summaryrefslogtreecommitdiffstats
path: root/src/vnet
diff options
context:
space:
mode:
authorMarco Varlese <marco.varlese@suse.com>2018-02-27 09:38:31 +0100
committerDamjan Marion <dmarion.lists@gmail.com>2018-02-28 05:54:43 +0000
commit8c5f67f2b883ad9dcb489ab0eb16e1acbe478926 (patch)
tree6fe63e6814e812f79b07950e29ef8a425b579b88 /src/vnet
parentac0932d26c17b8d82af1a7d033e1abdccb6f7209 (diff)
SCTP: handle COOKIE while in SHUTDOWN phase
This patch address the requirement to handle a COOKIE chunk whilst in SHUTDOWN phase. The COOKIE shouldn't just be dropped but an OPERATION ERROR chunk shall be sent to the peer to inform about the current situation. Change-Id: I1a47652402d49cfee3b0c810304d7902f3a62f40 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
Diffstat (limited to 'src/vnet')
-rw-r--r--src/vnet/sctp/sctp.h4
-rw-r--r--src/vnet/sctp/sctp_input.c29
-rw-r--r--src/vnet/sctp/sctp_output.c27
3 files changed, 40 insertions, 20 deletions
diff --git a/src/vnet/sctp/sctp.h b/src/vnet/sctp/sctp.h
index de5eb8f6685..815ca172adb 100644
--- a/src/vnet/sctp/sctp.h
+++ b/src/vnet/sctp/sctp.h
@@ -292,7 +292,9 @@ void sctp_prepare_abort_for_collision (sctp_connection_t * sctp_conn, u8 idx,
vlib_buffer_t * b,
ip4_address_t * ip4_addr,
ip6_address_t * ip6_addr);
-
+void
+sctp_prepare_operation_error (sctp_connection_t * sctp_conn, u8 idx,
+ vlib_buffer_t * b, u8 err_cause);
void sctp_prepare_cookie_echo_chunk (sctp_connection_t * sctp_conn, u8 idx,
vlib_buffer_t * b,
sctp_state_cookie_param_t * sc);
diff --git a/src/vnet/sctp/sctp_input.c b/src/vnet/sctp/sctp_input.c
index 1863c89ef45..46a2100cc07 100644
--- a/src/vnet/sctp/sctp_input.c
+++ b/src/vnet/sctp/sctp_input.c
@@ -295,7 +295,8 @@ sctp_handle_operation_err (sctp_header_t * sctp_hdr,
return SCTP_ERROR_INVALID_TAG;
}
- if (op_err->err_causes[0].cause_info == STALE_COOKIE_ERROR)
+ if (clib_net_to_host_u16 (op_err->err_causes[0].param_hdr.type) ==
+ STALE_COOKIE_ERROR)
{
if (sctp_conn->state != SCTP_STATE_COOKIE_ECHOED)
*next0 = sctp_next_drop (sctp_conn->sub_conn[idx].c_is_ip4);
@@ -1350,6 +1351,12 @@ sctp46_shutdown_phase_inline (vlib_main_t * vm,
&next0);
break;
+ case COOKIE_ECHO: /* Cookie Received While Shutting Down */
+ sctp_prepare_operation_error (sctp_conn, idx, b0,
+ COOKIE_RECEIVED_WHILE_SHUTTING_DOWN);
+ error0 = SCTP_ERROR_NONE;
+ next0 = sctp_next_output (is_ip4);
+ break;
/* All UNEXPECTED scenarios (wrong chunk received per state-machine)
* are handled by the input-dispatcher function using the table-lookup
* hence we should never get to the "default" case below.
