The overall lwIP design on data flows (netif,udp,tcp) is to use a user
defined callback to get data from stack and a static function to send
data to stack, which makes perfect sense. The SIO port was an exception,
the PPP stack never really used the SIO port by only using the
sio_send() function (and the ignominious sio_read_abort() function a
while back).
The way the SIO port is currently designed adds a tight coupling between
the lwIP port and the user code if the user need to do specific user
code if the current uart used is the PPPoS uart, which is not nice,
especially because all the lwIP stack is quite clean at this subject.
While we are at stabilizing the PPP API, change this behavior before
it's too late by replacing the static sio_write() calls to a user
defined callback.
Added the random seed already used without PPP_MD5_RANDM
as an entropy source when PPP_MD5_RANDM feature is enabled.
(And a little bit of code cleaning for both)
If LWIP_RAND() is available, it is used instead of libc srand()/rand()
if PPP_MD5_RANDM is disabled and it is added as a source of randomness
if PPP_MD5_RANDM is enabled.
A disabled PPP_MD5_RANDM should not be used when challenge are used, but
anyway, improved magic_randomize() so magic_randomseed is not equals to
sys_jiffies() which is pretty useless because that's fully predicable.
The only API difference with and without the PPP_MD5_RANDM support is the
availability of the random_bytes() function. Added a random_bytes()
function on top of magic() when PPP_MD5_RANDM support is not enabled,
thus allowing builds for both cases.
PPP_MD5_RANDM is still enabled by default (it was mandatory) if a protocol
using encryption is enabled, such as CHAP, EAP, or L2TP auth support.
There is no point of calling magic_randomize() for each pppos_input()
call, making magic_randomize() potentially called for each serial input
byte which is quite a bad idea since magic_randomize() is quite
intensive in processing time (MD5 computation) compared to HDLC frame
parsing. There is no entropy added when being called for each input byte
rather than for each valid input packet because byte input is a
monotonic event at the packet level. Well, if packet arrival time is a
valid entropy source even so, which I doubt a lot, but we don't really
have anything else and we really need random for PPP authentication
layers.
Drop input/output packets if we couldn't find a decompressor/compressor,
it can't really happen because we only negotiate what we are able to
compress/decompress, but for the sake of code consistency it makes much
more sense to do so.
We used to modify in place the packet payload during encryption, it works
well for UDP and ICMP but TCP stack requires that we don't change the
packet payload, therefore we now copy the whole packet before encryption.
This commit adds support to send and receive multicast on the loopback
netif by enabling IGMP via NETIF_FLAG_IGMP
This commit also introduces an LwIP configuration option,
LWIP_LOOPIF_MCAST, to control the behavior and it defaults to off
This commit address two issues with sockaddr struct implementations for
IPv6:
1) struct sockaddr_in6 should have 32-bit unsigned field sin6_scope_id
as specified in Section 3.4 of RFC 3493 (Basic Socket Interface
Extensions for IPv6)
2) struct sockaddr is not extended in IPv6 to contain space for
struct sockaddr_in6. Applications should be using struct
sockaddr_storage when needing generic storage. This removes the
extra bytes added when LWIP_IPV6 is defined
the netif_add_ip6_address function was declared err_t in
src/include/lwip/netif.h, but defined as s8_t (the default value of
err_t) in its implementation in src/core/netif.c.
this causes "conflicting types for 'netif_add_ip6_address'" errors if
err_t is defined differently in cc.h (as for example recommended in
[1]).
as it only returns error constants, it is changed to use err_t
throughout.
[1] http://lwip.wikia.com/wiki/Porting_For_Bare_Metal
Writes to offsets pointing to the start of a pbuf in the chain
did nothing and just returned ERR_OK.
Added unit tests to verify the fix, and also
that pbuf_get_at()/pbuf_put_at() handles this case.
When LWIP_HAVE_LOOPIF is enabled, a separate loopback interface is added
as a netif. A netif need to have its link state set to up to be able to be
selected as a route in ip4_route or ip6_route.
