af4db615f5
socket/dhcp: Use random transaction_id instead of sequential.
...
This is a minor security improvement against blind packet spoofing, since
it adds more entropy to the packets.
2021-10-14 14:10:08 +02:00
d34f4f783b
socket/dhcp: do not set BROADCAST flag.
...
Reasons:
1. We were already accidentally not setting the BROADCAST flag due to it being the wrong bit (see previous commit).
2. Major OSes don't set it.
3. rfc1542 section 3.1.1 states it's discouraged, and the issue it's supposed to workaround doesn't apply to smoltcp.
Unfortunately, some client implementations are
unable to receive such unicast IP datagrams until they know their own
IP address
(..)
This addition to the protocol is a workaround for old host
implementations. Such implementations SHOULD be modified so
that they may receive unicast BOOTREPLY messages, thus making
use of this workaround unnecessary. In general, the use of
this mechanism is discouraged.
2021-10-14 14:03:50 +02:00
6d37633353
wire/dhcp: use bitflags for the FLAGS field.
2021-10-14 14:02:27 +02:00
fc5559069c
wire/dhcp: BROADCAST flag is MSB (0x8000), not LSB (0x0001).
...
This fixes DHCP on Linksys WRT1900AC. With 0x0001, it would not reply to
DISCOVERs at all, probably because seeing an unknown reserved flag being set.
With 0x8000, it works fine.
2021-10-14 13:59:16 +02:00
61293b2cb2
tcp: Make initial sequence number random.
2021-10-11 20:53:04 +02:00
17e0ddcee3
Add rand module.
...
On `std` targets, `OsRng` is used by default. The user can supply a custom impl
by enabling the `rand-custom-impl` Cargo feature and using the `rand_custom_impl!()` macro.
Specifying a custom impl is mandatory when `std` is not enabled.
2021-10-11 20:53:04 +02:00
d98f56f8bd
time: fix incorrect conversion from std
2021-10-07 04:57:59 +02:00
bf5f0abc31
Merge #542 #544
...
542: More TCP fixes r=Dirbaio a=Dirbaio
See individual commit messages for details.
544: ARP fixes r=Dirbaio a=Dirbaio
Co-authored-by: Dario Nieuwenhuis <dirbaio@dirbaio.net>
2021-10-06 19:13:12 +00:00
b4d7819769
arp: ignore ARP packets that are not REQUEST or RESPONSE.
2021-10-06 04:12:33 +02:00
975ae59eab
arp; reject packets with source address not in our network.
...
Fixes #536
2021-10-06 04:12:20 +02:00
271ec5d26b
arp: fill cache only for ARP packets directed at us.
...
- Mirrors what Linux does, so will hopefully reduce problems in broken networks.
- it can actually increase performance: for small ARP caches, it'll reduce the
amount of entries that we're not going to use, increasing the chances of the
ones that we actually use to stay in the cache.
Fixes #537
2021-10-06 04:12:17 +02:00
f98a89ba61
arp: Do not fill cache from random packets.
...
On paper this looks great, and in a sane network it should work.
However the world out there is full of horribly broken, screwed up
networks, which *of course* ruin this.
I've seen a customer's network where the router is IP 192.168.1.1,
MAC addr xx:03. However, every 1 minute the router broadcasts some
"mikrotik discovery" UDP garbage with source IP 192.168.1.1, source MAC
addr xx:02 (one less!). This accidentally poisons smoltcp's ARP cache,
which then sends all traffic for the default gateway to xx:02, which
unsurprisingly blackholes it.
And, of course, the broadcast is every 1min and the ARP cache lifetime
is 1min. This means the cache is almsot all the time poisoned, and the
smoltcp device barely works. Fantastic.
Screw you mikrotik.
2021-10-06 03:12:53 +02:00
0d467df5f3
tcp: reply with RST to invalid SYNACKs in SynReceived state.
...
This matches the Linux behavior.
2021-10-06 02:44:39 +02:00
3af5386bc5
tcp: do not abort socket when receiving invalid packets.
