extensions: call send_reset with xtables state socket

Reported-by: Minqiang Chen <ptpt52@gmail.com>

extensions/xt_DELUDE.c

@@ -25,8 +25,8 @@
 #include "compat_xtables.h"
 #define PFX KBUILD_MODNAME ": "
 
-static void delude_send_reset(struct net *net, struct sk_buff *oldskb,
-    unsigned int hook)
+static void delude_send_reset(struct net *net, struct sock *sk,
+    struct sk_buff *oldskb, unsigned int hook)
 {
 	struct tcphdr _otcph, *tcph;
 	const struct tcphdr *oth;
@@ -121,7 +121,7 @@ static void delude_send_reset(struct net *net, struct sk_buff *oldskb,
 
 	/* ip_route_me_harder expects skb->dst to be set */
 	skb_dst_set(nskb, dst_clone(skb_dst(oldskb)));
-	if (ip_route_me_harder(net, nskb->sk, nskb, addr_type))
+	if (ip_route_me_harder(net, sk, nskb, addr_type))
 		goto free_nskb;
 	else
 		niph = ip_hdr(nskb);
@@ -150,7 +150,7 @@ delude_tg(struct sk_buff *skb, const struct xt_action_param *par)
 	 * a problem, as that is supported since Linux 2.6.35. But since we do not
 	 * actually want to have a connection open, we are still going to drop it.
 	 */
-	delude_send_reset(par_net(par), skb, par->state->hook);
+	delude_send_reset(par_net(par), par->state->sk, skb, par->state->hook);
 	return NF_DROP;
 }
 

extensions/xt_ECHO.c

@@ -113,7 +113,7 @@ echo_tg6(struct sk_buff *oldskb, const struct xt_action_param *par)
 		goto free_nskb;
 
 	nf_ct_attach(newskb, oldskb);
-	ip6_local_out(par_net(par), newskb->sk, newskb);
+	ip6_local_out(par_net(par), par->state->sk, newskb);
 	return NF_DROP;
 
  free_nskb:
@@ -191,7 +191,8 @@ echo_tg4(struct sk_buff *oldskb, const struct xt_action_param *par)
 
 	/* ip_route_me_harder expects the skb's dst to be set */
 	skb_dst_set(newskb, dst_clone(skb_dst(oldskb)));
-	if (ip_route_me_harder(par_net(par), newskb->sk, newskb, RTN_UNSPEC) != 0)
+	if (ip_route_me_harder(par_net(par), par->state->sk, newskb,
+	    RTN_UNSPEC) != 0)
 		goto free_nskb;
 
 	newip->ttl = ip4_dst_hoplimit(skb_dst(newskb));

extensions/xt_TARPIT.c

@@ -170,8 +170,8 @@ static bool tarpit_generic(struct tcphdr *tcph, const struct tcphdr *oth,
 	return true;
 }
 
-static void tarpit_tcp4(struct net *net, struct sk_buff *oldskb,
-    unsigned int hook, unsigned int mode)
+static void tarpit_tcp4(struct net *net, struct sock *sk,
+    struct sk_buff *oldskb, unsigned int hook, unsigned int mode)
 {
 	struct tcphdr _otcph, *tcph;
 	const struct tcphdr *oth;
@@ -265,7 +265,7 @@ static void tarpit_tcp4(struct net *net, struct sk_buff *oldskb,
 #endif
 		addr_type = RTN_LOCAL;
 
-	if (ip_route_me_harder(net, nskb->sk, nskb, addr_type))
+	if (ip_route_me_harder(net, sk, nskb, addr_type) != 0)
 		goto free_nskb;
 	else
 		niph = ip_hdr(nskb);
@@ -296,8 +296,8 @@ static void tarpit_tcp4(struct net *net, struct sk_buff *oldskb,
 }
 
 #ifdef WITH_IPV6
-static void tarpit_tcp6(struct net *net, struct sk_buff *oldskb,
-    unsigned int hook, unsigned int mode)
+static void tarpit_tcp6(struct net *net, struct sock *sock,
+    struct sk_buff *oldskb, unsigned int hook, unsigned int mode)
 {
 	struct sk_buff *nskb;
 	struct tcphdr *tcph, oth;
@@ -443,7 +443,8 @@ tarpit_tg4(struct sk_buff *skb, const struct xt_action_param *par)
 	/* We are not interested in fragments */
 	if (iph->frag_off & htons(IP_OFFSET))
 		return NF_DROP;
-	tarpit_tcp4(par_net(par), skb, par->state->hook, info->variant);
+	tarpit_tcp4(par_net(par), par->state->sk, skb, par->state->hook,
+	            info->variant);
 	return NF_DROP;
 }
 
@@ -484,7 +485,8 @@ tarpit_tg6(struct sk_buff *skb, const struct xt_action_param *par)
 		pr_debug("addr is not unicast.\n");
 		return NF_DROP;
 	}
-	tarpit_tcp6(par_net(par), skb, par->state->hook, info->variant);
+	tarpit_tcp6(par_net(par), par->state->sk, skb, par->state->hook,
+	            info->variant);
 	return NF_DROP;
 }
 #endif