The regression appears to be when bug #43904 (ip_route() and ip6_route()
must detect linkup status) was fixed.
Furthermore, there is no point of having the loopif down by default.
This commit fixes a bug in netbuf_destport() where LWIP_NETBUF_RECVINFO is
enabled, but not LWIP_CHECKSUM_ON_COPY is enabled
The flags field is only available when LWIP_CHECKSUM_ON_COPY is enabled. In
this mode, the toport_chksum is dual functioning as storage for port and
checksum
When a client sends an ICMP echo request with ID 0, sequence 0 and
either no data or any amount of 0x00 bytes as data, the checksum in the
reply is wrong (off-by-one).
Expected checksum is 0xffff in that case, observed is 0x0000.
We used a static 4 instead of MEM_ALIGNMENT earlier, however it broke
things for MEM_ALIGNMENT 1 or 2, fixed using a LWIP_MIN(MEM_ALIGNMENT,
4) statement.
When PPP is used over a link which does not guarantee packet ordering,
we might get late MPPE packets. This is a problem because MPPE must be
kept synchronized and the current implementation does not drop them and
rekey 4095 times instead of 0, which is wrong.
In order to prevent rekeying about a whole count space times (~ 4095
times), drop packets which are not within the forward 4096/2 window and
increase sanity error counter.
Check tot_len for ZLB instead of len, it might happens we are just
between 2 pbuf, although almost impossible.
Check buffer is at least 2 byte long before checking address & flags
header.
Most of them were wrong actually. We have to use unsigned int because
C90 only allows int types for bitfields, so we are stuck to 32-bit
bitfields in most cases.
PBUF_LINK_ENCAPSULATION_HLEN support was introduced by 6ef7563f and
missed the fact that header size calculation/reservation using
computation like PBUF_LINK_HLEN + PBUF_IP_HLEN + ... are used all over
the source code. Hopefully fixed all of them.
We need to do VJ compression before CCP/MPPE compression and VJ
decompression after CCP/MPPE decompression. This leads to a massive
rewrite of how we currently handled VJ only in the PPPoS lower protocol
handler.
Moved VJ structures from pppos to ppp_pcb because we need them back in
PPP core. This is a bit unfortunate because that's not necessary for
PPPoE or PPPoL2TP, but, hey!. Fixed CCP+MPPE+VJ order.
We need to know which methods were chosen when CCP is up, this used to be done
using ccp_test() which we are in the process of removing.
Using non-existing method 0 instead of -1 in CCP for unset method, allowing
type change from s16_t to u8_t for method.
Removed mutiple copies of keys by pre-setting MPPE keys during MSCHAP
negotiation.
Improved MPPE init so we don't need to pass a buffer formatted in a
special way to MPPE, this is necessary for pppd to talk to the kernel,
we don't need that here.
MSCHAP was written the old-way, with all functions declared non static in
header, independent of their local or global scope status. Same for local
constants. Reworked in a more mordern way.
We are going to need ppp_pcb* in MSCHAP and MSCHAPv2 for MPPE for
int mppe_keys_set, u_char mppe_send_key and u_char mppe_recv_key
which are currently global variable which must be moved to ppp_pcb.
Removing a bit of redundancy and previous artefact of a generic kernel
interface. Exporting mppe_init() instead of mppe_comp_init() plus
mppe_decomp_init().
We are going to use statically allocated struct ppp_mppe_state through PPP PCB,
removed now useless mppe_alloc() and mppe_free().
Merged mppe_alloc() key copy to mppe_init().
ccp_test() is not only used to test kernel support, but also to set MPPE keys,
we will change that further, but for now, re-add the necessary ccp_test()
Our PPP stack deals with packet without address and control byte nor 2-byte
protocol field, improved mppe_compress() so we don't have to worry about
them.
Our PPP stack deals with packet without address and control byte nor 2-byte
protocol field, improved mppe_compress() so we don't have to worry about
them.
