1 /* $OpenBSD: udp.c,v 1.95 2008/07/22 09:45:56 bluhm Exp $ */
2 /* $EOM: udp.c,v 1.57 2001/01/26 10:09:57 niklas Exp $ */
3
4 /*
5 * Copyright (c) 1998, 1999, 2001 Niklas Hallqvist. All rights reserved.
6 * Copyright (c) 2000 Angelos D. Keromytis. All rights reserved.
7 * Copyright (c) 2003, 2004 H�kan Olsson. All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 */
29
30 /*
31 * This code was written under funding by Ericsson Radio Systems.
32 */
33
34 #include <sys/types.h>
35 #include <sys/ioctl.h>
36 #include <sys/socket.h>
37 #include <sys/sockio.h>
38 #include <net/if.h>
39 #include <netinet/in.h>
40 #include <arpa/inet.h>
41 #include <ctype.h>
42 #include <limits.h>
43 #include <netdb.h>
44 #include <stdlib.h>
45 #include <string.h>
46 #include <unistd.h>
47
48 #include "conf.h"
49 #include "if.h"
50 #include "isakmp.h"
51 #include "log.h"
52 #include "message.h"
53 #include "monitor.h"
54 #include "transport.h"
55 #include "udp.h"
56 #include "util.h"
57 #include "virtual.h"
58
59 #define UDP_SIZE 65536
60
61 /* If a system doesn't have SO_REUSEPORT, SO_REUSEADDR will have to do. */
62 #ifndef SO_REUSEPORT
63 #define SO_REUSEPORT SO_REUSEADDR
64 #endif
65
66 /* These are reused by udp_encap.c, thus not 'static' here. */
67 struct transport *udp_clone(struct transport *, struct sockaddr *);
68 int udp_fd_set(struct transport *, fd_set *, int);
69 int udp_fd_isset(struct transport *, fd_set *);
70 void udp_get_dst(struct transport *, struct sockaddr **);
71 void udp_get_src(struct transport *, struct sockaddr **);
72 char *udp_decode_ids(struct transport *);
73 void udp_remove(struct transport *);
74
75 static struct transport *udp_create(char *);
76 static void udp_report(struct transport *);
77 static void udp_handle_message(struct transport *);
78 static struct transport *udp_make(struct sockaddr *);
79 static int udp_send_message(struct message *, struct transport *);
80
81 static struct transport_vtbl udp_transport_vtbl = {
82 {0}, "udp_physical",
83 udp_create,
84 0,
85 udp_remove,
86 udp_report,
87 udp_fd_set,
88 udp_fd_isset,
89 udp_handle_message,
90 udp_send_message,
91 udp_get_dst,
92 udp_get_src,
93 udp_decode_ids,
94 udp_clone,
95 0
96 };
97
98 char *udp_default_port = 0;
99 int bind_family = 0;
100
101 void
udp_init(void)102 udp_init(void)
103 {
104 transport_method_add(&udp_transport_vtbl);
105 }
106
107 /* Create a UDP transport structure bound to LADDR just for listening. */
108 static struct transport *
udp_make(struct sockaddr * laddr)109 udp_make(struct sockaddr *laddr)
110 {
111 struct udp_transport *t = 0;
112 int s, on, wildcardaddress = 0;
113 char *tstr;
114
115 t = calloc(1, sizeof *t);
116 if (!t) {
117 log_print("udp_make: calloc (1, %lu) failed",
118 (unsigned long)sizeof *t);
119 free(laddr);
120 return 0;
121 }
122 t->src = laddr;
123
124 s = socket(laddr->sa_family, SOCK_DGRAM, IPPROTO_UDP);
125 if (s == -1) {
126 log_error("udp_make: socket (%d, %d, %d)", laddr->sa_family,
127 SOCK_DGRAM, IPPROTO_UDP);
128 goto err;
129 }
130 /* Make sure we don't get our traffic encrypted. */
131 if (sysdep_cleartext(s, laddr->sa_family) == -1)
132 goto err;
133
134 /* Wildcard address ? */
135 switch (laddr->sa_family) {
136 case AF_INET:
137 if (((struct sockaddr_in *)laddr)->sin_addr.s_addr ==
138 INADDR_ANY)
139 wildcardaddress = 1;
140 break;
141 case AF_INET6:
142 if (IN6_IS_ADDR_UNSPECIFIED(&((struct sockaddr_in6 *)laddr)->sin6_addr))
143 wildcardaddress = 1;
144 break;
145 }
146
147 /*
148 * In order to have several bound specific address-port combinations
149 * with the same port SO_REUSEADDR is needed. If this is a wildcard
150 * socket and we are not listening there, but only sending from it
151 * make sure it is entirely reuseable with SO_REUSEPORT.
