mirror of
https://github.com/lwip-tcpip/lwip.git
synced 2024-10-05 22:29:49 +00:00
PPP, using PBUF_POOL instead of PBUF_RAM pbufs for PPP negociation packets
PPP stack does not handle chained pbuf, but PPP negociation packets are at most ~40 bytes long, so we are only checking if the payload can fit into the allocated pbuf (p->tot_len == p->len).
This commit is contained in:
parent
b84ab718b0
commit
045ee53468
@ -240,9 +240,13 @@ static void chap_timeout(void *arg) {
|
||||
return;
|
||||
}
|
||||
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(pcb->chap_server.challenge_pktlen), PBUF_RAM);
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(pcb->chap_server.challenge_pktlen), PBUF_POOL);
|
||||
if(NULL == p)
|
||||
return;
|
||||
if(p->tot_len != p->len) {
|
||||
pbuf_free(p);
|
||||
return;
|
||||
}
|
||||
MEMCPY(p->payload, pcb->chap_server.challenge, pcb->chap_server.challenge_pktlen);
|
||||
ppp_write(pcb, p);
|
||||
++pcb->chap_server.challenge_xmits;
|
||||
@ -334,9 +338,13 @@ static void chap_handle_response(ppp_pcb *pcb, int id,
|
||||
/* send the response */
|
||||
mlen = strlen(pcb->chap_server.message);
|
||||
len = CHAP_HDRLEN + mlen;
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN +len), PBUF_RAM);
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN +len), PBUF_POOL);
|
||||
if(NULL == p)
|
||||
return;
|
||||
if(p->tot_len != p->len) {
|
||||
pbuf_free(p);
|
||||
return;
|
||||
}
|
||||
|
||||
outp = p->payload;
|
||||
MAKEHEADER(outp, PPP_CHAP);
|
||||
@ -427,9 +435,13 @@ static void chap_respond(ppp_pcb *pcb, int id,
|
||||
char rname[MAXNAMELEN+1];
|
||||
char secret[MAXSECRETLEN+1];
|
||||
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(RESP_MAX_PKTLEN), PBUF_RAM);
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(RESP_MAX_PKTLEN), PBUF_POOL);
|
||||
if(NULL == p)
|
||||
return;
|
||||
if(p->tot_len != p->len) {
|
||||
pbuf_free(p);
|
||||
return;
|
||||
}
|
||||
|
||||
if ((pcb->chap_client.flags & (LOWERUP | AUTH_STARTED)) != (LOWERUP | AUTH_STARTED))
|
||||
return; /* not ready */
|
||||
|
@ -266,9 +266,13 @@ eap_state *esp;
|
||||
struct pbuf *p;
|
||||
u_char *outp;
|
||||
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN + EAP_HEADERLEN), PBUF_RAM);
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN + EAP_HEADERLEN), PBUF_POOL);
|
||||
if(NULL == p)
|
||||
return;
|
||||
if(p->tot_len != p->len) {
|
||||
pbuf_free(p);
|
||||
return;
|
||||
}
|
||||
|
||||
outp = p->payload;
|
||||
|
||||
@ -297,9 +301,13 @@ eap_state *esp;
|
||||
struct pbuf *p;
|
||||
u_char *outp;
|
||||
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN + EAP_HEADERLEN), PBUF_RAM);
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN + EAP_HEADERLEN), PBUF_POOL);
|
||||
if(NULL == p)
|
||||
return;
|
||||
if(p->tot_len != p->len) {
|
||||
pbuf_free(p);
|
||||
return;
|
||||
}
|
||||
|
||||
outp = p->payload;
|
||||
|
||||
@ -696,10 +704,13 @@ eap_state *esp;
|
||||
return;
|
||||
}
|
||||
|
||||
/* FIXME: improve buffer size */
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(pcb->peer_mru+PPP_HDRLEN), PBUF_RAM);
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PBUF_POOL_BUFSIZE), PBUF_POOL);
|
||||
if(NULL == p)
|
||||
return;
|
||||
if(p->tot_len != p->len) {
|
||||
pbuf_free(p);
|
||||
return;
|
||||
}
|
||||
|
||||
outp = p->payload;
|
||||
|
||||
@ -1059,9 +1070,13 @@ static void eap_send_response(ppp_pcb *pcb, u_char id, u_char typenum, u_char *s
|
||||
int msglen;
|
||||
|
||||
msglen = EAP_HEADERLEN + sizeof (u_char) + lenstr;
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN + msglen), PBUF_RAM);
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN + msglen), PBUF_POOL);
|
||||
if(NULL == p)
|
||||
return;
|
||||
if(p->tot_len != p->len) {
|
||||
pbuf_free(p);
|
||||
return;
|
||||
}
|
||||
|
||||
outp = p->payload;
|
||||
|
||||
@ -1089,9 +1104,13 @@ static void eap_chap_response(ppp_pcb *pcb, u_char id, u_char *hash, char *name,
|
||||
|
||||
msglen = EAP_HEADERLEN + 2 * sizeof (u_char) + MD5_SIGNATURE_SIZE +
|
||||
namelen;
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN + msglen), PBUF_RAM);
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN + msglen), PBUF_POOL);
|
||||
if(NULL == p)
|
||||
