diff options
| author | Ghanan Gowripalan <ghanan@google.com> | 2021-03-16 11:07:02 -0700 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2021-03-16 11:09:26 -0700 |
| commit | 68065d1ceb589b7ea1d3e4b3b067fb8772e30760 (patch) | |
| tree | f3017f52fba725114b913cf893fcdcb6678415de /pkg/tcpip/header/ndp_options.go | |
| parent | ebd7c1b889e5d212f4a694d3addbada241936e8e (diff) | |
Detect looped-back NDP DAD messages
...as per RFC 7527.
If a looped-back DAD message is received, do not fail DAD since our own
DAD message does not indicate that a neighbor has the address assigned.
Test: ndp_test.TestDADResolveLoopback
PiperOrigin-RevId: 363224288
Diffstat (limited to 'pkg/tcpip/header/ndp_options.go')
| -rw-r--r-- | pkg/tcpip/header/ndp_options.go | 40 |
1 files changed, 39 insertions, 1 deletions
diff --git a/pkg/tcpip/header/ndp_options.go b/pkg/tcpip/header/ndp_options.go index 554242f0c..5deae465c 100644 --- a/pkg/tcpip/header/ndp_options.go +++ b/pkg/tcpip/header/ndp_options.go @@ -42,13 +42,17 @@ const ( // option, as per RFC 4861 section 4.6.2. NDPPrefixInformationType NDPOptionIdentifier = 3 + // NDPNonceOptionType is the type of the Nonce option, as per + // RFC 3971 section 5.3.2. + NDPNonceOptionType NDPOptionIdentifier = 14 + // NDPRecursiveDNSServerOptionType is the type of the Recursive DNS // Server option, as per RFC 8106 section 5.1. NDPRecursiveDNSServerOptionType NDPOptionIdentifier = 25 // NDPDNSSearchListOptionType is the type of the DNS Search List option, // as per RFC 8106 section 5.2. - NDPDNSSearchListOptionType = 31 + NDPDNSSearchListOptionType NDPOptionIdentifier = 31 ) const ( @@ -231,6 +235,9 @@ func (i *NDPOptionIterator) Next() (NDPOption, bool, error) { case NDPTargetLinkLayerAddressOptionType: return NDPTargetLinkLayerAddressOption(body), false, nil + case NDPNonceOptionType: + return NDPNonceOption(body), false, nil + case NDPPrefixInformationType: // Make sure the length of a Prefix Information option // body is ndpPrefixInformationLength, as per RFC 4861 @@ -416,6 +423,37 @@ func (b NDPOptionsSerializer) Length() int { return l } +// NDPNonceOption is the NDP Nonce Option as defined by RFC 3971 section 5.3.2. +// +// It is the first X bytes following the NDP option's Type and Length field +// where X is the value in Length multiplied by lengthByteUnits - 2 bytes. +type NDPNonceOption []byte + +// Type implements NDPOption. +func (o NDPNonceOption) Type() NDPOptionIdentifier { + return NDPNonceOptionType +} + +// Length implements NDPOption. +func (o NDPNonceOption) Length() int { + return len(o) +} + +// serializeInto implements NDPOption. +func (o NDPNonceOption) serializeInto(b []byte) int { + return copy(b, o) +} + +// String implements fmt.Stringer. +func (o NDPNonceOption) String() string { + return fmt.Sprintf("%T(%x)", o, []byte(o)) +} + +// Nonce returns the nonce value this option holds. +func (o NDPNonceOption) Nonce() []byte { + return []byte(o) +} + // NDPSourceLinkLayerAddressOption is the NDP Source Link Layer Option // as defined by RFC 4861 section 4.6.1. // |