152 */
153 on = 1;
154 if (setsockopt(s, SOL_SOCKET,
155 wildcardaddress ? SO_REUSEPORT : SO_REUSEADDR,
156 (void *)&on, sizeof on) == -1) {
157 log_error("udp_make: setsockopt (%d, %d, %d, %p, %lu)", s,
158 SOL_SOCKET, wildcardaddress ? SO_REUSEPORT : SO_REUSEADDR,
159 &on, (unsigned long)sizeof on);
160 goto err;
161 }
162 t->transport.vtbl = &udp_transport_vtbl;
163 if (monitor_bind(s, t->src, SA_LEN(t->src))) {
164 if (sockaddr2text(t->src, &tstr, 0))
165 log_error("udp_make: bind (%d, %p, %lu)", s, &t->src,
166 (unsigned long)sizeof t->src);
167 else {
168 log_error("udp_make: bind (%d, %s, %lu)", s, tstr,
169 (unsigned long)sizeof t->src);
170 free(tstr);
171 }
172 goto err;
173 }
174 t->s = s;
175 if (sockaddr2text(t->src, &tstr, 0))
176 LOG_DBG((LOG_MISC, 20, "udp_make: "
177 "transport %p socket %d family %d", t, s,
178 t->src->sa_family == AF_INET ? 4 : 6));
179 else {
180 LOG_DBG((LOG_MISC, 20, "udp_make: "
181 "transport %p socket %d ip %s port %d", t, s,
182 tstr, ntohs(sockaddr_port(t->src))));
183 free (tstr);
184 }
185 transport_setup(&t->transport, 0);
186 t->transport.flags |= TRANSPORT_LISTEN;
187 return &t->transport;
188
189 err:
190 if (s >= 0)
191 close(s);
192 if (t) {
193 /* Already closed. */
194 t->s = -1;
195 udp_remove(&t->transport);
196 }
197 return 0;
198 }
199
200 /* Clone a listen transport U, record a destination RADDR for outbound use. */
201 struct transport *
udp_clone(struct transport * ut,struct sockaddr * raddr)202 udp_clone(struct transport *ut, struct sockaddr *raddr)
203 {
204 struct udp_transport *u = (struct udp_transport *)ut;
205 struct udp_transport *u2;
206 struct transport *t;
207
208 t = malloc(sizeof *u);
209 if (!t) {
210 log_error("udp_clone: malloc (%lu) failed",
211 (unsigned long)sizeof *u);
212 return 0;
213 }
214 u2 = (struct udp_transport *)t;
215
216 memcpy(u2, u, sizeof *u);
217
218 u2->src = malloc(SA_LEN(u->src));
219 if (!u2->src) {
220 log_error("udp_clone: malloc (%lu) failed",
221 (unsigned long)SA_LEN(u->src));
222 free(t);
223 return 0;
224 }
225 memcpy(u2->src, u->src, SA_LEN(u->src));
226
227 u2->dst = malloc(SA_LEN(raddr));
228 if (!u2->dst) {
229 log_error("udp_clone: malloc (%lu) failed",
230 (unsigned long)SA_LEN(raddr));
231 free(u2->src);
232 free(t);
233 return 0;
234 }
235 memcpy(u2->dst, raddr, SA_LEN(raddr));
236
237 t->flags &= ~TRANSPORT_LISTEN;
238 transport_setup(t, 0);
239 return t;
240 }
241
242 /*
243 * Initialize an object of the UDP transport class. Fill in the local
244 * IP address and port information and create a server socket bound to
245 * that specific port. Add the polymorphic transport structure to the
246 * system-wide pools of known ISAKMP transports.
247 */
248 struct transport *
udp_bind(const struct sockaddr * addr)249 udp_bind(const struct sockaddr *addr)
250 {
251 struct sockaddr *src;
252
253 src = malloc(SA_LEN(addr));
254 if (!src)
255 return 0;
256
257 memcpy(src, addr, SA_LEN(addr));
258 return udp_make(src);
259 }
260
261 /*
262 * NAME is a section name found in the config database. Setup and return
263 * a transport useable to talk to the peer specified by that name.
