This fixes a couple of occurrences where the src and dst parameters to
ip4_route_src() were swapped. This was most likely due to confusion between
ip_route(src, dst) and ip4_route_src(dst, src)
This was found in a system where LWIP_IPV4_SRC_ROUTING is 0
The UDP case was an application socket bound to INADDR_ANY with
IP_MULTICAST_IF set. Transmits would result in calling ip4_route(dst) where
dst was pcb->local_addr (which was INADDR_ANY) instead of pcb->mcast_ip4.
This resulted in a routing failure
The ICMP issue was found through code analysis only
There were uses of dhcp_release() followed immediately by dhcp_discover() but
dhcp_release() now stops dhcp so discovery would fail, so call dhcp_start()
after release which restarts discovery.
Signed-off-by: Dirk Ziegelmeier <dirk@ziegelmeier.net>
etharp_query() queues packets, instead of sending, if a relevant arp-request is
pending.
Code walks the packet (a pbuf chain) to determine whether any pbufs are marked
'volatile': If so, we cannot simply enqueue the packet, and instead allocate a
new pbuf from RAM, copying the original packet, and enqueueing this new pbuf.
The bug here is that the allocation refers to the tot_len field of a temp pbuf*,
'p', instead of the head, 'q'.
In the case where the first pbuf of the chain is non-volatile but the second pbuf
*is* volatile, then we'll request an allocation that uses the tot_len field of
the second pbuf. If the first pbuf is non-zero length, the allocated pbuf (chain)
will be too small to allow the copy.
Signed-off-by: goldsimon <goldsimon@gmx.de>
while ((q != NULL) && (options[offset] != DHCP_OPTION_END) && (offset < offset_max)) {
should be
while ((q != NULL) && (offset < offset_max) && (options[offset] != DHCP_OPTION_END)) {
See https://jira.reactos.org/browse/CORE-8978 for more info.
Create new function dhcp_release_and_stop() that stops DHCP statemachine and sends release message if needed. Also stops AUTOIP if in coop mode.
Old dhcp_release() and dhcp_stop() function internally call dhcp_release_and_stop() now.
lwIP aims to support zero-copy TX, and thus, must internally handle
all cases that pbufs are referenced rather than copied upon low-level
output. However, in the current situation, the arp/ndp packet queuing
routines conservatively copy entire packets, even when unnecessary in
cases where lwIP is used in a zero-copy compliant manner. This patch
moves the decision whether to copy into a centralized macro, allowing
zero-copy compliant applications to override the macro to avoid the
unnecessary copies. The macro defaults to the safe behavior, though.
- Code duplication with etharp_raw()
- No great effect on perfomance
- May make reworking PBUF handling code more complicated (see bug #49914)
- The check for p->type == PBUF_REF is a strange special case, too
- Simon also voted to remove it
Eliminate ETHADDR32_COPY macro - it cannot be used in ETH_PAD_SIZE case. I could have kept it by defining it to ETHADDR16_COPY in case of ETH_PAD_SIZE, but I did not consider it worth another #ifdef mess.
The code in the for loop checks tmp_group->next == group, so current code
actually checks from the 3rd entry in the linked groups list. Fix it.
Fixes: 5c1dd6a4c6 ("Optimization in igmp_remove_group() pointed out by Axel Lin")
Signed-off-by: Axel Lin <axel.lin@ingics.com>
This commit increments the ip.drop statistic when an IP packet is
dropped due to no matching netif found and forwarding is disabled
This adds parity to the other places where mib2.ipinaddrerrors and
mib2.ipindiscards are incremented which also increment ip.drop
Generally speaking, packets with a loopback destination address -
127.0.0.1 for IPv4 and ::1 for IPv6 - should not be accepted on
non-loopback interfaces. For IPv4, this is implied by RFC 1122
Sec. 3.2.1.3. For IPv6, it is mandated by RFC 4291 Sec. 2.5.3.
Failure to perform this filtering may have security implications, as
applications that bind sockets to loopback addresses may not expect
that nodes on the local external network be able to produce traffic
that will arrive at such sockets.
