2004-05-08 00:11:52 +04:00
|
|
|
/* $NetBSD: tcp.h,v 1.17 2004/05/07 20:11:52 kleink Exp $ */
|
1994-06-29 10:29:24 +04:00
|
|
|
|
1993-03-21 12:45:37 +03:00
|
|
|
/*
|
1994-05-13 10:02:48 +04:00
|
|
|
* Copyright (c) 1982, 1986, 1993
|
|
|
|
* The Regents of the University of California. All rights reserved.
|
1993-03-21 12:45:37 +03:00
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
2003-08-07 20:26:28 +04:00
|
|
|
* 3. Neither the name of the University nor the names of its contributors
|
1993-03-21 12:45:37 +03:00
|
|
|
* may be used to endorse or promote products derived from this software
|
|
|
|
* without specific prior written permission.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
* SUCH DAMAGE.
|
|
|
|
*
|
1994-06-29 10:29:24 +04:00
|
|
|
* @(#)tcp.h 8.1 (Berkeley) 6/10/93
|
1993-03-21 12:45:37 +03:00
|
|
|
*/
|
|
|
|
|
1998-02-10 04:26:19 +03:00
|
|
|
#ifndef _NETINET_TCP_H_
|
|
|
|
#define _NETINET_TCP_H_
|
|
|
|
|
2003-05-05 18:36:13 +04:00
|
|
|
#include <sys/featuretest.h>
|
|
|
|
|
|
|
|
#if defined(_NETBSD_SOURCE)
|
|
|
|
|
1995-04-17 09:32:52 +04:00
|
|
|
typedef u_int32_t tcp_seq;
|
1993-03-21 12:45:37 +03:00
|
|
|
/*
|
|
|
|
* TCP header.
|
|
|
|
* Per RFC 793, September, 1981.
|
2004-05-08 00:11:52 +04:00
|
|
|
* Updated by RFC 3168, September, 2001.
|
1993-03-21 12:45:37 +03:00
|
|
|
*/
|
|
|
|
struct tcphdr {
|
1995-04-13 10:35:38 +04:00
|
|
|
u_int16_t th_sport; /* source port */
|
|
|
|
u_int16_t th_dport; /* destination port */
|
1995-04-17 09:32:52 +04:00
|
|
|
tcp_seq th_seq; /* sequence number */
|
|
|
|
tcp_seq th_ack; /* acknowledgement number */
|
1994-01-09 00:21:28 +03:00
|
|
|
#if BYTE_ORDER == LITTLE_ENDIAN
|
2000-07-05 06:45:03 +04:00
|
|
|
/*LINTED non-portable bitfields*/
|
1995-04-13 10:35:38 +04:00
|
|
|
u_int8_t th_x2:4, /* (unused) */
|
|
|
|
th_off:4; /* data offset */
|
1993-03-21 12:45:37 +03:00
|
|
|
#endif
|
1994-01-09 00:21:28 +03:00
|
|
|
#if BYTE_ORDER == BIG_ENDIAN
|
2000-07-05 06:45:03 +04:00
|
|
|
/*LINTED non-portable bitfields*/
|
1995-04-13 10:35:38 +04:00
|
|
|
u_int8_t th_off:4, /* data offset */
|
|
|
|
th_x2:4; /* (unused) */
|
1993-03-21 12:45:37 +03:00
|
|
|
#endif
|
1995-04-13 10:35:38 +04:00
|
|
|
u_int8_t th_flags;
|
1995-04-17 09:32:52 +04:00
|
|
|
#define TH_FIN 0x01
|
|
|
|
#define TH_SYN 0x02
|
|
|
|
#define TH_RST 0x04
|
|
|
|
#define TH_PUSH 0x08
|
|
|
|
#define TH_ACK 0x10
|
|
|
|
#define TH_URG 0x20
|
2004-05-08 00:11:52 +04:00
|
|
|
#define TH_ECE 0x40 /* (unimplemented) */
|
|
|
|
#define TH_CWR 0x80 /* (unimplemented) */
|
1995-04-13 10:35:38 +04:00
|
|
|
u_int16_t th_win; /* window */
|
|
|
|
u_int16_t th_sum; /* checksum */
|
|
|
|
u_int16_t th_urp; /* urgent pointer */
|
1999-11-20 03:37:58 +03:00
|
|
|
} __attribute__((__packed__));
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1994-05-13 10:02:48 +04:00