return;
|
||||
if(p->tot_len != p->len) {
|
||||
pbuf_free(p);
|
||||
return;
|
||||
}
|
||||
|
||||
outp = p->payload;
|
||||
|
||||
@ -1130,9 +1149,13 @@ int lenstr;
|
||||
int msglen;
|
||||
|
||||
msglen = EAP_HEADERLEN + 2 * sizeof (u_char) + lenstr;
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN + msglen), PBUF_RAM);
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN + msglen), PBUF_POOL);
|
||||
if(NULL == p)
|
||||
return;
|
||||
if(p->tot_len != p->len) {
|
||||
pbuf_free(p);
|
||||
return;
|
||||
}
|
||||
|
||||
outp = p->payload;
|
||||
|
||||
@ -1168,9 +1191,13 @@ u_char *str;
|
||||
|
||||
msglen = EAP_HEADERLEN + 2 * sizeof (u_char) + sizeof (u32_t) +
|
||||
SHA_DIGESTSIZE;
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN + msglen), PBUF_RAM);
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN + msglen), PBUF_POOL);
|
||||
if(NULL == p)
|
||||
return;
|
||||
if(p->tot_len != p->len) {
|
||||
pbuf_free(p);
|
||||
return;
|
||||
}
|
||||
|
||||
outp = p->payload;
|
||||
|
||||
@ -1195,9 +1222,13 @@ static void eap_send_nak(ppp_pcb *pcb, u_char id, u_char type) {
|
||||
int msglen;
|
||||
|
||||
msglen = EAP_HEADERLEN + 2 * sizeof (u_char);
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN + msglen), PBUF_RAM);
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN + msglen), PBUF_POOL);
|
||||
if(NULL == p)
|
||||
return;
|
||||
if(p->tot_len != p->len) {
|
||||
pbuf_free(p);
|
||||
return;
|
||||
}
|
||||
|
||||
outp = p->payload;
|
||||
|
||||
|
@ -706,10 +706,13 @@ static void fsm_sconfreq(fsm *f, int retransmit) {
|
||||
|
||||
f->seen_ack = 0;
|
||||
|
||||
/* FIXME: improve buffer size */
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(pcb->peer_mru+PPP_HDRLEN), PBUF_RAM);
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PBUF_POOL_BUFSIZE), PBUF_POOL);
|
||||
if(NULL == p)
|
||||
return;
|
||||
if(p->tot_len != p->len) {
|
||||
pbuf_free(p);
|
||||
return;
|
||||
}
|
||||
|
||||
/*
|
||||
* Make up the request packet
|
||||
@ -756,9 +759,13 @@ void fsm_sdata(fsm *f, u_char code, u_char id, u_char *data, int datalen) {
|
||||
datalen = pcb->peer_mru - HEADERLEN;
|
||||
outlen = datalen + HEADERLEN;
|
||||
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(outlen + PPP_HDRLEN), PBUF_RAM);
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(outlen + PPP_HDRLEN), PBUF_POOL);
|
||||
if(NULL == p)
|
||||
return;
|
||||
if(p->tot_len != p->len) {
|
||||
pbuf_free(p);
|
||||
return;
|
||||
}
|
||||
|
||||
outp = p->payload;
|
||||
/* if (datalen && data != outp + PPP_HDRLEN + HEADERLEN) -- was only for fsm_sconfreq() */
|
||||
|
@ -1779,9 +1779,14 @@ static int lcp_reqci(fsm *f, u_char *inp, int *lenp, int reject_if_disagree) {
|
||||
* Process all his options.
|
||||
*/
|
||||
next = inp;
|
||||
nakp = pbuf_alloc(PBUF_RAW, (u16_t)(pcb->peer_mru), PBUF_RAM);
|
||||
nakp = pbuf_alloc(PBUF_RAW, (u16_t)(PBUF_POOL_BUFSIZE), PBUF_POOL);
|
||||
if(NULL == nakp)
|
||||
return 0;
|
||||
if(nakp->tot_len != nakp->len) {
|
||||
pbuf_free(nakp);
|
||||
return 0;
|
||||
}
|
||||
|
||||
nakoutp = nakp->payload;
|
||||
rejp = inp;
|
||||
while (l) {
|
||||
|
@ -530,9 +530,13 @@ static void upap_sauthreq(ppp_pcb *pcb) {
|
||||
|
||||
outlen = UPAP_HEADERLEN + 2 * sizeof (u_char) +
|
||||
pcb->upap.us_userlen + pcb->upap.us_passwdlen;
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN +outlen), PBUF_RAM);
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN +outlen), PBUF_POOL);
|
||||
if(NULL == p)
|
||||
return;
|
||||
if(p->tot_len != p->len) {
|
||||
pbuf_free(p);
|
||||
return;
|
||||
}
|
||||
|
||||
outp = p->payload;
|
||||
MAKEHEADER(outp, PPP_PAP);
|
||||
@ -563,9 +567,13 @@ static void upap_sresp(ppp_pcb *pcb, u_char code, u_char id, char *msg, int msgl
|
||||
int outlen;
|
||||
|
||||
outlen = UPAP_HEADERLEN + sizeof (u_char) + msglen;
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN +outlen), PBUF_RAM);
|
||||
p = pbuf_alloc(PBUF_RAW, (u16_t)(PPP_HDRLEN +outlen), PBUF_POOL);
|
||||
if(NULL == p)
|
||||
return;
|
||||
if(p->tot_len != p->len) {
|
||||
pbuf_free(p);
|
||||
return;
|
||||
}
|
||||
|
||||
outp = p->payload;
|
||||
MAKEHEADER(outp, PPP_PAP);
|
||||
|
Loading…
Reference in New Issue
Block a user