diff options
| author | luwenpeng <[email protected]> | 2022-12-26 16:57:04 +0800 |
|---|---|---|
| committer | luwenpeng <[email protected]> | 2022-12-26 16:57:09 +0800 |
| commit | dc4205c9b0b38bae31fc1a248ff81804b33f442f (patch) | |
| tree | 7a9cf4f0589821be2d3e81e2d63fdf10d8a1b6e8 | |
| parent | 29a75b1d9cc04c43728b861ce80730788e640add (diff) | |
TSG-13170 Decrypted Traffic Steering构造的SYN/SYN ACK支持SACK选项
bugfix: IPv6 ACK Packet: invalid flag
| -rw-r--r-- | platform/src/acceptor_kni_v3.cpp | 33 |
1 files changed, 32 insertions, 1 deletions
diff --git a/platform/src/acceptor_kni_v3.cpp b/platform/src/acceptor_kni_v3.cpp index 512cc71..5a81848 100644 --- a/platform/src/acceptor_kni_v3.cpp +++ b/platform/src/acceptor_kni_v3.cpp @@ -284,6 +284,11 @@ struct tcp_option_window_scale{ uint8_t shift_count; }; +struct tcp_option_sack{ + uint8_t kind; + uint8_t length; +}; + static int fake_tcp_handshake(struct tfe_proxy *proxy, struct tcp_restore_info *restore_info) { char buffer[1500] = {0}; @@ -338,6 +343,32 @@ static int fake_tcp_handshake(struct tfe_proxy *proxy, struct tcp_restore_info * tcp_option_length_s += sizeof(struct tcp_option_window_scale); } + /* + * SACK option: Kind: 4, Length: 2 + * +---------+---------+ + * | Kind=4 |Length=2 | + * +---------+---------+ + * 1 1 + */ + if (client->sack_perm && server->sack_perm) + { + // padding + memset(tcp_option_buffer_c + tcp_option_length_c, 1, 2); + tcp_option_length_c += 2; + memset(tcp_option_buffer_s + tcp_option_length_s, 1, 2); + tcp_option_length_s += 2; + + struct tcp_option_sack *option_c = (struct tcp_option_sack *)(tcp_option_buffer_c + tcp_option_length_c); + option_c->kind = 4; + option_c->length = 2; + tcp_option_length_c += sizeof(struct tcp_option_sack); + + struct tcp_option_sack *option_s = (struct tcp_option_sack *)(tcp_option_buffer_s + tcp_option_length_s); + option_s->kind = 4; + option_s->length = 2; + tcp_option_length_s += sizeof(struct tcp_option_sack); + } + if (client->addr.ss_family == AF_INET6) { struct sockaddr_in6 *sk_client = (struct sockaddr_in6 *)&client->addr; @@ -372,7 +403,7 @@ static int fake_tcp_handshake(struct tfe_proxy *proxy, struct tcp_restore_info * buffer, // buffer &raw_socket_c->mac_addr, &raw_socket_s->mac_addr, 0, ETH_P_IPV6, // Ether &sk_client->sin6_addr, &sk_server->sin6_addr, 55, // IPv6 - port_client, port_server, c_seq, s_seq, TCP_SYN_FLAG, client->window, // TCP Header + port_client, port_server, c_seq, s_seq, TCP_ACK_FLAG, client->window, // TCP Header NULL, 0, // TCP Options NULL, 0); // Payload raw_socket_send(raw_socket_c, buffer, length); |