[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lwip-commits] [SCM] lwIP - A Lightweight TCPIP stack branch, master, up
|
From: |
Simon Goldschmidt |
|
Subject: |
[lwip-commits] [SCM] lwIP - A Lightweight TCPIP stack branch, master, updated. master_at_STABLE-2_0_0-115-g62e3400 |
|
Date: |
Thu, 15 Dec 2016 20:08:26 +0000 (UTC) |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "lwIP - A Lightweight TCPIP stack".
The branch, master has been updated
via 62e340067e45aeb18888062c4b010ac1df0617d7 (commit)
via a8b986bbb67820a59be567d280b6be762ef65e92 (commit)
from da15132aa02ab7fda01249a16c9e2d909db7472c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 62e340067e45aeb18888062c4b010ac1df0617d7
Author: sg <address@hidden>
Date: Thu Dec 15 21:08:12 2016 +0100
LWIP_HOOK_TCP_ISN: added CHANGELOG/fixed comment
commit a8b986bbb67820a59be567d280b6be762ef65e92
Author: David van Moolenbroek <address@hidden>
Date: Wed Oct 26 21:24:46 2016 +0000
Add hook for TCP Initial Sequence Number generation
lwIP produces a TCP Initial Sequence Number (ISN) for each new TCP
connection. The current algorithm is simple and predictable however.
The result is that lwIP TCP connections may be the target of TCP
spoofing attacks. The problem of such attacks is well known, and a
recommended ISN generation algorithm is standardized in RFC 6528.
This algorithm requires a high-resolution timer and cryptographic
hashing function, though. The implementation (or best-effort
approximation) of both of these aspects is well beyond the scope of
lwIP itself.
For that reason, this patch adds LWIP_HOOK_TCP_ISN, a hook that
allows each platform to implement its own ISN generation using
locally available means. The hook provides full flexibility, in
that the hook may generate anything from a simple random number
(by being set to LWIP_RAND()) to a full RFC 6528 implementation.
Implementation note:
Users of the hook would typically declare the function prototype of
the hook function in arch/cc.h, as this is the last place where such
prototypes can be supplied. However, at that point, the ip_addr_t
type has not yet been defined. For that reason, this patch removes
the leading underscore from "struct _ip_addr", so that a prototype
of the hook function can use "struct ip_addr" instead of "ip_addr_t".
Signed-off-by: sg <address@hidden>
-----------------------------------------------------------------------
Summary of changes:
CHANGELOG | 4 ++++
src/core/tcp.c | 17 +++++++++--------
src/core/tcp_in.c | 6 ++++++
src/include/lwip/ip_addr.h | 2 +-
src/include/lwip/opt.h | 23 +++++++++++++++++++++++
src/include/lwip/priv/tcp_priv.h | 2 +-
6 files changed, 44 insertions(+), 10 deletions(-)
hooks/post-receive
--
lwIP - A Lightweight TCPIP stack
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [lwip-commits] [SCM] lwIP - A Lightweight TCPIP stack branch, master, updated. master_at_STABLE-2_0_0-115-g62e3400,
Simon Goldschmidt <=