User should not use ppp_connect or ppp_listen return value to retry
later, it must wait for the callback to be called. This is primarily
done this way to have a consistent behavior with and without the
holdoff feature.
Remove returned error value from PPP link level API connect and listen
callbacks because we are not using them anymore, then make ppp_connect
or ppp_listen to always return ERR_OK, thus we are not breaking the PPP
user API.
We don't need the return code here, all PPP link level drivers can't
fail at all (e.g. PPPoS) or retry if necessary (PPPoE and PPPoL2TP).
This patch adds full support for IPv6 address scopes, thereby aiming
to be compliant with IPv6 standards in general and RFC 4007 in
particular. The high-level summary is that link-local addresses are
now meaningful only in the context of their own link, guaranteeing
full isolation between links (and their addresses) in this respect.
This isolation even allows multiple interfaces to have the same
link-local addresses locally assigned.
The implementation achieves this by extending the lwIP IPv6 address
structure with a zone field that, for addresses that have a scope,
carries the scope's zone in which that address has meaning. The zone
maps to one or more interfaces. By default, lwIP uses a policy that
provides a 1:1 mapping between links and interfaces, and considers
all other addresses unscoped, corresponding to the default policy
sketched in RFC 4007 Sec. 6. The implementation allows for replacing
the default policy with a custom policy if desired, though.
The lwIP core implementation has been changed to provide somewhat of
a balance between correctness and efficiency on on side, and backward
compatibility on the other. In particular, while the application would
ideally always provide a zone for a scoped address, putting this in as
a requirement would likely break many applications. Instead, the API
accepts both "properly zoned" IPv6 addresses and addresses that, while
scoped, "lack" a zone. lwIP will try to add a zone as soon as possible
for efficiency reasons, in particular from TCP/UDP/RAW PCB bind and
connect calls, but this may fail, and sendto calls may bypass that
anyway. Ultimately, a zone is always added when an IP packet is sent
when needed, because the link-layer lwIP code (and ND6 in particualar)
requires that all addresses be properly zoned for correctness: for
example, to provide isolation between links in the ND6 destination
cache. All this applies to packet output only, because on packet
input, all scoped addresses will be given a zone automatically.
It is also worth remarking that on output, no attempt is made to stop
outgoing packets with addresses for a zone not matching the outgoing
interface. However, unless the application explicitly provides
addresses that will result in such zone violations, the core API
implementation (and the IPv6 routing algorithm in particular) itself
will never take decisions that result in zone violations itself.
This patch adds a new header file, ip6_zone.h, which contains comments
that explain several implementation aspects in a bit more detail.
For now, it is possible to disable scope support by changing the new
LWIP_IPV6_SCOPES configuration option. For users of the core API, it
is important to note that scoped addresses that are locally assigned
to a netif must always have a zone set; the standard netif address
assignment functions always do this on behalf of the caller, though.
Also, core API users will want to enable LWIP_IPV6_SCOPES_DEBUG at
least initially when upgrading, to ensure that all addresses are
properly initialized.
netif_ip6_addr_set_state() relies on being able to access the old
address on invalidation, for example in order to invalidate PCBs
and leave the correct solicited-node MLD group.
Eliminate ETHADDR32_COPY macro - it cannot be used in ETH_PAD_SIZE case. I could have kept it by defining it to ETHADDR16_COPY in case of ETH_PAD_SIZE, but I did not consider it worth another #ifdef mess.
Previously, ethip6 and lowpan6 each had their own copy of code that
used internal nd6 data structures to decide whether to send a packet
on the local link right away, or queue it while nd6 performed local
address resolution. This patch moves that code into nd6, thereby
eliminating all remaining cases of external access to internal nd6
data structures, as well as the need to expose two specific nd6
functions.
As a side effect, the patch effectively fixes two bugs in the lowpan6
code that were already fixed in the ethip6 code.
ppp/utils.c: In function 'ppp_vslprintf':
ppp/utils.c:251:12: error: cast from pointer to integer of different size [-Werror=pointer-to-int-cast]
val = (unsigned long) va_arg(args, void *);
^
This is because a void* type is casted into an unsigned long type,
which obviously isn't correct on LLP64 systems such as Windows.
Actually, we are not using %p, thus we remove %p support completely
instead of trying to fix the issue in unused code.
Art says:
pppos_input() can call ppp_input() which can call pppos_disconnect() to
disconnect the interface. However, it will continue to read in
characters and allocate a pbuf from the PBUF_POOL and keep it in
pppos->in_head and in_tail. When a re-connect happens and pppos_connect()
is called, this pppos->in_head and in_tail are zeroed, hence a memory
leak. (This happens with PPP_INPROC_IRQ_SAFE not defined.)
