| @@ -1,1140 +1,1152 @@ | | | @@ -1,1140 +1,1152 @@ |
1 | /* $NetBSD: in6_pcb.c,v 1.109 2009/05/12 22:22:46 elad Exp $ */ | | 1 | /* $NetBSD: in6_pcb.c,v 1.110 2009/05/26 00:17:56 pooka Exp $ */ |
2 | /* $KAME: in6_pcb.c,v 1.84 2001/02/08 18:02:08 itojun Exp $ */ | | 2 | /* $KAME: in6_pcb.c,v 1.84 2001/02/08 18:02:08 itojun Exp $ */ |
3 | | | 3 | |
4 | /* | | 4 | /* |
5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | | 5 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. |
6 | * All rights reserved. | | 6 | * All rights reserved. |
7 | * | | 7 | * |
8 | * Redistribution and use in source and binary forms, with or without | | 8 | * Redistribution and use in source and binary forms, with or without |
9 | * modification, are permitted provided that the following conditions | | 9 | * modification, are permitted provided that the following conditions |
10 | * are met: | | 10 | * are met: |
11 | * 1. Redistributions of source code must retain the above copyright | | 11 | * 1. Redistributions of source code must retain the above copyright |
12 | * notice, this list of conditions and the following disclaimer. | | 12 | * notice, this list of conditions and the following disclaimer. |
13 | * 2. Redistributions in binary form must reproduce the above copyright | | 13 | * 2. Redistributions in binary form must reproduce the above copyright |
14 | * notice, this list of conditions and the following disclaimer in the | | 14 | * notice, this list of conditions and the following disclaimer in the |
15 | * documentation and/or other materials provided with the distribution. | | 15 | * documentation and/or other materials provided with the distribution. |
16 | * 3. Neither the name of the project nor the names of its contributors | | 16 | * 3. Neither the name of the project nor the names of its contributors |
17 | * may be used to endorse or promote products derived from this software | | 17 | * may be used to endorse or promote products derived from this software |
18 | * without specific prior written permission. | | 18 | * without specific prior written permission. |
19 | * | | 19 | * |
20 | * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND | | 20 | * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND |
21 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | | 21 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
22 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | | 22 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
23 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE | | 23 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE |
24 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | | 24 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
25 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | | 25 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
26 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | | 26 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
27 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | | 27 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
28 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | | 28 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
29 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | | 29 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
30 | * SUCH DAMAGE. | | 30 | * SUCH DAMAGE. |
31 | */ | | 31 | */ |
32 | | | 32 | |
33 | /* | | 33 | /* |
34 | * Copyright (c) 1982, 1986, 1991, 1993 | | 34 | * Copyright (c) 1982, 1986, 1991, 1993 |
35 | * The Regents of the University of California. All rights reserved. | | 35 | * The Regents of the University of California. All rights reserved. |
36 | * | | 36 | * |
37 | * Redistribution and use in source and binary forms, with or without | | 37 | * Redistribution and use in source and binary forms, with or without |
38 | * modification, are permitted provided that the following conditions | | 38 | * modification, are permitted provided that the following conditions |
39 | * are met: | | 39 | * are met: |
40 | * 1. Redistributions of source code must retain the above copyright | | 40 | * 1. Redistributions of source code must retain the above copyright |
41 | * notice, this list of conditions and the following disclaimer. | | 41 | * notice, this list of conditions and the following disclaimer. |
42 | * 2. Redistributions in binary form must reproduce the above copyright | | 42 | * 2. Redistributions in binary form must reproduce the above copyright |
43 | * notice, this list of conditions and the following disclaimer in the | | 43 | * notice, this list of conditions and the following disclaimer in the |
44 | * documentation and/or other materials provided with the distribution. | | 44 | * documentation and/or other materials provided with the distribution. |
45 | * 3. Neither the name of the University nor the names of its contributors | | 45 | * 3. Neither the name of the University nor the names of its contributors |
46 | * may be used to endorse or promote products derived from this software | | 46 | * may be used to endorse or promote products derived from this software |
47 | * without specific prior written permission. | | 47 | * without specific prior written permission. |
48 | * | | 48 | * |
49 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND | | 49 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND |
50 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | | 50 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
51 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | | 51 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
52 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | | 52 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE |
53 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | | 53 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
54 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | | 54 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
55 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | | 55 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
56 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | | 56 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
57 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | | 57 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
58 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | | 58 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
59 | * SUCH DAMAGE. | | 59 | * SUCH DAMAGE. |
60 | * | | 60 | * |
61 | * @(#)in_pcb.c 8.2 (Berkeley) 1/4/94 | | 61 | * @(#)in_pcb.c 8.2 (Berkeley) 1/4/94 |
62 | */ | | 62 | */ |
63 | | | 63 | |
64 | #include <sys/cdefs.h> | | 64 | #include <sys/cdefs.h> |
65 | __KERNEL_RCSID(0, "$NetBSD: in6_pcb.c,v 1.109 2009/05/12 22:22:46 elad Exp $"); | | 65 | __KERNEL_RCSID(0, "$NetBSD: in6_pcb.c,v 1.110 2009/05/26 00:17:56 pooka Exp $"); |
66 | | | 66 | |
67 | #include "opt_inet.h" | | 67 | #include "opt_inet.h" |
68 | #include "opt_ipsec.h" | | 68 | #include "opt_ipsec.h" |
69 | | | 69 | |
70 | #include <sys/param.h> | | 70 | #include <sys/param.h> |
71 | #include <sys/systm.h> | | 71 | #include <sys/systm.h> |
72 | #include <sys/malloc.h> | | 72 | #include <sys/malloc.h> |
73 | #include <sys/mbuf.h> | | 73 | #include <sys/mbuf.h> |
74 | #include <sys/protosw.h> | | 74 | #include <sys/protosw.h> |
75 | #include <sys/socket.h> | | 75 | #include <sys/socket.h> |
76 | #include <sys/socketvar.h> | | 76 | #include <sys/socketvar.h> |
77 | #include <sys/ioctl.h> | | 77 | #include <sys/ioctl.h> |
78 | #include <sys/errno.h> | | 78 | #include <sys/errno.h> |
79 | #include <sys/time.h> | | 79 | #include <sys/time.h> |
80 | #include <sys/proc.h> | | 80 | #include <sys/proc.h> |
81 | #include <sys/kauth.h> | | 81 | #include <sys/kauth.h> |
82 | #include <sys/domain.h> | | 82 | #include <sys/domain.h> |
| | | 83 | #include <sys/once.h> |
83 | | | 84 | |
84 | #include <net/if.h> | | 85 | #include <net/if.h> |
85 | #include <net/route.h> | | 86 | #include <net/route.h> |
86 | | | 87 | |
87 | #include <netinet/in.h> | | 88 | #include <netinet/in.h> |
88 | #include <netinet/in_var.h> | | 89 | #include <netinet/in_var.h> |
89 | #include <netinet/in_systm.h> | | 90 | #include <netinet/in_systm.h> |
90 | #include <netinet/ip.h> | | 91 | #include <netinet/ip.h> |
91 | #include <netinet/in_pcb.h> | | 92 | #include <netinet/in_pcb.h> |
92 | #include <netinet/ip6.h> | | 93 | #include <netinet/ip6.h> |
93 | #include <netinet6/ip6_var.h> | | 94 | #include <netinet6/ip6_var.h> |
94 | #include <netinet6/in6_pcb.h> | | 95 | #include <netinet6/in6_pcb.h> |
95 | #include <netinet6/scope6_var.h> | | 96 | #include <netinet6/scope6_var.h> |
96 | #include <netinet6/nd6.h> | | 97 | #include <netinet6/nd6.h> |
97 | | | 98 | |
98 | #include "faith.h" | | 99 | #include "faith.h" |
99 | | | 100 | |
100 | #ifdef IPSEC | | 101 | #ifdef IPSEC |
101 | #include <netinet6/ipsec.h> | | 102 | #include <netinet6/ipsec.h> |
102 | #include <netkey/key.h> | | 103 | #include <netkey/key.h> |
103 | #endif /* IPSEC */ | | 104 | #endif /* IPSEC */ |
104 | | | 105 | |
105 | #ifdef FAST_IPSEC | | 106 | #ifdef FAST_IPSEC |
106 | #include <netipsec/ipsec.h> | | 107 | #include <netipsec/ipsec.h> |
107 | #include <netipsec/ipsec6.h> | | 108 | #include <netipsec/ipsec6.h> |
108 | #include <netipsec/key.h> | | 109 | #include <netipsec/key.h> |
109 | #endif /* FAST_IPSEC */ | | 110 | #endif /* FAST_IPSEC */ |
110 | | | 111 | |
111 | const struct in6_addr zeroin6_addr; | | 112 | const struct in6_addr zeroin6_addr; |
112 | | | 113 | |
113 | #define IN6PCBHASH_PORT(table, lport) \ | | 114 | #define IN6PCBHASH_PORT(table, lport) \ |
114 | &(table)->inpt_porthashtbl[ntohs(lport) & (table)->inpt_porthash] | | 115 | &(table)->inpt_porthashtbl[ntohs(lport) & (table)->inpt_porthash] |
115 | #define IN6PCBHASH_BIND(table, laddr, lport) \ | | 116 | #define IN6PCBHASH_BIND(table, laddr, lport) \ |
116 | &(table)->inpt_bindhashtbl[ \ | | 117 | &(table)->inpt_bindhashtbl[ \ |
117 | (((laddr)->s6_addr32[0] ^ (laddr)->s6_addr32[1] ^ \ | | 118 | (((laddr)->s6_addr32[0] ^ (laddr)->s6_addr32[1] ^ \ |
118 | (laddr)->s6_addr32[2] ^ (laddr)->s6_addr32[3]) + ntohs(lport)) & \ | | 119 | (laddr)->s6_addr32[2] ^ (laddr)->s6_addr32[3]) + ntohs(lport)) & \ |