@@ -2132,9 +2139,13 @@ sctp46_input_dispatcher (vlib_main_t * vm, vlib_node_runtime_t * node,
if (chunk_type >= UNKNOWN)
{
clib_warning
- ("Received an unrecognized chunk... something is really bad.");
+ ("Received an unrecognized chunk; sending back OPERATION_ERROR chunk");
+
+ sctp_prepare_operation_error (sctp_conn, MAIN_SCTP_SUB_CONN_IDX,
+ b0, UNRECOGNIZED_CHUNK_TYPE);
+
error0 = SCTP_ERROR_UNKOWN_CHUNK;
- next0 = SCTP_INPUT_NEXT_DROP;
+ next0 = sctp_next_output (is_ip4);
goto done;
}
@@ -2387,7 +2398,8 @@ do { \
SCTP_ERROR_NONE);
_(SHUTDOWN_PENDING, SHUTDOWN_ACK, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_SHUTDOWN_ACK_CHUNK_VIOLATION); /* UNEXPECTED SHUTDOWN_ACK chunk */
_(SHUTDOWN_PENDING, OPERATION_ERROR, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_OPERATION_ERROR_VIOLATION); /* UNEXPECTED OPERATION_ERROR chunk */
- _(SHUTDOWN_PENDING, COOKIE_ECHO, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_COOKIE_ECHO_VIOLATION); /* UNEXPECTED COOKIE_ECHO chunk */
+ _(SHUTDOWN_PENDING, COOKIE_ECHO, SCTP_INPUT_NEXT_SHUTDOWN_PHASE,
+ SCTP_ERROR_NONE);
_(SHUTDOWN_PENDING, COOKIE_ACK, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_ACK_DUP); /* UNEXPECTED COOKIE_ACK chunk */
_(SHUTDOWN_PENDING, ECNE, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_ECNE_VIOLATION); /* UNEXPECTED ECNE chunk */
_(SHUTDOWN_PENDING, CWR, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_CWR_VIOLATION); /* UNEXPECTED CWR chunk */
@@ -2405,7 +2417,8 @@ do { \
_(SHUTDOWN_SENT, SHUTDOWN, SCTP_INPUT_NEXT_SHUTDOWN_PHASE, SCTP_ERROR_NONE);
_(SHUTDOWN_SENT, SHUTDOWN_ACK, SCTP_INPUT_NEXT_SHUTDOWN_PHASE,
SCTP_ERROR_NONE);
- _(SHUTDOWN_SENT, COOKIE_ECHO, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_COOKIE_ECHO_VIOLATION); /* UNEXPECTED COOKIE_ECHO chunk */
+ _(SHUTDOWN_SENT, COOKIE_ECHO, SCTP_INPUT_NEXT_SHUTDOWN_PHASE,
+ SCTP_ERROR_NONE);
_(SHUTDOWN_SENT, COOKIE_ACK, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_ACK_DUP); /* UNEXPECTED COOKIE_ACK chunk */
_(SHUTDOWN_SENT, ECNE, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_ECNE_VIOLATION); /* UNEXPECTED ECNE chunk */
_(SHUTDOWN_SENT, CWR, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_CWR_VIOLATION); /* UNEXPECTED CWR chunk */
@@ -2423,7 +2436,8 @@ do { \
_(SHUTDOWN_RECEIVED, SHUTDOWN, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_SHUTDOWN_CHUNK_VIOLATION); /* UNEXPECTED SHUTDOWN chunk */
_(SHUTDOWN_RECEIVED, SHUTDOWN_ACK, SCTP_INPUT_NEXT_SHUTDOWN_PHASE,
SCTP_ERROR_NONE);
- _(SHUTDOWN_RECEIVED, COOKIE_ECHO, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_COOKIE_ECHO_VIOLATION); /* UNEXPECTED COOKIE_ECHO chunk */
+ _(SHUTDOWN_RECEIVED, COOKIE_ECHO, SCTP_INPUT_NEXT_SHUTDOWN_PHASE,
+ SCTP_ERROR_NONE);
_(SHUTDOWN_RECEIVED, COOKIE_ACK, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_ACK_DUP); /* UNEXPECTED COOKIE_ACK chunk */
_(SHUTDOWN_RECEIVED, ECNE, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_ECNE_VIOLATION); /* UNEXPECTED ECNE chunk */
_(SHUTDOWN_RECEIVED, CWR, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_CWR_VIOLATION); /* UNEXPECTED CWR chunk */
@@ -2440,7 +2454,8 @@ do { \
_(SHUTDOWN_ACK_SENT, ABORT, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_ABORT_CHUNK_VIOLATION); /* UNEXPECTED ABORT chunk */
_(SHUTDOWN_ACK_SENT, SHUTDOWN, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_SHUTDOWN_CHUNK_VIOLATION); /* UNEXPECTED SHUTDOWN chunk */
