| @@ -1,2085 +1,2102 @@ | | | @@ -1,2085 +1,2102 @@ |
1 | /* $NetBSD: icmp6.c,v 1.123.2.2 2007/05/24 19:13:14 pavel Exp $ */ | | 1 | /* $NetBSD: icmp6.c,v 1.123.2.2.4.1 2008/10/03 09:05:06 jdc Exp $ */ |
2 | /* $KAME: icmp6.c,v 1.217 2001/06/20 15:03:29 jinmei Exp $ */ | | 2 | /* $KAME: icmp6.c,v 1.217 2001/06/20 15:03:29 jinmei Exp $ */ |
3 | | | 3 | |
4 | /* | | 4 | /* |
5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | | 5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. |
6 | * All rights reserved. | | 6 | * All rights reserved. |
7 | * | | 7 | * |
8 | * Redistribution and use in source and binary forms, with or without | | 8 | * Redistribution and use in source and binary forms, with or without |
9 | * modification, are permitted provided that the following conditions | | 9 | * modification, are permitted provided that the following conditions |
10 | * are met: | | 10 | * are met: |
11 | * 1. Redistributions of source code must retain the above copyright | | 11 | * 1. Redistributions of source code must retain the above copyright |
12 | * notice, this list of conditions and the following disclaimer. | | 12 | * notice, this list of conditions and the following disclaimer. |
13 | * 2. Redistributions in binary form must reproduce the above copyright | | 13 | * 2. Redistributions in binary form must reproduce the above copyright |
14 | * notice, this list of conditions and the following disclaimer in the | | 14 | * notice, this list of conditions and the following disclaimer in the |
15 | * documentation and/or other materials provided with the distribution. | | 15 | * documentation and/or other materials provided with the distribution. |
16 | * 3. Neither the name of the project nor the names of its contributors | | 16 | * 3. Neither the name of the project nor the names of its contributors |
17 | * may be used to endorse or promote products derived from this software | | 17 | * may be used to endorse or promote products derived from this software |
18 | * without specific prior written permission. | | 18 | * without specific prior written permission. |
19 | * | | 19 | * |
20 | * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND | | 20 | * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND |
21 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | | 21 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
22 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | | 22 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
23 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE | | 23 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE |
24 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | | 24 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
25 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | | 25 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
26 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | | 26 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
27 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | | 27 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
28 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | | 28 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
29 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | | 29 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
30 | * SUCH DAMAGE. | | 30 | * SUCH DAMAGE. |
31 | */ | | 31 | */ |
32 | | | 32 | |
33 | /* | | 33 | /* |
34 | * Copyright (c) 1982, 1986, 1988, 1993 | | 34 | * Copyright (c) 1982, 1986, 1988, 1993 |
35 | * The Regents of the University of California. All rights reserved. | | 35 | * The Regents of the University of California. All rights reserved. |
36 | * | | 36 | * |
37 | * Redistribution and use in source and binary forms, with or without | | 37 | * Redistribution and use in source and binary forms, with or without |
38 | * modification, are permitted provided that the following conditions | | 38 | * modification, are permitted provided that the following conditions |
39 | * are met: | | 39 | * are met: |
40 | * 1. Redistributions of source code must retain the above copyright | | 40 | * 1. Redistributions of source code must retain the above copyright |
41 | * notice, this list of conditions and the following disclaimer. | | 41 | * notice, this list of conditions and the following disclaimer. |
42 | * 2. Redistributions in binary form must reproduce the above copyright | | 42 | * 2. Redistributions in binary form must reproduce the above copyright |
43 | * notice, this list of conditions and the following disclaimer in the | | 43 | * notice, this list of conditions and the following disclaimer in the |
44 | * documentation and/or other materials provided with the distribution. | | 44 | * documentation and/or other materials provided with the distribution. |
45 | * 3. Neither the name of the University nor the names of its contributors | | 45 | * 3. Neither the name of the University nor the names of its contributors |
46 | * may be used to endorse or promote products derived from this software | | 46 | * may be used to endorse or promote products derived from this software |
47 | * without specific prior written permission. | | 47 | * without specific prior written permission. |
48 | * | | 48 | * |
49 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND | | 49 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND |
50 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | | 50 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
51 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | | 51 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
52 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | | 52 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE |
53 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | | 53 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
54 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | | 54 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
55 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | | 55 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
56 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | | 56 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
57 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | | 57 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
58 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | | 58 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
59 | * SUCH DAMAGE. | | 59 | * SUCH DAMAGE. |
60 | * | | 60 | * |
61 | * @(#)ip_icmp.c 8.2 (Berkeley) 1/4/94 | | 61 | * @(#)ip_icmp.c 8.2 (Berkeley) 1/4/94 |
62 | */ | | 62 | */ |
63 | | | 63 | |
64 | #include <sys/cdefs.h> | | 64 | #include <sys/cdefs.h> |
65 | __KERNEL_RCSID(0, "$NetBSD: icmp6.c,v 1.123.2.2 2007/05/24 19:13:14 pavel Exp $"); | | 65 | __KERNEL_RCSID(0, "$NetBSD: icmp6.c,v 1.123.2.2.4.1 2008/10/03 09:05:06 jdc Exp $"); |
66 | | | 66 | |
67 | #include "opt_inet.h" | | 67 | #include "opt_inet.h" |
68 | #include "opt_ipsec.h" | | 68 | #include "opt_ipsec.h" |
69 | | | 69 | |
70 | #include <sys/param.h> | | 70 | #include <sys/param.h> |
71 | #include <sys/systm.h> | | 71 | #include <sys/systm.h> |
72 | #include <sys/malloc.h> | | 72 | #include <sys/malloc.h> |
73 | #include <sys/mbuf.h> | | 73 | #include <sys/mbuf.h> |
74 | #include <sys/protosw.h> | | 74 | #include <sys/protosw.h> |
75 | #include <sys/socket.h> | | 75 | #include <sys/socket.h> |
76 | #include <sys/socketvar.h> | | 76 | #include <sys/socketvar.h> |
77 | #include <sys/time.h> | | 77 | #include <sys/time.h> |
78 | #include <sys/kernel.h> | | 78 | #include <sys/kernel.h> |
79 | #include <sys/syslog.h> | | 79 | #include <sys/syslog.h> |
80 | #include <sys/domain.h> | | 80 | #include <sys/domain.h> |
81 | #include <sys/sysctl.h> | | 81 | #include <sys/sysctl.h> |
82 | | | 82 | |
83 | #include <net/if.h> | | 83 | #include <net/if.h> |
84 | #include <net/route.h> | | 84 | #include <net/route.h> |
85 | #include <net/if_dl.h> | | 85 | #include <net/if_dl.h> |
86 | #include <net/if_types.h> | | 86 | #include <net/if_types.h> |
87 | | | 87 | |
88 | #include <netinet/in.h> | | 88 | #include <netinet/in.h> |
89 | #include <netinet/in_var.h> | | 89 | #include <netinet/in_var.h> |
90 | #include <netinet/ip6.h> | | 90 | #include <netinet/ip6.h> |
91 | #include <netinet6/ip6_var.h> | | 91 | #include <netinet6/ip6_var.h> |
92 | #include <netinet/icmp6.h> | | 92 | #include <netinet/icmp6.h> |
93 | #include <netinet6/mld6_var.h> | | 93 | #include <netinet6/mld6_var.h> |
94 | #include <netinet6/in6_pcb.h> | | 94 | #include <netinet6/in6_pcb.h> |
95 | #include <netinet6/nd6.h> | | 95 | #include <netinet6/nd6.h> |
96 | #include <netinet6/in6_ifattach.h> | | 96 | #include <netinet6/in6_ifattach.h> |
97 | #include <netinet6/ip6protosw.h> | | 97 | #include <netinet6/ip6protosw.h> |
98 | #include <netinet6/scope6_var.h> | | 98 | #include <netinet6/scope6_var.h> |
99 | | | 99 | |
100 | #ifdef IPSEC | | 100 | #ifdef IPSEC |
101 | #include <netinet6/ipsec.h> | | 101 | #include <netinet6/ipsec.h> |
102 | #include <netkey/key.h> | | 102 | #include <netkey/key.h> |
103 | #endif | | 103 | #endif |
104 | | | 104 | |
105 | #ifdef FAST_IPSEC | | 105 | #ifdef FAST_IPSEC |
106 | #include <netipsec/ipsec.h> | | 106 | #include <netipsec/ipsec.h> |
107 | #include <netipsec/key.h> | | 107 | #include <netipsec/key.h> |
108 | #endif | | 108 | #endif |
109 | | | 109 | |
110 | | | 110 | |
111 | #include "faith.h" | | 111 | #include "faith.h" |
112 | #if defined(NFAITH) && 0 < NFAITH | | 112 | #if defined(NFAITH) && 0 < NFAITH |
113 | #include <net/if_faith.h> | | 113 | #include <net/if_faith.h> |
114 | #endif | | 114 | #endif |
115 | | | 115 | |
116 | #include <net/net_osdep.h> | | 116 | #include <net/net_osdep.h> |
117 | | | 117 | |
118 | extern struct domain inet6domain; | | 118 | extern struct domain inet6domain; |
119 | | | 119 | |
120 | struct icmp6stat icmp6stat; | | 120 | struct icmp6stat icmp6stat; |
121 | | | 121 | |
122 | extern struct inpcbtable raw6cbtable; | | 122 | extern struct inpcbtable raw6cbtable; |
123 | extern int icmp6errppslim; | | 123 | extern int icmp6errppslim; |
124 | static int icmp6errpps_count = 0; | | 124 | static int icmp6errpps_count = 0; |
125 | static struct timeval icmp6errppslim_last; | | 125 | static struct timeval icmp6errppslim_last; |
126 | extern int icmp6_nodeinfo; | | 126 | extern int icmp6_nodeinfo; |
127 | | | 127 | |
128 | /* | | 128 | /* |
129 | * List of callbacks to notify when Path MTU changes are made. | | 129 | * List of callbacks to notify when Path MTU changes are made. |
130 | */ | | 130 | */ |
131 | struct icmp6_mtudisc_callback { | | 131 | struct icmp6_mtudisc_callback { |
132 | LIST_ENTRY(icmp6_mtudisc_callback) mc_list; | | 132 | LIST_ENTRY(icmp6_mtudisc_callback) mc_list; |
133 | void (*mc_func) __P((struct in6_addr *)); | | 133 | void (*mc_func) __P((struct in6_addr *)); |
134 | }; | | 134 | }; |
135 | | | 135 | |
136 | LIST_HEAD(, icmp6_mtudisc_callback) icmp6_mtudisc_callbacks = | | 136 | LIST_HEAD(, icmp6_mtudisc_callback) icmp6_mtudisc_callbacks = |
137 | LIST_HEAD_INITIALIZER(&icmp6_mtudisc_callbacks); | | 137 | LIST_HEAD_INITIALIZER(&icmp6_mtudisc_callbacks); |
138 | | | 138 | |
139 | static struct rttimer_queue *icmp6_mtudisc_timeout_q = NULL; | | 139 | static struct rttimer_queue *icmp6_mtudisc_timeout_q = NULL; |
140 | extern int pmtu_expire; | | 140 | extern int pmtu_expire; |
141 | | | 141 | |
142 | /* XXX do these values make any sense? */ | | 142 | /* XXX do these values make any sense? */ |
143 | static int icmp6_mtudisc_hiwat = 1280; | | 143 | static int icmp6_mtudisc_hiwat = 1280; |
144 | static int icmp6_mtudisc_lowat = 256; | | 144 | static int icmp6_mtudisc_lowat = 256; |
145 | | | 145 | |
146 | /* | | 146 | /* |
147 | * keep track of # of redirect routes. | | 147 | * keep track of # of redirect routes. |
148 | */ | | 148 | */ |
149 | static struct rttimer_queue *icmp6_redirect_timeout_q = NULL; | | 149 | static struct rttimer_queue *icmp6_redirect_timeout_q = NULL; |
150 | | | 150 | |
151 | /* XXX experimental, turned off */ | | 151 | /* XXX experimental, turned off */ |
152 | static int icmp6_redirect_hiwat = -1; | | 152 | static int icmp6_redirect_hiwat = -1; |
153 | static int icmp6_redirect_lowat = -1; | | 153 | static int icmp6_redirect_lowat = -1; |
154 | | | 154 | |
155 | static void icmp6_errcount __P((struct icmp6errstat *, int, int)); | | 155 | static void icmp6_errcount __P((struct icmp6errstat *, int, int)); |
156 | static int icmp6_rip6_input __P((struct mbuf **, int)); | | 156 | static int icmp6_rip6_input __P((struct mbuf **, int)); |
157 | static int icmp6_ratelimit __P((const struct in6_addr *, const int, const int)); | | 157 | static int icmp6_ratelimit __P((const struct in6_addr *, const int, const int)); |
158 | static const char *icmp6_redirect_diag __P((struct in6_addr *, | | 158 | static const char *icmp6_redirect_diag __P((struct in6_addr *, |
159 | struct in6_addr *, struct in6_addr *)); | | 159 | struct in6_addr *, struct in6_addr *)); |
160 | static struct mbuf *ni6_input __P((struct mbuf *, int)); | | 160 | static struct mbuf *ni6_input __P((struct mbuf *, int)); |
161 | static struct mbuf *ni6_nametodns __P((const char *, int, int)); | | 161 | static struct mbuf *ni6_nametodns __P((const char *, int, int)); |
162 | static int ni6_dnsmatch __P((const char *, int, const char *, int)); | | 162 | static int ni6_dnsmatch __P((const char *, int, const char *, int)); |
163 | static int ni6_addrs __P((struct icmp6_nodeinfo *, struct mbuf *, | | 163 | static int ni6_addrs __P((struct icmp6_nodeinfo *, struct mbuf *, |
164 | struct ifnet **, char *)); | | 164 | struct ifnet **, char *)); |
165 | static int ni6_store_addrs __P((struct icmp6_nodeinfo *, struct icmp6_nodeinfo *, | | 165 | static int ni6_store_addrs __P((struct icmp6_nodeinfo *, struct icmp6_nodeinfo *, |
166 | struct ifnet *, int)); | | 166 | struct ifnet *, int)); |
167 | static int icmp6_notify_error __P((struct mbuf *, int, int, int)); | | 167 | static int icmp6_notify_error __P((struct mbuf *, int, int, int)); |
168 | static struct rtentry *icmp6_mtudisc_clone __P((struct sockaddr *)); | | 168 | static struct rtentry *icmp6_mtudisc_clone __P((struct sockaddr *)); |
169 | static void icmp6_mtudisc_timeout __P((struct rtentry *, struct rttimer *)); | | 169 | static void icmp6_mtudisc_timeout __P((struct rtentry *, struct rttimer *)); |
170 | static void icmp6_redirect_timeout __P((struct rtentry *, struct rttimer *)); | | 170 | static void icmp6_redirect_timeout __P((struct rtentry *, struct rttimer *)); |
171 | | | 171 | |
172 | | | 172 | |
173 | void | | 173 | void |
174 | icmp6_init() | | 174 | icmp6_init() |
175 | { | | 175 | { |
176 | mld_init(); | | 176 | mld_init(); |
177 | icmp6_mtudisc_timeout_q = rt_timer_queue_create(pmtu_expire); | | 177 | icmp6_mtudisc_timeout_q = rt_timer_queue_create(pmtu_expire); |
178 | icmp6_redirect_timeout_q = rt_timer_queue_create(icmp6_redirtimeout); | | 178 | icmp6_redirect_timeout_q = rt_timer_queue_create(icmp6_redirtimeout); |
179 | } | | 179 | } |
180 | | | 180 | |
181 | static void | | 181 | static void |
182 | icmp6_errcount(stat, type, code) | | 182 | icmp6_errcount(stat, type, code) |
183 | struct icmp6errstat *stat; | | 183 | struct icmp6errstat *stat; |
184 | int type, code; | | 184 | int type, code; |
185 | { | | 185 | { |
186 | switch (type) { | | 186 | switch (type) { |
187 | case ICMP6_DST_UNREACH: | | 187 | case ICMP6_DST_UNREACH: |
188 | switch (code) { | | 188 | switch (code) { |
189 | case ICMP6_DST_UNREACH_NOROUTE: | | 189 | case ICMP6_DST_UNREACH_NOROUTE: |
190 | stat->icp6errs_dst_unreach_noroute++; | | 190 | stat->icp6errs_dst_unreach_noroute++; |
191 | return; | | 191 | return; |
192 | case ICMP6_DST_UNREACH_ADMIN: | | 192 | case ICMP6_DST_UNREACH_ADMIN: |
193 | stat->icp6errs_dst_unreach_admin++; | | 193 | stat->icp6errs_dst_unreach_admin++; |
194 | return; | | 194 | return; |
195 | case ICMP6_DST_UNREACH_BEYONDSCOPE: | | 195 | case ICMP6_DST_UNREACH_BEYONDSCOPE: |
196 | stat->icp6errs_dst_unreach_beyondscope++; | | 196 | stat->icp6errs_dst_unreach_beyondscope++; |
197 | return; | | 197 | return; |
198 | case ICMP6_DST_UNREACH_ADDR: | | 198 | case ICMP6_DST_UNREACH_ADDR: |
199 | stat->icp6errs_dst_unreach_addr++; | | 199 | stat->icp6errs_dst_unreach_addr++; |
200 | return; | | 200 | return; |
201 | case ICMP6_DST_UNREACH_NOPORT: | | 201 | case ICMP6_DST_UNREACH_NOPORT: |
202 | stat->icp6errs_dst_unreach_noport++; | | 202 | stat->icp6errs_dst_unreach_noport++; |
203 | return; | | 203 | return; |
204 | } | | 204 | } |
205 | break; | | 205 | break; |
206 | case ICMP6_PACKET_TOO_BIG: | | 206 | case ICMP6_PACKET_TOO_BIG: |
207 | stat->icp6errs_packet_too_big++; | | 207 | stat->icp6errs_packet_too_big++; |
208 | return; | | 208 | return; |
209 | case ICMP6_TIME_EXCEEDED: | | 209 | case ICMP6_TIME_EXCEEDED: |
210 | switch (code) { | | 210 | switch (code) { |
211 | case ICMP6_TIME_EXCEED_TRANSIT: | | 211 | case ICMP6_TIME_EXCEED_TRANSIT: |
212 | stat->icp6errs_time_exceed_transit++; | | 212 | stat->icp6errs_time_exceed_transit++; |
213 | return; | | 213 | return; |
214 | case ICMP6_TIME_EXCEED_REASSEMBLY: | | 214 | case ICMP6_TIME_EXCEED_REASSEMBLY: |
215 | stat->icp6errs_time_exceed_reassembly++; | | 215 | stat->icp6errs_time_exceed_reassembly++; |
216 | return; | | 216 | return; |
217 | } | | 217 | } |
218 | break; | | 218 | break; |
219 | case ICMP6_PARAM_PROB: | | 219 | case ICMP6_PARAM_PROB: |
220 | switch (code) { | | 220 | switch (code) { |
221 | case ICMP6_PARAMPROB_HEADER: | | 221 | case ICMP6_PARAMPROB_HEADER: |