119 | (table)->inpt_bindhash] | | 120 | (table)->inpt_bindhash] |
120 | #define IN6PCBHASH_CONNECT(table, faddr, fport, laddr, lport) \ | | 121 | #define IN6PCBHASH_CONNECT(table, faddr, fport, laddr, lport) \ |
121 | &(table)->inpt_bindhashtbl[ \ | | 122 | &(table)->inpt_bindhashtbl[ \ |
122 | ((((faddr)->s6_addr32[0] ^ (faddr)->s6_addr32[1] ^ \ | | 123 | ((((faddr)->s6_addr32[0] ^ (faddr)->s6_addr32[1] ^ \ |
123 | (faddr)->s6_addr32[2] ^ (faddr)->s6_addr32[3]) + ntohs(fport)) + \ | | 124 | (faddr)->s6_addr32[2] ^ (faddr)->s6_addr32[3]) + ntohs(fport)) + \ |
124 | (((laddr)->s6_addr32[0] ^ (laddr)->s6_addr32[1] ^ \ | | 125 | (((laddr)->s6_addr32[0] ^ (laddr)->s6_addr32[1] ^ \ |
125 | (laddr)->s6_addr32[2] ^ (laddr)->s6_addr32[3]) + \ | | 126 | (laddr)->s6_addr32[2] ^ (laddr)->s6_addr32[3]) + \ |
126 | ntohs(lport))) & (table)->inpt_bindhash] | | 127 | ntohs(lport))) & (table)->inpt_bindhash] |
127 | | | 128 | |
128 | int ip6_anonportmin = IPV6PORT_ANONMIN; | | 129 | int ip6_anonportmin = IPV6PORT_ANONMIN; |
129 | int ip6_anonportmax = IPV6PORT_ANONMAX; | | 130 | int ip6_anonportmax = IPV6PORT_ANONMAX; |
130 | int ip6_lowportmin = IPV6PORT_RESERVEDMIN; | | 131 | int ip6_lowportmin = IPV6PORT_RESERVEDMIN; |
131 | int ip6_lowportmax = IPV6PORT_RESERVEDMAX; | | 132 | int ip6_lowportmax = IPV6PORT_RESERVEDMAX; |
132 | | | 133 | |
133 | POOL_INIT(in6pcb_pool, sizeof(struct in6pcb), 0, 0, 0, "in6pcbpl", NULL, | | 134 | static struct pool in6pcb_pool; |
134 | IPL_SOFTNET); | | 135 | |
| | | 136 | static int |
| | | 137 | in6pcb_poolinit(void) |
| | | 138 | { |
| | | 139 | |
| | | 140 | pool_init(&in6pcb_pool, sizeof(struct in6pcb), 0, 0, 0, "in6pcbpl", |
| | | 141 | NULL, IPL_SOFTNET); |
| | | 142 | return 0; |
| | | 143 | } |
135 | | | 144 | |
136 | void | | 145 | void |
137 | in6_pcbinit(struct inpcbtable *table, int bindhashsize, int connecthashsize) | | 146 | in6_pcbinit(struct inpcbtable *table, int bindhashsize, int connecthashsize) |
138 | { | | 147 | { |
| | | 148 | static ONCE_DECL(control); |
139 | | | 149 | |
140 | in_pcbinit(table, bindhashsize, connecthashsize); | | 150 | in_pcbinit(table, bindhashsize, connecthashsize); |
141 | table->inpt_lastport = (u_int16_t)ip6_anonportmax; | | 151 | table->inpt_lastport = (u_int16_t)ip6_anonportmax; |
| | | 152 | |
| | | 153 | RUN_ONCE(&control, in6pcb_poolinit); |
142 | } | | 154 | } |
143 | | | 155 | |
144 | int | | 156 | int |
145 | in6_pcballoc(struct socket *so, void *v) | | 157 | in6_pcballoc(struct socket *so, void *v) |
146 | { | | 158 | { |
147 | struct inpcbtable *table = v; | | 159 | struct inpcbtable *table = v; |
148 | struct in6pcb *in6p; | | 160 | struct in6pcb *in6p; |
149 | int s; | | 161 | int s; |
150 | #if defined(IPSEC) || defined(FAST_IPSEC) | | 162 | #if defined(IPSEC) || defined(FAST_IPSEC) |
151 | int error; | | 163 | int error; |
152 | #endif | | 164 | #endif |
153 | | | 165 | |
154 | s = splnet(); | | 166 | s = splnet(); |
155 | in6p = pool_get(&in6pcb_pool, PR_NOWAIT); | | 167 | in6p = pool_get(&in6pcb_pool, PR_NOWAIT); |
156 | splx(s); | | 168 | splx(s); |
157 | if (in6p == NULL) | | 169 | if (in6p == NULL) |
158 | return (ENOBUFS); | | 170 | return (ENOBUFS); |
159 | memset((void *)in6p, 0, sizeof(*in6p)); | | 171 | memset((void *)in6p, 0, sizeof(*in6p)); |
160 | in6p->in6p_af = AF_INET6; | | 172 | in6p->in6p_af = AF_INET6; |
161 | in6p->in6p_table = table; | | 173 | in6p->in6p_table = table; |
162 | in6p->in6p_socket = so; | | 174 | in6p->in6p_socket = so; |
163 | in6p->in6p_hops = -1; /* use kernel default */ | | 175 | in6p->in6p_hops = -1; /* use kernel default */ |
164 | in6p->in6p_icmp6filt = NULL; | | 176 | in6p->in6p_icmp6filt = NULL; |
165 | #if defined(IPSEC) || defined(FAST_IPSEC) | | 177 | #if defined(IPSEC) || defined(FAST_IPSEC) |
166 | error = ipsec_init_pcbpolicy(so, &in6p->in6p_sp); | | 178 | error = ipsec_init_pcbpolicy(so, &in6p->in6p_sp); |
167 | if (error != 0) { | | 179 | if (error != 0) { |
168 | s = splnet(); | | 180 | s = splnet(); |
169 | pool_put(&in6pcb_pool, in6p); | | 181 | pool_put(&in6pcb_pool, in6p); |
170 | splx(s); | | 182 | splx(s); |
171 | return error; | | 183 | return error; |
172 | } | | 184 | } |
173 | #endif /* IPSEC */ | | 185 | #endif /* IPSEC */ |
174 | s = splnet(); | | 186 | s = splnet(); |
175 | CIRCLEQ_INSERT_HEAD(&table->inpt_queue, (struct inpcb_hdr*)in6p, | | 187 | CIRCLEQ_INSERT_HEAD(&table->inpt_queue, (struct inpcb_hdr*)in6p, |
176 | inph_queue); | | 188 | inph_queue); |
177 | LIST_INSERT_HEAD(IN6PCBHASH_PORT(table, in6p->in6p_lport), | | 189 | LIST_INSERT_HEAD(IN6PCBHASH_PORT(table, in6p->in6p_lport), |
178 | &in6p->in6p_head, inph_lhash); | | 190 | &in6p->in6p_head, inph_lhash); |
179 | in6_pcbstate(in6p, IN6P_ATTACHED); | | 191 | in6_pcbstate(in6p, IN6P_ATTACHED); |
180 | splx(s); | | 192 | splx(s); |
181 | if (ip6_v6only) | | 193 | if (ip6_v6only) |
182 | in6p->in6p_flags |= IN6P_IPV6_V6ONLY; | | 194 | in6p->in6p_flags |= IN6P_IPV6_V6ONLY; |
183 | so->so_pcb = (void *)in6p; | | 195 | so->so_pcb = (void *)in6p; |
184 | return (0); | | 196 | return (0); |
185 | } | | 197 | } |
186 | | | 198 | |
187 | /* | | 199 | /* |
188 | * Bind address from sin6 to in6p. | | 200 | * Bind address from sin6 to in6p. |
189 | */ | | 201 | */ |
190 | static int | | 202 | static int |
191 | in6_pcbbind_addr(struct in6pcb *in6p, struct sockaddr_in6 *sin6, struct lwp *l) | | 203 | in6_pcbbind_addr(struct in6pcb *in6p, struct sockaddr_in6 *sin6, struct lwp *l) |
192 | { | | 204 | { |
193 | int error; | | 205 | int error; |
194 | | | 206 | |
195 | /* | | 207 | /* |
196 | * We should check the family, but old programs | | 208 | * We should check the family, but old programs |
197 | * incorrectly fail to intialize it. | | 209 | * incorrectly fail to intialize it. |
198 | */ | | 210 | */ |
199 | if (sin6->sin6_family != AF_INET6) | | 211 | if (sin6->sin6_family != AF_INET6) |
200 | return (EAFNOSUPPORT); | | 212 | return (EAFNOSUPPORT); |
201 | | | 213 | |
202 | #ifndef INET | | 214 | #ifndef INET |
203 | if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) | | 215 | if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) |
204 | return (EADDRNOTAVAIL); | | 216 | return (EADDRNOTAVAIL); |
205 | #endif | | 217 | #endif |
206 | | | 218 | |
207 | if ((error = sa6_embedscope(sin6, ip6_use_defzone)) != 0) | | 219 | if ((error = sa6_embedscope(sin6, ip6_use_defzone)) != 0) |
208 | return (error); | | 220 | return (error); |
209 | | | 221 | |
210 | if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { | | 222 | if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { |
211 | if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) | | 223 | if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) |
212 | return (EINVAL); | | 224 | return (EINVAL); |
213 | if (sin6->sin6_addr.s6_addr32[3]) { | | 225 | if (sin6->sin6_addr.s6_addr32[3]) { |
214 | struct sockaddr_in sin; | | 226 | struct sockaddr_in sin; |
215 | | | 227 | |
216 | memset(&sin, 0, sizeof(sin)); | | 228 | memset(&sin, 0, sizeof(sin)); |
217 | sin.sin_len = sizeof(sin); | | 229 | sin.sin_len = sizeof(sin); |
218 | sin.sin_family = AF_INET; | | 230 | sin.sin_family = AF_INET; |
219 | bcopy(&sin6->sin6_addr.s6_addr32[3], | | 231 | bcopy(&sin6->sin6_addr.s6_addr32[3], |
220 | &sin.sin_addr, sizeof(sin.sin_addr)); | | 232 | &sin.sin_addr, sizeof(sin.sin_addr)); |
221 | if (ifa_ifwithaddr((struct sockaddr *)&sin) == 0) | | 233 | if (ifa_ifwithaddr((struct sockaddr *)&sin) == 0) |
222 | return EADDRNOTAVAIL; | | 234 | return EADDRNOTAVAIL; |
223 | } | | 235 | } |
224 | } else if (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { | | 236 | } else if (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { |
225 | struct ifaddr *ia = NULL; | | 237 | struct ifaddr *ia = NULL; |
226 | | | 238 | |
227 | if ((in6p->in6p_flags & IN6P_FAITH) == 0 && | | 239 | if ((in6p->in6p_flags & IN6P_FAITH) == 0 && |
228 | (ia = ifa_ifwithaddr((struct sockaddr *)sin6)) == 0) | | 240 | (ia = ifa_ifwithaddr((struct sockaddr *)sin6)) == 0) |
229 | return (EADDRNOTAVAIL); | | 241 | return (EADDRNOTAVAIL); |
230 | | | 242 | |
231 | /* | | 243 | /* |
232 | * bind to an anycast address might accidentally | | 244 | * bind to an anycast address might accidentally |
233 | * cause sending a packet with an anycast source | | 245 | * cause sending a packet with an anycast source |
234 | * address, so we forbid it. | | 246 | * address, so we forbid it. |
235 | * | | 247 | * |
236 | * We should allow to bind to a deprecated address, | | 248 | * We should allow to bind to a deprecated address, |
237 | * since the application dare to use it. | | 249 | * since the application dare to use it. |
238 | * But, can we assume that they are careful enough | | 250 | * But, can we assume that they are careful enough |
239 | * to check if the address is deprecated or not? | | 251 | * to check if the address is deprecated or not? |
240 | * Maybe, as a safeguard, we should have a setsockopt | | 252 | * Maybe, as a safeguard, we should have a setsockopt |
241 | * flag to control the bind(2) behavior against | | 253 | * flag to control the bind(2) behavior against |
242 | * deprecated addresses (default: forbid bind(2)). | | 254 | * deprecated addresses (default: forbid bind(2)). |
243 | */ | | 255 | */ |
244 | if (ia && | | 256 | if (ia && |
245 | ((struct in6_ifaddr *)ia)->ia6_flags & | | 257 | ((struct in6_ifaddr *)ia)->ia6_flags & |
246 | (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY|IN6_IFF_DETACHED)) | | 258 | (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY|IN6_IFF_DETACHED)) |
247 | return (EADDRNOTAVAIL); | | 259 | return (EADDRNOTAVAIL); |
248 | } | | 260 | } |
249 | | | 261 | |
250 | | | 262 | |
251 | in6p->in6p_laddr = sin6->sin6_addr; | | 263 | in6p->in6p_laddr = sin6->sin6_addr; |
252 | | | 264 | |
253 | | | 265 | |
254 | return (0); | | 266 | return (0); |
255 | } | | 267 | } |
256 | | | 268 | |
257 | /* | | 269 | /* |
258 | * Bind port from sin6 to in6p. | | 270 | * Bind port from sin6 to in6p. |
259 | */ | | 271 | */ |
260 | static int | | 272 | static int |
261 | in6_pcbbind_port(struct in6pcb *in6p, struct sockaddr_in6 *sin6, struct lwp *l) | | 273 | in6_pcbbind_port(struct in6pcb *in6p, struct sockaddr_in6 *sin6, struct lwp *l) |
