~mdw / tripe / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
pathmtu/pathmtu.c (raw): Maintain the port numbers separately.
[tripe] / pathmtu / pathmtu.c
1 /* -*-c-*-
2 *
3 * Report MTU on path to specified host
4 *
5 * (c) 2008 Straylight/Edgeware
6 */
7
8 /*----- Licensing notice --------------------------------------------------*
9 *
10 * This file is part of Trivial IP Encryption (TrIPE).
11 *
12 * TrIPE is free software: you can redistribute it and/or modify it under
13 * the terms of the GNU General Public License as published by the Free
14 * Software Foundation; either version 3 of the License, or (at your
15 * option) any later version.
16 *
17 * TrIPE is distributed in the hope that it will be useful, but WITHOUT
18 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
19 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 *
22 * You should have received a copy of the GNU General Public License
23 * along with TrIPE. If not, see <https://www.gnu.org/licenses/>.
24 */
25
26 /*----- Header files ------------------------------------------------------*/
27
28 #include "config.h"
29
30 #include <assert.h>
31 #include <errno.h>
32 #include <stddef.h>
33 #include <stdio.h>
34 #include <stdlib.h>
35 #include <string.h>
36 #include <time.h>
37
38 #include <sys/types.h>
39 #include <sys/time.h>
40 #include <unistd.h>
41
42 #include <sys/socket.h>
43 #include <netinet/in.h>
44 #include <arpa/inet.h>
45 #include <netdb.h>
46
47 #include <netinet/in_systm.h>
48 #include <netinet/ip.h>
49 #include <netinet/ip_icmp.h>
50 #include <netinet/udp.h>
51
52 #include <net/if.h>
53 #include <ifaddrs.h>
54 #include <sys/ioctl.h>
55
56 #include <mLib/alloc.h>
57 #include <mLib/bits.h>
58 #include <mLib/dstr.h>
59 #include <mLib/hex.h>
60 #include <mLib/mdwopt.h>
61 #include <mLib/quis.h>
62 #include <mLib/report.h>
63 #include <mLib/tv.h>
64
65 /*----- Static variables --------------------------------------------------*/
66
67 static unsigned char buf[65536];
68
69 #define POLY 0x1002d
70
71 /*----- Utility functions -------------------------------------------------*/
72
73 /* Step a value according to a simple LFSR. */
74 #define STEP(q) \
75 do (q) = ((q) & 0x8000) ? ((q) << 1) ^ POLY : ((q) << 1); while (0)
76
77 /* Fill buffer with a constant but pseudorandom string. Uses a simple
78 * LFSR.
79 */
80 static void fillbuffer(unsigned char *p, size_t sz)
81 {
82 unsigned int y = 0xbc20;
83 const unsigned char *l = p + sz;
84 int i;
85
86 while (p < l) {
87 *p++ = y & 0xff;
88 for (i = 0; i < 8; i++) STEP(y);
89 }
90 }
91
92 /* Convert a string to floating point. */
93 static double s2f(const char *s, const char *what)
94 {
95 double f;
96 char *q;
97
98 errno = 0;
99 f = strtod(s, &q);
100 if (errno || *q) die(EXIT_FAILURE, "bad %s", what);
101 return (f);
102 }
103
104 /* Convert a floating-point value into a struct timeval. */
105 static void f2tv(struct timeval *tv, double t)
106 { tv->tv_sec = t; tv->tv_usec = (t - tv->tv_sec)*MILLION; }
107
108 union addr {
109 struct sockaddr sa;
110 struct sockaddr_in sin;
111 struct sockaddr_in6 sin6;
112 };
113
114 /* Check whether an address family is even slightly supported. */
115 static int addrfamok(int af)
116 {
117 switch (af) {
118 case AF_INET: case AF_INET6: return (1);
119 default: return (0);
120 }
121 }
122
123 /* Return the size of a socket address. */
124 static size_t addrsz(const union addr *a)
125 {
126 switch (a->sa.sa_family) {
127 case AF_INET: return (sizeof(a->sin));
