1 /* $FreeBSD: src/sys/netinet6/in6_pcb.c,v 1.10.2.9 2003/01/24 05:11:35 sam Exp $ */ 2 /* $DragonFly: src/sys/netinet6/in6_pcb.c,v 1.35 2008/09/04 09:08:22 hasso Exp $ */ 3 /* $KAME: in6_pcb.c,v 1.31 2001/05/21 05:45:10 jinmei Exp $ */ 4 5 /* 6 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the project nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 */ 34 35 /* 36 * Copyright (c) 1982, 1986, 1991, 1993 37 * The Regents of the University of California. All rights reserved. 38 * 39 * Redistribution and use in source and binary forms, with or without 40 * modification, are permitted provided that the following conditions 41 * are met: 42 * 1. Redistributions of source code must retain the above copyright 43 * notice, this list of conditions and the following disclaimer. 44 * 2. Redistributions in binary form must reproduce the above copyright 45 * notice, this list of conditions and the following disclaimer in the 46 * documentation and/or other materials provided with the distribution. 47 * 3. All advertising materials mentioning features or use of this software 48 * must display the following acknowledgement: 49 * This product includes software developed by the University of 50 * California, Berkeley and its contributors. 51 * 4. Neither the name of the University nor the names of its contributors 52 * may be used to endorse or promote products derived from this software 53 * without specific prior written permission. 54 * 55 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 56 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 57 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 58 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 59 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 60 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 61 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 62 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 63 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 64 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 65 * SUCH DAMAGE. 66 * 67 * @(#)in_pcb.c 8.2 (Berkeley) 1/4/94 68 */ 69 70 #include "opt_inet.h" 71 #include "opt_inet6.h" 72 #include "opt_ipsec.h" 73 74 #include <sys/param.h> 75 #include <sys/systm.h> 76 #include <sys/malloc.h> 77 #include <sys/mbuf.h> 78 #include <sys/domain.h> 79 #include <sys/protosw.h> 80 #include <sys/socket.h> 81 #include <sys/socketvar.h> 82 #include <sys/sockio.h> 83 #include <sys/errno.h> 84 #include <sys/time.h> 85 #include <sys/proc.h> 86 #include <sys/priv.h> 87 #include <sys/jail.h> 88 #include <sys/thread2.h> 89 90 #include <vm/vm_zone.h> 91 92 #include <net/if.h> 93 #include <net/if_types.h> 94 #include <net/route.h> 95 96 #include <netinet/in.h> 97 #include <netinet/in_var.h> 98 #include <netinet/in_systm.h> 99 #include <netinet/ip6.h> 100 #include <netinet/ip_var.h> 101 #include <netinet6/ip6_var.h> 102 #include <netinet6/nd6.h> 103 #include <netinet/in_pcb.h> 104 #include <netinet6/in6_pcb.h> 105 106 #ifdef IPSEC 107 #include <netinet6/ipsec.h> 108 #ifdef INET6 109 #include <netinet6/ipsec6.h> 110 #endif 111 #include <netinet6/ah.h> 112 #ifdef INET6 113 #include <netinet6/ah6.h> 114 #endif 115 #include <netproto/key/key.h> 116 #endif /* IPSEC */ 117 118 #ifdef FAST_IPSEC 119 #include <netproto/ipsec/ipsec.h> 120 #include <netproto/ipsec/ipsec6.h> 121 #include <netproto/ipsec/key.h> 122 #define IPSEC 123 #endif /* FAST_IPSEC */ 124 125 struct in6_addr zeroin6_addr; 126 127 int 128 in6_pcbbind(struct inpcb *inp, struct sockaddr *nam, struct thread *td) 129 { 130 struct socket *so = inp->inp_socket; 131 struct sockaddr_in6 *sin6 = NULL; 132 struct sockaddr_in6 jsin6; 133 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 134 struct proc *p = td->td_proc; 135 struct ucred *cred = NULL; 136 u_short lport = 0; 137 int wild = 0, reuseport = (so->so_options & SO_REUSEPORT); 138 139 if (!in6_ifaddr) /* XXX broken! */ 140 return (EADDRNOTAVAIL); 141 if (inp->inp_lport || !IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) 142 return (EINVAL); 143 if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0) 144 wild = 1; 145 if (p) 146 cred = p->p_ucred; 147 if (nam) { 148 sin6 = (struct sockaddr_in6 *)nam; 149 if (nam->sa_len != sizeof(*sin6)) 150 return (EINVAL); 151 /* 152 * family check. 