X-Git-Url: https://git.distorted.org.uk/~mdw/tripe/blobdiff_plain/1d25a3edbe44af1827d434e6864e29befbdf19b7..HEAD:/pathmtu/pathmtu.c diff --git a/pathmtu/pathmtu.c b/pathmtu/pathmtu.c index 55702787..9c5c8294 100644 --- a/pathmtu/pathmtu.c +++ b/pathmtu/pathmtu.c @@ -47,11 +47,15 @@ #include #include #include +#include +#include #include -#include -#include -#include +#ifdef HAVE_GETIFADDRS +# include +# include +# include +#endif #include #include @@ -130,23 +134,6 @@ static size_t addrsz(const union addr *a) } } -/* Compare two addresses. Maybe compare the port numbers too. */ -#define AEF_PORT 1u -static int addreq(const union addr *a, const union addr *b, unsigned f) -{ - switch (a->sa.sa_family) { - case AF_INET: - return (a->sin.sin_addr.s_addr == b->sin.sin_addr.s_addr && - (!(f&AEF_PORT) || a->sin.sin_port == b->sin.sin_port)); - case AF_INET6: - return (!memcmp(a->sin6.sin6_addr.s6_addr, - b->sin6.sin6_addr.s6_addr, 16) && - (!(f&AEF_PORT) || a->sin6.sin6_port == b->sin6.sin6_port)); - default: - abort(); - } -} - /*----- Main algorithm skeleton -------------------------------------------*/ struct param { @@ -401,8 +388,10 @@ fail_0: /*----- Doing it the hard way ---------------------------------------------*/ +#ifdef HAVE_GETIFADDRS + #if defined(linux) || defined(__OpenBSD__) -#define IPHDR_SANE +# define IPHDR_SANE #endif #ifdef IPHDR_SANE @@ -414,9 +403,27 @@ fail_0: #endif static int rawicmp = -1, rawudp = -1, rawerr = 0; +static int rawicmp6 = -1, rawudp6 = -1, rawerr6 = 0; #define IPCK_INIT 0xffff +/* Compare two addresses. Maybe compare the port numbers too. */ +#define AEF_PORT 1u +static int addreq(const union addr *a, const union addr *b, unsigned f) +{ + switch (a->sa.sa_family) { + case AF_INET: + return (a->sin.sin_addr.s_addr == b->sin.sin_addr.s_addr && + (!(f&AEF_PORT) || a->sin.sin_port == b->sin.sin_port)); + case AF_INET6: + return (!memcmp(a->sin6.sin6_addr.s6_addr, + b->sin6.sin6_addr.s6_addr, 16) && + (!(f&AEF_PORT) || a->sin6.sin6_port == b->sin6.sin6_port)); + default: + abort(); + } +} + /* Compute an IP checksum over some data. This is a restartable interface: * initialize A to `IPCK_INIT' for the first call. */ @@ -437,10 +444,16 @@ struct phdr { uint8_t ph_z, ph_p; uint16_t ph_len; }; +struct phdr6 { + struct in6_addr ph6_src, ph6_dst; + uint32_t ph6_len; + uint8_t ph6_z0, ph6_z1, ph6_z2, ph6_nxt; +}; struct raw_state { union addr me, a; int sk, rawicmp, rawudp; + uint16_t srcport, dstport; unsigned q; }; @@ -451,14 +464,30 @@ static int raw_setup(void *stv, int sk, const struct param *pp) int i, mtu = -1; struct ifaddrs *ifa, *ifaa, *ifap; struct ifreq ifr; + struct icmp6_filter f6; /* Check that the address is OK, and that we have the necessary raw * sockets. + * + * For IPv6, also set the filter so we don't get too many useless wakeups. */ switch (pp->a.sa.sa_family) { case AF_INET: if (rawerr) { errno = rawerr; goto fail_0; } st->rawicmp = rawicmp; st->rawudp = rawudp; st->sk = sk; + /* IPv4 filtering is available on Linux but isn't portable. */ + break; + case