Accueil Explorer Aide
Connexion
RT-Thread-packages
/
esp-idf
miroir de https://github-proxy.rt-thread.io/RT-Thread-packages/esp-idf.git
2
0
Fork 0
Fichiers Tickets 0 Wiki
Parcourir la source

lwip: provide configuration option to enable TCP ISN hook

Mahavir Jain il y a 5 ans
Parent
6aa24a5de5
commit
4dd7cfbeb7
4 fichiers modifiés avec 33 ajouts et 1 suppressions
Vue séparée Afficher les stats Diff
  1. 5 0
      components/lwip/CMakeLists.txt
  2. 11 0
      components/lwip/Kconfig
  3. 6 1
      components/lwip/component.mk
  4. 11 0
      components/lwip/port/esp32/include/lwipopts.h

+ 5 - 0
components/lwip/CMakeLists.txt
Voir le fichier 

@@ -4,6 +4,7 @@ set(include_dirs
 
     lwip/src/include
 
     port/esp32/include
 
     port/esp32/include/arch
 
+    port/esp32/tcp_isn
 
     )
 
 
 set(srcs
 
@@ -124,6 +125,10 @@ if(CONFIG_LWIP_PPP_SUPPORT)
 
         "lwip/src/netif/ppp/polarssl/sha1.c")
 
 endif()
 
 
+if(CONFIG_LWIP_TCP_ISN_HOOK)
 
+    list(APPEND srcs "port/esp32/tcp_isn/tcp_isn.c")
 
+endif()
 
+
 
 idf_component_register(SRCS "${srcs}"
 
                     INCLUDE_DIRS "${include_dirs}"
 
                     LDFRAGMENTS linker.lf

+ 11 - 0
components/lwip/Kconfig
Voir le fichier 

@@ -294,6 +294,17 @@ menu "LWIP"
 
 
     menu "TCP"
 
 
+        config LWIP_TCP_ISN_HOOK
 
+            bool "Enable TCP ISN Hook"
 
+            default y
 
+            help
 
+                Enables custom TCP ISN hook to randomize initial sequence
 
+                number in TCP connection. This is recommended as default
 
+                lwIP implementation (`tcp_next_iss`) is not very strong,
 
+                as it does not take into consideration any platform
 
+                specific entropy source.
 
+
 
+
 
         config LWIP_MAX_ACTIVE_TCP
 
             int "Maximum active TCP Connections"
 
             range 1 1024

+ 6 - 1
components/lwip/component.mk
Voir le fichier 

@@ -8,7 +8,8 @@ COMPONENT_ADD_INCLUDEDIRS := \
 
 	include/apps/sntp \
 
 	lwip/src/include \
 
 	port/esp32/include \
 
-	port/esp32/include/arch
 
+	port/esp32/include/arch \
 
+	port/esp32/tcp_isn
 
 
 COMPONENT_SRCDIRS := \
 
 	apps/dhcpserver \
 
@@ -29,6 +30,10 @@ ifdef CONFIG_LWIP_PPP_SUPPORT
 
     COMPONENT_SRCDIRS += lwip/src/netif/ppp lwip/src/netif/ppp/polarssl
 
 endif
 
 
+ifdef CONFIG_LWIP_TCP_ISN_HOOK
 
+    COMPONENT_SRCDIRS += port/esp32/tcp_isn
 
+endif
 
+
 
 CFLAGS += -Wno-address  # lots of LWIP source files evaluate macros that check address of stack variables
 
 
 ifeq ($(GCC_NOT_5_2_0), 1)

+ 11 - 0
components/lwip/port/esp32/include/lwipopts.h
Voir le fichier 

@@ -396,6 +396,17 @@
 
  */
 
 #define LWIP_TCP_RTO_TIME             CONFIG_LWIP_TCP_RTO_TIME
 
 
+/**
 
+ * Set TCP hook for Initial Sequence Number (ISN)
 
+ */
 
+#ifdef CONFIG_LWIP_TCP_ISN_HOOK
 
+#include <lwip/arch.h>
 
+struct ip_addr;
 
+u32_t lwip_hook_tcp_isn(const struct ip_addr *local_ip, u16_t local_port,
 
+                        const struct ip_addr *remote_ip, u16_t remote_port);
 
+#define LWIP_HOOK_TCP_ISN               lwip_hook_tcp_isn
 
+#endif
 
+
 
 /*
 
    ----------------------------------
 
    ---------- Pbuf options ----------