153 */ 154 if (nam->sa_family != AF_INET6) 155 return (EAFNOSUPPORT); 156 157 if (!prison_replace_wildcards(td, nam)) 158 return (EINVAL); 159 160 /* KAME hack: embed scopeid */ 161 if (in6_embedscope(&sin6->sin6_addr, sin6, inp, NULL) != 0) 162 return EINVAL; 163 /* this must be cleared for ifa_ifwithaddr() */ 164 sin6->sin6_scope_id = 0; 165 166 lport = sin6->sin6_port; 167 if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) { 168 /* 169 * Treat SO_REUSEADDR as SO_REUSEPORT for multicast; 170 * allow compepte duplication of binding if 171 * SO_REUSEPORT is set, or if SO_REUSEADDR is set 172 * and a multicast address is bound on both 173 * new and duplicated sockets. 174 */ 175 if (so->so_options & SO_REUSEADDR) 176 reuseport = SO_REUSEADDR|SO_REUSEPORT; 177 } else if (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 178 struct ifaddr *ia = NULL; 179 180 sin6->sin6_port = 0; /* yech... */ 181 if (!prison_replace_wildcards(td, (struct sockaddr *)sin6)) { 182 sin6->sin6_addr = kin6addr_any; 183 return(EINVAL); 184 } 185 if ((ia = ifa_ifwithaddr((struct sockaddr *)sin6)) == 0) 186 return (EADDRNOTAVAIL); 187 188 /* 189 * XXX: bind to an anycast address might accidentally 190 * cause sending a packet with anycast source address. 191 * We should allow to bind to a deprecated address, since 192 * the application dare to use it. 193 */ 194 if (ia && 195 ((struct in6_ifaddr *)ia)->ia6_flags & 196 (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY|IN6_IFF_DETACHED)) { 197 return (EADDRNOTAVAIL); 198 } 199 } 200 if (lport) { 201 struct inpcb *t; 202 203 /* GROSS */ 204 if (ntohs(lport) < IPV6PORT_RESERVED && cred && 205 priv_check_cred(cred, PRIV_ROOT, PRISON_ROOT)) 206 return (EACCES); 207 if (so->so_cred->cr_uid != 0 && 208 !IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) { 209 t = in6_pcblookup_local(pcbinfo, 210 &sin6->sin6_addr, lport, 211 INPLOOKUP_WILDCARD, cred); 212 if (t && 213 (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr) || 214 !IN6_IS_ADDR_UNSPECIFIED(&t->in6p_laddr) || 215 (t->inp_socket->so_options & 216 SO_REUSEPORT) == 0) && 217 (so->so_cred->cr_uid != 218 t->inp_socket->so_cred->cr_uid)) 219 return (EADDRINUSE); 220 if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0 && 221 IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 222 struct sockaddr_in sin; 223 224 in6_sin6_2_sin(&sin, sin6); 225 t = in_pcblookup_local(pcbinfo, 226 sin.sin_addr, lport, 227 INPLOOKUP_WILDCARD, cred); 228 if (t && 229 (so->so_cred->cr_uid != 230 t->inp_socket->so_cred->cr_uid) && 231 (ntohl(t->inp_laddr.s_addr) != 232 INADDR_ANY || 233 INP_SOCKAF(so) == 234 INP_SOCKAF(t->inp_socket))) 235 return (EADDRINUSE); 236 } 237 } 238 if (cred && cred->cr_prison && 239 !prison_replace_wildcards(td, nam)) 240 return(EADDRNOTAVAIL); 241 t = in6_pcblookup_local(pcbinfo, &sin6->sin6_addr, 242 lport, wild, cred); 243 if (t && (reuseport & t->inp_socket->so_options) == 0) 244 return (EADDRINUSE); 245 if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0 && 246 IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 247 struct sockaddr_in sin; 248 249 in6_sin6_2_sin(&sin, sin6); 250 t = in_pcblookup_local(pcbinfo, 251 sin.sin_addr, lport, 252 wild, cred); 253 if (t && 254 (reuseport & t->inp_socket->so_options) 255 == 0 && 256 (ntohl(t->inp_laddr.s_addr) 257 != INADDR_ANY || 258 INP_SOCKAF(so) == 259 INP_SOCKAF(t->inp_socket))) 260 return (EADDRINUSE); 261 } 262 } 263 inp->in6p_laddr = sin6->sin6_addr; 264 } 265 if (lport == 0) { 266 int e; 267 268 jsin6.sin6_addr = inp->in6p_laddr; 269 jsin6.sin6_family = AF_INET6; 270 if (!prison_replace_wildcards(td, (struct sockaddr*)&jsin6)) { 271 inp->in6p_laddr = kin6addr_any; 272 inp->inp_lport = 0; 273 return (EINVAL); 274 } 275 276 if ((e = in6_pcbsetport(&inp->in6p_laddr, inp, td)) != 0) 277 return (e); 278 } 279 else { 280 inp->inp_lport = lport; 281 if (in_pcbinsporthash(inp) != 0) { 282 inp->in6p_laddr = kin6addr_any; 283 inp->inp_lport = 0; 284 return (EAGAIN); 285 } 286 } 287 return (0); 288 } 289 290 /* 291 * Transform old in6_pcbconnect() into an inner subroutine for new 292 * in6_pcbconnect(): Do some validity-checking on the remote 293 * address (in mbuf 'nam') and then determine local host address 294 * (i.e., which interface) to use to access that remote host. 295 * 296 * This preserves definition of in6_pcbconnect(), while supporting a 297 * slightly different version for T/TCP. (This is more than 298 * a bit of a kludge, but cleaning up the internal interfaces would 299 * have forced minor changes in every protocol). 