Commit Graph

5037 Commits

Author SHA1 Message Date
Axel Lin
141b5def46 tcp_out: Use LWIP_MIN instead of open-coded for better readability
Make the intention of code more clear by using LWIP_MIN instead of open-coded.

Signed-off-by: Axel Lin <axel.lin@ingics.com>
2017-01-16 10:25:10 +01:00
Axel Lin
30aedfc3f7 tcp_out: Fix comment for last_unsent->oversize_left and tcp_pcb.unsent_oversize
Both last_unsent->unsent_oversize and tcp_pcb.unsent_oversized fields are not
exist, fix the comments.

Signed-off-by: Axel Lin <axel.lin@ingics.com>
2017-01-16 08:51:53 +01:00
Dirk Ziegelmeier
df8e404abd Add some parentheses for better code readability in tcp_in.c 2017-01-16 08:51:27 +01:00
Dirk Ziegelmeier
9898d406bc Fix bug #50040: pbuf_alloc(..., 65534, PBUF_RAM) succeeds
Check for integer overflow when calculating memory allocation size
2017-01-15 17:36:33 +01:00
Dirk Ziegelmeier
0043bf78b6 Minor typo fix in tcp_out.c 2017-01-15 16:37:25 +01:00
Axel Lin
e1598b0b11 tcp_out: Fix oversize vs. space assertion test
oversize_used is always 0 at this point, should test oversize instead.

Signed-off-by: Axel Lin <axel.lin@ingics.com>
2017-01-15 16:36:48 +01:00
Dirk Ziegelmeier
861dab5b22 Set lwIP version to 2.0.2 in doxygen script 2017-01-15 09:22:33 +01:00
Dirk Ziegelmeier
5c58e25de5 Minor code readability improvement in mqtt.c 2017-01-15 09:22:13 +01:00
Dirk Ziegelmeier
1d7f375992 Fix compile error in ip6_frag.c
../../../../lwip/src/core/ipv6/ip6_frag.c: In function ‘ip6_reass’:
../../../../lwip/src/core/ipv6/ip6_frag.c:567:7: error: ISO C90 forbids mixed declarations and code [-Werror=pedantic]
2017-01-14 09:31:06 +01:00
Dirk Ziegelmeier
92511f4711 Fix part 2 of bug #50042: ETHADDR16_COPY from netif->hwaddr
Eliminate ETHADDR32_COPY macro - it cannot be used in ETH_PAD_SIZE case. I could have kept it by defining it to ETHADDR16_COPY in case of ETH_PAD_SIZE, but I did not consider it worth another #ifdef mess.
2017-01-13 08:18:33 +01:00
Dirk Ziegelmeier
6748aa0818 Fix part 1 of bug #50042: ETHADDR16_COPY from netif->hwaddr
Rearrange struct netif to group more u8_t values together which may result in smaller struct netif on 32 bit systems
2017-01-13 08:06:50 +01:00
Dirk Ziegelmeier
bc583c993a Add comment about my fix to bug #47512: MPU_COMPATIBLE may fail on empty pool to api_lib.c
Code looks like it could be optimized, but it can not!
2017-01-12 16:36:17 +01:00
Axel Lin
2c3538cb8f IPv6: Fix compile error of ip6_frag.c
Fix below compile error:
../../../../lwip/src/core/ipv6/ip6_frag.c: In function ‘ip6_reass’:
../../../../lwip/src/core/ipv6/ip6_frag.c:533:20: error: declaration of ‘next_pbuf’ shadows a previous local [-Werror=shadow]
       struct pbuf* next_pbuf = iprh->next_pbuf;
                    ^~~~~~~~~
../../../../lwip/src/core/ipv6/ip6_frag.c:272:20: note: shadowed declaration is here
   struct pbuf *q, *next_pbuf;
                    ^~~~~~~~~
cc1: all warnings being treated as errors
../Common.mk:93: recipe for target 'ip6_frag.o' failed
make: *** [ip6_frag.o] Error 1