If LWIP_IPV4 is true but PPP_IPV4_SUPPORT is false, we need
a dummy ppp_netif_output_ip4() callback because we don't have
a netif_null_output_ip4() by default like we have for IPv6 with
netif_null_output_ip6().
Removed ppp_singlebuf() in pppol2tp_input(), chained pbuf are perfectly
acceptable for IP data and we are currently supporting them perfectly
for PPPoS. The PPP stack itself (LCP, IPCP et al.) does not support
chained pbuf and is already calling ppp_singlebuf() just before passing
packet to the protocol handler.
Added ppp_singlebuf() in pppol2tp_dispatch_control_packet() because we
do not support chained pbuf in L2TP control packet.
mppe_decompress() now takes a pointer to a pbuf pointer and re-use the
passed buffer for MPPE "decompression". Removed sub protocol handling
which can be shared among all decompressors in ppp.c
Removed ppp_singlebuf() in pppoe_data_input(), chained pbuf are
perfectly acceptable for IP data and we are currently supporting them
perfectly for PPPoS. The PPP stack itself (LCP, IPCP et al.) does not
support chained pbuf and is already calling ppp_singlebuf() just before
passing packet to the protocol handler.
Our PPP stack deals with packet without address and control byte nor 2-byte
protocol field, improved mppe_decompress() so we don't have to worry about
them.
In PPP, we previously know if we are dealing with a IPv4 or a IPv6 packet,
we don't need to use the ip_input() dispatch function, removing a useless
if and reducing call stack by one.
We don't need anymore an input function for ip4 and an input function
for ip6, work to achieve that was partially done by ce7e31cd.
pppol2tp_input() is now only called by pppol2tp_input_ip(), finishing
dual stack support by merging pppol2tp_input_ip() into pppol2tp_input().
Replaced ip4_addr_t to ip_addr_t in pppapi_pppol2tp_create() prototype,
now binding to UDPv6 or UDPv4 depending on the passed ip_addr_t type.
Removed pppol2tp_create_ip6() and pppapi_pppol2tp_create_ip6().
lwip/src/include/lwip/autoip.h:52:1: error: C++ style comments are not allowed in ISO C90 [-Werror]
//#include "lwip/udp.h"
lwip/src/core/ipv4/autoip.c:70:1: error: C++ style comments are not allowed in ISO C90 [-Werror]
//#include "lwip/udp.h"
lwip/src/include/lwip/api.h:239:25: error: declaration of ‘lev’ shadows a previous local [-Werror=shadow]
SYS_ARCH_DECL_PROTECT(lev); \
ip_addr_t is used for all generic IP addresses for the API, ip(4/6)_addr_t are only used internally or when initializing netifs or when calling version-related functions
We don't need "compression" stats on a encryption protocols, as commented
"Since every frame grows by MPPE_OVHD + 2 bytes, this is always going
to look bad ... and the longer the link is up the worse it will get."
This file, which is an unmodified copy of Linux MPPE encoder/decoder, is
licensed under a dual License BSD/GPL model. It was previously in the
pppd source tree and it was removed because this is merged into the Linux
kernel.
We don't need to test our available compression protocols that much, we know
what we are going to be able to use in embedded. Even PPPd don't need that.
Checking only in ccp_resetci() is enough, this way we know our cilen size
before ccp_addci() is called. PPPd is designed that *_addci() can use less
bytes than it previously asked in *_cilen(), we prefer to avoid that here.
We actually don't need at all ccp_test() calls, we know what we are
able to support at compile time, we don't need to ask the kernel like
PPPd does. This is just the first step in ccp_test() removal.
An edge case in out-of-sequence TCP packet processing did not use the
appropriate macro to check if the sender overran the recieve window.
Consequently, this case sometimes evaluated to true when it shouldn't, which
resulted in various bad behavior, including trying to resize a TCP buffer to 4
gigabytes.
Follow-up of the #44565 bug fix, renamed the misnamed
PPP_INPROC_MULTITHREADED to PPP_INPROC_IRQ_SAFE because it is
IRQ safe but not thread safe.