300 */ 301 302 int 303 in6_pcbladdr(struct inpcb *inp, struct sockaddr *nam, 304 struct in6_addr **plocal_addr6, struct thread *td) 305 { 306 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam; 307 struct ifnet *ifp = NULL; 308 int error = 0; 309 310 if (nam->sa_len != sizeof (*sin6)) 311 return (EINVAL); 312 if (sin6->sin6_family != AF_INET6) 313 return (EAFNOSUPPORT); 314 if (sin6->sin6_port == 0) 315 return (EADDRNOTAVAIL); 316 317 /* KAME hack: embed scopeid */ 318 if (in6_embedscope(&sin6->sin6_addr, sin6, inp, &ifp) != 0) 319 return EINVAL; 320 321 if (in6_ifaddr) { 322 /* 323 * If the destination address is UNSPECIFIED addr, 324 * use the loopback addr, e.g ::1. 325 */ 326 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) 327 sin6->sin6_addr = kin6addr_loopback; 328 } 329 { 330 /* 331 * XXX: in6_selectsrc might replace the bound local address 332 * with the address specified by setsockopt(IPV6_PKTINFO). 333 * Is it the intended behavior? 334 */ 335 *plocal_addr6 = in6_selectsrc(sin6, inp->in6p_outputopts, 336 inp->in6p_moptions, 337 &inp->in6p_route, 338 &inp->in6p_laddr, &error, td); 339 if (*plocal_addr6 == 0) { 340 if (error == 0) 341 error = EADDRNOTAVAIL; 342 return (error); 343 } 344 /* 345 * Don't do pcblookup call here; return interface in 346 * plocal_addr6 347 * and exit to caller, that will do the lookup. 348 */ 349 } 350 351 if (inp->in6p_route.ro_rt) 352 ifp = inp->in6p_route.ro_rt->rt_ifp; 353 354 return (0); 355 } 356 357 /* 358 * Outer subroutine: 359 * Connect from a socket to a specified address. 360 * Both address and port must be specified in argument sin. 361 * If don't have a local address for this socket yet, 362 * then pick one. 363 */ 364 int 365 in6_pcbconnect(struct inpcb *inp, struct sockaddr *nam, struct thread *td) 366 { 367 struct in6_addr *addr6; 368 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam; 369 int error; 370 371 /* 372 * Call inner routine, to assign local interface address. 373 * in6_pcbladdr() may automatically fill in sin6_scope_id. 374 */ 375 if ((error = in6_pcbladdr(inp, nam, &addr6, td)) != 0) 376 return (error); 377 378 if (in6_pcblookup_hash(inp->inp_cpcbinfo, &sin6->sin6_addr, 379 sin6->sin6_port, 380 IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr) 381 ? addr6 : &inp->in6p_laddr, 382 inp->inp_lport, 0, NULL) != NULL) { 383 return (EADDRINUSE); 384 } 385 if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 386 if (inp->inp_lport == 0) { 387 error = in6_pcbbind(inp, NULL, td); 388 if (error) 389 return (error); 390 } 391 inp->in6p_laddr = *addr6; 392 } 393 inp->in6p_faddr = sin6->sin6_addr; 394 inp->inp_fport = sin6->sin6_port; 395 /* update flowinfo - draft-itojun-ipv6-flowlabel-api-00 */ 396 inp->in6p_flowinfo &= ~IPV6_FLOWLABEL_MASK; 397 if (inp->in6p_flags & IN6P_AUTOFLOWLABEL) 398 inp->in6p_flowinfo |= 399 (htonl(ip6_flow_seq++) & IPV6_FLOWLABEL_MASK); 400 401 in_pcbinsconnhash(inp); 402 return (0); 403 } 404 405 #if 0 406 /* 407 * Return an IPv6 address, which is the most appropriate for given 408 * destination and user specified options. 409 * If necessary, this function lookups the routing table and return 410 * an entry to the caller for later use. 411 */ 412 struct in6_addr * 413 in6_selectsrc(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, 414 struct ip6_moptions *mopts, struct route_in6 *ro, 415 struct in6_addr *laddr, int *errorp, struct thread *td) 416 { 417 struct sockaddr_in6 jsin6; 418 struct ucred *cred = NULL; 419 struct in6_addr *dst; 420 struct in6_ifaddr *ia6 = 0; 421 struct in6_pktinfo *pi = NULL; 422 int jailed = 0; 423 424 if (td && td->td_proc && td->td_proc->p_ucred) 425 cred = td->td_proc->p_ucred; 426 if (cred && cred->cr_prison) 427 jailed = 1; 428 jsin6.sin6_family = AF_INET6; 429 dst = &dstsock->sin6_addr; 430 *errorp = 0; 431 432 /* 433 * If the source address is explicitly specified by the caller, 434 * use it. 435 */ 436 if (opts && (pi = opts->ip6po_pktinfo) && 437 !IN6_IS_ADDR_UNSPECIFIED(&pi->ipi6_addr)) { 438 jsin6.sin6_addr = pi->ipi6_addr; 439 if (jailed && !jailed_ip(cred->cr_prison, 440 (struct sockaddr *)&jsin6)) { 441 return(0); 442 } else { 443 return (&pi->ipi6_addr); 444 } 445 } 446 447 /* 448 * If the source address is not specified but the socket(if any) 449 * is already bound, use the bound address. 