1 /* $FreeBSD$ */
2 /* $KAME: in6_pcb.c,v 1.31 2001/05/21 05:45:10 jinmei Exp $ */
3
4 /*-
5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the project nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE.
31 *
32 */
33
34 /*-
35 * Copyright (c) 1982, 1986, 1991, 1993
36 * The Regents of the University of California. All rights reserved.
37 *
38 * Redistribution and use in source and binary forms, with or without
39 * modification, are permitted provided that the following conditions
40 * are met:
41 * 1. Redistributions of source code must retain the above copyright
42 * notice, this list of conditions and the following disclaimer.
43 * 2. Redistributions in binary form must reproduce the above copyright
44 * notice, this list of conditions and the following disclaimer in the
45 * documentation and/or other materials provided with the distribution.
46 * 4. Neither the name of the University nor the names of its contributors
47 * may be used to endorse or promote products derived from this software
48 * without specific prior written permission.
49 *
50 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
51 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
53 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
54 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
55 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
56 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
58 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
59 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
60 * SUCH DAMAGE.
61 *
62 * @(#)in_pcb.c 8.2 (Berkeley) 1/4/94
63 */
64
65 #include "opt_inet.h"
66 #include "opt_inet6.h"
67 #include "opt_ipsec.h"
68 #include "opt_mac.h"
69
70 #include <sys/param.h>
71 #include <sys/systm.h>
72 #include <sys/malloc.h>
73 #include <sys/mbuf.h>
74 #include <sys/domain.h>
75 #include <sys/protosw.h>
76 #include <sys/socket.h>
77 #include <sys/socketvar.h>
78 #include <sys/sockio.h>
79 #include <sys/errno.h>
80 #include <sys/time.h>
81 #include <sys/priv.h>
82 #include <sys/proc.h>
83 #include <sys/jail.h>
84
85 #include <vm/uma.h>
86
87 #include <net/if.h>
88 #include <net/if_types.h>
89 #include <net/route.h>
90
91 #include <netinet/in.h>
92 #include <netinet/in_var.h>
93 #include <netinet/in_systm.h>
94 #include <netinet/tcp_var.h>
95 #include <netinet/ip6.h>
96 #include <netinet/ip_var.h>
97 #include <netinet6/ip6_var.h>
98 #include <netinet6/nd6.h>
99 #include <netinet/in_pcb.h>
100 #include <netinet6/in6_pcb.h>
101 #include <netinet6/scope6_var.h>
102
103 #ifdef IPSEC
104 #include <netipsec/ipsec.h>
105 #include <netipsec/ipsec6.h>
106 #include <netipsec/key.h>
107 #endif /* IPSEC */
108
109 #include <security/mac/mac_framework.h>
110
111 struct in6_addr zeroin6_addr;
112
113 int
114 in6_pcbbind(register struct inpcb *inp, struct sockaddr *nam,
115 struct ucred *cred)
116 {
117 struct socket *so = inp->inp_socket;
118 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)NULL;
119 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
120 u_short lport = 0;
121 int wild = 0, reuseport = (so->so_options & SO_REUSEPORT);
122
123 INP_INFO_WLOCK_ASSERT(pcbinfo);
124 INP_LOCK_ASSERT(inp);
125
126 if (!in6_ifaddr) /* XXX broken! */
127 return (EADDRNOTAVAIL);
128 if (inp->inp_lport || !IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr))
129 return (EINVAL);
130 if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0)
131 wild = INPLOOKUP_WILDCARD;
132 if (nam) {
133 int error;
134
135 sin6 = (struct sockaddr_in6 *)nam;
136 if (nam->sa_len != sizeof(*sin6))
137 return (EINVAL);
138 /*
139 * family check.
140 */
141 if (nam->sa_family != AF_INET6)
142 return (EAFNOSUPPORT);
143
144 if ((error = sa6_embedscope(sin6, ip6_use_defzone)) != 0)
145 return(error);
146
147 lport = sin6->sin6_port;
148 if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) {
149 /*
150 * Treat SO_REUSEADDR as SO_REUSEPORT for multicast;
151 * allow compepte duplication of binding if
152 * SO_REUSEPORT is set, or if SO_REUSEADDR is set
153 * and a multicast address is bound on both
154 * new and duplicated sockets.