222 | stat->icp6errs_paramprob_header++; | | 222 | stat->icp6errs_paramprob_header++; |
223 | return; | | 223 | return; |
224 | case ICMP6_PARAMPROB_NEXTHEADER: | | 224 | case ICMP6_PARAMPROB_NEXTHEADER: |
225 | stat->icp6errs_paramprob_nextheader++; | | 225 | stat->icp6errs_paramprob_nextheader++; |
226 | return; | | 226 | return; |
227 | case ICMP6_PARAMPROB_OPTION: | | 227 | case ICMP6_PARAMPROB_OPTION: |
228 | stat->icp6errs_paramprob_option++; | | 228 | stat->icp6errs_paramprob_option++; |
229 | return; | | 229 | return; |
230 | } | | 230 | } |
231 | break; | | 231 | break; |
232 | case ND_REDIRECT: | | 232 | case ND_REDIRECT: |
233 | stat->icp6errs_redirect++; | | 233 | stat->icp6errs_redirect++; |
234 | return; | | 234 | return; |
235 | } | | 235 | } |
236 | stat->icp6errs_unknown++; | | 236 | stat->icp6errs_unknown++; |
237 | } | | 237 | } |
238 | | | 238 | |
239 | /* | | 239 | /* |
240 | * Register a Path MTU Discovery callback. | | 240 | * Register a Path MTU Discovery callback. |
241 | */ | | 241 | */ |
242 | void | | 242 | void |
243 | icmp6_mtudisc_callback_register(func) | | 243 | icmp6_mtudisc_callback_register(func) |
244 | void (*func) __P((struct in6_addr *)); | | 244 | void (*func) __P((struct in6_addr *)); |
245 | { | | 245 | { |
246 | struct icmp6_mtudisc_callback *mc; | | 246 | struct icmp6_mtudisc_callback *mc; |
247 | | | 247 | |
248 | for (mc = LIST_FIRST(&icmp6_mtudisc_callbacks); mc != NULL; | | 248 | for (mc = LIST_FIRST(&icmp6_mtudisc_callbacks); mc != NULL; |
249 | mc = LIST_NEXT(mc, mc_list)) { | | 249 | mc = LIST_NEXT(mc, mc_list)) { |
250 | if (mc->mc_func == func) | | 250 | if (mc->mc_func == func) |
251 | return; | | 251 | return; |
252 | } | | 252 | } |
253 | | | 253 | |
254 | mc = malloc(sizeof(*mc), M_PCB, M_NOWAIT); | | 254 | mc = malloc(sizeof(*mc), M_PCB, M_NOWAIT); |
255 | if (mc == NULL) | | 255 | if (mc == NULL) |
256 | panic("icmp6_mtudisc_callback_register"); | | 256 | panic("icmp6_mtudisc_callback_register"); |
257 | | | 257 | |
258 | mc->mc_func = func; | | 258 | mc->mc_func = func; |
259 | LIST_INSERT_HEAD(&icmp6_mtudisc_callbacks, mc, mc_list); | | 259 | LIST_INSERT_HEAD(&icmp6_mtudisc_callbacks, mc, mc_list); |
260 | } | | 260 | } |
261 | | | 261 | |
262 | /* | | 262 | /* |
263 | * A wrapper function for icmp6_error() necessary when the erroneous packet | | 263 | * A wrapper function for icmp6_error() necessary when the erroneous packet |
264 | * may not contain enough scope zone information. | | 264 | * may not contain enough scope zone information. |
265 | */ | | 265 | */ |
266 | void | | 266 | void |
267 | icmp6_error2(m, type, code, param, ifp) | | 267 | icmp6_error2(m, type, code, param, ifp) |
268 | struct mbuf *m; | | 268 | struct mbuf *m; |
269 | int type, code, param; | | 269 | int type, code, param; |
270 | struct ifnet *ifp; | | 270 | struct ifnet *ifp; |
271 | { | | 271 | { |
272 | struct ip6_hdr *ip6; | | 272 | struct ip6_hdr *ip6; |
273 | | | 273 | |
274 | if (ifp == NULL) | | 274 | if (ifp == NULL) |
275 | return; | | 275 | return; |
276 | | | 276 | |
277 | if (m->m_len < sizeof(struct ip6_hdr)) { | | 277 | if (m->m_len < sizeof(struct ip6_hdr)) { |
278 | m = m_pullup(m, sizeof(struct ip6_hdr)); | | 278 | m = m_pullup(m, sizeof(struct ip6_hdr)); |
279 | if (m == NULL) | | 279 | if (m == NULL) |
280 | return; | | 280 | return; |
281 | } | | 281 | } |
282 | | | 282 | |
283 | ip6 = mtod(m, struct ip6_hdr *); | | 283 | ip6 = mtod(m, struct ip6_hdr *); |
284 | | | 284 | |
285 | if (in6_setscope(&ip6->ip6_src, ifp, NULL) != 0) | | 285 | if (in6_setscope(&ip6->ip6_src, ifp, NULL) != 0) |
286 | return; | | 286 | return; |
287 | if (in6_setscope(&ip6->ip6_dst, ifp, NULL) != 0) | | 287 | if (in6_setscope(&ip6->ip6_dst, ifp, NULL) != 0) |
288 | return; | | 288 | return; |
289 | | | 289 | |
290 | icmp6_error(m, type, code, param); | | 290 | icmp6_error(m, type, code, param); |
291 | } | | 291 | } |
292 | | | 292 | |
293 | /* | | 293 | /* |
294 | * Generate an error packet of type error in response to bad IP6 packet. | | 294 | * Generate an error packet of type error in response to bad IP6 packet. |
295 | */ | | 295 | */ |
296 | void | | 296 | void |
297 | icmp6_error(m, type, code, param) | | 297 | icmp6_error(m, type, code, param) |
298 | struct mbuf *m; | | 298 | struct mbuf *m; |
299 | int type, code, param; | | 299 | int type, code, param; |
300 | { | | 300 | { |
301 | struct ip6_hdr *oip6, *nip6; | | 301 | struct ip6_hdr *oip6, *nip6; |
302 | struct icmp6_hdr *icmp6; | | 302 | struct icmp6_hdr *icmp6; |
303 | u_int preplen; | | 303 | u_int preplen; |
304 | int off; | | 304 | int off; |
305 | int nxt; | | 305 | int nxt; |
306 | | | 306 | |
307 | icmp6stat.icp6s_error++; | | 307 | icmp6stat.icp6s_error++; |
308 | | | 308 | |
309 | /* count per-type-code statistics */ | | 309 | /* count per-type-code statistics */ |
310 | icmp6_errcount(&icmp6stat.icp6s_outerrhist, type, code); | | 310 | icmp6_errcount(&icmp6stat.icp6s_outerrhist, type, code); |
311 | | | 311 | |
312 | if (m->m_flags & M_DECRYPTED) { | | 312 | if (m->m_flags & M_DECRYPTED) { |
313 | icmp6stat.icp6s_canterror++; | | 313 | icmp6stat.icp6s_canterror++; |
314 | goto freeit; | | 314 | goto freeit; |
315 | } | | 315 | } |
316 | | | 316 | |
317 | if (m->m_len < sizeof(struct ip6_hdr)) { | | 317 | if (m->m_len < sizeof(struct ip6_hdr)) { |
318 | m = m_pullup(m, sizeof(struct ip6_hdr)); | | 318 | m = m_pullup(m, sizeof(struct ip6_hdr)); |
319 | if (m == NULL) | | 319 | if (m == NULL) |
320 | return; | | 320 | return; |
321 | } | | 321 | } |
322 | oip6 = mtod(m, struct ip6_hdr *); | | 322 | oip6 = mtod(m, struct ip6_hdr *); |
323 | | | 323 | |
324 | /* | | 324 | /* |
325 | * If the destination address of the erroneous packet is a multicast | | 325 | * If the destination address of the erroneous packet is a multicast |
326 | * address, or the packet was sent using link-layer multicast, | | 326 | * address, or the packet was sent using link-layer multicast, |
327 | * we should basically suppress sending an error (RFC 2463, Section | | 327 | * we should basically suppress sending an error (RFC 2463, Section |
328 | * 2.4). | | 328 | * 2.4). |
329 | * We have two exceptions (the item e.2 in that section): | | 329 | * We have two exceptions (the item e.2 in that section): |
330 | * - the Pakcet Too Big message can be sent for path MTU discovery. | | 330 | * - the Pakcet Too Big message can be sent for path MTU discovery. |
331 | * - the Parameter Problem Message that can be allowed an icmp6 error | | 331 | * - the Parameter Problem Message that can be allowed an icmp6 error |
332 | * in the option type field. This check has been done in | | 332 | * in the option type field. This check has been done in |
333 | * ip6_unknown_opt(), so we can just check the type and code. | | 333 | * ip6_unknown_opt(), so we can just check the type and code. |
334 | */ | | 334 | */ |
335 | if ((m->m_flags & (M_BCAST|M_MCAST) || | | 335 | if ((m->m_flags & (M_BCAST|M_MCAST) || |
336 | IN6_IS_ADDR_MULTICAST(&oip6->ip6_dst)) && | | 336 | IN6_IS_ADDR_MULTICAST(&oip6->ip6_dst)) && |
337 | (type != ICMP6_PACKET_TOO_BIG && | | 337 | (type != ICMP6_PACKET_TOO_BIG && |
338 | (type != ICMP6_PARAM_PROB || | | 338 | (type != ICMP6_PARAM_PROB || |
339 | code != ICMP6_PARAMPROB_OPTION))) | | 339 | code != ICMP6_PARAMPROB_OPTION))) |
340 | goto freeit; | | 340 | goto freeit; |
341 | | | 341 | |
342 | /* | | 342 | /* |
343 | * RFC 2463, 2.4 (e.5): source address check. | | 343 | * RFC 2463, 2.4 (e.5): source address check. |
344 | * XXX: the case of anycast source? | | 344 | * XXX: the case of anycast source? |
345 | */ | | 345 | */ |
346 | if (IN6_IS_ADDR_UNSPECIFIED(&oip6->ip6_src) || | | 346 | if (IN6_IS_ADDR_UNSPECIFIED(&oip6->ip6_src) || |
347 | IN6_IS_ADDR_MULTICAST(&oip6->ip6_src)) | | 347 | IN6_IS_ADDR_MULTICAST(&oip6->ip6_src)) |
348 | goto freeit; | | 348 | goto freeit; |
349 | | | 349 | |
350 | /* | | 350 | /* |
351 | * If we are about to send ICMPv6 against ICMPv6 error/redirect, | | 351 | * If we are about to send ICMPv6 against ICMPv6 error/redirect, |
352 | * don't do it. | | 352 | * don't do it. |
353 | */ | | 353 | */ |
354 | nxt = -1; | | 354 | nxt = -1; |
355 | off = ip6_lasthdr(m, 0, IPPROTO_IPV6, &nxt); | | 355 | off = ip6_lasthdr(m, 0, IPPROTO_IPV6, &nxt); |
356 | if (off >= 0 && nxt == IPPROTO_ICMPV6) { | | 356 | if (off >= 0 && nxt == IPPROTO_ICMPV6) { |
357 | struct icmp6_hdr *icp; | | 357 | struct icmp6_hdr *icp; |
358 | | | 358 | |
359 | IP6_EXTHDR_GET(icp, struct icmp6_hdr *, m, off, | | 359 | IP6_EXTHDR_GET(icp, struct icmp6_hdr *, m, off, |
360 | sizeof(*icp)); | | 360 | sizeof(*icp)); |
361 | if (icp == NULL) { | | 361 | if (icp == NULL) { |
362 | icmp6stat.icp6s_tooshort++; | | 362 | icmp6stat.icp6s_tooshort++; |
363 | return; | | 363 | return; |
364 | } | | 364 | } |
365 | if (icp->icmp6_type < ICMP6_ECHO_REQUEST || | | 365 | if (icp->icmp6_type < ICMP6_ECHO_REQUEST || |
366 | icp->icmp6_type == ND_REDIRECT) { | | 366 | icp->icmp6_type == ND_REDIRECT) { |
367 | /* | | 367 | /* |
368 | * ICMPv6 error | | 368 | * ICMPv6 error |
369 | * Special case: for redirect (which is | | 369 | * Special case: for redirect (which is |
370 | * informational) we must not send icmp6 error. | | 370 | * informational) we must not send icmp6 error. |
371 | */ | | 371 | */ |
372 | icmp6stat.icp6s_canterror++; | | 372 | icmp6stat.icp6s_canterror++; |
373 | goto freeit; | | 373 | goto freeit; |
374 | } else { | | 374 | } else { |
375 | /* ICMPv6 informational - send the error */ | | 375 | /* ICMPv6 informational - send the error */ |
376 | } | | 376 | } |
377 | } | | 377 | } |
378 | #if 0 /* controversial */ | | 378 | #if 0 /* controversial */ |
379 | else if (off >= 0 && nxt == IPPROTO_ESP) { | | 379 | else if (off >= 0 && nxt == IPPROTO_ESP) { |
380 | /* | | 380 | /* |
381 | * It could be ICMPv6 error inside ESP. Take a safer side, | | 381 | * It could be ICMPv6 error inside ESP. Take a safer side, |
382 | * don't respond. | | 382 | * don't respond. |
383 | */ | | 383 | */ |
384 | icmp6stat.icp6s_canterror++; | | 384 | icmp6stat.icp6s_canterror++; |
385 | goto freeit; | | 385 | goto freeit; |
386 | } | | 386 | } |
387 | #endif | | 387 | #endif |
388 | else { | | 388 | else { |
389 | /* non-ICMPv6 - send the error */ | | 389 | /* non-ICMPv6 - send the error */ |
390 | } | | 390 | } |
391 | | | 391 | |
392 | oip6 = mtod(m, struct ip6_hdr *); /* adjust pointer */ | | 392 | oip6 = mtod(m, struct ip6_hdr *); /* adjust pointer */ |
393 | | | 393 | |
394 | /* Finally, do rate limitation check. */ | | 394 | /* Finally, do rate limitation check. */ |
395 | if (icmp6_ratelimit(&oip6->ip6_src, type, code)) { | | 395 | if (icmp6_ratelimit(&oip6->ip6_src, type, code)) { |
396 | icmp6stat.icp6s_toofreq++; | | 396 | icmp6stat.icp6s_toofreq++; |
397 | goto freeit; | | 397 | goto freeit; |
398 | } | | 398 | } |
399 | | | 399 | |
400 | /* | | 400 | /* |
401 | * OK, ICMP6 can be generated. | | 401 | * OK, ICMP6 can be generated. |
402 | */ | | 402 | */ |
403 | | | 403 | |
404 | if (m->m_pkthdr.len >= ICMPV6_PLD_MAXLEN) | | 404 | if (m->m_pkthdr.len >= ICMPV6_PLD_MAXLEN) |
405 | m_adj(m, ICMPV6_PLD_MAXLEN - m->m_pkthdr.len); | | 405 | m_adj(m, ICMPV6_PLD_MAXLEN - m->m_pkthdr.len); |
406 | | | 406 | |
407 | preplen = sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr); | | 407 | preplen = sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr); |
408 | M_PREPEND(m, preplen, M_DONTWAIT); | | 408 | M_PREPEND(m, preplen, M_DONTWAIT); |
409 | if (m && m->m_len < preplen) | | 409 | if (m && m->m_len < preplen) |
410 | m = m_pullup(m, preplen); | | 410 | m = m_pullup(m, preplen); |
411 | if (m == NULL) { | | 411 | if (m == NULL) { |
412 | nd6log((LOG_DEBUG, "ENOBUFS in icmp6_error %d\n", __LINE__)); | | 412 | nd6log((LOG_DEBUG, "ENOBUFS in icmp6_error %d\n", __LINE__)); |
413 | return; | | 413 | return; |
414 | } | | 414 | } |
415 | | | 415 | |
416 | nip6 = mtod(m, struct ip6_hdr *); | | 416 | nip6 = mtod(m, struct ip6_hdr *); |
417 | nip6->ip6_src = oip6->ip6_src; | | 417 | nip6->ip6_src = oip6->ip6_src; |
418 | nip6->ip6_dst = oip6->ip6_dst; | | 418 | nip6->ip6_dst = oip6->ip6_dst; |
419 | | | 419 | |
420 | in6_clearscope(&oip6->ip6_src); | | 420 | in6_clearscope(&oip6->ip6_src); |
421 | in6_clearscope(&oip6->ip6_dst); | | 421 | in6_clearscope(&oip6->ip6_dst); |
422 | | | 422 | |
423 | icmp6 = (struct icmp6_hdr *)(nip6 + 1); | | 423 | icmp6 = (struct icmp6_hdr *)(nip6 + 1); |
424 | icmp6->icmp6_type = type; | | 424 | icmp6->icmp6_type = type; |
425 | icmp6->icmp6_code = code; | | 425 | icmp6->icmp6_code = code; |
426 | icmp6->icmp6_pptr = htonl((u_int32_t)param); | | 426 | icmp6->icmp6_pptr = htonl((u_int32_t)param); |
427 | | | 427 | |
428 | /* | | 428 | /* |
429 | * icmp6_reflect() is designed to be in the input path. | | 429 | * icmp6_reflect() is designed to be in the input path. |
430 | * icmp6_error() can be called from both input and output path, | | 430 | * icmp6_error() can be called from both input and output path, |
431 | * and if we are in output path rcvif could contain bogus value. | | 431 | * and if we are in output path rcvif could contain bogus value. |
432 | * clear m->m_pkthdr.rcvif for safety, we should have enough scope | | 432 | * clear m->m_pkthdr.rcvif for safety, we should have enough scope |
433 | * information in ip header (nip6). | | 433 | * information in ip header (nip6). |
434 | */ | | 434 | */ |
435 | m->m_pkthdr.rcvif = NULL; | | 435 | m->m_pkthdr.rcvif = NULL; |
436 | | | 436 | |
437 | icmp6stat.icp6s_outhist[type]++; | | 437 | icmp6stat.icp6s_outhist[type]++; |
438 | icmp6_reflect(m, sizeof(struct ip6_hdr)); /* header order: IPv6 - ICMPv6 */ | | 438 | icmp6_reflect(m, sizeof(struct ip6_hdr)); /* header order: IPv6 - ICMPv6 */ |
439 | | | 439 | |
440 | return; | | 440 | return; |
441 | | | 441 | |
442 | freeit: | | 442 | freeit: |
443 | /* | | 443 | /* |
444 | * If we can't tell whether or not we can generate ICMP6, free it. | | 444 | * If we can't tell whether or not we can generate ICMP6, free it. |
445 | */ | | 445 | */ |
446 | m_freem(m); | | 446 | m_freem(m); |
447 | } | | 447 | } |
448 | | | 448 | |
449 | /* | | 449 | /* |
450 | * Process a received ICMP6 message. | | 450 | * Process a received ICMP6 message. |
451 | */ | | 451 | */ |
452 | int | | 452 | int |
453 | icmp6_input(struct mbuf **mp, int *offp, int proto) | | 453 | icmp6_input(struct mbuf **mp, int *offp, int proto) |
454 | { | | 454 | { |
455 | struct mbuf *m = *mp, *n; | | 455 | struct mbuf *m = *mp, *n; |
456 | struct ip6_hdr *ip6, *nip6; | | 456 | struct ip6_hdr *ip6, *nip6; |
457 | struct icmp6_hdr *icmp6, *nicmp6; | | 457 | struct icmp6_hdr *icmp6, *nicmp6; |
458 | int off = *offp; | | 458 | int off = *offp; |
459 | int icmp6len = m->m_pkthdr.len - *offp; | | 459 | int icmp6len = m->m_pkthdr.len - *offp; |
460 | int code, sum, noff; | | 460 | int code, sum, noff; |
461 | | | 461 | |
462 | #define ICMP6_MAXLEN (sizeof(*nip6) + sizeof(*nicmp6) + 4) | | 462 | #define ICMP6_MAXLEN (sizeof(*nip6) + sizeof(*nicmp6) + 4) |
463 | KASSERT(ICMP6_MAXLEN < MCLBYTES); | | 463 | KASSERT(ICMP6_MAXLEN < MCLBYTES); |
464 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_msg); | | 464 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_msg); |
465 | | | 465 | |
466 | /* | | 466 | /* |
467 | * Locate icmp6 structure in mbuf, and check | | 467 | * Locate icmp6 structure in mbuf, and check |
468 | * that not corrupted and of at least minimum length | | 468 | * that not corrupted and of at least minimum length |
469 | */ | | 469 | */ |
470 | | | 470 | |
471 | ip6 = mtod(m, struct ip6_hdr *); | | 471 | ip6 = mtod(m, struct ip6_hdr *); |
472 | if (icmp6len < sizeof(struct icmp6_hdr)) { | | 472 | if (icmp6len < sizeof(struct icmp6_hdr)) { |
473 | icmp6stat.icp6s_tooshort++; | | 473 | icmp6stat.icp6s_tooshort++; |
474 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_error); | | 474 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_error); |
475 | goto freeit; | | 475 | goto freeit; |
476 | } | | 476 | } |
477 | | | 477 | |
478 | /* | | 478 | /* |
479 | * calculate the checksum | | 479 | * calculate the checksum |
480 | */ | | 480 | */ |
481 | IP6_EXTHDR_GET(icmp6, struct icmp6_hdr *, m, off, sizeof(*icmp6)); | | 481 | IP6_EXTHDR_GET(icmp6, struct icmp6_hdr *, m, off, sizeof(*icmp6)); |
482 | if (icmp6 == NULL) { | | 482 | if (icmp6 == NULL) { |
483 | icmp6stat.icp6s_tooshort++; | | 483 | icmp6stat.icp6s_tooshort++; |
484 | /* m is invalid */ | | 484 | /* m is invalid */ |
485 | /*icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_error);*/ | | 485 | /*icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_error);*/ |
486 | return IPPROTO_DONE; | | 486 | return IPPROTO_DONE; |
487 | } | | 487 | } |
488 | KASSERT(IP6_HDR_ALIGNED_P(icmp6)); | | 488 | KASSERT(IP6_HDR_ALIGNED_P(icmp6)); |
489 | code = icmp6->icmp6_code; | | 489 | code = icmp6->icmp6_code; |
490 | | | 490 | |
491 | if ((sum = in6_cksum(m, IPPROTO_ICMPV6, off, icmp6len)) != 0) { | | 491 | if ((sum = in6_cksum(m, IPPROTO_ICMPV6, off, icmp6len)) != 0) { |
492 | nd6log((LOG_ERR, | | 492 | nd6log((LOG_ERR, |
493 | "ICMP6 checksum error(%d|%x) %s\n", | | 493 | "ICMP6 checksum error(%d|%x) %s\n", |
494 | icmp6->icmp6_type, sum, ip6_sprintf(&ip6->ip6_src))); | | 494 | icmp6->icmp6_type, sum, ip6_sprintf(&ip6->ip6_src))); |
495 | icmp6stat.icp6s_checksum++; | | 495 | icmp6stat.icp6s_checksum++; |
496 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_error); | | 496 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_error); |
497 | goto freeit; | | 497 | goto freeit; |