Updated PPP documentation which now clearly state when and how
this feature can be used.
lwip/src/netif/ppp/pppol2tp.c: In function ‘pppol2tp_udp_send’:
lwip/src/netif/ppp/pppol2tp.c:1229:3: warning: ‘err’ may be used uninitialized in this function [-Wmaybe-uninitialized]
return err;
^
Renamed pppos_drop() → pppos_input_drop()
Renamed pppos_free_current_input_packet() → pppos_input_free_current_packet()
Moved pppos_output_last() after pppos_output_append()
Moved pppos_input_free_current_packet() before pppos_input_drop()
We actually allocated a pbuf chain only to iterate later the linked list
calling sio_write() for each pbuf, improved by calling sio_write() when
buffer is full and by recycling the pbuf, therefore only using one pbuf
for PPPoS output path.
Reworked pppos_write() and pppos_netif_output() to share more common
code into pppos_output_append() and pppos_output_last().
If PPP_INPROC_MULTITHREADED is true, then user does not what to use
the TCPIP API. Disabling the TCPIP API helps the user to understand
that PPP_INPROC_MULTITHREADED must not be used if he wish to use
the TCPIP API.
!NO_SYS users may now use as well the TCPIP API for PPPoS input data,
this way they can disable PPP_INPROC_MULTITHREADED and run pppos_input()
inside the lwIP thread, which fixes, at least for them, all the
threading issues related to PPP_INPROC_MULTITHREADED.
If PPP_INPROC_MULTITHREADED is not enabled, we can free unfinished
RX pbuf from the pppos_disconnect() function because pppos_input()
is running in the same context. Thanks to the pppos->open flags we
now only need to free remaining pbuf in the disconnect function
if PPP_INPROC_MULTITHREADED is not enabled.
Don't process input data if PPPoS is closed, it helps using
pppos_input() from a different context to prevent pppos_input() to
modify PPPoS RX machine state on a closed PPPoS session. It also
prevents allocating pbuf (which are going to be tossed out by PPP core)
and parsing serial input on a closed session.
It only mitigates the fact that this function is actually NOT thread
safe in absolutely all cases, it does not fix it but it helps for a low
cost.
For example user application should never call pppos_input() while
pppos_connect() or pppos_listen() is currently running because both of
them are freeing any input pbuf left over from the last session before
resetting the PPPoS state, they really have to to prevent pbuf leaks.
We cannot fix that easily because we don't have spinlock with an
irqsave/irqrestore helper for IRQ contexts. Mutex cannot be used in
interrupt contexts (or again, with an IRQ mutex helper).
We are going to improve the documentation on this point.
Reduced static buffer to the strict necessary (26 bytes), removed
call to eui64_ntoa(), merged eui64_ntoa() into llv6_ntoa().
272 bytes (code + static buffers) to 140 bytes on x86_64.
Improved eui64_ntoa() as well, we don't need it anymore but I'd
like to keep all eui64_* helpers functions.
Set IPv6 link local invalid before clearing it. Don't wait sif6up() to set
the link local valid, netif_ip6_addr_set_state() is only an accessor function
so it does not start any discovery whatsoever.
PPPoS was actually not thread safe, pppos_input() can be called from
lwIP user port at any time, whatever the PPP state is. It might even be
called during pppos_connect() and pppos_listen(), this is quite unlikely
the port do that but nothing prevent the user to since we document
pppos_input() as being thread safe.
Added a mutex if PPP_INPROC_MULTITHREADED is set and ensure pppos_input()
is safe in regard to other pppos_* functions.
Now setting DNS addresses in sdns() using dns_setserver() instead
of keeping a local copy. This is probably the wanted PPP behavior,
we will see if users want this conditional.
This was confusing, recent lwIP changes fixed the meaning as well as
how it is used everywhere, making the administrative status a user-only
controlled flag. Now that it's clear, updated PPP to follow lwIP
core change.
