* Cherry-pick important fixes to 2.1.2-esp
- CVE-2020-22283: Attacker could craft a packet that would disclose 8 bytes of some heap memory:
- icmp6: Don't copy too much data
- icmp6: Fix copying of chained pbuf in reply
- icmp6: keep to the RFC and send as much as possible with icmp6 error messages
- CVE-2020-22284: ZEP - ZigBee Encapsulation Protocol/6LoWPAN is not supported in IDF,
the netif module (zepif.c) is not included in the build, but users can still inject
the file into compilation process, implement IO interface and use this.
- zepif: Copy possibly chained output pbuf properly
- Add #define for minimum IPv6 MTU length
- pbuf: Add pbuf_copy_partial_pbuf library function
* PPPoS: Fix null-deref when processing double break packet
- pppos: fix in_tail null (espressif/esp-lwip@537c69d5)
- PPP: Add test exhibiting empty packet null-deref (espressif/esp-lwip@202a07da)
* NAPT: Fix PBUF_REF type to clone the pbuf before forwarding
- IP-FORWARD: If packet-type is PBUF_REF clone it before forwarding
- Add NAPT unit test to exercise NAT feature for both RAM and REF pbuf types
* version: Update version numbers to match 2.1.2-esp
* Minor fixes listed below: Fix client receive KOD, NAPT fixes, restore
dhcp_cb, sntp docs, vendor class id (disabled)
* Update submodule: 2195f7416f...76303df238
Detailed description of the changes:
- test/napt: Add unit test for IP forward with PBUF_REF (espressif/esp-lwip@76303df2)
- napt: Fix PBUF_REF type to clone the pbuf before forwarding (espressif/esp-lwip@39068263)
- version: Update version numbers to match 2.1.2-esp (espressif/esp-lwip@2b922919)
- pppos: fix in_tail null (espressif/esp-lwip@537c69d5)
- PPP: Add test exhibiting empty packet null-deref (espressif/esp-lwip@202a07da)
- pbuf: Add pbuf_copy_partial_pbuf library function (espressif/esp-lwip@1c9cd9c1)
- Add #define for minimum IPv6 MTU length (espressif/esp-lwip@d2dc577b)
- zepif: Copy possibly chained output pbuf properly (espressif/esp-lwip@64ab7f2a)
- icmp6: Don't copy too much data (espressif/esp-lwip@4a64731b)
- icmp6: Fix copying of chained pbuf in reply (espressif/esp-lwip@7c822ff4)
- icmp6: keep to the RFC and send as much as possible with icmp6 error messages (espressif/esp-lwip@29100ab6)
- dns: Add API to clear dns cache (espressif/esp-lwip@ee59f77d)
- CI: Fixed adding gitlab key (espressif/esp-lwip@5a2bdba7)
- test case: modify test case test_tcp_new_max_num_remove_FIN_WAIT_1 (espressif/esp-lwip@6b090f7d)
- add function for deinit lwip timers (espressif/esp-lwip@2749568f)
- dhcp: Fix build issue that set ESP_DHCP_DISABLE_VENDOR_CLASS_IDENTIFIER to true will build fail (espressif/esp-lwip@d827dbf7)
- Document that sntp_setservername doesn't copy the string (espressif/esp-lwip@54acdb59) #6786
- lwip/dhcp: add 60 option for vendor class identify (espressif/esp-lwip@ae7edc2a) espressif/esp-lwip#32
- dhcp: Restore dhcp_cb on restart after dhcp_release_and_stop() (espressif/esp-lwip@55ea9d9c) #7217
- napt: Fix disbale IPv6 and enable NAPT will build error (espressif/esp-lwip@74cf7f9f)
- napt: fix checksum of UDP (espressif/esp-lwip@bb63eed1)
- sntp: Fix client receive KOD packet that make pool MEMP_SYS_TIMEOUT not be freed (espressif/esp-lwip@1c1642fe)
- test case: add tcp state and reset test cases. (espressif/esp-lwip@67deb805)
Closes https://github.com/espressif/esp-idf/issues/8300
Closes https://github.com/espressif/esp-idf/issues/8451
This commit brings two esp-lwip fixes to IDF:
1) Add configuration to disable DHCP client identification
2195f7416f
This config could be used to disable option 61 in DHCP packets, so that
clients will be identified by their chaddr only.
(This is the lwip upstream original behaviour)
2) Fix server_idx increasing to DNS_MAX_SERVERS and trigger the LWIP_ASSERT
5a567d52f7
When lwip doesn't have DNS server and resolve a domain address, the server_idx
will increase to DNS_MAX_SERVERS, which will trigger the LWIP_ASSERT and make device crash.
Closes https://github.com/espressif/esp-idf/issues/6878
If silent assert configuration is enabled, LWIP asserts are now 'silent' also.
Also updates KConfig to note that LWIP asserts are also disabled when asserts
are disabled globally (this was already the behaviour, but the config item
suggested otherwise.)
Progress towards https://github.com/espressif/esp-idf/issues/5873
This caused some unsigned int prints out to be printed as singed integer which made the logs unreadable, for example sequence numbers in TCP packet headers
LWIP_HOOK_FILENAME is used in IDF to define standard and default hooks for IDF port in LWIP.
Added ESP_IDF_LWIP_HOOK_FILENAME to customize additional hooks in lwip
Closes https://github.com/espressif/esp-idf/issues/6261
Added lwIP hooks which could be optionally overwritten in the
application code. These three options are provided in Kconfig:
* NONE: No hook support
* DEFAULT: Default implementation is provided. If IDF doesn't
have a specific hook implementation, an empty stub is provided, which
could be overwritten by strong implementation in application code.
* CUSTOM: Hooks are declared only to be implemented in application code.
Merges https://github.com/espressif/esp-idf/pull/6034
* If CONFIG_VFS_SUPPORT_IO=y, keep everything as it is now
* If CONFIG_VFS_SUPPORT_IO=n, defined syscalls which LwIP can
implement, such as read/write/close
* Make LWIP-only select implementation dependent on
CONFIG_VFS_SUPPORT_SELECT, deprecate CONFIG_LWIP_USE_ONLY_LWIP_SELECT
Make the link local negotiation for IPV6 in PPP optional and
configurable.
This is because some modems do not support the IPV6 negotiation and
sending IPV6CP frames would in some cases break the network
configuration phase, resulting in a timeout during the Phase Network.
Please note that this does not disable the IPV6 support for the outgoing
communication (IPV6 is still enabled even if this option is not
selected) but just for the local link between lwIP and modem.
Signed-off-by: Francesco Giancane <francesco.giancane@accenture.com>
Merges https://github.com/espressif/esp-idf/pull/4782
Closes https://github.com/espressif/esp-idf/issues/1065