498 | } | | 498 | } |
499 | | | 499 | |
500 | #if defined(NFAITH) && 0 < NFAITH | | 500 | #if defined(NFAITH) && 0 < NFAITH |
501 | if (faithprefix(&ip6->ip6_dst)) { | | 501 | if (faithprefix(&ip6->ip6_dst)) { |
502 | /* | | 502 | /* |
503 | * Deliver very specific ICMP6 type only. | | 503 | * Deliver very specific ICMP6 type only. |
504 | * This is important to deliver TOOBIG. Otherwise PMTUD | | 504 | * This is important to deliver TOOBIG. Otherwise PMTUD |
505 | * will not work. | | 505 | * will not work. |
506 | */ | | 506 | */ |
507 | switch (icmp6->icmp6_type) { | | 507 | switch (icmp6->icmp6_type) { |
508 | case ICMP6_DST_UNREACH: | | 508 | case ICMP6_DST_UNREACH: |
509 | case ICMP6_PACKET_TOO_BIG: | | 509 | case ICMP6_PACKET_TOO_BIG: |
510 | case ICMP6_TIME_EXCEEDED: | | 510 | case ICMP6_TIME_EXCEEDED: |
511 | break; | | 511 | break; |
512 | default: | | 512 | default: |
513 | goto freeit; | | 513 | goto freeit; |
514 | } | | 514 | } |
515 | } | | 515 | } |
516 | #endif | | 516 | #endif |
517 | | | 517 | |
518 | icmp6stat.icp6s_inhist[icmp6->icmp6_type]++; | | 518 | icmp6stat.icp6s_inhist[icmp6->icmp6_type]++; |
519 | | | 519 | |
520 | switch (icmp6->icmp6_type) { | | 520 | switch (icmp6->icmp6_type) { |
521 | case ICMP6_DST_UNREACH: | | 521 | case ICMP6_DST_UNREACH: |
522 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_dstunreach); | | 522 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_dstunreach); |
523 | switch (code) { | | 523 | switch (code) { |
524 | case ICMP6_DST_UNREACH_NOROUTE: | | 524 | case ICMP6_DST_UNREACH_NOROUTE: |
525 | code = PRC_UNREACH_NET; | | 525 | code = PRC_UNREACH_NET; |
526 | break; | | 526 | break; |
527 | case ICMP6_DST_UNREACH_ADMIN: | | 527 | case ICMP6_DST_UNREACH_ADMIN: |
528 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_adminprohib); | | 528 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_adminprohib); |
529 | code = PRC_UNREACH_PROTOCOL; /* is this a good code? */ | | 529 | code = PRC_UNREACH_PROTOCOL; /* is this a good code? */ |
530 | break; | | 530 | break; |
531 | case ICMP6_DST_UNREACH_ADDR: | | 531 | case ICMP6_DST_UNREACH_ADDR: |
532 | code = PRC_HOSTDEAD; | | 532 | code = PRC_HOSTDEAD; |
533 | break; | | 533 | break; |
534 | #ifdef COMPAT_RFC1885 | | 534 | #ifdef COMPAT_RFC1885 |
535 | case ICMP6_DST_UNREACH_NOTNEIGHBOR: | | 535 | case ICMP6_DST_UNREACH_NOTNEIGHBOR: |
536 | code = PRC_UNREACH_SRCFAIL; | | 536 | code = PRC_UNREACH_SRCFAIL; |
537 | break; | | 537 | break; |
538 | #else | | 538 | #else |
539 | case ICMP6_DST_UNREACH_BEYONDSCOPE: | | 539 | case ICMP6_DST_UNREACH_BEYONDSCOPE: |
540 | /* I mean "source address was incorrect." */ | | 540 | /* I mean "source address was incorrect." */ |
541 | code = PRC_UNREACH_NET; | | 541 | code = PRC_UNREACH_NET; |
542 | break; | | 542 | break; |
543 | #endif | | 543 | #endif |
544 | case ICMP6_DST_UNREACH_NOPORT: | | 544 | case ICMP6_DST_UNREACH_NOPORT: |
545 | code = PRC_UNREACH_PORT; | | 545 | code = PRC_UNREACH_PORT; |
546 | break; | | 546 | break; |
547 | default: | | 547 | default: |
548 | goto badcode; | | 548 | goto badcode; |
549 | } | | 549 | } |
550 | goto deliver; | | 550 | goto deliver; |
551 | | | 551 | |
552 | case ICMP6_PACKET_TOO_BIG: | | 552 | case ICMP6_PACKET_TOO_BIG: |
553 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_pkttoobig); | | 553 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_pkttoobig); |
554 | | | 554 | |
| | | 555 | /* |
| | | 556 | * MTU is checked in icmp6_mtudisc. |
| | | 557 | */ |
555 | code = PRC_MSGSIZE; | | 558 | code = PRC_MSGSIZE; |
556 | | | 559 | |
557 | /* | | 560 | /* |
558 | * Updating the path MTU will be done after examining | | 561 | * Updating the path MTU will be done after examining |
559 | * intermediate extension headers. | | 562 | * intermediate extension headers. |
560 | */ | | 563 | */ |
561 | goto deliver; | | 564 | goto deliver; |
562 | | | 565 | |
563 | case ICMP6_TIME_EXCEEDED: | | 566 | case ICMP6_TIME_EXCEEDED: |
564 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_timeexceed); | | 567 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_timeexceed); |
565 | switch (code) { | | 568 | switch (code) { |
566 | case ICMP6_TIME_EXCEED_TRANSIT: | | 569 | case ICMP6_TIME_EXCEED_TRANSIT: |
567 | code = PRC_TIMXCEED_INTRANS; | | 570 | code = PRC_TIMXCEED_INTRANS; |
568 | break; | | 571 | break; |
569 | case ICMP6_TIME_EXCEED_REASSEMBLY: | | 572 | case ICMP6_TIME_EXCEED_REASSEMBLY: |
570 | code = PRC_TIMXCEED_REASS; | | 573 | code = PRC_TIMXCEED_REASS; |
571 | break; | | 574 | break; |
572 | default: | | 575 | default: |
573 | goto badcode; | | 576 | goto badcode; |
574 | } | | 577 | } |
575 | goto deliver; | | 578 | goto deliver; |
576 | | | 579 | |
577 | case ICMP6_PARAM_PROB: | | 580 | case ICMP6_PARAM_PROB: |
578 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_paramprob); | | 581 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_paramprob); |
579 | switch (code) { | | 582 | switch (code) { |
580 | case ICMP6_PARAMPROB_NEXTHEADER: | | 583 | case ICMP6_PARAMPROB_NEXTHEADER: |
581 | code = PRC_UNREACH_PROTOCOL; | | 584 | code = PRC_UNREACH_PROTOCOL; |
582 | break; | | 585 | break; |
583 | case ICMP6_PARAMPROB_HEADER: | | 586 | case ICMP6_PARAMPROB_HEADER: |
584 | case ICMP6_PARAMPROB_OPTION: | | 587 | case ICMP6_PARAMPROB_OPTION: |
585 | code = PRC_PARAMPROB; | | 588 | code = PRC_PARAMPROB; |
586 | break; | | 589 | break; |
587 | default: | | 590 | default: |
588 | goto badcode; | | 591 | goto badcode; |
589 | } | | 592 | } |
590 | goto deliver; | | 593 | goto deliver; |
591 | | | 594 | |
592 | case ICMP6_ECHO_REQUEST: | | 595 | case ICMP6_ECHO_REQUEST: |
593 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_echo); | | 596 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_echo); |
594 | if (code != 0) | | 597 | if (code != 0) |
595 | goto badcode; | | 598 | goto badcode; |
596 | /* | | 599 | /* |
597 | * Copy mbuf to send to two data paths: userland socket(s), | | 600 | * Copy mbuf to send to two data paths: userland socket(s), |
598 | * and to the querier (echo reply). | | 601 | * and to the querier (echo reply). |
599 | * m: a copy for socket, n: a copy for querier | | 602 | * m: a copy for socket, n: a copy for querier |
600 | * | | 603 | * |
601 | * If the first mbuf is shared, or the first mbuf is too short, | | 604 | * If the first mbuf is shared, or the first mbuf is too short, |
602 | * copy the first part of the data into a fresh mbuf. | | 605 | * copy the first part of the data into a fresh mbuf. |
603 | * Otherwise, we will wrongly overwrite both copies. | | 606 | * Otherwise, we will wrongly overwrite both copies. |
604 | */ | | 607 | */ |
605 | if ((n = m_copym(m, 0, M_COPYALL, M_DONTWAIT)) == NULL) { | | 608 | if ((n = m_copym(m, 0, M_COPYALL, M_DONTWAIT)) == NULL) { |
606 | /* Give up local */ | | 609 | /* Give up local */ |
607 | n = m; | | 610 | n = m; |
608 | m = NULL; | | 611 | m = NULL; |
609 | } else if (M_READONLY(n) || | | 612 | } else if (M_READONLY(n) || |
610 | n->m_len < off + sizeof(struct icmp6_hdr)) { | | 613 | n->m_len < off + sizeof(struct icmp6_hdr)) { |
611 | struct mbuf *n0 = n; | | 614 | struct mbuf *n0 = n; |
612 | | | 615 | |
613 | /* | | 616 | /* |
614 | * Prepare an internal mbuf. m_pullup() doesn't | | 617 | * Prepare an internal mbuf. m_pullup() doesn't |
615 | * always copy the length we specified. | | 618 | * always copy the length we specified. |
616 | */ | | 619 | */ |
617 | if ((n = m_dup(n0, 0, M_COPYALL, M_DONTWAIT)) == NULL) { | | 620 | if ((n = m_dup(n0, 0, M_COPYALL, M_DONTWAIT)) == NULL) { |
618 | /* Give up local */ | | 621 | /* Give up local */ |
619 | n = m; | | 622 | n = m; |
620 | m = NULL; | | 623 | m = NULL; |
621 | } | | 624 | } |
622 | m_freem(n0); | | 625 | m_freem(n0); |
623 | } | | 626 | } |
624 | IP6_EXTHDR_GET(nicmp6,struct icmp6_hdr *, n, off, sizeof(*nicmp6)); | | 627 | IP6_EXTHDR_GET(nicmp6,struct icmp6_hdr *, n, off, sizeof(*nicmp6)); |
625 | nicmp6->icmp6_type = ICMP6_ECHO_REPLY; | | 628 | nicmp6->icmp6_type = ICMP6_ECHO_REPLY; |
626 | nicmp6->icmp6_code = 0; | | 629 | nicmp6->icmp6_code = 0; |
627 | if (n) { | | 630 | if (n) { |
628 | icmp6stat.icp6s_reflect++; | | 631 | icmp6stat.icp6s_reflect++; |
629 | icmp6stat.icp6s_outhist[ICMP6_ECHO_REPLY]++; | | 632 | icmp6stat.icp6s_outhist[ICMP6_ECHO_REPLY]++; |
630 | icmp6_reflect(n, off); | | 633 | icmp6_reflect(n, off); |
631 | } | | 634 | } |
632 | if (!m) | | 635 | if (!m) |
633 | goto freeit; | | 636 | goto freeit; |
634 | break; | | 637 | break; |
635 | | | 638 | |
636 | case ICMP6_ECHO_REPLY: | | 639 | case ICMP6_ECHO_REPLY: |
637 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_echoreply); | | 640 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_echoreply); |
638 | if (code != 0) | | 641 | if (code != 0) |
639 | goto badcode; | | 642 | goto badcode; |
640 | break; | | 643 | break; |
641 | | | 644 | |
642 | case MLD_LISTENER_QUERY: | | 645 | case MLD_LISTENER_QUERY: |
643 | case MLD_LISTENER_REPORT: | | 646 | case MLD_LISTENER_REPORT: |
644 | if (icmp6len < sizeof(struct mld_hdr)) | | 647 | if (icmp6len < sizeof(struct mld_hdr)) |
645 | goto badlen; | | 648 | goto badlen; |
646 | if (icmp6->icmp6_type == MLD_LISTENER_QUERY) /* XXX: ugly... */ | | 649 | if (icmp6->icmp6_type == MLD_LISTENER_QUERY) /* XXX: ugly... */ |
647 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_mldquery); | | 650 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_mldquery); |
648 | else | | 651 | else |
649 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_mldreport); | | 652 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_mldreport); |
650 | if ((n = m_copym(m, 0, M_COPYALL, M_DONTWAIT)) == NULL) { | | 653 | if ((n = m_copym(m, 0, M_COPYALL, M_DONTWAIT)) == NULL) { |
651 | /* give up local */ | | 654 | /* give up local */ |
652 | mld_input(m, off); | | 655 | mld_input(m, off); |
653 | m = NULL; | | 656 | m = NULL; |
654 | goto freeit; | | 657 | goto freeit; |
655 | } | | 658 | } |
656 | mld_input(n, off); | | 659 | mld_input(n, off); |
657 | /* m stays. */ | | 660 | /* m stays. */ |
658 | break; | | 661 | break; |
659 | | | 662 | |
660 | case MLD_LISTENER_DONE: | | 663 | case MLD_LISTENER_DONE: |
661 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_mlddone); | | 664 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_mlddone); |
662 | if (icmp6len < sizeof(struct mld_hdr)) /* necessary? */ | | 665 | if (icmp6len < sizeof(struct mld_hdr)) /* necessary? */ |
663 | goto badlen; | | 666 | goto badlen; |
664 | break; /* nothing to be done in kernel */ | | 667 | break; /* nothing to be done in kernel */ |
665 | | | 668 | |
666 | case MLD_MTRACE_RESP: | | 669 | case MLD_MTRACE_RESP: |
667 | case MLD_MTRACE: | | 670 | case MLD_MTRACE: |
668 | /* XXX: these two are experimental. not officially defined. */ | | 671 | /* XXX: these two are experimental. not officially defined. */ |
669 | /* XXX: per-interface statistics? */ | | 672 | /* XXX: per-interface statistics? */ |
670 | break; /* just pass it to applications */ | | 673 | break; /* just pass it to applications */ |
671 | | | 674 | |
672 | case ICMP6_WRUREQUEST: /* ICMP6_FQDN_QUERY */ | | 675 | case ICMP6_WRUREQUEST: /* ICMP6_FQDN_QUERY */ |
673 | { | | 676 | { |
674 | enum { WRU, FQDN } mode; | | 677 | enum { WRU, FQDN } mode; |
675 | | | 678 | |
676 | if (!icmp6_nodeinfo) | | 679 | if (!icmp6_nodeinfo) |
677 | break; | | 680 | break; |
678 | | | 681 | |
679 | if (icmp6len == sizeof(struct icmp6_hdr) + 4) | | 682 | if (icmp6len == sizeof(struct icmp6_hdr) + 4) |
680 | mode = WRU; | | 683 | mode = WRU; |
681 | else if (icmp6len >= sizeof(struct icmp6_nodeinfo)) | | 684 | else if (icmp6len >= sizeof(struct icmp6_nodeinfo)) |
682 | mode = FQDN; | | 685 | mode = FQDN; |
683 | else | | 686 | else |
684 | goto badlen; | | 687 | goto badlen; |
685 | | | 688 | |
686 | if (mode == FQDN) { | | 689 | if (mode == FQDN) { |
687 | n = m_copym(m, 0, M_COPYALL, M_DONTWAIT); | | 690 | n = m_copym(m, 0, M_COPYALL, M_DONTWAIT); |
688 | if (n) | | 691 | if (n) |
689 | n = ni6_input(n, off); | | 692 | n = ni6_input(n, off); |
690 | /* XXX meaningless if n == NULL */ | | 693 | /* XXX meaningless if n == NULL */ |
691 | noff = sizeof(struct ip6_hdr); | | 694 | noff = sizeof(struct ip6_hdr); |
692 | } else { | | 695 | } else { |
693 | u_char *p; | | 696 | u_char *p; |
694 | int maxhlen; | | 697 | int maxhlen; |
695 | | | 698 | |
696 | if ((icmp6_nodeinfo & 5) != 5) | | 699 | if ((icmp6_nodeinfo & 5) != 5) |
697 | break; | | 700 | break; |
698 | | | 701 | |
699 | if (code != 0) | | 702 | if (code != 0) |
700 | goto badcode; | | 703 | goto badcode; |
701 | MGETHDR(n, M_DONTWAIT, m->m_type); | | 704 | MGETHDR(n, M_DONTWAIT, m->m_type); |
702 | if (n && ICMP6_MAXLEN > MHLEN) { | | 705 | if (n && ICMP6_MAXLEN > MHLEN) { |
703 | MCLGET(n, M_DONTWAIT); | | 706 | MCLGET(n, M_DONTWAIT); |
704 | if ((n->m_flags & M_EXT) == 0) { | | 707 | if ((n->m_flags & M_EXT) == 0) { |
705 | m_free(n); | | 708 | m_free(n); |
706 | n = NULL; | | 709 | n = NULL; |
707 | } | | 710 | } |
708 | } | | 711 | } |
709 | if (n == NULL) { | | 712 | if (n == NULL) { |
710 | /* Give up remote */ | | 713 | /* Give up remote */ |
711 | break; | | 714 | break; |
712 | } | | 715 | } |
713 | n->m_pkthdr.rcvif = NULL; | | 716 | n->m_pkthdr.rcvif = NULL; |
714 | n->m_len = 0; | | 717 | n->m_len = 0; |
715 | maxhlen = M_TRAILINGSPACE(n) - ICMP6_MAXLEN; | | 718 | maxhlen = M_TRAILINGSPACE(n) - ICMP6_MAXLEN; |
716 | if (maxhlen > hostnamelen) | | 719 | if (maxhlen > hostnamelen) |
717 | maxhlen = hostnamelen; | | 720 | maxhlen = hostnamelen; |
718 | /* | | 721 | /* |
719 | * Copy IPv6 and ICMPv6 only. | | 722 | * Copy IPv6 and ICMPv6 only. |
720 | */ | | 723 | */ |
721 | nip6 = mtod(n, struct ip6_hdr *); | | 724 | nip6 = mtod(n, struct ip6_hdr *); |
722 | bcopy(ip6, nip6, sizeof(struct ip6_hdr)); | | 725 | bcopy(ip6, nip6, sizeof(struct ip6_hdr)); |
723 | nicmp6 = (struct icmp6_hdr *)(nip6 + 1); | | 726 | nicmp6 = (struct icmp6_hdr *)(nip6 + 1); |
724 | bcopy(icmp6, nicmp6, sizeof(struct icmp6_hdr)); | | 727 | bcopy(icmp6, nicmp6, sizeof(struct icmp6_hdr)); |
725 | p = (u_char *)(nicmp6 + 1); | | 728 | p = (u_char *)(nicmp6 + 1); |
726 | bzero(p, 4); | | 729 | bzero(p, 4); |
727 | bcopy(hostname, p + 4, maxhlen); /* meaningless TTL */ | | 730 | bcopy(hostname, p + 4, maxhlen); /* meaningless TTL */ |
728 | noff = sizeof(struct ip6_hdr); | | 731 | noff = sizeof(struct ip6_hdr); |
729 | M_COPY_PKTHDR(n, m); /* just for rcvif */ | | 732 | M_COPY_PKTHDR(n, m); /* just for rcvif */ |
730 | n->m_pkthdr.len = n->m_len = sizeof(struct ip6_hdr) + | | 733 | n->m_pkthdr.len = n->m_len = sizeof(struct ip6_hdr) + |
731 | sizeof(struct icmp6_hdr) + 4 + maxhlen; | | 734 | sizeof(struct icmp6_hdr) + 4 + maxhlen; |
732 | nicmp6->icmp6_type = ICMP6_WRUREPLY; | | 735 | nicmp6->icmp6_type = ICMP6_WRUREPLY; |
733 | nicmp6->icmp6_code = 0; | | 736 | nicmp6->icmp6_code = 0; |
734 | } | | 737 | } |
735 | #undef hostnamelen | | 738 | #undef hostnamelen |
736 | if (n) { | | 739 | if (n) { |
737 | icmp6stat.icp6s_reflect++; | | 740 | icmp6stat.icp6s_reflect++; |
738 | icmp6stat.icp6s_outhist[ICMP6_WRUREPLY]++; | | 741 | icmp6stat.icp6s_outhist[ICMP6_WRUREPLY]++; |
739 | icmp6_reflect(n, noff); | | 742 | icmp6_reflect(n, noff); |
740 | } | | 743 | } |
741 | break; | | 744 | break; |
742 | } | | 745 | } |
743 | | | 746 | |
744 | case ICMP6_WRUREPLY: | | 747 | case ICMP6_WRUREPLY: |
745 | if (code != 0) | | 748 | if (code != 0) |
746 | goto badcode; | | 749 | goto badcode; |
747 | break; | | 750 | break; |
748 | | | 751 | |
749 | case ND_ROUTER_SOLICIT: | | 752 | case ND_ROUTER_SOLICIT: |
750 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_routersolicit); | | 753 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_routersolicit); |
751 | if (code != 0) | | 754 | if (code != 0) |
752 | goto badcode; | | 755 | goto badcode; |
753 | if (icmp6len < sizeof(struct nd_router_solicit)) | | 756 | if (icmp6len < sizeof(struct nd_router_solicit)) |
754 | goto badlen; | | 757 | goto badlen; |
755 | if ((n = m_copym(m, 0, M_COPYALL, M_DONTWAIT)) == NULL) { | | 758 | if ((n = m_copym(m, 0, M_COPYALL, M_DONTWAIT)) == NULL) { |
756 | /* give up local */ | | 759 | /* give up local */ |
757 | nd6_rs_input(m, off, icmp6len); | | 760 | nd6_rs_input(m, off, icmp6len); |
758 | m = NULL; | | 761 | m = NULL; |
759 | goto freeit; | | 762 | goto freeit; |
760 | } | | 763 | } |
761 | nd6_rs_input(n, off, icmp6len); | | 764 | nd6_rs_input(n, off, icmp6len); |
762 | /* m stays. */ | | 765 | /* m stays. */ |
763 | break; | | 766 | break; |
764 | | | 767 | |
765 | case ND_ROUTER_ADVERT: | | 768 | case ND_ROUTER_ADVERT: |
766 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_routeradvert); | | 769 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_routeradvert); |
767 | if (code != 0) | | 770 | if (code != 0) |
768 | goto badcode; | | 771 | goto badcode; |
769 | if (icmp6len < sizeof(struct nd_router_advert)) | | 772 | if (icmp6len < sizeof(struct nd_router_advert)) |
770 | goto badlen; | | 773 | goto badlen; |
771 | if ((n = m_copym(m, 0, M_COPYALL, M_DONTWAIT)) == NULL) { | | 774 | if ((n = m_copym(m, 0, M_COPYALL, M_DONTWAIT)) == NULL) { |
772 | /* give up local */ | | 775 | /* give up local */ |
773 | nd6_ra_input(m, off, icmp6len); | | 776 | nd6_ra_input(m, off, icmp6len); |
774 | m = NULL; | | 777 | m = NULL; |
775 | goto freeit; | | 778 | goto freeit; |
776 | } | | 779 | } |
777 | nd6_ra_input(n, off, icmp6len); | | 780 | nd6_ra_input(n, off, icmp6len); |
778 | /* m stays. */ | | 781 | /* m stays. */ |
