src - OpenBSD base system

diff options


context:
space:
mode:

author	David Gwynne <dlg@cvs.openbsd.org>	2018-11-14 01:06:07 +0000
committer	David Gwynne <dlg@cvs.openbsd.org>	2018-11-14 01:06:07 +0000
commit	ed5ddbaf2258dc9677c6256f9ea795dd9d08d43d (patch)
tree	74736bb82a9312c545a7588f0eb2b5adfc2c1690 /sys
parent	cae5fbd672c566472ea386fe624440e6cfbd42cf (diff)

according to ip_ipip.c, rfc1853 says not to copy the ttl on decapsulation

rfc1853 is about IP in IP Tunneling. rfc2003 about IP Encapsulation within IP agrees.

Diffstat (limited to 'sys')

-rw-r--r--

sys/net/if_gif.c

-rw-r--r--

sys/net/if_gre.c

2 files changed, 6 insertions, 33 deletions

diff --git a/sys/net/if_gif.c b/sys/net/if_gif.c
index ccba25467dc..33881e183e3 100644
--- a/sys/net/if_gif.c
+++ b/sys/net/if_gif.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: if_gif.c,v 1.119 2018/11/13 01:16:31 dlg Exp $ */

+/* $OpenBSD: if_gif.c,v 1.120 2018/11/14 01:06:06 dlg Exp $ */

/* $KAME: if_gif.c,v 1.43 2001/02/20 08:51:07 itojun Exp $ */

@@ -129,7 +129,7 @@ int gif_del_tunnel(struct gif_softc *);

int in_gif_output(struct ifnet *, int, struct mbuf **);

int in6_gif_output(struct ifnet *, int, struct mbuf **);

int gif_input(struct gif_tunnel *, struct mbuf **, int *, int, int,

- uint8_t, uint8_t);

+ uint8_t);

* gif global variable definitions

@@ -712,7 +712,7 @@ in_gif_input(struct mbuf **mp, int *offp, int proto, int af)

key.t_src4 = ip->ip_dst;

key.t_dst4 = ip->ip_src;

- rv = gif_input(&key, mp, offp, proto, af, ip->ip_ttl, ip->ip_tos);

+ rv = gif_input(&key, mp, offp, proto, af, ip->ip_tos);

if (rv == -1)

rv = ipip_input(mp, offp, proto, af);

@@ -737,8 +737,7 @@ in6_gif_input(struct mbuf **mp, int *offp, int proto, int af)

flow = ntohl(ip6->ip6_flow);

- rv = gif_input(&key, mp, offp, proto, af, ip6->ip6_hlim,

- flow >> 20);

+ rv = gif_input(&key, mp, offp, proto, af, flow >> 20);

if (rv == -1)

rv = ipip_input(mp, offp, proto, af);

@@ -768,13 +767,12 @@ gif_find(const struct gif_tunnel *key)

int

gif_input(struct gif_tunnel *key, struct mbuf **mp, int *offp, int proto,

- int af, uint8_t ttl, uint8_t otos)

+ int af, uint8_t otos)

{

struct mbuf *m = *mp;

struct gif_softc *sc;

struct ifnet *ifp;

void (*input)(struct ifnet *, struct mbuf *);

- int ttloff;

uint8_t itos;

/* IP-in-IP header is caused by tunnel mode, so skip gif lookup */

@@ -811,7 +809,6 @@ gif_input(struct gif_tunnel *key, struct mbuf **mp, int *offp, int proto,

m->m_pkthdr.ph_family = AF_INET;

input = ipv4_input;

- ttloff = offsetof(struct ip, ip_ttl);

break;

}

#ifdef INET6

@@ -833,7 +830,6 @@ gif_input(struct gif_tunnel *key, struct mbuf **mp, int *offp, int proto,

m->m_pkthdr.ph_family = AF_INET6;

input = ipv6_input;

- ttloff = offsetof(struct ip6_hdr, ip6_hlim);

break;

