The sources are based on the SCTP implementation of the FreeBSD kernel modified to work within the Mac OS X kernel infrastructure as a network kernel extension. This allows the dynamic loading and unloading of the module without rebooting the operating system.
The FreeBSD kernel stack and the SCTP NKE for Mac OS X supports:
- The base protocol as specified in RFC4960.
- The partial reliability extension as specified in RFC3758 and RFC7496.
- The authentication extension as specified in RFC4895.
- The dynamic address reconfiguration extension as specified in RFC5061.
- The socket API for SCTP as specified in RFC6458.
- The stream reconfiguration extension as specified in RFC6525.
- The UDP encapsulation as specified in RFC6951.
- The SACK immediately extension as specified in RFC7053.
- The quick failover extension as specified in RFC7829.
- The stream scheduler and user message interleaving extension partially as specified in draft-ietf-tsvwg-sctp-ndata.
- The NAT support partially as specified in draft-ietf-tsvwg-natsupp.
- The non-renegable SACK extension as specified in draft-tuexen-tsvwg-sctp-multipath.
- The SCTP multipath extension as specified in draft-tuexen-tsvwg-sctp-multipath.
When using Mac OS X 10.13, you can't load unsinged kernel extensions without disabling the System Integrity Protection. See Apple's documentation on how to disable it. I'm currently not providing a signed NKE, since I don't have the necessary certificate.
Currently there is no installer provided. Therefore the following manual steps are required. You can download a disk image containing all files at SCTP_NKE_HighSierra_02.dmg.
It is assumed that the comand line tools are installed. This can be done executing
xcode-select --install
Execute the following commands:
sudo cp -R /Volumes/SCTP_NKE_HighSierra_02/SCTPSupport.kext /Library/Extensions
sudo cp -R /Volumes/SCTP_NKE_HighSierra_02/SCTP.kext /Library/Extensions
The first extension is needed to export additional symbols from the kernel. The second extension contains the SCTP relevant code.
Execute the following commands:
sudo cp /Volumes/SCTP_NKE_HighSierra_02/socket.h /usr/include/sys/
sudo cp /Volumes/SCTP_NKE_HighSierra_02/sctp.h /usr/include/netinet/
sudo cp /Volumes/SCTP_NKE_HighSierra_02/sctp_uio.h /usr/include/netinet/
sudo cp /Volumes/SCTP_NKE_HighSierra_02/libsctp.dylib /usr/lib/
The first command changes an existing file by adding a definition for
MSG_NOTIFICATION. The other commands add additional files.
Since the NKE's are not signed, you need the disable the System Integrity Protection as described above.
You can load the SCTP kext by executing in a shell
sudo kextload /Library/Extensions/SCTP.kext
You can unload the SCTP kext by executing in a shell
sudo kextunload /Library/Extensions/SCTP.kext