1 /* $OpenBSD: udp.c,v 1.95 2008/07/22 09:45:56 bluhm Exp $ */ 2 /* $EOM: udp.c,v 1.57 2001/01/26 10:09:57 niklas Exp $ */ 3 4 /* 5 * Copyright (c) 1998, 1999, 2001 Niklas Hallqvist. All rights reserved. 6 * Copyright (c) 2000 Angelos D. Keromytis. All rights reserved. 7 * Copyright (c) 2003, 2004 H�kan Olsson. All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 */ 29 30 /* 31 * This code was written under funding by Ericsson Radio Systems. 32 */ 33 34 #include <sys/types.h> 35 #include <sys/ioctl.h> 36 #include <sys/socket.h> 37 #include <sys/sockio.h> 38 #include <net/if.h> 39 #include <netinet/in.h> 40 #include <arpa/inet.h> 41 #include <ctype.h> 42 #include <limits.h> 43 #include <netdb.h> 44 #include <stdlib.h> 45 #include <string.h> 46 #include <unistd.h> 47 48 #include "conf.h" 49 #include "if.h" 50 #include "isakmp.h" 51 #include "log.h" 52 #include "message.h" 53 #include "monitor.h" 54 #include "transport.h" 55 #include "udp.h" 56 #include "util.h" 57 #include "virtual.h" 58 59 #define UDP_SIZE 65536 60 61 /* If a system doesn't have SO_REUSEPORT, SO_REUSEADDR will have to do. */ 62 #ifndef SO_REUSEPORT 63 #define SO_REUSEPORT SO_REUSEADDR 64 #endif 65 66 /* These are reused by udp_encap.c, thus not 'static' here. */ 67 struct transport *udp_clone(struct transport *, struct sockaddr *); 68 int udp_fd_set(struct transport *, fd_set *, int); 69 int udp_fd_isset(struct transport *, fd_set *); 70 void udp_get_dst(struct transport *, struct sockaddr **); 71 void udp_get_src(struct transport *, struct sockaddr **); 72 char *udp_decode_ids(struct transport *); 73 void udp_remove(struct transport *); 74 75 static struct transport *udp_create(char *); 76 static void udp_report(struct transport *); 77 static void udp_handle_message(struct transport *); 78 static struct transport *udp_make(struct sockaddr *); 79 static int udp_send_message(struct message *, struct transport *); 80 81 static struct transport_vtbl udp_transport_vtbl = { 82 {0}, "udp_physical", 83 udp_create, 84 0, 85 udp_remove, 86 udp_report, 87 udp_fd_set, 88 udp_fd_isset, 89 udp_handle_message, 90 udp_send_message, 91 udp_get_dst, 92 udp_get_src, 93 udp_decode_ids, 94 udp_clone, 95 0 96 }; 97 98 char *udp_default_port = 0; 99 int bind_family = 0; 100 101 void 102 udp_init(void) 103 { 104 transport_method_add(&udp_transport_vtbl); 105 } 106 107 /* Create a UDP transport structure bound to LADDR just for listening. */ 108 static struct transport * 109 udp_make(struct sockaddr *laddr) 110 { 111 struct udp_transport *t = 0; 112 int s, on, wildcardaddress = 0; 113 char *tstr; 114 115 t = calloc(1, sizeof *t); 116 if (!t) { 117 log_print("udp_make: calloc (1, %lu) failed", 118 (unsigned long)sizeof *t); 119 free(laddr); 120 return 0; 121 } 122 t->src = laddr; 123 124 s = socket(laddr->sa_family, SOCK_DGRAM, IPPROTO_UDP); 125 if (s == -1) { 126 log_error("udp_make: socket (%d, %d, %d)", laddr->sa_family, 127 SOCK_DGRAM, IPPROTO_UDP); 128 goto err; 129 } 130 /* Make sure we don't get our traffic encrypted. */ 131 if (sysdep_cleartext(s, laddr->sa_family) == -1) 132 goto err; 133 134 /* Wildcard address ? */ 135 switch (laddr->sa_family) { 136 case AF_INET: 137 if (((struct sockaddr_in *)laddr)->sin_addr.s_addr == 138 INADDR_ANY) 139 wildcardaddress = 1; 140 break; 141 case AF_INET6: 142 if (IN6_IS_ADDR_UNSPECIFIED(&((struct sockaddr_in6 *)laddr)->sin6_addr)) 143 wildcardaddress = 1; 144 break; 145 } 146 147 /* 148 * In order to have several bound specific address-port combinations 149 * with the same port SO_REUSEADDR is needed. If this is a wildcard 150 * socket and we are not listening there, but only sending from it 151 * make sure it is entirely reuseable with SO_REUSEPORT. 