}

#endif /* INET6 */

@@ -841,7 +837,6 @@ gif_input(struct gif_tunnel *key, struct mbuf **mp, int *offp, int proto,

case IPPROTO_MPLS:

m->m_pkthdr.ph_family = AF_MPLS;

input = mpls_input;

- ttloff = 3;

break;

#endif /* MPLS */

default:

@@ -850,14 +845,6 @@ gif_input(struct gif_tunnel *key, struct mbuf **mp, int *offp, int proto,

m_adj(m, *offp);

- if (sc->sc_ttl == -1) {

- m = *mp = m_pullup(m, ttloff + 1);

- if (m == NULL)

- return (IPPROTO_DONE);

- *(m->m_data + ttloff) = ttl;

- }

ifp = &sc->sc_if;

m->m_flags &= ~(M_MCAST|M_BCAST);

diff --git a/sys/net/if_gre.c b/sys/net/if_gre.c
index 2059ee9b705..5c15685a617 100644
--- a/sys/net/if_gre.c
+++ b/sys/net/if_gre.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: if_gre.c,v 1.136 2018/11/13 00:03:18 dlg Exp $ */

+/* $OpenBSD: if_gre.c,v 1.137 2018/11/14 01:06:06 dlg Exp $ */

/* $NetBSD: if_gre.c,v 1.9 1999/10/25 19:18:11 drochner Exp $ */

@@ -881,7 +881,6 @@ gre_input(struct mbuf **mp, int *offp, int type, int af)

/* XXX check if ip_src is sane for nvgre? */

key.t_af = AF_INET;

- key.t_ttl = ip->ip_ttl;

key.t_src4 = ip->ip_dst;

key.t_dst4 = ip->ip_src;

@@ -904,7 +903,6 @@ gre_input6(struct mbuf **mp, int *offp, int type, int af)

/* XXX check if ip6_src is sane for nvgre? */

key.t_af = AF_INET6;

- key.t_ttl = ip6->ip6_hlim;

key.t_src6 = ip6->ip6_dst;

key.t_dst6 = ip6->ip6_src;

@@ -985,7 +983,6 @@ gre_input_key(struct mbuf **mp, int *offp, int type, int af,

void (*input)(struct ifnet *, struct mbuf *);

int bpf_af = AF_UNSPEC; /* bpf */

int mcast = 0;

- int ttloff;

if (!gre_allow)

goto decline;

@@ -1089,7 +1086,6 @@ gre_input_key(struct mbuf **mp, int *offp, int type, int af,

#if NBPFILTER > 0

bpf_af = AF_INET;

#endif

- ttloff = offsetof(struct ip, ip_ttl);

input = ipv4_input;

break;

#ifdef INET6

@@ -1097,7 +1093,6 @@ gre_input_key(struct mbuf **mp, int *offp, int type, int af,

#if NBPFILTER > 0

bpf_af = AF_INET6;

#endif

- ttloff = offsetof(struct ip6_hdr, ip6_hlim);

input = ipv6_input;

break;

#endif

@@ -1109,7 +1104,6 @@ gre_input_key(struct mbuf **mp, int *offp, int type, int af,

#if NBPFILTER > 0

bpf_af = AF_MPLS;

#endif

- ttloff = 3; /* XXX */

input = mpls_input;

break;

#endif

@@ -1133,14 +1127,6 @@ gre_input_key(struct mbuf **mp, int *offp, int type, int af,

tunnel = ifp->if_softc; /* gre and mgre tunnel info is at the front */

- if (tunnel->t_ttl == -1) {

- m = m_pullup(m, ttloff + 1);

- if (m == NULL)

- return (IPPROTO_DONE);

- *(m->m_data + ttloff) = key->t_ttl;

- }

if (tunnel->t_key_mask == GRE_KEY_ENTROPY) {

m->m_pkthdr.ph_flowid = M_FLOWID_VALID |

(bemtoh32(&key->t_key) & ~GRE_KEY_ENTROPY);