diff -urN -X dd linux-2.6.5-rc2-mm2.o/net/ipv6/exthdrs.c linux-2.6.5-rc2-mm2.w2/net/ipv6/exthdrs.c --- linux-2.6.5-rc2-mm2.o/net/ipv6/exthdrs.c 2004-03-11 09:13:23.000000000 -0500 +++ linux-2.6.5-rc2-mm2.w2/net/ipv6/exthdrs.c 2004-03-25 23:44:02.000000000 -0500 @@ -633,105 +633,3 @@ } return opt2; } - - -/* - * find out if nexthdr is a well-known extension header or a protocol - */ - -int ipv6_ext_hdr(u8 nexthdr) -{ - /* - * find out if nexthdr is an extension header or a protocol - */ - return ( (nexthdr == NEXTHDR_HOP) || - (nexthdr == NEXTHDR_ROUTING) || - (nexthdr == NEXTHDR_FRAGMENT) || - (nexthdr == NEXTHDR_AUTH) || - (nexthdr == NEXTHDR_NONE) || - (nexthdr == NEXTHDR_DEST) ); -} - -/* - * Skip any extension headers. This is used by the ICMP module. - * - * Note that strictly speaking this conflicts with RFC 2460 4.0: - * ...The contents and semantics of each extension header determine whether - * or not to proceed to the next header. Therefore, extension headers must - * be processed strictly in the order they appear in the packet; a - * receiver must not, for example, scan through a packet looking for a - * particular kind of extension header and process that header prior to - * processing all preceding ones. - * - * We do exactly this. This is a protocol bug. We can't decide after a - * seeing an unknown discard-with-error flavour TLV option if it's a - * ICMP error message or not (errors should never be send in reply to - * ICMP error messages). - * - * But I see no other way to do this. This might need to be reexamined - * when Linux implements ESP (and maybe AUTH) headers. - * --AK - * - * This function parses (probably truncated) exthdr set "hdr" - * of length "len". "nexthdrp" initially points to some place, - * where type of the first header can be found. - * - * It skips all well-known exthdrs, and returns pointer to the start - * of unparsable area i.e. the first header with unknown type. - * If it is not NULL *nexthdr is updated by type/protocol of this header. - * - * NOTES: - if packet terminated with NEXTHDR_NONE it returns NULL. - * - it may return pointer pointing beyond end of packet, - * if the last recognized header is truncated in the middle. - * - if packet is truncated, so that all parsed headers are skipped, - * it returns NULL. - * - First fragment header is skipped, not-first ones - * are considered as unparsable. - * - ESP is unparsable for now and considered like - * normal payload protocol. - * - Note also special handling of AUTH header. Thanks to IPsec wizards. - * - * --ANK (980726) - */ - -int ipv6_skip_exthdr(const struct sk_buff *skb, int start, u8 *nexthdrp, int len) -{ - u8 nexthdr = *nexthdrp; - - while (ipv6_ext_hdr(nexthdr)) { - struct ipv6_opt_hdr hdr; - int hdrlen; - - if (len < (int)sizeof(struct ipv6_opt_hdr)) - return -1; - if (nexthdr == NEXTHDR_NONE) - return -1; - if (skb_copy_bits(skb, start, &hdr, sizeof(hdr))) - BUG(); - if (nexthdr == NEXTHDR_FRAGMENT) { - unsigned short frag_off; - if (skb_copy_bits(skb, - start+offsetof(struct frag_hdr, - frag_off), - &frag_off, - sizeof(frag_off))) { - return -1; - } - - if (ntohs(frag_off) & ~0x7) - break; - hdrlen = 8; - } else if (nexthdr == NEXTHDR_AUTH) - hdrlen = (hdr.hdrlen+2)<<2; - else - hdrlen = ipv6_optlen(&hdr); - - nexthdr = hdr.nexthdr; - len -= hdrlen; - start += hdrlen; - } - - *nexthdrp = nexthdr; - return start; -} - diff -urN -X dd linux-2.6.5-rc2-mm2.o/net/ipv6/exthdrs_core.c linux-2.6.5-rc2-mm2.w2/net/ipv6/exthdrs_core.c --- linux-2.6.5-rc2-mm2.o/net/ipv6/exthdrs_core.c 1969-12-31 19:00:00.000000000 -0500 +++ linux-2.6.5-rc2-mm2.w2/net/ipv6/exthdrs_core.c 2004-03-25 23:44:02.000000000 -0500 @@ -0,0 +1,108 @@ +/* + * IPv6 library code, needed by static components when full IPv6 support is + * not configured or static. + */ +#include + +/* + * find out if nexthdr is a well-known extension header or a protocol + */ + +int ipv6_ext_hdr(u8 nexthdr) +{ + /* + * find out if nexthdr is an extension header or a protocol + */ + return ( (nexthdr == NEXTHDR_HOP) || + (nexthdr == NEXTHDR_ROUTING) || + (nexthdr == NEXTHDR_FRAGMENT) || + (nexthdr == NEXTHDR_AUTH) || + (nexthdr == NEXTHDR_NONE) || + (nexthdr == NEXTHDR_DEST) ); +} + +/* + * Skip any