128 case AF_INET6: return (sizeof(a->sin6));
129 default: abort();
130 }
131 }
132
133 /* Compare two addresses. Maybe compare the port numbers too. */
134 #define AEF_PORT 1u
135 static int addreq(const union addr *a, const union addr *b, unsigned f)
136 {
137 switch (a->sa.sa_family) {
138 case AF_INET:
139 return (a->sin.sin_addr.s_addr == b->sin.sin_addr.s_addr &&
140 (!(f&AEF_PORT) || a->sin.sin_port == b->sin.sin_port));
141 case AF_INET6:
142 return (!memcmp(a->sin6.sin6_addr.s6_addr,
143 b->sin6.sin6_addr.s6_addr, 16) &&
144 (!(f&AEF_PORT) || a->sin6.sin6_port == b->sin6.sin6_port));
145 default:
146 abort();
147 }
148 }
149
150 /*----- Main algorithm skeleton -------------------------------------------*/
151
152 struct param {
153 unsigned f; /* Various flags */
154 #define F_VERBOSE 1u /* Give a running commentary */
155 double retx; /* Initial retransmit interval */
156 double regr; /* Retransmit growth factor */
157 double timeout; /* Retransmission timeout */
158 int seqoff; /* Offset to write sequence number */
159 const struct probe_ops *pops; /* Probe algorithm description */
160 union addr a; /* Destination address */
161 };
162
163 struct probestate {
164 const struct param *pp;
165 unsigned q;
166 };
167
168 struct probe_ops {
169 const char *name;
170 const struct probe_ops *next;
171 size_t statesz;
172 int (*setup)(void *, int, const struct param *);
173 void (*finish)(void *);
174 void (*selprep)(void *, int *, fd_set *);
175 int (*xmit)(void *, int);
176 int (*selproc)(void *, fd_set *, struct probestate *);
177 };
178
179 #define OPS_CHAIN 0
180
181 enum {
182 RC_FAIL = -99,
183 RC_OK = 0,
184 RC_LOWER = -1,
185 RC_HIGHER = -2,
186 RC_NOREPLY = -3
187 /* or a positive MTU upper-bound */
188 };
189
190 /* Add a file descriptor FD to the set `fd_in', updating `*maxfd'. */
191 #define ADDFD(fd) \
192 do { FD_SET(fd, fd_in); if (*maxfd < fd) *maxfd = fd; } while (0)
193
194 /* Check whether a buffer contains a packet from our current probe. */
195 static int mypacketp(struct probestate *ps,
196 const unsigned char *p, size_t sz)
197 {
198 const struct param *pp = ps->pp;
199
200 return (sz >= pp->seqoff + 2 && LOAD16(p + pp->seqoff) == ps->q);
201 }
202
203 /* See whether MTU is an acceptable MTU value. Return an appropriate
204 * RC_... code or a new suggested MTU.
205 */
206 static int probe(struct probestate *ps, void *st, int mtu)
207 {
208 const struct param *pp = ps->pp;
209 fd_set fd_in;
210 struct timeval tv, now, when, done;
211 double timer = pp->retx;
212 int rc, maxfd;
213
214 /* Set up the first retransmit and give-up timers. */
215 gettimeofday(&now, 0);
216 f2tv(&tv, pp->timeout); TV_ADD(&done, &now, &tv);
217 f2tv(&tv, timer); TV_ADD(&when, &now, &tv);
218 if (TV_CMP(&when, >, &done)) when = done;
219
220 /* Send the initial probe. */
221 if (pp->f & F_VERBOSE)
222 moan("sending probe of size %d (seq = %04x)", mtu, ps->q);
223 STEP(ps->q);
224 STORE16(buf + pp->seqoff, ps->q);
225 if ((rc = pp->pops->xmit(st, mtu)) != RC_OK) return (rc);
226
227 for (;;) {
228
229 /* Wait for something interesting to happen. */
230 maxfd = 0; FD_ZERO(&fd_in);
231 pp->pops->selprep(st, &maxfd, &fd_in);
232 TV_SUB(&tv, &when, &now);
233 if (select(maxfd + 1, &fd_in, 0, 0, &tv) < 0) return (RC_FAIL);
234 gettimeofday(&now, 0);
235
236 /* See whether the probe method has any answers for us. */
237 if ((rc = pp->pops->selproc(st, &fd_in, ps)) != RC_OK) return (rc);
238
239 /* If we've waited too long, give up. If we should retransmit, do
240 * that.