779 | break; | | 782 | break; |
780 | | | 783 | |
781 | case ND_NEIGHBOR_SOLICIT: | | 784 | case ND_NEIGHBOR_SOLICIT: |
782 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_neighborsolicit); | | 785 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_neighborsolicit); |
783 | if (code != 0) | | 786 | if (code != 0) |
784 | goto badcode; | | 787 | goto badcode; |
785 | if (icmp6len < sizeof(struct nd_neighbor_solicit)) | | 788 | if (icmp6len < sizeof(struct nd_neighbor_solicit)) |
786 | goto badlen; | | 789 | goto badlen; |
787 | if ((n = m_copym(m, 0, M_COPYALL, M_DONTWAIT)) == NULL) { | | 790 | if ((n = m_copym(m, 0, M_COPYALL, M_DONTWAIT)) == NULL) { |
788 | /* give up local */ | | 791 | /* give up local */ |
789 | nd6_ns_input(m, off, icmp6len); | | 792 | nd6_ns_input(m, off, icmp6len); |
790 | m = NULL; | | 793 | m = NULL; |
791 | goto freeit; | | 794 | goto freeit; |
792 | } | | 795 | } |
793 | nd6_ns_input(n, off, icmp6len); | | 796 | nd6_ns_input(n, off, icmp6len); |
794 | /* m stays. */ | | 797 | /* m stays. */ |
795 | break; | | 798 | break; |
796 | | | 799 | |
797 | case ND_NEIGHBOR_ADVERT: | | 800 | case ND_NEIGHBOR_ADVERT: |
798 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_neighboradvert); | | 801 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_neighboradvert); |
799 | if (code != 0) | | 802 | if (code != 0) |
800 | goto badcode; | | 803 | goto badcode; |
801 | if (icmp6len < sizeof(struct nd_neighbor_advert)) | | 804 | if (icmp6len < sizeof(struct nd_neighbor_advert)) |
802 | goto badlen; | | 805 | goto badlen; |
803 | if ((n = m_copym(m, 0, M_COPYALL, M_DONTWAIT)) == NULL) { | | 806 | if ((n = m_copym(m, 0, M_COPYALL, M_DONTWAIT)) == NULL) { |
804 | /* give up local */ | | 807 | /* give up local */ |
805 | nd6_na_input(m, off, icmp6len); | | 808 | nd6_na_input(m, off, icmp6len); |
806 | m = NULL; | | 809 | m = NULL; |
807 | goto freeit; | | 810 | goto freeit; |
808 | } | | 811 | } |
809 | nd6_na_input(n, off, icmp6len); | | 812 | nd6_na_input(n, off, icmp6len); |
810 | /* m stays. */ | | 813 | /* m stays. */ |
811 | break; | | 814 | break; |
812 | | | 815 | |
813 | case ND_REDIRECT: | | 816 | case ND_REDIRECT: |
814 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_redirect); | | 817 | icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_redirect); |
815 | if (code != 0) | | 818 | if (code != 0) |
816 | goto badcode; | | 819 | goto badcode; |
817 | if (icmp6len < sizeof(struct nd_redirect)) | | 820 | if (icmp6len < sizeof(struct nd_redirect)) |
818 | goto badlen; | | 821 | goto badlen; |
819 | if ((n = m_copym(m, 0, M_COPYALL, M_DONTWAIT)) == NULL) { | | 822 | if ((n = m_copym(m, 0, M_COPYALL, M_DONTWAIT)) == NULL) { |
820 | /* give up local */ | | 823 | /* give up local */ |
821 | icmp6_redirect_input(m, off); | | 824 | icmp6_redirect_input(m, off); |
822 | m = NULL; | | 825 | m = NULL; |
823 | goto freeit; | | 826 | goto freeit; |
824 | } | | 827 | } |
825 | icmp6_redirect_input(n, off); | | 828 | icmp6_redirect_input(n, off); |
826 | /* m stays. */ | | 829 | /* m stays. */ |
827 | break; | | 830 | break; |
828 | | | 831 | |
829 | case ICMP6_ROUTER_RENUMBERING: | | 832 | case ICMP6_ROUTER_RENUMBERING: |
830 | if (code != ICMP6_ROUTER_RENUMBERING_COMMAND && | | 833 | if (code != ICMP6_ROUTER_RENUMBERING_COMMAND && |
831 | code != ICMP6_ROUTER_RENUMBERING_RESULT) | | 834 | code != ICMP6_ROUTER_RENUMBERING_RESULT) |
832 | goto badcode; | | 835 | goto badcode; |
833 | if (icmp6len < sizeof(struct icmp6_router_renum)) | | 836 | if (icmp6len < sizeof(struct icmp6_router_renum)) |
834 | goto badlen; | | 837 | goto badlen; |
835 | break; | | 838 | break; |
836 | | | 839 | |
837 | default: | | 840 | default: |
838 | nd6log((LOG_DEBUG, | | 841 | nd6log((LOG_DEBUG, |
839 | "icmp6_input: unknown type %d(src=%s, dst=%s, ifid=%d)\n", | | 842 | "icmp6_input: unknown type %d(src=%s, dst=%s, ifid=%d)\n", |
840 | icmp6->icmp6_type, ip6_sprintf(&ip6->ip6_src), | | 843 | icmp6->icmp6_type, ip6_sprintf(&ip6->ip6_src), |
841 | ip6_sprintf(&ip6->ip6_dst), | | 844 | ip6_sprintf(&ip6->ip6_dst), |
842 | m->m_pkthdr.rcvif ? m->m_pkthdr.rcvif->if_index : 0)); | | 845 | m->m_pkthdr.rcvif ? m->m_pkthdr.rcvif->if_index : 0)); |
843 | if (icmp6->icmp6_type < ICMP6_ECHO_REQUEST) { | | 846 | if (icmp6->icmp6_type < ICMP6_ECHO_REQUEST) { |
844 | /* ICMPv6 error: MUST deliver it by spec... */ | | 847 | /* ICMPv6 error: MUST deliver it by spec... */ |
845 | code = PRC_NCMDS; | | 848 | code = PRC_NCMDS; |
846 | /* deliver */ | | 849 | /* deliver */ |
847 | } else { | | 850 | } else { |
848 | /* ICMPv6 informational: MUST not deliver */ | | 851 | /* ICMPv6 informational: MUST not deliver */ |
849 | break; | | 852 | break; |
850 | } | | 853 | } |
851 | deliver: | | 854 | deliver: |
852 | if (icmp6_notify_error(m, off, icmp6len, code)) { | | 855 | if (icmp6_notify_error(m, off, icmp6len, code)) { |
853 | /* In this case, m should've been freed. */ | | 856 | /* In this case, m should've been freed. */ |
854 | return (IPPROTO_DONE); | | 857 | return (IPPROTO_DONE); |
855 | } | | 858 | } |
856 | break; | | 859 | break; |
857 | | | 860 | |
858 | badcode: | | 861 | badcode: |
859 | icmp6stat.icp6s_badcode++; | | 862 | icmp6stat.icp6s_badcode++; |
860 | break; | | 863 | break; |
861 | | | 864 | |
862 | badlen: | | 865 | badlen: |
863 | icmp6stat.icp6s_badlen++; | | 866 | icmp6stat.icp6s_badlen++; |
864 | break; | | 867 | break; |
865 | } | | 868 | } |
866 | | | 869 | |
867 | /* deliver the packet to appropriate sockets */ | | 870 | /* deliver the packet to appropriate sockets */ |
868 | icmp6_rip6_input(&m, *offp); | | 871 | icmp6_rip6_input(&m, *offp); |
869 | | | 872 | |
870 | return IPPROTO_DONE; | | 873 | return IPPROTO_DONE; |
871 | | | 874 | |
872 | freeit: | | 875 | freeit: |
873 | m_freem(m); | | 876 | m_freem(m); |
874 | return IPPROTO_DONE; | | 877 | return IPPROTO_DONE; |
875 | } | | 878 | } |
876 | | | 879 | |
877 | static int | | 880 | static int |
878 | icmp6_notify_error(m, off, icmp6len, code) | | 881 | icmp6_notify_error(m, off, icmp6len, code) |
879 | struct mbuf *m; | | 882 | struct mbuf *m; |
880 | int off, icmp6len, code; | | 883 | int off, icmp6len, code; |
881 | { | | 884 | { |
882 | struct icmp6_hdr *icmp6; | | 885 | struct icmp6_hdr *icmp6; |
883 | struct ip6_hdr *eip6; | | 886 | struct ip6_hdr *eip6; |
884 | u_int32_t notifymtu; | | 887 | u_int32_t notifymtu; |
885 | struct sockaddr_in6 icmp6src, icmp6dst; | | 888 | struct sockaddr_in6 icmp6src, icmp6dst; |
886 | | | 889 | |
887 | if (icmp6len < sizeof(struct icmp6_hdr) + sizeof(struct ip6_hdr)) { | | 890 | if (icmp6len < sizeof(struct icmp6_hdr) + sizeof(struct ip6_hdr)) { |
888 | icmp6stat.icp6s_tooshort++; | | 891 | icmp6stat.icp6s_tooshort++; |
889 | goto freeit; | | 892 | goto freeit; |
890 | } | | 893 | } |
891 | IP6_EXTHDR_GET(icmp6, struct icmp6_hdr *, m, off, | | 894 | IP6_EXTHDR_GET(icmp6, struct icmp6_hdr *, m, off, |
892 | sizeof(*icmp6) + sizeof(struct ip6_hdr)); | | 895 | sizeof(*icmp6) + sizeof(struct ip6_hdr)); |
893 | if (icmp6 == NULL) { | | 896 | if (icmp6 == NULL) { |
894 | icmp6stat.icp6s_tooshort++; | | 897 | icmp6stat.icp6s_tooshort++; |
895 | return (-1); | | 898 | return (-1); |
896 | } | | 899 | } |
897 | eip6 = (struct ip6_hdr *)(icmp6 + 1); | | 900 | eip6 = (struct ip6_hdr *)(icmp6 + 1); |
898 | | | 901 | |
899 | /* Detect the upper level protocol */ | | 902 | /* Detect the upper level protocol */ |
900 | { | | 903 | { |
901 | void (*ctlfunc) __P((int, struct sockaddr *, void *)); | | 904 | void (*ctlfunc) __P((int, struct sockaddr *, void *)); |
902 | u_int8_t nxt = eip6->ip6_nxt; | | 905 | u_int8_t nxt = eip6->ip6_nxt; |
903 | int eoff = off + sizeof(struct icmp6_hdr) + | | 906 | int eoff = off + sizeof(struct icmp6_hdr) + |
904 | sizeof(struct ip6_hdr); | | 907 | sizeof(struct ip6_hdr); |
905 | struct ip6ctlparam ip6cp; | | 908 | struct ip6ctlparam ip6cp; |
906 | struct in6_addr *finaldst = NULL; | | 909 | struct in6_addr *finaldst = NULL; |
907 | int icmp6type = icmp6->icmp6_type; | | 910 | int icmp6type = icmp6->icmp6_type; |
908 | struct ip6_frag *fh; | | 911 | struct ip6_frag *fh; |
909 | struct ip6_rthdr *rth; | | 912 | struct ip6_rthdr *rth; |
910 | struct ip6_rthdr0 *rth0; | | 913 | struct ip6_rthdr0 *rth0; |
911 | int rthlen; | | 914 | int rthlen; |
912 | | | 915 | |
913 | while (1) { /* XXX: should avoid infinite loop explicitly? */ | | 916 | while (1) { /* XXX: should avoid infinite loop explicitly? */ |
914 | struct ip6_ext *eh; | | 917 | struct ip6_ext *eh; |
915 | | | 918 | |
916 | switch (nxt) { | | 919 | switch (nxt) { |
917 | case IPPROTO_HOPOPTS: | | 920 | case IPPROTO_HOPOPTS: |
918 | case IPPROTO_DSTOPTS: | | 921 | case IPPROTO_DSTOPTS: |
919 | case IPPROTO_AH: | | 922 | case IPPROTO_AH: |
920 | IP6_EXTHDR_GET(eh, struct ip6_ext *, m, | | 923 | IP6_EXTHDR_GET(eh, struct ip6_ext *, m, |
921 | eoff, sizeof(*eh)); | | 924 | eoff, sizeof(*eh)); |
922 | if (eh == NULL) { | | 925 | if (eh == NULL) { |
923 | icmp6stat.icp6s_tooshort++; | | 926 | icmp6stat.icp6s_tooshort++; |
924 | return (-1); | | 927 | return (-1); |
925 | } | | 928 | } |
926 | | | 929 | |
927 | if (nxt == IPPROTO_AH) | | 930 | if (nxt == IPPROTO_AH) |
928 | eoff += (eh->ip6e_len + 2) << 2; | | 931 | eoff += (eh->ip6e_len + 2) << 2; |
929 | else | | 932 | else |
930 | eoff += (eh->ip6e_len + 1) << 3; | | 933 | eoff += (eh->ip6e_len + 1) << 3; |
931 | nxt = eh->ip6e_nxt; | | 934 | nxt = eh->ip6e_nxt; |
932 | break; | | 935 | break; |
933 | case IPPROTO_ROUTING: | | 936 | case IPPROTO_ROUTING: |
934 | /* | | 937 | /* |
935 | * When the erroneous packet contains a | | 938 | * When the erroneous packet contains a |
936 | * routing header, we should examine the | | 939 | * routing header, we should examine the |
937 | * header to determine the final destination. | | 940 | * header to determine the final destination. |
938 | * Otherwise, we can't properly update | | 941 | * Otherwise, we can't properly update |
939 | * information that depends on the final | | 942 | * information that depends on the final |
940 | * destination (e.g. path MTU). | | 943 | * destination (e.g. path MTU). |
941 | */ | | 944 | */ |
942 | IP6_EXTHDR_GET(rth, struct ip6_rthdr *, m, | | 945 | IP6_EXTHDR_GET(rth, struct ip6_rthdr *, m, |
943 | eoff, sizeof(*rth)); | | 946 | eoff, sizeof(*rth)); |
944 | if (rth == NULL) { | | 947 | if (rth == NULL) { |
945 | icmp6stat.icp6s_tooshort++; | | 948 | icmp6stat.icp6s_tooshort++; |
946 | return (-1); | | 949 | return (-1); |
947 | } | | 950 | } |
948 | rthlen = (rth->ip6r_len + 1) << 3; | | 951 | rthlen = (rth->ip6r_len + 1) << 3; |
949 | /* | | 952 | /* |
950 | * XXX: currently there is no | | 953 | * XXX: currently there is no |
951 | * officially defined type other | | 954 | * officially defined type other |
952 | * than type-0. | | 955 | * than type-0. |
953 | * Note that if the segment left field | | 956 | * Note that if the segment left field |
954 | * is 0, all intermediate hops must | | 957 | * is 0, all intermediate hops must |
955 | * have been passed. | | 958 | * have been passed. |
956 | */ | | 959 | */ |
957 | if (rth->ip6r_segleft && | | 960 | if (rth->ip6r_segleft && |
958 | rth->ip6r_type == IPV6_RTHDR_TYPE_0) { | | 961 | rth->ip6r_type == IPV6_RTHDR_TYPE_0) { |
959 | int hops; | | 962 | int hops; |
960 | | | 963 | |
961 | IP6_EXTHDR_GET(rth0, | | 964 | IP6_EXTHDR_GET(rth0, |
962 | struct ip6_rthdr0 *, m, | | 965 | struct ip6_rthdr0 *, m, |
963 | eoff, rthlen); | | 966 | eoff, rthlen); |
964 | if (rth0 == NULL) { | | 967 | if (rth0 == NULL) { |
965 | icmp6stat.icp6s_tooshort++; | | 968 | icmp6stat.icp6s_tooshort++; |
966 | return (-1); | | 969 | return (-1); |
967 | } | | 970 | } |
968 | /* just ignore a bogus header */ | | 971 | /* just ignore a bogus header */ |
969 | if ((rth0->ip6r0_len % 2) == 0 && | | 972 | if ((rth0->ip6r0_len % 2) == 0 && |
970 | (hops = rth0->ip6r0_len/2)) | | 973 | (hops = rth0->ip6r0_len/2)) |
971 | finaldst = (struct in6_addr *)(rth0 + 1) + (hops - 1); | | 974 | finaldst = (struct in6_addr *)(rth0 + 1) + (hops - 1); |
972 | } | | 975 | } |
973 | eoff += rthlen; | | 976 | eoff += rthlen; |
974 | nxt = rth->ip6r_nxt; | | 977 | nxt = rth->ip6r_nxt; |
975 | break; | | 978 | break; |
976 | case IPPROTO_FRAGMENT: | | 979 | case IPPROTO_FRAGMENT: |
977 | IP6_EXTHDR_GET(fh, struct ip6_frag *, m, | | 980 | IP6_EXTHDR_GET(fh, struct ip6_frag *, m, |
978 | eoff, sizeof(*fh)); | | 981 | eoff, sizeof(*fh)); |
979 | if (fh == NULL) { | | 982 | if (fh == NULL) { |
980 | icmp6stat.icp6s_tooshort++; | | 983 | icmp6stat.icp6s_tooshort++; |
981 | return (-1); | | 984 | return (-1); |
982 | } | | 985 | } |
983 | /* | | 986 | /* |
984 | * Data after a fragment header is meaningless | | 987 | * Data after a fragment header is meaningless |
985 | * unless it is the first fragment, but | | 988 | * unless it is the first fragment, but |
986 | * we'll go to the notify label for path MTU | | 989 | * we'll go to the notify label for path MTU |
987 | * discovery. | | 990 | * discovery. |
988 | */ | | 991 | */ |
989 | if (fh->ip6f_offlg & IP6F_OFF_MASK) | | 992 | if (fh->ip6f_offlg & IP6F_OFF_MASK) |
990 | goto notify; | | 993 | goto notify; |
991 | | | 994 | |
992 | eoff += sizeof(struct ip6_frag); | | 995 | eoff += sizeof(struct ip6_frag); |
993 | nxt = fh->ip6f_nxt; | | 996 | nxt = fh->ip6f_nxt; |
994 | break; | | 997 | break; |
995 | default: | | 998 | default: |
996 | /* | | 999 | /* |
997 | * This case includes ESP and the No Next | | 1000 | * This case includes ESP and the No Next |
998 | * Header. In such cases going to the notify | | 1001 | * Header. In such cases going to the notify |
999 | * label does not have any meaning | | 1002 | * label does not have any meaning |
1000 | * (i.e. ctlfunc will be NULL), but we go | | 1003 | * (i.e. ctlfunc will be NULL), but we go |
1001 | * anyway since we might have to update | | 1004 | * anyway since we might have to update |
1002 | * path MTU information. | | 1005 | * path MTU information. |
1003 | */ | | 1006 | */ |
1004 | goto notify; | | 1007 | goto notify; |
1005 | } | | 1008 | } |
1006 | } | | 1009 | } |
1007 | notify: | | 1010 | notify: |
1008 | IP6_EXTHDR_GET(icmp6, struct icmp6_hdr *, m, off, | | 1011 | IP6_EXTHDR_GET(icmp6, struct icmp6_hdr *, m, off, |
1009 | sizeof(*icmp6) + sizeof(struct ip6_hdr)); | | 1012 | sizeof(*icmp6) + sizeof(struct ip6_hdr)); |
1010 | if (icmp6 == NULL) { | | 1013 | if (icmp6 == NULL) { |
1011 | icmp6stat.icp6s_tooshort++; | | 1014 | icmp6stat.icp6s_tooshort++; |
1012 | return (-1); | | 1015 | return (-1); |
1013 | } | | 1016 | } |
1014 | | | 1017 | |
1015 | /* | | 1018 | /* |
1016 | * retrieve parameters from the inner IPv6 header, and convert | | 1019 | * retrieve parameters from the inner IPv6 header, and convert |
1017 | * them into sockaddr structures. | | 1020 | * them into sockaddr structures. |
1018 | * XXX: there is no guarantee that the source or destination | | 1021 | * XXX: there is no guarantee that the source or destination |
1019 | * addresses of the inner packet are in the same scope zone as | | 1022 | * addresses of the inner packet are in the same scope zone as |
1020 | * the addresses of the icmp packet. But there is no other | | 1023 | * the addresses of the icmp packet. But there is no other |
1021 | * way to determine the zone. | | 1024 | * way to determine the zone. |
1022 | */ | | 1025 | */ |
1023 | eip6 = (struct ip6_hdr *)(icmp6 + 1); | | 1026 | eip6 = (struct ip6_hdr *)(icmp6 + 1); |
1024 | | | 1027 | |
1025 | bzero(&icmp6dst, sizeof(icmp6dst)); | | 1028 | bzero(&icmp6dst, sizeof(icmp6dst)); |
1026 | icmp6dst.sin6_len = sizeof(struct sockaddr_in6); | | 1029 | icmp6dst.sin6_len = sizeof(struct sockaddr_in6); |
1027 | icmp6dst.sin6_family = AF_INET6; | | 1030 | icmp6dst.sin6_family = AF_INET6; |
1028 | if (finaldst == NULL) | | 1031 | if (finaldst == NULL) |
1029 | icmp6dst.sin6_addr = eip6->ip6_dst; | | 1032 | icmp6dst.sin6_addr = eip6->ip6_dst; |
1030 | else | | 1033 | else |
1031 | icmp6dst.sin6_addr = *finaldst; | | 1034 | icmp6dst.sin6_addr = *finaldst; |
1032 | if (in6_setscope(&icmp6dst.sin6_addr, m->m_pkthdr.rcvif, NULL)) | | 1035 | if (in6_setscope(&icmp6dst.sin6_addr, m->m_pkthdr.rcvif, NULL)) |
1033 | goto freeit; | | 1036 | goto freeit; |
1034 | bzero(&icmp6src, sizeof(icmp6src)); | | 1037 | bzero(&icmp6src, sizeof(icmp6src)); |
1035 | icmp6src.sin6_len = sizeof(struct sockaddr_in6); | | 1038 | icmp6src.sin6_len = sizeof(struct sockaddr_in6); |
1036 | icmp6src.sin6_family = AF_INET6; | | 1039 | icmp6src.sin6_family = AF_INET6; |
1037 | icmp6src.sin6_addr = eip6->ip6_src; | | 1040 | icmp6src.sin6_addr = eip6->ip6_src; |
1038 | if (in6_setscope(&icmp6src.sin6_addr, m->m_pkthdr.rcvif, NULL)) | | 1041 | if (in6_setscope(&icmp6src.sin6_addr, m->m_pkthdr.rcvif, NULL)) |
1039 | goto freeit; | | 1042 | goto freeit; |
1040 | icmp6src.sin6_flowinfo = | | 1043 | icmp6src.sin6_flowinfo = |
1041 | (eip6->ip6_flow & IPV6_FLOWLABEL_MASK); | | 1044 | (eip6->ip6_flow & IPV6_FLOWLABEL_MASK); |
1042 | | | 1045 | |
1043 | if (finaldst == NULL) | | 1046 | if (finaldst == NULL) |
1044 | finaldst = &eip6->ip6_dst; | | 1047 | finaldst = &eip6->ip6_dst; |
1045 | ip6cp.ip6c_m = m; | | 1048 | ip6cp.ip6c_m = m; |
1046 | ip6cp.ip6c_icmp6 = icmp6; | | 1049 | ip6cp.ip6c_icmp6 = icmp6; |
1047 | ip6cp.ip6c_ip6 = (struct ip6_hdr *)(icmp6 + 1); | | 1050 | ip6cp.ip6c_ip6 = (struct ip6_hdr *)(icmp6 + 1); |
1048 | ip6cp.ip6c_off = eoff; | | 1051 | ip6cp.ip6c_off = eoff; |
1049 | ip6cp.ip6c_finaldst = finaldst; | | 1052 | ip6cp.ip6c_finaldst = finaldst; |