152 */ 153 on = 1; 154 if (setsockopt(s, SOL_SOCKET, 155 wildcardaddress ? SO_REUSEPORT : SO_REUSEADDR, 156 (void *)&on, sizeof on) == -1) { 157 log_error("udp_make: setsockopt (%d, %d, %d, %p, %lu)", s, 158 SOL_SOCKET, wildcardaddress ? SO_REUSEPORT : SO_REUSEADDR, 159 &on, (unsigned long)sizeof on); 160 goto err; 161 } 162 t->transport.vtbl = &udp_transport_vtbl; 163 if (monitor_bind(s, t->src, SA_LEN(t->src))) { 164 if (sockaddr2text(t->src, &tstr, 0)) 165 log_error("udp_make: bind (%d, %p, %lu)", s, &t->src, 166 (unsigned long)sizeof t->src); 167 else { 168 log_error("udp_make: bind (%d, %s, %lu)", s, tstr, 169 (unsigned long)sizeof t->src); 170 free(tstr); 171 } 172 goto err; 173 } 174 t->s = s; 175 if (sockaddr2text(t->src, &tstr, 0)) 176 LOG_DBG((LOG_MISC, 20, "udp_make: " 177 "transport %p socket %d family %d", t, s, 178 t->src->sa_family == AF_INET ? 4 : 6)); 179 else { 180 LOG_DBG((LOG_MISC, 20, "udp_make: " 181 "transport %p socket %d ip %s port %d", t, s, 182 tstr, ntohs(sockaddr_port(t->src)))); 183 free (tstr); 184 } 185 transport_setup(&t->transport, 0); 186 t->transport.flags |= TRANSPORT_LISTEN; 187 return &t->transport; 188 189 err: 190 if (s >= 0) 191 close(s); 192 if (t) { 193 /* Already closed. */ 194 t->s = -1; 195 udp_remove(&t->transport); 196 } 197 return 0; 198 } 199 200 /* Clone a listen transport U, record a destination RADDR for outbound use. */ 201 struct transport * 202 udp_clone(struct transport *ut, struct sockaddr *raddr) 203 { 204 struct udp_transport *u = (struct udp_transport *)ut; 205 struct udp_transport *u2; 206 struct transport *t; 207 208 t = malloc(sizeof *u); 209 if (!t) { 210 log_error("udp_clone: malloc (%lu) failed", 211 (unsigned long)sizeof *u); 212 return 0; 213 } 214 u2 = (struct udp_transport *)t; 215 216 memcpy(u2, u, sizeof *u); 217 218 u2->src = malloc(SA_LEN(u->src)); 219 if (!u2->src) { 220 log_error("udp_clone: malloc (%lu) failed", 221 (unsigned long)SA_LEN(u->src)); 222 free(t); 223 return 0; 224 } 225 memcpy(u2->src, u->src, SA_LEN(u->src)); 226 227 u2->dst = malloc(SA_LEN(raddr)); 228 if (!u2->dst) { 229 log_error("udp_clone: malloc (%lu) failed", 230 (unsigned long)SA_LEN(raddr)); 231 free(u2->src); 232 free(t); 233 return 0; 234 } 235 memcpy(u2->dst, raddr, SA_LEN(raddr)); 236 237 t->flags &= ~TRANSPORT_LISTEN; 238 transport_setup(t, 0); 239 return t; 240 } 241 242 /* 243 * Initialize an object of the UDP transport class. Fill in the local 244 * IP address and port information and create a server socket bound to 245 * that specific port. Add the polymorphic transport structure to the 246 * system-wide pools of known ISAKMP transports. 