262 | { | | 274 | { |
263 | struct inpcbtable *table = in6p->in6p_table; | | 275 | struct inpcbtable *table = in6p->in6p_table; |
264 | struct socket *so = in6p->in6p_socket; | | 276 | struct socket *so = in6p->in6p_socket; |
265 | int wild = 0, reuseport = (so->so_options & SO_REUSEPORT); | | 277 | int wild = 0, reuseport = (so->so_options & SO_REUSEPORT); |
266 | int error; | | 278 | int error; |
267 | | | 279 | |
268 | if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0 && | | 280 | if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0 && |
269 | ((so->so_proto->pr_flags & PR_CONNREQUIRED) == 0 || | | 281 | ((so->so_proto->pr_flags & PR_CONNREQUIRED) == 0 || |
270 | (so->so_options & SO_ACCEPTCONN) == 0)) | | 282 | (so->so_options & SO_ACCEPTCONN) == 0)) |
271 | wild = 1; | | 283 | wild = 1; |
272 | | | 284 | |
273 | if (sin6->sin6_port != 0) { | | 285 | if (sin6->sin6_port != 0) { |
274 | enum kauth_network_req req; | | 286 | enum kauth_network_req req; |
275 | | | 287 | |
276 | #ifndef IPNOPRIVPORTS | | 288 | #ifndef IPNOPRIVPORTS |
277 | if (ntohs(sin6->sin6_port) < IPV6PORT_RESERVED) | | 289 | if (ntohs(sin6->sin6_port) < IPV6PORT_RESERVED) |
278 | req = KAUTH_REQ_NETWORK_BIND_PRIVPORT; | | 290 | req = KAUTH_REQ_NETWORK_BIND_PRIVPORT; |
279 | else | | 291 | else |
280 | #endif /* IPNOPRIVPORTS */ | | 292 | #endif /* IPNOPRIVPORTS */ |
281 | req = KAUTH_REQ_NETWORK_BIND_PORT; | | 293 | req = KAUTH_REQ_NETWORK_BIND_PORT; |
282 | | | 294 | |
283 | error = kauth_authorize_network(l->l_cred, KAUTH_NETWORK_BIND, | | 295 | error = kauth_authorize_network(l->l_cred, KAUTH_NETWORK_BIND, |
284 | req, so, sin6, NULL); | | 296 | req, so, sin6, NULL); |
285 | if (error) | | 297 | if (error) |
286 | return (EACCES); | | 298 | return (EACCES); |
287 | } | | 299 | } |
288 | | | 300 | |
289 | if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) { | | 301 | if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) { |
290 | /* | | 302 | /* |
291 | * Treat SO_REUSEADDR as SO_REUSEPORT for multicast; | | 303 | * Treat SO_REUSEADDR as SO_REUSEPORT for multicast; |
292 | * allow compepte duplication of binding if | | 304 | * allow compepte duplication of binding if |
293 | * SO_REUSEPORT is set, or if SO_REUSEADDR is set | | 305 | * SO_REUSEPORT is set, or if SO_REUSEADDR is set |
294 | * and a multicast address is bound on both | | 306 | * and a multicast address is bound on both |
295 | * new and duplicated sockets. | | 307 | * new and duplicated sockets. |
296 | */ | | 308 | */ |
297 | if (so->so_options & SO_REUSEADDR) | | 309 | if (so->so_options & SO_REUSEADDR) |
298 | reuseport = SO_REUSEADDR|SO_REUSEPORT; | | 310 | reuseport = SO_REUSEADDR|SO_REUSEPORT; |
299 | } | | 311 | } |
300 | | | 312 | |
301 | if (sin6->sin6_port != 0) { | | 313 | if (sin6->sin6_port != 0) { |
302 | if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { | | 314 | if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { |
303 | #ifdef INET | | 315 | #ifdef INET |
304 | struct inpcb *t; | | 316 | struct inpcb *t; |
305 | | | 317 | |
306 | t = in_pcblookup_port(table, | | 318 | t = in_pcblookup_port(table, |
307 | *(struct in_addr *)&sin6->sin6_addr.s6_addr32[3], | | 319 | *(struct in_addr *)&sin6->sin6_addr.s6_addr32[3], |
308 | sin6->sin6_port, wild); | | 320 | sin6->sin6_port, wild); |
309 | if (t && (reuseport & t->inp_socket->so_options) == 0) | | 321 | if (t && (reuseport & t->inp_socket->so_options) == 0) |
310 | return (EADDRINUSE); | | 322 | return (EADDRINUSE); |
311 | #else | | 323 | #else |
312 | return (EADDRNOTAVAIL); | | 324 | return (EADDRNOTAVAIL); |
313 | #endif | | 325 | #endif |
314 | } | | 326 | } |
315 | | | 327 | |
316 | { | | 328 | { |
317 | struct in6pcb *t; | | 329 | struct in6pcb *t; |
318 | | | 330 | |
319 | t = in6_pcblookup_port(table, &sin6->sin6_addr, | | 331 | t = in6_pcblookup_port(table, &sin6->sin6_addr, |
320 | sin6->sin6_port, wild); | | 332 | sin6->sin6_port, wild); |
321 | if (t && (reuseport & t->in6p_socket->so_options) == 0) | | 333 | if (t && (reuseport & t->in6p_socket->so_options) == 0) |
322 | return (EADDRINUSE); | | 334 | return (EADDRINUSE); |
323 | } | | 335 | } |
324 | } | | 336 | } |
325 | | | 337 | |
326 | if (sin6->sin6_port == 0) { | | 338 | if (sin6->sin6_port == 0) { |
327 | int e; | | 339 | int e; |
328 | e = in6_pcbsetport(sin6, in6p, l); | | 340 | e = in6_pcbsetport(sin6, in6p, l); |
329 | if (e != 0) | | 341 | if (e != 0) |
330 | return (e); | | 342 | return (e); |
331 | } else { | | 343 | } else { |
332 | in6p->in6p_lport = sin6->sin6_port; | | 344 | in6p->in6p_lport = sin6->sin6_port; |
333 | in6_pcbstate(in6p, IN6P_BOUND); | | 345 | in6_pcbstate(in6p, IN6P_BOUND); |
334 | } | | 346 | } |
335 | | | 347 | |
336 | LIST_REMOVE(&in6p->in6p_head, inph_lhash); | | 348 | LIST_REMOVE(&in6p->in6p_head, inph_lhash); |
337 | LIST_INSERT_HEAD(IN6PCBHASH_PORT(table, in6p->in6p_lport), | | 349 | LIST_INSERT_HEAD(IN6PCBHASH_PORT(table, in6p->in6p_lport), |
338 | &in6p->in6p_head, inph_lhash); | | 350 | &in6p->in6p_head, inph_lhash); |
339 | | | 351 | |
340 | return (0); | | 352 | return (0); |
341 | } | | 353 | } |
342 | | | 354 | |
343 | int | | 355 | int |
344 | in6_pcbbind(void *v, struct mbuf *nam, struct lwp *l) | | 356 | in6_pcbbind(void *v, struct mbuf *nam, struct lwp *l) |
345 | { | | 357 | { |
346 | struct in6pcb *in6p = v; | | 358 | struct in6pcb *in6p = v; |
347 | struct sockaddr_in6 lsin6; | | 359 | struct sockaddr_in6 lsin6; |
348 | struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)NULL; | | 360 | struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)NULL; |
349 | int error; | | 361 | int error; |
350 | | | 362 | |
351 | if (in6p->in6p_af != AF_INET6) | | 363 | if (in6p->in6p_af != AF_INET6) |
352 | return (EINVAL); | | 364 | return (EINVAL); |
353 | | | 365 | |
354 | /* | | 366 | /* |
355 | * If we already have a local port or a local address it means we're | | 367 | * If we already have a local port or a local address it means we're |
356 | * bounded. | | 368 | * bounded. |
357 | */ | | 369 | */ |
358 | if (in6p->in6p_lport || !IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr)) | | 370 | if (in6p->in6p_lport || !IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr)) |
359 | return (EINVAL); | | 371 | return (EINVAL); |
360 | | | 372 | |
361 | if (nam != NULL) { | | 373 | if (nam != NULL) { |
362 | /* We were provided a sockaddr_in6 to use. */ | | 374 | /* We were provided a sockaddr_in6 to use. */ |
363 | sin6 = mtod(nam, struct sockaddr_in6 *); | | 375 | sin6 = mtod(nam, struct sockaddr_in6 *); |
364 | if (nam->m_len != sizeof(*sin6)) | | 376 | if (nam->m_len != sizeof(*sin6)) |
365 | return (EINVAL); | | 377 | return (EINVAL); |
366 | } else { | | 378 | } else { |
367 | /* We always bind to *something*, even if it's "anything". */ | | 379 | /* We always bind to *something*, even if it's "anything". */ |
368 | lsin6 = *((const struct sockaddr_in6 *) | | 380 | lsin6 = *((const struct sockaddr_in6 *) |
369 | in6p->in6p_socket->so_proto->pr_domain->dom_sa_any); | | 381 | in6p->in6p_socket->so_proto->pr_domain->dom_sa_any); |
370 | sin6 = &lsin6; | | 382 | sin6 = &lsin6; |
371 | } | | 383 | } |
372 | | | 384 | |
373 | /* Bind address. */ | | 385 | /* Bind address. */ |
374 | error = in6_pcbbind_addr(in6p, sin6, l); | | 386 | error = in6_pcbbind_addr(in6p, sin6, l); |
375 | if (error) | | 387 | if (error) |
376 | return (error); | | 388 | return (error); |
377 | | | 389 | |
378 | /* Bind port. */ | | 390 | /* Bind port. */ |
379 | error = in6_pcbbind_port(in6p, sin6, l); | | 391 | error = in6_pcbbind_port(in6p, sin6, l); |
380 | if (error) { | | 392 | if (error) { |
381 | /* | | 393 | /* |
382 | * Reset the address here to "any" so we don't "leak" the | | 394 | * Reset the address here to "any" so we don't "leak" the |
383 | * in6pcb. | | 395 | * in6pcb. |
384 | */ | | 396 | */ |
385 | in6p->in6p_laddr = in6addr_any; | | 397 | in6p->in6p_laddr = in6addr_any; |
386 | | | 398 | |
387 | return (error); | | 399 | return (error); |
388 | } | | 400 | } |
389 | | | 401 | |
390 | | | 402 | |
391 | #if 0 | | 403 | #if 0 |
392 | in6p->in6p_flowinfo = 0; /* XXX */ | | 404 | in6p->in6p_flowinfo = 0; /* XXX */ |
393 | #endif | | 405 | #endif |
394 | return (0); | | 406 | return (0); |
395 | } | | 407 | } |
396 | | | 408 | |
397 | /* | | 409 | /* |
398 | * Connect from a socket to a specified address. | | 410 | * Connect from a socket to a specified address. |
399 | * Both address and port must be specified in argument sin6. | | 411 | * Both address and port must be specified in argument sin6. |
400 | * If don't have a local address for this socket yet, | | 412 | * If don't have a local address for this socket yet, |
401 | * then pick one. | | 413 | * then pick one. |
402 | */ | | 414 | */ |
403 | int | | 415 | int |
404 | in6_pcbconnect(void *v, struct mbuf *nam, struct lwp *l) | | 416 | in6_pcbconnect(void *v, struct mbuf *nam, struct lwp *l) |
405 | { | | 417 | { |
406 | struct rtentry *rt; | | 418 | struct rtentry *rt; |
407 | struct in6pcb *in6p = v; | | 419 | struct in6pcb *in6p = v; |
408 | struct in6_addr *in6a = NULL; | | 420 | struct in6_addr *in6a = NULL; |
409 | struct sockaddr_in6 *sin6 = mtod(nam, struct sockaddr_in6 *); | | 421 | struct sockaddr_in6 *sin6 = mtod(nam, struct sockaddr_in6 *); |
410 | struct ifnet *ifp = NULL; /* outgoing interface */ | | 422 | struct ifnet *ifp = NULL; /* outgoing interface */ |
411 | int error = 0; | | 423 | int error = 0; |
412 | int scope_ambiguous = 0; | | 424 | int scope_ambiguous = 0; |
413 | #ifdef INET | | 425 | #ifdef INET |
414 | struct in6_addr mapped; | | 426 | struct in6_addr mapped; |
415 | #endif | | 427 | #endif |
416 | struct sockaddr_in6 tmp; | | 428 | struct sockaddr_in6 tmp; |
417 | | | 429 | |
418 | (void)&in6a; /* XXX fool gcc */ | | 430 | (void)&in6a; /* XXX fool gcc */ |
419 | | | 431 | |
420 | if (in6p->in6p_af != AF_INET6) | | 432 | if (in6p->in6p_af != AF_INET6) |
421 | return (EINVAL); | | 433 | return (EINVAL); |
422 | | | 434 | |
423 | if (nam->m_len != sizeof(*sin6)) | | 435 | if (nam->m_len != sizeof(*sin6)) |
