This patch adds full support for IPv6 address scopes, thereby aiming
to be compliant with IPv6 standards in general and RFC 4007 in
particular. The high-level summary is that link-local addresses are
now meaningful only in the context of their own link, guaranteeing
full isolation between links (and their addresses) in this respect.
This isolation even allows multiple interfaces to have the same
link-local addresses locally assigned.
The implementation achieves this by extending the lwIP IPv6 address
structure with a zone field that, for addresses that have a scope,
carries the scope's zone in which that address has meaning. The zone
maps to one or more interfaces. By default, lwIP uses a policy that
provides a 1:1 mapping between links and interfaces, and considers
all other addresses unscoped, corresponding to the default policy
sketched in RFC 4007 Sec. 6. The implementation allows for replacing
the default policy with a custom policy if desired, though.
The lwIP core implementation has been changed to provide somewhat of
a balance between correctness and efficiency on on side, and backward
compatibility on the other. In particular, while the application would
ideally always provide a zone for a scoped address, putting this in as
a requirement would likely break many applications. Instead, the API
accepts both "properly zoned" IPv6 addresses and addresses that, while
scoped, "lack" a zone. lwIP will try to add a zone as soon as possible
for efficiency reasons, in particular from TCP/UDP/RAW PCB bind and
connect calls, but this may fail, and sendto calls may bypass that
anyway. Ultimately, a zone is always added when an IP packet is sent
when needed, because the link-layer lwIP code (and ND6 in particualar)
requires that all addresses be properly zoned for correctness: for
example, to provide isolation between links in the ND6 destination
cache. All this applies to packet output only, because on packet
input, all scoped addresses will be given a zone automatically.
It is also worth remarking that on output, no attempt is made to stop
outgoing packets with addresses for a zone not matching the outgoing
interface. However, unless the application explicitly provides
addresses that will result in such zone violations, the core API
implementation (and the IPv6 routing algorithm in particular) itself
will never take decisions that result in zone violations itself.
This patch adds a new header file, ip6_zone.h, which contains comments
that explain several implementation aspects in a bit more detail.
For now, it is possible to disable scope support by changing the new
LWIP_IPV6_SCOPES configuration option. For users of the core API, it
is important to note that scoped addresses that are locally assigned
to a netif must always have a zone set; the standard netif address
assignment functions always do this on behalf of the caller, though.
Also, core API users will want to enable LWIP_IPV6_SCOPES_DEBUG at
least initially when upgrading, to ensure that all addresses are
properly initialized.
netif_ip6_addr_set_state() relies on being able to access the old
address on invalidation, for example in order to invalidate PCBs
and leave the correct solicited-node MLD group.
Eliminate ETHADDR32_COPY macro - it cannot be used in ETH_PAD_SIZE case. I could have kept it by defining it to ETHADDR16_COPY in case of ETH_PAD_SIZE, but I did not consider it worth another #ifdef mess.
Previously, ethip6 and lowpan6 each had their own copy of code that
used internal nd6 data structures to decide whether to send a packet
on the local link right away, or queue it while nd6 performed local
address resolution. This patch moves that code into nd6, thereby
eliminating all remaining cases of external access to internal nd6
data structures, as well as the need to expose two specific nd6
functions.
As a side effect, the patch effectively fixes two bugs in the lowpan6
code that were already fixed in the ethip6 code.
ppp/utils.c: In function 'ppp_vslprintf':
ppp/utils.c:251:12: error: cast from pointer to integer of different size [-Werror=pointer-to-int-cast]
val = (unsigned long) va_arg(args, void *);
^
This is because a void* type is casted into an unsigned long type,
which obviously isn't correct on LLP64 systems such as Windows.
Actually, we are not using %p, thus we remove %p support completely
instead of trying to fix the issue in unused code.
Art says:
pppos_input() can call ppp_input() which can call pppos_disconnect() to
disconnect the interface. However, it will continue to read in
characters and allocate a pbuf from the PBUF_POOL and keep it in
pppos->in_head and in_tail. When a re-connect happens and pppos_connect()
is called, this pppos->in_head and in_tail are zeroed, hence a memory
leak. (This happens with PPP_INPROC_IRQ_SAFE not defined.)
A fix would be inside pppos_input() to break out of the loop inputting
characters after calling ppp_input() if pppos->open == 0. Note that
the loop is not even entered if pppos->open == 0.
ppp_input(ppp, inp);
if(pppos->open == 0) //get out if they disconnected
break;
Fix it in a similar way which doesn't add new code by moving the
existing pppos->open check inside the byte loop.
This is done in the pppd upstream and was disabled because we don't have
the allowed addresses list required for the auth_ip_addr function.
This is mostly necessary for PPP in server mode to prevent the peer to
use the IP address it wants instead of the one we want, which is
currently allowed.
Rewrite auth_ip_addr in a simple way where we forbid PPP peer to use
loopback net, a multicast address or a reserved class address. Added
to that we consider that PPP in server mode with peer required to
authenticate must provide the peer IP address, reject any IP address
wanted by peer different than the one we wanted. This is actually
an allowed addresses "list" of one entry that follows what is done
in the unused auth_ip_addr function.
Commit 7df5496e7b revealed a regression introduced in commit 5a71509353
which broke IPCP reset state.
ask_for_local was set to 0 if ouraddr initial value is 0, if
ask_for_local was false go->ouraddr was cleared in reset callback,
commit 5a71509353 breaks it by removing this clearing. This regression
was silent because the whole ppp pcb runtime data was cleared before
reconnecting until commit 7df5496e7b which removed this giant clearing.
Fix it by reintroducing ask_for_local boolean value, with proper initial
value following what unused function ip_check_options do.