241 */
242 if (TV_CMP(&now, >, &done))
243 return (RC_NOREPLY);
244 else if (TV_CMP(&now, >, &when)) {
245 if (pp->f & F_VERBOSE) moan("re-sending probe of size %d", mtu);
246 if ((rc = pp->pops->xmit(st, mtu)) != RC_OK) return (rc);
247 do {
248 timer *= pp->regr; f2tv(&tv, timer); TV_ADD(&when, &when, &tv);
249 } while (TV_CMP(&when, <, &now));
250 if (TV_CMP(&when, >, &done)) when = done;
251 }
252 }
253 }
254
255 /* Discover the path MTU to the destination address. */
256 static int pathmtu(const struct param *pp)
257 {
258 int sk;
259 int mtu, lo, hi;
260 int rc, droppy = -1;
261 void *st;
262 struct probestate ps;
263
264 /* Build and connect a UDP socket. We'll need this to know the local port
265 * number to use if nothing else. Set other stuff up.
266 */
267 if ((sk = socket(pp->a.sa.sa_family, SOCK_DGRAM, IPPROTO_UDP)) < 0)
268 goto fail_0;
269 if (connect(sk, &pp->a.sa, addrsz(&pp->a))) goto fail_1;
270 st = xmalloc(pp->pops->statesz);
271 if ((mtu = pp->pops->setup(st, sk, pp)) < 0) goto fail_2;
272 ps.pp = pp; ps.q = rand() & 0xffff;
273 switch (pp->a.sa.sa_family) {
274 case AF_INET: lo = 576; break;
275 case AF_INET6: lo = 1280; break;
276 default: abort();
277 }
278 hi = mtu;
279 if (hi < lo) { errno = EMSGSIZE; return (-1); }
280
281 /* And now we do a thing which is sort of like a binary search, except that
282 * we also take explicit clues as establishing a new upper bound, and we
283 * try to hug that initially.
284 */
285 for (;;) {
286 assert(lo <= mtu && mtu <= hi);
287 if (pp->f & F_VERBOSE) moan("probe: %d <= %d <= %d", lo, mtu, hi);
288 rc = probe(&ps, st, mtu);
289 switch (rc) {
290
291 case RC_FAIL:
292 if (pp->f & F_VERBOSE) moan("probe failed");
293 goto fail_3;
294
295 case RC_NOREPLY:
296 /* If we've not seen a dropped packet before then we don't know what
297 * this means yet -- in particular, we don't know which bit of the
298 * network is swallowing packets. Send a minimum-size probe. If
299 * that doesn't come back then assume that the remote host is
300 * swallowing our packets. If it does, then we assume that dropped
301 * packets are a result of ICMP fragmentation-needed reports being
302 * lost or suppressed.
303 */
304 if (pp->f & F_VERBOSE) moan("gave up: black hole detected");
305 if (droppy == -1) {
306 if (pp->f & F_VERBOSE) moan("sending minimum-size probe");
307 switch (probe(&ps, st, lo)) {
308 case RC_FAIL:
309 goto fail_3;
310 case RC_NOREPLY:
311 if (pp->f & F_VERBOSE) {
312 moan("no reply from min-size probe: "
313 "assume black hole at target");
314 }
315 droppy = 1;
316 break;
317 case RC_HIGHER:
318 if (pp->f & F_VERBOSE) {
319 moan("reply from min-size probe OK: "
320 "assume black hole in network");
321 }
322 droppy = 0;
323 break;
324 default:
325 if (pp->f & F_VERBOSE)
326 moan("unexpected return code from probe");
327 errno = ENOTCONN;
328 goto fail_3;
329 }
330 }
331
332 if (droppy) goto higher; else goto lower;
333
334 case RC_HIGHER:
335 higher:
336 if (droppy == -1) {
337 if (pp->f & F_VERBOSE)
338 moan("probe returned: remote host is not a black hole");
339 droppy = 0;
340 }
341 if (mtu == hi) {
342 if (pp->f & F_VERBOSE) moan("probe returned: found correct MTU");
343 goto done;
344 }
345 lo = mtu;
346
347 /* Now we must make a new guess, between lo and hi. We know that lo
348 * is good; but we're not so sure about hi here. We know that hi >
349 * lo, so this will find an approximate midpoint, greater than lo and
350 * no more than hi.
351 */
352 if (pp->f & F_VERBOSE) moan("probe returned: guessing higher");
353 mtu += (hi - lo + 1)/2;
354 break;
355
356 case RC_LOWER:
357 lower:
358 /* If this didn't work, and we're already at the bottom of our
359 * possible range, then something has gone horribly wrong.
