Skip to content
Browse files

When sending in ICMP response to an SCTP packet,

* include the SCTP common header, if possible
* include the first 8 bytes of the INIT chunk, if possible
This provides the necesary information for the receiver of the ICMP
packet to process it.

MFC after:	1 week


git-svn-id: svn+ssh://svn.freebsd.org/base/head@300699 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
  • Loading branch information...
1 parent 8596b39 commit 90269c732b1e727a2c0d7fcb9bbcf72f87970b75 tuexen committed May 25, 2016
Showing with 29 additions and 0 deletions.
  1. +29 −0 sys/netinet/ip_icmp.c
View
29 sys/netinet/ip_icmp.c
@@ -61,6 +61,7 @@ __FBSDID("$FreeBSD$");
#include <netinet/ip_icmp.h>
#include <netinet/ip_var.h>
#include <netinet/ip_options.h>
+#include <netinet/sctp.h>
#include <netinet/tcp.h>
#include <netinet/tcp_var.h>
#include <netinet/tcpip.h>
@@ -249,6 +250,34 @@ icmp_error(struct mbuf *n, int type, int code, uint32_t dest, int mtu)
goto freeit;
icmpelen = max(tcphlen, min(V_icmp_quotelen,
ntohs(oip->ip_len) - oiphlen));
+ } else if (oip->ip_p == IPPROTO_SCTP) {
+ struct sctphdr *sh;
+ struct sctp_chunkhdr *ch;
+
+ if (ntohs(oip->ip_len) < oiphlen + sizeof(struct sctphdr))
+ goto stdreply;
+ if (oiphlen + sizeof(struct sctphdr) > n->m_len &&
+ n->m_next == NULL)
+ goto stdreply;
+ if (n->m_len < oiphlen + sizeof(struct sctphdr) &&
+ (n = m_pullup(n, oiphlen + sizeof(struct sctphdr))) == NULL)
+ goto freeit;
+ icmpelen = max(sizeof(struct sctphdr),
+ min(V_icmp_quotelen, ntohs(oip->ip_len) - oiphlen));
+ sh = (struct sctphdr *)((caddr_t)oip + oiphlen);
+ if (ntohl(sh->v_tag) == 0 &&
+ ntohs(oip->ip_len) >= oiphlen + sizeof(struct sctphdr) + 8 &&
+ (n->m_len >= oiphlen + sizeof(struct sctphdr) + 8 ||
+ n->m_next != NULL)) {
+ if (n->m_len < oiphlen + sizeof(struct sctphdr) + 8 &&
+ (n = m_pullup(n, oiphlen + sizeof(struct sctphdr) + 8)) == NULL)
+ goto freeit;
+ ch = (struct sctp_chunkhdr *)(sh + 1);
+ if (ch->chunk_type == SCTP_INITIATION) {
+ icmpelen = max(sizeof(struct sctphdr) + 8,
+ min(V_icmp_quotelen, ntohs(oip->ip_len) - oiphlen));
+ }
+ }
} else
stdreply: icmpelen = max(8, min(V_icmp_quotelen, ntohs(oip->ip_len) - oiphlen));

0 comments on commit 90269c7

Please sign in to comment.
Something went wrong with that request. Please try again.