lupine/hide-eid
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

First pass at fragmenting

Browse Source
This commit is contained in:
Nick Thomas
2013-08-09 03:11:15 +01:00
parent 1acaa03799
commit cfd1b2f957
11 changed files with 405 additions and 359 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
pass-1/packet.h
View File

@@ -4,26 +4,29 @@
#include <arpa/inet.h>
#include <netinet/ip.h>
#include <netinet/ip6.h>
#include <netinet/ip_icmp.h>
#define IPPROTO_HIDE_EID 99
// IP header + IV + tag + block cipher max overhead
#define WRAP_OVERHEAD 20 + 16 + 16 + 16 + 2
#ifndef IP_DF
#define IP_DF 0x4000 /* dont fragment flag */
#endif
#ifndef IP_MF
#define IP_MF 0x2000 /* more fragments flag */
#endif
struct packet {
union {
#ifdef __USE_BSD
struct ip ip;
#else
struct iphdr ip;
#endif
struct ip6_hdr ip6;
} hdr;
char payload[IP_MAXPACKET]; /* payload is this - header size, but OK */
char payload[IP_MAXPACKET]; /* payload can be this - header size, but OK */
};
// wrapper.c expects this name
#define recv_pkt packet
// It's all our code that uses this. 12 is much more than we need to
// construct a wrapped packet at the moment.
//
@@ -35,14 +38,23 @@ struct packet {
struct rsp_data {
int count;
struct iovec iovs[MAX_IOVS];
unsigned char scratch[IP_MAXPACKET]; // somewhere easy to put results
unsigned char scratch[IP_MAXPACKET * 2]; // somewhere easy to put results
};
// If we need more fragments than this, I am a sad person
#define MAX_PACKET_FRAGMENTS 4
void compute_ip_checksum( struct iphdr* pkt );
int wrap_ipv4_packet(struct rlocs* reg, struct recv_pkt* pkt, struct rsp_data* out);
int wrap_ipv6_packet(struct rlocs* reg, struct recv_pkt* pkt, struct rsp_data* out);
int wrap_ipv4_packet( struct rlocs *reg, struct packet *pkt, struct rsp_data *frag1, struct rsp_data *frag2 );
int wrap_ipv6_packet(struct rlocs* reg, struct packet *pkt, struct rsp_data *out);
int unwrap_ipv4_packet(struct rlocs* reg, struct packet *pkt, struct rsp_data *out);
int unwrap_ipv6_packet(struct rlocs* reg, struct packet *pkt, struct rsp_data *out);
int unwrap_ipv4_packet(struct rlocs* reg, struct recv_pkt* pkt, struct rsp_data* out);
int unwrap_ipv6_packet(struct rlocs* reg, struct recv_pkt* pkt, struct rsp_data* out);
#endif