155 */
156 if (so->so_options & SO_REUSEADDR)
157 reuseport = SO_REUSEADDR|SO_REUSEPORT;
158 } else if (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) {
159 struct ifaddr *ia = NULL;
160
161 sin6->sin6_port = 0; /* yech... */
162 if ((ia = ifa_ifwithaddr((struct sockaddr *)sin6)) == 0)
163 return (EADDRNOTAVAIL);
164
165 /*
166 * XXX: bind to an anycast address might accidentally
167 * cause sending a packet with anycast source address.
168 * We should allow to bind to a deprecated address, since
169 * the application dares to use it.
170 */
171 if (ia &&
172 ((struct in6_ifaddr *)ia)->ia6_flags &
173 (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY|IN6_IFF_DETACHED)) {
174 return (EADDRNOTAVAIL);
175 }
176 }
177 if (lport) {
178 struct inpcb *t;
179
180 /* GROSS */
181 if (ntohs(lport) <= ipport_reservedhigh &&
182 ntohs(lport) >= ipport_reservedlow &&
183 priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT,
184 0))
185 return (EACCES);
186 if (!IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr) &&
187 priv_check_cred(so->so_cred,
188 PRIV_NETINET_REUSEPORT, 0) != 0) {
189 t = in6_pcblookup_local(pcbinfo,
190 &sin6->sin6_addr, lport,
191 INPLOOKUP_WILDCARD);
192 if (t &&
193 ((t->inp_vflag & INP_TIMEWAIT) == 0) &&
194 (so->so_type != SOCK_STREAM ||
195 IN6_IS_ADDR_UNSPECIFIED(&t->in6p_faddr)) &&
196 (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr) ||
197 !IN6_IS_ADDR_UNSPECIFIED(&t->in6p_laddr) ||
198 (t->inp_socket->so_options & SO_REUSEPORT)
199 == 0) && (so->so_cred->cr_uid !=
200 t->inp_socket->so_cred->cr_uid))
201 return (EADDRINUSE);
202 if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0 &&
203 IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) {
204 struct sockaddr_in sin;
205
206 in6_sin6_2_sin(&sin, sin6);
207 t = in_pcblookup_local(pcbinfo,
208 sin.sin_addr, lport,
209 INPLOOKUP_WILDCARD);
210 if (t &&
211 ((t->inp_vflag &
212 INP_TIMEWAIT) == 0) &&
213 (so->so_type != SOCK_STREAM ||
214 ntohl(t->inp_faddr.s_addr) ==
215 INADDR_ANY) &&
216 (so->so_cred->cr_uid !=
217 t->inp_socket->so_cred->cr_uid))
218 return (EADDRINUSE);
219 }
220 }
221 t = in6_pcblookup_local(pcbinfo, &sin6->sin6_addr,
222 lport, wild);
223 if (t && (reuseport & ((t->inp_vflag & INP_TIMEWAIT) ?