424 | return (EINVAL); | | 436 | return (EINVAL); |
425 | if (sin6->sin6_family != AF_INET6) | | 437 | if (sin6->sin6_family != AF_INET6) |
426 | return (EAFNOSUPPORT); | | 438 | return (EAFNOSUPPORT); |
427 | if (sin6->sin6_port == 0) | | 439 | if (sin6->sin6_port == 0) |
428 | return (EADDRNOTAVAIL); | | 440 | return (EADDRNOTAVAIL); |
429 | | | 441 | |
430 | if (sin6->sin6_scope_id == 0 && !ip6_use_defzone) | | 442 | if (sin6->sin6_scope_id == 0 && !ip6_use_defzone) |
431 | scope_ambiguous = 1; | | 443 | scope_ambiguous = 1; |
432 | if ((error = sa6_embedscope(sin6, ip6_use_defzone)) != 0) | | 444 | if ((error = sa6_embedscope(sin6, ip6_use_defzone)) != 0) |
433 | return(error); | | 445 | return(error); |
434 | | | 446 | |
435 | /* sanity check for mapped address case */ | | 447 | /* sanity check for mapped address case */ |
436 | if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { | | 448 | if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { |
437 | if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) | | 449 | if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) |
438 | return EINVAL; | | 450 | return EINVAL; |
439 | if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr)) | | 451 | if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr)) |
440 | in6p->in6p_laddr.s6_addr16[5] = htons(0xffff); | | 452 | in6p->in6p_laddr.s6_addr16[5] = htons(0xffff); |
441 | if (!IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr)) | | 453 | if (!IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr)) |
442 | return EINVAL; | | 454 | return EINVAL; |
443 | } else | | 455 | } else |
444 | { | | 456 | { |
445 | if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr)) | | 457 | if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr)) |
446 | return EINVAL; | | 458 | return EINVAL; |
447 | } | | 459 | } |
448 | | | 460 | |
449 | /* protect *sin6 from overwrites */ | | 461 | /* protect *sin6 from overwrites */ |
450 | tmp = *sin6; | | 462 | tmp = *sin6; |
451 | sin6 = &tmp; | | 463 | sin6 = &tmp; |
452 | | | 464 | |
453 | /* Source address selection. */ | | 465 | /* Source address selection. */ |
454 | if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr) && | | 466 | if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr) && |
455 | in6p->in6p_laddr.s6_addr32[3] == 0) { | | 467 | in6p->in6p_laddr.s6_addr32[3] == 0) { |
456 | #ifdef INET | | 468 | #ifdef INET |
457 | struct sockaddr_in sin, *sinp; | | 469 | struct sockaddr_in sin, *sinp; |
458 | | | 470 | |
459 | memset(&sin, 0, sizeof(sin)); | | 471 | memset(&sin, 0, sizeof(sin)); |
460 | sin.sin_len = sizeof(sin); | | 472 | sin.sin_len = sizeof(sin); |
461 | sin.sin_family = AF_INET; | | 473 | sin.sin_family = AF_INET; |
462 | memcpy(&sin.sin_addr, &sin6->sin6_addr.s6_addr32[3], | | 474 | memcpy(&sin.sin_addr, &sin6->sin6_addr.s6_addr32[3], |
463 | sizeof(sin.sin_addr)); | | 475 | sizeof(sin.sin_addr)); |
464 | sinp = in_selectsrc(&sin, &in6p->in6p_route, | | 476 | sinp = in_selectsrc(&sin, &in6p->in6p_route, |
465 | in6p->in6p_socket->so_options, NULL, &error); | | 477 | in6p->in6p_socket->so_options, NULL, &error); |
466 | if (sinp == 0) { | | 478 | if (sinp == 0) { |
467 | if (error == 0) | | 479 | if (error == 0) |
468 | error = EADDRNOTAVAIL; | | 480 | error = EADDRNOTAVAIL; |
469 | return (error); | | 481 | return (error); |
470 | } | | 482 | } |
471 | memset(&mapped, 0, sizeof(mapped)); | | 483 | memset(&mapped, 0, sizeof(mapped)); |
472 | mapped.s6_addr16[5] = htons(0xffff); | | 484 | mapped.s6_addr16[5] = htons(0xffff); |
473 | memcpy(&mapped.s6_addr32[3], &sinp->sin_addr, sizeof(sinp->sin_addr)); | | 485 | memcpy(&mapped.s6_addr32[3], &sinp->sin_addr, sizeof(sinp->sin_addr)); |
474 | in6a = &mapped; | | 486 | in6a = &mapped; |
475 | #else | | 487 | #else |
476 | return EADDRNOTAVAIL; | | 488 | return EADDRNOTAVAIL; |
477 | #endif | | 489 | #endif |
478 | } else { | | 490 | } else { |
479 | /* | | 491 | /* |
480 | * XXX: in6_selectsrc might replace the bound local address | | 492 | * XXX: in6_selectsrc might replace the bound local address |
481 | * with the address specified by setsockopt(IPV6_PKTINFO). | | 493 | * with the address specified by setsockopt(IPV6_PKTINFO). |
482 | * Is it the intended behavior? | | 494 | * Is it the intended behavior? |
483 | */ | | 495 | */ |
484 | in6a = in6_selectsrc(sin6, in6p->in6p_outputopts, | | 496 | in6a = in6_selectsrc(sin6, in6p->in6p_outputopts, |
485 | in6p->in6p_moptions, | | 497 | in6p->in6p_moptions, |
486 | &in6p->in6p_route, | | 498 | &in6p->in6p_route, |
487 | &in6p->in6p_laddr, &ifp, &error); | | 499 | &in6p->in6p_laddr, &ifp, &error); |
488 | if (ifp && scope_ambiguous && | | 500 | if (ifp && scope_ambiguous && |
489 | (error = in6_setscope(&sin6->sin6_addr, ifp, NULL)) != 0) { | | 501 | (error = in6_setscope(&sin6->sin6_addr, ifp, NULL)) != 0) { |
490 | return(error); | | 502 | return(error); |
491 | } | | 503 | } |
492 | | | 504 | |
493 | if (in6a == 0) { | | 505 | if (in6a == 0) { |
494 | if (error == 0) | | 506 | if (error == 0) |
495 | error = EADDRNOTAVAIL; | | 507 | error = EADDRNOTAVAIL; |
496 | return (error); | | 508 | return (error); |
497 | } | | 509 | } |
498 | } | | 510 | } |
499 | if (ifp == NULL && (rt = rtcache_validate(&in6p->in6p_route)) != NULL) | | 511 | if (ifp == NULL && (rt = rtcache_validate(&in6p->in6p_route)) != NULL) |
500 | ifp = rt->rt_ifp; | | 512 | ifp = rt->rt_ifp; |
501 | | | 513 | |
502 | in6p->in6p_ip6.ip6_hlim = (u_int8_t)in6_selecthlim(in6p, ifp); | | 514 | in6p->in6p_ip6.ip6_hlim = (u_int8_t)in6_selecthlim(in6p, ifp); |
503 | | | 515 | |
504 | if (in6_pcblookup_connect(in6p->in6p_table, &sin6->sin6_addr, | | 516 | if (in6_pcblookup_connect(in6p->in6p_table, &sin6->sin6_addr, |
505 | sin6->sin6_port, | | 517 | sin6->sin6_port, |
506 | IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) ? in6a : &in6p->in6p_laddr, | | 518 | IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) ? in6a : &in6p->in6p_laddr, |
507 | in6p->in6p_lport, 0)) | | 519 | in6p->in6p_lport, 0)) |
508 | return (EADDRINUSE); | | 520 | return (EADDRINUSE); |
509 | if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) || | | 521 | if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) || |
510 | (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr) && | | 522 | (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr) && |
511 | in6p->in6p_laddr.s6_addr32[3] == 0)) | | 523 | in6p->in6p_laddr.s6_addr32[3] == 0)) |
512 | { | | 524 | { |
513 | if (in6p->in6p_lport == 0) { | | 525 | if (in6p->in6p_lport == 0) { |
514 | error = in6_pcbbind(in6p, (struct mbuf *)0, l); | | 526 | error = in6_pcbbind(in6p, (struct mbuf *)0, l); |
515 | if (error != 0) | | 527 | if (error != 0) |
516 | return error; | | 528 | return error; |
517 | } | | 529 | } |
518 | in6p->in6p_laddr = *in6a; | | 530 | in6p->in6p_laddr = *in6a; |
519 | } | | 531 | } |
520 | in6p->in6p_faddr = sin6->sin6_addr; | | 532 | in6p->in6p_faddr = sin6->sin6_addr; |
521 | in6p->in6p_fport = sin6->sin6_port; | | 533 | in6p->in6p_fport = sin6->sin6_port; |
522 | in6_pcbstate(in6p, IN6P_CONNECTED); | | 534 | in6_pcbstate(in6p, IN6P_CONNECTED); |
523 | in6p->in6p_flowinfo &= ~IPV6_FLOWLABEL_MASK; | | 535 | in6p->in6p_flowinfo &= ~IPV6_FLOWLABEL_MASK; |
524 | if (ip6_auto_flowlabel) | | 536 | if (ip6_auto_flowlabel) |
525 | in6p->in6p_flowinfo |= | | 537 | in6p->in6p_flowinfo |= |
526 | (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK); | | 538 | (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK); |
527 | #if defined(IPSEC) || defined(FAST_IPSEC) | | 539 | #if defined(IPSEC) || defined(FAST_IPSEC) |
528 | if (in6p->in6p_socket->so_type == SOCK_STREAM) | | 540 | if (in6p->in6p_socket->so_type == SOCK_STREAM) |
529 | ipsec_pcbconn(in6p->in6p_sp); | | 541 | ipsec_pcbconn(in6p->in6p_sp); |
530 | #endif | | 542 | #endif |
531 | return (0); | | 543 | return (0); |
532 | } | | 544 | } |
533 | | | 545 | |
534 | void | | 546 | void |
535 | in6_pcbdisconnect(struct in6pcb *in6p) | | 547 | in6_pcbdisconnect(struct in6pcb *in6p) |
536 | { | | 548 | { |
537 | memset((void *)&in6p->in6p_faddr, 0, sizeof(in6p->in6p_faddr)); | | 549 | memset((void *)&in6p->in6p_faddr, 0, sizeof(in6p->in6p_faddr)); |
538 | in6p->in6p_fport = 0; | | 550 | in6p->in6p_fport = 0; |
539 | in6_pcbstate(in6p, IN6P_BOUND); | | 551 | in6_pcbstate(in6p, IN6P_BOUND); |
540 | in6p->in6p_flowinfo &= ~IPV6_FLOWLABEL_MASK; | | 552 | in6p->in6p_flowinfo &= ~IPV6_FLOWLABEL_MASK; |
541 | #if defined(IPSEC) || defined(FAST_IPSEC) | | 553 | #if defined(IPSEC) || defined(FAST_IPSEC) |
542 | ipsec_pcbdisconn(in6p->in6p_sp); | | 554 | ipsec_pcbdisconn(in6p->in6p_sp); |
543 | #endif | | 555 | #endif |
544 | if (in6p->in6p_socket->so_state & SS_NOFDREF) | | 556 | if (in6p->in6p_socket->so_state & SS_NOFDREF) |
545 | in6_pcbdetach(in6p); | | 557 | in6_pcbdetach(in6p); |
546 | } | | 558 | } |
547 | | | 559 | |
548 | void | | 560 | void |
549 | in6_pcbdetach(struct in6pcb *in6p) | | 561 | in6_pcbdetach(struct in6pcb *in6p) |
550 | { | | 562 | { |
551 | struct socket *so = in6p->in6p_socket; | | 563 | struct socket *so = in6p->in6p_socket; |
552 | int s; | | 564 | int s; |
553 | | | 565 | |
554 | if (in6p->in6p_af != AF_INET6) | | 566 | if (in6p->in6p_af != AF_INET6) |
555 | return; | | 567 | return; |
556 | | | 568 | |
557 | #if defined(IPSEC) || defined(FAST_IPSEC) | | 569 | #if defined(IPSEC) || defined(FAST_IPSEC) |
558 | ipsec6_delete_pcbpolicy(in6p); | | 570 | ipsec6_delete_pcbpolicy(in6p); |
559 | #endif /* IPSEC */ | | 571 | #endif /* IPSEC */ |
560 | so->so_pcb = 0; | | 572 | so->so_pcb = 0; |
561 | if (in6p->in6p_options) | | 573 | if (in6p->in6p_options) |
562 | m_freem(in6p->in6p_options); | | 574 | m_freem(in6p->in6p_options); |
563 | if (in6p->in6p_outputopts != NULL) { | | 575 | if (in6p->in6p_outputopts != NULL) { |
564 | ip6_clearpktopts(in6p->in6p_outputopts, -1); | | 576 | ip6_clearpktopts(in6p->in6p_outputopts, -1); |
565 | free(in6p->in6p_outputopts, M_IP6OPT); | | 577 | free(in6p->in6p_outputopts, M_IP6OPT); |
566 | } | | 578 | } |
567 | rtcache_free(&in6p->in6p_route); | | 579 | rtcache_free(&in6p->in6p_route); |
568 | ip6_freemoptions(in6p->in6p_moptions); | | 580 | ip6_freemoptions(in6p->in6p_moptions); |