1050 | ip6cp.ip6c_src = &icmp6src; | | 1053 | ip6cp.ip6c_src = &icmp6src; |
1051 | ip6cp.ip6c_nxt = nxt; | | 1054 | ip6cp.ip6c_nxt = nxt; |
1052 | | | 1055 | |
1053 | if (icmp6type == ICMP6_PACKET_TOO_BIG) { | | 1056 | if (icmp6type == ICMP6_PACKET_TOO_BIG) { |
1054 | notifymtu = ntohl(icmp6->icmp6_mtu); | | 1057 | notifymtu = ntohl(icmp6->icmp6_mtu); |
1055 | ip6cp.ip6c_cmdarg = (void *)¬ifymtu; | | 1058 | ip6cp.ip6c_cmdarg = (void *)¬ifymtu; |
1056 | } | | 1059 | } |
1057 | | | 1060 | |
1058 | ctlfunc = (void (*) __P((int, struct sockaddr *, void *))) | | 1061 | ctlfunc = (void (*) __P((int, struct sockaddr *, void *))) |
1059 | (inet6sw[ip6_protox[nxt]].pr_ctlinput); | | 1062 | (inet6sw[ip6_protox[nxt]].pr_ctlinput); |
1060 | if (ctlfunc) { | | 1063 | if (ctlfunc) { |
1061 | (void) (*ctlfunc)(code, (struct sockaddr *)&icmp6dst, | | 1064 | (void) (*ctlfunc)(code, (struct sockaddr *)&icmp6dst, |
1062 | &ip6cp); | | 1065 | &ip6cp); |
1063 | } | | 1066 | } |
1064 | } | | 1067 | } |
1065 | return (0); | | 1068 | return (0); |
1066 | | | 1069 | |
1067 | freeit: | | 1070 | freeit: |
1068 | m_freem(m); | | 1071 | m_freem(m); |
1069 | return (-1); | | 1072 | return (-1); |
1070 | } | | 1073 | } |
1071 | | | 1074 | |
1072 | void | | 1075 | void |
1073 | icmp6_mtudisc_update(ip6cp, validated) | | 1076 | icmp6_mtudisc_update(ip6cp, validated) |
1074 | struct ip6ctlparam *ip6cp; | | 1077 | struct ip6ctlparam *ip6cp; |
1075 | int validated; | | 1078 | int validated; |
1076 | { | | 1079 | { |
1077 | unsigned long rtcount; | | 1080 | unsigned long rtcount; |
1078 | struct icmp6_mtudisc_callback *mc; | | 1081 | struct icmp6_mtudisc_callback *mc; |
1079 | struct in6_addr *dst = ip6cp->ip6c_finaldst; | | 1082 | struct in6_addr *dst = ip6cp->ip6c_finaldst; |
1080 | struct icmp6_hdr *icmp6 = ip6cp->ip6c_icmp6; | | 1083 | struct icmp6_hdr *icmp6 = ip6cp->ip6c_icmp6; |
1081 | struct mbuf *m = ip6cp->ip6c_m; /* will be necessary for scope issue */ | | 1084 | struct mbuf *m = ip6cp->ip6c_m; /* will be necessary for scope issue */ |
1082 | u_int mtu = ntohl(icmp6->icmp6_mtu); | | 1085 | u_int mtu = ntohl(icmp6->icmp6_mtu); |
1083 | struct rtentry *rt = NULL; | | 1086 | struct rtentry *rt = NULL; |
1084 | struct sockaddr_in6 sin6; | | 1087 | struct sockaddr_in6 sin6; |
1085 | | | 1088 | |
1086 | /* | | 1089 | /* |
| | | 1090 | * The MTU should not be less than the minimal IPv6 MTU except for the |
| | | 1091 | * hack in ip6_output/ip6_setpmtu where we always include a frag header. |
| | | 1092 | * In that one case, the MTU might be less than 1280. |
| | | 1093 | */ |
| | | 1094 | if (__predict_false(mtu < IPV6_MMTU - sizeof(struct ip6_frag))) { |
| | | 1095 | /* is the mtu even sane? */ |
| | | 1096 | if (mtu < sizeof(struct ip6_hdr) + sizeof(struct ip6_frag) + 8) |
| | | 1097 | return; |
| | | 1098 | if (!validated) |
| | | 1099 | return; |
| | | 1100 | mtu = IPV6_MMTU - sizeof(struct ip6_frag); |
| | | 1101 | } |
| | | 1102 | |
| | | 1103 | /* |
1087 | * allow non-validated cases if memory is plenty, to make traffic | | 1104 | * allow non-validated cases if memory is plenty, to make traffic |
1088 | * from non-connected pcb happy. | | 1105 | * from non-connected pcb happy. |
1089 | */ | | 1106 | */ |
1090 | rtcount = rt_timer_count(icmp6_mtudisc_timeout_q); | | 1107 | rtcount = rt_timer_count(icmp6_mtudisc_timeout_q); |
1091 | if (validated) { | | 1108 | if (validated) { |
1092 | if (0 <= icmp6_mtudisc_hiwat && rtcount > icmp6_mtudisc_hiwat) | | 1109 | if (0 <= icmp6_mtudisc_hiwat && rtcount > icmp6_mtudisc_hiwat) |
1093 | return; | | 1110 | return; |
1094 | else if (0 <= icmp6_mtudisc_lowat && | | 1111 | else if (0 <= icmp6_mtudisc_lowat && |
1095 | rtcount > icmp6_mtudisc_lowat) { | | 1112 | rtcount > icmp6_mtudisc_lowat) { |
1096 | /* | | 1113 | /* |
1097 | * XXX nuke a victim, install the new one. | | 1114 | * XXX nuke a victim, install the new one. |
1098 | */ | | 1115 | */ |
1099 | } | | 1116 | } |
1100 | } else { | | 1117 | } else { |
1101 | if (0 <= icmp6_mtudisc_lowat && rtcount > icmp6_mtudisc_lowat) | | 1118 | if (0 <= icmp6_mtudisc_lowat && rtcount > icmp6_mtudisc_lowat) |
1102 | return; | | 1119 | return; |
1103 | } | | 1120 | } |
1104 | | | 1121 | |
1105 | bzero(&sin6, sizeof(sin6)); | | 1122 | bzero(&sin6, sizeof(sin6)); |
1106 | sin6.sin6_family = PF_INET6; | | 1123 | sin6.sin6_family = PF_INET6; |
1107 | sin6.sin6_len = sizeof(struct sockaddr_in6); | | 1124 | sin6.sin6_len = sizeof(struct sockaddr_in6); |
1108 | sin6.sin6_addr = *dst; | | 1125 | sin6.sin6_addr = *dst; |
1109 | if (in6_setscope(&sin6.sin6_addr, m->m_pkthdr.rcvif, NULL)) | | 1126 | if (in6_setscope(&sin6.sin6_addr, m->m_pkthdr.rcvif, NULL)) |
1110 | return; | | 1127 | return; |
1111 | | | 1128 | |
1112 | rt = icmp6_mtudisc_clone((struct sockaddr *)&sin6); | | 1129 | rt = icmp6_mtudisc_clone((struct sockaddr *)&sin6); |
1113 | | | 1130 | |
1114 | if (rt && (rt->rt_flags & RTF_HOST) && | | 1131 | if (rt && (rt->rt_flags & RTF_HOST) && |
1115 | !(rt->rt_rmx.rmx_locks & RTV_MTU) && | | 1132 | !(rt->rt_rmx.rmx_locks & RTV_MTU) && |
1116 | (rt->rt_rmx.rmx_mtu > mtu || rt->rt_rmx.rmx_mtu == 0)) { | | 1133 | (rt->rt_rmx.rmx_mtu > mtu || rt->rt_rmx.rmx_mtu == 0)) { |
1117 | if (mtu < IN6_LINKMTU(rt->rt_ifp)) { | | 1134 | if (mtu < IN6_LINKMTU(rt->rt_ifp)) { |
1118 | icmp6stat.icp6s_pmtuchg++; | | 1135 | icmp6stat.icp6s_pmtuchg++; |
1119 | rt->rt_rmx.rmx_mtu = mtu; | | 1136 | rt->rt_rmx.rmx_mtu = mtu; |
1120 | } | | 1137 | } |
1121 | } | | 1138 | } |
1122 | if (rt) { /* XXX: need braces to avoid conflict with else in RTFREE. */ | | 1139 | if (rt) { /* XXX: need braces to avoid conflict with else in RTFREE. */ |
1123 | RTFREE(rt); | | 1140 | RTFREE(rt); |
1124 | } | | 1141 | } |
1125 | | | 1142 | |
1126 | /* | | 1143 | /* |
1127 | * Notify protocols that the MTU for this destination | | 1144 | * Notify protocols that the MTU for this destination |
1128 | * has changed. | | 1145 | * has changed. |
1129 | */ | | 1146 | */ |
1130 | for (mc = LIST_FIRST(&icmp6_mtudisc_callbacks); mc != NULL; | | 1147 | for (mc = LIST_FIRST(&icmp6_mtudisc_callbacks); mc != NULL; |
1131 | mc = LIST_NEXT(mc, mc_list)) | | 1148 | mc = LIST_NEXT(mc, mc_list)) |
1132 | (*mc->mc_func)(&sin6.sin6_addr); | | 1149 | (*mc->mc_func)(&sin6.sin6_addr); |
1133 | } | | 1150 | } |
1134 | | | 1151 | |
1135 | /* | | 1152 | /* |
1136 | * Process a Node Information Query packet, based on | | 1153 | * Process a Node Information Query packet, based on |
1137 | * draft-ietf-ipngwg-icmp-name-lookups-07. | | 1154 | * draft-ietf-ipngwg-icmp-name-lookups-07. |
1138 | * | | 1155 | * |
1139 | * Spec incompatibilities: | | 1156 | * Spec incompatibilities: |
1140 | * - IPv6 Subject address handling | | 1157 | * - IPv6 Subject address handling |
1141 | * - IPv4 Subject address handling support missing | | 1158 | * - IPv4 Subject address handling support missing |
1142 | * - Proxy reply (answer even if it's not for me) | | 1159 | * - Proxy reply (answer even if it's not for me) |
1143 | * - joins NI group address at in6_ifattach() time only, does not cope | | 1160 | * - joins NI group address at in6_ifattach() time only, does not cope |
1144 | * with hostname changes by sethostname(3) | | 1161 | * with hostname changes by sethostname(3) |
1145 | */ | | 1162 | */ |
1146 | #ifndef offsetof /* XXX */ | | 1163 | #ifndef offsetof /* XXX */ |
1147 | #define offsetof(type, member) ((size_t)(&((type *)0)->member)) | | 1164 | #define offsetof(type, member) ((size_t)(&((type *)0)->member)) |
1148 | #endif | | 1165 | #endif |
1149 | static struct mbuf * | | 1166 | static struct mbuf * |
1150 | ni6_input(m, off) | | 1167 | ni6_input(m, off) |
1151 | struct mbuf *m; | | 1168 | struct mbuf *m; |
1152 | int off; | | 1169 | int off; |
1153 | { | | 1170 | { |
1154 | struct icmp6_nodeinfo *ni6, *nni6; | | 1171 | struct icmp6_nodeinfo *ni6, *nni6; |
1155 | struct mbuf *n = NULL; | | 1172 | struct mbuf *n = NULL; |
1156 | u_int16_t qtype; | | 1173 | u_int16_t qtype; |
1157 | int subjlen; | | 1174 | int subjlen; |
1158 | int replylen = sizeof(struct ip6_hdr) + sizeof(struct icmp6_nodeinfo); | | 1175 | int replylen = sizeof(struct ip6_hdr) + sizeof(struct icmp6_nodeinfo); |
1159 | struct ni_reply_fqdn *fqdn; | | 1176 | struct ni_reply_fqdn *fqdn; |
1160 | int addrs; /* for NI_QTYPE_NODEADDR */ | | 1177 | int addrs; /* for NI_QTYPE_NODEADDR */ |
1161 | struct ifnet *ifp = NULL; /* for NI_QTYPE_NODEADDR */ | | 1178 | struct ifnet *ifp = NULL; /* for NI_QTYPE_NODEADDR */ |
1162 | struct sockaddr_in6 sin6; /* ip6_dst */ | | 1179 | struct sockaddr_in6 sin6; /* ip6_dst */ |
1163 | struct in6_addr in6_subj; /* subject address */ | | 1180 | struct in6_addr in6_subj; /* subject address */ |
1164 | struct ip6_hdr *ip6; | | 1181 | struct ip6_hdr *ip6; |
1165 | int oldfqdn = 0; /* if 1, return pascal string (03 draft) */ | | 1182 | int oldfqdn = 0; /* if 1, return pascal string (03 draft) */ |
1166 | char *subj = NULL; | | 1183 | char *subj = NULL; |
1167 | | | 1184 | |
1168 | ip6 = mtod(m, struct ip6_hdr *); | | 1185 | ip6 = mtod(m, struct ip6_hdr *); |
1169 | IP6_EXTHDR_GET(ni6, struct icmp6_nodeinfo *, m, off, sizeof(*ni6)); | | 1186 | IP6_EXTHDR_GET(ni6, struct icmp6_nodeinfo *, m, off, sizeof(*ni6)); |
1170 | if (ni6 == NULL) { | | 1187 | if (ni6 == NULL) { |
1171 | /* m is already reclaimed */ | | 1188 | /* m is already reclaimed */ |
1172 | return NULL; | | 1189 | return NULL; |
1173 | } | | 1190 | } |
1174 | | | 1191 | |
1175 | /* | | 1192 | /* |
1176 | * Validate IPv6 destination address. | | 1193 | * Validate IPv6 destination address. |
1177 | * | | 1194 | * |
1178 | * The Responder must discard the Query without further processing | | 1195 | * The Responder must discard the Query without further processing |
1179 | * unless it is one of the Responder's unicast or anycast addresses, or | | 1196 | * unless it is one of the Responder's unicast or anycast addresses, or |
1180 | * a link-local scope multicast address which the Responder has joined. | | 1197 | * a link-local scope multicast address which the Responder has joined. |
1181 | * [icmp-name-lookups-07, Section 4.] | | 1198 | * [icmp-name-lookups-07, Section 4.] |
1182 | */ | | 1199 | */ |
1183 | bzero(&sin6, sizeof(sin6)); | | 1200 | bzero(&sin6, sizeof(sin6)); |
1184 | sin6.sin6_family = AF_INET6; | | 1201 | sin6.sin6_family = AF_INET6; |
1185 | sin6.sin6_len = sizeof(struct sockaddr_in6); | | 1202 | sin6.sin6_len = sizeof(struct sockaddr_in6); |
1186 | bcopy(&ip6->ip6_dst, &sin6.sin6_addr, sizeof(sin6.sin6_addr)); | | 1203 | bcopy(&ip6->ip6_dst, &sin6.sin6_addr, sizeof(sin6.sin6_addr)); |
1187 | /* XXX scopeid */ | | 1204 | /* XXX scopeid */ |
1188 | if (ifa_ifwithaddr((struct sockaddr *)&sin6)) | | 1205 | if (ifa_ifwithaddr((struct sockaddr *)&sin6)) |
1189 | ; /* unicast/anycast, fine */ | | 1206 | ; /* unicast/anycast, fine */ |
1190 | else if (IN6_IS_ADDR_MC_LINKLOCAL(&sin6.sin6_addr)) | | 1207 | else if (IN6_IS_ADDR_MC_LINKLOCAL(&sin6.sin6_addr)) |
1191 | ; /* link-local multicast, fine */ | | 1208 | ; /* link-local multicast, fine */ |
1192 | else | | 1209 | else |
1193 | goto bad; | | 1210 | goto bad; |
1194 | | | 1211 | |
1195 | /* validate query Subject field. */ | | 1212 | /* validate query Subject field. */ |
1196 | qtype = ntohs(ni6->ni_qtype); | | 1213 | qtype = ntohs(ni6->ni_qtype); |
1197 | subjlen = m->m_pkthdr.len - off - sizeof(struct icmp6_nodeinfo); | | 1214 | subjlen = m->m_pkthdr.len - off - sizeof(struct icmp6_nodeinfo); |
1198 | switch (qtype) { | | 1215 | switch (qtype) { |
1199 | case NI_QTYPE_NOOP: | | 1216 | case NI_QTYPE_NOOP: |
1200 | case NI_QTYPE_SUPTYPES: | | 1217 | case NI_QTYPE_SUPTYPES: |
1201 | /* 07 draft */ | | 1218 | /* 07 draft */ |
1202 | if (ni6->ni_code == ICMP6_NI_SUBJ_FQDN && subjlen == 0) | | 1219 | if (ni6->ni_code == ICMP6_NI_SUBJ_FQDN && subjlen == 0) |
1203 | break; | | 1220 | break; |
1204 | /* FALLTHROUGH */ | | 1221 | /* FALLTHROUGH */ |
1205 | case NI_QTYPE_FQDN: | | 1222 | case NI_QTYPE_FQDN: |
1206 | case NI_QTYPE_NODEADDR: | | 1223 | case NI_QTYPE_NODEADDR: |
1207 | case NI_QTYPE_IPV4ADDR: | | 1224 | case NI_QTYPE_IPV4ADDR: |
1208 | switch (ni6->ni_code) { | | 1225 | switch (ni6->ni_code) { |
1209 | case ICMP6_NI_SUBJ_IPV6: | | 1226 | case ICMP6_NI_SUBJ_IPV6: |
1210 | #if ICMP6_NI_SUBJ_IPV6 != 0 | | 1227 | #if ICMP6_NI_SUBJ_IPV6 != 0 |
1211 | case 0: | | 1228 | case 0: |
1212 | #endif | | 1229 | #endif |
1213 | /* | | 1230 | /* |
1214 | * backward compatibility - try to accept 03 draft | | 1231 | * backward compatibility - try to accept 03 draft |
1215 | * format, where no Subject is present. | | 1232 | * format, where no Subject is present. |
1216 | */ | | 1233 | */ |
1217 | if (qtype == NI_QTYPE_FQDN && ni6->ni_code == 0 && | | 1234 | if (qtype == NI_QTYPE_FQDN && ni6->ni_code == 0 && |
1218 | subjlen == 0) { | | 1235 | subjlen == 0) { |
1219 | oldfqdn++; | | 1236 | oldfqdn++; |
1220 | break; | | 1237 | break; |
1221 | } | | 1238 | } |
1222 | #if ICMP6_NI_SUBJ_IPV6 != 0 | | 1239 | #if ICMP6_NI_SUBJ_IPV6 != 0 |
1223 | if (ni6->ni_code != ICMP6_NI_SUBJ_IPV6) | | 1240 | if (ni6->ni_code != ICMP6_NI_SUBJ_IPV6) |
1224 | goto bad; | | 1241 | goto bad; |
1225 | #endif | | 1242 | #endif |
1226 | | | 1243 | |
1227 | if (subjlen != sizeof(sin6.sin6_addr)) | | 1244 | if (subjlen != sizeof(sin6.sin6_addr)) |
1228 | goto bad; | | 1245 | goto bad; |
1229 | | | 1246 | |
1230 | /* | | 1247 | /* |
1231 | * Validate Subject address. | | 1248 | * Validate Subject address. |
1232 | * | | 1249 | * |
1233 | * Not sure what exactly "address belongs to the node" | | 1250 | * Not sure what exactly "address belongs to the node" |
1234 | * means in the spec, is it just unicast, or what? | | 1251 | * means in the spec, is it just unicast, or what? |
1235 | * | | 1252 | * |
1236 | * At this moment we consider Subject address as | | 1253 | * At this moment we consider Subject address as |
1237 | * "belong to the node" if the Subject address equals | | 1254 | * "belong to the node" if the Subject address equals |
1238 | * to the IPv6 destination address; validation for | | 1255 | * to the IPv6 destination address; validation for |
1239 | * IPv6 destination address should have done enough | | 1256 | * IPv6 destination address should have done enough |
1240 | * check for us. | | 1257 | * check for us. |
1241 | * | | 1258 | * |
1242 | * We do not do proxy at this moment. | | 1259 | * We do not do proxy at this moment. |
1243 | */ | | 1260 | */ |
1244 | /* m_pulldown instead of copy? */ | | 1261 | /* m_pulldown instead of copy? */ |
1245 | m_copydata(m, off + sizeof(struct icmp6_nodeinfo), | | 1262 | m_copydata(m, off + sizeof(struct icmp6_nodeinfo), |
1246 | subjlen, (caddr_t)&in6_subj); | | 1263 | subjlen, (caddr_t)&in6_subj); |
1247 | if (in6_setscope(&in6_subj, m->m_pkthdr.rcvif, NULL)) | | 1264 | if (in6_setscope(&in6_subj, m->m_pkthdr.rcvif, NULL)) |
1248 | goto bad; | | 1265 | goto bad; |
1249 | | | 1266 | |
1250 | subj = (char *)&in6_subj; | | 1267 | subj = (char *)&in6_subj; |
1251 | if (IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, &in6_subj)) | | 1268 | if (IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, &in6_subj)) |
1252 | break; | | 1269 | break; |
1253 | | | 1270 | |
1254 | /* | | 1271 | /* |
1255 | * XXX if we are to allow other cases, we should really | | 1272 | * XXX if we are to allow other cases, we should really |
1256 | * be careful about scope here. | | 1273 | * be careful about scope here. |
1257 | * basically, we should disallow queries toward IPv6 | | 1274 | * basically, we should disallow queries toward IPv6 |
1258 | * destination X with subject Y, if scope(X) > scope(Y). | | 1275 | * destination X with subject Y, if scope(X) > scope(Y). |
1259 | * if we allow scope(X) > scope(Y), it will result in | | 1276 | * if we allow scope(X) > scope(Y), it will result in |
1260 | * information leakage across scope boundary. | | 1277 | * information leakage across scope boundary. |
1261 | */ | | 1278 | */ |
1262 | goto bad; | | 1279 | goto bad; |
1263 | | | 1280 | |
1264 | case ICMP6_NI_SUBJ_FQDN: | | 1281 | case ICMP6_NI_SUBJ_FQDN: |
1265 | /* | | 1282 | /* |
1266 | * Validate Subject name with gethostname(3). | | 1283 | * Validate Subject name with gethostname(3). |
1267 | * | | 1284 | * |
1268 | * The behavior may need some debate, since: | | 1285 | * The behavior may need some debate, since: |
1269 | * - we are not sure if the node has FQDN as | | 1286 | * - we are not sure if the node has FQDN as |
1270 | * hostname (returned by gethostname(3)). | | 1287 | * hostname (returned by gethostname(3)). |
1271 | * - the code does wildcard match for truncated names. | | 1288 | * - the code does wildcard match for truncated names. |
1272 | * however, we are not sure if we want to perform | | 1289 | * however, we are not sure if we want to perform |
1273 | * wildcard match, if gethostname(3) side has | | 1290 | * wildcard match, if gethostname(3) side has |
1274 | * truncated hostname. | | 1291 | * truncated hostname. |
1275 | */ | | 1292 | */ |
1276 | n = ni6_nametodns(hostname, hostnamelen, 0); | | 1293 | n = ni6_nametodns(hostname, hostnamelen, 0); |
1277 | if (!n || n->m_next || n->m_len == 0) | | 1294 | if (!n || n->m_next || n->m_len == 0) |
1278 | goto bad; | | 1295 | goto bad; |
1279 | IP6_EXTHDR_GET(subj, char *, m, | | 1296 | IP6_EXTHDR_GET(subj, char *, m, |
1280 | off + sizeof(struct icmp6_nodeinfo), subjlen); | | 1297 | off + sizeof(struct icmp6_nodeinfo), subjlen); |
1281 | if (subj == NULL) | | 1298 | if (subj == NULL) |
1282 | goto bad; | | 1299 | goto bad; |