_(SHUTDOWN_ACK_SENT, SHUTDOWN_ACK, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_SHUTDOWN_ACK_CHUNK_VIOLATION); /* UNEXPECTED SHUTDOWN_ACK chunk */
- _(SHUTDOWN_ACK_SENT, COOKIE_ECHO, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_COOKIE_ECHO_VIOLATION); /* UNEXPECTED COOKIE_ECHO chunk */
+ _(SHUTDOWN_ACK_SENT, COOKIE_ECHO, SCTP_INPUT_NEXT_SHUTDOWN_PHASE,
+ SCTP_ERROR_NONE);
_(SHUTDOWN_ACK_SENT, COOKIE_ACK, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_ACK_DUP); /* UNEXPECTED COOKIE_ACK chunk */
_(SHUTDOWN_ACK_SENT, ECNE, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_ECNE_VIOLATION); /* UNEXPECTED ECNE chunk */
_(SHUTDOWN_ACK_SENT, CWR, SCTP_INPUT_NEXT_DROP, SCTP_ERROR_CWR_VIOLATION); /* UNEXPECTED CWR chunk */
diff --git a/src/vnet/sctp/sctp_output.c b/src/vnet/sctp/sctp_output.c
index b7351275486..0c2fee1bb69 100644
--- a/src/vnet/sctp/sctp_output.c
+++ b/src/vnet/sctp/sctp_output.c
@@ -589,24 +589,23 @@ sctp_prepare_cookie_echo_chunk (sctp_connection_t * sctp_conn, u8 idx,
}
/**
- * Convert buffer to ABORT
+ * Convert buffer to ERROR
*/
-/*
void
sctp_prepare_operation_error (sctp_connection_t * sctp_conn, u8 idx,
- vlib_buffer_t * b, ip4_address_t * ip4_addr,
- ip6_address_t * ip6_addr)
+ vlib_buffer_t * b, u8 err_cause)
{
vlib_main_t *vm = vlib_get_main ();
sctp_reuse_buffer (vm, b);
- // The minimum size of the message is given by the sctp_operation_error_t
- u16 alloc_bytes = sizeof (sctp_operation_error_t);
+ /* The minimum size of the message is given by the sctp_operation_error_t */
+ u16 alloc_bytes =
+ sizeof (sctp_operation_error_t) + sizeof (sctp_err_cause_param_t);
- // As per RFC 4960 the chunk_length value does NOT contemplate
- // the size of the first header (see sctp_header_t) and any padding
- //
+ /* As per RFC 4960 the chunk_length value does NOT contemplate
+ * the size of the first header (see sctp_header_t) and any padding
+ */
u16 chunk_len = alloc_bytes - sizeof (sctp_header_t);
alloc_bytes += vnet_sctp_calculate_padding (alloc_bytes);
@@ -614,13 +613,18 @@ sctp_prepare_operation_error (sctp_connection_t * sctp_conn, u8 idx,
sctp_operation_error_t *err_chunk =
vlib_buffer_push_uninit (b, alloc_bytes);
- // src_port & dst_port are already in network byte-order
+ /* src_port & dst_port are already in network byte-order */
err_chunk->sctp_hdr.checksum = 0;
err_chunk->sctp_hdr.src_port = sctp_conn->sub_conn[idx].connection.lcl_port;
err_chunk->sctp_hdr.dst_port = sctp_conn->sub_conn[idx].connection.rmt_port;
- // As per RFC4960 Section 5.2.2: copy the INITIATE_TAG into the VERIFICATION_TAG of the ABORT chunk
+ /* As per RFC4960 Section 5.2.2: copy the INITIATE_TAG into the VERIFICATION_TAG of the ABORT chunk */
err_chunk->sctp_hdr.verification_tag = sctp_conn->local_tag;
+ err_chunk->err_causes[0].param_hdr.length =
+ clib_host_to_net_u16 (sizeof (err_chunk->err_causes[0].param_hdr.type) +
+ sizeof (err_chunk->err_causes[0].param_hdr.length));
+ err_chunk->err_causes[0].param_hdr.type = clib_host_to_net_u16 (err_cause);
+
vnet_sctp_set_chunk_type (&err_chunk->chunk_hdr, OPERATION_ERROR);
vnet_sctp_set_chunk_length (&err_chunk->chunk_hdr, chunk_len);
@@ -628,7 +632,6 @@ sctp_prepare_operation_error (sctp_connection_t * sctp_conn, u8 idx,
sctp_conn->sub_conn[idx].connection.c_index;
vnet_buffer (b)->sctp.subconn_idx = idx;
}
-*/
/**
* Convert buffer to ABORT