...
This matches the Linux behavior.
2021-10-06 02:36:23 +02:00
1f25a986c7
tcp: reply with RST to invalid ACKs in SynReceived state.
...
This mirrors the Linux behavior, and helps cleanup desynced state.
2021-10-06 02:25:11 +02:00
3a2cdc8680
tcp: rate-limit challenge ACKs.
...
This fixes infinite-packet-loop issues where two peers have
desynced and both think the other's sequence numbers are wrong.
Found with cargo-fuzz.
2021-10-06 01:52:57 +02:00
c7ae2e4f9b
tcp: clarify comment
2021-10-06 01:24:01 +02:00
aea021cfa9
tcp: make match on (state, control, ack) more readable.
2021-10-06 01:03:13 +02:00
acfa7f0b19
use micros in Instant and Duration
2021-10-05 22:33:58 +02:00
49b1a61495
tcp: fix "attempt to negate with overflow" when initial seq is 0xFFFF_FFFF.
...
Found with cargo-fuzz.
2021-10-05 01:38:31 +02:00
f044edf805
tcp: add test for ack one-too-high in SYN_RECEIVED.
2021-10-05 01:38:31 +02:00
b50532cabd
tcp: do not switch to ESTABLISHED when ack in syn-received is one too low.
2021-10-05 01:38:31 +02:00
07c6fb835d
tcp: fix "subtract with overflow" when ack in syn-received is one too low.
...
Found with cargo-fuzz.
2021-10-05 01:38:31 +02:00
16abd60e9b
tcp: in SYN_SENT only accept SYNACK, discard everything else.
...
THis would let FIN packets through, breaking the logic below.
Found with cargo-fuzz.
2021-10-05 01:38:31 +02:00
947a69b8b2
tcp: don't force-send data on retransmit.
...
Previous code had an `if` to force sending a packet when retransmitting.
When the remote window is zero this would cause an infinite loop of
sending empty packets, because the "retransmit" flag would never get cleared.
Remove the force-retransmit, and add an explicit check on `seq_to_transmit` for
pending SYNs because SYN retransmission relied on it.
Found with cargo-fuzz.
2021-10-05 01:38:31 +02:00
e19151b9d0
tcp: disallow zero MSS.
...
This causes an infinite loop of zero-length packets: when we have data
to send, it sends MSS-length packets until filling the window, which
is an infinte amount of packets because mss is zero.
Found with cargo-fuzz.
2021-10-05 01:38:31 +02:00
7f30c7268b
tcp: fix use of fractional .millis() that should be .total_millis() in rtte.
2021-10-05 01:38:31 +02:00
6d61f5ab6c
phy: fix wrong order in FuzzInjector TX. Fixes #525 .
2021-10-03 21:39:55 +02:00
b674f0d0ba
phy: simplify PcapSink trait
2021-10-03 21:29:40 +02:00
28e350f300
tcp: Fix clippy
2021-10-03 21:20:24 +02:00
7e4180b503
Fix assert with any_ip + broadcast dst_addr. Fixes #533
2021-09-26 21:45:46 +02:00
f058a94b85
Merge #529 #530
...
529: Fix typos in tcp docs r=Dirbaio a=david-sawatzke
Too few round brackets
530: tcp: fix delayed ack causing ack not to be sent after 3 packets. r=Dirbaio a=Dirbaio
Co-authored-by: david-sawatzke <david-sawatzke@users.noreply.github.com>
Co-authored-by: Dario Nieuwenhuis <dirbaio@dirbaio.net>
2021-09-16 23:18:14 +00:00
82a62327ba
Fix clippy because of MSV change
2021-09-16 19:44:26 +02:00
ddfabb42f0
tcp: fix delayed ack causing ack not to be sent after 3 packets.
2021-09-15 04:01:43 +02:00
1f8110687d
Fix typos in tcp docs
2021-09-14 18:08:04 +02:00
96dedcc4c6
Expose underlying device from PcapWriter
2021-08-24 16:07:19 +08:00
8ce629257a
Remove trailing commas in macros
...