569 | s = splnet(); | | 581 | s = splnet(); |
570 | in6_pcbstate(in6p, IN6P_ATTACHED); | | 582 | in6_pcbstate(in6p, IN6P_ATTACHED); |
571 | LIST_REMOVE(&in6p->in6p_head, inph_lhash); | | 583 | LIST_REMOVE(&in6p->in6p_head, inph_lhash); |
572 | CIRCLEQ_REMOVE(&in6p->in6p_table->inpt_queue, &in6p->in6p_head, | | 584 | CIRCLEQ_REMOVE(&in6p->in6p_table->inpt_queue, &in6p->in6p_head, |
573 | inph_queue); | | 585 | inph_queue); |
574 | pool_put(&in6pcb_pool, in6p); | | 586 | pool_put(&in6pcb_pool, in6p); |
575 | splx(s); | | 587 | splx(s); |
576 | sofree(so); /* drops the socket's lock */ | | 588 | sofree(so); /* drops the socket's lock */ |
577 | mutex_enter(softnet_lock); /* reacquire it */ | | 589 | mutex_enter(softnet_lock); /* reacquire it */ |
578 | } | | 590 | } |
579 | | | 591 | |
580 | void | | 592 | void |
581 | in6_setsockaddr(struct in6pcb *in6p, struct mbuf *nam) | | 593 | in6_setsockaddr(struct in6pcb *in6p, struct mbuf *nam) |
582 | { | | 594 | { |
583 | struct sockaddr_in6 *sin6; | | 595 | struct sockaddr_in6 *sin6; |
584 | | | 596 | |
585 | if (in6p->in6p_af != AF_INET6) | | 597 | if (in6p->in6p_af != AF_INET6) |
586 | return; | | 598 | return; |
587 | | | 599 | |
588 | nam->m_len = sizeof(*sin6); | | 600 | nam->m_len = sizeof(*sin6); |
589 | sin6 = mtod(nam, struct sockaddr_in6 *); | | 601 | sin6 = mtod(nam, struct sockaddr_in6 *); |
590 | sockaddr_in6_init(sin6, &in6p->in6p_laddr, in6p->in6p_lport, 0, 0); | | 602 | sockaddr_in6_init(sin6, &in6p->in6p_laddr, in6p->in6p_lport, 0, 0); |
591 | (void)sa6_recoverscope(sin6); /* XXX: should catch errors */ | | 603 | (void)sa6_recoverscope(sin6); /* XXX: should catch errors */ |
592 | } | | 604 | } |
593 | | | 605 | |
594 | void | | 606 | void |
595 | in6_setpeeraddr(struct in6pcb *in6p, struct mbuf *nam) | | 607 | in6_setpeeraddr(struct in6pcb *in6p, struct mbuf *nam) |
596 | { | | 608 | { |
597 | struct sockaddr_in6 *sin6; | | 609 | struct sockaddr_in6 *sin6; |
598 | | | 610 | |
599 | if (in6p->in6p_af != AF_INET6) | | 611 | if (in6p->in6p_af != AF_INET6) |
600 | return; | | 612 | return; |
601 | | | 613 | |
602 | nam->m_len = sizeof(*sin6); | | 614 | nam->m_len = sizeof(*sin6); |
603 | sin6 = mtod(nam, struct sockaddr_in6 *); | | 615 | sin6 = mtod(nam, struct sockaddr_in6 *); |
604 | sockaddr_in6_init(sin6, &in6p->in6p_faddr, in6p->in6p_fport, 0, 0); | | 616 | sockaddr_in6_init(sin6, &in6p->in6p_faddr, in6p->in6p_fport, 0, 0); |
605 | (void)sa6_recoverscope(sin6); /* XXX: should catch errors */ | | 617 | (void)sa6_recoverscope(sin6); /* XXX: should catch errors */ |
606 | } | | 618 | } |
607 | | | 619 | |
608 | /* | | 620 | /* |
609 | * Pass some notification to all connections of a protocol | | 621 | * Pass some notification to all connections of a protocol |
610 | * associated with address dst. The local address and/or port numbers | | 622 | * associated with address dst. The local address and/or port numbers |
611 | * may be specified to limit the search. The "usual action" will be | | 623 | * may be specified to limit the search. The "usual action" will be |
612 | * taken, depending on the ctlinput cmd. The caller must filter any | | 624 | * taken, depending on the ctlinput cmd. The caller must filter any |
613 | * cmds that are uninteresting (e.g., no error in the map). | | 625 | * cmds that are uninteresting (e.g., no error in the map). |
614 | * Call the protocol specific routine (if any) to report | | 626 | * Call the protocol specific routine (if any) to report |
615 | * any errors for each matching socket. | | 627 | * any errors for each matching socket. |
616 | * | | 628 | * |
617 | * Must be called at splsoftnet. | | 629 | * Must be called at splsoftnet. |
618 | * | | 630 | * |
619 | * Note: src (4th arg) carries the flowlabel value on the original IPv6 | | 631 | * Note: src (4th arg) carries the flowlabel value on the original IPv6 |
620 | * header, in sin6_flowinfo member. | | 632 | * header, in sin6_flowinfo member. |
621 | */ | | 633 | */ |
622 | int | | 634 | int |
623 | in6_pcbnotify(struct inpcbtable *table, const struct sockaddr *dst, | | 635 | in6_pcbnotify(struct inpcbtable *table, const struct sockaddr *dst, |
624 | u_int fport_arg, const struct sockaddr *src, u_int lport_arg, int cmd, | | 636 | u_int fport_arg, const struct sockaddr *src, u_int lport_arg, int cmd, |
625 | void *cmdarg, void (*notify)(struct in6pcb *, int)) | | 637 | void *cmdarg, void (*notify)(struct in6pcb *, int)) |
626 | { | | 638 | { |
627 | struct rtentry *rt; | | 639 | struct rtentry *rt; |
628 | struct in6pcb *in6p, *nin6p; | | 640 | struct in6pcb *in6p, *nin6p; |
629 | struct sockaddr_in6 sa6_src; | | 641 | struct sockaddr_in6 sa6_src; |
630 | const struct sockaddr_in6 *sa6_dst; | | 642 | const struct sockaddr_in6 *sa6_dst; |
631 | u_int16_t fport = fport_arg, lport = lport_arg; | | 643 | u_int16_t fport = fport_arg, lport = lport_arg; |
632 | int errno; | | 644 | int errno; |
633 | int nmatch = 0; | | 645 | int nmatch = 0; |
634 | u_int32_t flowinfo; | | 646 | u_int32_t flowinfo; |
635 | | | 647 | |
636 | if ((unsigned)cmd >= PRC_NCMDS || dst->sa_family != AF_INET6) | | 648 | if ((unsigned)cmd >= PRC_NCMDS || dst->sa_family != AF_INET6) |
637 | return 0; | | 649 | return 0; |
638 | | | 650 | |
639 | sa6_dst = (const struct sockaddr_in6 *)dst; | | 651 | sa6_dst = (const struct sockaddr_in6 *)dst; |
640 | if (IN6_IS_ADDR_UNSPECIFIED(&sa6_dst->sin6_addr)) | | 652 | if (IN6_IS_ADDR_UNSPECIFIED(&sa6_dst->sin6_addr)) |
641 | return 0; | | 653 | return 0; |
642 | | | 654 | |
643 | /* | | 655 | /* |
644 | * note that src can be NULL when we get notify by local fragmentation. | | 656 | * note that src can be NULL when we get notify by local fragmentation. |
645 | */ | | 657 | */ |
646 | sa6_src = (src == NULL) ? sa6_any : *(const struct sockaddr_in6 *)src; | | 658 | sa6_src = (src == NULL) ? sa6_any : *(const struct sockaddr_in6 *)src; |
647 | flowinfo = sa6_src.sin6_flowinfo; | | 659 | flowinfo = sa6_src.sin6_flowinfo; |
648 | | | 660 | |
649 | /* | | 661 | /* |
650 | * Redirects go to all references to the destination, | | 662 | * Redirects go to all references to the destination, |
651 | * and use in6_rtchange to invalidate the route cache. | | 663 | * and use in6_rtchange to invalidate the route cache. |
652 | * Dead host indications: also use in6_rtchange to invalidate | | 664 | * Dead host indications: also use in6_rtchange to invalidate |
653 | * the cache, and deliver the error to all the sockets. | | 665 | * the cache, and deliver the error to all the sockets. |
654 | * Otherwise, if we have knowledge of the local port and address, | | 666 | * Otherwise, if we have knowledge of the local port and address, |
655 | * deliver only to that socket. | | 667 | * deliver only to that socket. |
656 | */ | | 668 | */ |
657 | if (PRC_IS_REDIRECT(cmd) || cmd == PRC_HOSTDEAD) { | | 669 | if (PRC_IS_REDIRECT(cmd) || cmd == PRC_HOSTDEAD) { |
658 | fport = 0; | | 670 | fport = 0; |
659 | lport = 0; | | 671 | lport = 0; |
660 | memset((void *)&sa6_src.sin6_addr, 0, sizeof(sa6_src.sin6_addr)); | | 672 | memset((void *)&sa6_src.sin6_addr, 0, sizeof(sa6_src.sin6_addr)); |
661 | | | 673 | |
662 | if (cmd != PRC_HOSTDEAD) | | 674 | if (cmd != PRC_HOSTDEAD) |
663 | notify = in6_rtchange; | | 675 | notify = in6_rtchange; |
664 | } | | 676 | } |
665 | | | 677 | |
666 | errno = inet6ctlerrmap[cmd]; | | 678 | errno = inet6ctlerrmap[cmd]; |
667 | for (in6p = (struct in6pcb *)CIRCLEQ_FIRST(&table->inpt_queue); | | 679 | for (in6p = (struct in6pcb *)CIRCLEQ_FIRST(&table->inpt_queue); |
668 | in6p != (void *)&table->inpt_queue; | | 680 | in6p != (void *)&table->inpt_queue; |
669 | in6p = nin6p) { | | 681 | in6p = nin6p) { |
670 | nin6p = (struct in6pcb *)CIRCLEQ_NEXT(in6p, in6p_queue); | | 682 | nin6p = (struct in6pcb *)CIRCLEQ_NEXT(in6p, in6p_queue); |
671 | | | 683 | |
672 | if (in6p->in6p_af != AF_INET6) | | 684 | if (in6p->in6p_af != AF_INET6) |
673 | continue; | | 685 | continue; |
674 | | | 686 | |
675 | /* | | 687 | /* |
676 | * Under the following condition, notify of redirects | | 688 | * Under the following condition, notify of redirects |
677 | * to the pcb, without making address matches against inpcb. | | 689 | * to the pcb, without making address matches against inpcb. |
678 | * - redirect notification is arrived. | | 690 | * - redirect notification is arrived. |
679 | * - the inpcb is unconnected. | | 691 | * - the inpcb is unconnected. |
680 | * - the inpcb is caching !RTF_HOST routing entry. | | 692 | * - the inpcb is caching !RTF_HOST routing entry. |
681 | * - the ICMPv6 notification is from the gateway cached in the | | 693 | * - the ICMPv6 notification is from the gateway cached in the |
682 | * inpcb. i.e. ICMPv6 notification is from nexthop gateway | | 694 | * inpcb. i.e. ICMPv6 notification is from nexthop gateway |
683 | * the inpcb used very recently. | | 695 | * the inpcb used very recently. |
684 | * | | 696 | * |
685 | * This is to improve interaction between netbsd/openbsd | | 697 | * This is to improve interaction between netbsd/openbsd |
686 | * redirect handling code, and inpcb route cache code. | | 698 | * redirect handling code, and inpcb route cache code. |
687 | * without the clause, !RTF_HOST routing entry (which carries | | 699 | * without the clause, !RTF_HOST routing entry (which carries |
688 | * gateway used by inpcb right before the ICMPv6 redirect) | | 700 | * gateway used by inpcb right before the ICMPv6 redirect) |
689 | * will be cached forever in unconnected inpcb. | | 701 | * will be cached forever in unconnected inpcb. |
690 | * | | 702 | * |
691 | * There still is a question regarding to what is TRT: | | 703 | * There still is a question regarding to what is TRT: |
692 | * - On bsdi/freebsd, RTF_HOST (cloned) routing entry will be | | 704 | * - On bsdi/freebsd, RTF_HOST (cloned) routing entry will be |
693 | * generated on packet output. inpcb will always cache | | 705 | * generated on packet output. inpcb will always cache |
694 | * RTF_HOST routing entry so there's no need for the clause | | 706 | * RTF_HOST routing entry so there's no need for the clause |
