[OpenAFS-devel] More checksumming in rx?

Harald Barth haba@kth.se
Tue, 10 Dec 2019 10:47:06 +0100 (CET)


If I read ./src/rxkad/crypt_conn.c  correct, checksumming was never turned on.

    /* Do this if packet checksums are ever enabled (below), but
     * current version just passes zero
     afs_int32 cksum;
     cksum = ntohl(rx_GetInt32(packet, 1));
     */

    /*
     * afs_int32 cksum;
     * cksum = htonl(0);
     * * Future option to add cksum here, but for now we just put 0
     */

I wonder what prevented to do more here and why there is a comment
"we just put 0" when there is not even that.

Someone please enlighten me as rx is not quite my bag ;-)

This was all triggered by a broken network adapter which did put out
broken UDP packets including matching (broken) UDP checksum which then
results in file corruption both in the cleartext (single letter
changes, for example "the" mutates to "tha") and the crypt case where
there will be some binary crap (128 bytes?) replacing the real content
of the file. I'd rather have something on the rx level to prevent this
happening, so what can be done?

Cheers,
Harald.