exthdrs.c
来自「Linux Kernel 2.6.9 for OMAP1710」· C语言 代码 · 共 653 行 · 第 1/2 页
C
653 行
return -1; } skb->nh.ipv6h->hop_limit--; goto looped_back; } skb_push(skb, skb->data - skb->nh.raw); dst_input(skb); return -1;}static struct inet6_protocol rthdr_protocol = { .handler = ipv6_rthdr_rcv, .flags = INET6_PROTO_NOPOLICY,};void __init ipv6_rthdr_init(void){ if (inet6_add_protocol(&rthdr_protocol, IPPROTO_ROUTING) < 0) printk(KERN_ERR "ipv6_rthdr_init: Could not register protocol\n");};/* This function inverts received rthdr. NOTE: specs allow to make it automatically only if packet authenticated. I will not discuss it here (though, I am really pissed off at this stupid requirement making rthdr idea useless) Actually, it creates severe problems for us. Embryonic requests has no associated sockets, so that user have no control over it and cannot not only to set reply options, but even to know, that someone wants to connect without success. :-( For now we need to test the engine, so that I created temporary (or permanent) backdoor. If listening socket set IPV6_RTHDR to 2, then we invert header. --ANK (980729) */struct ipv6_txoptions *ipv6_invert_rthdr(struct sock *sk, struct ipv6_rt_hdr *hdr){ /* Received rthdr: [ H1 -> H2 -> ... H_prev ] daddr=ME Inverted result: [ H_prev -> ... -> H1 ] daddr =sender Note, that IP output engine will rewrite this rthdr by rotating it left by one addr. */ int n, i; struct rt0_hdr *rthdr = (struct rt0_hdr*)hdr; struct rt0_hdr *irthdr; struct ipv6_txoptions *opt; int hdrlen = ipv6_optlen(hdr); if (hdr->segments_left || hdr->type != IPV6_SRCRT_TYPE_0 || hdr->hdrlen & 0x01) return NULL; n = hdr->hdrlen >> 1; opt = sock_kmalloc(sk, sizeof(*opt) + hdrlen, GFP_ATOMIC); if (opt == NULL) return NULL; memset(opt, 0, sizeof(*opt)); opt->tot_len = sizeof(*opt) + hdrlen; opt->srcrt = (void*)(opt+1); opt->opt_nflen = hdrlen; memcpy(opt->srcrt, hdr, sizeof(*hdr)); irthdr = (struct rt0_hdr*)opt->srcrt; /* Obsolete field, MBZ, when originated by us */ irthdr->bitmap = 0; opt->srcrt->segments_left = n; for (i=0; i<n; i++) memcpy(irthdr->addr+i, rthdr->addr+(n-1-i), 16); return opt;}/********************************** Hop-by-hop options. **********************************//* Router Alert as of RFC 2711 */static int ipv6_hop_ra(struct sk_buff *skb, int optoff){ if (skb->nh.raw[optoff+1] == 2) { IP6CB(skb)->ra = optoff; return 1; } LIMIT_NETDEBUG( printk(KERN_DEBUG "ipv6_hop_ra: wrong RA length %d\n", skb->nh.raw[optoff+1])); kfree_skb(skb); return 0;}/* Jumbo payload */static int ipv6_hop_jumbo(struct sk_buff *skb, int optoff){ u32 pkt_len; if (skb->nh.raw[optoff+1] != 4 || (optoff&3) != 2) { LIMIT_NETDEBUG( printk(KERN_DEBUG "ipv6_hop_jumbo: wrong jumbo opt length/alignment %d\n", skb->nh.raw[optoff+1])); IP6_INC_STATS_BH(IPSTATS_MIB_INHDRERRORS); goto drop; } pkt_len = ntohl(*(u32*)(skb->nh.raw+optoff+2)); if (pkt_len <= IPV6_MAXPLEN) { IP6_INC_STATS_BH(IPSTATS_MIB_INHDRERRORS); icmpv6_param_prob(skb, ICMPV6_HDR_FIELD, optoff+2); return 0; } if (skb->nh.ipv6h->payload_len) { IP6_INC_STATS_BH(IPSTATS_MIB_INHDRERRORS); icmpv6_param_prob(skb, ICMPV6_HDR_FIELD, optoff); return 0; } if (pkt_len > skb->len - sizeof(struct ipv6hdr)) { IP6_INC_STATS_BH(IPSTATS_MIB_INTRUNCATEDPKTS); goto drop; } if (pkt_len + sizeof(struct ipv6hdr) < skb->len) { __pskb_trim(skb, pkt_len + sizeof(struct ipv6hdr)); if (skb->ip_summed == CHECKSUM_HW) skb->ip_summed = CHECKSUM_NONE; } return 1;drop: kfree_skb(skb); return 0;}static struct tlvtype_proc tlvprochopopt_lst[] = { { .type = IPV6_TLV_ROUTERALERT, .func = ipv6_hop_ra, }, { .type = IPV6_TLV_JUMBO, .func = ipv6_hop_jumbo, }, { -1, }};int ipv6_parse_hopopts(struct sk_buff *skb, int nhoff){ IP6CB(skb)->hop = sizeof(struct ipv6hdr); if (ip6_parse_tlv(tlvprochopopt_lst, skb)) return sizeof(struct ipv6hdr); return -1;}/* * Creating outbound headers. * * "build" functions work when skb is