450 */ 451 if (laddr && !IN6_IS_ADDR_UNSPECIFIED(laddr)) { 452 jsin6.sin6_addr = *laddr; 453 if (jailed && !jailed_ip(cred->cr_prison, 454 (struct sockaddr *)&jsin6)) { 455 return(0); 456 } else { 457 return (laddr); 458 } 459 } 460 461 /* 462 * If the caller doesn't specify the source address but 463 * the outgoing interface, use an address associated with 464 * the interface. 465 */ 466 if (pi && pi->ipi6_ifindex) { 467 /* XXX boundary check is assumed to be already done. */ 468 ia6 = in6_ifawithscope(ifindex2ifnet[pi->ipi6_ifindex], 469 dst); 470 471 if (ia6 && jailed) { 472 jsin6.sin6_addr = (&ia6->ia_addr)->sin6_addr; 473 if (!jailed_ip(cred->cr_prison, 474 (struct sockaddr *)&jsin6)) 475 ia6 = 0; 476 } 477 478 if (ia6 == 0) { 479 *errorp = EADDRNOTAVAIL; 480 return (0); 481 } 482 return (&satosin6(&ia6->ia_addr)->sin6_addr); 483 } 484 485 /* 486 * If the destination address is a link-local unicast address or 487 * a multicast address, and if the outgoing interface is specified 488 * by the sin6_scope_id filed, use an address associated with the 489 * interface. 490 * XXX: We're now trying to define more specific semantics of 491 * sin6_scope_id field, so this part will be rewritten in 492 * the near future. 493 */ 494 if ((IN6_IS_ADDR_LINKLOCAL(dst) || IN6_IS_ADDR_MULTICAST(dst)) && 495 dstsock->sin6_scope_id) { 496 /* 497 * I'm not sure if boundary check for scope_id is done 498 * somewhere... 499 */ 500 if (dstsock->sin6_scope_id < 0 || 501 if_index < dstsock->sin6_scope_id) { 502 *errorp = ENXIO; /* XXX: better error? */ 503 return (0); 504 } 505 ia6 = in6_ifawithscope(ifindex2ifnet[dstsock->sin6_scope_id], 506 dst); 507 508 if (ia6 && jailed) { 509 jsin6.sin6_addr = (&ia6->ia_addr)->sin6_addr; 510 if (!jailed_ip(cred->cr_prison, 511 (struct sockaddr *)&jsin6)) 512 ia6 = 0; 513 } 514 515 if (ia6 == 0) { 516 *errorp = EADDRNOTAVAIL; 517 return (0); 518 } 519 return (&satosin6(&ia6->ia_addr)->sin6_addr); 520 } 521 522 /* 523 * If the destination address is a multicast address and 524 * the outgoing interface for the address is specified 525 * by the caller, use an address associated with the interface. 526 * There is a sanity check here; if the destination has node-local 527 * scope, the outgoing interfacde should be a loopback address. 528 * Even if the outgoing interface is not specified, we also 529 * choose a loopback interface as the outgoing interface. 530 */ 531 if (!jailed && IN6_IS_ADDR_MULTICAST(dst)) { 532 struct ifnet *ifp = mopts ? mopts->im6o_multicast_ifp : NULL; 533 534 if (ifp == NULL && IN6_IS_ADDR_MC_NODELOCAL(dst)) { 535 ifp = &loif[0]; 536 } 537 538 if (ifp) { 539 ia6 = in6_ifawithscope(ifp, dst); 540 if (ia6 == 0) { 541 *errorp = EADDRNOTAVAIL; 542 return (0); 543 } 544 return (&ia6->ia_addr.sin6_addr); 545 } 546 } 547 548 /* 549 * If the next hop address for the packet is specified 550 * by caller, use an address associated with the route 551 * to the next hop. 552 */ 553 { 554 struct sockaddr_in6 *sin6_next; 555 struct rtentry *rt; 556 557 if (opts && opts->ip6po_nexthop) { 558 sin6_next = satosin6(opts->ip6po_nexthop); 559 rt = nd6_lookup(&sin6_next->sin6_addr, 1, NULL); 560 if (rt) { 561 ia6 = in6_ifawithscope(rt->rt_ifp, dst); 562 if (ia6 == 0) 563 ia6 = ifatoia6(rt->rt_ifa); 564 } 565 if (ia6 && jailed) { 566 jsin6.sin6_addr = (&ia6->ia_addr)->sin6_addr; 567 if (!jailed_ip(cred->cr_prison, 568 (struct sockaddr *)&jsin6)) 569 ia6 = 0; 570 } 571 572 if (ia6 == 0) { 573 *errorp = EADDRNOTAVAIL; 574 return (0); 575 } 576 return (&satosin6(&ia6->ia_addr)->sin6_addr); 577 } 578 } 579 580 /* 581 * If route is known or can be allocated now, 582 * our src addr is taken from the i/f, else punt. 583 */ 584 if (ro) { 585 if (ro->ro_rt && 586 !IN6_ARE_ADDR_EQUAL(&satosin6(&ro->ro_dst)->sin6_addr, dst)) { 587 RTFREE(ro->ro_rt); 588 ro->ro_rt = NULL; 589 } 590 if (ro->ro_rt == NULL || ro->ro_rt->rt_ifp == NULL) { 591 struct sockaddr_in6 *dst6; 592 593 /* No route yet, so try to acquire one */ 594 bzero(&ro->ro_dst, sizeof(struct sockaddr_in6)); 595 dst6 = &ro->ro_dst; 596 dst6->sin6_family = AF_INET6; 597 dst6->sin6_len = sizeof(struct sockaddr_in6); 598 dst6->sin6_addr = *dst; 599 if (!jailed && IN6_IS_ADDR_MULTICAST(dst)) { 600 ro->ro_rt = 601 rtpurelookup((struct sockaddr *)&ro->ro_dst); 602 } else { 603 rtalloc((struct route *)ro); 604 } 605 } 606 607 /* 608 * in_pcbconnect() checks out IFF_LOOPBACK to skip using 609 * the address. But we don't know why it does so. 610 * It is necessary to ensure the scope even for lo0 611 * so doesn't check out IFF_LOOPBACK. 