lwip/contrib/addons/tcp_md5
Erik Ekman 264a5a3e97 Rename IP and Ethernet equality checkers from _cmp to _eq
Functions ending in cmp are expected to return 0 on equality but these
return non-zero.

eth_addr_cmp -> eth_addr_eq

ip_addr_cmp -> ip_addr_eq
ip4_addr_cmp -> ip4_addr_eq
ip6_addr_cmp -> ip6_addr_eq

ip_addr_netcmp -> ip_addr_net_eq
ip4_addr_netcmp -> ip4_addr_net_eq
ip6_addr_netcmp -> ip6_addr_net_eq

ip_addr_cmp_zoneless -> ip_addr_zoneless_eq
ip6_addr_cmp_zoneless -> ip6_addr_zoneless_eq

ip6_addr_cmp_zone -> ip6_addr_zone_eq
ip6_addr_netcmp_zoneless -> ip6_addr_net_zoneless_eq
ip6_addr_nethostcmp -> ip6_addr_nethost_eq
ip6_addr_cmp_packed -> ip6_addr_packed_eq
ip6_addr_cmp_solicitednode -> ip6_addr_solicitednode_eq

All call sites have been changed, and fallback macros have been added to not
break external users.
2020-07-07 18:51:45 +02:00
..
README
tcp_md5.c Rename IP and Ethernet equality checkers from _cmp to _eq 2020-07-07 18:51:45 +02:00
tcp_md5.h Import lwIP contrib rep 2018-10-02 12:19:13 +02:00

This folder provides an example implementation of how to add custom tcp header
options and custom socket options.

It does this by implementing the (seldom used) tcp md5 signature.

To enable it, add an LWIP_HOOK_FILENAME hook file, include tcp_md5.h in it and
define these hooks:

  #define LWIP_HOOK_TCP_INPACKET_PCB(pcb, hdr, optlen, opt1len, opt2, p) tcp_md5_check_inpacket(pcb, hdr, optlen, opt1len, opt2, p)
  #define LWIP_HOOK_TCP_OPT_LENGTH_SEGMENT(pcb, internal_len)            tcp_md5_get_additional_option_length(pcb, internal_len)
  #define LWIP_HOOK_TCP_ADD_TX_OPTIONS(p, hdr, pcb, opts)                tcp_md5_add_tx_options(p, hdr, pcb,  opts)
  #define LWIP_HOOK_SOCKETS_SETSOCKOPT(s, sock, level, optname, optval, optlen, err) tcp_md5_setsockopt_hook(sock, level, optname, optval, optlen, err)

Then, in your sockets application, enable md5 signature on a socket like this:

  struct tcp_md5sig md5;
  struct sockaddr_storage addr_remote; /* Initialize this to remote address and port */
  memcpy(&md5.tcpm_addr, &addr_remote, sizeof(addr_remote));
  strcpy(md5.tcpm_key, key); /* this is the md5 key per connection */
  md5.tcpm_keylen = strlen(key);
  if ((ret = setsockopt(sockfd, IPPROTO_TCP, TCP_MD5SIG, &md5, sizeof(md5))) < 0) {
    perror("setsockopt TCP_MD5SIG");
    return;
  }

After that, your connection (client) or all incoming connections (server) require
tcp md5 signatures.