Fixes: 7cedf7ae71 ("IPv6: fragment reassembly fixes")
Signed-off-by: Axel Lin <axel.lin@ingics.com>
2017-01-11 16:16:41 +01:00
David van Moolenbroek
9713baea55 ip6: improve length checks for extension headers
Malformed packets could cause the extension header iteration code to
read from up to two bytes beyond the end of the packet's first pbuf.
2017-01-11 14:05:24 +01:00
David van Moolenbroek
7cedf7ae71 IPv6: fragment reassembly fixes
This patch aims to fix three closely related issues.

o The implementation of IPV6_FRAG_COPYHEADER was fundamentally
  incompatible with the presence of extension headers between the
  IPv6 header and the Fragment Header. This patch changes the
  implementation to support such extension headers as well, with
  pretty much the same memory requirements. As a result, we can
  remove the check that prevented such packets from being reassembled
  in all cases, even with IPV6_FRAG_COPYHEADER off.

o Given that temporary data is stored in the Fragment Header of
  packets saved for the purpose of reassembly, but ICMPv6 "Fragment
  Reassembly Time Exceeded" packets contain part of the original
  packet, such ICMPv6 packets could actually end up containing part
  of the temporary data, which may even include a pointer value. The
  ICMPv6 packet should contain the original, unchanged packet, so
  save the original header data before overwriting it even if
  IPV6_FRAG_COPYHEADER is disabled. This does add some extra memory
  consumption.

o Previously, the reassembly would leave the fragment header in the
  reassembled packet, which is not permitted by RFC 2460 and prevents
  reassembly of particularly large packets (close to 65535 bytes
  after reassembly). This patch gets rid of the fragment header. It
  does require an implementation of memmove() for that purpose.

Note that this patch aims to improve correctness.  Future changes
might restore some of the previous functionality in order to regain
optimal performance for certain cases (at the cost of more code).
2017-01-11 14:05:22 +01:00
Dirk Ziegelmeier
b17c050861 Fix compile of my last change in httpd_opts.h (use of undefined preprocessor macro) 2017-01-11 12:28:09 +01:00
Dirk Ziegelmeier
2b1ebda6f1 Minor correction to last patch: Avoid #including socket.h in api_msg.c 2017-01-11 12:27:30 +01:00
Knut Andre Tidemann
5e9df2c698 lwip: fix broken default ICMPv6 handling of checksums.
ICMPv6 should always have checksum generated for it as per RFC 3542
chapter 3.1.
2017-01-11 12:24:15 +01:00
Dirk Ziegelmeier
f8ef8c48f7 Simplify HTTPD #include path handling
- Move fsdata.h content to lwip/apps/fs.h -> no #include path needed any more to src/apps/httpd/
- Create a #define to specify fsdata file name. One can use path in there now, e.g. "../mywebserver/mkfsdata_output.c" -> no #include path needed any more to location of generated file
2017-01-11 10:59:15 +01:00
Dirk Ziegelmeier
a038e1502f Add David's IPv6 improvements to CHANGELOG 2017-01-11 08:42:40 +01:00
Dirk Ziegelmeier
2e265310c4 Fix (bogus) MSVC 2010 warning about uninitialized variable usage in ip6.c
It's wrong because the variables are initialized during first loop iteration due to best_addr == NULL
2017-01-11 08:08:05 +01:00
David van Moolenbroek
713146eeba nd6: cull destination cache on router removal
As per RFC requirements, upon removing a router from the default
router list, remove any entries pointing to it from the destination
cache. While here, synchronize timing out entries in the default
router list with the rest of the timer code.

When removing a netif, clear the destination cache altogether
in order to prevent more general inconsistency. When this happens,
the entries for other netifs will have to be rebuilt, but removing
netifs should be sufficiently rare that this is not worth optimizing.
2017-01-11 07:54:17 +01:00
David van Moolenbroek
a1130f8c7b nd6: some work on basic RFC 4861 compliance
The current ND implementation does not yet implement the most basic
required ('MUST') checks for message validation and generation.

