[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r19301 - gnunet/src/exit
From: |
gnunet |
Subject: |
[GNUnet-SVN] r19301 - gnunet/src/exit |
Date: |
Sat, 21 Jan 2012 20:06:33 +0100 |
Author: grothoff
Date: 2012-01-21 20:06:33 +0100 (Sat, 21 Jan 2012)
New Revision: 19301
Modified:
gnunet/src/exit/exit.h
gnunet/src/exit/gnunet-daemon-exit.c
Log:
-document ICMP MESH messages better, discard ICMP payload on exit->mesh->vpn
path for certain ICMP types
Modified: gnunet/src/exit/exit.h
===================================================================
--- gnunet/src/exit/exit.h 2012-01-21 17:38:52 UTC (rev 19300)
+++ gnunet/src/exit/exit.h 2012-01-21 19:06:33 UTC (rev 19301)
@@ -218,7 +218,10 @@
struct GNUNET_MessageHeader header;
/**
- * Address family, AF_INET or AF_INET6, in network byte order.
+ * Address family, AF_INET or AF_INET6, in network byte order. This
+ * AF value determines if the 'icmp_header' is ICMPv4 or ICMPv6.
+ * The receiver (exit) may still have to translate (PT) to the services'
+ * ICMP version (if possible).
*/
int32_t af;
@@ -232,7 +235,10 @@
*/
struct GNUNET_TUN_IcmpHeader icmp_header;
- /* followed by ICMP payload */
+ /* followed by ICMP payload; however, for certain ICMP message
+ types where the payload is the original IP packet, the payload
+ is omitted as it is useless for the receiver (who will need
+ to create some fake payload manually) */
};
@@ -249,18 +255,25 @@
/**
* Address family, AF_INET or AF_INET6, in network byte order.
+ * Determines both the ICMP version used in the 'icmp_header' and
+ * the IP address format that is used for the target IP. If
+ * PT is necessary, the sender has already done it.
*/
int32_t af;
/**
- * ICMP header to use.
+ * ICMP header to use. Must match the target 'af' given
+ * above.
*/
struct GNUNET_TUN_IcmpHeader icmp_header;
/* followed by IP address of the destination; either
'struct in_addr' or 'struct in6_addr', depending on af */
- /* followed by ICMP payload */
+ /* followed by ICMP payload; however, for certain ICMP message
+ types where the payload is the original IP packet, the payload
+ is omitted as it is useless for the receiver (who will need
+ to create some fake payload manually) */
};
@@ -277,15 +290,19 @@
/**
* Address family, AF_INET or AF_INET6, in network byte order.
+ * Useful to determine if this is an ICMPv4 or ICMPv6 header.
*/
int32_t af;
/**
- * ICMP header to use.
+ * ICMP header to use. ICMPv4 or ICMPv6, depending on 'af'.
*/
struct GNUNET_TUN_IcmpHeader icmp_header;
- /* followed by ICMP payload */
+ /* followed by ICMP payload; however, for certain ICMP message
+ types where the payload is the original IP packet, the payload
+ is omitted as it is useless for the receiver (who will need
+ to create some fake payload manually) */
};
Modified: gnunet/src/exit/gnunet-daemon-exit.c
===================================================================
--- gnunet/src/exit/gnunet-daemon-exit.c 2012-01-21 17:38:52 UTC (rev
19300)
+++ gnunet/src/exit/gnunet-daemon-exit.c 2012-01-21 19:06:33 UTC (rev
19301)
@@ -644,6 +644,8 @@
udp = (const struct GNUNET_TUN_UdpHeader *) &ipv4[1];
spt = ntohs (udp->spt);
dpt = ntohs (udp->dpt);
+ /* throw away ICMP payload, won't be useful for the other side anyway */
+ pktlen = sizeof (struct GNUNET_TUN_IcmpHeader);
break;
default:
GNUNET_STATISTICS_update (stats,
@@ -674,6 +676,8 @@
udp = (const struct GNUNET_TUN_UdpHeader *) &ipv6[1];
spt = ntohs (udp->spt);
dpt = ntohs (udp->dpt);
+ /* throw away ICMP payload, won't be useful for the other side anyway */
+ pktlen = sizeof (struct GNUNET_TUN_IcmpHeader);
break;
case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST:
case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY:
@@ -735,12 +739,6 @@
memcpy (&i2v->icmp_header,
icmp,
pktlen);
- /* FIXME: should we sanitize the host-specific payload here? On the
- one hand, quite a bit of what we send is meaningless on the other
- side (our IPs, ports, etc.); on the other hand, trying to compact
- the packet would be very messy, and blanking fields out is also
- hardly productive as they seem to contain nothing remotely
- sensitive. */
send_packet_to_mesh_tunnel (state->tunnel,
tnq);
}
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r19301 - gnunet/src/exit,
gnunet <=