Project

General

Profile

Actions

Bug #594

closed

Add IP_RECVTTL socket option support

Added by hasso over 17 years ago. Updated over 17 years ago.

Status:
Closed
Priority:
Low
Assignee:
-
Category:
-
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:

Description

  1. HG changeset patch
  2. User Hasso Tepper <>
  3. Date 1175495001 -10800
  4. Node ID bb9e64772dc17d5e6155ed7d2ad98545cd65d794
  5. Parent 3a99304a032fccb41f8423112e3274bf329d7d96
    Add IP_RECVTTL socket option support.

When set, userland receives the incoming packet's TTL as ancillary data
with recvmsg(2) call. It allows to implement security mechanisms described
in RFC3682 (GTSM).

Obtained from FreeBSD.

diff r 3a99304a032f -r bb9e64772dc1 share/man/man4/ip.4
--
a/share/man/man4/ip.4 Sun Apr 01 22:58:14 2007 0300
++ b/share/man/man4/ip.4 Mon Apr 02 09:23:21 2007 0300
@ -137,6 +137,28 @ cmsg_type = IP_RECVDSTADDR
cmsg_type = IP_RECVDSTADDR
.Ed
.Pp
+If the
.Dv IP_RECVTTL
option is enabled on a
.Dv SOCK_DGRAM
socket, the
.Xr recvmsg 2
call will return the
.Tn IP
.Tn TTL
(time to live) field for a
.Tn UDP
+datagram.
+The msg_control field in the msghdr structure points to a buffer
+that contains a cmsghdr structure followed by the
.Tn TTL .
The cmsghdr fields have the following values:
.Bd literal
cmsg_len = sizeof(u_char)
+cmsg_level = IPPROTO_IP
+cmsg_type = IP_RECVTTL
.Ed
.Pp
.Dv IP_PORTRANGE
may be used to set the port range used for selecting a local port number
on a socket with an unspecified (zero) port number.
diff -r 3a99304a032f -r bb9e64772dc1 sys/netinet/in.h
--
a/sys/netinet/in.h Sun Apr 01 22:58:14 2007 +0300
++ b/sys/netinet/in.h Mon Apr 02 09:23:21 2007 +0300
@ -355,6 +355,8 @ struct sockaddr_in {
#define IP_DUMMYNET_FLUSH 62 /* flush dummynet /
#define IP_DUMMYNET_GET 64 /
get entire dummynet pipes */

#define IP_RECVTTL 65 /* bool; receive IP TTL w/dgram /

/
* Defaults and limits for options
/
diff r 3a99304a032f -r bb9e64772dc1 sys/netinet/in_pcb.h
--
a/sys/netinet/in_pcb.h Sun Apr 01 22:58:14 2007 0300
++ b/sys/netinet/in_pcb.h Mon Apr 02 09:23:21 2007 +0300
@ -327,8 +327,10 @ struct inpcbinfo { /
XXX documentation
#define IN6P_RTHDRDSTOPTS 0x200000 /* receive dstoptions before rthdr /
#define IN6P_AUTOFLOWLABEL 0x800000 /
attach flowlabel automatically */

#define INP_RECVTTL 0x80000000 /* receive incoming IP TTL /

#define INP_CONTROLOPTS (INP_RECVOPTS|INP_RECVRETOPTS|INP_RECVDSTADDR|\
- INP_RECVIF|\
+ INP_RECVIF|INP_RECVTTL|\
IN6P_PKTINFO|IN6P_HOPLIMIT|IN6P_HOPOPTS|\
IN6P_DSTOPTS|IN6P_RTHDR|IN6P_RTHDRDSTOPTS|\
IN6P_AUTOFLOWLABEL)
diff r 3a99304a032f -r bb9e64772dc1 sys/netinet/ip_input.c
--
a/sys/netinet/ip_input.c Sun Apr 01 22:58:14 2007 0300
++ b/sys/netinet/ip_input.c Mon Apr 02 09:23:21 2007 0300
@ -2171,6 +2171,12 @ ip_savecontrol(struct inpcb *inp, struct
if (*mp)
mp = &(*mp)->m_next;
}
if (inp->inp_flags & INP_RECVTTL) {
+ *mp = sbcreatecontrol((caddr_t) &ip->ip_ttl,
+ sizeof(u_char), IP_RECVTTL, IPPROTO_IP);
+ if (*mp)
+ mp = &(*mp)->m_next;
+ }
#ifdef notyet
/
XXX * Moving these out of udp_input() made them even more broken
diff r 3a99304a032f -r bb9e64772dc1 sys/netinet/ip_output.c
--
a/sys/netinet/ip_output.c Sun Apr 01 22:58:14 2007 0300
++ b/sys/netinet/ip_output.c Mon Apr 02 09:23:21 2007 0300
@ -1413,6 +1413,7 @ ip_ctloutput(struct socket *so, struct s
case IP_RECVRETOPTS:
case IP_RECVDSTADDR:
case IP_RECVIF:
case IP_RECVTTL:
case IP_FAITH:
error = sooptcopyin(sopt, &optval, sizeof optval,
sizeof optval);
@ -1447,6 +1448,10 @ ip_ctloutput(struct socket *so, struct s

case IP_RECVIF:
OPTSET(INP_RECVIF);
+ break;

case IP_RECVTTL:
+ OPTSET(INP_RECVTTL);
break;
case IP_FAITH:
@ -1541,6 +1546,7 @ ip_ctloutput(struct socket *so, struct s
case IP_RECVOPTS:
case IP_RECVRETOPTS:
case IP_RECVDSTADDR:
+ case IP_RECVTTL:
case IP_RECVIF:
case IP_PORTRANGE:
case IP_FAITH:
@ -1566,6 +1572,10 @ ip_ctloutput(struct socket *so, struct s
case IP_RECVDSTADDR:
optval = OPTBIT(INP_RECVDSTADDR);
+ break;

case IP_RECVTTL:
+ optval = OPTBIT(INP_RECVTTL);
break;
case IP_RECVIF:
Actions #1

Updated by hasso over 17 years ago

Commited with IP_MINTTL support patch.

Actions

Also available in: Atom PDF