extension headers. This is used by the ICMP module. + * + * Note that strictly speaking this conflicts with RFC 2460 4.0: + * ...The contents and semantics of each extension header determine whether + * or not to proceed to the next header. Therefore, extension headers must + * be processed strictly in the order they appear in the packet; a + * receiver must not, for example, scan through a packet looking for a + * particular kind of extension header and process that header prior to + * processing all preceding ones. + * + * We do exactly this. This is a protocol bug. We can't decide after a + * seeing an unknown discard-with-error flavour TLV option if it's a + * ICMP error message or not (errors should never be send in reply to + * ICMP error messages). + * + * But I see no other way to do this. This might need to be reexamined + * when Linux implements ESP (and maybe AUTH) headers. + * --AK + * + * This function parses (probably truncated) exthdr set "hdr" + * of length "len". "nexthdrp" initially points to some place, + * where type of the first header can be found. + * + * It skips all well-known exthdrs, and returns pointer to the start + * of unparsable area i.e. the first header with unknown type. + * If it is not NULL *nexthdr is updated by type/protocol of this header. + * + * NOTES: - if packet terminated with NEXTHDR_NONE it returns NULL. + * - it may return pointer pointing beyond end of packet, + * if the last recognized header is truncated in the middle. + * - if packet is truncated, so that all parsed headers are skipped, + * it returns NULL. + * - First fragment header is skipped, not-first ones + * are considered as unparsable. + * - ESP is unparsable for now and considered like + * normal payload protocol. + * - Note also special handling of AUTH header. Thanks to IPsec wizards. + * + * --ANK (980726) + */ + +int ipv6_skip_exthdr(const struct sk_buff *skb, int start, u8 *nexthdrp, int len) +{ + u8 nexthdr = *nexthdrp; + + while (ipv6_ext_hdr(nexthdr)) { + struct ipv6_opt_hdr hdr; + int hdrlen; + + if (len < (int)sizeof(struct ipv6_opt_hdr)) + return -1; + if (nexthdr == NEXTHDR_NONE) + return -1; + if (skb_copy_bits(skb, start, &hdr, sizeof(hdr))) + BUG(); + if (nexthdr == NEXTHDR_FRAGMENT) { + unsigned short frag_off; + if (skb_copy_bits(skb, + start+offsetof(struct frag_hdr, + frag_off), + &frag_off, + sizeof(frag_off))) { + return -1; + } + + if (ntohs(frag_off) & ~0x7) + break; + hdrlen = 8; + } else if (nexthdr == NEXTHDR_AUTH) + hdrlen = (hdr.hdrlen+2)<<2; + else + hdrlen = ipv6_optlen(&hdr); + + nexthdr = hdr.nexthdr; + len -= hdrlen; + start += hdrlen; + } + + *nexthdrp = nexthdr; + return start; +} + +EXPORT_SYMBOL(ipv6_ext_hdr); +EXPORT_SYMBOL(ipv6_skip_exthdr); diff -urN -X dd linux-2.6.5-rc2-mm2.o/net/ipv6/ipv6_syms.c linux-2.6.5-rc2-mm2.w2/net/ipv6/ipv6_syms.c --- linux-2.6.5-rc2-mm2.o/net/ipv6/ipv6_syms.c 2004-03-11 09:13:23.000000000 -0500 +++ linux-2.6.5-rc2-mm2.w2/net/ipv6/ipv6_syms.c 2004-03-25 23:44:02.000000000 -0500 @@ -41,9 +41,7 @@ #endif EXPORT_SYMBOL(rt6_lookup); EXPORT_SYMBOL(fl6_sock_lookup); -EXPORT_SYMBOL(ipv6_ext_hdr); EXPORT_SYMBOL(ip6_append_data); EXPORT_SYMBOL(ip6_flush_pending_frames); EXPORT_SYMBOL(ip6_push_pending_frames); EXPORT_SYMBOL(ipv6_push_nfrag_opts); -EXPORT_SYMBOL(ipv6_skip_exthdr); diff -urN -X dd linux-2.6.5-rc2-mm2.o/net/ipv6/Makefile linux-2.6.5-rc2-mm2.w2/net/ipv6/Makefile --- linux-2.6.5-rc2-mm2.o/net/ipv6/Makefile 2003-09-27 20:50:39.000000000 -0400 +++ linux-2.6.5-rc2-mm2.w2/net/ipv6/Makefile 2004-03-26 00:58:51.951298600 -0500 @@ -19,3 +19,5 @@ obj-$(CONFIG_NETFILTER) += netfilter/ obj-$(CONFIG_IPV6_TUNNEL) += ip6_tunnel.o + +obj-y += exthdrs_core.o diff -urN -X dd linux-2.6.5-rc2-mm2.o/net/Makefile linux-2.6.5-rc2-mm2.w2/net/Makefile --- linux-2.6.5-rc2-mm2.o/net/Makefile 2004-03-24 23:06:30.000000000 -0500 +++ linux-2.6.5-rc2-mm2.w2/net/Makefile 2004-03-26 00:56:08.842094968 -0500 @@ -16,7 +16,9 @@ obj-$(CONFIG_NET) += ethernet/ 802/ sched/ netlink/ obj-$(CONFIG_INET) += ipv4/ xfrm/ obj-$(CONFIG_UNIX) += unix/ -obj-$(CONFIG_IPV6) += ipv6/ +ifneq ($(CONFIG_IPV6),) +obj-y += ipv6/ +endif obj-$(CONFIG_PACKET) += packet/ obj-$(CONFIG_NET_KEY) += key/ obj-$(CONFIG_NET_SCHED) += sched/