1283 | if (!ni6_dnsmatch(subj, subjlen, mtod(n, const char *), | | 1300 | if (!ni6_dnsmatch(subj, subjlen, mtod(n, const char *), |
1284 | n->m_len)) { | | 1301 | n->m_len)) { |
1285 | goto bad; | | 1302 | goto bad; |
1286 | } | | 1303 | } |
1287 | m_freem(n); | | 1304 | m_freem(n); |
1288 | n = NULL; | | 1305 | n = NULL; |
1289 | break; | | 1306 | break; |
1290 | | | 1307 | |
1291 | case ICMP6_NI_SUBJ_IPV4: /* XXX: to be implemented? */ | | 1308 | case ICMP6_NI_SUBJ_IPV4: /* XXX: to be implemented? */ |
1292 | default: | | 1309 | default: |
1293 | goto bad; | | 1310 | goto bad; |
1294 | } | | 1311 | } |
1295 | break; | | 1312 | break; |
1296 | } | | 1313 | } |
1297 | | | 1314 | |
1298 | /* refuse based on configuration. XXX ICMP6_NI_REFUSED? */ | | 1315 | /* refuse based on configuration. XXX ICMP6_NI_REFUSED? */ |
1299 | switch (qtype) { | | 1316 | switch (qtype) { |
1300 | case NI_QTYPE_FQDN: | | 1317 | case NI_QTYPE_FQDN: |
1301 | if ((icmp6_nodeinfo & 1) == 0) | | 1318 | if ((icmp6_nodeinfo & 1) == 0) |
1302 | goto bad; | | 1319 | goto bad; |
1303 | break; | | 1320 | break; |
1304 | case NI_QTYPE_NODEADDR: | | 1321 | case NI_QTYPE_NODEADDR: |
1305 | case NI_QTYPE_IPV4ADDR: | | 1322 | case NI_QTYPE_IPV4ADDR: |
1306 | if ((icmp6_nodeinfo & 2) == 0) | | 1323 | if ((icmp6_nodeinfo & 2) == 0) |
1307 | goto bad; | | 1324 | goto bad; |
1308 | break; | | 1325 | break; |
1309 | } | | 1326 | } |
1310 | | | 1327 | |
1311 | /* guess reply length */ | | 1328 | /* guess reply length */ |
1312 | switch (qtype) { | | 1329 | switch (qtype) { |
1313 | case NI_QTYPE_NOOP: | | 1330 | case NI_QTYPE_NOOP: |
1314 | break; /* no reply data */ | | 1331 | break; /* no reply data */ |
1315 | case NI_QTYPE_SUPTYPES: | | 1332 | case NI_QTYPE_SUPTYPES: |
1316 | replylen += sizeof(u_int32_t); | | 1333 | replylen += sizeof(u_int32_t); |
1317 | break; | | 1334 | break; |
1318 | case NI_QTYPE_FQDN: | | 1335 | case NI_QTYPE_FQDN: |
1319 | /* XXX will append an mbuf */ | | 1336 | /* XXX will append an mbuf */ |
1320 | replylen += offsetof(struct ni_reply_fqdn, ni_fqdn_namelen); | | 1337 | replylen += offsetof(struct ni_reply_fqdn, ni_fqdn_namelen); |
1321 | break; | | 1338 | break; |
1322 | case NI_QTYPE_NODEADDR: | | 1339 | case NI_QTYPE_NODEADDR: |
1323 | addrs = ni6_addrs(ni6, m, &ifp, subj); | | 1340 | addrs = ni6_addrs(ni6, m, &ifp, subj); |
1324 | if ((replylen += addrs * (sizeof(struct in6_addr) + | | 1341 | if ((replylen += addrs * (sizeof(struct in6_addr) + |
1325 | sizeof(u_int32_t))) > MCLBYTES) | | 1342 | sizeof(u_int32_t))) > MCLBYTES) |
1326 | replylen = MCLBYTES; /* XXX: will truncate pkt later */ | | 1343 | replylen = MCLBYTES; /* XXX: will truncate pkt later */ |
1327 | break; | | 1344 | break; |
1328 | case NI_QTYPE_IPV4ADDR: | | 1345 | case NI_QTYPE_IPV4ADDR: |
1329 | /* unsupported - should respond with unknown Qtype? */ | | 1346 | /* unsupported - should respond with unknown Qtype? */ |
1330 | goto bad; | | 1347 | goto bad; |
1331 | default: | | 1348 | default: |
1332 | /* | | 1349 | /* |
1333 | * XXX: We must return a reply with the ICMP6 code | | 1350 | * XXX: We must return a reply with the ICMP6 code |
1334 | * `unknown Qtype' in this case. However we regard the case | | 1351 | * `unknown Qtype' in this case. However we regard the case |
1335 | * as an FQDN query for backward compatibility. | | 1352 | * as an FQDN query for backward compatibility. |
1336 | * Older versions set a random value to this field, | | 1353 | * Older versions set a random value to this field, |
1337 | * so it rarely varies in the defined qtypes. | | 1354 | * so it rarely varies in the defined qtypes. |
1338 | * But the mechanism is not reliable... | | 1355 | * But the mechanism is not reliable... |
1339 | * maybe we should obsolete older versions. | | 1356 | * maybe we should obsolete older versions. |
1340 | */ | | 1357 | */ |
1341 | qtype = NI_QTYPE_FQDN; | | 1358 | qtype = NI_QTYPE_FQDN; |
1342 | /* XXX will append an mbuf */ | | 1359 | /* XXX will append an mbuf */ |
1343 | replylen += offsetof(struct ni_reply_fqdn, ni_fqdn_namelen); | | 1360 | replylen += offsetof(struct ni_reply_fqdn, ni_fqdn_namelen); |
1344 | oldfqdn++; | | 1361 | oldfqdn++; |
1345 | break; | | 1362 | break; |
1346 | } | | 1363 | } |
1347 | | | 1364 | |
1348 | /* allocate an mbuf to reply. */ | | 1365 | /* allocate an mbuf to reply. */ |
1349 | MGETHDR(n, M_DONTWAIT, m->m_type); | | 1366 | MGETHDR(n, M_DONTWAIT, m->m_type); |
1350 | if (n == NULL) { | | 1367 | if (n == NULL) { |
1351 | m_freem(m); | | 1368 | m_freem(m); |
1352 | return (NULL); | | 1369 | return (NULL); |
1353 | } | | 1370 | } |
1354 | M_MOVE_PKTHDR(n, m); /* just for rcvif */ | | 1371 | M_MOVE_PKTHDR(n, m); /* just for rcvif */ |
1355 | if (replylen > MHLEN) { | | 1372 | if (replylen > MHLEN) { |
1356 | if (replylen > MCLBYTES) { | | 1373 | if (replylen > MCLBYTES) { |
1357 | /* | | 1374 | /* |
1358 | * XXX: should we try to allocate more? But MCLBYTES | | 1375 | * XXX: should we try to allocate more? But MCLBYTES |
1359 | * is probably much larger than IPV6_MMTU... | | 1376 | * is probably much larger than IPV6_MMTU... |
1360 | */ | | 1377 | */ |
1361 | goto bad; | | 1378 | goto bad; |
1362 | } | | 1379 | } |
1363 | MCLGET(n, M_DONTWAIT); | | 1380 | MCLGET(n, M_DONTWAIT); |
1364 | if ((n->m_flags & M_EXT) == 0) { | | 1381 | if ((n->m_flags & M_EXT) == 0) { |
1365 | goto bad; | | 1382 | goto bad; |
1366 | } | | 1383 | } |
1367 | } | | 1384 | } |
1368 | n->m_pkthdr.len = n->m_len = replylen; | | 1385 | n->m_pkthdr.len = n->m_len = replylen; |
1369 | | | 1386 | |
1370 | /* copy mbuf header and IPv6 + Node Information base headers */ | | 1387 | /* copy mbuf header and IPv6 + Node Information base headers */ |
1371 | bcopy(mtod(m, caddr_t), mtod(n, caddr_t), sizeof(struct ip6_hdr)); | | 1388 | bcopy(mtod(m, caddr_t), mtod(n, caddr_t), sizeof(struct ip6_hdr)); |
1372 | nni6 = (struct icmp6_nodeinfo *)(mtod(n, struct ip6_hdr *) + 1); | | 1389 | nni6 = (struct icmp6_nodeinfo *)(mtod(n, struct ip6_hdr *) + 1); |
1373 | bcopy((caddr_t)ni6, (caddr_t)nni6, sizeof(struct icmp6_nodeinfo)); | | 1390 | bcopy((caddr_t)ni6, (caddr_t)nni6, sizeof(struct icmp6_nodeinfo)); |
1374 | | | 1391 | |
1375 | /* qtype dependent procedure */ | | 1392 | /* qtype dependent procedure */ |
1376 | switch (qtype) { | | 1393 | switch (qtype) { |
1377 | case NI_QTYPE_NOOP: | | 1394 | case NI_QTYPE_NOOP: |
1378 | nni6->ni_code = ICMP6_NI_SUCCESS; | | 1395 | nni6->ni_code = ICMP6_NI_SUCCESS; |
1379 | nni6->ni_flags = 0; | | 1396 | nni6->ni_flags = 0; |
1380 | break; | | 1397 | break; |
1381 | case NI_QTYPE_SUPTYPES: | | 1398 | case NI_QTYPE_SUPTYPES: |
1382 | { | | 1399 | { |
1383 | u_int32_t v; | | 1400 | u_int32_t v; |
1384 | nni6->ni_code = ICMP6_NI_SUCCESS; | | 1401 | nni6->ni_code = ICMP6_NI_SUCCESS; |
1385 | nni6->ni_flags = htons(0x0000); /* raw bitmap */ | | 1402 | nni6->ni_flags = htons(0x0000); /* raw bitmap */ |
1386 | /* supports NOOP, SUPTYPES, FQDN, and NODEADDR */ | | 1403 | /* supports NOOP, SUPTYPES, FQDN, and NODEADDR */ |
1387 | v = (u_int32_t)htonl(0x0000000f); | | 1404 | v = (u_int32_t)htonl(0x0000000f); |
1388 | bcopy(&v, nni6 + 1, sizeof(u_int32_t)); | | 1405 | bcopy(&v, nni6 + 1, sizeof(u_int32_t)); |
1389 | break; | | 1406 | break; |
1390 | } | | 1407 | } |
1391 | case NI_QTYPE_FQDN: | | 1408 | case NI_QTYPE_FQDN: |
1392 | nni6->ni_code = ICMP6_NI_SUCCESS; | | 1409 | nni6->ni_code = ICMP6_NI_SUCCESS; |
1393 | fqdn = (struct ni_reply_fqdn *)(mtod(n, caddr_t) + | | 1410 | fqdn = (struct ni_reply_fqdn *)(mtod(n, caddr_t) + |
1394 | sizeof(struct ip6_hdr) + | | 1411 | sizeof(struct ip6_hdr) + |
1395 | sizeof(struct icmp6_nodeinfo)); | | 1412 | sizeof(struct icmp6_nodeinfo)); |
1396 | nni6->ni_flags = 0; /* XXX: meaningless TTL */ | | 1413 | nni6->ni_flags = 0; /* XXX: meaningless TTL */ |
1397 | fqdn->ni_fqdn_ttl = 0; /* ditto. */ | | 1414 | fqdn->ni_fqdn_ttl = 0; /* ditto. */ |
1398 | /* | | 1415 | /* |
1399 | * XXX do we really have FQDN in variable "hostname"? | | 1416 | * XXX do we really have FQDN in variable "hostname"? |
1400 | */ | | 1417 | */ |
1401 | n->m_next = ni6_nametodns(hostname, hostnamelen, oldfqdn); | | 1418 | n->m_next = ni6_nametodns(hostname, hostnamelen, oldfqdn); |
1402 | if (n->m_next == NULL) | | 1419 | if (n->m_next == NULL) |
1403 | goto bad; | | 1420 | goto bad; |
1404 | /* XXX we assume that n->m_next is not a chain */ | | 1421 | /* XXX we assume that n->m_next is not a chain */ |
1405 | if (n->m_next->m_next != NULL) | | 1422 | if (n->m_next->m_next != NULL) |
1406 | goto bad; | | 1423 | goto bad; |
1407 | n->m_pkthdr.len += n->m_next->m_len; | | 1424 | n->m_pkthdr.len += n->m_next->m_len; |
1408 | break; | | 1425 | break; |
1409 | case NI_QTYPE_NODEADDR: | | 1426 | case NI_QTYPE_NODEADDR: |
1410 | { | | 1427 | { |
1411 | int lenlim, copied; | | 1428 | int lenlim, copied; |
1412 | | | 1429 | |
1413 | nni6->ni_code = ICMP6_NI_SUCCESS; | | 1430 | nni6->ni_code = ICMP6_NI_SUCCESS; |
1414 | n->m_pkthdr.len = n->m_len = | | 1431 | n->m_pkthdr.len = n->m_len = |
1415 | sizeof(struct ip6_hdr) + sizeof(struct icmp6_nodeinfo); | | 1432 | sizeof(struct ip6_hdr) + sizeof(struct icmp6_nodeinfo); |
1416 | lenlim = M_TRAILINGSPACE(n); | | 1433 | lenlim = M_TRAILINGSPACE(n); |
1417 | copied = ni6_store_addrs(ni6, nni6, ifp, lenlim); | | 1434 | copied = ni6_store_addrs(ni6, nni6, ifp, lenlim); |
1418 | /* XXX: reset mbuf length */ | | 1435 | /* XXX: reset mbuf length */ |
1419 | n->m_pkthdr.len = n->m_len = sizeof(struct ip6_hdr) + | | 1436 | n->m_pkthdr.len = n->m_len = sizeof(struct ip6_hdr) + |
1420 | sizeof(struct icmp6_nodeinfo) + copied; | | 1437 | sizeof(struct icmp6_nodeinfo) + copied; |
1421 | break; | | 1438 | break; |
1422 | } | | 1439 | } |
1423 | default: | | 1440 | default: |
1424 | break; /* XXX impossible! */ | | 1441 | break; /* XXX impossible! */ |
1425 | } | | 1442 | } |
1426 | | | 1443 | |
1427 | nni6->ni_type = ICMP6_NI_REPLY; | | 1444 | nni6->ni_type = ICMP6_NI_REPLY; |
1428 | m_freem(m); | | 1445 | m_freem(m); |
1429 | return (n); | | 1446 | return (n); |
1430 | | | 1447 | |
1431 | bad: | | 1448 | bad: |
1432 | m_freem(m); | | 1449 | m_freem(m); |
1433 | if (n) | | 1450 | if (n) |
1434 | m_freem(n); | | 1451 | m_freem(n); |
1435 | return (NULL); | | 1452 | return (NULL); |
1436 | } | | 1453 | } |
1437 | #undef hostnamelen | | 1454 | #undef hostnamelen |
1438 | | | 1455 | |
1439 | #define isupper(x) ('A' <= (x) && (x) <= 'Z') | | 1456 | #define isupper(x) ('A' <= (x) && (x) <= 'Z') |
1440 | #define isalpha(x) (('A' <= (x) && (x) <= 'Z') || ('a' <= (x) && (x) <= 'z')) | | 1457 | #define isalpha(x) (('A' <= (x) && (x) <= 'Z') || ('a' <= (x) && (x) <= 'z')) |
1441 | #define isalnum(x) (isalpha(x) || ('0' <= (x) && (x) <= '9')) | | 1458 | #define isalnum(x) (isalpha(x) || ('0' <= (x) && (x) <= '9')) |
1442 | #define tolower(x) (isupper(x) ? (x) + 'a' - 'A' : (x)) | | 1459 | #define tolower(x) (isupper(x) ? (x) + 'a' - 'A' : (x)) |
1443 | | | 1460 | |
1444 | /* | | 1461 | /* |
1445 | * make a mbuf with DNS-encoded string. no compression support. | | 1462 | * make a mbuf with DNS-encoded string. no compression support. |
1446 | * | | 1463 | * |
1447 | * XXX names with less than 2 dots (like "foo" or "foo.section") will be | | 1464 | * XXX names with less than 2 dots (like "foo" or "foo.section") will be |
1448 | * treated as truncated name (two \0 at the end). this is a wild guess. | | 1465 | * treated as truncated name (two \0 at the end). this is a wild guess. |
1449 | */ | | 1466 | */ |
1450 | static struct mbuf * | | 1467 | static struct mbuf * |
1451 | ni6_nametodns(name, namelen, old) | | 1468 | ni6_nametodns(name, namelen, old) |
1452 | const char *name; | | 1469 | const char *name; |
1453 | int namelen; | | 1470 | int namelen; |
1454 | int old; /* return pascal string if non-zero */ | | 1471 | int old; /* return pascal string if non-zero */ |
1455 | { | | 1472 | { |
1456 | struct mbuf *m; | | 1473 | struct mbuf *m; |
1457 | char *cp, *ep; | | 1474 | char *cp, *ep; |
1458 | const char *p, *q; | | 1475 | const char *p, *q; |
1459 | int i, len, nterm; | | 1476 | int i, len, nterm; |
1460 | | | 1477 | |
1461 | if (old) | | 1478 | if (old) |
1462 | len = namelen + 1; | | 1479 | len = namelen + 1; |
1463 | else | | 1480 | else |
1464 | len = MCLBYTES; | | 1481 | len = MCLBYTES; |
1465 | | | 1482 | |
1466 | /* because MAXHOSTNAMELEN is usually 256, we use cluster mbuf */ | | 1483 | /* because MAXHOSTNAMELEN is usually 256, we use cluster mbuf */ |
1467 | MGET(m, M_DONTWAIT, MT_DATA); | | 1484 | MGET(m, M_DONTWAIT, MT_DATA); |
1468 | if (m && len > MLEN) { | | 1485 | if (m && len > MLEN) { |
1469 | MCLGET(m, M_DONTWAIT); | | 1486 | MCLGET(m, M_DONTWAIT); |
1470 | if ((m->m_flags & M_EXT) == 0) | | 1487 | if ((m->m_flags & M_EXT) == 0) |
1471 | goto fail; | | 1488 | goto fail; |
1472 | } | | 1489 | } |
1473 | if (!m) | | 1490 | if (!m) |
1474 | goto fail; | | 1491 | goto fail; |
1475 | m->m_next = NULL; | | 1492 | m->m_next = NULL; |
1476 | | | 1493 | |
1477 | if (old) { | | 1494 | if (old) { |
1478 | m->m_len = len; | | 1495 | m->m_len = len; |
1479 | *mtod(m, char *) = namelen; | | 1496 | *mtod(m, char *) = namelen; |
1480 | bcopy(name, mtod(m, char *) + 1, namelen); | | 1497 | bcopy(name, mtod(m, char *) + 1, namelen); |
1481 | return m; | | 1498 | return m; |
1482 | } else { | | 1499 | } else { |
1483 | m->m_len = 0; | | 1500 | m->m_len = 0; |
1484 | cp = mtod(m, char *); | | 1501 | cp = mtod(m, char *); |
1485 | ep = mtod(m, char *) + M_TRAILINGSPACE(m); | | 1502 | ep = mtod(m, char *) + M_TRAILINGSPACE(m); |
1486 | | | 1503 | |
1487 | /* if not certain about my name, return empty buffer */ | | 1504 | /* if not certain about my name, return empty buffer */ |
1488 | if (namelen == 0) | | 1505 | if (namelen == 0) |
1489 | return m; | | 1506 | return m; |
1490 | | | 1507 | |
1491 | /* | | 1508 | /* |
1492 | * guess if it looks like shortened hostname, or FQDN. | | 1509 | * guess if it looks like shortened hostname, or FQDN. |
1493 | * shortened hostname needs two trailing "\0". | | 1510 | * shortened hostname needs two trailing "\0". |
1494 | */ | | 1511 | */ |
1495 | i = 0; | | 1512 | i = 0; |
1496 | for (p = name; p < name + namelen; p++) { | | 1513 | for (p = name; p < name + namelen; p++) { |
1497 | if (*p && *p == '.') | | 1514 | if (*p && *p == '.') |
1498 | i++; | | 1515 | i++; |
1499 | } | | 1516 | } |
1500 | if (i < 2) | | 1517 | if (i < 2) |
1501 | nterm = 2; | | 1518 | nterm = 2; |
1502 | else | | 1519 | else |
1503 | nterm = 1; | | 1520 | nterm = 1; |
1504 | | | 1521 | |
1505 | p = name; | | 1522 | p = name; |
1506 | while (cp < ep && p < name + namelen) { | | 1523 | while (cp < ep && p < name + namelen) { |
1507 | i = 0; | | 1524 | i = 0; |
1508 | for (q = p; q < name + namelen && *q && *q != '.'; q++) | | 1525 | for (q = p; q < name + namelen && *q && *q != '.'; q++) |
1509 | i++; | | 1526 | i++; |
1510 | /* result does not fit into mbuf */ | | 1527 | /* result does not fit into mbuf */ |
1511 | if (cp + i + 1 >= ep) | | 1528 | if (cp + i + 1 >= ep) |
1512 | goto fail; | | 1529 | goto fail; |
1513 | /* | | 1530 | /* |
1514 | * DNS label length restriction, RFC1035 page 8. | | 1531 | * DNS label length restriction, RFC1035 page 8. |
1515 | * "i == 0" case is included here to avoid returning | | 1532 | * "i == 0" case is included here to avoid returning |
1516 | * 0-length label on "foo..bar". | | 1533 | * 0-length label on "foo..bar". |
1517 | */ | | 1534 | */ |
1518 | if (i <= 0 || i >= 64) | | 1535 | if (i <= 0 || i >= 64) |
1519 | goto fail; | | 1536 | goto fail; |
1520 | *cp++ = i; | | 1537 | *cp++ = i; |
1521 | if (!isalpha(p[0]) || !isalnum(p[i - 1])) | | 1538 | if (!isalpha(p[0]) || !isalnum(p[i - 1])) |
1522 | goto fail; | | 1539 | goto fail; |
1523 | while (i > 0) { | | 1540 | while (i > 0) { |
1524 | if (!isalnum(*p) && *p != '-') | | 1541 | if (!isalnum(*p) && *p != '-') |
1525 | goto fail; | | 1542 | goto fail; |
1526 | if (isupper(*p)) { | | 1543 | if (isupper(*p)) { |
1527 | *cp++ = tolower(*p); | | 1544 | *cp++ = tolower(*p); |
1528 | p++; | | 1545 | p++; |
1529 | } else | | 1546 | } else |
1530 | *cp++ = *p++; | | 1547 | *cp++ = *p++; |
1531 | i--; | | 1548 | i--; |
1532 | } | | 1549 | } |
1533 | p = q; | | 1550 | p = q; |
1534 | if (p < name + namelen && *p == '.') | | 1551 | if (p < name + namelen && *p == '.') |
1535 | p++; | | 1552 | p++; |
1536 | } | | 1553 | } |
1537 | /* termination */ | | 1554 | /* termination */ |
1538 | if (cp + nterm >= ep) | | 1555 | if (cp + nterm >= ep) |
1539 | goto fail; | | 1556 | goto fail; |
1540 | while (nterm-- > 0) | | 1557 | while (nterm-- > 0) |
1541 | *cp++ = '\0'; | | 1558 | *cp++ = '\0'; |
1542 | m->m_len = cp - mtod(m, char *); | | 1559 | m->m_len = cp - mtod(m, char *); |
1543 | return m; | | 1560 | return m; |
1544 | } | | 1561 | } |
1545 | | | 1562 | |
1546 | panic("should not reach here"); | | 1563 | panic("should not reach here"); |
1547 | /* NOTREACHED */ | | 1564 | /* NOTREACHED */ |
1548 | | | 1565 | |
1549 | fail: | | 1566 | fail: |
1550 | if (m) | | 1567 | if (m) |
1551 | m_freem(m); | | 1568 | m_freem(m); |
1552 | return NULL; | | 1569 | return NULL; |
1553 | } | | 1570 | } |
1554 | | | 1571 | |
1555 | /* | | 1572 | /* |
1556 | * check if two DNS-encoded string matches. takes care of truncated | | 1573 | * check if two DNS-encoded string matches. takes care of truncated |
1557 | * form (with \0\0 at the end). no compression support. | | 1574 | * form (with \0\0 at the end). no compression support. |
1558 | * XXX upper/lowercase match (see RFC2065) | | 1575 | * XXX upper/lowercase match (see RFC2065) |
