Dario Nieuwenhuis
af4db615f5
socket/dhcp: Use random transaction_id instead of sequential.
...
This is a minor security improvement against blind packet spoofing, since
it adds more entropy to the packets.
2021-10-14 14:10:08 +02:00
Dario Nieuwenhuis
d34f4f783b
socket/dhcp: do not set BROADCAST flag.
...
Reasons:
1. We were already accidentally not setting the BROADCAST flag due to it being the wrong bit (see previous commit).
2. Major OSes don't set it.
3. rfc1542 section 3.1.1 states it's discouraged, and the issue it's supposed to workaround doesn't apply to smoltcp.
Unfortunately, some client implementations are
unable to receive such unicast IP datagrams until they know their own
IP address
(..)
This addition to the protocol is a workaround for old host
implementations. Such implementations SHOULD be modified so
that they may receive unicast BOOTREPLY messages, thus making
use of this workaround unnecessary. In general, the use of
this mechanism is discouraged.
2021-10-14 14:03:50 +02:00
Dario Nieuwenhuis
6d37633353
wire/dhcp: use bitflags for the FLAGS field.
2021-10-14 14:02:27 +02:00
Dario Nieuwenhuis
fc5559069c
wire/dhcp: BROADCAST flag is MSB (0x8000), not LSB (0x0001).
...
This fixes DHCP on Linksys WRT1900AC. With 0x0001, it would not reply to
DISCOVERs at all, probably because seeing an unknown reserved flag being set.
With 0x8000, it works fine.
2021-10-14 13:59:16 +02:00
Dario Nieuwenhuis
61293b2cb2
tcp: Make initial sequence number random.
2021-10-11 20:53:04 +02:00
Dario Nieuwenhuis
17e0ddcee3
Add rand module.
...
On `std` targets, `OsRng` is used by default. The user can supply a custom impl
by enabling the `rand-custom-impl` Cargo feature and using the `rand_custom_impl!()` macro.
Specifying a custom impl is mandatory when `std` is not enabled.
2021-10-11 20:53:04 +02:00
Dario Nieuwenhuis
d98f56f8bd
time: fix incorrect conversion from std
2021-10-07 04:57:59 +02:00
bors[bot]
bf5f0abc31
Merge #542 #544
...
542: More TCP fixes r=Dirbaio a=Dirbaio
See individual commit messages for details.
544: ARP fixes r=Dirbaio a=Dirbaio
Co-authored-by: Dario Nieuwenhuis <dirbaio@dirbaio.net>
2021-10-06 19:13:12 +00:00
Dario Nieuwenhuis
b4d7819769
arp: ignore ARP packets that are not REQUEST or RESPONSE.
2021-10-06 04:12:33 +02:00
Dario Nieuwenhuis
975ae59eab
arp; reject packets with source address not in our network.
...
Fixes #536
2021-10-06 04:12:20 +02:00
Dario Nieuwenhuis
271ec5d26b
arp: fill cache only for ARP packets directed at us.
...
- Mirrors what Linux does, so will hopefully reduce problems in broken networks.
- it can actually increase performance: for small ARP caches, it'll reduce the
amount of entries that we're not going to use, increasing the chances of the
ones that we actually use to stay in the cache.
Fixes #537
2021-10-06 04:12:17 +02:00
Dario Nieuwenhuis
f98a89ba61
arp: Do not fill cache from random packets.
...
On paper this looks great, and in a sane network it should work.
However the world out there is full of horribly broken, screwed up
networks, which *of course* ruin this.
I've seen a customer's network where the router is IP 192.168.1.1,
MAC addr xx:03. However, every 1 minute the router broadcasts some
"mikrotik discovery" UDP garbage with source IP 192.168.1.1, source MAC
addr xx:02 (one less!). This accidentally poisons smoltcp's ARP cache,
which then sends all traffic for the default gateway to xx:02, which
unsurprisingly blackholes it.
And, of course, the broadcast is every 1min and the ARP cache lifetime
is 1min. This means the cache is almsot all the time poisoned, and the
smoltcp device barely works. Fantastic.
Screw you mikrotik.
2021-10-06 03:12:53 +02:00
Dario Nieuwenhuis
0d467df5f3
tcp: reply with RST to invalid SYNACKs in SynReceived state.
...
This matches the Linux behavior.
2021-10-06 02:44:39 +02:00
Dario Nieuwenhuis
3af5386bc5
tcp: do not abort socket when receiving invalid packets.
...
This matches the Linux behavior.
2021-10-06 02:36:23 +02:00
Dario Nieuwenhuis
1f25a986c7
tcp: reply with RST to invalid ACKs in SynReceived state.