360 */
361 assert(lo < mtu);
362 hi = mtu - 1;
363 if (lo == hi) {
364 if (pp->f & F_VERBOSE) moan("error returned: found correct MTU");
365 mtu = lo;
366 goto done;
367 }
368
369 /* We must make a new guess, between lo and hi. We're probably
370 * fairly sure that lo will succeed, since either it's the minimum
371 * MTU or we've tested it already; but we're not quite sure about hi,
372 * so we want to aim high.
373 */
374 if (pp->f & F_VERBOSE) moan("error returned: guessing lower");
375 mtu -= (hi - lo + 1)/2;
376 break;
377
378 default:
379 if (pp->f & F_VERBOSE) moan("error returned with new MTU estimate");
380 mtu = hi = rc;
381 break;
382 }
383 }
384
385 done:
386 /* Clean up and return our result. */
387 pp->pops->finish(st);
388 xfree(st);
389 close(sk);
390 return (mtu);
391
392 fail_3:
393 pp->pops->finish(st);
394 fail_2:
395 xfree(st);
396 fail_1:
397 close(sk);
398 fail_0:
399 return (-1);
400 }
401
402 /*----- Doing it the hard way ---------------------------------------------*/
403
404 #if defined(linux) || defined(__OpenBSD__)
405 #define IPHDR_SANE
406 #endif
407
408 #ifdef IPHDR_SANE
409 # define sane_htons htons
410 # define sane_htonl htonl
411 #else
412 # define sane_htons
413 # define sane_htonl
414 #endif
415
416 static int rawicmp = -1, rawudp = -1, rawerr = 0;
417
418 #define IPCK_INIT 0xffff
419
420 /* Compute an IP checksum over some data. This is a restartable interface:
421 * initialize A to `IPCK_INIT' for the first call.
422 */
423 static unsigned ipcksum(const void *buf, size_t n, unsigned a)
424 {
425 unsigned long aa = a ^ 0xffff;
426 const unsigned char *p = buf, *l = p + n;
427
428 while (p < l - 1) { aa += LOAD16_B(p); p += 2; }
429 if (p < l) { aa += (unsigned)(*p) << 8; }
430 do aa = (aa & 0xffff) + (aa >> 16); while (aa >= 0x10000);
431 return (aa == 0xffff ? aa : aa ^ 0xffff);
432 }
433
434 /* TCP/UDP pseudoheader structure. */
435 struct phdr {
436 struct in_addr ph_src, ph_dst;
437 uint8_t ph_z, ph_p;
438 uint16_t ph_len;
439 };
440
441 struct raw_state {
442 union addr me, a;
443 int sk, rawicmp, rawudp;
444 uint16_t srcport, dstport;
445 unsigned q;
446 };
447
448 static int raw_setup(void *stv, int sk, const struct param *pp)
449 {
450 struct raw_state *st = stv;
451 socklen_t sz;
452 int i, mtu = -1;
453 struct ifaddrs *ifa, *ifaa, *ifap;
454 struct ifreq ifr;
455
456 /* Check that the address is OK, and that we have the necessary raw
457 * sockets.
458 */
459 switch (pp->a.sa.sa_family) {
460 case AF_INET:
461 if (rawerr) { errno = rawerr; goto fail_0; }
462 st->rawicmp = rawicmp; st->rawudp = rawudp; st->sk = sk;
463 break;
464 default:
465 errno = EPFNOSUPPORT; goto fail_0;
466 }
467
468 /* Initialize the sequence number. */
469 st->q = rand() & 0xffff;
470
471 /* Snaffle the local and remote address and port number. */
472 st->a = pp->a;
473 sz = sizeof(st->me);
474 if (getsockname(sk, &st->me.sa, &sz))
475 goto fail_0;
476
477 /* An unfortunate bodge which will make sense in the future. */
478 st->srcport = st->me.sin.sin_port; st->me.sin.sin_port = 0;
479 st->dstport = st->a.sin.sin_port; st->a.sin.sin_port = 0;
480
481 /* There isn't a portable way to force the DF flag onto a packet through
482 * UDP, or even through raw IP, unless we write the entire IP header
483 * ourselves. This is somewhat annoying, especially since we have an
484 * uphill struggle keeping track of which systems randomly expect which
485 * header fields to be presented in host byte order. Oh, well.
486 */
487 i = 1;
488 if (setsockopt(rawudp, IPPROTO_IP, IP_HDRINCL, &i, sizeof(i))) goto fail_0;
489
490 /* Find an upper bound on the MTU. Do two passes over the interface
491 * list. If we can find matches for our local address then use the
492 * highest one of those; otherwise do a second pass and simply take the
493 * highest MTU of any network interface.