612 */ 613 614 if (ro->ro_rt) { 615 ia6 = in6_ifawithscope(ro->ro_rt->rt_ifa->ifa_ifp, dst); 616 if (ia6 && jailed) { 617 jsin6.sin6_addr = (&ia6->ia_addr)->sin6_addr; 618 if (!jailed_ip(cred->cr_prison, 619 (struct sockaddr *)&jsin6)) 620 ia6 = 0; 621 } 622 623 if (ia6 == 0) /* xxx scope error ?*/ 624 ia6 = ifatoia6(ro->ro_rt->rt_ifa); 625 626 if (ia6 && jailed) { 627 jsin6.sin6_addr = (&ia6->ia_addr)->sin6_addr; 628 if (!jailed_ip(cred->cr_prison, 629 (struct sockaddr *)&jsin6)) 630 ia6 = 0; 631 } 632 } 633 if (ia6 == 0) { 634 *errorp = EHOSTUNREACH; /* no route */ 635 return (0); 636 } 637 return (&satosin6(&ia6->ia_addr)->sin6_addr); 638 } 639 640 *errorp = EADDRNOTAVAIL; 641 return (0); 642 } 643 644 /* 645 * Default hop limit selection. The precedence is as follows: 646 * 1. Hoplimit valued specified via ioctl. 647 * 2. (If the outgoing interface is detected) the current 648 * hop limit of the interface specified by router advertisement. 649 * 3. The system default hoplimit. 650 */ 651 int 652 in6_selecthlim(struct in6pcb *in6p, struct ifnet *ifp) 653 { 654 if (in6p && in6p->in6p_hops >= 0) 655 return (in6p->in6p_hops); 656 else if (ifp) 657 return (ND_IFINFO(ifp)->chlim); 658 else 659 return (ip6_defhlim); 660 } 661 #endif 662 663 void 664 in6_pcbdisconnect(struct inpcb *inp) 665 { 666 bzero((caddr_t)&inp->in6p_faddr, sizeof(inp->in6p_faddr)); 667 inp->inp_fport = 0; 668 /* clear flowinfo - draft-itojun-ipv6-flowlabel-api-00 */ 669 inp->in6p_flowinfo &= ~IPV6_FLOWLABEL_MASK; 670 in_pcbremconnhash(inp); 671 if (inp->inp_socket->so_state & SS_NOFDREF) 672 in6_pcbdetach(inp); 673 } 674 675 void 676 in6_pcbdetach(struct inpcb *inp) 677 { 678 struct socket *so = inp->inp_socket; 679 struct inpcbinfo *ipi = inp->inp_pcbinfo; 680 681 #ifdef IPSEC 682 if (inp->in6p_sp != NULL) 683 ipsec6_delete_pcbpolicy(inp); 684 #endif /* IPSEC */ 685 inp->inp_gencnt = ++ipi->ipi_gencnt; 686 in_pcbremlists(inp); 687 so->so_pcb = NULL; 688 sofree(so); 689 690 if (inp->in6p_options) 691 m_freem(inp->in6p_options); 692 ip6_freepcbopts(inp->in6p_outputopts); 693 ip6_freemoptions(inp->in6p_moptions); 694 if (inp->in6p_route.ro_rt) 695 rtfree(inp->in6p_route.ro_rt); 696 /* Check and free IPv4 related resources in case of mapped addr */ 697 if (inp->inp_options) 698 m_free(inp->inp_options); 699 ip_freemoptions(inp->inp_moptions); 700 701 inp->inp_vflag = 0; 702 zfree(ipi->ipi_zone, inp); 703 } 704 705 /* 706 * The calling convention of in6_setsockaddr() and in6_setpeeraddr() was 707 * modified to match the pru_sockaddr() and pru_peeraddr() entry points 708 * in struct pr_usrreqs, so that protocols can just reference then directly 709 * without the need for a wrapper function. The socket must have a valid 710 * (i.e., non-nil) PCB, but it should be impossible to get an invalid one 711 * except through a kernel programming error, so it is acceptable to panic 712 * (or in this case trap) if the PCB is invalid. (Actually, we don't trap 713 * because there actually /is/ a programming error somewhere... XXX) 714 */ 715 int 716 in6_setsockaddr(struct socket *so, struct sockaddr **nam) 717 { 718 struct inpcb *inp; 719 struct sockaddr_in6 *sin6; 720 721 /* 722 * Do the malloc first in case it blocks. 723 */ 724 MALLOC(sin6, struct sockaddr_in6 *, sizeof *sin6, M_SONAME, 725 M_WAITOK | M_ZERO); 726 sin6->sin6_family = AF_INET6; 727 sin6->sin6_len = sizeof(*sin6); 728 729 crit_enter(); 730 inp = so->so_pcb; 731 if (!inp) { 732 crit_exit(); 733 kfree(sin6, M_SONAME); 734 return EINVAL; 735 } 736 sin6->sin6_port = inp->inp_lport; 737 sin6->sin6_addr = inp->in6p_laddr; 738 crit_exit(); 739 if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr)) 740 sin6->sin6_scope_id = ntohs(sin6->sin6_addr.s6_addr16[1]); 741 else 742 sin6->sin6_scope_id = 0; /*XXX*/ 743 if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr)) 744 sin6->sin6_addr.s6_addr16[1] = 0; 745 746 *nam = (struct sockaddr *)sin6; 747 return 0; 748 } 749 750 int 751 in6_setpeeraddr(struct socket *so, struct sockaddr **nam) 752 { 753 struct inpcb *inp; 754 struct sockaddr_in6 *sin6; 755 756 /* 757 * Do the malloc first in case it blocks. 