From 289cce2ae409d99759448ff0bc9a1158e67615b8 Mon Sep 17 00:00:00 2001 From: Bjørn Mork Date: Wed, 9 Nov 2011 16:07:44 +0100 Subject: adding basic MTU verification MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bjørn Mork --- ldra.c | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/ldra.c b/ldra.c index 4e01803..9c3196a 100644 --- a/ldra.c +++ b/ldra.c @@ -320,7 +320,6 @@ Steven McCanne and Van Jacobson of Lawrence Berkeley Laboratory. for (i = 0; i<20; i++) { - fromlen = sizeof(ll); /* get the VLAN tag etc */ memset(&msg, 0, sizeof(msg)); @@ -335,10 +334,6 @@ Steven McCanne and Van Jacobson of Lawrence Berkeley Laboratory. iov.iov_len = ETH_FRAME_LEN; iov.iov_base = buf; -/* must use recvmsg() interface to get the aux data */ -#if 0 - len = recvfrom(s, buf + RELAYOPT_LEN, ETH_FRAME_LEN, 0, (struct sockaddr *)&ll, &fromlen); -#endif len = recvmsg(s, &msg, MSG_TRUNC); if (len == -1) { @@ -377,7 +372,8 @@ Steven McCanne and Van Jacobson of Lawrence Berkeley Laboratory. u_int16_t *csum; char *p; int hopcount = 0; - int trusted = 1; /* FIMXE: allow setting this per interface */ + int trusted = 1; /* FIMXE: allow setting this per interface */ + int mtu = 1500; /* FIMXE: get this from the upstream interface? */ fprintf(stderr, "down => up\n"); @@ -435,6 +431,13 @@ Steven McCanne and Van Jacobson of Lawrence Berkeley Laboratory. /* get the totals size of the added DHCP relay message with options */ extra = (char *)&opt->data - (char *)dhcpv6; + /* verify that we have enough space lefte for the original DHCP packet */ + if ((extra + len) > mtu) { + fprintf(stderr, "ERROR: relay packet exceeds MTU (%d > %d)\n", (extra + len), mtu); + continue; + } + + /* copy the original DHCP packet into the OPTION_RELAY_MSG */ memcpy(&opt->data, (buf + PKTHDRZ), ntohs(opt->len)); @@ -577,7 +580,7 @@ Steven McCanne and Van Jacobson of Lawrence Berkeley Laboratory. continue; } - /* fixup lengths and sestination port */ + /* fixup lengths and destination port */ ip6->ip6_plen = htons(datalen + sizeof(struct udphdr)); udp->len = ip6->ip6_plen; udp->dest = htons(546); -- cgit v1.2.3