- implement some of the required checks for message validation;
- document the remaining missing message validation checks;
- hardcode the hop limit of Neighbor Discovery messages rather than
  having it depend on lwIP configuration which, if changed, would
  cause all of ND to cease working.
2017-01-11 07:54:15 +01:00
David van Moolenbroek
0b9d7a386c ip6: improve source address selection
The introduction of address lifetimes also means that lwIP correctly
supports transitions between PREFERRED and DEPRECATED address states,
and that means that the source address selection must be changed to
take this into account. Adding this feature to the previous algorithm
would have resulted in a mess, so this patch rewrites the algorithm to
stay close to the rules described in RFC 6724 (formerly 3484) Sec. 5.
This yields the following changes:

- Rule 2 ("prefer appropriate scope") is now fully implemented, most
  importantly allowing larger-scope addresses to be picked if no
  smaller-scope addresses are available (e.g., a global address may
  now be used to connect to a unique-local address);
- Rule 3 ("avoid deprecated addresses") is now also fully implemented;
- unknown-scope addresses are also supported, with lowest priority;
- the link between the prescribed rules and the actual algorithm is
  made much more explicit, hopefully allowing future improvements to
  be made more easily.

For reasons explained in comments, one previous deviation from the RFC
on Rule 2 is retained for now.
2017-01-11 07:54:14 +01:00
David van Moolenbroek
08de0e9617 ip6/nd6: route using on-link prefixes, not addresses
As laid out in RFC 5942, the assumption that a dynamically assigned
(SLAAC/DHCPv6) address implies an on-link subnet, is wrong. lwIP does
currently make that assumption, routing packets according to local
address subnets rather than the on-link prefix list. The result is
that packets may not make it to their destination due to incorrect
routing decisions.

This patch changes the routing algorithms to be (more) compliant with
RFC 5942, by implementing the following new routing policies:

- all routing decisions check the on-link prefix list first, and
  select a default router for off-link routing only if there is no
  matching entry in the on-link prefix list;
- dynamically assigned addresses (from address autoconfiguration) are
  considered /128 assignments, and thus, no routing decisions are taken
  based on matches against their (/64) subnet anymore;
- more generally, all addresses that have a lifetime are considered
  dynamically assigned and thus of size /128, which is the required
  behavior for externally implemented SLAAC clients and DHCPv6;
- statically assigned (i.e., manually configured) addresses are still
  considered /64 assignments, and thus, their associated subnet is
  considered for routing decisions, in order to behave as generally
  expected by end users and to retain backward compatibility;
- the link-local address in IPv6 address slot #0 is considered static
  and thus has no lifetime and an implied /64 subnet, although link-
  local routing is currently always handled separately anyway.

IPv6 source address selection is kept as is, as the subnet tests in
the algorithm serve as poor man's longest-common-prefix equivalent
there (RFC 6724 Sec. 5, Rule 8).
2017-01-11 07:54:12 +01:00
David van Moolenbroek
22c2fd1b58 nd6: improve router selection
Previously, IPv6 routing could select a next-hop router on a netif
that was down or disconnected, potentially resulting in packets being
dropped unnecessarily. This patch changes router selection to take
into account the state of the router's associated netif, eliminating
such unnecessary packet loss.

Also, this patch fixes the test for router validity, which was
erroneously based on the router's invalidation timer rather than its
neighbor cache entry state. Given that an expired router has no
associated neighbor cache entry, no invalid routers would previously
ever be returned.

Finally, this patch also adds round-robin selection of routers that
are not known to be reachable or probably reachable, as per RFC 4861
Sec. 6.3.6 point (2). Support for this feature was partially present
but not actually functional.
2017-01-11 07:54:10 +01:00
David van Moolenbroek
901664eca1 netif: more ip6 state changes invoke status callback
For applications that use NETIF_STATUS_CALLBACK to help keep track of
extra per-address shadow state of IPv6 addresses, even in the light of
autogenerated addresses (which may "spontaneously" appear/disappear),
state transitions between tentative, duplicated, and invalid are
important as well. Therefore, invoke the status callback for all such
state transitions. Continue to filter out state changes between
various levels of progress of the tentative state, though.
2017-01-11 07:54:09 +01:00
David van Moolenbroek
d99334573b nd6: fix Duplicate Address Detection
Previously, Duplicate Address Detection (DAD) would work only for the
link-local address. For DAD-spawned Neighbor Solicitation requests for
any other address, the request would use the link-local address as the
source, meaning the other side would send a targeted reply (RFC 4861
Sec. 7.2.4). However, the nd6 implementation currently does not
consider targeted replies for DAD--even though technically an RFC 4862
Sec. 5.4.4 violation--supposedly because no real-world scenario could
trigger that case. The combination of these factors resulted in DAD
being entirely ineffective for non-link-local addresses.