filled from head to tail (datagram) * "push" functions work when headers are added from tail to head (tcp) * * In both cases we assume, that caller reserved enough room * for headers. */static u8 *ipv6_build_rthdr(struct sk_buff *skb, u8 *prev_hdr, struct ipv6_rt_hdr *opt, struct in6_addr *addr){ struct rt0_hdr *phdr, *ihdr; int hops; ihdr = (struct rt0_hdr *) opt; phdr = (struct rt0_hdr *) skb_put(skb, (ihdr->rt_hdr.hdrlen + 1) << 3); memcpy(phdr, ihdr, sizeof(struct rt0_hdr)); hops = ihdr->rt_hdr.hdrlen >> 1; if (hops > 1) memcpy(phdr->addr, ihdr->addr + 1, (hops - 1) * sizeof(struct in6_addr)); ipv6_addr_copy(phdr->addr + (hops - 1), addr); phdr->rt_hdr.nexthdr = *prev_hdr; *prev_hdr = NEXTHDR_ROUTING; return &phdr->rt_hdr.nexthdr;}static u8 *ipv6_build_exthdr(struct sk_buff *skb, u8 *prev_hdr, u8 type, struct ipv6_opt_hdr *opt){ struct ipv6_opt_hdr *h = (struct ipv6_opt_hdr *)skb_put(skb, ipv6_optlen(opt)); memcpy(h, opt, ipv6_optlen(opt)); h->nexthdr = *prev_hdr; *prev_hdr = type; return &h->nexthdr;}u8 *ipv6_build_nfrag_opts(struct sk_buff *skb, u8 *prev_hdr, struct ipv6_txoptions *opt, struct in6_addr *daddr, u32 jumbolen){ struct ipv6_opt_hdr *h = (struct ipv6_opt_hdr *)skb->data; if (opt && opt->hopopt) prev_hdr = ipv6_build_exthdr(skb, prev_hdr, NEXTHDR_HOP, opt->hopopt); if (jumbolen) { u8 *jumboopt = (u8 *)skb_put(skb, 8); if (opt && opt->hopopt) { *jumboopt++ = IPV6_TLV_PADN; *jumboopt++ = 0; h->hdrlen++; } else { h = (struct ipv6_opt_hdr *)jumboopt; h->nexthdr = *prev_hdr; h->hdrlen = 0; jumboopt += 2; *prev_hdr = NEXTHDR_HOP; prev_hdr = &h->nexthdr; } jumboopt[0] = IPV6_TLV_JUMBO; jumboopt[1] = 4; *(u32*)(jumboopt+2) = htonl(jumbolen); } if (opt) { if (opt->dst0opt) prev_hdr = ipv6_build_exthdr(skb, prev_hdr, NEXTHDR_DEST, opt->dst0opt); if (opt->srcrt) prev_hdr = ipv6_build_rthdr(skb, prev_hdr, opt->srcrt, daddr); } return prev_hdr;}u8 *ipv6_build_frag_opts(struct sk_buff *skb, u8 *prev_hdr, struct ipv6_txoptions *opt){ if (opt->dst1opt) prev_hdr = ipv6_build_exthdr(skb, prev_hdr, NEXTHDR_DEST, opt->dst1opt); return prev_hdr;}static void ipv6_push_rthdr(struct sk_buff *skb, u8 *proto, struct ipv6_rt_hdr *opt, struct in6_addr **addr_p){ struct rt0_hdr *phdr, *ihdr; int hops; ihdr = (struct rt0_hdr *) opt; phdr = (struct rt0_hdr *) skb_push(skb, (ihdr->rt_hdr.hdrlen + 1) << 3); memcpy(phdr, ihdr, sizeof(struct rt0_hdr)); hops = ihdr->rt_hdr.hdrlen >> 1; if (hops > 1) memcpy(phdr->addr, ihdr->addr + 1, (hops - 1) * sizeof(struct in6_addr)); ipv6_addr_copy(phdr->addr + (hops - 1), *addr_p); *addr_p = ihdr->addr; phdr->rt_hdr.nexthdr = *proto; *proto = NEXTHDR_ROUTING;}static void ipv6_push_exthdr(struct sk_buff *skb, u8 *proto, u8 type, struct ipv6_opt_hdr *opt){ struct ipv6_opt_hdr *h = (struct ipv6_opt_hdr *)skb_push(skb, ipv6_optlen(opt)); memcpy(h, opt, ipv6_optlen(opt)); h->nexthdr = *proto; *proto = type;}void ipv6_push_nfrag_opts(struct sk_buff *skb, struct ipv6_txoptions *opt, u8 *proto, struct in6_addr **daddr){ if (opt->srcrt) ipv6_push_rthdr(skb, proto, opt->srcrt, daddr); if (opt->dst0opt) ipv6_push_exthdr(skb, proto, NEXTHDR_DEST, opt->dst0opt); if (opt->hopopt) ipv6_push_exthdr(skb, proto, NEXTHDR_HOP, opt->hopopt);}void ipv6_push_frag_opts(struct sk_buff *skb, struct ipv6_txoptions *opt, u8 *proto){ if (opt->dst1opt) ipv6_push_exthdr(skb, proto, NEXTHDR_DEST, opt->dst1opt);}struct ipv6_txoptions *ipv6_dup_options(struct sock *sk, struct ipv6_txoptions *opt){ struct ipv6_txoptions *opt2; opt2 = sock_kmalloc(sk, opt->tot_len, GFP_ATOMIC); if (opt2) { long dif = (char*)opt2 - (char*)opt; memcpy(opt2, opt, opt->tot_len); if (opt2->hopopt) *((char**)&opt2->hopopt) += dif; if (opt2->dst0opt) *((char**)&opt2->dst0opt) += dif; if (opt2->dst1opt) *((char**)&opt2->dst1opt) += dif; if (opt2->srcrt) *((char**)&opt2->srcrt) += dif; } return opt2;}⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?