|
|
|
#define TCPOPT_EOL 0
|
|
|
|
#define TCPOPT_NOP 1
|
|
|
|
#define TCPOPT_MAXSEG 2
|
|
|
|
#define TCPOLEN_MAXSEG 4
|
|
|
|
#define TCPOPT_WINDOW 3
|
|
|
|
#define TCPOLEN_WINDOW 3
|
|
|
|
#define TCPOPT_SACK_PERMITTED 4 /* Experimental */
|
|
|
|
#define TCPOLEN_SACK_PERMITTED 2
|
|
|
|
#define TCPOPT_SACK 5 /* Experimental */
|
|
|
|
#define TCPOPT_TIMESTAMP 8
|
|
|
|
#define TCPOLEN_TIMESTAMP 10
|
|
|
|
#define TCPOLEN_TSTAMP_APPA (TCPOLEN_TIMESTAMP+2) /* appendix A */
|
2001-05-27 01:40:55 +04:00
|
|
|
#define TCPOPT_MD5SIGNATURE 19 /* RFC 2385 */
|
|
|
|
#define TCPOLEN_MD5SIGNATURE 18
|
1994-05-13 10:02:48 +04:00
|
|
|
|
|
|
|
#define TCPOPT_TSTAMP_HDR \
|
|
|
|
(TCPOPT_NOP<<24|TCPOPT_NOP<<16|TCPOPT_TIMESTAMP<<8|TCPOLEN_TIMESTAMP)
|
1993-03-21 12:45:37 +03:00
|
|
|
|
Initial commit of a port of the FreeBSD implementation of RFC 2385
(MD5 signatures for TCP, as used with BGP). Credit for original
FreeBSD code goes to Bruce M. Simpson, with FreeBSD sponsorship
credited to sentex.net. Shortening of the setsockopt() name
attributed to Vincent Jardin.
This commit is a minimal, working version of the FreeBSD code, as
MFC'ed to FreeBSD-4. It has received minimal testing with a ttcp
modified to set the TCP-MD5 option; BMS's additions to tcpdump-current
(tcpdump -M) confirm that the MD5 signatures are correct. Committed
as-is for further testing between a NetBSD BGP speaker (e.g., quagga)
and industry-standard BGP speakers (e.g., Cisco, Juniper).
NOTE: This version has two potential flaws. First, I do see any code
that verifies recieved TCP-MD5 signatures. Second, the TCP-MD5
options are internally padded and assumed to be 32-bit aligned. A more
space-efficient scheme is to pack all TCP options densely (and
possibly unaligned) into the TCP header ; then do one final padding to
a 4-byte boundary. Pre-existing comments note that accounting for
TCP-option space when we add SACK is yet to be done. For now, I'm
punting on that; we can solve it properly, in a way that will handle
SACK blocks, as a separate exercise.
In case a pullup to NetBSD-2 is requested, this adds sys/netipsec/xform_tcp.c
,and modifies:
sys/net/pfkeyv2.h,v 1.15
sys/netinet/files.netinet,v 1.5
sys/netinet/ip.h,v 1.25
sys/netinet/tcp.h,v 1.15
sys/netinet/tcp_input.c,v 1.200
sys/netinet/tcp_output.c,v 1.109
sys/netinet/tcp_subr.c,v 1.165
sys/netinet/tcp_usrreq.c,v 1.89
sys/netinet/tcp_var.h,v 1.109
sys/netipsec/files.netipsec,v 1.3
sys/netipsec/ipsec.c,v 1.11
sys/netipsec/ipsec.h,v 1.7
sys/netipsec/key.c,v 1.11
share/man/man4/tcp.4,v 1.16
lib/libipsec/pfkey.c,v 1.20
lib/libipsec/pfkey_dump.c,v 1.17
lib/libipsec/policy_token.l,v 1.8
sbin/setkey/parse.y,v 1.14
sbin/setkey/setkey.8,v 1.27
sbin/setkey/token.l,v 1.15
Note that the preceding two revisions to tcp.4 will be
required to cleanly apply this diff.
