Incorrect address added to IP options
nhurley3 opened this issue · comments
Description
The record route and timestamp options sometimes require that an address be inserted. The relevant RFCs state that the address of the output interface should be used:
- https://datatracker.ietf.org/doc/html/rfc1812#section-4.2.2.2
- https://datatracker.ietf.org/doc/html/rfc1812#section-5.2.1
- https://datatracker.ietf.org/doc/html/rfc791#section-3.1
Currently, the input interface is used:
gvisor/pkg/tcpip/network/ipv4/ipv4.go
Line 644 in 47b5915
When making this change, the author should also consider making this logic more efficient. For example, an approach that is similar to the Linux implementation and better aligns with RFC 1812 5.2.1.1 [1] should be considered:
- Validate the options once before branching into local delivery, unicast forwarding, or multicast forwarding. Set the timestamp only if a timestamp (no address) is requested.
- Maintain the unrecognized options instead of sometimes dropping them. Unrecognized options should be ignored [2].
- Before writing the packet to the output interface, update the relevant options with the output interface address. This shouldn't need to revalidate the options.
[1] https://datatracker.ietf.org/doc/html/rfc1812#section-5.2.1.1
[2] https://datatracker.ietf.org/doc/html/rfc1812#section-4.2.2.6
Is this feature related to a specific bug?
No response
Do you have a specific solution in mind?
No response
A friendly reminder that this issue had no activity for 120 days.