AF_INET6: + if (rawerr6) { errno = rawerr6; goto fail_0; } + st->rawicmp = rawicmp6; st->rawudp = rawudp6; st->sk = sk; + ICMP6_FILTER_SETBLOCKALL(&f6); + ICMP6_FILTER_SETPASS(ICMP6_PACKET_TOO_BIG, &f6); + ICMP6_FILTER_SETPASS(ICMP6_DST_UNREACH, &f6); + if (setsockopt(st->rawicmp, IPPROTO_ICMPV6, ICMP6_FILTER, + &f6, sizeof(f6))) { + die(EXIT_FAILURE, "failed to set icmpv6 filter: %s", + strerror(errno)); + } break; default: errno = EPFNOSUPPORT; goto fail_0; @@ -473,6 +502,22 @@ static int raw_setup(void *stv, int sk, const struct param *pp) if (getsockname(sk, &st->me.sa, &sz)) goto fail_0; + /* Only now do some fiddling because Linux doesn't like port numbers in + * IPv6 raw destination addresses... + */ + switch (pp->a.sa.sa_family) { + case AF_INET: + st->srcport = st->me.sin.sin_port; st->me.sin.sin_port = 0; + st->dstport = st->a.sin.sin_port; st->a.sin.sin_port = 0; + break; + case AF_INET6: + st->srcport = st->me.sin6.sin6_port; st->me.sin6.sin6_port = 0; + st->dstport = st->a.sin6.sin6_port; st->a.sin6.sin6_port = 0; + break; + default: + abort(); + } + /* There isn't a portable way to force the DF flag onto a packet through * UDP, or even through raw IP, unless we write the entire IP header * ourselves. This is somewhat annoying, especially since we have an @@ -526,45 +571,92 @@ static int raw_xmit(void *stv, int mtu) struct raw_state *st = stv; unsigned char b[65536], *p; struct ip *ip; + struct ip6_hdr *ip6; struct udphdr *udp; struct phdr ph; + struct phdr6 ph6; unsigned ck; - /* Build the IP header. */ - ip = (struct ip *)b; - ip->ip_v = 4; - ip->ip_hl = sizeof(*ip)/4; - ip->ip_tos = IPTOS_RELIABILITY; - ip->ip_len = sane_htons(mtu); - STEP(st->q); ip->ip_id = htons(st->q); - ip->ip_off = sane_htons(0 | IP_DF); - ip->ip_ttl = 64; - ip->ip_p = IPPROTO_UDP; - ip->ip_sum = 0; - ip->ip_src = st->me.sin.sin_addr; - ip->ip_dst = st->a.sin.sin_addr; - - /* Build a UDP packet in the output buffer. */ - udp = (struct udphdr *)(ip + 1); - udp->uh_sport = st->me.sin.sin_port; - udp->uh_dport = st->a.sin.sin_port; - udp->uh_ulen = htons(mtu - sizeof(*ip)); - udp->uh_sum = 0; - - /* Copy the payload. */ - p = (unsigned char *)(udp + 1); - memcpy(p, buf, mtu - (p - b)); - - /* Calculate the UDP checksum. */ - ph.ph_src = ip->ip_src; - ph.ph_dst = ip->ip_dst; - ph.ph_z = 0; - ph.ph_p = IPPROTO_UDP; - ph.ph_len = udp->uh_ulen; - ck = IPCK_INIT; - ck = ipcksum(&ph, sizeof(ph), ck); - ck = ipcksum(udp, mtu - sizeof(*ip), ck); - udp->uh_sum = htons(ck); + switch (st->a.sa.sa_family) { + + case AF_INET: + + /* Build the IP header. */ + ip = (struct ip *)b; + ip->ip_v = 4; + ip->ip_hl = sizeof(*ip)/4; + ip->ip_tos = IPTOS_RELIABILITY; + ip->ip_len = sane_htons(mtu); + STEP(st->q); ip->ip_id = htons(st->q); + ip->ip_off = sane_htons(0 | IP_DF); + ip->ip_ttl = 64; + ip->ip_p = IPPROTO_UDP; + ip->ip_sum = 0; + ip->ip_src = st->me.sin.sin_addr; + ip->ip_dst = st->a.sin.sin_addr; + + /* Build a UDP packet in the output buffer. */ + udp = (struct udphdr *)(ip + 1); + udp->uh_sport = st->srcport; + udp->uh_dport = st->dstport; + udp->uh_ulen = htons(mtu - sizeof(*ip)); + udp->uh_sum = 0; + + /* Copy the payload. */ + p = (unsigned char *)(udp + 1); + memcpy(p, buf, mtu - (p - b)); + + /* Calculate the UDP checksum. */ + ph.ph_src = ip->ip_src; + ph.ph_dst = ip->ip_dst; + ph.ph_z = 0; + ph.ph_p = IPPROTO_UDP; + ph.ph_len = udp->uh_ulen; + ck = IPCK_INIT; + ck = ipcksum(&ph, sizeof(ph), ck); + ck = ipcksum(udp, mtu - sizeof(*ip), ck); + udp->uh_sum = htons(ck); + + break; + + case AF_INET6: + + /* Build the IP header. */ + ip6 = (struct ip6_hdr *)b; + STEP(st->q); ip6->ip6_flow = htonl(0x60000000 | st->q); + ip6->ip6_plen = htons(mtu - sizeof(*ip6)); + ip6->ip6_nxt = IPPROTO_UDP; + ip6->ip6_hlim = 64; + ip6->ip6_src = st->me.sin6.sin6_addr; + ip6->ip6_dst = st->a.sin6.sin6_addr; + + /* Build a UDP packet in the output buffer. */ + udp = (struct udphdr *)(ip6 + 1); + udp->uh_sport = st->srcport; + udp->uh_dport = st->dstport; + udp->uh_ulen = htons(mtu - sizeof(*ip6)); + udp->uh_sum = 0; + + /* Copy the payload. */ + p = (unsigned char *)(udp + 1); + memcpy(p, buf, mtu - (p - b)); + + /* Calculate the UDP checksum. */ + ph6.ph6_src = ip6->ip6_src; + ph6.ph6_dst = ip6->ip6_dst; + ph6.ph6_len = udp->uh_ulen; + ph6.ph6_z0 = ph6.ph6_z1 = ph6.ph6_z2 = 0; + ph6.ph6_nxt = IPPROTO_UDP; + ck = IPCK_INIT; + ck = ipcksum(&ph6, sizeof(ph6), ck); + ck = ipcksum(udp, mtu - sizeof(*ip6), ck); + udp->uh_sum = htons(ck); + + break; + + default: + abort(); + } /* Send the whole thing off. If we're too big for the interface then we * might need to trim immediately. @@ -586,7 +678,9 @@ static int raw_selproc(void *stv, fd_set *fd_in, struct probestate *ps) struct raw_state *st = stv; unsigned char b[65536]; struct ip *ip; + struct ip6_hdr *ip6; struct icmp *icmp; + struct icmp6_hdr *icmp6; struct udphdr *udp; const unsigned char *payload; ssize_t n; @@ -595,40 +689,89 @@ static int raw_selproc(void *stv, fd_set *fd_in, struct probestate *ps) if (FD_ISSET(st->rawicmp, fd_in)) { if ((n = read(st->rawicmp, b, sizeof(b))) < 0) goto fail_0; - ip = (struct ip *)b; - if (n < sizeof(*ip) || n < sizeof(4*ip->ip_hl) || - ip->ip_v != 4 || ip->ip_p != IPPROTO_ICMP) - goto skip_icmp; - n -= sizeof(4*ip->ip_hl); - - icmp = (struct icmp *)(b + 4*ip->ip_hl); - if (n < sizeof(*icmp) || icmp->icmp_type != ICMP_UNREACH) - goto skip_icmp; - n -= offsetof(struct icmp, icmp_ip); - - ip = &icmp->icmp_ip; - if (n < sizeof(*ip) || - ip->ip_p != IPPROTO_UDP || ip->ip_hl != sizeof(*ip)/4 || - ip->ip_id != htons(st->q) || - ip->ip_src.s_addr != st->me.sin.sin_addr.s_addr || - ip->ip_dst.s_addr != st->a.sin.sin_addr.s_addr) - goto skip_icmp; - n -= sizeof(*ip); - - udp = (struct udphdr *)(ip + 1); - if (n < sizeof(udp) || udp->uh_sport != st->me.sin.sin_port || - udp->uh_dport != st->a.sin.sin_port) - goto skip_icmp; - n -= sizeof(*udp); - - payload = (const unsigned char *)(udp + 1); - if (!mypacketp(ps, payload, n)) goto skip_icmp; - - if (icmp->icmp_code == ICMP_UNREACH_PORT) return (RC_HIGHER); - else if (icmp->icmp_code != ICMP_UNREACH_NEEDFRAG) goto skip_icmp; - else if (icmp->icmp_nextmtu) return (htons(icmp->icmp_nextmtu)); - else return (RC_LOWER); + switch (st->me.sa.sa_family) { + + case AF_INET: + + ip = (struct ip *)b; + if (n < sizeof(*ip) || n < sizeof(4*ip->ip_hl) || + ip->ip_v != 4 || ip->ip_p != IPPROTO_ICMP) + goto skip_icmp; + n -= sizeof(4*ip->ip_hl); + + icmp = (struct icmp *)(b + 4*ip->ip_hl); + if (n < sizeof(*icmp) || icmp->icmp_type != ICMP_UNREACH) + goto skip_icmp; + n -= offsetof(struct icmp, icmp_ip); + + ip = &icmp->icmp_ip; + if (n < sizeof(*ip) || + ip->ip_p != IPPROTO_UDP || ip->ip_hl != sizeof(*ip)/4 || + ip->ip_id != htons(st->q) || + ip->ip_src.s_addr != st->me.sin.sin_addr.s_addr || + ip->ip_dst.s_addr != st->a.sin.sin_addr.s_addr) + goto skip_icmp; + n -= sizeof(*ip); + + udp = (struct udphdr *)(ip + 1); + if (n < sizeof(*udp) || udp->uh_sport != st->srcport || + udp->uh_dport != st->dstport) + goto skip_icmp; + n -= sizeof(*udp); + + payload = (const unsigned char *)(udp + 1); + if (!mypacketp(ps, payload, n)) goto skip_icmp; + + if (icmp->icmp_code == ICMP_UNREACH_PORT) return (RC_HIGHER); + else if (icmp->icmp_code != ICMP_UNREACH_NEEDFRAG) goto skip_icmp; + else if (icmp->icmp_nextmtu) return (htons(icmp->icmp_nextmtu)); + else return (RC_LOWER); + + break; + + case AF_INET6: + icmp6 = (struct icmp6_hdr *)b; + if (n < sizeof(*icmp6) || + (icmp6->icmp6_type != ICMP6_PACKET_TOO_BIG && + icmp6->icmp6_type != ICMP6_DST_UNREACH)) + goto skip_icmp; + n -= sizeof(*icmp6); + + ip6 = (struct ip6_hdr *)(icmp6 + 1); + if (n < sizeof(*ip6) || ip6->ip6_nxt != IPPROTO_UDP || + memcmp(ip6->ip6_src.s6_addr, + st->me.sin6.sin6_addr.s6_addr, 16) || + memcmp(ip6->ip6_dst.s6_addr, + st->a.sin6.sin6_addr.s6_addr, 16) || + (ntohl(ip6->ip6_flow)&0xffff) != st->q) + goto skip_icmp; + n -= sizeof(*ip6); + + udp = (struct udphdr *)(ip6 + 1); + if (n < sizeof(*udp) || udp->uh_sport != st->srcport || + udp->uh_dport != st->dstport) + goto skip_icmp; + n -= sizeof(*udp); + + payload = (const unsigned char *)(udp + 1); + if (!mypacketp(ps, payload, n)) goto skip_icmp; + + if (icmp6->icmp6_type == ICMP6_PACKET_TOO_BIG) + return (ntohs(icmp6->icmp6_mtu)); + else switch (icmp6->icmp6_code) { + case ICMP6_DST_UNREACH_ADMIN: + case ICMP6_DST_UNREACH_NOPORT: + return (RC_HIGHER); + default: + goto skip_icmp; + } + break; + + default: + abort(); + } } + skip_icmp:; /* If we got a reply to the current probe then we're good. If we got an @@ -655,6 +798,8 @@ static const struct probe_ops raw_ops = { #undef OPS_CHAIN #define OPS_CHAIN &raw_ops +#endif + /*----- Doing the job on Linux --------------------------------------------*/ #if defined(linux) @@ -824,9 +969,14 @@ int main(int argc, char *argv[]) #define f_bogus 1u +#ifdef HAVE_GETIFADDRS if ((rawicmp = socket(PF_INET, SOCK_RAW, IPPROTO_ICMP)) < 0 || (rawudp = socket(PF_INET, SOCK_RAW, IPPROTO_UDP)) < 0) rawerr = errno; + if ((rawicmp6 = socket(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6)) < 0 || + (rawudp6 = socket(PF_INET6, SOCK_RAW, IPPROTO_RAW)) < 0) + rawerr6 = errno; +#endif if (setuid(getuid())) abort();