| /* |
| * Copyright 2011 Daniel Drown |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| * |
| * translate.c - CLAT functions / partial implementation of rfc6145 |
| */ |
| #include <string.h> |
| |
| #include <netinet/in.h> |
| #include <netinet/ip.h> |
| #include <netinet/ip_icmp.h> |
| #include <netinet/udp.h> |
| #include <netinet/tcp.h> |
| #include <netinet/ip6.h> |
| #include <netinet/icmp6.h> |
| #include <linux/icmp.h> |
| |
| #include "translate.h" |
| #include "checksum.h" |
| #include "clatd.h" |
| #include "config.h" |
| #include "logging.h" |
| #include "debug.h" |
| |
| /* function: payload_length |
| * calculates the total length of the packet components after pos |
| * packet - packet to calculate the length of |
| * pos - position to start counting from |
| * returns: the total length of the packet components after pos |
| */ |
| uint16_t payload_length(clat_packet packet, int pos) { |
| size_t len = 0; |
| int i; |
| for (i = pos + 1; i < POS_MAX; i++) { |
| len += packet[i].iov_len; |
| } |
| return len; |
| } |
| |
| /* function: fill_tun_header |
| * fill in the header for the tun fd |
| * tun_header - tunnel header, already allocated |
| * proto - ethernet protocol id: ETH_P_IP(ipv4) or ETH_P_IPV6(ipv6) |
| */ |
| void fill_tun_header(struct tun_pi *tun_header, uint16_t proto) { |
| tun_header->flags = 0; |
| tun_header->proto = htons(proto); |
| } |
| |
| /* function: ipv6_src_to_ipv4_src |
| * return the corresponding ipv4 address for the given ipv6 address |
| * sourceaddr - ipv6 source address |
| * returns: the IPv4 address |
| */ |
| uint32_t ipv6_src_to_ipv4_src(const struct in6_addr *sourceaddr) { |
| // assumes a /96 plat subnet |
| return sourceaddr->s6_addr32[3]; |
| } |
| |
| /* function: fill_ip_header |
| * generate an ipv4 header from an ipv6 header |
| * ip_targ - (ipv4) target packet header, source: original ipv4 addr, dest: local subnet addr |
| * payload_len - length of other data inside packet |
| * protocol - protocol number (tcp, udp, etc) |
| * old_header - (ipv6) source packet header, source: nat64 prefix, dest: local subnet prefix |
| */ |
| void fill_ip_header(struct iphdr *ip, uint16_t payload_len, uint8_t protocol, |
| const struct ip6_hdr *old_header) { |
| memset(ip, 0, sizeof(struct iphdr)); |
| |
| ip->ihl = 5; |
| ip->version = 4; |
| ip->tos = 0; |
| ip->tot_len = htons(sizeof(struct iphdr) + payload_len); |
| ip->id = 0; |
| ip->frag_off = htons(IP_DF); |
| ip->ttl = old_header->ip6_hlim; |
| ip->protocol = protocol; |
| ip->check = 0; |
| |
| ip->saddr = ipv6_src_to_ipv4_src(&old_header->ip6_src); |
| ip->daddr = Global_Clatd_Config.ipv4_local_subnet.s_addr; |
| } |
| |
| /* function: ipv4_dst_to_ipv6_dst |
| * return the corresponding ipv6 address for the given ipv4 address |
| * destination - ipv4 destination address (network byte order) |
| */ |
| struct in6_addr ipv4_dst_to_ipv6_dst(uint32_t destination) { |
| struct in6_addr v6_destination; |
| |
| // assumes a /96 plat subnet |
| v6_destination = Global_Clatd_Config.plat_subnet; |
| v6_destination.s6_addr32[3] = destination; |
| |
| return v6_destination; |
| } |
| |
| /* function: fill_ip6_header |
| * generate an ipv6 header from an ipv4 header |
| * ip6 - (ipv6) target packet header, source: local subnet prefix, dest: nat64 prefix |
| * payload_len - length of other data inside packet |
| * protocol - protocol number (tcp, udp, etc) |
| * old_header - (ipv4) source packet header, source: local subnet addr, dest: internet's ipv4 addr |
| */ |
| void fill_ip6_header(struct ip6_hdr *ip6, uint16_t payload_len, uint8_t protocol, |
| const struct iphdr *old_header) { |
| memset(ip6, 0, sizeof(struct ip6_hdr)); |
| |
| ip6->ip6_vfc = 6 << 4; |
| ip6->ip6_plen = htons(payload_len); |
| ip6->ip6_nxt = protocol; |