With this patch, lwIP drops packets that are sent to a loopback
address but do not originate from the interface that has the loopback
address assigned to it. This approach works regardless of whether it
is lwIP or the system using it that implements a loopback netif. The
only exception that must be made is for configurations that enable
netif packet loopback but disable the lwIP loopback netif: in that
case, loopback packets are routed across non-loopback netifs and would
thus be lost by the new filter as well.
For IPv6, loopback-destined packets are also no longer forwarded; the
IPv4 forwarding code already had a check for that.
As a small performance improvement, the IPv6 link-local/loopback
address check is now performed only once per packet rather than
repeatedly for every candidate netif.
In general, netif_default may be NULL, and various places in the code
already check for this case before attempting to dereference the
netif_default pointer. Some places do not perform this check though,
and may cause null pointer dereferences if netif_default is not set.
This patch adds NULL checks to those places as well.
Let lwip use functions/macros prefixed by lwip_ internally to avoid naming clashes with external #includes.
Remove over-complicated #define handling in def.h
Make functions easier to override in cc.h. The following is sufficient now (no more LWIP_PLATFORM_BYTESWAP):
#define lwip_htons(x) <your_htons>
#define lwip_htonl(x) <your_htonl>
commit 8c52afb6ca ("igmp: Optimize code by always skipping the first entry in the linked groups list - it is always the "allsystems" entry")
accidently changes the code logic. it should check groupref rather than group.
Signed-off-by: Axel Lin <axel.lin@ingics.com>
Reasoning:
- Makes code in single-netif case perform better and smaller
- IGMP / MLD6 code is a little bit easier to read and understand
- Easier to get multicast groups per netif when implementing drivers
Downside: In multi-netif mode, there are two more pointers on each netif, even if IGMP/MLD6 is not used on it. But these systems should not be so memory-constrained that this will matter.
When leaving a multicast group, remove the group from the list
before invoking the MAC filter callback. This avoids the need
for the callee to skip over the group that is about to be deleted.
In the BSD socket API world, IP_HDRINCL is a socket option for "raw"
sockets that indicates whether sent packets already include an IP
header. Within lwIP, "IP_HDRINCL" is redefined as a special value
that indicates to lwIP-internal functions that an IP header is already
included. While somewhat related, the two meanings are different and,
on platforms that define the IP_HDRINCL socket option, this results in
a conflict. This patch renames the lwIP one to "LWIP_IP_HDRINCL",
thus resolving the conflict.
Fixes bug #48300 (Private mempools allocate foreign memory), bug #48354 (Portable alignment defines/include required for static allocation) and bug #47092 (Tag memory buffers like memp_memory_xxx and ram_heap with a macro so that attributes can be attached to their definitions)
Signed-off-by: Simon Goldschmidt <goldsimon@gmx.de>
dhcp_discover_request_options is u8_t array, so the result is the same.
But use LWIP_ARRAYSIZE to get the number of array entries is better
because it works for all types.
Signed-off-by: Axel Lin <axel.lin@ingics.com>
The old approach called udp_bind() on each of the PCBs, which puts them into udp_pcbs list. The PCBs were iterated on all non-DHCP udp_inputs() with no effect.
My cleanup removes the special handling in udp.c, and uses only one DHCP UDP PCB to catch all DHCP messages from all netifs. The dhcp_recv function then checks whether ip_current_input_netif() has DHCP enabled - if not, the message is ignored. The PCB is only created/registered when one or more PCBs have DHCP enabled.
In case of IP_REASS_FREE_OLDEST==0, the argument clen of
ip_reass_enqueue_new_datagram() will not used and leads
the compiler to a warning.
Signed-off-by: Stephan Linz <linz@li-pro.net>
When LWIP_RAND is defined, calling LWIP_RAND() is not necessary if max_time <= 2
because group->timer will be set to 1 anyway.
Signed-off-by: Axel Lin <axel.lin@ingics.com>