1559 | */ | | 1576 | */ |
1560 | static int | | 1577 | static int |
1561 | ni6_dnsmatch(a, alen, b, blen) | | 1578 | ni6_dnsmatch(a, alen, b, blen) |
1562 | const char *a; | | 1579 | const char *a; |
1563 | int alen; | | 1580 | int alen; |
1564 | const char *b; | | 1581 | const char *b; |
1565 | int blen; | | 1582 | int blen; |
1566 | { | | 1583 | { |
1567 | const char *a0, *b0; | | 1584 | const char *a0, *b0; |
1568 | int l; | | 1585 | int l; |
1569 | | | 1586 | |
1570 | /* simplest case - need validation? */ | | 1587 | /* simplest case - need validation? */ |
1571 | if (alen == blen && bcmp(a, b, alen) == 0) | | 1588 | if (alen == blen && bcmp(a, b, alen) == 0) |
1572 | return 1; | | 1589 | return 1; |
1573 | | | 1590 | |
1574 | a0 = a; | | 1591 | a0 = a; |
1575 | b0 = b; | | 1592 | b0 = b; |
1576 | | | 1593 | |
1577 | /* termination is mandatory */ | | 1594 | /* termination is mandatory */ |
1578 | if (alen < 2 || blen < 2) | | 1595 | if (alen < 2 || blen < 2) |
1579 | return 0; | | 1596 | return 0; |
1580 | if (a0[alen - 1] != '\0' || b0[blen - 1] != '\0') | | 1597 | if (a0[alen - 1] != '\0' || b0[blen - 1] != '\0') |
1581 | return 0; | | 1598 | return 0; |
1582 | alen--; | | 1599 | alen--; |
1583 | blen--; | | 1600 | blen--; |
1584 | | | 1601 | |
1585 | while (a - a0 < alen && b - b0 < blen) { | | 1602 | while (a - a0 < alen && b - b0 < blen) { |
1586 | if (a - a0 + 1 > alen || b - b0 + 1 > blen) | | 1603 | if (a - a0 + 1 > alen || b - b0 + 1 > blen) |
1587 | return 0; | | 1604 | return 0; |
1588 | | | 1605 | |
1589 | if ((signed char)a[0] < 0 || (signed char)b[0] < 0) | | 1606 | if ((signed char)a[0] < 0 || (signed char)b[0] < 0) |
1590 | return 0; | | 1607 | return 0; |
1591 | /* we don't support compression yet */ | | 1608 | /* we don't support compression yet */ |
1592 | if (a[0] >= 64 || b[0] >= 64) | | 1609 | if (a[0] >= 64 || b[0] >= 64) |
1593 | return 0; | | 1610 | return 0; |
1594 | | | 1611 | |
1595 | /* truncated case */ | | 1612 | /* truncated case */ |
1596 | if (a[0] == 0 && a - a0 == alen - 1) | | 1613 | if (a[0] == 0 && a - a0 == alen - 1) |
1597 | return 1; | | 1614 | return 1; |
1598 | if (b[0] == 0 && b - b0 == blen - 1) | | 1615 | if (b[0] == 0 && b - b0 == blen - 1) |
1599 | return 1; | | 1616 | return 1; |
1600 | if (a[0] == 0 || b[0] == 0) | | 1617 | if (a[0] == 0 || b[0] == 0) |
1601 | return 0; | | 1618 | return 0; |
1602 | | | 1619 | |
1603 | if (a[0] != b[0]) | | 1620 | if (a[0] != b[0]) |
1604 | return 0; | | 1621 | return 0; |
1605 | l = a[0]; | | 1622 | l = a[0]; |
1606 | if (a - a0 + 1 + l > alen || b - b0 + 1 + l > blen) | | 1623 | if (a - a0 + 1 + l > alen || b - b0 + 1 + l > blen) |
1607 | return 0; | | 1624 | return 0; |
1608 | if (bcmp(a + 1, b + 1, l) != 0) | | 1625 | if (bcmp(a + 1, b + 1, l) != 0) |
1609 | return 0; | | 1626 | return 0; |
1610 | | | 1627 | |
1611 | a += 1 + l; | | 1628 | a += 1 + l; |
1612 | b += 1 + l; | | 1629 | b += 1 + l; |
1613 | } | | 1630 | } |
1614 | | | 1631 | |
1615 | if (a - a0 == alen && b - b0 == blen) | | 1632 | if (a - a0 == alen && b - b0 == blen) |
1616 | return 1; | | 1633 | return 1; |
1617 | else | | 1634 | else |
1618 | return 0; | | 1635 | return 0; |
1619 | } | | 1636 | } |
1620 | | | 1637 | |
1621 | /* | | 1638 | /* |
1622 | * calculate the number of addresses to be returned in the node info reply. | | 1639 | * calculate the number of addresses to be returned in the node info reply. |
1623 | */ | | 1640 | */ |
1624 | static int | | 1641 | static int |
1625 | ni6_addrs(struct icmp6_nodeinfo *ni6, struct mbuf *m, | | 1642 | ni6_addrs(struct icmp6_nodeinfo *ni6, struct mbuf *m, |
1626 | struct ifnet **ifpp, char *subj) | | 1643 | struct ifnet **ifpp, char *subj) |
1627 | { | | 1644 | { |
1628 | struct ifnet *ifp; | | 1645 | struct ifnet *ifp; |
1629 | struct in6_ifaddr *ifa6; | | 1646 | struct in6_ifaddr *ifa6; |
1630 | struct ifaddr *ifa; | | 1647 | struct ifaddr *ifa; |
1631 | struct sockaddr_in6 *subj_ip6 = NULL; /* XXX pedant */ | | 1648 | struct sockaddr_in6 *subj_ip6 = NULL; /* XXX pedant */ |
1632 | int addrs = 0, addrsofif, iffound = 0; | | 1649 | int addrs = 0, addrsofif, iffound = 0; |
1633 | int niflags = ni6->ni_flags; | | 1650 | int niflags = ni6->ni_flags; |
1634 | | | 1651 | |
1635 | if ((niflags & NI_NODEADDR_FLAG_ALL) == 0) { | | 1652 | if ((niflags & NI_NODEADDR_FLAG_ALL) == 0) { |
1636 | switch (ni6->ni_code) { | | 1653 | switch (ni6->ni_code) { |
1637 | case ICMP6_NI_SUBJ_IPV6: | | 1654 | case ICMP6_NI_SUBJ_IPV6: |
1638 | if (subj == NULL) /* must be impossible... */ | | 1655 | if (subj == NULL) /* must be impossible... */ |
1639 | return (0); | | 1656 | return (0); |
1640 | subj_ip6 = (struct sockaddr_in6 *)subj; | | 1657 | subj_ip6 = (struct sockaddr_in6 *)subj; |
1641 | break; | | 1658 | break; |
1642 | default: | | 1659 | default: |
1643 | /* | | 1660 | /* |
1644 | * XXX: we only support IPv6 subject address for | | 1661 | * XXX: we only support IPv6 subject address for |
1645 | * this Qtype. | | 1662 | * this Qtype. |
1646 | */ | | 1663 | */ |
1647 | return (0); | | 1664 | return (0); |
1648 | } | | 1665 | } |
1649 | } | | 1666 | } |
1650 | | | 1667 | |
1651 | for (ifp = TAILQ_FIRST(&ifnet); ifp; ifp = TAILQ_NEXT(ifp, if_list)) | | 1668 | for (ifp = TAILQ_FIRST(&ifnet); ifp; ifp = TAILQ_NEXT(ifp, if_list)) |
1652 | { | | 1669 | { |
1653 | addrsofif = 0; | | 1670 | addrsofif = 0; |
1654 | for (ifa = ifp->if_addrlist.tqh_first; ifa; | | 1671 | for (ifa = ifp->if_addrlist.tqh_first; ifa; |
1655 | ifa = ifa->ifa_list.tqe_next) | | 1672 | ifa = ifa->ifa_list.tqe_next) |
1656 | { | | 1673 | { |
1657 | if (ifa->ifa_addr->sa_family != AF_INET6) | | 1674 | if (ifa->ifa_addr->sa_family != AF_INET6) |
1658 | continue; | | 1675 | continue; |
1659 | ifa6 = (struct in6_ifaddr *)ifa; | | 1676 | ifa6 = (struct in6_ifaddr *)ifa; |
1660 | | | 1677 | |
1661 | if ((niflags & NI_NODEADDR_FLAG_ALL) == 0 && | | 1678 | if ((niflags & NI_NODEADDR_FLAG_ALL) == 0 && |
1662 | IN6_ARE_ADDR_EQUAL(&subj_ip6->sin6_addr, | | 1679 | IN6_ARE_ADDR_EQUAL(&subj_ip6->sin6_addr, |
1663 | &ifa6->ia_addr.sin6_addr)) | | 1680 | &ifa6->ia_addr.sin6_addr)) |
1664 | iffound = 1; | | 1681 | iffound = 1; |
1665 | | | 1682 | |
1666 | /* | | 1683 | /* |
1667 | * IPv4-mapped addresses can only be returned by a | | 1684 | * IPv4-mapped addresses can only be returned by a |
1668 | * Node Information proxy, since they represent | | 1685 | * Node Information proxy, since they represent |
1669 | * addresses of IPv4-only nodes, which perforce do | | 1686 | * addresses of IPv4-only nodes, which perforce do |
1670 | * not implement this protocol. | | 1687 | * not implement this protocol. |
1671 | * [icmp-name-lookups-07, Section 5.4] | | 1688 | * [icmp-name-lookups-07, Section 5.4] |
1672 | * So we don't support NI_NODEADDR_FLAG_COMPAT in | | 1689 | * So we don't support NI_NODEADDR_FLAG_COMPAT in |
1673 | * this function at this moment. | | 1690 | * this function at this moment. |
1674 | */ | | 1691 | */ |
1675 | | | 1692 | |
1676 | /* What do we have to do about ::1? */ | | 1693 | /* What do we have to do about ::1? */ |
1677 | switch (in6_addrscope(&ifa6->ia_addr.sin6_addr)) { | | 1694 | switch (in6_addrscope(&ifa6->ia_addr.sin6_addr)) { |
1678 | case IPV6_ADDR_SCOPE_LINKLOCAL: | | 1695 | case IPV6_ADDR_SCOPE_LINKLOCAL: |
1679 | if ((niflags & NI_NODEADDR_FLAG_LINKLOCAL) == 0) | | 1696 | if ((niflags & NI_NODEADDR_FLAG_LINKLOCAL) == 0) |
1680 | continue; | | 1697 | continue; |
1681 | break; | | 1698 | break; |
1682 | case IPV6_ADDR_SCOPE_SITELOCAL: | | 1699 | case IPV6_ADDR_SCOPE_SITELOCAL: |
1683 | if ((niflags & NI_NODEADDR_FLAG_SITELOCAL) == 0) | | 1700 | if ((niflags & NI_NODEADDR_FLAG_SITELOCAL) == 0) |
1684 | continue; | | 1701 | continue; |
1685 | break; | | 1702 | break; |
1686 | case IPV6_ADDR_SCOPE_GLOBAL: | | 1703 | case IPV6_ADDR_SCOPE_GLOBAL: |
1687 | if ((niflags & NI_NODEADDR_FLAG_GLOBAL) == 0) | | 1704 | if ((niflags & NI_NODEADDR_FLAG_GLOBAL) == 0) |
1688 | continue; | | 1705 | continue; |
1689 | break; | | 1706 | break; |
1690 | default: | | 1707 | default: |
1691 | continue; | | 1708 | continue; |
1692 | } | | 1709 | } |
1693 | | | 1710 | |
1694 | /* | | 1711 | /* |
1695 | * check if anycast is okay. | | 1712 | * check if anycast is okay. |
1696 | * XXX: just experimental. not in the spec. | | 1713 | * XXX: just experimental. not in the spec. |
1697 | */ | | 1714 | */ |
1698 | if ((ifa6->ia6_flags & IN6_IFF_ANYCAST) != 0 && | | 1715 | if ((ifa6->ia6_flags & IN6_IFF_ANYCAST) != 0 && |
1699 | (niflags & NI_NODEADDR_FLAG_ANYCAST) == 0) | | 1716 | (niflags & NI_NODEADDR_FLAG_ANYCAST) == 0) |
1700 | continue; /* we need only unicast addresses */ | | 1717 | continue; /* we need only unicast addresses */ |
1701 | | | 1718 | |
1702 | addrsofif++; /* count the address */ | | 1719 | addrsofif++; /* count the address */ |
1703 | } | | 1720 | } |
1704 | if (iffound) { | | 1721 | if (iffound) { |
1705 | *ifpp = ifp; | | 1722 | *ifpp = ifp; |
1706 | return (addrsofif); | | 1723 | return (addrsofif); |
1707 | } | | 1724 | } |
1708 | | | 1725 | |
1709 | addrs += addrsofif; | | 1726 | addrs += addrsofif; |
1710 | } | | 1727 | } |
1711 | | | 1728 | |
1712 | return (addrs); | | 1729 | return (addrs); |
1713 | } | | 1730 | } |
1714 | | | 1731 | |
1715 | static int | | 1732 | static int |
1716 | ni6_store_addrs(ni6, nni6, ifp0, resid) | | 1733 | ni6_store_addrs(ni6, nni6, ifp0, resid) |
1717 | struct icmp6_nodeinfo *ni6, *nni6; | | 1734 | struct icmp6_nodeinfo *ni6, *nni6; |
1718 | struct ifnet *ifp0; | | 1735 | struct ifnet *ifp0; |
1719 | int resid; | | 1736 | int resid; |
1720 | { | | 1737 | { |
1721 | struct ifnet *ifp = ifp0 ? ifp0 : TAILQ_FIRST(&ifnet); | | 1738 | struct ifnet *ifp = ifp0 ? ifp0 : TAILQ_FIRST(&ifnet); |
1722 | struct in6_ifaddr *ifa6; | | 1739 | struct in6_ifaddr *ifa6; |
1723 | struct ifaddr *ifa; | | 1740 | struct ifaddr *ifa; |
1724 | struct ifnet *ifp_dep = NULL; | | 1741 | struct ifnet *ifp_dep = NULL; |
1725 | int copied = 0, allow_deprecated = 0; | | 1742 | int copied = 0, allow_deprecated = 0; |
1726 | u_char *cp = (u_char *)(nni6 + 1); | | 1743 | u_char *cp = (u_char *)(nni6 + 1); |
1727 | int niflags = ni6->ni_flags; | | 1744 | int niflags = ni6->ni_flags; |
1728 | u_int32_t ltime; | | 1745 | u_int32_t ltime; |
1729 | | | 1746 | |
1730 | if (ifp0 == NULL && !(niflags & NI_NODEADDR_FLAG_ALL)) | | 1747 | if (ifp0 == NULL && !(niflags & NI_NODEADDR_FLAG_ALL)) |
1731 | return (0); /* needless to copy */ | | 1748 | return (0); /* needless to copy */ |
1732 | | | 1749 | |
1733 | again: | | 1750 | again: |
1734 | | | 1751 | |
1735 | for (; ifp; ifp = TAILQ_NEXT(ifp, if_list)) | | 1752 | for (; ifp; ifp = TAILQ_NEXT(ifp, if_list)) |
1736 | { | | 1753 | { |
1737 | for (ifa = ifp->if_addrlist.tqh_first; ifa; | | 1754 | for (ifa = ifp->if_addrlist.tqh_first; ifa; |
1738 | ifa = ifa->ifa_list.tqe_next) | | 1755 | ifa = ifa->ifa_list.tqe_next) |
1739 | { | | 1756 | { |
1740 | if (ifa->ifa_addr->sa_family != AF_INET6) | | 1757 | if (ifa->ifa_addr->sa_family != AF_INET6) |
1741 | continue; | | 1758 | continue; |
1742 | ifa6 = (struct in6_ifaddr *)ifa; | | 1759 | ifa6 = (struct in6_ifaddr *)ifa; |
1743 | | | 1760 | |
1744 | if ((ifa6->ia6_flags & IN6_IFF_DEPRECATED) != 0 && | | 1761 | if ((ifa6->ia6_flags & IN6_IFF_DEPRECATED) != 0 && |
1745 | allow_deprecated == 0) { | | 1762 | allow_deprecated == 0) { |
1746 | /* | | 1763 | /* |
1747 | * prefererred address should be put before | | 1764 | * prefererred address should be put before |
1748 | * deprecated addresses. | | 1765 | * deprecated addresses. |
1749 | */ | | 1766 | */ |
1750 | | | 1767 | |
1751 | /* record the interface for later search */ | | 1768 | /* record the interface for later search */ |
1752 | if (ifp_dep == NULL) | | 1769 | if (ifp_dep == NULL) |
1753 | ifp_dep = ifp; | | 1770 | ifp_dep = ifp; |
1754 | | | 1771 | |
1755 | continue; | | 1772 | continue; |
1756 | } | | 1773 | } |
1757 | else if ((ifa6->ia6_flags & IN6_IFF_DEPRECATED) == 0 && | | 1774 | else if ((ifa6->ia6_flags & IN6_IFF_DEPRECATED) == 0 && |
1758 | allow_deprecated != 0) | | 1775 | allow_deprecated != 0) |
1759 | continue; /* we now collect deprecated addrs */ | | 1776 | continue; /* we now collect deprecated addrs */ |
1760 | | | 1777 | |
1761 | /* What do we have to do about ::1? */ | | 1778 | /* What do we have to do about ::1? */ |
1762 | switch (in6_addrscope(&ifa6->ia_addr.sin6_addr)) { | | 1779 | switch (in6_addrscope(&ifa6->ia_addr.sin6_addr)) { |
1763 | case IPV6_ADDR_SCOPE_LINKLOCAL: | | 1780 | case IPV6_ADDR_SCOPE_LINKLOCAL: |
1764 | if ((niflags & NI_NODEADDR_FLAG_LINKLOCAL) == 0) | | 1781 | if ((niflags & NI_NODEADDR_FLAG_LINKLOCAL) == 0) |
1765 | continue; | | 1782 | continue; |
1766 | break; | | 1783 | break; |
1767 | case IPV6_ADDR_SCOPE_SITELOCAL: | | 1784 | case IPV6_ADDR_SCOPE_SITELOCAL: |
1768 | if ((niflags & NI_NODEADDR_FLAG_SITELOCAL) == 0) | | 1785 | if ((niflags & NI_NODEADDR_FLAG_SITELOCAL) == 0) |
1769 | continue; | | 1786 | continue; |
1770 | break; | | 1787 | break; |
1771 | case IPV6_ADDR_SCOPE_GLOBAL: | | 1788 | case IPV6_ADDR_SCOPE_GLOBAL: |
1772 | if ((niflags & NI_NODEADDR_FLAG_GLOBAL) == 0) | | 1789 | if ((niflags & NI_NODEADDR_FLAG_GLOBAL) == 0) |
1773 | continue; | | 1790 | continue; |
1774 | break; | | 1791 | break; |
1775 | default: | | 1792 | default: |
1776 | continue; | | 1793 | continue; |
1777 | } | | 1794 | } |
1778 | | | 1795 | |
1779 | /* | | 1796 | /* |
1780 | * check if anycast is okay. | | 1797 | * check if anycast is okay. |
1781 | * XXX: just experimental. not in the spec. | | 1798 | * XXX: just experimental. not in the spec. |
1782 | */ | | 1799 | */ |
1783 | if ((ifa6->ia6_flags & IN6_IFF_ANYCAST) != 0 && | | 1800 | if ((ifa6->ia6_flags & IN6_IFF_ANYCAST) != 0 && |
1784 | (niflags & NI_NODEADDR_FLAG_ANYCAST) == 0) | | 1801 | (niflags & NI_NODEADDR_FLAG_ANYCAST) == 0) |
1785 | continue; | | 1802 | continue; |
1786 | | | 1803 | |
1787 | /* now we can copy the address */ | | 1804 | /* now we can copy the address */ |
1788 | if (resid < sizeof(struct in6_addr) + | | 1805 | if (resid < sizeof(struct in6_addr) + |
1789 | sizeof(u_int32_t)) { | | 1806 | sizeof(u_int32_t)) { |
1790 | /* | | 1807 | /* |
1791 | * We give up much more copy. | | 1808 | * We give up much more copy. |
1792 | * Set the truncate flag and return. | | 1809 | * Set the truncate flag and return. |
1793 | */ | | 1810 | */ |
1794 | nni6->ni_flags |= NI_NODEADDR_FLAG_TRUNCATE; | | 1811 | nni6->ni_flags |= NI_NODEADDR_FLAG_TRUNCATE; |
1795 | return (copied); | | 1812 | return (copied); |
1796 | } | | 1813 | } |
1797 | | | 1814 | |
1798 | /* | | 1815 | /* |
1799 | * Set the TTL of the address. | | 1816 | * Set the TTL of the address. |
1800 | * The TTL value should be one of the following | | 1817 | * The TTL value should be one of the following |
1801 | * according to the specification: | | 1818 | * according to the specification: |
1802 | * | | 1819 | * |
1803 | * 1. The remaining lifetime of a DHCP lease on the | | 1820 | * 1. The remaining lifetime of a DHCP lease on the |
1804 | * address, or | | 1821 | * address, or |
1805 | * 2. The remaining Valid Lifetime of a prefix from | | 1822 | * 2. The remaining Valid Lifetime of a prefix from |
1806 | * which the address was derived through Stateless | | 1823 | * which the address was derived through Stateless |
1807 | * Autoconfiguration. | | 1824 | * Autoconfiguration. |
1808 | * | | 1825 | * |
1809 | * Note that we currently do not support stateful | | 1826 | * Note that we currently do not support stateful |
1810 | * address configuration by DHCPv6, so the former | | 1827 | * address configuration by DHCPv6, so the former |
1811 | * case can't happen. | | 1828 | * case can't happen. |
1812 | * | | 1829 | * |
1813 | * TTL must be 2^31 > TTL >= 0. | | 1830 | * TTL must be 2^31 > TTL >= 0. |
1814 | */ | | 1831 | */ |
1815 | if (ifa6->ia6_lifetime.ia6t_expire == 0) | | 1832 | if (ifa6->ia6_lifetime.ia6t_expire == 0) |
1816 | ltime = ND6_INFINITE_LIFETIME; | | 1833 | ltime = ND6_INFINITE_LIFETIME; |
1817 | else { | | 1834 | else { |
1818 | if (ifa6->ia6_lifetime.ia6t_expire > | | 1835 | if (ifa6->ia6_lifetime.ia6t_expire > |
1819 | time_second) | | 1836 | time_second) |
1820 | ltime = ifa6->ia6_lifetime.ia6t_expire - | | 1837 | ltime = ifa6->ia6_lifetime.ia6t_expire - |
1821 | time_second; | | 1838 | time_second; |
1822 | else | | 1839 | else |
1823 | ltime = 0; | | 1840 | ltime = 0; |
1824 | } | | 1841 | } |
1825 | if (ltime > 0x7fffffff) | | 1842 | if (ltime > 0x7fffffff) |
1826 | ltime = 0x7fffffff; | | 1843 | ltime = 0x7fffffff; |
1827 | ltime = htonl(ltime); | | 1844 | ltime = htonl(ltime); |
1828 | | | 1845 | |
1829 | bcopy(<ime, cp, sizeof(u_int32_t)); | | 1846 | bcopy(<ime, cp, sizeof(u_int32_t)); |
1830 | cp += sizeof(u_int32_t); | | 1847 | cp += sizeof(u_int32_t); |
1831 | | | 1848 | |
1832 | /* copy the address itself */ | | 1849 | /* copy the address itself */ |
1833 | bcopy(&ifa6->ia_addr.sin6_addr, cp, | | 1850 | bcopy(&ifa6->ia_addr.sin6_addr, cp, |
1834 | sizeof(struct in6_addr)); | | 1851 | sizeof(struct in6_addr)); |
1835 | in6_clearscope((struct in6_addr *)cp); /* XXX */ | | 1852 | in6_clearscope((struct in6_addr *)cp); /* XXX */ |
1836 | cp += sizeof(struct in6_addr); | | 1853 | cp += sizeof(struct in6_addr); |
1837 | | | 1854 | |
1838 | resid -= (sizeof(struct in6_addr) + sizeof(u_int32_t)); | | 1855 | resid -= (sizeof(struct in6_addr) + sizeof(u_int32_t)); |
1839 | copied += (sizeof(struct in6_addr) + sizeof(u_int32_t)); | | 1856 | copied += (sizeof(struct in6_addr) + sizeof(u_int32_t)); |