| ip6->ip6_hlim = old_header->ttl; |
| |
| ip6->ip6_src = Global_Clatd_Config.ipv6_local_subnet; |
| ip6->ip6_dst = ipv4_dst_to_ipv6_dst(old_header->daddr); |
| } |
| |
| /* function: icmp_to_icmp6 |
| * translate ipv4 icmp to ipv6 icmp (only currently supports echo/echo reply) |
| * out - output packet |
| * icmp - source packet icmp header |
| * checksum - pseudo-header checksum |
| * payload - icmp payload |
| * payload_size - size of payload |
| * returns: the highest position in the output clat_packet that's filled in |
| */ |
| int icmp_to_icmp6(clat_packet out, int pos, const struct icmphdr *icmp, uint32_t checksum, |
| const char *payload, size_t payload_size) { |
| struct icmp6_hdr *icmp6_targ = out[pos].iov_base; |
| uint32_t checksum_temp; |
| |
| if((icmp->type != ICMP_ECHO) && (icmp->type != ICMP_ECHOREPLY)) { |
| logmsg_dbg(ANDROID_LOG_WARN,"icmp_to_icmp6/unhandled icmp type: 0x%x", icmp->type); |
| return 0; |
| } |
| |
| memset(icmp6_targ, 0, sizeof(struct icmp6_hdr)); |
| icmp6_targ->icmp6_type = (icmp->type == ICMP_ECHO) ? ICMP6_ECHO_REQUEST : ICMP6_ECHO_REPLY; |
| icmp6_targ->icmp6_code = 0; |
| icmp6_targ->icmp6_id = icmp->un.echo.id; |
| icmp6_targ->icmp6_seq = icmp->un.echo.sequence; |
| |
| icmp6_targ->icmp6_cksum = 0; |
| checksum = ip_checksum_add(checksum, icmp6_targ, sizeof(struct icmp6_hdr)); |
| checksum = ip_checksum_add(checksum, payload, payload_size); |
| icmp6_targ->icmp6_cksum = ip_checksum_finish(checksum); |
| |
| out[pos].iov_len = sizeof(struct icmp6_hdr); |
| out[POS_PAYLOAD].iov_base = (char *) payload; |
| out[POS_PAYLOAD].iov_len = payload_size; |
| |
| return POS_PAYLOAD + 1; |
| } |
| |
| /* function: icmp6_to_icmp |
| * translate ipv6 icmp to ipv4 icmp (only currently supports echo/echo reply) |
| * out - output packet |
| * icmp6 - source packet icmp6 header |
| * checksum - pseudo-header checksum (unused) |
| * payload - icmp6 payload |
| * payload_size - size of payload |
| * returns: the highest position in the output clat_packet that's filled in |
| */ |
| int icmp6_to_icmp(clat_packet out, int pos, const struct icmp6_hdr *icmp6, uint32_t checksum, |
| const char *payload, size_t payload_size) { |
| struct icmphdr *icmp_targ = out[pos].iov_base; |
| |
| if((icmp6->icmp6_type != ICMP6_ECHO_REQUEST) && (icmp6->icmp6_type != ICMP6_ECHO_REPLY)) { |
| logmsg_dbg(ANDROID_LOG_WARN,"icmp6_to_icmp/unhandled icmp6 type: 0x%x",icmp6->icmp6_type); |
| return 0; |
| } |
| |
| memset(icmp_targ, 0, sizeof(struct icmphdr)); |
| |
| icmp_targ->type = (icmp6->icmp6_type == ICMP6_ECHO_REQUEST) ? ICMP_ECHO : ICMP_ECHOREPLY; |
| icmp_targ->code = 0x0; |
| icmp_targ->un.echo.id = icmp6->icmp6_id; |
| icmp_targ->un.echo.sequence = icmp6->icmp6_seq; |
| |
| icmp_targ->checksum = 0; |
| checksum = ip_checksum_add(0, icmp_targ, sizeof(struct icmphdr)); |
| checksum = ip_checksum_add(checksum, (void *)payload, payload_size); |
| icmp_targ->checksum = ip_checksum_finish(checksum); |
| |
| out[pos].iov_len = sizeof(struct icmphdr); |
| out[POS_PAYLOAD].iov_base = (char *) payload; |
| out[POS_PAYLOAD].iov_len = payload_size; |
| |
| return POS_PAYLOAD + 1; |
| } |
| |
| /* function: udp_packet |
| * takes a udp packet and sets it up for translation |
| * out - output packet |
| * udp - pointer to udp header in packet |
| * checksum - pseudo-header checksum |
| * len - size of ip payload |
| */ |
| int udp_packet(clat_packet out, int pos, const struct udphdr *udp, uint32_t checksum, size_t len) { |
| const char *payload; |
| size_t payload_size; |
| |
| if(len < sizeof(struct udphdr)) { |
| logmsg_dbg(ANDROID_LOG_ERROR,"udp_packet/(too small)"); |
| return 0; |
| } |
| |
| payload = (const char *) (udp + 1); |
| payload_size = len - sizeof(struct udphdr); |
| |