695 | * (ICMPv6 redirect will update RTF_HOST routing entry, | | 707 | * (ICMPv6 redirect will update RTF_HOST routing entry, |
696 | * and inpcb is caching it already). | | 708 | * and inpcb is caching it already). |
697 | * However, bsdi/freebsd are vulnerable to local DoS attacks | | 709 | * However, bsdi/freebsd are vulnerable to local DoS attacks |
698 | * due to the cloned routing entries. | | 710 | * due to the cloned routing entries. |
699 | * - Specwise, "destination cache" is mentioned in RFC2461. | | 711 | * - Specwise, "destination cache" is mentioned in RFC2461. |
700 | * Jinmei says that it implies bsdi/freebsd behavior, itojun | | 712 | * Jinmei says that it implies bsdi/freebsd behavior, itojun |
701 | * is not really convinced. | | 713 | * is not really convinced. |
702 | * - Having hiwat/lowat on # of cloned host route (redirect/ | | 714 | * - Having hiwat/lowat on # of cloned host route (redirect/ |
703 | * pmtud) may be a good idea. netbsd/openbsd has it. see | | 715 | * pmtud) may be a good idea. netbsd/openbsd has it. see |
704 | * icmp6_mtudisc_update(). | | 716 | * icmp6_mtudisc_update(). |
705 | */ | | 717 | */ |
706 | if ((PRC_IS_REDIRECT(cmd) || cmd == PRC_HOSTDEAD) && | | 718 | if ((PRC_IS_REDIRECT(cmd) || cmd == PRC_HOSTDEAD) && |
707 | IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) && | | 719 | IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) && |
708 | (rt = rtcache_validate(&in6p->in6p_route)) != NULL && | | 720 | (rt = rtcache_validate(&in6p->in6p_route)) != NULL && |
709 | !(rt->rt_flags & RTF_HOST)) { | | 721 | !(rt->rt_flags & RTF_HOST)) { |
710 | const struct sockaddr_in6 *dst6; | | 722 | const struct sockaddr_in6 *dst6; |
711 | | | 723 | |
712 | dst6 = (const struct sockaddr_in6 *) | | 724 | dst6 = (const struct sockaddr_in6 *) |
713 | rtcache_getdst(&in6p->in6p_route); | | 725 | rtcache_getdst(&in6p->in6p_route); |
714 | if (dst6 == NULL) | | 726 | if (dst6 == NULL) |
715 | ; | | 727 | ; |
716 | else if (IN6_ARE_ADDR_EQUAL(&dst6->sin6_addr, | | 728 | else if (IN6_ARE_ADDR_EQUAL(&dst6->sin6_addr, |
717 | &sa6_dst->sin6_addr)) | | 729 | &sa6_dst->sin6_addr)) |
718 | goto do_notify; | | 730 | goto do_notify; |
719 | } | | 731 | } |
720 | | | 732 | |
721 | /* | | 733 | /* |
722 | * If the error designates a new path MTU for a destination | | 734 | * If the error designates a new path MTU for a destination |
723 | * and the application (associated with this socket) wanted to | | 735 | * and the application (associated with this socket) wanted to |
724 | * know the value, notify. Note that we notify for all | | 736 | * know the value, notify. Note that we notify for all |
725 | * disconnected sockets if the corresponding application | | 737 | * disconnected sockets if the corresponding application |
726 | * wanted. This is because some UDP applications keep sending | | 738 | * wanted. This is because some UDP applications keep sending |
727 | * sockets disconnected. | | 739 | * sockets disconnected. |
728 | * XXX: should we avoid to notify the value to TCP sockets? | | 740 | * XXX: should we avoid to notify the value to TCP sockets? |
729 | */ | | 741 | */ |
730 | if (cmd == PRC_MSGSIZE && (in6p->in6p_flags & IN6P_MTU) != 0 && | | 742 | if (cmd == PRC_MSGSIZE && (in6p->in6p_flags & IN6P_MTU) != 0 && |
731 | (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr) || | | 743 | (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr) || |
732 | IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, &sa6_dst->sin6_addr))) { | | 744 | IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, &sa6_dst->sin6_addr))) { |
733 | ip6_notify_pmtu(in6p, (const struct sockaddr_in6 *)dst, | | 745 | ip6_notify_pmtu(in6p, (const struct sockaddr_in6 *)dst, |
734 | (u_int32_t *)cmdarg); | | 746 | (u_int32_t *)cmdarg); |
735 | } | | 747 | } |
736 | | | 748 | |
737 | /* | | 749 | /* |
738 | * Detect if we should notify the error. If no source and | | 750 | * Detect if we should notify the error. If no source and |
739 | * destination ports are specified, but non-zero flowinfo and | | 751 | * destination ports are specified, but non-zero flowinfo and |
740 | * local address match, notify the error. This is the case | | 752 | * local address match, notify the error. This is the case |
741 | * when the error is delivered with an encrypted buffer | | 753 | * when the error is delivered with an encrypted buffer |
742 | * by ESP. Otherwise, just compare addresses and ports | | 754 | * by ESP. Otherwise, just compare addresses and ports |
743 | * as usual. | | 755 | * as usual. |
744 | */ | | 756 | */ |
745 | if (lport == 0 && fport == 0 && flowinfo && | | 757 | if (lport == 0 && fport == 0 && flowinfo && |
746 | in6p->in6p_socket != NULL && | | 758 | in6p->in6p_socket != NULL && |
747 | flowinfo == (in6p->in6p_flowinfo & IPV6_FLOWLABEL_MASK) && | | 759 | flowinfo == (in6p->in6p_flowinfo & IPV6_FLOWLABEL_MASK) && |
748 | IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &sa6_src.sin6_addr)) | | 760 | IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &sa6_src.sin6_addr)) |
749 | goto do_notify; | | 761 | goto do_notify; |
750 | else if (!IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, | | 762 | else if (!IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, |
751 | &sa6_dst->sin6_addr) || | | 763 | &sa6_dst->sin6_addr) || |
752 | in6p->in6p_socket == 0 || | | 764 | in6p->in6p_socket == 0 || |
753 | (lport && in6p->in6p_lport != lport) || | | 765 | (lport && in6p->in6p_lport != lport) || |
754 | (!IN6_IS_ADDR_UNSPECIFIED(&sa6_src.sin6_addr) && | | 766 | (!IN6_IS_ADDR_UNSPECIFIED(&sa6_src.sin6_addr) && |
755 | !IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, | | 767 | !IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, |
756 | &sa6_src.sin6_addr)) || | | 768 | &sa6_src.sin6_addr)) || |
757 | (fport && in6p->in6p_fport != fport)) | | 769 | (fport && in6p->in6p_fport != fport)) |
758 | continue; | | 770 | continue; |
759 | | | 771 | |
760 | do_notify: | | 772 | do_notify: |
761 | if (notify) | | 773 | if (notify) |
762 | (*notify)(in6p, errno); | | 774 | (*notify)(in6p, errno); |
763 | nmatch++; | | 775 | nmatch++; |
764 | } | | 776 | } |
765 | return nmatch; | | 777 | return nmatch; |
766 | } | | 778 | } |
767 | | | 779 | |
768 | void | | 780 | void |
769 | in6_pcbpurgeif0(struct inpcbtable *table, struct ifnet *ifp) | | 781 | in6_pcbpurgeif0(struct inpcbtable *table, struct ifnet *ifp) |
770 | { | | 782 | { |
771 | struct in6pcb *in6p, *nin6p; | | 783 | struct in6pcb *in6p, *nin6p; |
772 | struct ip6_moptions *im6o; | | 784 | struct ip6_moptions *im6o; |
773 | struct in6_multi_mship *imm, *nimm; | | 785 | struct in6_multi_mship *imm, *nimm; |
774 | | | 786 | |
775 | for (in6p = (struct in6pcb *)CIRCLEQ_FIRST(&table->inpt_queue); | | 787 | for (in6p = (struct in6pcb *)CIRCLEQ_FIRST(&table->inpt_queue); |
776 | in6p != (void *)&table->inpt_queue; | | 788 | in6p != (void *)&table->inpt_queue; |
777 | in6p = nin6p) { | | 789 | in6p = nin6p) { |
778 | nin6p = (struct in6pcb *)CIRCLEQ_NEXT(in6p, in6p_queue); | | 790 | nin6p = (struct in6pcb *)CIRCLEQ_NEXT(in6p, in6p_queue); |
779 | if (in6p->in6p_af != AF_INET6) | | 791 | if (in6p->in6p_af != AF_INET6) |
780 | continue; | | 792 | continue; |
781 | | | 793 | |
782 | im6o = in6p->in6p_moptions; | | 794 | im6o = in6p->in6p_moptions; |
783 | if (im6o) { | | 795 | if (im6o) { |
784 | /* | | 796 | /* |
785 | * Unselect the outgoing interface if it is being | | 797 | * Unselect the outgoing interface if it is being |
786 | * detached. | | 798 | * detached. |
787 | */ | | 799 | */ |
788 | if (im6o->im6o_multicast_ifp == ifp) | | 800 | if (im6o->im6o_multicast_ifp == ifp) |
789 | im6o->im6o_multicast_ifp = NULL; | | 801 | im6o->im6o_multicast_ifp = NULL; |
790 | | | 802 | |
791 | /* | | 803 | /* |
792 | * Drop multicast group membership if we joined | | 804 | * Drop multicast group membership if we joined |
793 | * through the interface being detached. | | 805 | * through the interface being detached. |
794 | * XXX controversial - is it really legal for kernel | | 806 | * XXX controversial - is it really legal for kernel |
795 | * to force this? | | 807 | * to force this? |
796 | */ | | 808 | */ |
797 | for (imm = im6o->im6o_memberships.lh_first; | | 809 | for (imm = im6o->im6o_memberships.lh_first; |
798 | imm != NULL; imm = nimm) { | | 810 | imm != NULL; imm = nimm) { |
799 | nimm = imm->i6mm_chain.le_next; | | 811 | nimm = imm->i6mm_chain.le_next; |
800 | if (imm->i6mm_maddr->in6m_ifp == ifp) { | | 812 | if (imm->i6mm_maddr->in6m_ifp == ifp) { |
801 | LIST_REMOVE(imm, i6mm_chain); | | 813 | LIST_REMOVE(imm, i6mm_chain); |
802 | in6_leavegroup(imm); | | 814 | in6_leavegroup(imm); |
803 | } | | 815 | } |
804 | } | | 816 | } |
805 | } | | 817 | } |
806 | } | | 818 | } |
807 | } | | 819 | } |
808 | | | 820 | |
809 | void | | 821 | void |
810 | in6_pcbpurgeif(struct inpcbtable *table, struct ifnet *ifp) | | 822 | in6_pcbpurgeif(struct inpcbtable *table, struct ifnet *ifp) |
811 | { | | 823 | { |
812 | struct rtentry *rt; | | 824 | struct rtentry *rt; |
813 | struct in6pcb *in6p, *nin6p; | | 825 | struct in6pcb *in6p, *nin6p; |
814 | | | 826 | |
815 | for (in6p = (struct in6pcb *)CIRCLEQ_FIRST(&table->inpt_queue); | | 827 | for (in6p = (struct in6pcb *)CIRCLEQ_FIRST(&table->inpt_queue); |
816 | in6p != (void *)&table->inpt_queue; | | 828 | in6p != (void *)&table->inpt_queue; |
817 | in6p = nin6p) { | | 829 | in6p = nin6p) { |
818 | nin6p = (struct in6pcb *)CIRCLEQ_NEXT(in6p, in6p_queue); | | 830 | nin6p = (struct in6pcb *)CIRCLEQ_NEXT(in6p, in6p_queue); |
819 | if (in6p->in6p_af != AF_INET6) | | 831 | if (in6p->in6p_af != AF_INET6) |
820 | continue; | | 832 | continue; |
821 | if ((rt = rtcache_validate(&in6p->in6p_route)) != NULL && | | 833 | if ((rt = rtcache_validate(&in6p->in6p_route)) != NULL && |
822 | rt->rt_ifp == ifp) | | 834 | rt->rt_ifp == ifp) |
823 | in6_rtchange(in6p, 0); | | 835 | in6_rtchange(in6p, 0); |
824 | } | | 836 | } |
825 | } | | 837 | } |
826 | | | 838 | |
827 | /* | | 839 | /* |
828 | * Check for alternatives when higher level complains | | 840 | * Check for alternatives when higher level complains |