1840 | } | | 1857 | } |
1841 | if (ifp0) /* we need search only on the specified IF */ | | 1858 | if (ifp0) /* we need search only on the specified IF */ |
1842 | break; | | 1859 | break; |
1843 | } | | 1860 | } |
1844 | | | 1861 | |
1845 | if (allow_deprecated == 0 && ifp_dep != NULL) { | | 1862 | if (allow_deprecated == 0 && ifp_dep != NULL) { |
1846 | ifp = ifp_dep; | | 1863 | ifp = ifp_dep; |
1847 | allow_deprecated = 1; | | 1864 | allow_deprecated = 1; |
1848 | | | 1865 | |
1849 | goto again; | | 1866 | goto again; |
1850 | } | | 1867 | } |
1851 | | | 1868 | |
1852 | return (copied); | | 1869 | return (copied); |
1853 | } | | 1870 | } |
1854 | | | 1871 | |
1855 | /* | | 1872 | /* |
1856 | * XXX almost dup'ed code with rip6_input. | | 1873 | * XXX almost dup'ed code with rip6_input. |
1857 | */ | | 1874 | */ |
1858 | static int | | 1875 | static int |
1859 | icmp6_rip6_input(mp, off) | | 1876 | icmp6_rip6_input(mp, off) |
1860 | struct mbuf **mp; | | 1877 | struct mbuf **mp; |
1861 | int off; | | 1878 | int off; |
1862 | { | | 1879 | { |
1863 | struct mbuf *m = *mp; | | 1880 | struct mbuf *m = *mp; |
1864 | struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); | | 1881 | struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); |
1865 | struct inpcb_hdr *inph; | | 1882 | struct inpcb_hdr *inph; |
1866 | struct in6pcb *in6p; | | 1883 | struct in6pcb *in6p; |
1867 | struct in6pcb *last = NULL; | | 1884 | struct in6pcb *last = NULL; |
1868 | struct sockaddr_in6 rip6src; | | 1885 | struct sockaddr_in6 rip6src; |
1869 | struct icmp6_hdr *icmp6; | | 1886 | struct icmp6_hdr *icmp6; |
1870 | struct mbuf *opts = NULL; | | 1887 | struct mbuf *opts = NULL; |
1871 | | | 1888 | |
1872 | IP6_EXTHDR_GET(icmp6, struct icmp6_hdr *, m, off, sizeof(*icmp6)); | | 1889 | IP6_EXTHDR_GET(icmp6, struct icmp6_hdr *, m, off, sizeof(*icmp6)); |
1873 | if (icmp6 == NULL) { | | 1890 | if (icmp6 == NULL) { |
1874 | /* m is already reclaimed */ | | 1891 | /* m is already reclaimed */ |
1875 | return IPPROTO_DONE; | | 1892 | return IPPROTO_DONE; |
1876 | } | | 1893 | } |
1877 | | | 1894 | |
1878 | /* | | 1895 | /* |
1879 | * XXX: the address may have embedded scope zone ID, which should be | | 1896 | * XXX: the address may have embedded scope zone ID, which should be |
1880 | * hidden from applications. | | 1897 | * hidden from applications. |
1881 | */ | | 1898 | */ |
1882 | bzero(&rip6src, sizeof(rip6src)); | | 1899 | bzero(&rip6src, sizeof(rip6src)); |
1883 | rip6src.sin6_len = sizeof(struct sockaddr_in6); | | 1900 | rip6src.sin6_len = sizeof(struct sockaddr_in6); |
1884 | rip6src.sin6_family = AF_INET6; | | 1901 | rip6src.sin6_family = AF_INET6; |
1885 | rip6src.sin6_addr = ip6->ip6_src; | | 1902 | rip6src.sin6_addr = ip6->ip6_src; |
1886 | if (sa6_recoverscope(&rip6src)) { | | 1903 | if (sa6_recoverscope(&rip6src)) { |
1887 | m_freem(m); | | 1904 | m_freem(m); |
1888 | return (IPPROTO_DONE); | | 1905 | return (IPPROTO_DONE); |
1889 | } | | 1906 | } |
1890 | | | 1907 | |
1891 | CIRCLEQ_FOREACH(inph, &raw6cbtable.inpt_queue, inph_queue) { | | 1908 | CIRCLEQ_FOREACH(inph, &raw6cbtable.inpt_queue, inph_queue) { |
1892 | in6p = (struct in6pcb *)inph; | | 1909 | in6p = (struct in6pcb *)inph; |
1893 | if (in6p->in6p_af != AF_INET6) | | 1910 | if (in6p->in6p_af != AF_INET6) |
1894 | continue; | | 1911 | continue; |
1895 | if (in6p->in6p_ip6.ip6_nxt != IPPROTO_ICMPV6) | | 1912 | if (in6p->in6p_ip6.ip6_nxt != IPPROTO_ICMPV6) |
1896 | continue; | | 1913 | continue; |
1897 | if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) && | | 1914 | if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) && |
1898 | !IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &ip6->ip6_dst)) | | 1915 | !IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &ip6->ip6_dst)) |
1899 | continue; | | 1916 | continue; |
1900 | if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr) && | | 1917 | if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr) && |
1901 | !IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, &ip6->ip6_src)) | | 1918 | !IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, &ip6->ip6_src)) |
1902 | continue; | | 1919 | continue; |
1903 | if (in6p->in6p_icmp6filt | | 1920 | if (in6p->in6p_icmp6filt |
1904 | && ICMP6_FILTER_WILLBLOCK(icmp6->icmp6_type, | | 1921 | && ICMP6_FILTER_WILLBLOCK(icmp6->icmp6_type, |
1905 | in6p->in6p_icmp6filt)) | | 1922 | in6p->in6p_icmp6filt)) |
1906 | continue; | | 1923 | continue; |
1907 | if (last) { | | 1924 | if (last) { |
1908 | struct mbuf *n; | | 1925 | struct mbuf *n; |
1909 | if ((n = m_copy(m, 0, (int)M_COPYALL)) != NULL) { | | 1926 | if ((n = m_copy(m, 0, (int)M_COPYALL)) != NULL) { |
1910 | if (last->in6p_flags & IN6P_CONTROLOPTS) | | 1927 | if (last->in6p_flags & IN6P_CONTROLOPTS) |
1911 | ip6_savecontrol(last, &opts, ip6, n); | | 1928 | ip6_savecontrol(last, &opts, ip6, n); |
1912 | /* strip intermediate headers */ | | 1929 | /* strip intermediate headers */ |
1913 | m_adj(n, off); | | 1930 | m_adj(n, off); |
1914 | if (sbappendaddr(&last->in6p_socket->so_rcv, | | 1931 | if (sbappendaddr(&last->in6p_socket->so_rcv, |
1915 | (struct sockaddr *)&rip6src, | | 1932 | (struct sockaddr *)&rip6src, |
1916 | n, opts) == 0) { | | 1933 | n, opts) == 0) { |
1917 | /* should notify about lost packet */ | | 1934 | /* should notify about lost packet */ |
1918 | m_freem(n); | | 1935 | m_freem(n); |
1919 | if (opts) | | 1936 | if (opts) |
1920 | m_freem(opts); | | 1937 | m_freem(opts); |
1921 | } else | | 1938 | } else |
1922 | sorwakeup(last->in6p_socket); | | 1939 | sorwakeup(last->in6p_socket); |
1923 | opts = NULL; | | 1940 | opts = NULL; |
1924 | } | | 1941 | } |
1925 | } | | 1942 | } |
1926 | last = in6p; | | 1943 | last = in6p; |
1927 | } | | 1944 | } |
1928 | if (last) { | | 1945 | if (last) { |
1929 | if (last->in6p_flags & IN6P_CONTROLOPTS) | | 1946 | if (last->in6p_flags & IN6P_CONTROLOPTS) |
1930 | ip6_savecontrol(last, &opts, ip6, m); | | 1947 | ip6_savecontrol(last, &opts, ip6, m); |
1931 | /* strip intermediate headers */ | | 1948 | /* strip intermediate headers */ |
1932 | m_adj(m, off); | | 1949 | m_adj(m, off); |
1933 | if (sbappendaddr(&last->in6p_socket->so_rcv, | | 1950 | if (sbappendaddr(&last->in6p_socket->so_rcv, |
1934 | (struct sockaddr *)&rip6src, m, opts) == 0) { | | 1951 | (struct sockaddr *)&rip6src, m, opts) == 0) { |
1935 | m_freem(m); | | 1952 | m_freem(m); |
1936 | if (opts) | | 1953 | if (opts) |
1937 | m_freem(opts); | | 1954 | m_freem(opts); |
1938 | } else | | 1955 | } else |
1939 | sorwakeup(last->in6p_socket); | | 1956 | sorwakeup(last->in6p_socket); |
1940 | } else { | | 1957 | } else { |
1941 | m_freem(m); | | 1958 | m_freem(m); |
1942 | ip6stat.ip6s_delivered--; | | 1959 | ip6stat.ip6s_delivered--; |
1943 | } | | 1960 | } |
1944 | return IPPROTO_DONE; | | 1961 | return IPPROTO_DONE; |
1945 | } | | 1962 | } |
1946 | | | 1963 | |
1947 | /* | | 1964 | /* |
1948 | * Reflect the ip6 packet back to the source. | | 1965 | * Reflect the ip6 packet back to the source. |
1949 | * OFF points to the icmp6 header, counted from the top of the mbuf. | | 1966 | * OFF points to the icmp6 header, counted from the top of the mbuf. |
1950 | * | | 1967 | * |
1951 | * Note: RFC 1885 required that an echo reply should be truncated if it | | 1968 | * Note: RFC 1885 required that an echo reply should be truncated if it |
1952 | * did not fit in with (return) path MTU, and KAME code supported the | | 1969 | * did not fit in with (return) path MTU, and KAME code supported the |
1953 | * behavior. However, as a clarification after the RFC, this limitation | | 1970 | * behavior. However, as a clarification after the RFC, this limitation |
1954 | * was removed in a revised version of the spec, RFC 2463. We had kept the | | 1971 | * was removed in a revised version of the spec, RFC 2463. We had kept the |
1955 | * old behavior, with a (non-default) ifdef block, while the new version of | | 1972 | * old behavior, with a (non-default) ifdef block, while the new version of |
1956 | * the spec was an internet-draft status, and even after the new RFC was | | 1973 | * the spec was an internet-draft status, and even after the new RFC was |
1957 | * published. But it would rather make sense to clean the obsoleted part | | 1974 | * published. But it would rather make sense to clean the obsoleted part |
1958 | * up, and to make the code simpler at this stage. | | 1975 | * up, and to make the code simpler at this stage. |
1959 | */ | | 1976 | */ |
1960 | void | | 1977 | void |
1961 | icmp6_reflect(m, off) | | 1978 | icmp6_reflect(m, off) |
1962 | struct mbuf *m; | | 1979 | struct mbuf *m; |
1963 | size_t off; | | 1980 | size_t off; |
1964 | { | | 1981 | { |
1965 | struct ip6_hdr *ip6; | | 1982 | struct ip6_hdr *ip6; |
1966 | struct icmp6_hdr *icmp6; | | 1983 | struct icmp6_hdr *icmp6; |
1967 | struct in6_ifaddr *ia; | | 1984 | struct in6_ifaddr *ia; |
1968 | int plen; | | 1985 | int plen; |
1969 | int type, code; | | 1986 | int type, code; |
1970 | struct ifnet *outif = NULL; | | 1987 | struct ifnet *outif = NULL; |
1971 | struct in6_addr origdst, *src = NULL; | | 1988 | struct in6_addr origdst, *src = NULL; |
1972 | | | 1989 | |
1973 | /* too short to reflect */ | | 1990 | /* too short to reflect */ |
1974 | if (off < sizeof(struct ip6_hdr)) { | | 1991 | if (off < sizeof(struct ip6_hdr)) { |
1975 | nd6log((LOG_DEBUG, | | 1992 | nd6log((LOG_DEBUG, |
1976 | "sanity fail: off=%lx, sizeof(ip6)=%lx in %s:%d\n", | | 1993 | "sanity fail: off=%lx, sizeof(ip6)=%lx in %s:%d\n", |
1977 | (u_long)off, (u_long)sizeof(struct ip6_hdr), | | 1994 | (u_long)off, (u_long)sizeof(struct ip6_hdr), |
1978 | __FILE__, __LINE__)); | | 1995 | __FILE__, __LINE__)); |
1979 | goto bad; | | 1996 | goto bad; |
1980 | } | | 1997 | } |
1981 | | | 1998 | |
1982 | /* | | 1999 | /* |
1983 | * If there are extra headers between IPv6 and ICMPv6, strip | | 2000 | * If there are extra headers between IPv6 and ICMPv6, strip |
1984 | * off that header first. | | 2001 | * off that header first. |
1985 | */ | | 2002 | */ |
1986 | #ifdef DIAGNOSTIC | | 2003 | #ifdef DIAGNOSTIC |
1987 | if (sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr) > MHLEN) | | 2004 | if (sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr) > MHLEN) |
1988 | panic("assumption failed in icmp6_reflect"); | | 2005 | panic("assumption failed in icmp6_reflect"); |
1989 | #endif | | 2006 | #endif |
1990 | if (off > sizeof(struct ip6_hdr)) { | | 2007 | if (off > sizeof(struct ip6_hdr)) { |
1991 | size_t l; | | 2008 | size_t l; |
1992 | struct ip6_hdr nip6; | | 2009 | struct ip6_hdr nip6; |
1993 | | | 2010 | |
1994 | l = off - sizeof(struct ip6_hdr); | | 2011 | l = off - sizeof(struct ip6_hdr); |
1995 | m_copydata(m, 0, sizeof(nip6), (caddr_t)&nip6); | | 2012 | m_copydata(m, 0, sizeof(nip6), (caddr_t)&nip6); |
1996 | m_adj(m, l); | | 2013 | m_adj(m, l); |
1997 | l = sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr); | | 2014 | l = sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr); |
1998 | if (m->m_len < l) { | | 2015 | if (m->m_len < l) { |
1999 | if ((m = m_pullup(m, l)) == NULL) | | 2016 | if ((m = m_pullup(m, l)) == NULL) |
2000 | return; | | 2017 | return; |
2001 | } | | 2018 | } |
2002 | bcopy((caddr_t)&nip6, mtod(m, caddr_t), sizeof(nip6)); | | 2019 | bcopy((caddr_t)&nip6, mtod(m, caddr_t), sizeof(nip6)); |
2003 | } else /* off == sizeof(struct ip6_hdr) */ { | | 2020 | } else /* off == sizeof(struct ip6_hdr) */ { |
2004 | size_t l; | | 2021 | size_t l; |
2005 | l = sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr); | | 2022 | l = sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr); |
2006 | if (m->m_len < l) { | | 2023 | if (m->m_len < l) { |
2007 | if ((m = m_pullup(m, l)) == NULL) | | 2024 | if ((m = m_pullup(m, l)) == NULL) |
2008 | return; | | 2025 | return; |
2009 | } | | 2026 | } |
2010 | } | | 2027 | } |
2011 | plen = m->m_pkthdr.len - sizeof(struct ip6_hdr); | | 2028 | plen = m->m_pkthdr.len - sizeof(struct ip6_hdr); |
2012 | ip6 = mtod(m, struct ip6_hdr *); | | 2029 | ip6 = mtod(m, struct ip6_hdr *); |
2013 | ip6->ip6_nxt = IPPROTO_ICMPV6; | | 2030 | ip6->ip6_nxt = IPPROTO_ICMPV6; |
2014 | icmp6 = (struct icmp6_hdr *)(ip6 + 1); | | 2031 | icmp6 = (struct icmp6_hdr *)(ip6 + 1); |
2015 | type = icmp6->icmp6_type; /* keep type for statistics */ | | 2032 | type = icmp6->icmp6_type; /* keep type for statistics */ |
2016 | code = icmp6->icmp6_code; /* ditto. */ | | 2033 | code = icmp6->icmp6_code; /* ditto. */ |
2017 | | | 2034 | |
2018 | origdst = ip6->ip6_dst; | | 2035 | origdst = ip6->ip6_dst; |
2019 | /* | | 2036 | /* |
2020 | * ip6_input() drops a packet if its src is multicast. | | 2037 | * ip6_input() drops a packet if its src is multicast. |
2021 | * So, the src is never multicast. | | 2038 | * So, the src is never multicast. |
2022 | */ | | 2039 | */ |
2023 | ip6->ip6_dst = ip6->ip6_src; | | 2040 | ip6->ip6_dst = ip6->ip6_src; |
2024 | | | 2041 | |
2025 | /* | | 2042 | /* |
2026 | * If the incoming packet was addressed directly to us (i.e. unicast), | | 2043 | * If the incoming packet was addressed directly to us (i.e. unicast), |
2027 | * use dst as the src for the reply. | | 2044 | * use dst as the src for the reply. |
2028 | * The IN6_IFF_NOTREADY case should be VERY rare, but is possible | | 2045 | * The IN6_IFF_NOTREADY case should be VERY rare, but is possible |
2029 | * (for example) when we encounter an error while forwarding procedure | | 2046 | * (for example) when we encounter an error while forwarding procedure |
2030 | * destined to a duplicated address of ours. | | 2047 | * destined to a duplicated address of ours. |
2031 | * Note that ip6_getdstifaddr() may fail if we are in an error handling | | 2048 | * Note that ip6_getdstifaddr() may fail if we are in an error handling |
2032 | * procedure of an outgoing packet of our own, in which case we need | | 2049 | * procedure of an outgoing packet of our own, in which case we need |
2033 | * to search in the ifaddr list. | | 2050 | * to search in the ifaddr list. |
2034 | */ | | 2051 | */ |
2035 | if (!IN6_IS_ADDR_MULTICAST(&origdst)) { | | 2052 | if (!IN6_IS_ADDR_MULTICAST(&origdst)) { |
2036 | if ((ia = ip6_getdstifaddr(m))) { | | 2053 | if ((ia = ip6_getdstifaddr(m))) { |
2037 | if (!(ia->ia6_flags & | | 2054 | if (!(ia->ia6_flags & |
2038 | (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY))) | | 2055 | (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY))) |
2039 | src = &ia->ia_addr.sin6_addr; | | 2056 | src = &ia->ia_addr.sin6_addr; |
2040 | } else { | | 2057 | } else { |
2041 | struct sockaddr_in6 d; | | 2058 | struct sockaddr_in6 d; |
2042 | | | 2059 | |
2043 | bzero(&d, sizeof(d)); | | 2060 | bzero(&d, sizeof(d)); |
2044 | d.sin6_family = AF_INET6; | | 2061 | d.sin6_family = AF_INET6; |
2045 | d.sin6_len = sizeof(d); | | 2062 | d.sin6_len = sizeof(d); |
2046 | d.sin6_addr = origdst; | | 2063 | d.sin6_addr = origdst; |
2047 | ia = (struct in6_ifaddr *) | | 2064 | ia = (struct in6_ifaddr *) |
2048 | ifa_ifwithaddr((struct sockaddr *)&d); | | 2065 | ifa_ifwithaddr((struct sockaddr *)&d); |
2049 | if (ia && | | 2066 | if (ia && |
2050 | !(ia->ia6_flags & | | 2067 | !(ia->ia6_flags & |
2051 | (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY))) { | | 2068 | (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY))) { |
2052 | src = &ia->ia_addr.sin6_addr; | | 2069 | src = &ia->ia_addr.sin6_addr; |
2053 | } | | 2070 | } |
2054 | } | | 2071 | } |
2055 | } | | 2072 | } |
2056 | | | 2073 | |
2057 | if (src == NULL) { | | 2074 | if (src == NULL) { |
2058 | int e; | | 2075 | int e; |
2059 | struct sockaddr_in6 sin6; | | 2076 | struct sockaddr_in6 sin6; |
2060 | struct route_in6 ro; | | 2077 | struct route_in6 ro; |
2061 | | | 2078 | |
2062 | /* | | 2079 | /* |
2063 | * This case matches to multicasts, our anycast, or unicasts | | 2080 | * This case matches to multicasts, our anycast, or unicasts |
2064 | * that we do not own. Select a source address based on the | | 2081 | * that we do not own. Select a source address based on the |
2065 | * source address of the erroneous packet. | | 2082 | * source address of the erroneous packet. |
2066 | */ | | 2083 | */ |
2067 | bzero(&sin6, sizeof(sin6)); | | 2084 | bzero(&sin6, sizeof(sin6)); |
2068 | sin6.sin6_family = AF_INET6; | | 2085 | sin6.sin6_family = AF_INET6; |
2069 | sin6.sin6_len = sizeof(sin6); | | 2086 | sin6.sin6_len = sizeof(sin6); |
2070 | sin6.sin6_addr = ip6->ip6_dst; /* zone ID should be embedded */ | | 2087 | sin6.sin6_addr = ip6->ip6_dst; /* zone ID should be embedded */ |
2071 | | | 2088 | |
2072 | bzero(&ro, sizeof(ro)); | | 2089 | bzero(&ro, sizeof(ro)); |
2073 | src = in6_selectsrc(&sin6, NULL, NULL, &ro, NULL, &outif, &e); | | 2090 | src = in6_selectsrc(&sin6, NULL, NULL, &ro, NULL, &outif, &e); |
2074 | if (ro.ro_rt) { /* XXX: see comments in icmp6_mtudisc_update */ | | 2091 | if (ro.ro_rt) { /* XXX: see comments in icmp6_mtudisc_update */ |
2075 | RTFREE(ro.ro_rt); /* XXX: we could use this */ | | 2092 | RTFREE(ro.ro_rt); /* XXX: we could use this */ |
2076 | } | | 2093 | } |
2077 | if (src == NULL) { | | 2094 | if (src == NULL) { |
2078 | nd6log((LOG_DEBUG, | | 2095 | nd6log((LOG_DEBUG, |
2079 | "icmp6_reflect: source can't be determined: " | | 2096 | "icmp6_reflect: source can't be determined: " |
2080 | "dst=%s, error=%d\n", | | 2097 | "dst=%s, error=%d\n", |
2081 | ip6_sprintf(&sin6.sin6_addr), e)); | | 2098 | ip6_sprintf(&sin6.sin6_addr), e)); |
2082 | goto bad; | | 2099 | goto bad; |
2083 | } | | 2100 | } |
2084 | } | | 2101 | } |
2085 | | | 2102 | |