758 */ 759 MALLOC(sin6, struct sockaddr_in6 *, sizeof(*sin6), M_SONAME, 760 M_WAITOK | M_ZERO); 761 sin6->sin6_family = AF_INET6; 762 sin6->sin6_len = sizeof(struct sockaddr_in6); 763 764 crit_enter(); 765 inp = so->so_pcb; 766 if (!inp) { 767 crit_exit(); 768 kfree(sin6, M_SONAME); 769 return EINVAL; 770 } 771 sin6->sin6_port = inp->inp_fport; 772 sin6->sin6_addr = inp->in6p_faddr; 773 crit_exit(); 774 if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr)) 775 sin6->sin6_scope_id = ntohs(sin6->sin6_addr.s6_addr16[1]); 776 else 777 sin6->sin6_scope_id = 0; /*XXX*/ 778 if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr)) 779 sin6->sin6_addr.s6_addr16[1] = 0; 780 781 *nam = (struct sockaddr *)sin6; 782 return 0; 783 } 784 785 int 786 in6_mapped_sockaddr(struct socket *so, struct sockaddr **nam) 787 { 788 struct inpcb *inp = so->so_pcb; 789 int error; 790 791 if (inp == NULL) 792 return EINVAL; 793 if (inp->inp_vflag & INP_IPV4) { 794 error = in_setsockaddr(so, nam); 795 if (error == 0) 796 in6_sin_2_v4mapsin6_in_sock(nam); 797 } else 798 /* scope issues will be handled in in6_setsockaddr(). */ 799 error = in6_setsockaddr(so, nam); 800 801 return error; 802 } 803 804 int 805 in6_mapped_peeraddr(struct socket *so, struct sockaddr **nam) 806 { 807 struct inpcb *inp = so->so_pcb; 808 int error; 809 810 if (inp == NULL) 811 return EINVAL; 812 if (inp->inp_vflag & INP_IPV4) { 813 error = in_setpeeraddr(so, nam); 814 if (error == 0) 815 in6_sin_2_v4mapsin6_in_sock(nam); 816 } else 817 /* scope issues will be handled in in6_setpeeraddr(). */ 818 error = in6_setpeeraddr(so, nam); 819 820 return error; 821 } 822 823 /* 824 * Pass some notification to all connections of a protocol 825 * associated with address dst. The local address and/or port numbers 826 * may be specified to limit the search. The "usual action" will be 827 * taken, depending on the ctlinput cmd. The caller must filter any 828 * cmds that are uninteresting (e.g., no error in the map). 829 * Call the protocol specific routine (if any) to report 830 * any errors for each matching socket. 831 * 832 * Must be called under crit_enter(). 833 */ 834 void 835 in6_pcbnotify(struct inpcbhead *head, struct sockaddr *dst, in_port_t fport, 836 const struct sockaddr *src, in_port_t lport, int cmd, int arg, 837 void (*notify) (struct inpcb *, int)) 838 { 839 struct inpcb *inp, *ninp; 840 struct sockaddr_in6 sa6_src, *sa6_dst; 841 u_int32_t flowinfo; 842 843 if ((unsigned)cmd >= PRC_NCMDS || dst->sa_family != AF_INET6) 844 return; 845 846 sa6_dst = (struct sockaddr_in6 *)dst; 847 if (IN6_IS_ADDR_UNSPECIFIED(&sa6_dst->sin6_addr)) 848 return; 849 850 /* 851 * note that src can be NULL when we get notify by local fragmentation. 852 */ 853 sa6_src = (src == NULL) ? sa6_any : *(const struct sockaddr_in6 *)src; 854 flowinfo = sa6_src.sin6_flowinfo; 855 856 /* 857 * Redirects go to all references to the destination, 858 * and use in6_rtchange to invalidate the route cache. 859 * Dead host indications: also use in6_rtchange to invalidate 860 * the cache, and deliver the error to all the sockets. 861 * Otherwise, if we have knowledge of the local port and address, 862 * deliver only to that socket. 863 */ 864 if (PRC_IS_REDIRECT(cmd) || cmd == PRC_HOSTDEAD) { 865 fport = 0; 866 lport = 0; 867 bzero((caddr_t)&sa6_src.sin6_addr, sizeof(sa6_src.sin6_addr)); 868 869 if (cmd != PRC_HOSTDEAD) 870 notify = in6_rtchange; 871 } 872 if (cmd != PRC_MSGSIZE) 873 arg = inet6ctlerrmap[cmd]; 874 crit_enter(); 875 for (inp = LIST_FIRST(head); inp != NULL; inp = ninp) { 876 ninp = LIST_NEXT(inp, inp_list); 877 878 if (inp->inp_flags & INP_PLACEMARKER) 879 continue; 880 881 if ((inp->inp_vflag & INP_IPV6) == 0) 882 continue; 883 /* 884 * If the error designates a new path MTU for a destination 885 * and the application (associated with this socket) wanted to 886 * know the value, notify. Note that we notify for all 887 * disconnected sockets if the corresponding application 888 * wanted. This is because some UDP applications keep sending 889 * sockets disconnected. 890 * XXX: should we avoid to notify the value to TCP sockets? 