494 */
495 if (getifaddrs(&ifaa)) goto fail_0;
496 for (i = 0; i < 2; i++) {
497 for (ifap = 0, ifa = ifaa; ifa; ifa = ifa->ifa_next) {
498 if (!(ifa->ifa_flags & IFF_UP) || !ifa->ifa_addr ||
499 ifa->ifa_addr->sa_family != st->me.sa.sa_family ||
500 (i == 0 &&
501 !addreq((union addr *)ifa->ifa_addr, &st->me, 0)) ||
502 (i == 1 && ifap && strcmp(ifap->ifa_name, ifa->ifa_name) == 0) ||
503 strlen(ifa->ifa_name) >= sizeof(ifr.ifr_name))
504 continue;
505 ifap = ifa;
506 strcpy(ifr.ifr_name, ifa->ifa_name);
507 if (ioctl(sk, SIOCGIFMTU, &ifr)) goto fail_1;
508 if (mtu < ifr.ifr_mtu) mtu = ifr.ifr_mtu;
509 }
510 if (mtu > 0) break;
511 }
512 if (mtu < 0) { errno = ENOTCONN; goto fail_1; }
513 freeifaddrs(ifaa);
514
515 /* Done. */
516 return (mtu);
517
518 fail_1:
519 freeifaddrs(ifaa);
520 fail_0:
521 return (-1);
522 }
523
524 static void raw_finish(void *stv) { ; }
525
526 static void raw_selprep(void *stv, int *maxfd, fd_set *fd_in)
527 { struct raw_state *st = stv; ADDFD(st->sk); ADDFD(st->rawicmp); }
528
529 static int raw_xmit(void *stv, int mtu)
530 {
531 struct raw_state *st = stv;
532 unsigned char b[65536], *p;
533 struct ip *ip;
534 struct udphdr *udp;
535 struct phdr ph;
536 unsigned ck;
537
538 /* Build the IP header. */
539 ip = (struct ip *)b;
540 ip->ip_v = 4;
541 ip->ip_hl = sizeof(*ip)/4;
542 ip->ip_tos = IPTOS_RELIABILITY;
543 ip->ip_len = sane_htons(mtu);
544 STEP(st->q); ip->ip_id = htons(st->q);
545 ip->ip_off = sane_htons(0 | IP_DF);
546 ip->ip_ttl = 64;
547 ip->ip_p = IPPROTO_UDP;
548 ip->ip_sum = 0;
549 ip->ip_src = st->me.sin.sin_addr;
550 ip->ip_dst = st->a.sin.sin_addr;
551
552 /* Build a UDP packet in the output buffer. */
553 udp = (struct udphdr *)(ip + 1);
554 udp->uh_sport = st->srcport;
555 udp->uh_dport = st->dstport;
556 udp->uh_ulen = htons(mtu - sizeof(*ip));
557 udp->uh_sum = 0;
558
559 /* Copy the payload. */
560 p = (unsigned char *)(udp + 1);
561 memcpy(p, buf, mtu - (p - b));
562
563 /* Calculate the UDP checksum. */
564 ph.ph_src = ip->ip_src;
565 ph.ph_dst = ip->ip_dst;
566 ph.ph_z = 0;
567 ph.ph_p = IPPROTO_UDP;
568 ph.ph_len = udp->uh_ulen;
569 ck = IPCK_INIT;
570 ck = ipcksum(&ph, sizeof(ph), ck);
571 ck = ipcksum(udp, mtu - sizeof(*ip), ck);
572 udp->uh_sum = htons(ck);
573
574 /* Send the whole thing off. If we're too big for the interface then we
575 * might need to trim immediately.