Using netif_set_link_{up,down} instead of netif_set_{up,down} when PPP
reaches/leaves running state. PPP interface is now set to administratively
UP when created with link state down.
lwIP core might send packet when calling netif_set_up(), don't drop packets
anymore in ppp_netif_output_ip4() and ppp_netif_output_ip6() because flags
are cleared.
Only used for debug, reworked in a more clever way. It was actually broken
by design: setting an interface integer into a string without formatting
was quite a dumb idea.
Don't disconnect when we receive a PADT, we let the LCP Echo/Reply find
the fact that PPP session is down. Asking the PPP stack to end the
session require strict checking about the PPP phase to prevent endless
disconnection loops.
Luckily it previously does nothing because PADT frames are rarely sent
with a hunique tag and we only set the sc pointer if we receive a
hunique tag.
Makes it clear we are initiating the PPP session with ppp_connect
(i.e. acting as a PPP client) so there is no confusion possible
between ppp_connect and ppp_listen.
Prepare for PPP_SERVER support, we need to move auth configuration before
lcp_allowoptions is copied into lcp_gotoptions. Restore unused
auth_reset() function using pppd original source code.
We don't need ask_for_local boolean, this is only useful for setup which
can determine the local IP address from the system hostname, which is
probably meaningless for embedded devices (and probably any devices).
It was actually only set by ip_check_options() which is commented out in
lwIP because we don't parse a config file nor check PPP configuration
(user is responsible about writing a configuration which is logical ;-).
Furthermore ask_for_local boolean never set actually had the wrong
default for PPP server setups.
lwip/src/core/netif.c: In function ‘netif_set_ipaddr’:
lwip/src/core/netif.c:403:5: warning: implicit declaration of function ‘udp_netif_ipv4_addr_changed’ [-Wimplicit-function-declaration]
udp_netif_ipv4_addr_changed(&netif->ip_addr, ipaddr);
^
PPP is now pointerful for a while, we don't need anymore accessor functions
for the unique PPP local and static control block. Replaced
ppp_set_netif_statuscallback() and ppp_set_netif_linkcallback() functions to
defines.
Removed pppapi_do_ppp_set_netif_statuscallback() and
pppapi_do_ppp_set_netif_linkcallback(), they were useless because
netif_set_status_callback() and netif_set_link_callback() can be
safely called while PPP status is in dead (= non open) state
and even before the PPP session is actually created at all.
this changes the callback signatures of the ip_output and the
{udp,raw}_recv functions.
changes were made by going through all header files, searching for
occurrences of ip_addr_t, qualifying them as const and if required
modifying the corresponding c files, looking for other uses of ip_addr_t
that would be required.
the following header files were not treated as i'm not using them and
wouldn't see them compiled: api.h api_msg.h dhcp.h dns.h igmp.h
netifapi.h pppapi.h snmp.h snmp_msg.h snmp_structs.h ppp.h pppol2tp.h
test/*
no modifications were done on ip6_addr_t.
pppos_create() can be called whether the modem is ready to process the
PPP session since pppos_create() does not start the PPP session anymore,
moved the advise from pppos_create() to ppp_open().
ppp_sighup() hard change the PPP FSM phase, it ends up with a FSM
mismatch if PPP is currently connecting or disconnecting.
Only do "sighup" on the stable running phase, fallback to the close
method. Handle special DEAD and HOLDOFF states as well.
We can have an IPv6 only PPP interface, checking if6_up instead of if_up fixes
IPv6 only setup.
ppp_netif_output() which were only used for common code between
ppp_netif_output_ip4() and ppp_netif_output_ip6() is not necessary
anymore, removed, reducing call stack by one.
This is now totally useless, it was used for the PPP core code but it is not
used anymore, remove then the user ability to set the PPP error code through
PPPCTLS_ERRCODE.
Removed useless calls to ppp_ioctl(pcb, PPPCTLS_ERRCODE, …), we now assign
pcb->err_code directly instead. ppp_ioctl() is not linked anymore if user
application don't use it.