[PATCH] libxt_TCPMSS.c: unbreak build without ipv6 after ea2a02f7

[PATCH] libxt_TCPMSS.c: unbreak build without ipv6 after ea2a02f7

[Peter Korsgaard]

ea2a02f7 (libxt_TCPMSS: use guided option parser) added an netinet/ip6.h
include, which is not available on systems without ipv6.

The ip.h / ipv6.h includes are only used to know the size of struct
iphdr / ip6_hdr, so simply hardcode those instead.

Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
---
 extensions/libxt_TCPMSS.c |   13 +++++++------
 1 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/extensions/libxt_TCPMSS.c b/extensions/libxt_TCPMSS.c
index 2266326..310dd17 100644
--- a/extensions/libxt_TCPMSS.c
+++ b/extensions/libxt_TCPMSS.c
@@ -4,8 +4,6 @@
 */
 #include <stdio.h>
 #include <xtables.h>
-#include <netinet/ip.h>
-#include <netinet/ip6.h>
 #include <linux/netfilter/xt_TCPMSS.h>
 
 enum {
@@ -13,6 +11,9 @@ enum {
 	O_CLAMP_MSS,
 };
 
+#define IPHDRSIZE	20	/* sizeof(struct iphdr) */
+#define IP6HDRSIZE	40	/* sizeof(struct ip6_hdr) */
+
 struct mssinfo {
 	struct xt_entry_target t;
 	struct xt_tcpmss_info mss;
@@ -29,17 +30,17 @@ hdrsize);
 
 static void TCPMSS_help(void)
 {
-	__TCPMSS_help(sizeof(struct iphdr));
+	__TCPMSS_help(IPHDRSIZE);
 }
 
 static void TCPMSS_help6(void)
 {
-	__TCPMSS_help(sizeof(struct ip6_hdr));
+	__TCPMSS_help(IP6HDRSIZE);
 }
 
 static const struct xt_option_entry TCPMSS4_opts[] = {
 	{.name = "set-mss", .id = O_SET_MSS, .type = XTTYPE_UINT16,
-	 .min = 0, .max = UINT16_MAX - sizeof(struct iphdr),
+	 .min = 0, .max = UINT16_MAX - IPHDRSIZE,
 	 .flags = XTOPT_PUT, XTOPT_POINTER(struct xt_tcpmss_info, mss)},
 	{.name = "clamp-mss-to-pmtu", .id = O_CLAMP_MSS, .type = XTTYPE_NONE},
 	XTOPT_TABLEEND,
@@ -47,7 +48,7 @@ static const struct xt_option_entry TCPMSS4_opts[] = {
 
 static const struct xt_option_entry TCPMSS6_opts[] = {
 	{.name = "set-mss", .id = O_SET_MSS, .type = XTTYPE_UINT16,
-	 .min = 0, .max = UINT16_MAX - sizeof(struct ip6_hdr),
+	 .min = 0, .max = UINT16_MAX - IP6HDRSIZE,
 	 .flags = XTOPT_PUT, XTOPT_POINTER(struct xt_tcpmss_info, mss)},
 	{.name = "clamp-mss-to-pmtu", .id = O_CLAMP_MSS, .type = XTTYPE_NONE},
 	XTOPT_TABLEEND,
-- 
1.7.5.4

Re: [PATCH] libxt_TCPMSS.c: unbreak build without ipv6 after ea2a02f7

[Jan Engelhardt]

On Friday 2011-07-22 07:24, Peter Korsgaard wrote:

>ea2a02f7 (libxt_TCPMSS: use guided option parser) added an netinet/ip6.h
>include, which is not available on systems without ipv6.

I can understand that some implementations omit symbols that are a 
runtime dependency (such as in6addr_any) from the library, but structs 
are for free, so what broken libc does forget those?

>+#define IPHDRSIZE	20	/* sizeof(struct iphdr) */
>+#define IP6HDRSIZE	40	/* sizeof(struct ip6_hdr) */

That would put a hard assumption on the implementation, which does not 
seem the right thing to do.

Re: [PATCH] libxt_TCPMSS.c: unbreak build without ipv6 after ea2a02f7

[Peter Korsgaard]

>>>>> "Jan" == Jan Engelhardt <jengelh@medozas.de> writes:

Hi,

 Jan> On Friday 2011-07-22 07:24, Peter Korsgaard wrote:
 >> ea2a02f7 (libxt_TCPMSS: use guided option parser) added an netinet/ip6.h
 >> include, which is not available on systems without ipv6.

 Jan> I can understand that some implementations omit symbols that are a 
 Jan> runtime dependency (such as in6addr_any) from the library, but structs 
 Jan> are for free, so what broken libc does forget those?

uClibc. It doesn't even install netinet/{ip6,icmp6}.h if ipv6 support
isn't enabled:

http://git.uclibc.org/uClibc/tree/Makefile.in#n249

 >> +#define IPHDRSIZE	20	/* sizeof(struct iphdr) */
 >> +#define IP6HDRSIZE	40	/* sizeof(struct ip6_hdr) */

 Jan> That would put a hard assumption on the implementation, which does
 Jan> not seem the right thing to do.

But those structs define the network format of ipv4 and ipv6 headers, so
they are not likely to change.

-- 
Bye, Peter Korsgaard

Re: [PATCH] libxt_TCPMSS.c: unbreak build without ipv6 after ea2a02f7

[Jan Engelhardt]

On Friday 2011-07-22 12:25, Peter Korsgaard wrote:

> >> +#define IPHDRSIZE	20	/* sizeof(struct iphdr) */
> >> +#define IP6HDRSIZE	40	/* sizeof(struct ip6_hdr) */
>
> Jan> That would put a hard assumption on the implementation, which does
> Jan> not seem the right thing to do.
>
>But those structs define the network format of ipv4 and ipv6 headers, so
>they are not likely to change.

I was pondering on a hypothetical implementation with CHAR_BIT=16.

How about 
http://dev.medozas.de/gitweb.cgi?p=iptables;a=commitdiff;h=4d8656ad9d0afd04820f125a85a7b673c7e74fe6

Re: [PATCH] libxt_TCPMSS.c: unbreak build without ipv6 after ea2a02f7

[Peter Korsgaard]

>>>>> "Jan" == Jan Engelhardt <jengelh@medozas.de> writes:

Hi,

 >> But those structs define the network format of ipv4 and ipv6 headers, so
 >> they are not likely to change.

 Jan> I was pondering on a hypothetical implementation with CHAR_BIT=16.

Using iptables? Even so, the ipv6 header would need to be the same to be
able to communicate with other ipv6 hosts.

 Jan> How about 
 Jan> http://dev.medozas.de/gitweb.cgi?p=iptables;a=commitdiff;h=4d8656ad9d0afd04820f125a85a7b673c7e74fe6

That works as well (if we assume that all systems have netinet/ip.h even
when built with --disable-ipv4):

checking size of struct ip6_hdr... 0

So you end up with a wrong TCPMSS6_opts.max value (UINT16_MAX), but that
presumably doesn't matter if you don't use ipv6.

-- 
Bye, Peter Korsgaard