...
This mirrors the Linux behavior, and helps cleanup desynced state.
2021-10-06 02:25:11 +02:00
Dario Nieuwenhuis
3a2cdc8680
tcp: rate-limit challenge ACKs.
...
This fixes infinite-packet-loop issues where two peers have
desynced and both think the other's sequence numbers are wrong.
Found with cargo-fuzz.
2021-10-06 01:52:57 +02:00
Dario Nieuwenhuis
c7ae2e4f9b
tcp: clarify comment
2021-10-06 01:24:01 +02:00
Dario Nieuwenhuis
aea021cfa9
tcp: make match on (state, control, ack) more readable.
2021-10-06 01:03:13 +02:00
qiujiangkun
acfa7f0b19
use micros in Instant and Duration
2021-10-05 22:33:58 +02:00
Dario Nieuwenhuis
49b1a61495
tcp: fix "attempt to negate with overflow" when initial seq is 0xFFFF_FFFF.
...
Found with cargo-fuzz.
2021-10-05 01:38:31 +02:00
Dario Nieuwenhuis
f044edf805
tcp: add test for ack one-too-high in SYN_RECEIVED.
2021-10-05 01:38:31 +02:00
Dario Nieuwenhuis
b50532cabd
tcp: do not switch to ESTABLISHED when ack in syn-received is one too low.
2021-10-05 01:38:31 +02:00
Dario Nieuwenhuis
07c6fb835d
tcp: fix "subtract with overflow" when ack in syn-received is one too low.
...
Found with cargo-fuzz.
2021-10-05 01:38:31 +02:00
Dario Nieuwenhuis
16abd60e9b
tcp: in SYN_SENT only accept SYNACK, discard everything else.
...
THis would let FIN packets through, breaking the logic below.
Found with cargo-fuzz.
2021-10-05 01:38:31 +02:00
Dario Nieuwenhuis
947a69b8b2
tcp: don't force-send data on retransmit.
...
Previous code had an `if` to force sending a packet when retransmitting.
When the remote window is zero this would cause an infinite loop of
sending empty packets, because the "retransmit" flag would never get cleared.
Remove the force-retransmit, and add an explicit check on `seq_to_transmit` for
pending SYNs because SYN retransmission relied on it.
Found with cargo-fuzz.
2021-10-05 01:38:31 +02:00
Dario Nieuwenhuis
e19151b9d0
tcp: disallow zero MSS.
...
This causes an infinite loop of zero-length packets: when we have data
to send, it sends MSS-length packets until filling the window, which
is an infinte amount of packets because mss is zero.
Found with cargo-fuzz.
2021-10-05 01:38:31 +02:00
Dario Nieuwenhuis
7f30c7268b
tcp: fix use of fractional .millis() that should be .total_millis() in rtte.
2021-10-05 01:38:31 +02:00
Dario Nieuwenhuis
6d61f5ab6c
phy: fix wrong order in FuzzInjector TX. Fixes #525 .
2021-10-03 21:39:55 +02:00
Dario Nieuwenhuis
b674f0d0ba
phy: simplify PcapSink trait
2021-10-03 21:29:40 +02:00
Dario Nieuwenhuis
28e350f300
tcp: Fix clippy
2021-10-03 21:20:24 +02:00
Dario Nieuwenhuis
7e4180b503
Fix assert with any_ip + broadcast dst_addr. Fixes #533
2021-09-26 21:45:46 +02:00
bors[bot]
f058a94b85
Merge #529 #530
...
529: Fix typos in tcp docs r=Dirbaio a=david-sawatzke
Too few round brackets
530: tcp: fix delayed ack causing ack not to be sent after 3 packets. r=Dirbaio a=Dirbaio
Co-authored-by: david-sawatzke <david-sawatzke@users.noreply.github.com>
Co-authored-by: Dario Nieuwenhuis <dirbaio@dirbaio.net>
2021-09-16 23:18:14 +00:00
Thibaut Vandervelden
82a62327ba
Fix clippy because of MSV change
2021-09-16 19:44:26 +02:00
Dario Nieuwenhuis
ddfabb42f0
tcp: fix delayed ack causing ack not to be sent after 3 packets.
2021-09-15 04:01:43 +02:00
david-sawatzke
1f8110687d
Fix typos in tcp docs
2021-09-14 18:08:04 +02:00
bdbai
96dedcc4c6
Expose underlying device from PcapWriter
2021-08-24 16:07:19 +08:00
Thibaut Vandervelden
8ce629257a
Remove trailing commas in macros
...