2004-04-26 02:25:03 +04:00
|
|
|
#define TCPOPT_SIGNATURE 19 /* Keyed MD5: RFC 2385 */
|
|
|
|
#define TCPOLEN_SIGNATURE 18
|
|
|
|
|
1993-03-21 12:45:37 +03:00
|
|
|
/*
|
|
|
|
* Default maximum segment size for TCP.
|
|
|
|
* With an IP MSS of 576, this is 536,
|
|
|
|
* but 512 is probably more convenient.
|
1994-05-13 10:02:48 +04:00
|
|
|
* This should be defined as min(512, IP_MSS - sizeof (struct tcpiphdr)).
|
1993-03-21 12:45:37 +03:00
|
|
|
*/
|
1994-05-13 10:02:48 +04:00
|
|
|
#define TCP_MSS 512
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1994-05-13 10:02:48 +04:00
|
|
|
#define TCP_MAXWIN 65535 /* largest value for (unscaled) window */
|
|
|
|
|
|
|
|
#define TCP_MAX_WINSHIFT 14 /* maximum window shift */
|
1993-03-21 12:45:37 +03:00
|
|
|
|
1998-10-05 01:33:52 +04:00
|
|
|
#define TCP_MAXBURST 4 /* maximum segments in a burst */
|
|
|
|
|
2003-05-05 18:36:13 +04:00
|
|
|
#endif /* _NETBSD_SOURCE */
|
|
|
|
|
1993-03-21 12:45:37 +03:00
|
|
|
/*
|
|
|
|
* User-settable options (used with setsockopt).
|
|
|
|
*/
|
|
|
|
#define TCP_NODELAY 0x01 /* don't delay send to coalesce packets */
|
|
|
|
#define TCP_MAXSEG 0x02 /* set maximum segment size */
|
Initial commit of a port of the FreeBSD implementation of RFC 2385
(MD5 signatures for TCP, as used with BGP). Credit for original
FreeBSD code goes to Bruce M. Simpson, with FreeBSD sponsorship
credited to sentex.net. Shortening of the setsockopt() name
attributed to Vincent Jardin.
This commit is a minimal, working version of the FreeBSD code, as
MFC'ed to FreeBSD-4. It has received minimal testing with a ttcp
modified to set the TCP-MD5 option; BMS's additions to tcpdump-current
(tcpdump -M) confirm that the MD5 signatures are correct. Committed
as-is for further testing between a NetBSD BGP speaker (e.g., quagga)
and industry-standard BGP speakers (e.g., Cisco, Juniper).
NOTE: This version has two potential flaws. First, I do see any code
that verifies recieved TCP-MD5 signatures. Second, the TCP-MD5
options are internally padded and assumed to be 32-bit aligned. A more
space-efficient scheme is to pack all TCP options densely (and
possibly unaligned) into the TCP header ; then do one final padding to
a 4-byte boundary. Pre-existing comments note that accounting for
TCP-option space when we add SACK is yet to be done. For now, I'm
punting on that; we can solve it properly, in a way that will handle
SACK blocks, as a separate exercise.
In case a pullup to NetBSD-2 is requested, this adds sys/netipsec/xform_tcp.c
,and modifies:
sys/net/pfkeyv2.h,v 1.15
sys/netinet/files.netinet,v 1.5
sys/netinet/ip.h,v 1.25
sys/netinet/tcp.h,v 1.15
sys/netinet/tcp_input.c,v 1.200
sys/netinet/tcp_output.c,v 1.109
sys/netinet/tcp_subr.c,v 1.165
sys/netinet/tcp_usrreq.c,v 1.89
sys/netinet/tcp_var.h,v 1.109
sys/netipsec/files.netipsec,v 1.3
sys/netipsec/ipsec.c,v 1.11
sys/netipsec/ipsec.h,v 1.7
sys/netipsec/key.c,v 1.11
share/man/man4/tcp.4,v 1.16
lib/libipsec/pfkey.c,v 1.20
lib/libipsec/pfkey_dump.c,v 1.17
lib/libipsec/policy_token.l,v 1.8
sbin/setkey/parse.y,v 1.14
sbin/setkey/setkey.8,v 1.27
sbin/setkey/token.l,v 1.15
Note that the preceding two revisions to tcp.4 will be
required to cleanly apply this diff.
2004-04-26 02:25:03 +04:00
|
|
|
/* Bits 0x04, 0x08 reserved for FreeBSD compatibility: TCP_NOPUSH, TCP_NOOPT */
|
|
|
|
#define TCP_MD5SIG 0x10 /* use MD5 digests (RFC2385) */
|
1998-02-10 04:26:19 +03:00
|
|
|
#endif /* _NETINET_TCP_H_ */
|