576 */
577 if (sendto(st->rawudp, b, mtu, 0, &st->a.sa, addrsz(&st->a)) < 0) {
578 if (errno == EMSGSIZE) return (RC_LOWER);
579 else goto fail_0;
580 }
581
582 /* Done. */
583 return (RC_OK);
584
585 fail_0:
586 return (RC_FAIL);
587 }
588
589 static int raw_selproc(void *stv, fd_set *fd_in, struct probestate *ps)
590 {
591 struct raw_state *st = stv;
592 unsigned char b[65536];
593 struct ip *ip;
594 struct icmp *icmp;
595 struct udphdr *udp;
596 const unsigned char *payload;
597 ssize_t n;
598
599 /* An ICMP packet: see what's inside. */
600 if (FD_ISSET(st->rawicmp, fd_in)) {
601 if ((n = read(st->rawicmp, b, sizeof(b))) < 0) goto fail_0;
602
603 ip = (struct ip *)b;
604 if (n < sizeof(*ip) || n < sizeof(4*ip->ip_hl) ||
605 ip->ip_v != 4 || ip->ip_p != IPPROTO_ICMP)
606 goto skip_icmp;
607 n -= sizeof(4*ip->ip_hl);
608
609 icmp = (struct icmp *)(b + 4*ip->ip_hl);
610 if (n < sizeof(*icmp) || icmp->icmp_type != ICMP_UNREACH)
611 goto skip_icmp;
612 n -= offsetof(struct icmp, icmp_ip);
613
614 ip = &icmp->icmp_ip;
615 if (n < sizeof(*ip) ||
616 ip->ip_p != IPPROTO_UDP || ip->ip_hl != sizeof(*ip)/4 ||
617 ip->ip_id != htons(st->q) ||
618 ip->ip_src.s_addr != st->me.sin.sin_addr.s_addr ||
619 ip->ip_dst.s_addr != st->a.sin.sin_addr.s_addr)
620 goto skip_icmp;
621 n -= sizeof(*ip);
622
623 udp = (struct udphdr *)(ip + 1);
624 if (n < sizeof(*udp) || udp->uh_sport != st->srcport ||
625 udp->uh_dport != st->dstport)
626 goto skip_icmp;
627 n -= sizeof(*udp);
628
629 payload = (const unsigned char *)(udp + 1);
630 if (!mypacketp(ps, payload, n)) goto skip_icmp;
631
632 if (icmp->icmp_code == ICMP_UNREACH_PORT) return (RC_HIGHER);
633 else if (icmp->icmp_code != ICMP_UNREACH_NEEDFRAG) goto skip_icmp;
634 else if (icmp->icmp_nextmtu) return (htons(icmp->icmp_nextmtu));
635 else return (RC_LOWER);
636 }
637 skip_icmp:;
638
639 /* If we got a reply to the current probe then we're good. If we got an
640 * error, or the packet's sequence number is wrong, then ignore it.
641 */
642 if (FD_ISSET(st->sk, fd_in)) {
643 if ((n = read(st->sk, b, sizeof(b))) < 0) return (RC_OK);
644 else if (mypacketp(ps, b, n)) return (RC_HIGHER);
645 else return (RC_OK);
646 }
647
648 return (RC_OK);
649
650 fail_0:
651 return (RC_FAIL);
652 }
653
654 static const struct probe_ops raw_ops = {
655 "raw", OPS_CHAIN, sizeof(struct raw_state),
656 raw_setup, raw_finish,
657 raw_selprep, raw_xmit, raw_selproc
658 };
659
660 #undef OPS_CHAIN
661 #define OPS_CHAIN &raw_ops
662
663 /*----- Doing the job on Linux --------------------------------------------*/
664
665 #if defined(linux)
666
667 #ifndef IP_MTU
668 # define IP_MTU 14 /* Blech! */
669 #endif
670
671 struct linux_state {
672 int sol, so_mtu_discover, so_mtu;
673 int sk;
674 size_t hdrlen;
675 };
676
677 static int linux_setup(void *stv, int sk, const struct param *pp)
678 {
679 struct linux_state *st = stv;
680 int i, mtu;
681 socklen_t sz;
682
683 /* Check that the address is OK. */
684 switch (pp->a.sa.sa_family) {
685 case AF_INET:
686 st->sol = IPPROTO_IP;
687 st->so_mtu_discover = IP_MTU_DISCOVER;
688 st->so_mtu = IP_MTU;
689 st->hdrlen = 28;
690 break;
691 case AF_INET6:
692 st->sol = IPPROTO_IPV6;
693 st->so_mtu_discover = IPV6_MTU_DISCOVER;
694 st->so_mtu = IPV6_MTU;
695 st->hdrlen = 48;
696 break;
697 default:
698 errno = EPFNOSUPPORT;
699 return (-1);
700 }
701