224 intotw(t)->tw_so_options :
225 t->inp_socket->so_options)) == 0)
226 return (EADDRINUSE);
227 if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0 &&
228 IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) {
229 struct sockaddr_in sin;
230
231 in6_sin6_2_sin(&sin, sin6);
232 t = in_pcblookup_local(pcbinfo, sin.sin_addr,
233 lport, wild);
234 if (t && t->inp_vflag & INP_TIMEWAIT) {
235 if ((reuseport &
236 intotw(t)->tw_so_options) == 0 &&
237 (ntohl(t->inp_laddr.s_addr) !=
238 INADDR_ANY || ((inp->inp_vflag &
239 INP_IPV6PROTO) ==
240 (t->inp_vflag & INP_IPV6PROTO))))
241 return (EADDRINUSE);
242 }
243 else if (t &&
244 (reuseport & t->inp_socket->so_options)
245 == 0 && (ntohl(t->inp_laddr.s_addr) !=
246 INADDR_ANY || INP_SOCKAF(so) ==
247 INP_SOCKAF(t->inp_socket)))
248 return (EADDRINUSE);
249 }
250 }
251 inp->in6p_laddr = sin6->sin6_addr;
252 }
253 if (lport == 0) {
254 int e;
255 if ((e = in6_pcbsetport(&inp->in6p_laddr, inp, cred)) != 0)
256 return (e);
257 }
258 else {
259 inp->inp_lport = lport;
260 if (in_pcbinshash(inp) != 0) {
261 inp->in6p_laddr = in6addr_any;
262 inp->inp_lport = 0;
263 return (EAGAIN);
264 }
265 }
266 return (0);
267 }
268
269 /*
270 * Transform old in6_pcbconnect() into an inner subroutine for new
271 * in6_pcbconnect(): Do some validity-checking on the remote
272 * address (in mbuf 'nam') and then determine local host address
273 * (i.e., which interface) to use to access that remote host.
274 *
275 * This preserves definition of in6_pcbconnect(), while supporting a
276 * slightly different version for T/TCP. (This is more than
277 * a bit of a kludge, but cleaning up the internal interfaces would
278 * have forced minor changes in every protocol).
279 */
280 int
281 in6_pcbladdr(register struct inpcb *inp, struct sockaddr *nam,
282 struct in6_addr **plocal_addr6)
283 {
284 register struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam;
285 int error = 0;
286 struct ifnet *ifp = NULL;
287 int scope_ambiguous = 0;
288
289 INP_INFO_WLOCK_ASSERT(inp->inp_pcbinfo);
290 INP_LOCK_ASSERT(inp);
291
292 if (nam->sa_len != sizeof (*sin6))
293 return (EINVAL);
294 if (sin6->sin6_family != AF_INET6)
295 return (EAFNOSUPPORT);
296 if (sin6->sin6_port == 0)
297 return (EADDRNOTAVAIL);
298
299 if (sin6->sin6_scope_id == 0 && !ip6_use_defzone)
300 scope_ambiguous = 1;
301 if ((error = sa6_embedscope(sin6, ip6_use_defzone)) != 0)
302 return(error);
303
304 if (in6_ifaddr) {
305 /*
306 * If the destination address is UNSPECIFIED addr,
307 * use the loopback addr, e.g ::1.
308 */
309 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr))
310 sin6->sin6_addr = in6addr_loopback;
311 }
312
313 /*
314 * XXX: in6_selectsrc might replace the bound local address
315 * with the address specified by setsockopt(IPV6_PKTINFO).
316 * Is it the intended behavior?
317 */
318 *plocal_addr6 = in6_selectsrc(sin6, inp->in6p_outputopts,
319 inp->in6p_moptions, NULL,
320 &inp->in6p_laddr, &ifp, &error);
321 if (ifp && scope_ambiguous &&
322 (error = in6_setscope(&sin6->sin6_addr, ifp, NULL)) != 0) {
323 return(error);
324 }
325
326 if (*plocal_addr6 == 0) {
327 if (error == 0)
328 error = EADDRNOTAVAIL;
329 return (error);
330 }
331 /*
332 * Don't do pcblookup call here; return interface in
333 * plocal_addr6
334 * and exit to caller, that will do the lookup.
335 */
336
337 return (0);
338 }
339
340 /*
341 * Outer subroutine:
342 * Connect from a socket to a specified address.
343 * Both address and port must be specified in argument sin.
344 * If don't have a local address for this socket yet,
345 * then pick one.
346 */
347 int
348 in6_pcbconnect(register struct inpcb *inp, struct sockaddr *nam,
349 struct ucred *cred)
350 {
351 struct in6_addr *addr6;
352 register struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam;
353 int error;
354
355 INP_INFO_WLOCK_ASSERT(inp->inp_pcbinfo);
356 INP_LOCK_ASSERT(inp);
357
358 /*
359 * Call inner routine, to assign local interface address.