This patch forces all DAD-spawned Neighbor Solicitation packets to use
the unspecified ('any') address as source, as per RFC 4862 Sec. 5.4.2.
As a result, other nodes would reply with multicast replies, for which
there is appropriate DAD checking code.

The patch also makes a slight rearrangement of statements such that
MLD join messages are sent before the NS packets, rather than after.
2017-01-11 07:54:07 +01:00
David van Moolenbroek
2ff04a931a nd6: check link status before sending packets
In the cases that nd6 checks whether the interface is up before
sending a packet, also check whether the link is up.  Without this
additional check, temporary link downtime could easily result in
unnecessary false negatives for Duplicate Address Detection.

In addition, use the netif abstraction macros to perform the checks.
2017-01-11 07:54:05 +01:00
David van Moolenbroek
e0c5e1988f nd6: improve address autoconfiguration support
In summary, this patch aims to resolve bugs #47923 and #48162, by
decoupling address autoconfiguration from the on-link prefix list,
since those are not related. Important necessary changes are needed
to meet this goal, ultimately bringing the lwIP ND6 implementation
closer to compliance with RFC 4862. The main changes are:

  1. support for address lifetimes, and,
  2. addition of a new DUPLICATED address state.

The decoupling implies that the prefix list can no longer be used to
maintain state for address autoconfiguration. Most importantly, the
lifetime of each address, which was previously derived from the
prefix slot's lifetime, must now be associated with the address
itself. This patch implements address lifetime tracking, maintaining
both a valid and a preferred lifetime for each address, along with
the corresponding address state changes (e.g., between PREFERRED and
DEPRECATED), all as required by RFC 4862.

The support for address lifetimes can be enabled with a new
LWIP_IPV6_ADDRESS_LIFETIMES setting in lwipopts.h. It is required for
autoconfiguration and enabled by default if autoconfiguration is
enabled as well, but it may also be enabled separately, so as to allow
application-controlled lifetime management (e.g., if autoconfiguration
is implemented in a separate application). A special valid-lifetime of
zero is used to denote a static address--that is, an address that was
configured manually, that does not have lifetimes, and that should be
left alone by the autoconfiguration functionality. Addresses assigned
without setting a lifetime are deemed static, thus preserving
compatibility with existing lwIP-based applications in this respect.

Similarly, the decoupling implies that the prefix list can no longer
be used to remember cases of address duplication. Previously, the
detection of a duplicated address would simply result in removal of
the address altogether. Instead, this patch introduces a new state
"DUPLICATED", indicating that the address, while technically still
present, has been found to conflict with other node addresses, and no
attempt should be made to produce an autoconfiguration address for
that prefix.

Manually added addresses, including the link-local address, once set
to DUPLICATED, will remain in that state until manual intervention.
Autoconfigured DUPLICATED addresses will expire according to their
valid-lifetime, essentially preserving the current behavior but
without the use of the prefix list. As a first attempt to approach
compliance with RFC 4862 Sec. 5.4.5, if the link-local address is
detected to be duplicated, all derived addresses are marked duplicated
as well, and no new addresses will be autoconfigured. More work is to
be done for full compliance with that section, however.

Together, those two main changes indeed do fully decouple address
autoconfiguration from the on-link prefix list. Changes to the latter
thus no longer affect the former, resolving bug #47923. Moreover, as a
result, autoconfiguration can, and does, now also take place on
advertised prefixes that do not have the on-link flag set, resolving
bug #48162. The routing changes mentioned in the discussion of that
bug are left to a separate patch, though.
2017-01-11 07:54:03 +01:00
Dirk Ziegelmeier
3cc7b319d9 Add MQTT to CHANGELOG (too late for 2.0.1 release...) 2017-01-08 19:45:28 +01:00
Dirk Ziegelmeier
19f075a92a Put 2.0.1 version tag in UPGRADING document 2017-01-08 19:33:52 +01:00
Dirk Ziegelmeier
e3435401f1 Add David's changes from patch #9208 to CHANGELOG 2017-01-08 19:29:46 +01:00
David van Moolenbroek
b59472cf63 raw: core support for IP_HDRINCL socket option
This patch adds a new RAW_FLAGS_HDRINCL flag to the raw core
implementation. When this flag is set on a RAW PCB, the raw send
routines expect the caller to supply an IP header for the given
packet, and will use that IP header instead of prepending one to
the packet themselves.