829 | * about service problems. For now, invalidate cached | | 841 | * about service problems. For now, invalidate cached |
830 | * routing information. If the route was created dynamically | | 842 | * routing information. If the route was created dynamically |
831 | * (by a redirect), time to try a default gateway again. | | 843 | * (by a redirect), time to try a default gateway again. |
832 | */ | | 844 | */ |
833 | void | | 845 | void |
834 | in6_losing(struct in6pcb *in6p) | | 846 | in6_losing(struct in6pcb *in6p) |
835 | { | | 847 | { |
836 | struct rtentry *rt; | | 848 | struct rtentry *rt; |
837 | struct rt_addrinfo info; | | 849 | struct rt_addrinfo info; |
838 | | | 850 | |
839 | if (in6p->in6p_af != AF_INET6) | | 851 | if (in6p->in6p_af != AF_INET6) |
840 | return; | | 852 | return; |
841 | | | 853 | |
842 | if ((rt = rtcache_validate(&in6p->in6p_route)) == NULL) | | 854 | if ((rt = rtcache_validate(&in6p->in6p_route)) == NULL) |
843 | return; | | 855 | return; |
844 | | | 856 | |
845 | memset(&info, 0, sizeof(info)); | | 857 | memset(&info, 0, sizeof(info)); |
846 | info.rti_info[RTAX_DST] = rtcache_getdst(&in6p->in6p_route); | | 858 | info.rti_info[RTAX_DST] = rtcache_getdst(&in6p->in6p_route); |
847 | info.rti_info[RTAX_GATEWAY] = rt->rt_gateway; | | 859 | info.rti_info[RTAX_GATEWAY] = rt->rt_gateway; |
848 | info.rti_info[RTAX_NETMASK] = rt_mask(rt); | | 860 | info.rti_info[RTAX_NETMASK] = rt_mask(rt); |
849 | rt_missmsg(RTM_LOSING, &info, rt->rt_flags, 0); | | 861 | rt_missmsg(RTM_LOSING, &info, rt->rt_flags, 0); |
850 | if (rt->rt_flags & RTF_DYNAMIC) { | | 862 | if (rt->rt_flags & RTF_DYNAMIC) { |
851 | (void)rtrequest(RTM_DELETE, rt_getkey(rt), | | 863 | (void)rtrequest(RTM_DELETE, rt_getkey(rt), |
852 | rt->rt_gateway, rt_mask(rt), rt->rt_flags, NULL); | | 864 | rt->rt_gateway, rt_mask(rt), rt->rt_flags, NULL); |
853 | } | | 865 | } |
854 | /* | | 866 | /* |
855 | * A new route can be allocated | | 867 | * A new route can be allocated |
856 | * the next time output is attempted. | | 868 | * the next time output is attempted. |
857 | */ | | 869 | */ |
858 | rtcache_free(&in6p->in6p_route); | | 870 | rtcache_free(&in6p->in6p_route); |
859 | } | | 871 | } |
860 | | | 872 | |
861 | /* | | 873 | /* |
862 | * After a routing change, flush old routing. A new route can be | | 874 | * After a routing change, flush old routing. A new route can be |
863 | * allocated the next time output is attempted. | | 875 | * allocated the next time output is attempted. |
864 | */ | | 876 | */ |
865 | void | | 877 | void |
866 | in6_rtchange(struct in6pcb *in6p, int errno) | | 878 | in6_rtchange(struct in6pcb *in6p, int errno) |
867 | { | | 879 | { |
868 | if (in6p->in6p_af != AF_INET6) | | 880 | if (in6p->in6p_af != AF_INET6) |
869 | return; | | 881 | return; |
870 | | | 882 | |
871 | rtcache_free(&in6p->in6p_route); | | 883 | rtcache_free(&in6p->in6p_route); |
872 | /* | | 884 | /* |
873 | * A new route can be allocated the next time | | 885 | * A new route can be allocated the next time |
874 | * output is attempted. | | 886 | * output is attempted. |
875 | */ | | 887 | */ |
876 | } | | 888 | } |
877 | | | 889 | |
878 | struct in6pcb * | | 890 | struct in6pcb * |
879 | in6_pcblookup_port(struct inpcbtable *table, struct in6_addr *laddr6, | | 891 | in6_pcblookup_port(struct inpcbtable *table, struct in6_addr *laddr6, |
880 | u_int lport_arg, int lookup_wildcard) | | 892 | u_int lport_arg, int lookup_wildcard) |
881 | { | | 893 | { |
882 | struct inpcbhead *head; | | 894 | struct inpcbhead *head; |
883 | struct inpcb_hdr *inph; | | 895 | struct inpcb_hdr *inph; |
884 | struct in6pcb *in6p, *match = 0; | | 896 | struct in6pcb *in6p, *match = 0; |
885 | int matchwild = 3, wildcard; | | 897 | int matchwild = 3, wildcard; |
886 | u_int16_t lport = lport_arg; | | 898 | u_int16_t lport = lport_arg; |
887 | | | 899 | |
888 | head = IN6PCBHASH_PORT(table, lport); | | 900 | head = IN6PCBHASH_PORT(table, lport); |
889 | LIST_FOREACH(inph, head, inph_lhash) { | | 901 | LIST_FOREACH(inph, head, inph_lhash) { |
890 | in6p = (struct in6pcb *)inph; | | 902 | in6p = (struct in6pcb *)inph; |
891 | if (in6p->in6p_af != AF_INET6) | | 903 | if (in6p->in6p_af != AF_INET6) |
892 | continue; | | 904 | continue; |
893 | | | 905 | |
894 | if (in6p->in6p_lport != lport) | | 906 | if (in6p->in6p_lport != lport) |
895 | continue; | | 907 | continue; |
896 | wildcard = 0; | | 908 | wildcard = 0; |
897 | if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr)) { | | 909 | if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr)) { |
898 | if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) | | 910 | if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) |
899 | continue; | | 911 | continue; |
900 | } | | 912 | } |
901 | if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) | | 913 | if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) |
902 | wildcard++; | | 914 | wildcard++; |
903 | if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr)) { | | 915 | if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr)) { |
904 | if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) | | 916 | if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) |
905 | continue; | | 917 | continue; |
906 | if (!IN6_IS_ADDR_V4MAPPED(laddr6)) | | 918 | if (!IN6_IS_ADDR_V4MAPPED(laddr6)) |
907 | continue; | | 919 | continue; |
908 | | | 920 | |
909 | /* duplicate of IPv4 logic */ | | 921 | /* duplicate of IPv4 logic */ |
910 | wildcard = 0; | | 922 | wildcard = 0; |
911 | if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr) && | | 923 | if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr) && |
912 | in6p->in6p_faddr.s6_addr32[3]) | | 924 | in6p->in6p_faddr.s6_addr32[3]) |
913 | wildcard++; | | 925 | wildcard++; |
914 | if (!in6p->in6p_laddr.s6_addr32[3]) { | | 926 | if (!in6p->in6p_laddr.s6_addr32[3]) { |
915 | if (laddr6->s6_addr32[3]) | | 927 | if (laddr6->s6_addr32[3]) |
916 | wildcard++; | | 928 | wildcard++; |
917 | } else { | | 929 | } else { |
918 | if (!laddr6->s6_addr32[3]) | | 930 | if (!laddr6->s6_addr32[3]) |
919 | wildcard++; | | 931 | wildcard++; |
920 | else { | | 932 | else { |
921 | if (in6p->in6p_laddr.s6_addr32[3] != | | 933 | if (in6p->in6p_laddr.s6_addr32[3] != |
922 | laddr6->s6_addr32[3]) | | 934 | laddr6->s6_addr32[3]) |
923 | continue; | | 935 | continue; |
924 | } | | 936 | } |
925 | } | | 937 | } |
926 | } else if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr)) { | | 938 | } else if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr)) { |
927 | if (IN6_IS_ADDR_V4MAPPED(laddr6)) { | | 939 | if (IN6_IS_ADDR_V4MAPPED(laddr6)) { |
928 | if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) | | 940 | if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) |
929 | continue; | | 941 | continue; |
930 | } | | 942 | } |
931 | if (!IN6_IS_ADDR_UNSPECIFIED(laddr6)) | | 943 | if (!IN6_IS_ADDR_UNSPECIFIED(laddr6)) |
932 | wildcard++; | | 944 | wildcard++; |
933 | } else { | | 945 | } else { |
934 | if (IN6_IS_ADDR_V4MAPPED(laddr6)) { | | 946 | if (IN6_IS_ADDR_V4MAPPED(laddr6)) { |
935 | if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) | | 947 | if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) |
936 | continue; | | 948 | continue; |
937 | } | | 949 | } |
938 | if (IN6_IS_ADDR_UNSPECIFIED(laddr6)) | | 950 | if (IN6_IS_ADDR_UNSPECIFIED(laddr6)) |
939 | wildcard++; | | 951 | wildcard++; |
940 | else { | | 952 | else { |
941 | if (!IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, | | 953 | if (!IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, |
942 | laddr6)) | | 954 | laddr6)) |
943 | continue; | | 955 | continue; |
944 | } | | 956 | } |
945 | } | | 957 | } |
946 | if (wildcard && !lookup_wildcard) | | 958 | if (wildcard && !lookup_wildcard) |
947 | continue; | | 959 | continue; |
948 | if (wildcard < matchwild) { | | 960 | if (wildcard < matchwild) { |
949 | match = in6p; | | 961 | match = in6p; |
950 | matchwild = wildcard; | | 962 | matchwild = wildcard; |
951 | if (matchwild == 0) | | 963 | if (matchwild == 0) |
952 | break; | | 964 | break; |
953 | } | | 965 | } |
954 | } | | 966 | } |
955 | return (match); | | 967 | return (match); |
956 | } | | 968 | } |
957 | #undef continue | | 969 | #undef continue |
958 | | | 970 | |
959 | /* | | 971 | /* |
960 | * WARNING: return value (rtentry) could be IPv4 one if in6pcb is connected to | | 972 | * WARNING: return value (rtentry) could be IPv4 one if in6pcb is connected to |
961 | * IPv4 mapped address. | | 973 | * IPv4 mapped address. |
962 | */ | | 974 | */ |
963 | struct rtentry * | | 975 | struct rtentry * |
964 | in6_pcbrtentry(struct in6pcb *in6p) | | 976 | in6_pcbrtentry(struct in6pcb *in6p) |
965 | { | | 977 | { |
966 | struct rtentry *rt; | | 978 | struct rtentry *rt; |
967 | struct route *ro; | | 979 | struct route *ro; |
968 | union { | | 980 | union { |
969 | const struct sockaddr *sa; | | 981 | const struct sockaddr *sa; |
970 | const struct sockaddr_in6 *sa6; | | 982 | const struct sockaddr_in6 *sa6; |
971 | #ifdef INET | | 983 | #ifdef INET |
972 | const struct sockaddr_in *sa4; | | 984 | const struct sockaddr_in *sa4; |
973 | #endif | | 985 | #endif |
974 | } cdst; | | 986 | } cdst; |
975 | | | 987 | |
976 | ro = &in6p->in6p_route; | | 988 | ro = &in6p->in6p_route; |
977 | | | 989 | |
978 | if (in6p->in6p_af != AF_INET6) | | 990 | if (in6p->in6p_af != AF_INET6) |
979 | return (NULL); | | 991 | return (NULL); |
980 | | | 992 | |
981 | cdst.sa = rtcache_getdst(ro); | | 993 | cdst.sa = rtcache_getdst(ro); |
982 | if (cdst.sa == NULL) | | 994 | if (cdst.sa == NULL) |
983 | ; | | 995 | ; |
984 | #ifdef INET | | 996 | #ifdef INET |
985 | else if (cdst.sa->sa_family == AF_INET) { | | 997 | else if (cdst.sa->sa_family == AF_INET) { |
986 | KASSERT(IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr)); | | 998 | KASSERT(IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr)); |
987 | if (cdst.sa4->sin_addr.s_addr != in6p->in6p_faddr.s6_addr32[3]) | | 999 | if (cdst.sa4->sin_addr.s_addr != in6p->in6p_faddr.s6_addr32[3]) |
988 | rtcache_free(ro); | | 1000 | rtcache_free(ro); |
989 | } | | 1001 | } |
990 | #endif | | 1002 | #endif |
991 | else { | | 1003 | else { |