This is going to become a hard error in future releases of the compiler.
2021-08-19 12:07:56 +02:00
8adbd1b875
cargo fmt
2021-08-18 16:05:50 +02:00
6a27136047
Fix clippy lints
2021-08-18 16:05:50 +02:00
a94f1b231c
Bump MSRV to 1.46
2021-08-18 15:19:38 +02:00
a43fb222e9
pcap timestamp bugfix
2021-07-01 22:27:10 +08:00
7a83e7d69b
dhcpv4: Emit DNS servers in repr
2021-06-28 20:03:39 +02:00
2a574fbca6
various clippy fix
2021-06-27 10:45:57 +02:00
98fe17890a
rustfmt
2021-06-27 09:31:59 +02:00
9101e039d5
tcp: do not scale window in SYN packets.
2021-06-17 06:22:30 +02:00
4045dee3f9
tcp: don't do window scaling when connecting if remote doesn't support it.
2021-06-17 06:02:36 +02:00
736a17cae3
tcp: fix window scaling of synack being ignored.
2021-06-17 05:56:01 +02:00
60a299bcc2
tcp: add Nagle's Algorithm.
2021-06-17 04:44:13 +02:00
9965f09e02
Check that at least one medium is enabled if socket is enabled.
2021-06-17 03:22:02 +02:00
32311b23dc
Add Context struct.
2021-06-17 03:20:58 +02:00
e4d487d5fb
Fix unused extern crate warning with certain build flags.
2021-06-14 15:16:15 -07:00
bae279c3a8
Also import alloc crate for std.
2021-06-14 13:39:33 -07:00
4210fe5e60
Update loopback.rs
2021-06-14 13:33:16 -07:00
Ryan Summers
9f7bf5dc68
Adding support for retrieving socket handle from DHCP sockets
2021-06-14 10:53:27 +02:00
0754a7703c
tcp: use nonzero initial sequence number.
2021-06-11 22:36:26 +02:00
caad8929d5
tcp: fix substract with overflow when receiving a SYNACK with unincremented ACK number.
2021-06-11 22:17:59 +02:00
f1b0a04599
tcp: extract ack_min, ack_max vars
2021-06-11 22:17:24 +02:00
de950ef823
Fix "subtract sequence numbers with underflow" on remote window shrink.
...
Fixes #489
2021-06-11 11:25:30 +02:00
Ryan Summers
06a52a7de9
Merge branch 'master' into rs/issue-475/udp-rebinding
2021-06-09 16:27:04 +02:00
Ryan Summers
a6dbd18574
Merge branch 'master' into rs/issue-281/ethernet-dos
2021-06-09 11:38:40 +02:00
Ryan Summers
57604a4d4c
Sanitizing log macro to allow usage in match arm directly
2021-06-09 11:36:28 +02:00
Ryan Summers
421870ee75
Restructuring to allow-unused
2021-06-09 11:30:02 +02:00
Ryan Summers
2fb5880628
Fixing feature flag
2021-06-09 11:13:56 +02:00
0be1a76bc3
add std::error::Error to smoltcp::Error
2021-06-08 14:34:38 +08:00
Ryan Summers
84866f8f69
Updating packet buffer clear to be UDP-only
2021-05-31 18:07:19 +02:00
Ryan Summers
fa77ddd836
Updating UDP close to clear RX/TX buffers
2021-05-31 18:04:02 +02:00
Ryan Summers
e27e3254f4
Fixing clippy
2021-05-31 17:58:20 +02:00
Ryan Summers
0bb9fc90f0
Simplifying loop logic
2021-05-31 17:42:01 +02:00
Ryan Summers
44add57e8e
Removing unneeded changes
2021-05-31 17:39:30 +02:00
Ryan Summers
f790f59088
Reverting phy changes
2021-05-31 17:36:26 +02:00
Ryan Summers
8474a1b1e4
cleaning up implementation
2021-05-31 17:33:52 +02:00
Ryan Summers
95829934db
Fail-free ingress
2021-05-31 17:30:45 +02:00
Ryan Summers
8d4e255090
Adding prototype fix for fail-free ingress
2021-05-31 17:25:04 +02:00
Ryan Summers
108543a2f6
Adding UDP socket close funcionality
2021-05-31 14:25:52 +02:00
b9477f25bc
wire/dhcp: Simplify how options are emitted.