702 /* Snaffle the UDP socket. */
703 st->sk = sk;
704
705 /* Turn on kernel path-MTU discovery and force DF on. */
706 i = IP_PMTUDISC_PROBE;
707 if (setsockopt(st->sk, st->sol, st->so_mtu_discover, &i, sizeof(i)))
708 return (-1);
709
710 /* Read the initial MTU guess back and report it. */
711 sz = sizeof(mtu);
712 if (getsockopt(st->sk, st->sol, st->so_mtu, &mtu, &sz))
713 return (-1);
714
715 /* Done. */
716 return (mtu);
717 }
718
719 static void linux_finish(void *stv) { ; }
720
721 static void linux_selprep(void *stv, int *maxfd, fd_set *fd_in)
722 { struct linux_state *st = stv; ADDFD(st->sk); }
723
724 static int linux_xmit(void *stv, int mtu)
725 {
726 struct linux_state *st = stv;
727
728 /* Write the packet. */
729 if (write(st->sk, buf, mtu - st->hdrlen) >= 0) return (RC_OK);
730 else if (errno == EMSGSIZE) return (RC_LOWER);
731 else return (RC_FAIL);
732 }
733
734 static int linux_selproc(void *stv, fd_set *fd_in, struct probestate *ps)
735 {
736 struct linux_state *st = stv;
737 int mtu;
738 socklen_t sz;
739 ssize_t n;
740 unsigned char b[65536];
741
742 /* Read an answer. If it looks like the right kind of error then report a
743 * success. This is potentially wrong, since we can't tell whether an
744 * error was delayed from an earlier probe. However, we never return
745 * RC_LOWER from this method, so the packet sizes ought to be monotonically
746 * decreasing and this won't cause trouble. Otherwise update from the
747 * kernel's idea of the right MTU.
748 */
749 if (FD_ISSET(st->sk, fd_in)) {
750 n = read(st->sk, &buf, sizeof(buf));
751 if (n >= 0 ?
752 mypacketp(ps, b, n) :
753 errno == ECONNREFUSED || errno == EHOSTUNREACH)
754 return (RC_HIGHER);
755 sz = sizeof(mtu);
756 if (getsockopt(st->sk, st->sol, st->so_mtu, &mtu, &sz))
757 return (RC_FAIL);
758 return (mtu);
759 }
760 return (RC_OK);
761 }
762
763 static const struct probe_ops linux_ops = {
764 "linux", OPS_CHAIN, sizeof(struct linux_state),
765 linux_setup, linux_finish,
766 linux_selprep, linux_xmit, linux_selproc
767 };
768
769 #undef OPS_CHAIN
770 #define OPS_CHAIN &linux_ops
771
772 #endif
773
774 /*----- Help options ------------------------------------------------------*/
775
776 static const struct probe_ops *probe_ops = OPS_CHAIN;
777
778 static void version(FILE *fp)
779 { pquis(fp, "$, TrIPE version " VERSION "\n"); }
780
781 static void usage(FILE *fp)
782 {
783 pquis(fp, "Usage: $ [-46v] [-H HEADER] [-m METHOD]\n\
784 [-r SECS] [-g FACTOR] [-t SECS] HOST [PORT]\n");
785 }
786
787 static void help(FILE *fp)
788 {
789 const struct probe_ops *ops;
790
791 version(fp);
792 fputc('\n', fp);
793 usage(fp);
794 fputs("\
795 \n\
796 Options in full:\n\
797 \n\
798 -h, --help Show this help text.\n\
799 -V, --version Show version number.\n\
800 -u, --usage Show brief usage message.\n\
801 \n\
802 -4, --ipv4 Restrict to IPv4 only.\n\
803 -6, --ipv6 Restrict to IPv6 only.\n\
804 -g, --growth=FACTOR Growth factor for retransmit interval.\n\
805 -m, --method=METHOD Use METHOD to probe for MTU.\n\
806 -r, --retransmit=SECS Retransmit if no reply after SEC.\n\
807 -t, --timeout=SECS Give up expecting a reply after SECS.\n\
808 -v, --verbose Write a running commentary to stderr.\n\
809 -H, --header=HEX Packet header, in hexadecimal.\n\
810 \n\
811 Probe methods:\n\
812 ", fp);
813 for (ops = probe_ops; ops; ops = ops->next)