360 * in6_pcbladdr() may automatically fill in sin6_scope_id.
361 */
362 if ((error = in6_pcbladdr(inp, nam, &addr6)) != 0)
363 return (error);
364
365 if (in6_pcblookup_hash(inp->inp_pcbinfo, &sin6->sin6_addr,
366 sin6->sin6_port,
367 IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)
368 ? addr6 : &inp->in6p_laddr,
369 inp->inp_lport, 0, NULL) != NULL) {
370 return (EADDRINUSE);
371 }
372 if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) {
373 if (inp->inp_lport == 0) {
374 error = in6_pcbbind(inp, (struct sockaddr *)0, cred);
375 if (error)
376 return (error);
377 }
378 inp->in6p_laddr = *addr6;
379 }
380 inp->in6p_faddr = sin6->sin6_addr;
381 inp->inp_fport = sin6->sin6_port;
382 /* update flowinfo - draft-itojun-ipv6-flowlabel-api-00 */
383 inp->in6p_flowinfo &= ~IPV6_FLOWLABEL_MASK;
384 if (inp->in6p_flags & IN6P_AUTOFLOWLABEL)
385 inp->in6p_flowinfo |=
386 (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK);
387
388 in_pcbrehash(inp);
389
390 return (0);
391 }
392
393 void
394 in6_pcbdisconnect(struct inpcb *inp)
395 {
396
397 INP_INFO_WLOCK_ASSERT(inp->inp_pcbinfo);
398 INP_LOCK_ASSERT(inp);
399
400 bzero((caddr_t)&inp->in6p_faddr, sizeof(inp->in6p_faddr));
401 inp->inp_fport = 0;
402 /* clear flowinfo - draft-itojun-ipv6-flowlabel-api-00 */
403 inp->in6p_flowinfo &= ~IPV6_FLOWLABEL_MASK;
404 in_pcbrehash(inp);
405 }
406
407 void
408 in6_pcbdetach(struct inpcb *inp)
409 {
410
411 KASSERT(inp->inp_socket != NULL, ("in6_pcbdetach: inp_socket == NULL"));
412 inp->inp_socket->so_pcb = NULL;
413 inp->inp_socket = NULL;
414 }
415
416 void
417 in6_pcbfree(struct inpcb *inp)
418 {
419 struct inpcbinfo *ipi = inp->inp_pcbinfo;
420
421 KASSERT(inp->inp_socket == NULL, ("in6_pcbfree: inp_socket != NULL"));
422 INP_INFO_WLOCK_ASSERT(inp->inp_pcbinfo);
423 INP_LOCK_ASSERT(inp);
424
425 #ifdef IPSEC
426 if (inp->in6p_sp != NULL)
427 ipsec6_delete_pcbpolicy(inp);
428 #endif /* IPSEC */
429 inp->inp_gencnt = ++ipi->ipi_gencnt;
430 in_pcbremlists(inp);
431 ip6_freepcbopts(inp->in6p_outputopts);
432 ip6_freemoptions(inp->in6p_moptions);
433 /* Check and free IPv4 related resources in case of mapped addr */
434 if (inp->inp_options)
435 (void)m_free(inp->inp_options);
436 if (inp->inp_moptions != NULL)
437 inp_freemoptions(inp->inp_moptions);
438 inp->inp_vflag = 0;
439 #ifdef MAC
440 mac_destroy_inpcb(inp);
441 #endif
442 INP_UNLOCK(inp);
443 uma_zfree(ipi->ipi_zone, inp);
444 }
445
446 struct sockaddr *
447 in6_sockaddr(in_port_t port, struct in6_addr *addr_p)
448 {
449 struct sockaddr_in6 *sin6;
450
451 MALLOC(sin6, struct sockaddr_in6 *, sizeof *sin6, M_SONAME, M_WAITOK);
452 bzero(sin6, sizeof *sin6);
453 sin6->sin6_family = AF_INET6;
454 sin6->sin6_len = sizeof(*sin6);
455 sin6->sin6_port = port;
456 sin6->sin6_addr = *addr_p;
457 (void)sa6_recoverscope(sin6); /* XXX: should catch errors */