264 */
265 static struct transport *
udp_create(char * name)266 udp_create(char *name)
267 {
268 struct virtual_transport *v;
269 struct udp_transport *u;
270 struct transport *rv = 0;
271 struct sockaddr *dst, *addr;
272 char *addr_str, *port_str;
273 struct conf_list *addr_list = 0;
274 struct conf_list_node *addr_node;
275
276 port_str = conf_get_str(name, "Port");
277 if (!port_str)
278 port_str = udp_default_port;
279 if (!port_str)
280 port_str = UDP_DEFAULT_PORT_STR;
281
282 addr_str = conf_get_str(name, "Address");
283 if (!addr_str) {
284 log_print("udp_create: no address configured for \"%s\"",
285 name);
286 return 0;
287 }
288 if (text2sockaddr(addr_str, port_str, &dst, 0, 0)) {
289 log_print("udp_create: address \"%s\" not understood",
290 addr_str);
291 return 0;
292 }
293 addr_str = conf_get_str(name, "Local-address");
294 if (!addr_str)
295 addr_list = conf_get_list("General", "Listen-on");
296 if (!addr_str && !addr_list) {
297 v = virtual_get_default(dst->sa_family);
298 if (!v) {
299 log_print("udp_create: no virtual default transport "
300 "for address family %d", dst->sa_family);
301 goto ret;
302 }
303 u = (struct udp_transport *)v->main;
304 if (!u) {
305 log_print("udp_create: no udp default transport "
306 "for address family %d", dst->sa_family);
307 goto ret;
308 }
309 rv = udp_clone((struct transport *)u, dst);
310 if (rv)
311 rv->vtbl = &udp_transport_vtbl;
312 goto ret;
313 }
314
315 if (addr_list) {
316 for (addr_node = TAILQ_FIRST(&addr_list->fields);
317 addr_node; addr_node = TAILQ_NEXT(addr_node, link))
318 if (text2sockaddr(addr_node->field,
319 port_str, &addr, 0, 0) == 0) {
320 v = virtual_listen_lookup(addr);
321 free(addr);
322 if (v) {
323 addr_str = addr_node->field;
324 break;
325 }
326 }
327 if (!addr_str) {
328 log_print("udp_create: no matching listener found");
329 goto ret;
330 }
331 }
332 if (text2sockaddr(addr_str, port_str, &addr, 0, 0)) {
333 log_print("udp_create: address \"%s\" not understood",
334 addr_str);
335 goto ret;
336 }
337
338 v = virtual_listen_lookup(addr);
339 free(addr);
340 if (!v) {
341 log_print("udp_create: %s:%s must exist as a listener too",
342 addr_str, port_str);
343 goto ret;
344 }
345 rv = udp_clone(v->main, dst);
346 if (rv)
347 rv->vtbl = &udp_transport_vtbl;
348
349 ret:
350 if (addr_list)
351 conf_free_list(addr_list);
352 free(dst);
353 return rv;
354 }
355
356 void
udp_remove(struct transport * t)357 udp_remove(struct transport *t)
358 {
359 struct udp_transport *u = (struct udp_transport *)t;
360 struct transport *p;
361
362 free(u->src);
363 free(u->dst);
364 if ((t->flags & TRANSPORT_LISTEN) && u->s >= 0)
365 close(u->s);
366
367 for (p = LIST_FIRST(&transport_list); p && p != t; p =
368 LIST_NEXT(p, link))
369 ;
370 if (p == t)
371 LIST_REMOVE(t, link);
372
373 LOG_DBG((LOG_TRANSPORT, 90, "udp_remove: removed transport %p", t));
374 free(t);
375 }
376
377 /* Report transport-method specifics of the T transport. */
378 void
udp_report(struct transport * t)379 udp_report(struct transport *t)
380 {
381 struct udp_transport *u = (struct udp_transport *)t;
382 char *src = NULL, *dst = NULL;
383 in_port_t sport, dport;
384
385 if (sockaddr2text(u->src, &src, 0))
386 return;
387 sport = sockaddr_port(u->src);
388
389 if (!u->dst || sockaddr2text(u->dst, &dst, 0))
390 dst = 0;
391 dport = dst ? sockaddr_port(u->dst) : 0;
392
393 LOG_DBG((LOG_REPORT, 0, "udp_report: fd %d src %s:%u dst %s:%u", u->s,
394 src, ntohs(sport), dst ? dst : "<none>", ntohs(dport)));
395
396 free(dst);
397 free(src);
398 }
399
400 /*
401 * A message has arrived on transport T's socket. If T is single-ended,
402 * clone it into a double-ended transport which we will use from now on.
403 * Package the message as we want it and continue processing in the message
404 * module.