814 printf("\t%s\n", ops->name);
815 }
816
817 /*----- Main code ---------------------------------------------------------*/
818
819 int main(int argc, char *argv[])
820 {
821 struct param pp = { 0, 0.333, 3.0, 8.0, 0, OPS_CHAIN };
822 hex_ctx hc;
823 dstr d = DSTR_INIT;
824 size_t sz;
825 int i, err;
826 struct addrinfo aihint = { 0 }, *ailist, *ai;
827 const char *host, *svc = "7";
828 unsigned f = 0;
829
830 #define f_bogus 1u
831
832 if ((rawicmp = socket(PF_INET, SOCK_RAW, IPPROTO_ICMP)) < 0 ||
833 (rawudp = socket(PF_INET, SOCK_RAW, IPPROTO_UDP)) < 0)
834 rawerr = errno;
835 if (setuid(getuid()))
836 abort();
837
838 ego(argv[0]);
839 fillbuffer(buf, sizeof(buf));
840
841 aihint.ai_family = AF_UNSPEC;
842 aihint.ai_protocol = IPPROTO_UDP;
843 aihint.ai_socktype = SOCK_DGRAM;
844 aihint.ai_flags = AI_ADDRCONFIG;
845
846 for (;;) {
847 static const struct option opts[] = {
848 { "help", 0, 0, 'h' },
849 { "version", 0, 0, 'V' },
850 { "usage", 0, 0, 'u' },
851 { "ipv4", 0, 0, '4' },
852 { "ipv6", 0, 0, '6' },
853 { "header", OPTF_ARGREQ, 0, 'H' },
854 { "growth", OPTF_ARGREQ, 0, 'g' },
855 { "method", OPTF_ARGREQ, 0, 'm' },
856 { "retransmit", OPTF_ARGREQ, 0, 'r' },
857 { "timeout", OPTF_ARGREQ, 0, 't' },
858 { "verbose", 0, 0, 'v' },
859 { 0, 0, 0, 0 }
860 };
861
862 i = mdwopt(argc, argv, "hVu" "46H:g:m:r:t:v", opts, 0, 0, 0);
863 if (i < 0) break;
864 switch (i) {
865 case 'h': help(stdout); exit(0);
866 case 'V': version(stdout); exit(0);
867 case 'u': usage(stdout); exit(0);
868
869 case 'H':
870 DRESET(&d);
871 hex_init(&hc);
872 hex_decode(&hc, optarg, strlen(optarg), &d);
873 hex_decode(&hc, 0, 0, &d);
874 sz = d.len < 532 ? d.len : 532;
875 memcpy(buf, d.buf, sz);
876 pp.seqoff = sz;
877 break;
878
879 case '4': aihint.ai_family = AF_INET; break;
880 case '6': aihint.ai_family = AF_INET6; break;
881 case 'g': pp.regr = s2f(optarg, "retransmit growth factor"); break;
882 case 'r': pp.retx = s2f(optarg, "retransmit interval"); break;
883 case 't': pp.timeout = s2f(optarg, "timeout"); break;
884
885 case 'm':
886 for (pp.pops = OPS_CHAIN; pp.pops; pp.pops = pp.pops->next)
887 if (strcmp(pp.pops->name, optarg) == 0) goto found_alg;
888 die(EXIT_FAILURE, "unknown probe algorithm `%s'", optarg);
889 found_alg:
890 break;
891
892 case 'v': pp.f |= F_VERBOSE; break;
893
894 default:
895 f |= f_bogus;
896 break;
897 }
898 }
899 argv += optind; argc -= optind;
900 if ((f & f_bogus) || 1 > argc || argc > 2) {
901 usage(stderr);
902 exit(EXIT_FAILURE);
903 }
904
905 host = argv[0];
906 if (argv[1]) svc = argv[1];
907 if ((err = getaddrinfo(host, svc, &aihint, &ailist)) != 0) {
908 die(EXIT_FAILURE, "unknown host `%s' or service `%s': %s",
909 host, svc, gai_strerror(err));
910 }
911 for (ai = ailist; ai && !addrfamok(ai->ai_family); ai = ai->ai_next);
912 if (!ai) die(EXIT_FAILURE, "no supported address families for `%s'", host);
913 assert(ai->ai_addrlen <= sizeof(pp.a));
914 memcpy(&pp.a, ai->ai_addr, ai->ai_addrlen);
915
916 i = pathmtu(&pp);
917 if (i < 0)
918 die(EXIT_FAILURE, "failed to discover MTU: %s", strerror(errno));
919 printf("%d\n", i);
920 if (ferror(stdout) || fflush(stdout) || fclose(stdout))
921 die(EXIT_FAILURE, "failed to write result: %s", strerror(errno));
922 return (0);
923 }
924
925 /*----- That's all, folks -------------------------------------------------*/
Trivial IP Encryption: a simple VPN