458
459 return (struct sockaddr *)sin6;
460 }
461
462 struct sockaddr *
463 in6_v4mapsin6_sockaddr(in_port_t port, struct in_addr *addr_p)
464 {
465 struct sockaddr_in sin;
466 struct sockaddr_in6 *sin6_p;
467
468 bzero(&sin, sizeof sin);
469 sin.sin_family = AF_INET;
470 sin.sin_len = sizeof(sin);
471 sin.sin_port = port;
472 sin.sin_addr = *addr_p;
473
474 MALLOC(sin6_p, struct sockaddr_in6 *, sizeof *sin6_p, M_SONAME,
475 M_WAITOK);
476 in6_sin_2_v4mapsin6(&sin, sin6_p);
477
478 return (struct sockaddr *)sin6_p;
479 }
480
481 int
482 in6_getsockaddr(struct socket *so, struct sockaddr **nam)
483 {
484 register struct inpcb *inp;
485 struct in6_addr addr;
486 in_port_t port;
487
488 inp = sotoinpcb(so);
489 KASSERT(inp != NULL, ("in6_getsockaddr: inp == NULL"));
490
491 INP_LOCK(inp);
492 port = inp->inp_lport;
493 addr = inp->in6p_laddr;
494 INP_UNLOCK(inp);
495
496 *nam = in6_sockaddr(port, &addr);
497 return 0;
498 }
499
500 int
501 in6_getpeeraddr(struct socket *so, struct sockaddr **nam)
502 {
503 struct inpcb *inp;
504 struct in6_addr addr;
505 in_port_t port;
506
507 inp = sotoinpcb(so);
508 KASSERT(inp != NULL, ("in6_getpeeraddr: inp == NULL"));
509
510 INP_LOCK(inp);
511 port = inp->inp_fport;
512 addr = inp->in6p_faddr;
513 INP_UNLOCK(inp);
514
515 *nam = in6_sockaddr(port, &addr);
516 return 0;
517 }
518
519 int
520 in6_mapped_sockaddr(struct socket *so, struct sockaddr **nam)
521 {
522 struct inpcb *inp;
523 int error;
524
525 inp = sotoinpcb(so);
526 KASSERT(inp != NULL, ("in6_mapped_sockaddr: inp == NULL"));
527
528 if ((inp->inp_vflag & (INP_IPV4 | INP_IPV6)) == INP_IPV4) {
529 error = in_getsockaddr(so, nam);
530 if (error == 0)
531 in6_sin_2_v4mapsin6_in_sock(nam);
532 } else {
533 /* scope issues will be handled in in6_getsockaddr(). */
534 error = in6_getsockaddr(so, nam);
535 }
536
537 return error;
538 }
539
540 int
541 in6_mapped_peeraddr(struct socket *so, struct sockaddr **nam)
542 {
543 struct inpcb *inp;
544 int error;
545
546 inp = sotoinpcb(so);
547 KASSERT(inp != NULL, ("in6_mapped_peeraddr: inp == NULL"));
548
549 if ((inp->inp_vflag & (INP_IPV4 | INP_IPV6)) == INP_IPV4) {
550 error = in_getpeeraddr(so, nam);
551 if (error == 0)
552 in6_sin_2_v4mapsin6_in_sock(nam);
553 } else
554 /* scope issues will be handled in in6_getpeeraddr(). */
555 error = in6_getpeeraddr(so, nam);
556
557 return error;
558 }
559
560 /*
561 * Pass some notification to all connections of a protocol
562 * associated with address dst. The local address and/or port numbers
563 * may be specified to limit the search. The "usual action" will be
564 * taken, depending on the ctlinput cmd. The caller must filter any
565 * cmds that are uninteresting (e.g., no error in the map).
566 * Call the protocol specific routine (if any) to report
567 * any errors for each matching socket.