| return udp_translate(out, pos, udp, checksum, payload, payload_size); |
| } |
| |
| /* function: tcp_packet |
| * takes a tcp packet and sets it up for translation |
| * out - output packet |
| * tcp - pointer to tcp header in packet |
| * checksum - pseudo-header checksum |
| * len - size of ip payload |
| * returns: the highest position in the output clat_packet that's filled in |
| */ |
| int tcp_packet(clat_packet out, int pos, const struct tcphdr *tcp, uint32_t checksum, size_t len) { |
| const char *payload; |
| size_t payload_size, header_size; |
| |
| if(len < sizeof(struct tcphdr)) { |
| logmsg_dbg(ANDROID_LOG_ERROR,"tcp_packet/(too small)"); |
| return 0; |
| } |
| |
| if(tcp->doff < 5) { |
| logmsg_dbg(ANDROID_LOG_ERROR,"tcp_packet/tcp header length set to less than 5: %x", tcp->doff); |
| return 0; |
| } |
| |
| if((size_t) tcp->doff*4 > len) { |
| logmsg_dbg(ANDROID_LOG_ERROR,"tcp_packet/tcp header length set too large: %x", tcp->doff); |
| return 0; |
| } |
| |
| header_size = tcp->doff * 4; |
| payload = ((const char *) tcp) + header_size; |
| payload_size = len - header_size; |
| |
| return tcp_translate(out, pos, tcp, header_size, checksum, payload, payload_size); |
| } |
| |
| /* function: udp_translate |
| * common between ipv4/ipv6 - setup checksum and send udp packet |
| * out - output packet |
| * udp - udp header |
| * checksum - pseudo-header checksum |
| * payload - tcp payload |
| * payload_size - size of payload |
| * returns: the highest position in the output clat_packet that's filled in |
| */ |
| int udp_translate(clat_packet out, int pos, const struct udphdr *udp, uint32_t checksum, |
| const char *payload, size_t payload_size) { |
| struct udphdr *udp_targ = out[pos].iov_base; |
| |
| memcpy(udp_targ, udp, sizeof(struct udphdr)); |
| udp_targ->check = 0; // reset checksum, to be calculated |
| |
| checksum = ip_checksum_add(checksum, udp_targ, sizeof(struct udphdr)); |
| checksum = ip_checksum_add(checksum, payload, payload_size); |
| udp_targ->check = ip_checksum_finish(checksum); |
| |
| out[pos].iov_len = sizeof(struct udphdr); |
| out[POS_PAYLOAD].iov_base = (char *) payload; |
| out[POS_PAYLOAD].iov_len = payload_size; |
| |
| return POS_PAYLOAD + 1; |
| } |
| |
| /* function: tcp_translate |
| * common between ipv4/ipv6 - setup checksum and send tcp packet |
| * out - output packet |
| * tcp - tcp header |
| * header_size - size of tcp header including options |
| * checksum - partial checksum covering ipv4/ipv6 header |
| * payload - tcp payload |
| * payload_size - size of payload |
| * returns: the highest position in the output clat_packet that's filled in |
| * |
| * TODO: mss rewrite |
| * TODO: hosts without pmtu discovery - non DF packets will rely on fragmentation (unimplemented) |
| */ |
| int tcp_translate(clat_packet out, int pos, const struct tcphdr *tcp, size_t header_size, |
| uint32_t checksum, const char *payload, size_t payload_size) { |
| struct tcphdr *tcp_targ = out[pos].iov_base; |
| out[pos].iov_len = header_size; |
| |
| if (header_size > MAX_TCP_HDR) { |
| // A TCP header cannot be more than MAX_TCP_HDR bytes long because it's a 4-bit field that |
| // counts in 4-byte words. So this can never happen unless there is a bug in the caller. |
| logmsg(ANDROID_LOG_ERROR, "tcp_translate: header too long %d > %d, truncating", |
| header_size, MAX_TCP_HDR); |
| header_size = MAX_TCP_HDR; |
| } |
| |
| memcpy(tcp_targ, tcp, header_size); |
| |
| tcp_targ->check = 0; |
| checksum = ip_checksum_add(checksum, tcp_targ, header_size); |
| checksum = ip_checksum_add(checksum, payload, payload_size); |
| tcp_targ->check = ip_checksum_finish(checksum); |
| |
| out[POS_PAYLOAD].iov_base = (char *)payload; |
| out[POS_PAYLOAD].iov_len = payload_size; |
| |
| return POS_PAYLOAD + 1; |
| } |