This is going to become a hard error in future releases of the compiler.
2021-08-19 12:07:56 +02:00
Thibaut Vandervelden
8adbd1b875
cargo fmt
2021-08-18 16:05:50 +02:00
Thibaut Vandervelden
6a27136047
Fix clippy lints
2021-08-18 16:05:50 +02:00
Dario Nieuwenhuis
a94f1b231c
Bump MSRV to 1.46
2021-08-18 15:19:38 +02:00
qiujiangkun
a43fb222e9
pcap timestamp bugfix
2021-07-01 22:27:10 +08:00
Anton Romanov
7a83e7d69b
dhcpv4: Emit DNS servers in repr
2021-06-28 20:03:39 +02:00
qiujiangkun
2a574fbca6
various clippy fix
2021-06-27 10:45:57 +02:00
Dario Nieuwenhuis
98fe17890a
rustfmt
2021-06-27 09:31:59 +02:00
Dario Nieuwenhuis
9101e039d5
tcp: do not scale window in SYN packets.
2021-06-17 06:22:30 +02:00
Dario Nieuwenhuis
4045dee3f9
tcp: don't do window scaling when connecting if remote doesn't support it.
2021-06-17 06:02:36 +02:00
Dario Nieuwenhuis
736a17cae3
tcp: fix window scaling of synack being ignored.
2021-06-17 05:56:01 +02:00
Dario Nieuwenhuis
60a299bcc2
tcp: add Nagle's Algorithm.
2021-06-17 04:44:13 +02:00
Dario Nieuwenhuis
9965f09e02
Check that at least one medium is enabled if socket is enabled.
2021-06-17 03:22:02 +02:00
Dario Nieuwenhuis
32311b23dc
Add Context struct.
2021-06-17 03:20:58 +02:00
Gerd Zellweger
e4d487d5fb
Fix unused extern crate warning with certain build flags.
2021-06-14 15:16:15 -07:00
Gerd Zellweger
bae279c3a8
Also import alloc crate for std.
2021-06-14 13:39:33 -07:00
Gerd Zellweger
4210fe5e60
Update loopback.rs
2021-06-14 13:33:16 -07:00
Ryan Summers
9f7bf5dc68
Adding support for retrieving socket handle from DHCP sockets
2021-06-14 10:53:27 +02:00
Dario Nieuwenhuis
0754a7703c
tcp: use nonzero initial sequence number.
2021-06-11 22:36:26 +02:00
Dario Nieuwenhuis
caad8929d5
tcp: fix substract with overflow when receiving a SYNACK with unincremented ACK number.
2021-06-11 22:17:59 +02:00
Dario Nieuwenhuis
f1b0a04599
tcp: extract ack_min, ack_max vars
2021-06-11 22:17:24 +02:00
Dario Nieuwenhuis
de950ef823
Fix "subtract sequence numbers with underflow" on remote window shrink.
...
Fixes #489
2021-06-11 11:25:30 +02:00
Ryan Summers
06a52a7de9
Merge branch 'master' into rs/issue-475/udp-rebinding
2021-06-09 16:27:04 +02:00
Ryan Summers
a6dbd18574
Merge branch 'master' into rs/issue-281/ethernet-dos
2021-06-09 11:38:40 +02:00
Ryan Summers
57604a4d4c
Sanitizing log macro to allow usage in match arm directly
2021-06-09 11:36:28 +02:00
Ryan Summers
421870ee75
Restructuring to allow-unused
2021-06-09 11:30:02 +02:00
Ryan Summers
2fb5880628
Fixing feature flag
2021-06-09 11:13:56 +02:00
qiujiangkun
0be1a76bc3
add std::error::Error to smoltcp::Error
2021-06-08 14:34:38 +08:00
Ryan Summers
84866f8f69
Updating packet buffer clear to be UDP-only
2021-05-31 18:07:19 +02:00
Ryan Summers
fa77ddd836
Updating UDP close to clear RX/TX buffers
2021-05-31 18:04:02 +02:00
Ryan Summers
e27e3254f4
Fixing clippy
2021-05-31 17:58:20 +02:00
Ryan Summers
0bb9fc90f0
Simplifying loop logic
2021-05-31 17:42:01 +02:00
Ryan Summers
44add57e8e
Removing unneeded changes
2021-05-31 17:39:30 +02:00
Ryan Summers
f790f59088
Reverting phy changes
2021-05-31 17:36:26 +02:00
Ryan Summers
8474a1b1e4
cleaning up implementation
2021-05-31 17:33:52 +02:00
Ryan Summers
95829934db
Fail-free ingress
2021-05-31 17:30:45 +02:00
Ryan Summers
8d4e255090
Adding prototype fix for fail-free ingress
2021-05-31 17:25:04 +02:00
Ryan Summers
108543a2f6
Adding UDP socket close funcionality
2021-05-31 14:25:52 +02:00
Dario Nieuwenhuis
b9477f25bc
wire/dhcp: Simplify how options are emitted.
2021-05-29 01:44:27 +02:00
Dario Nieuwenhuis
ea8d2ae7f4
Fix u32::MAX
2021-05-29 01:32:17 +02:00
Anton Romanov
7b6b70d058
Account for lease time, router and subnet options in DhcpRepr::buffer_len
2021-05-29 01:32:17 +02:00
Dario Nieuwenhuis
a5b9461275
tcp: LastAck should only change to Closed on ack of fin.
...
Fixes #470
2021-05-28 21:09:36 +02:00
Dario Nieuwenhuis
383d2426cb
tcp rtte: fix "attempt to multiply with overflow". Fixes #468
2021-05-28 21:02:31 +02:00
Dario Nieuwenhuis
a81f2fef56
dhcp: convert port check to hard assert.
2021-05-28 18:43:52 +02:00
Dario Nieuwenhuis
07c3a402a3
Remove unused macro_use
2021-05-28 18:26:08 +02:00
Dario Nieuwenhuis
743f9de039
dhcp: address review comments.
2021-05-28 18:23:50 +02:00
Dario Nieuwenhuis
284f5bc834
wire/udp: clearer HEADER_LEN usage
2021-05-28 17:47:02 +02:00
Dario Nieuwenhuis
a916888ab8
dhcp: add max_lease_duration option
2021-04-13 20:23:28 +02:00
Dario Nieuwenhuis
53b62cfbad
dhcp: remove 0.0.0.0s from the DNS serevr list.
...
tp-link routers pad the DNS server list with 0.0.0.0 to a fixed size :(
2021-04-13 18:43:23 +02:00
Dario Nieuwenhuis
b1f2bcb678
dhcp: retry REQUEST slower and with exponential backoff. Fixes #464
2021-04-07 21:52:26 +02:00
Dario Nieuwenhuis
cb075bfc16
dhcp: handle NAK packets
2021-04-07 19:00:36 +02:00
Dario Nieuwenhuis
0d53163c55
dhcp: convert to socket
2021-04-07 19:00:36 +02:00
Dario Nieuwenhuis
ef58fc67a4
route: add remove_default_ipvX_route
2021-04-07 14:49:46 +02:00
Dario Nieuwenhuis
ab47db24e0
udp: do not include payload in UdpRepr
...
This makes UdpRepr work like IpRepr, where it only emits the header, and the user
must emit the payload.
This makes it easier to emit UDP packets with payloads that come from protocol-specific
reprs, like DHCP and in the future DNS.
2021-04-07 14:49:46 +02:00
Dario Nieuwenhuis
68d60a202b
phy: fix FaultInjector returning a too big buffer when simulating a drop on tx
2021-04-07 02:40:32 +02:00
Dario Nieuwenhuis
1d19ff8d91
dhcp: Clear expiration time on reset.
2021-04-07 02:32:46 +02:00
Dario Nieuwenhuis
562f12ffed
dhcp: always send parameter_request_list. Fixes #445 .
2021-04-07 02:32:46 +02:00
Dario Nieuwenhuis
c043897327
iface: check for ipv4 subnet broadcast addrs everywhere
2021-04-07 02:23:19 +02:00
Dario Nieuwenhuis
77c46220a6
Document MSRV with the defmt exception, don't test defmt with 1.40
2021-04-01 02:15:35 +02:00
Dario Nieuwenhuis
d64c8593f0
Add defmt logging support
2021-04-01 01:30:47 +02:00
Dario Nieuwenhuis
6e8c2a8455
Add IP medium support to PcapWriter and Tracer.
2021-03-31 17:05:09 +02:00
Dario Nieuwenhuis
9e3b373e36
Add support for TUN interfaces.
2021-03-31 17:05:09 +02:00
Dario Nieuwenhuis
b6220a04c8
Do not use DeviceCapabilities in sockets.
...
DeviceCapabilities contains the `medium` field, so tests had to give it a value
even if it was unused. This is impossible to do with no `medium-*` enabled, because
it makes `Medium` uninhabited (empty enum).
2021-03-31 17:05:09 +02:00
Dario Nieuwenhuis
af4a1e6436
Add medium-ip, medium-ethernet feature flags.
2021-03-31 17:05:09 +02:00