568 */
569 void
570 in6_pcbnotify(struct inpcbinfo *pcbinfo, struct sockaddr *dst,
571 u_int fport_arg, const struct sockaddr *src, u_int lport_arg,
572 int cmd, void *cmdarg,
573 struct inpcb *(*notify) __P((struct inpcb *, int)))
574 {
575 struct inpcbhead *head;
576 struct inpcb *inp, *ninp;
577 struct sockaddr_in6 sa6_src, *sa6_dst;
578 u_short fport = fport_arg, lport = lport_arg;
579 u_int32_t flowinfo;
580 int errno;
581
582 if ((unsigned)cmd >= PRC_NCMDS || dst->sa_family != AF_INET6)
583 return;
584
585 sa6_dst = (struct sockaddr_in6 *)dst;
586 if (IN6_IS_ADDR_UNSPECIFIED(&sa6_dst->sin6_addr))
587 return;
588
589 /*
590 * note that src can be NULL when we get notify by local fragmentation.
591 */
592 sa6_src = (src == NULL) ? sa6_any : *(const struct sockaddr_in6 *)src;
593 flowinfo = sa6_src.sin6_flowinfo;
594
595 /*
596 * Redirects go to all references to the destination,
597 * and use in6_rtchange to invalidate the route cache.
598 * Dead host indications: also use in6_rtchange to invalidate
599 * the cache, and deliver the error to all the sockets.
600 * Otherwise, if we have knowledge of the local port and address,
601 * deliver only to that socket.
602 */
603 if (PRC_IS_REDIRECT(cmd) || cmd == PRC_HOSTDEAD) {
604 fport = 0;
605 lport = 0;
606 bzero((caddr_t)&sa6_src.sin6_addr, sizeof(sa6_src.sin6_addr));
607
608 if (cmd != PRC_HOSTDEAD)
609 notify = in6_rtchange;
610 }
611 errno = inet6ctlerrmap[cmd];
612 head = pcbinfo->ipi_listhead;
613 INP_INFO_WLOCK(pcbinfo);
614 for (inp = LIST_FIRST(head); inp != NULL; inp = ninp) {
615 INP_LOCK(inp);
616 ninp = LIST_NEXT(inp, inp_list);
617
618 if ((inp->inp_vflag & INP_IPV6) == 0) {
619 INP_UNLOCK(inp);
620 continue;
621 }
622
623 /*
624 * If the error designates a new path MTU for a destination
625 * and the application (associated with this socket) wanted to
626 * know the value, notify. Note that we notify for all
627 * disconnected sockets if the corresponding application
628 * wanted. This is because some UDP applications keep sending
629 * sockets disconnected.
630 * XXX: should we avoid to notify the value to TCP sockets?
631 */
632 if (cmd == PRC_MSGSIZE && (inp->inp_flags & IN6P_MTU) != 0 &&
633 (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) ||
634 IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, &sa6_dst->sin6_addr))) {
635 ip6_notify_pmtu(inp, (struct sockaddr_in6 *)dst,
636 (u_int32_t *)cmdarg);
637 }
638
639 /*
640 * Detect if we should notify the error. If no source and
641 * destination ports are specifed, but non-zero flowinfo and
642 * local address match, notify the error. This is the case
643 * when the error is delivered with an encrypted buffer
644 * by ESP. Otherwise, just compare addresses and ports
645 * as usual.
646 */
647 if (lport == 0 && fport == 0 && flowinfo &&
648 inp->inp_socket != NULL &&
649 flowinfo == (inp->in6p_flowinfo & IPV6_FLOWLABEL_MASK) &&
650 IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, &sa6_src.sin6_addr))
651 goto do_notify;
652 else if (!IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr,
653 &sa6_dst->sin6_addr) ||
654 inp->inp_socket == 0 ||
655 (lport && inp->inp_lport != lport) ||
656 (!IN6_IS_ADDR_UNSPECIFIED(&sa6_src.sin6_addr) &&
657 !IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr,
658 &sa6_src.sin6_addr)) ||
659 (fport && inp->inp_fport != fport)) {
660 INP_UNLOCK(inp);
661 continue;
662 }
663
664 do_notify:
665 if (notify) {
666 if ((*notify)(inp, errno))
667 INP_UNLOCK(inp);
668 } else
669 INP_UNLOCK(inp);
670 }
671 INP_INFO_WUNLOCK(pcbinfo);
672 }
673
674 /*
675 * Lookup a PCB based on the local address and port.