2021-05-29 01:44:27 +02:00
ea8d2ae7f4
Fix u32::MAX
2021-05-29 01:32:17 +02:00
7b6b70d058
Account for lease time, router and subnet options in DhcpRepr::buffer_len
2021-05-29 01:32:17 +02:00
a5b9461275
tcp: LastAck should only change to Closed on ack of fin.
...
Fixes #470
2021-05-28 21:09:36 +02:00
383d2426cb
tcp rtte: fix "attempt to multiply with overflow". Fixes #468
2021-05-28 21:02:31 +02:00
a81f2fef56
dhcp: convert port check to hard assert.
2021-05-28 18:43:52 +02:00
07c3a402a3
Remove unused macro_use
2021-05-28 18:26:08 +02:00
743f9de039
dhcp: address review comments.
2021-05-28 18:23:50 +02:00
284f5bc834
wire/udp: clearer HEADER_LEN usage
2021-05-28 17:47:02 +02:00
a916888ab8
dhcp: add max_lease_duration option
2021-04-13 20:23:28 +02:00
53b62cfbad
dhcp: remove 0.0.0.0s from the DNS serevr list.
...
tp-link routers pad the DNS server list with 0.0.0.0 to a fixed size :(
2021-04-13 18:43:23 +02:00
b1f2bcb678
dhcp: retry REQUEST slower and with exponential backoff. Fixes #464
2021-04-07 21:52:26 +02:00
cb075bfc16
dhcp: handle NAK packets
2021-04-07 19:00:36 +02:00
0d53163c55
dhcp: convert to socket
2021-04-07 19:00:36 +02:00
ef58fc67a4
route: add remove_default_ipvX_route
2021-04-07 14:49:46 +02:00
ab47db24e0
udp: do not include payload in UdpRepr
...
This makes UdpRepr work like IpRepr, where it only emits the header, and the user
must emit the payload.
This makes it easier to emit UDP packets with payloads that come from protocol-specific
reprs, like DHCP and in the future DNS.
2021-04-07 14:49:46 +02:00
68d60a202b
phy: fix FaultInjector returning a too big buffer when simulating a drop on tx
2021-04-07 02:40:32 +02:00
1d19ff8d91
dhcp: Clear expiration time on reset.
2021-04-07 02:32:46 +02:00
562f12ffed
dhcp: always send parameter_request_list. Fixes #445 .
2021-04-07 02:32:46 +02:00
c043897327
iface: check for ipv4 subnet broadcast addrs everywhere
2021-04-07 02:23:19 +02:00
77c46220a6
Document MSRV with the defmt exception, don't test defmt with 1.40
2021-04-01 02:15:35 +02:00
d64c8593f0
Add defmt logging support
2021-04-01 01:30:47 +02:00
6e8c2a8455
Add IP medium support to PcapWriter and Tracer.
2021-03-31 17:05:09 +02:00
9e3b373e36
Add support for TUN interfaces.
2021-03-31 17:05:09 +02:00
b6220a04c8
Do not use DeviceCapabilities in sockets.
...
DeviceCapabilities contains the `medium` field, so tests had to give it a value
even if it was unused. This is impossible to do with no `medium-*` enabled, because
it makes `Medium` uninhabited (empty enum).
2021-03-31 17:05:09 +02:00
af4a1e6436
Add medium-ip, medium-ethernet feature flags.
2021-03-31 17:05:09 +02:00
Dario Nieuwenhuis
bors[bot]
qiujiangkun
Thibaut Vandervelden
david-sawatzke
bdbai
Anton Romanov
Gerd Zellweger
Ryan Summers