Fixes: 7df5496e7b ("PPP, rework initial/reconnect cleanup")
Fixes: 5a71509353 ("PPP, CORE, IPCP: removed useless ask_for_local boolean")
Let lwip use functions/macros prefixed by lwip_ internally to avoid naming clashes with external #includes.
Remove over-complicated #define handling in def.h
Make functions easier to override in cc.h. The following is sufficient now (no more LWIP_PLATFORM_BYTESWAP):
#define lwip_htons(x) <your_htons>
#define lwip_htonl(x) <your_htonl>
Change macro signature to be universal: netif, pbuf, src, dst, eth_type - whatever the user needs to decide about VLAN header.
Return value <0 means "no VLAN header", 0 <= return_value <= 0xFFFF -> value is prio_vid of header.
Clean up ethernet_output function to be more readable.
Fix below build errors:
In file included from ../../../../../lwip/src/include/netif/ppp/ppp_opts.h:31:0,
from ../../../../../lwip/src/netif/ppp/pppoe.c:71:
../../../../../lwip/src/netif/ppp/pppoe.c: In function ‘pppoe_timeout’:
../../../../../lwip/src/netif/ppp/pppoe.c:861:30: error: ‘ethbroadcast’ undeclared (first use in this function)
MEMCPY(&sc->sc_dest, ethbroadcast.addr, sizeof(sc->sc_dest));
^
../../../../../lwip/src/include/lwip/opt.h:137:52: note: in definition of macro ‘MEMCPY’
#define MEMCPY(dst,src,len) memcpy(dst,src,len)
^
../../../../../lwip/src/netif/ppp/pppoe.c:861:30: note: each undeclared identifier is reported only once for each function it appears in
MEMCPY(&sc->sc_dest, ethbroadcast.addr, sizeof(sc->sc_dest));
^
../../../../../lwip/src/include/lwip/opt.h:137:52: note: in definition of macro ‘MEMCPY’
#define MEMCPY(dst,src,len) memcpy(dst,src,len)
^
../../../../../lwip/src/netif/ppp/pppoe.c: In function ‘pppoe_connect’:
../../../../../lwip/src/netif/ppp/pppoe.c:899:24: error: ‘ethbroadcast’ undeclared (first use in this function)
MEMCPY(&sc->sc_dest, ethbroadcast.addr, sizeof(sc->sc_dest));
^
../../../../../lwip/src/include/lwip/opt.h:137:52: note: in definition of macro ‘MEMCPY’
#define MEMCPY(dst,src,len) memcpy(dst,src,len)
^
../../Common.mk:94: recipe for target 'pppoe.o' failed
make: *** [pppoe.o] Error 1
Fixes: 8eb9db18a2d9 ("Reduce usage of netif/ethernet.h header, mostly lwip/prot/ethernet.h is sufficient")
Signed-off-by: Axel Lin <axel.lin@ingics.com>
Signed-off-by: goldsimon <goldsimon@gmx.de>
The check for link up was missing, meaning valid LCP echo request/reply
packets are filtered whatever the PPP state is, despite what the comment
says.
Fix it by checking the PPP state as we would like to have done when it
was written.
VJ packets, Compressed packets, IPv4 and IPv6 packets are useless in
the PPP packet dump. We properly filtered IPv4 and IPv6 packets but
we forgot filtering VJ and Compressed packets.
Improve the filtering rule to filter packets which are not auth
protocol (< 0xC000) and which are not control protocol (0x8000 bit
not set).
If LCP is not started yet, we are only closing the link protocol, in
this case we have to set the disconnect state ourself because PPP
is not actually started yet.
pppoe_softc_list is always not null when pppoe_find_softc_by_session is
called, furthermore pppoe_softc_list being null here does not hurt.
session is still checked whatsoever in pppoe_find_softc_by_session,
prechecking the session value for a value which can't really happen
except for forged frames does not add any value.
Remove unnecessary cleanup at the end of session, cleanup as much as
possible in the connect callback instead. It follows what PPPoE is
currently doing and it makes everything simpler to read.
Instead of relying on cleanup at the end of session, cleanup as much as
possible in the connect callback. It removes duplicated code and make
everything simpler to read.
While we are at it, remove useless initialization code from create
and connect functions.
ppp_close might try to close LCP even if LCP is not started, it happens
because because the PPP session might be waiting for the link protocol
to come up and we do not check that.
We say in the PPP documentation that ppp_close() can be called anytime,
so, if link protocol is currently trying to connect, we must cancel
the link connection.
Fix it by calling the link protocol disconnect callback if LCP is not
started yet.
Disconnect callback does not currently support a disconnect event while
initiation is in progress. Retry timer is not stopped and PADT frame is
sent whatever the current state is. PADT frame can only be sent if we
received a PADS frame, otherwise sc_session is 0 and sending a PADT
frame is meaningless.
Fix both issues to allow calling the disconnect callback whatever the
PPPoE state is.
We say in the PPP documentation that ppp_close() can be called anytime,
as of today, this is not entirely true, there are still conditions that
are not handled properly.
If PPP is already disconnecting, ppp_close() must do nothing and returns
ERR_INPROGRESS instead of messing up the PPP disconnection state.
PPP_PHASE_MASTER state is only used if multilink mode is enabled. Since
we don't support multilink mode checking for this state only add some
code for no value added at all.
Build-out PPP_PHASE_MASTER state check if multilink mode is disabled.
Van Jacobson TCP header compression only apply if TCP is enabled,
therefore we need to disable VJ compression if TCP is disabled.
We already have conditions to enforce VJ disabling if IPv4 is disabled
or if PPPoS is disabled, add TCP to those conditions and remove
unecessary VJ_SUPPORT && LWIP_TCP conditions.