676 */
677 struct inpcb *
678 in6_pcblookup_local(struct inpcbinfo *pcbinfo, struct in6_addr *laddr,
679 u_int lport_arg, int wild_okay)
680 {
681 register struct inpcb *inp;
682 int matchwild = 3, wildcard;
683 u_short lport = lport_arg;
684
685 INP_INFO_WLOCK_ASSERT(pcbinfo);
686
687 if (!wild_okay) {
688 struct inpcbhead *head;
689 /*
690 * Look for an unconnected (wildcard foreign addr) PCB that
691 * matches the local address and port we're looking for.
692 */
693 head = &pcbinfo->ipi_hashbase[INP_PCBHASH(INADDR_ANY, lport,
694 0, pcbinfo->ipi_hashmask)];
695 LIST_FOREACH(inp, head, inp_hash) {
696 if ((inp->inp_vflag & INP_IPV6) == 0)
697 continue;
698 if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) &&
699 IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr) &&
700 inp->inp_lport == lport) {
701 /*
702 * Found.
703 */
704 return (inp);
705 }
706 }
707 /*
708 * Not found.
709 */
710 return (NULL);
711 } else {
712 struct inpcbporthead *porthash;
713 struct inpcbport *phd;
714 struct inpcb *match = NULL;
715 /*
716 * Best fit PCB lookup.
717 *
718 * First see if this local port is in use by looking on the
719 * port hash list.
720 */
721 porthash = &pcbinfo->ipi_porthashbase[INP_PCBPORTHASH(lport,
722 pcbinfo->ipi_porthashmask)];
723 LIST_FOREACH(phd, porthash, phd_hash) {
724 if (phd->phd_port == lport)
725 break;
726 }
727 if (phd != NULL) {
728 /*
729 * Port is in use by one or more PCBs. Look for best
730 * fit.
731 */
732 LIST_FOREACH(inp, &phd->phd_pcblist, inp_portlist) {
733 wildcard = 0;
734 if ((inp->inp_vflag & INP_IPV6) == 0)
735 continue;
736 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr))
737 wildcard++;
738 if (!IN6_IS_ADDR_UNSPECIFIED(
739 &inp->in6p_laddr)) {
740 if (IN6_IS_ADDR_UNSPECIFIED(laddr))
741 wildcard++;
742 else if (!IN6_ARE_ADDR_EQUAL(
743 &inp->in6p_laddr, laddr))
744 continue;
745 } else {
746 if (!IN6_IS_ADDR_UNSPECIFIED(laddr))
747 wildcard++;
748 }
749 if (wildcard < matchwild) {
750 match = inp;
751 matchwild = wildcard;
752 if (matchwild == 0) {
753 break;
754 }
755 }
756 }
757 }
758 return (match);
759 }
760 }
761
762 void
763 in6_pcbpurgeif0(struct inpcbinfo *pcbinfo, struct ifnet *ifp)
764 {
765 struct in6pcb *in6p;
766 struct ip6_moptions *im6o;
767 struct in6_multi_mship *imm, *nimm;
768
769 INP_INFO_RLOCK(pcbinfo);
770 LIST_FOREACH(in6p, pcbinfo->ipi_listhead, inp_list) {
771 INP_LOCK(in6p);
772 im6o = in6p->in6p_moptions;
773 if ((in6p->inp_vflag & INP_IPV6) &&
774 im6o) {
775 /*
776 * Unselect the outgoing interface if it is being
777 * detached.
778 */
779 if (im6o->im6o_multicast_ifp == ifp)
780 im6o->im6o_multicast_ifp = NULL;
781
782 /*
783 * Drop multicast group membership if we joined
784 * through the interface being detached.
785 * XXX controversial - is it really legal for kernel
786 * to force this?