405 */
406 static void
udp_handle_message(struct transport * t)407 udp_handle_message(struct transport *t)
408 {
409 struct udp_transport *u = (struct udp_transport *)t;
410 u_int8_t buf[UDP_SIZE];
411 struct sockaddr_storage from;
412 u_int32_t len = sizeof from;
413 ssize_t n;
414 struct message *msg;
415
416 n = recvfrom(u->s, buf, UDP_SIZE, 0, (struct sockaddr *)&from, &len);
417 if (n == -1) {
418 log_error("recvfrom (%d, %p, %d, %d, %p, %p)", u->s, buf,
419 UDP_SIZE, 0, &from, &len);
420 return;
421 }
422
423 if (t->virtual == (struct transport *)virtual_get_default(AF_INET) ||
424 t->virtual == (struct transport *)virtual_get_default(AF_INET6)) {
425 t->virtual->vtbl->reinit();
426
427 /*
428 * As we don't know the actual destination address of the
429 * packet, we can't really deal with it. So, just ignore it
430 * and hope we catch the retransmission.
431 */
432 return;
433 }
434
435 /*
436 * Make a specialized UDP transport structure out of the incoming
437 * transport and the address information we got from recvfrom(2).
438 */
439 t = t->virtual->vtbl->clone(t->virtual, (struct sockaddr *)&from);
440 if (!t)
441 return;
442
443 msg = message_alloc(t, buf, n);
444 if (!msg) {
445 log_error("failed to allocate message structure, dropping "
446 "packet received on transport %p", u);
447 t->vtbl->remove(t);
448 return;
449 }
450 message_recv(msg);
451 }
452
453 /* Physically send the message MSG over its associated transport. */
454 static int
udp_send_message(struct message * msg,struct transport * t)455 udp_send_message(struct message *msg, struct transport *t)
456 {
457 struct udp_transport *u = (struct udp_transport *)t;
458 ssize_t n;
459 struct msghdr m;
460
461 /*
462 * Sending on connected sockets requires that no destination address is
463 * given, or else EISCONN will occur.
464 */
465 m.msg_name = (caddr_t) u->dst;
466 m.msg_namelen = SA_LEN(u->dst);
467 m.msg_iov = msg->iov;
468 m.msg_iovlen = msg->iovlen;
469 m.msg_control = 0;
470 m.msg_controllen = 0;
471 m.msg_flags = 0;
472 n = sendmsg(u->s, &m, 0);
473 if (n == -1) {
474 /* XXX We should check whether the address has gone away */
475 log_error("sendmsg (%d, %p, %d)", u->s, &m, 0);
476 return -1;
477 }
478 return 0;
479 }
480
481 int
udp_fd_set(struct transport * t,fd_set * fds,int bit)482 udp_fd_set(struct transport *t, fd_set *fds, int bit)
483 {
484 struct udp_transport *u = (struct udp_transport *)t;
485
486 if (bit)
487 FD_SET(u->s, fds);
488 else
489 FD_CLR(u->s, fds);
490
491 return u->s + 1;
492 }
493
494 int
udp_fd_isset(struct transport * t,fd_set * fds)495 udp_fd_isset(struct transport *t, fd_set *fds)
496 {
497 struct udp_transport *u = (struct udp_transport *)t;
498
499 return FD_ISSET(u->s, fds);
500 }
501
502 /*
503 * Get transport T's peer address and stuff it into the sockaddr pointed
504 * to by DST.
505 */
506 void
udp_get_dst(struct transport * t,struct sockaddr ** dst)507 udp_get_dst(struct transport *t, struct sockaddr **dst)
508 {
509 *dst = ((struct udp_transport *)t)->dst;
510 }
511
512 /*
513 * Get transport T's local address and stuff it into the sockaddr pointed
514 * to by SRC. Put its length into SRC_LEN.
515 */
516 void
udp_get_src(struct transport * t,struct sockaddr ** src)517 udp_get_src(struct transport *t, struct sockaddr **src)
518 {
519 *src = ((struct udp_transport *)t)->src;
520 }
521
522 char *
udp_decode_ids(struct transport * t)523 udp_decode_ids(struct transport *t)
524 {
525 struct sockaddr *src, *dst;
526 static char result[1024];
527 char idsrc[256], iddst[256];
528
529 t->vtbl->get_src(t, &src);
530 t->vtbl->get_dst(t, &dst);
531
532 if (getnameinfo(src, SA_LEN(src), idsrc, sizeof idsrc, NULL, 0,
533 NI_NUMERICHOST) != 0) {
534 log_print("udp_decode_ids: getnameinfo () failed for 'src'");
535 strlcpy(idsrc, "<error>", 256);
536 }
537 if (getnameinfo(dst, SA_LEN(dst), iddst, sizeof iddst, NULL, 0,
538 NI_NUMERICHOST) != 0) {
539 log_print("udp_decode_ids: getnameinfo () failed for 'dst'");
540 strlcpy(iddst, "<error>", 256);
541 }
542
543 snprintf(result, sizeof result, "src: %s dst: %s", idsrc, iddst);
544 return result;
545 }
546