diff options
author | Lorenzo Colitti <lorenzo@google.com> | 2014-02-09 10:35:38 +0900 |
---|---|---|
committer | Lorenzo Colitti <lorenzo@google.com> | 2014-02-22 12:46:06 +0900 |
commit | 57d480d2b425ef20d8b6f84abd4e9e3209fa9422 (patch) | |
tree | 1d4d53278970b0681042e4f10ef44c1c5334bc5f /ipv4.c | |
parent | 07f0265830fcae2632159e9993b93a161d7ea23b (diff) | |
download | android_external_android-clat-57d480d2b425ef20d8b6f84abd4e9e3209fa9422.tar.gz android_external_android-clat-57d480d2b425ef20d8b6f84abd4e9e3209fa9422.tar.bz2 android_external_android-clat-57d480d2b425ef20d8b6f84abd4e9e3209fa9422.zip |
Support translating fragmented packets.
Bug: 11542311
Change-Id: I14a20b9ac669cdb5927f6ac26147bb0109099497
Diffstat (limited to 'ipv4.c')
-rw-r--r-- | ipv4.c | 33 |
1 files changed, 20 insertions, 13 deletions
@@ -57,7 +57,8 @@ int icmp_packet(clat_packet out, int pos, const struct icmphdr *icmp, uint32_t c int ipv4_packet(clat_packet out, int pos, const char *packet, size_t len) { const struct iphdr *header = (struct iphdr *) packet; struct ip6_hdr *ip6_targ = (struct ip6_hdr *) out[pos].iov_base; - uint16_t frag_flags; + struct ip6_frag *frag_hdr; + size_t frag_hdr_len; uint8_t nxthdr; const char *next_header; size_t len_left; @@ -69,12 +70,6 @@ int ipv4_packet(clat_packet out, int pos, const char *packet, size_t len) { return 0; } - frag_flags = ntohs(header->frag_off); - if(frag_flags & IP_MF) { // this could theoretically be supported, but isn't - logmsg_dbg(ANDROID_LOG_ERROR, "ip_packet/more fragments set, dropping"); - return 0; - } - if(header->ihl < 5) { logmsg_dbg(ANDROID_LOG_ERROR, "ip_packet/ip header length set to less than 5: %x", header->ihl); return 0; @@ -111,20 +106,32 @@ int ipv4_packet(clat_packet out, int pos, const char *packet, size_t len) { fill_ip6_header(ip6_targ, 0, nxthdr, header); out[pos].iov_len = sizeof(struct ip6_hdr); - // Calculate the pseudo-header checksum. + /* Calculate the pseudo-header checksum. + * Technically, the length that is used in the pseudo-header checksum is the transport layer + * length, which is not the same as len_left in the case of fragmented packets. But since + * translation does not change the transport layer length, the checksum is unaffected. + */ old_sum = ipv4_pseudo_header_checksum(header, len_left); new_sum = ipv6_pseudo_header_checksum(ip6_targ, len_left, nxthdr); - if (nxthdr == IPPROTO_ICMPV6) { - iov_len = icmp_packet(out, pos + 1, (const struct icmphdr *) next_header, new_sum, len_left); + // If the IPv4 packet is fragmented, add a Fragment header. + frag_hdr = (struct ip6_frag *) out[pos + 1].iov_base; + frag_hdr_len = maybe_fill_frag_header(frag_hdr, ip6_targ, header); + out[pos + 1].iov_len = frag_hdr_len; + + if (frag_hdr_len && frag_hdr->ip6f_offlg & IP6F_OFF_MASK) { + // Non-first fragment. Copy the rest of the packet as is. + iov_len = generic_packet(out, pos + 2, next_header, len_left); + } else if (nxthdr == IPPROTO_ICMPV6) { + iov_len = icmp_packet(out, pos + 2, (const struct icmphdr *) next_header, new_sum, len_left); } else if (nxthdr == IPPROTO_TCP) { - iov_len = tcp_packet(out, pos + 1, (const struct tcphdr *) next_header, old_sum, new_sum, + iov_len = tcp_packet(out, pos + 2, (const struct tcphdr *) next_header, old_sum, new_sum, len_left); } else if (nxthdr == IPPROTO_UDP) { - iov_len = udp_packet(out, pos + 1, (const struct udphdr *) next_header, old_sum, new_sum, + iov_len = udp_packet(out, pos + 2, (const struct udphdr *) next_header, old_sum, new_sum, len_left); } else if (nxthdr == IPPROTO_GRE) { - iov_len = generic_packet(out, pos + 1, next_header, len_left); + iov_len = generic_packet(out, pos + 2, next_header, len_left); } else { #if CLAT_DEBUG logmsg_dbg(ANDROID_LOG_ERROR, "ip_packet/unknown protocol: %x",header->protocol); |