992 | if (!IN6_ARE_ADDR_EQUAL(&cdst.sa6->sin6_addr, | | 1004 | if (!IN6_ARE_ADDR_EQUAL(&cdst.sa6->sin6_addr, |
993 | &in6p->in6p_faddr)) | | 1005 | &in6p->in6p_faddr)) |
994 | rtcache_free(ro); | | 1006 | rtcache_free(ro); |
995 | } | | 1007 | } |
996 | if ((rt = rtcache_validate(ro)) == NULL) | | 1008 | if ((rt = rtcache_validate(ro)) == NULL) |
997 | rt = rtcache_update(ro, 1); | | 1009 | rt = rtcache_update(ro, 1); |
998 | #ifdef INET | | 1010 | #ifdef INET |
999 | if (rt == NULL && IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr)) { | | 1011 | if (rt == NULL && IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr)) { |
1000 | union { | | 1012 | union { |
1001 | struct sockaddr dst; | | 1013 | struct sockaddr dst; |
1002 | struct sockaddr_in dst4; | | 1014 | struct sockaddr_in dst4; |
1003 | } u; | | 1015 | } u; |
1004 | struct in_addr addr; | | 1016 | struct in_addr addr; |
1005 | | | 1017 | |
1006 | addr.s_addr = in6p->in6p_faddr.s6_addr32[3]; | | 1018 | addr.s_addr = in6p->in6p_faddr.s6_addr32[3]; |
1007 | | | 1019 | |
1008 | sockaddr_in_init(&u.dst4, &addr, 0); | | 1020 | sockaddr_in_init(&u.dst4, &addr, 0); |
1009 | rtcache_setdst(ro, &u.dst); | | 1021 | rtcache_setdst(ro, &u.dst); |
1010 | | | 1022 | |
1011 | rt = rtcache_init(ro); | | 1023 | rt = rtcache_init(ro); |
1012 | } else | | 1024 | } else |
1013 | #endif | | 1025 | #endif |
1014 | if (rt == NULL && !IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) { | | 1026 | if (rt == NULL && !IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) { |
1015 | union { | | 1027 | union { |
1016 | struct sockaddr dst; | | 1028 | struct sockaddr dst; |
1017 | struct sockaddr_in6 dst6; | | 1029 | struct sockaddr_in6 dst6; |
1018 | } u; | | 1030 | } u; |
1019 | | | 1031 | |
1020 | sockaddr_in6_init(&u.dst6, &in6p->in6p_faddr, 0, 0, 0); | | 1032 | sockaddr_in6_init(&u.dst6, &in6p->in6p_faddr, 0, 0, 0); |
1021 | rtcache_setdst(ro, &u.dst); | | 1033 | rtcache_setdst(ro, &u.dst); |
1022 | | | 1034 | |
1023 | rt = rtcache_init(ro); | | 1035 | rt = rtcache_init(ro); |
1024 | } | | 1036 | } |
1025 | return rt; | | 1037 | return rt; |
1026 | } | | 1038 | } |
1027 | | | 1039 | |
1028 | struct in6pcb * | | 1040 | struct in6pcb * |
1029 | in6_pcblookup_connect(struct inpcbtable *table, const struct in6_addr *faddr6, | | 1041 | in6_pcblookup_connect(struct inpcbtable *table, const struct in6_addr *faddr6, |
1030 | u_int fport_arg, const struct in6_addr *laddr6, u_int lport_arg, | | 1042 | u_int fport_arg, const struct in6_addr *laddr6, u_int lport_arg, |
1031 | int faith) | | 1043 | int faith) |
1032 | { | | 1044 | { |
1033 | struct inpcbhead *head; | | 1045 | struct inpcbhead *head; |
1034 | struct inpcb_hdr *inph; | | 1046 | struct inpcb_hdr *inph; |
1035 | struct in6pcb *in6p; | | 1047 | struct in6pcb *in6p; |
1036 | u_int16_t fport = fport_arg, lport = lport_arg; | | 1048 | u_int16_t fport = fport_arg, lport = lport_arg; |
1037 | | | 1049 | |
1038 | head = IN6PCBHASH_CONNECT(table, faddr6, fport, laddr6, lport); | | 1050 | head = IN6PCBHASH_CONNECT(table, faddr6, fport, laddr6, lport); |
1039 | LIST_FOREACH(inph, head, inph_hash) { | | 1051 | LIST_FOREACH(inph, head, inph_hash) { |
1040 | in6p = (struct in6pcb *)inph; | | 1052 | in6p = (struct in6pcb *)inph; |
1041 | if (in6p->in6p_af != AF_INET6) | | 1053 | if (in6p->in6p_af != AF_INET6) |
1042 | continue; | | 1054 | continue; |
1043 | | | 1055 | |
1044 | /* find exact match on both source and dest */ | | 1056 | /* find exact match on both source and dest */ |
1045 | if (in6p->in6p_fport != fport) | | 1057 | if (in6p->in6p_fport != fport) |
1046 | continue; | | 1058 | continue; |
1047 | if (in6p->in6p_lport != lport) | | 1059 | if (in6p->in6p_lport != lport) |
1048 | continue; | | 1060 | continue; |
1049 | if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) | | 1061 | if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) |
1050 | continue; | | 1062 | continue; |
1051 | if (!IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, faddr6)) | | 1063 | if (!IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, faddr6)) |
1052 | continue; | | 1064 | continue; |
1053 | if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr)) | | 1065 | if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr)) |
1054 | continue; | | 1066 | continue; |
1055 | if (!IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, laddr6)) | | 1067 | if (!IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, laddr6)) |
1056 | continue; | | 1068 | continue; |
1057 | if ((IN6_IS_ADDR_V4MAPPED(laddr6) || | | 1069 | if ((IN6_IS_ADDR_V4MAPPED(laddr6) || |
1058 | IN6_IS_ADDR_V4MAPPED(faddr6)) && | | 1070 | IN6_IS_ADDR_V4MAPPED(faddr6)) && |
1059 | (in6p->in6p_flags & IN6P_IPV6_V6ONLY)) | | 1071 | (in6p->in6p_flags & IN6P_IPV6_V6ONLY)) |
1060 | continue; | | 1072 | continue; |
1061 | return in6p; | | 1073 | return in6p; |
1062 | } | | 1074 | } |
1063 | return NULL; | | 1075 | return NULL; |
1064 | } | | 1076 | } |
1065 | | | 1077 | |
1066 | struct in6pcb * | | 1078 | struct in6pcb * |
1067 | in6_pcblookup_bind(struct inpcbtable *table, const struct in6_addr *laddr6, | | 1079 | in6_pcblookup_bind(struct inpcbtable *table, const struct in6_addr *laddr6, |
1068 | u_int lport_arg, int faith) | | 1080 | u_int lport_arg, int faith) |
1069 | { | | 1081 | { |
1070 | struct inpcbhead *head; | | 1082 | struct inpcbhead *head; |
1071 | struct inpcb_hdr *inph; | | 1083 | struct inpcb_hdr *inph; |
1072 | struct in6pcb *in6p; | | 1084 | struct in6pcb *in6p; |
1073 | u_int16_t lport = lport_arg; | | 1085 | u_int16_t lport = lport_arg; |
1074 | #ifdef INET | | 1086 | #ifdef INET |
1075 | struct in6_addr zero_mapped; | | 1087 | struct in6_addr zero_mapped; |
1076 | #endif | | 1088 | #endif |
1077 | | | 1089 | |
1078 | head = IN6PCBHASH_BIND(table, laddr6, lport); | | 1090 | head = IN6PCBHASH_BIND(table, laddr6, lport); |
1079 | LIST_FOREACH(inph, head, inph_hash) { | | 1091 | LIST_FOREACH(inph, head, inph_hash) { |
1080 | in6p = (struct in6pcb *)inph; | | 1092 | in6p = (struct in6pcb *)inph; |
1081 | if (in6p->in6p_af != AF_INET6) | | 1093 | if (in6p->in6p_af != AF_INET6) |
1082 | continue; | | 1094 | continue; |
1083 | | | 1095 | |
1084 | if (faith && (in6p->in6p_flags & IN6P_FAITH) == 0) | | 1096 | if (faith && (in6p->in6p_flags & IN6P_FAITH) == 0) |
1085 | continue; | | 1097 | continue; |
1086 | if (in6p->in6p_fport != 0) | | 1098 | if (in6p->in6p_fport != 0) |
1087 | continue; | | 1099 | continue; |
1088 | if (in6p->in6p_lport != lport) | | 1100 | if (in6p->in6p_lport != lport) |
1089 | continue; | | 1101 | continue; |
1090 | if (IN6_IS_ADDR_V4MAPPED(laddr6) && | | 1102 | if (IN6_IS_ADDR_V4MAPPED(laddr6) && |
1091 | (in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) | | 1103 | (in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) |
1092 | continue; | | 1104 | continue; |
1093 | if (IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, laddr6)) | | 1105 | if (IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, laddr6)) |
1094 | goto out; | | 1106 | goto out; |
1095 | } | | 1107 | } |
1096 | #ifdef INET | | 1108 | #ifdef INET |
1097 | if (IN6_IS_ADDR_V4MAPPED(laddr6)) { | | 1109 | if (IN6_IS_ADDR_V4MAPPED(laddr6)) { |
1098 | memset(&zero_mapped, 0, sizeof(zero_mapped)); | | 1110 | memset(&zero_mapped, 0, sizeof(zero_mapped)); |
1099 | zero_mapped.s6_addr16[5] = 0xffff; | | 1111 | zero_mapped.s6_addr16[5] = 0xffff; |
1100 | head = IN6PCBHASH_BIND(table, &zero_mapped, lport); | | 1112 | head = IN6PCBHASH_BIND(table, &zero_mapped, lport); |
1101 | LIST_FOREACH(inph, head, inph_hash) { | | 1113 | LIST_FOREACH(inph, head, inph_hash) { |
1102 | in6p = (struct in6pcb *)inph; | | 1114 | in6p = (struct in6pcb *)inph; |
1103 | if (in6p->in6p_af != AF_INET6) | | 1115 | if (in6p->in6p_af != AF_INET6) |
1104 | continue; | | 1116 | continue; |
1105 | | | 1117 | |
1106 | if (faith && (in6p->in6p_flags & IN6P_FAITH) == 0) | | 1118 | if (faith && (in6p->in6p_flags & IN6P_FAITH) == 0) |
1107 | continue; | | 1119 | continue; |
1108 | if (in6p->in6p_fport != 0) | | 1120 | if (in6p->in6p_fport != 0) |
1109 | continue; | | 1121 | continue; |
1110 | if (in6p->in6p_lport != lport) | | 1122 | if (in6p->in6p_lport != lport) |
1111 | continue; | | 1123 | continue; |
1112 | if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) | | 1124 | if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) |
1113 | continue; | | 1125 | continue; |
1114 | if (IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &zero_mapped)) | | 1126 | if (IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &zero_mapped)) |
1115 | goto out; | | 1127 | goto out; |
1116 | } | | 1128 | } |
1117 | } | | 1129 | } |
1118 | #endif | | 1130 | #endif |
1119 | head = IN6PCBHASH_BIND(table, &zeroin6_addr, lport); | | 1131 | head = IN6PCBHASH_BIND(table, &zeroin6_addr, lport); |
1120 | LIST_FOREACH(inph, head, inph_hash) { | | 1132 | LIST_FOREACH(inph, head, inph_hash) { |
1121 | in6p = (struct in6pcb *)inph; | | 1133 | in6p = (struct in6pcb *)inph; |
1122 | if (in6p->in6p_af != AF_INET6) | | 1134 | if (in6p->in6p_af != AF_INET6) |
1123 | continue; | | 1135 | continue; |
1124 | | | 1136 | |
1125 | if (faith && (in6p->in6p_flags & IN6P_FAITH) == 0) | | 1137 | if (faith && (in6p->in6p_flags & IN6P_FAITH) == 0) |
1126 | continue; | | 1138 | continue; |
1127 | if (in6p->in6p_fport != 0) | | 1139 | if (in6p->in6p_fport != 0) |
1128 | continue; | | 1140 | continue; |
1129 | if (in6p->in6p_lport != lport) | | 1141 | if (in6p->in6p_lport != lport) |
1130 | continue; | | 1142 | continue; |
1131 | if (IN6_IS_ADDR_V4MAPPED(laddr6) && | | 1143 | if (IN6_IS_ADDR_V4MAPPED(laddr6) && |
1132 | (in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) | | 1144 | (in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) |
1133 | continue; | | 1145 | continue; |
1134 | if (IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &zeroin6_addr)) | | 1146 | if (IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &zeroin6_addr)) |
1135 | goto out; | | 1147 | goto out; |
1136 | } | | 1148 | } |
1137 | return (NULL); | | 1149 | return (NULL); |
1138 | | | 1150 | |
1139 | out: | | 1151 | out: |
1140 | inph = &in6p->in6p_head; | | 1152 | inph = &in6p->in6p_head; |