UDP/IPv6 handling

Bryan Venteicher bryanv at daemoninthecloset.org
Thu Oct 2 03:51:33 UTC 2014 

On Wed, Oct 1, 2014 at 11:58 AM, Michael Tuexen <
Michael.Tuexen at lurchi.franken.de> wrote:

> Dear all,
>
> in udp6_input() we have the following code:
>
>         if (nxt == IPPROTO_UDP && plen != ulen) {
>                 UDPSTAT_INC(udps_badlen);
>                 goto badunlocked;
>         }
>         /*
>          * Checksum extended UDP header and data.
>          */
>         if (uh->uh_sum == 0) {
>                 if (ulen > plen || ulen < sizeof(struct udphdr)) {
>                         UDPSTAT_INC(udps_nosum);
>                         goto badunlocked;
>                 }
>         }
>
> I'm trying to understand the UDP code path...
>
>
​I too was recently confused by this code. ​I pointed out one issue to
kevlo@ recently, but it still kind of seemed like the UDP-Lite was
mismerged to IPv6.

So (ulen > plen) can't be true. I'm wondering why do we only check the ulen
> is not too
> short only in the case when the UDP checksum is zero. A zero checksum
> should also never happen.
>
>
​I hope to have a patch for ​RFC6935 [1] soon so a zero checksum may be
allowed if the inp/udpcb is configured for it.

I think we should check for ulen < sizeof(struct udphdr) in any case.
>
>
​I think previously, the checks in ip6_input(), IP6_EXTHDR_CHECK(), and
plen == ulen made this unnecessary. I think we'd want to do it for UDP-Lite
if ulen was not initially zero.

​[1]  - http://tools.ietf.org/html/rfc6935​


> Opinions?
>
> Best regards
> Michael
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>

More information about the freebsd-net mailing list