787 */
788 for (imm = im6o->im6o_memberships.lh_first;
789 imm != NULL; imm = nimm) {
790 nimm = imm->i6mm_chain.le_next;
791 if (imm->i6mm_maddr->in6m_ifp == ifp) {
792 LIST_REMOVE(imm, i6mm_chain);
793 in6_delmulti(imm->i6mm_maddr);
794 free(imm, M_IP6MADDR);
795 }
796 }
797 }
798 INP_UNLOCK(in6p);
799 }
800 INP_INFO_RUNLOCK(pcbinfo);
801 }
802
803 /*
804 * Check for alternatives when higher level complains
805 * about service problems. For now, invalidate cached
806 * routing information. If the route was created dynamically
807 * (by a redirect), time to try a default gateway again.
808 */
809 void
810 in6_losing(struct inpcb *in6p)
811 {
812
813 /*
814 * We don't store route pointers in the routing table anymore
815 */
816 return;
817 }
818
819 /*
820 * After a routing change, flush old routing
821 * and allocate a (hopefully) better one.
822 */
823 struct inpcb *
824 in6_rtchange(struct inpcb *inp, int errno)
825 {
826 /*
827 * We don't store route pointers in the routing table anymore
828 */
829 return inp;
830 }
831
832 /*
833 * Lookup PCB in hash list.
834 */
835 struct inpcb *
836 in6_pcblookup_hash(struct inpcbinfo *pcbinfo, struct in6_addr *faddr,
837 u_int fport_arg, struct in6_addr *laddr, u_int lport_arg,
838 int wildcard, struct ifnet *ifp)
839 {
840 struct inpcbhead *head;
841 register struct inpcb *inp;
842 u_short fport = fport_arg, lport = lport_arg;
843 int faith;
844
845 INP_INFO_RLOCK_ASSERT(pcbinfo);
846
847 if (faithprefix_p != NULL)
848 faith = (*faithprefix_p)(laddr);
849 else
850 faith = 0;
851
852 /*
853 * First look for an exact match.
854 */
855 head = &pcbinfo->ipi_hashbase[
856 INP_PCBHASH(faddr->s6_addr32[3] /* XXX */, lport, fport,
857 pcbinfo->ipi_hashmask)];
858 LIST_FOREACH(inp, head, inp_hash) {
859 if ((inp->inp_vflag & INP_IPV6) == 0)
860 continue;
861 if (IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, faddr) &&
862 IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr) &&
863 inp->inp_fport == fport &&
864 inp->inp_lport == lport) {
865 /*
866 * Found.
867 */
868 return (inp);
869 }
870 }
871 if (wildcard) {
872 struct inpcb *local_wild = NULL;
873
874 head = &pcbinfo->ipi_hashbase[INP_PCBHASH(INADDR_ANY, lport,
875 0, pcbinfo->ipi_hashmask)];
876 LIST_FOREACH(inp, head, inp_hash) {
877 if ((inp->inp_vflag & INP_IPV6) == 0)
878 continue;
879 if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) &&
880 inp->inp_lport == lport) {
881 if (faith && (inp->inp_flags & INP_FAITH) == 0)
882 continue;
883 if (IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr,
884 laddr))
885 return (inp);
886 else if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr))
887 local_wild = inp;
888 }
889 }
890 return (local_wild);
891 }
892
893 /*
894 * Not found.
895 */
896 return (NULL);
897 }
898
899 void
900 init_sin6(struct sockaddr_in6 *sin6, struct mbuf *m)
901 {
902 struct ip6_hdr *ip;
903
904 ip = mtod(m, struct ip6_hdr *);
905 bzero(sin6, sizeof(*sin6));
906 sin6->sin6_len = sizeof(*sin6);
907 sin6->sin6_family = AF_INET6;
908 sin6->sin6_addr = ip->ip6_src;
909
910 (void)sa6_recoverscope(sin6); /* XXX: should catch errors... */
911
912 return;
913 }
Cache object: fd3a57a9b4432bc9d988933b9ea7352a
|