations seems
to work soundly.
Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
CC: David Miller <davem@davemloft.net>
CC: Linus Torvalds <torvalds@linux-foundation.org>
CC: Vlad Yasevich <vyasevich@gmail.com>
CC: linux-sctp@vger.kernel.org
Signed-off-by: David S. Miller <davem@davemloft.net>
110 lines
3.3 KiB
Text
110 lines
3.3 KiB
Text
#
|
|
# SCTP configuration
|
|
#
|
|
|
|
menuconfig IP_SCTP
|
|
tristate "The SCTP Protocol (EXPERIMENTAL)"
|
|
depends on INET && EXPERIMENTAL
|
|
depends on IPV6 || IPV6=n
|
|
select CRYPTO
|
|
select CRYPTO_HMAC
|
|
select CRYPTO_SHA1
|
|
select LIBCRC32C
|
|
---help---
|
|
Stream Control Transmission Protocol
|
|
|
|
From RFC 2960 <http://www.ietf.org/rfc/rfc2960.txt>.
|
|
|
|
"SCTP is a reliable transport protocol operating on top of a
|
|
connectionless packet network such as IP. It offers the following
|
|
services to its users:
|
|
|
|
-- acknowledged error-free non-duplicated transfer of user data,
|
|
-- data fragmentation to conform to discovered path MTU size,
|
|
-- sequenced delivery of user messages within multiple streams,
|
|
with an option for order-of-arrival delivery of individual user
|
|
messages,
|
|
-- optional bundling of multiple user messages into a single SCTP
|
|
packet, and
|
|
-- network-level fault tolerance through supporting of multi-
|
|
homing at either or both ends of an association."
|
|
|
|
To compile this protocol support as a module, choose M here: the
|
|
module will be called sctp.
|
|
|
|
If in doubt, say N.
|
|
|
|
if IP_SCTP
|
|
|
|
config NET_SCTPPROBE
|
|
tristate "SCTP: Association probing"
|
|
depends on PROC_FS && KPROBES
|
|
---help---
|
|
This module allows for capturing the changes to SCTP association
|
|
state in response to incoming packets. It is used for debugging
|
|
SCTP congestion control algorithms. If you don't understand
|
|
what was just said, you don't need it: say N.
|
|
|
|
To compile this code as a module, choose M here: the
|
|
module will be called sctp_probe.
|
|
|
|
config SCTP_DBG_MSG
|
|
bool "SCTP: Debug messages"
|
|
help
|
|
If you say Y, this will enable verbose debugging messages.
|
|
|
|
If unsure, say N. However, if you are running into problems, use
|
|
this option to gather detailed trace information
|
|
|
|
config SCTP_DBG_OBJCNT
|
|
bool "SCTP: Debug object counts"
|
|
depends on PROC_FS
|
|
help
|
|
If you say Y, this will enable debugging support for counting the
|
|
type of objects that are currently allocated. This is useful for
|
|
identifying memory leaks. This debug information can be viewed by
|
|
'cat /proc/net/sctp/sctp_dbg_objcnt'
|
|
|
|
If unsure, say N
|
|
choice
|
|
prompt "Default SCTP cookie HMAC encoding"
|
|
default SCTP_COOKIE_HMAC_MD5
|
|
help
|
|
This option sets the default sctp cookie hmac algorithm
|
|
when in doubt select 'md5'
|
|
|
|
config SCTP_DEFAULT_COOKIE_HMAC_MD5
|
|
bool "Enable optional MD5 hmac cookie generation"
|
|
help
|
|
Enable optional MD5 hmac based SCTP cookie generation
|
|
select SCTP_COOKIE_HMAC_MD5
|
|
|
|
config SCTP_DEFAULT_COOKIE_HMAC_SHA1
|
|
bool "Enable optional SHA1 hmac cookie generation"
|
|
help
|
|
Enable optional SHA1 hmac based SCTP cookie generation
|
|
select SCTP_COOKIE_HMAC_SHA1
|
|
|
|
config SCTP_DEFAULT_COOKIE_HMAC_NONE
|
|
bool "Use no hmac alg in SCTP cookie generation"
|
|
help
|
|
Use no hmac algorithm in SCTP cookie generation
|
|
|
|
endchoice
|
|
|
|
config SCTP_COOKIE_HMAC_MD5
|
|
bool "Enable optional MD5 hmac cookie generation"
|
|
help
|
|
Enable optional MD5 hmac based SCTP cookie generation
|
|
select CRYPTO_HMAC if SCTP_COOKIE_HMAC_MD5
|
|
select CRYPTO_MD5 if SCTP_COOKIE_HMAC_MD5
|
|
|
|
config SCTP_COOKIE_HMAC_SHA1
|
|
bool "Enable optional SHA1 hmac cookie generation"
|
|
help
|
|
Enable optional SHA1 hmac based SCTP cookie generation
|
|
select CRYPTO_HMAC if SCTP_COOKIE_HMAC_SHA1
|
|
select CRYPTO_SHA1 if SCTP_COOKIE_HMAC_SHA1
|
|
|
|
|
|
endif # IP_SCTP
|