lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 05 Nov 2011 10:30:06 +0100 From: Eric Dumazet <eric.dumazet@...il.com> To: François-Xavier Le Bail <fx.lebail@...oo.com> Cc: "netdev@...r.kernel.org" <netdev@...r.kernel.org> Subject: Re: [RFC] The Linux kernel IPv6 stack don't follow the RFC 4942 recommendation Le samedi 05 novembre 2011 à 01:39 -0700, François-Xavier Le Bail a écrit : > > I will study and test these options for my application server Here is a sample of use of the IPv4 part, an udpecho service that use IP_PKTINFO and IP_RECVTOS/IP_TOS to be able to use multihomed machine, and reflect TOS field as well. #include <sys/types.h> #include <sys/socket.h> #include <netinet/in.h> #include <linux/udp.h> #include <string.h> #include <stdio.h> #include <unistd.h> #include <arpa/inet.h> #define PORT 4040 int pktinfo_get(struct msghdr *my_hdr, struct in_pktinfo *pktinfo) { int res = -1; if (my_hdr->msg_controllen > 0) { struct cmsghdr *get_cmsg; for (get_cmsg = CMSG_FIRSTHDR(my_hdr); get_cmsg; get_cmsg = CMSG_NXTHDR(my_hdr, get_cmsg)) { if (get_cmsg->cmsg_type == IP_PKTINFO) { struct in_pktinfo *get_pktinfo = (struct in_pktinfo *)CMSG_DATA(get_cmsg); memcpy(pktinfo, get_pktinfo, sizeof(*pktinfo)); res = 0; } } } return res; } int tos_get(struct msghdr *my_hdr, unsigned char *tos) { int res = -1; if (my_hdr->msg_controllen > 0) { struct cmsghdr *get_cmsg; for (get_cmsg = CMSG_FIRSTHDR(my_hdr); get_cmsg; get_cmsg = CMSG_NXTHDR(my_hdr, get_cmsg)) { if (get_cmsg->cmsg_type == IP_TOS) { unsigned char *pkttos = (unsigned char *)CMSG_DATA(get_cmsg); *tos = *pkttos; res = 0; } } } return res; } int main(int argc, char *argv[]) { int fd = socket(AF_INET, SOCK_DGRAM, 0); struct sockaddr_in addr, rem_addr; int res, on = 1; struct msghdr msghdr; struct iovec vec[1]; char cbuf[512]; char frame[4096]; struct in_pktinfo pktinfo; int c, count = 1000000; unsigned char last_tos = 0; while ((c = getopt(argc, argv, "c:")) != -1) { if (c == 'c') count = atoi(optarg); } memset(&addr, 0, sizeof(addr)); addr.sin_family = AF_INET; addr.sin_port = htons(PORT); if (bind(fd, (struct sockaddr *)&addr, sizeof(addr)) == -1) { perror("bind"); return 1; } setsockopt(fd, SOL_IP, IP_PKTINFO, &on, sizeof(on)); setsockopt(fd, SOL_IP, IP_RECVTOS, &on, sizeof(on)); while (1) { unsigned char tos; memset(&msghdr, 0, sizeof(msghdr)); msghdr.msg_control = cbuf; msghdr.msg_controllen = sizeof(cbuf); msghdr.msg_iov = vec; msghdr.msg_iovlen = 1; vec[0].iov_base = frame; vec[0].iov_len = sizeof(frame); msghdr.msg_name = &rem_addr; msghdr.msg_namelen = sizeof(rem_addr); res = recvmsg(fd, &msghdr, 0); if (res == -1) break; if (pktinfo_get(&msghdr, &pktinfo) == 0) { // printf("Got IP_PKTINFO dst addr=%s\n", inet_ntoa(pktinfo.ipi_spec_dst)); } if (tos_get(&msghdr, &tos) == 0) { /* IP_TOS option wont be used in sendmsg(), we must use setsockopt() instead */ if (tos != last_tos) { if (setsockopt(fd, SOL_IP, IP_TOS, &tos, sizeof(tos)) == 0) last_tos = tos; } } /* ok, just echo reply this frame. * Using sendmsg() will provide IP_PKTINFO back to kernel * to let it use the 'right' source address * (destination address of the incoming packet) */ vec[0].iov_len = res; sendmsg(fd, &msghdr, 0); if (--count == 0) break; } return 0; } -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists