Remove building with NOCRYPTO option
[minix.git] / minix / lib / liblwip / patches / 0002-MINIX-3-only-control-IP-forwarding-at-run-time.patch
blob947a3d227291e2264734e57577f252dd32374181
1 From 7dd690e2c3f3350f5fd647ca52c3fdcc8ef17f4e Mon Sep 17 00:00:00 2001
2 From: David van Moolenbroek <david@minix3.org>
3 Date: Thu, 2 Feb 2017 18:21:57 +0000
4 Subject: [PATCH 2/4] MINIX 3 only: control IP forwarding at run time
6 The lwIP core supports IPv4 and IPv6 packet forwarding, but allows
7 this functionality to be enabled or disabled at compile time only.
8 For MINIX 3, this is not enough, as NetBSD userland (including the
9 network RC script) expects to be able to control this setting at run
10 time.
12 This patch adds run-time control over IPv4 and IPv6 forwarding with
13 the addition of two variables, lwip_ip4_forward and lwip_ip6_forward.
14 These variables are defined in the LWIP service and declared for lwIP
15 in arch/cc.h. The variables may be changed at any time. Any non-zero
16 value indicates that packets of the corresponding IP version should be
17 forwarded.
19 In addition, change lwIP such that if IPv6 forwarding is enabled,
20 meaning that the node acts as a (minimal, currently non RFC compliant)
21 router, the following adjustments are made (see RFC 4861):
23 - ICMPv6 Redirect messages are not accepted;
24 - ICMPv6 Neighbor Advertisement messages carry the Router flag.
25 ---
26 src/core/ipv4/ip4.c | 7 +++++++
27 src/core/ipv6/ip6.c | 7 +++++++
28 src/core/ipv6/nd6.c | 14 ++++++++++++++
29 3 files changed, 28 insertions(+)
31 diff --git a/src/core/ipv4/ip4.c b/src/core/ipv4/ip4.c
32 index d2b1751..d2fde03 100644
33 --- a/src/core/ipv4/ip4.c
34 +++ b/src/core/ipv4/ip4.c
35 @@ -272,6 +272,13 @@ ip4_forward(struct pbuf *p, struct ip_hdr *iphdr, struct netif *inp)
37 struct netif *netif;
39 +#if defined(__minix)
40 + /* MINIX 3 only: forward packets only when enabled through configuration. */
41 + if (!lwip_ip4_forward) {
42 + return;
43 + }
44 +#endif /* defined(__minix) */
46 PERF_START;
47 LWIP_UNUSED_ARG(inp);
49 diff --git a/src/core/ipv6/ip6.c b/src/core/ipv6/ip6.c
50 index 88d998b..24ecaaa 100644
51 --- a/src/core/ipv6/ip6.c
52 +++ b/src/core/ipv6/ip6.c
53 @@ -367,6 +367,13 @@ ip6_forward(struct pbuf *p, struct ip6_hdr *iphdr, struct netif *inp)
55 struct netif *netif;
57 +#if defined(__minix)
58 + /* MINIX 3 only: forward packets only when enabled through configuration. */
59 + if (!lwip_ip6_forward) {
60 + return;
61 + }
62 +#endif /* defined(__minix) */
64 /* do not forward link-local or loopback addresses */
65 if (ip6_addr_islinklocal(ip6_current_dest_addr()) ||
66 ip6_addr_isloopback(ip6_current_dest_addr())) {
67 diff --git a/src/core/ipv6/nd6.c b/src/core/ipv6/nd6.c
68 index 0122d99..bd121f5 100644
69 --- a/src/core/ipv6/nd6.c
70 +++ b/src/core/ipv6/nd6.c
71 @@ -790,6 +790,14 @@ nd6_input(struct pbuf *p, struct netif *inp)
72 struct lladdr_option *lladdr_opt;
73 ip6_addr_t destination_address, target_address;
75 +#if defined(__minix)
76 + /* MINIX 3 only: if forwarding is enabled, do not accept redirects. */
77 + if (!lwip_ip6_forward) {
78 + pbuf_free(p);
79 + return;
80 + }
81 +#endif /* defined(__minix) */
83 /* Check that Redir header fits in packet. */
84 if (p->len < sizeof(struct redirect_header)) {
85 /* @todo debug message */
86 @@ -1259,6 +1267,12 @@ nd6_send_na(struct netif *netif, const ip6_addr_t *target_addr, u8_t flags)
87 na_hdr->code = 0;
88 na_hdr->chksum = 0;
89 na_hdr->flags = flags & 0xf0;
90 +#if defined(__minix)
91 + /* MINIX 3 only: if forwarding is enabled, set the router bit. */
92 + if (lwip_ip6_forward) {
93 + na_hdr->flags |= ND6_FLAG_ROUTER;
94 + }
95 +#endif /* defined(__minix) */
96 na_hdr->reserved[0] = 0;
97 na_hdr->reserved[1] = 0;
98 na_hdr->reserved[2] = 0;
99 --
100 2.5.2