A fix would be inside pppos_input() to break out of the loop inputting
characters after calling ppp_input() if pppos->open == 0. Note that
the loop is not even entered if pppos->open == 0.
ppp_input(ppp, inp);
if(pppos->open == 0) //get out if they disconnected
break;
Fix it in a similar way which doesn't add new code by moving the
existing pppos->open check inside the byte loop.
This is done in the pppd upstream and was disabled because we don't have
the allowed addresses list required for the auth_ip_addr function.
This is mostly necessary for PPP in server mode to prevent the peer to
use the IP address it wants instead of the one we want, which is
currently allowed.
Rewrite auth_ip_addr in a simple way where we forbid PPP peer to use
loopback net, a multicast address or a reserved class address. Added
to that we consider that PPP in server mode with peer required to
authenticate must provide the peer IP address, reject any IP address
wanted by peer different than the one we wanted. This is actually
an allowed addresses "list" of one entry that follows what is done
in the unused auth_ip_addr function.
Commit 7df5496e7b revealed a regression introduced in commit 5a71509353
which broke IPCP reset state.
ask_for_local was set to 0 if ouraddr initial value is 0, if
ask_for_local was false go->ouraddr was cleared in reset callback,
commit 5a71509353 breaks it by removing this clearing. This regression
was silent because the whole ppp pcb runtime data was cleared before
reconnecting until commit 7df5496e7b which removed this giant clearing.
Fix it by reintroducing ask_for_local boolean value, with proper initial
value following what unused function ip_check_options do.
Fixes: 7df5496e7b ("PPP, rework initial/reconnect cleanup")
Fixes: 5a71509353 ("PPP, CORE, IPCP: removed useless ask_for_local boolean")
Let lwip use functions/macros prefixed by lwip_ internally to avoid naming clashes with external #includes.
Remove over-complicated #define handling in def.h
Make functions easier to override in cc.h. The following is sufficient now (no more LWIP_PLATFORM_BYTESWAP):
#define lwip_htons(x) <your_htons>
#define lwip_htonl(x) <your_htonl>
Change macro signature to be universal: netif, pbuf, src, dst, eth_type - whatever the user needs to decide about VLAN header.
Return value <0 means "no VLAN header", 0 <= return_value <= 0xFFFF -> value is prio_vid of header.
Clean up ethernet_output function to be more readable.
Fix below build errors:
In file included from ../../../../../lwip/src/include/netif/ppp/ppp_opts.h:31:0,
from ../../../../../lwip/src/netif/ppp/pppoe.c:71:
../../../../../lwip/src/netif/ppp/pppoe.c: In function ‘pppoe_timeout’:
../../../../../lwip/src/netif/ppp/pppoe.c:861:30: error: ‘ethbroadcast’ undeclared (first use in this function)
MEMCPY(&sc->sc_dest, ethbroadcast.addr, sizeof(sc->sc_dest));
^
../../../../../lwip/src/include/lwip/opt.h:137:52: note: in definition of macro ‘MEMCPY’
#define MEMCPY(dst,src,len) memcpy(dst,src,len)
^
../../../../../lwip/src/netif/ppp/pppoe.c:861:30: note: each undeclared identifier is reported only once for each function it appears in
MEMCPY(&sc->sc_dest, ethbroadcast.addr, sizeof(sc->sc_dest));
^
../../../../../lwip/src/include/lwip/opt.h:137:52: note: in definition of macro ‘MEMCPY’
#define MEMCPY(dst,src,len) memcpy(dst,src,len)
^
../../../../../lwip/src/netif/ppp/pppoe.c: In function ‘pppoe_connect’:
../../../../../lwip/src/netif/ppp/pppoe.c:899:24: error: ‘ethbroadcast’ undeclared (first use in this function)
MEMCPY(&sc->sc_dest, ethbroadcast.addr, sizeof(sc->sc_dest));
^
../../../../../lwip/src/include/lwip/opt.h:137:52: note: in definition of macro ‘MEMCPY’
#define MEMCPY(dst,src,len) memcpy(dst,src,len)
^
../../Common.mk:94: recipe for target 'pppoe.o' failed
make: *** [pppoe.o] Error 1
Fixes: 8eb9db18a2d9 ("Reduce usage of netif/ethernet.h header, mostly lwip/prot/ethernet.h is sufficient")
Signed-off-by: Axel Lin <axel.lin@ingics.com>
Signed-off-by: goldsimon <goldsimon@gmx.de>
The check for link up was missing, meaning valid LCP echo request/reply
packets are filtered whatever the PPP state is, despite what the comment
says.
Fix it by checking the PPP state as we would like to have done when it
was written.
VJ packets, Compressed packets, IPv4 and IPv6 packets are useless in
the PPP packet dump. We properly filtered IPv4 and IPv6 packets but
we forgot filtering VJ and Compressed packets.
Improve the filtering rule to filter packets which are not auth
protocol (< 0xC000) and which are not control protocol (0x8000 bit
not set).