891 */ 892 if (cmd == PRC_MSGSIZE && (inp->inp_flags & IN6P_MTU) != 0 && 893 (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) || 894 IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, &sa6_dst->sin6_addr))) { 895 ip6_notify_pmtu(inp, (struct sockaddr_in6 *)dst, arg); 896 } 897 898 /* 899 * Detect if we should notify the error. If no source and 900 * destination ports are specifed, but non-zero flowinfo and 901 * local address match, notify the error. This is the case 902 * when the error is delivered with an encrypted buffer 903 * by ESP. Otherwise, just compare addresses and ports 904 * as usual. 905 */ 906 if (lport == 0 && fport == 0 && flowinfo && 907 inp->inp_socket != NULL && 908 flowinfo == (inp->in6p_flowinfo & IPV6_FLOWLABEL_MASK) && 909 IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, &sa6_src.sin6_addr)) 910 goto do_notify; 911 else if (!IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, 912 &sa6_dst->sin6_addr) || 913 inp->inp_socket == 0 || 914 (lport && inp->inp_lport != lport) || 915 (!IN6_IS_ADDR_UNSPECIFIED(&sa6_src.sin6_addr) && 916 !IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, 917 &sa6_src.sin6_addr)) || 918 (fport && inp->inp_fport != fport)) 919 continue; 920 921 do_notify: 922 if (notify) 923 (*notify)(inp, arg); 924 } 925 crit_exit(); 926 } 927 928 /* 929 * Lookup a PCB based on the local address and port. 930 */ 931 struct inpcb * 932 in6_pcblookup_local(struct inpcbinfo *pcbinfo, struct in6_addr *laddr, 933 u_int lport_arg, int wild_okay, struct ucred *cred) 934 { 935 struct inpcb *inp; 936 int matchwild = 3, wildcard; 937 u_short lport = lport_arg; 938 struct inpcbporthead *porthash; 939 struct inpcbport *phd; 940 struct inpcb *match = NULL; 941 942 /* 943 * Best fit PCB lookup. 944 * 945 * First see if this local port is in use by looking on the 946 * port hash list. 947 */ 948 porthash = &pcbinfo->porthashbase[INP_PCBPORTHASH(lport, 949 pcbinfo->porthashmask)]; 950 LIST_FOREACH(phd, porthash, phd_hash) { 951 if (phd->phd_port == lport) 952 break; 953 } 954 if (phd != NULL) { 955 /* 956 * Port is in use by one or more PCBs. Look for best 957 * fit. 958 */ 959 LIST_FOREACH(inp, &phd->phd_pcblist, inp_portlist) { 960 wildcard = 0; 961 if ((inp->inp_vflag & INP_IPV6) == 0) 962 continue; 963 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr)) 964 wildcard++; 965 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 966 if (IN6_IS_ADDR_UNSPECIFIED(laddr)) 967 wildcard++; 968 else if (!IN6_ARE_ADDR_EQUAL( 969 &inp->in6p_laddr, laddr)) 970 continue; 971 } else { 972 if (!IN6_IS_ADDR_UNSPECIFIED(laddr)) 973 wildcard++; 974 } 975 if (wildcard && !wild_okay) 976 continue; 977 if (wildcard < matchwild && 978 (cred == NULL || 979 cred->cr_prison == 980 inp->inp_socket->so_cred->cr_prison)) { 981 match = inp; 982 matchwild = wildcard; 983 if (wildcard == 0) 984 break; 985 else 986 matchwild = wildcard; 987 } 988 } 989 } 990 return (match); 991 } 992 993 void 994 in6_pcbpurgeif0(struct in6pcb *head, struct ifnet *ifp) 995 { 996 struct in6pcb *in6p; 997 struct ip6_moptions *im6o; 998 struct in6_multi_mship *imm, *nimm; 999 1000 for (in6p = head; in6p != NULL; in6p = LIST_NEXT(in6p, inp_list)) { 1001 if (in6p->in6p_flags & INP_PLACEMARKER) 1002 continue; 1003 im6o = in6p->in6p_moptions; 1004 if ((in6p->inp_vflag & INP_IPV6) && 1005 im6o) { 1006 /* 1007 * Unselect the outgoing interface if it is being 1008 * detached. 1009 */ 1010 if (im6o->im6o_multicast_ifp == ifp) 1011 im6o->im6o_multicast_ifp = NULL; 1012 1013 /* 1014 * Drop multicast group membership if we joined 1015 * through the interface being detached. 1016 * XXX controversial - is it really legal for kernel 1017 * to force this? 1018 */ 1019 for (imm = im6o->im6o_memberships.lh_first; 1020 imm != NULL; imm = nimm) { 1021 nimm = imm->i6mm_chain.le_next; 1022 if (imm->i6mm_maddr->in6m_ifp == ifp) { 1023 LIST_REMOVE(imm, i6mm_chain); 1024 in6_delmulti(imm->i6mm_maddr); 1025 kfree(imm, M_IPMADDR); 1026 } 1027 } 1028 } 1029 } 1030 } 1031 1032 /* 1033 * Check for alternatives when higher level complains 1034 * about service problems. For now, invalidate cached 1035 * routing information. If the route was created dynamically 1036 * (by a redirect), time to try a default gateway again. 