This feature allows the IP_HDRINCL socket option to be implemented
in higher layers with no further effort. Even thoguh that option is
traditionally supported for IPv4 sockets only (e.g., see RFC 3542
Sec. 3), the RAW_FLAGS_HDRINCL flag supports both IPv4 and IPv6, as
much of the lower-level infrastructure was already in place anyway.
2017-01-08 19:26:30 +01:00
David van Moolenbroek
162cc4d343 raw: split off raw_sendto_if_src() from raw_sendto()
Similar to the core UDP API, the new function may be used to implement
IPV6_PKTINFO (RFC 3542 Sec. 4), for example. This patch makes no
further functional changes; it merely moves code around a bit.
2017-01-08 19:26:24 +01:00
David van Moolenbroek
aea7062223 raw: extend support for connected sockets
The support for connecting raw sockets is extended to match the
support for UDP sockets, while keeping the current API unchanged:

- for connected sockets, filter incoming packets on source address;
- use a flag to indicate whether a socket is connected, at no extra
  memory cost; the application may check this flag if needed;
- added raw_disconnect(), which so far existed in documentation only.
2017-01-08 19:26:19 +01:00
Dirk Ziegelmeier
52f448978f MQTT: Add check that WILL topic length must be > 0 2017-01-08 19:08:54 +01:00
Dirk Ziegelmeier
6d5ddb7139 MQTT: Fix possible bug in connect message generation that WILL flag can be set without appending a will message
The boolean condition of setting the WILL flag differs from that of appending the will message
Found by Axel Lin
(I fixed it the same way as Axel suggested, but I wanted a different commit message)
2017-01-08 19:07:43 +01:00
Axel Lin
a2915b7142 mqtt: Slightly improve mqtt_create_request
Mainly for better readability, also save NULL test while iterating the for loop.

Signed-off-by: Axel Lin <axel.lin@ingics.com>
2017-01-07 20:39:41 +01:00
Axel Lin
7faa4bcbe2 mqtt: Prevent NULL pointer dereference before assertion checking
Signed-off-by: Axel Lin <axel.lin@ingics.com>
2017-01-06 12:15:03 +01:00
Erik Ekman
6c9a9b9d99 Remove duplicate netif_dhcp_data() macro
Fix compilation of unit tests
2017-01-05 21:14:43 +01:00
Dirk Ziegelmeier
02eec304c3 Update version to 2.0.2 DEVELOPMENT in master branch 2017-01-05 15:03:09 +01:00
Dirk Ziegelmeier
3a20ae3830 Add missing #include in netdb.c for atoi() 2017-01-05 08:55:12 +01:00
Dirk Ziegelmeier
0ffaccaec3 Add missing #include in httpd.c for atoi() 2017-01-05 08:53:26 +01:00
Dirk Ziegelmeier
e94c9ffa70 Fix warning about bad cast in pbuf_skip() 2017-01-05 08:14:39 +01:00
Dirk Ziegelmeier
72316bdb5b Move macros to access DHCP and AUTOIP data to headers, users may want to access the members 2017-01-05 08:09:00 +01:00
Dirk Ziegelmeier
803a711e6a Fix warning that local variable may be used uninitialized in mem.c 2017-01-05 08:07:41 +01:00
sg
8760fb677f fixed warnings in mdns unit tests 2017-01-04 15:25:52 +01:00
Erik Ekman
d2631e6a53 mqtt: Fix pedantic enum warning
src/apps/mqtt/mqtt.c:81:17: error: comma at end of enumerator list [-Werror=pedantic]
2017-01-04 00:24:00 +01:00
Dirk Ziegelmeier
4059748b47 I was not satisfied with the previous debugging options structure. Improve it again. 2017-01-02 19:50:46 +01:00