1037 */ 1038 void 1039 in6_losing(struct inpcb *in6p) 1040 { 1041 struct rtentry *rt; 1042 struct rt_addrinfo info; 1043 1044 if ((rt = in6p->in6p_route.ro_rt) != NULL) { 1045 bzero((caddr_t)&info, sizeof(info)); 1046 info.rti_flags = rt->rt_flags; 1047 info.rti_info[RTAX_DST] = rt_key(rt); 1048 info.rti_info[RTAX_GATEWAY] = rt->rt_gateway; 1049 info.rti_info[RTAX_NETMASK] = rt_mask(rt); 1050 rt_missmsg(RTM_LOSING, &info, rt->rt_flags, 0); 1051 if (rt->rt_flags & RTF_DYNAMIC) 1052 rtrequest1_global(RTM_DELETE, &info, NULL, NULL); 1053 in6p->in6p_route.ro_rt = NULL; 1054 rtfree(rt); 1055 /* 1056 * A new route can be allocated 1057 * the next time output is attempted. 1058 */ 1059 } 1060 } 1061 1062 /* 1063 * After a routing change, flush old routing 1064 * and allocate a (hopefully) better one. 1065 */ 1066 void 1067 in6_rtchange(struct inpcb *inp, int error) 1068 { 1069 if (inp->in6p_route.ro_rt) { 1070 rtfree(inp->in6p_route.ro_rt); 1071 inp->in6p_route.ro_rt = 0; 1072 /* 1073 * A new route can be allocated the next time 1074 * output is attempted. 1075 */ 1076 } 1077 } 1078 1079 /* 1080 * Lookup PCB in hash list. 1081 */ 1082 struct inpcb * 1083 in6_pcblookup_hash(struct inpcbinfo *pcbinfo, struct in6_addr *faddr, 1084 u_int fport_arg, struct in6_addr *laddr, u_int lport_arg, 1085 int wildcard, struct ifnet *ifp) 1086 { 1087 struct inpcbhead *head; 1088 struct inpcb *inp; 1089 struct inpcb *jinp = NULL; 1090 u_short fport = fport_arg, lport = lport_arg; 1091 int faith; 1092 1093 if (faithprefix_p != NULL) 1094 faith = (*faithprefix_p)(laddr); 1095 else 1096 faith = 0; 1097 1098 /* 1099 * First look for an exact match. 1100 */ 1101 head = &pcbinfo->hashbase[INP_PCBCONNHASH(faddr->s6_addr32[3] /* XXX */, 1102 fport, 1103 laddr->s6_addr32[3], /* XXX JH */ 1104 lport, 1105 pcbinfo->hashmask)]; 1106 LIST_FOREACH(inp, head, inp_hash) { 1107 if ((inp->inp_vflag & INP_IPV6) == 0) 1108 continue; 1109 if (IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, faddr) && 1110 IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr) && 1111 inp->inp_fport == fport && 1112 inp->inp_lport == lport) { 1113 /* 1114 * Found. 1115 */ 1116 if (inp->inp_socket == NULL || 1117 inp->inp_socket->so_cred->cr_prison == NULL) { 1118 return (inp); 1119 } else { 1120 if (jinp == NULL) 1121 jinp = inp; 1122 } 1123 } 1124 } 1125 if (jinp != NULL) 1126 return(jinp); 1127 if (wildcard) { 1128 struct inpcontainerhead *chead; 1129 struct inpcontainer *ic; 1130 struct inpcb *local_wild = NULL; 1131 struct inpcb *jinp_wild = NULL; 1132 struct sockaddr_in6 jsin6; 1133 struct ucred *cred; 1134 1135 /* 1136 * Order of socket selection: 1137 * 1. non-jailed, non-wild. 1138 * 2. non-jailed, wild. 1139 * 3. jailed, non-wild. 1140 * 4. jailed, wild. 1141 */ 1142 jsin6.sin6_family = AF_INET6; 1143 chead = &pcbinfo->wildcardhashbase[INP_PCBWILDCARDHASH(lport, 1144 pcbinfo->wildcardhashmask)]; 1145 LIST_FOREACH(ic, chead, ic_list) { 1146 inp = ic->ic_inp; 1147 1148 if (!(inp->inp_vflag & INP_IPV6)) 1149 continue; 1150 if (inp->inp_socket != NULL) 1151 cred = inp->inp_socket->so_cred; 1152 else 1153 cred = NULL; 1154 1155 if (cred != NULL && jailed(cred)) { 1156 if (jinp != NULL) { 1157 continue; 1158 } else { 1159 jsin6.sin6_addr = *laddr; 1160 if (!jailed_ip(cred->cr_prison, 1161 (struct sockaddr *)&jsin6)) 1162 continue; 1163 } 1164 } 1165 if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) && 1166 inp->inp_lport == lport) { 1167 if (faith && (inp->inp_flags & INP_FAITH) == 0) 1168 continue; 1169 if (IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, 1170 laddr)) { 1171 if (cred != NULL && jailed(cred)) 1172 jinp = inp; 1173 else 1174 return (inp); 1175 } else if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 1176 if (cred != NULL && jailed(cred)) 1177 jinp_wild = inp; 1178 else 1179 local_wild = inp; 1180 } 1181 } 1182 } 1183 if (local_wild != NULL) 1184 return (local_wild); 1185 if (jinp != NULL) 1186 return (jinp); 1187 return (jinp_wild); 1188 } 1189 1190 /* 1191 * Not found. 1192 */ 1193 return (NULL); 1194 } 1195 1196 void 1197 init_sin6(struct sockaddr_in6 *sin6, struct mbuf *m) 1198 { 1199 struct ip6_hdr *ip; 1200 1201 ip = mtod(m, struct ip6_hdr *); 1202 bzero(sin6, sizeof(*sin6)); 1203 sin6->sin6_len = sizeof(*sin6); 1204 sin6->sin6_family = AF_INET6; 1205 sin6->sin6_addr = ip->ip6_src; 1206 if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr)) 1207 sin6->sin6_addr.s6_addr16[1] = 0; 1208 sin6->sin6_scope_id = 1209 (m->m_pkthdr.rcvif && IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr)) 1210 ? m->m_pkthdr.rcvif->if_index : 0; 1211 1212 return; 1213 } 1214