247 */ 248 struct transport * 249 udp_bind(const struct sockaddr *addr) 250 { 251 struct sockaddr *src; 252 253 src = malloc(SA_LEN(addr)); 254 if (!src) 255 return 0; 256 257 memcpy(src, addr, SA_LEN(addr)); 258 return udp_make(src); 259 } 260 261 /* 262 * NAME is a section name found in the config database. Setup and return 263 * a transport useable to talk to the peer specified by that name. 264 */ 265 static struct transport * 266 udp_create(char *name) 267 { 268 struct virtual_transport *v; 269 struct udp_transport *u; 270 struct transport *rv = 0; 271 struct sockaddr *dst, *addr; 272 char *addr_str, *port_str; 273 struct conf_list *addr_list = 0; 274 struct conf_list_node *addr_node; 275 276 port_str = conf_get_str(name, "Port"); 277 if (!port_str) 278 port_str = udp_default_port; 279 if (!port_str) 280 port_str = UDP_DEFAULT_PORT_STR; 281 282 addr_str = conf_get_str(name, "Address"); 283 if (!addr_str) { 284 log_print("udp_create: no address configured for \"%s\"", 285 name); 286 return 0; 287 } 288 if (text2sockaddr(addr_str, port_str, &dst, 0, 0)) { 289 log_print("udp_create: address \"%s\" not understood", 290 addr_str); 291 return 0; 292 } 293 addr_str = conf_get_str(name, "Local-address"); 294 if (!addr_str) 295 addr_list = conf_get_list("General", "Listen-on"); 296 if (!addr_str && !addr_list) { 297 v = virtual_get_default(dst->sa_family); 298 if (!v) { 299 log_print("udp_create: no virtual default transport " 300 "for address family %d", dst->sa_family); 301 goto ret; 302 } 303 u = (struct udp_transport *)v->main; 304 if (!u) { 305 log_print("udp_create: no udp default transport " 306 "for address family %d", dst->sa_family); 307 goto ret; 308 } 309 rv = udp_clone((struct transport *)u, dst); 310 if (rv) 311 rv->vtbl = &udp_transport_vtbl; 312 goto ret; 313 } 314 315 if (addr_list) { 316 for (addr_node = TAILQ_FIRST(&addr_list->fields); 317 addr_node; addr_node = TAILQ_NEXT(addr_node, link)) 318 if (text2sockaddr(addr_node->field, 319 port_str, &addr, 0, 0) == 0) { 320 v = virtual_listen_lookup(addr); 321 free(addr); 322 if (v) { 323 addr_str = addr_node->field; 324 break; 325 } 326 } 327 if (!addr_str) { 328 log_print("udp_create: no matching listener found"); 329 goto ret; 330 } 331 } 332 if (text2sockaddr(addr_str, port_str, &addr, 0, 0)) { 333 log_print("udp_create: address \"%s\" not understood", 334 addr_str); 335 goto ret; 336 } 337 338 v = virtual_listen_lookup(addr); 339 free(addr); 340 if (!v) { 341 log_print("udp_create: %s:%s must exist as a listener too", 342 addr_str, port_str); 343 goto ret; 344 } 345 rv = udp_clone(v->main, dst); 346 if (rv) 347 rv->vtbl = &udp_transport_vtbl; 348 349 ret: 350 if (addr_list) 351 conf_free_list(addr_list); 352 free(dst); 353 return rv; 354 } 355 356 void 357 udp_remove(struct transport *t) 358 { 359 struct udp_transport *u = (struct udp_transport *)t; 360 struct transport *p; 361 362 free(u->src); 363 free(u->dst); 364 if ((t->flags & TRANSPORT_LISTEN) && u->s >= 0) 365 close(u->s); 366 367 for (p = LIST_FIRST(&transport_list); p && p != t; p = 368 LIST_NEXT(p, link)) 369 ; 370 if (p == t) 371 LIST_REMOVE(t, link); 372 373 LOG_DBG((LOG_TRANSPORT, 90, "udp_remove: removed transport %p", t)); 374 free(t); 375 } 376 377 /* Report transport-method specifics of the T transport. */ 378 void 379 udp_report(struct transport *t) 380 { 381 struct udp_transport *u = (struct udp_transport *)t; 382 char *src = NULL, *dst = NULL; 383 in_port_t sport, dport; 384 385 if (sockaddr2text(u->src, &src, 0)) 386 return; 387 sport = sockaddr_port(u->src); 388 389 if (!u->dst || sockaddr2text(u->dst, &dst, 0)) 390 dst = 0; 391 dport = dst ? sockaddr_port(u->dst) : 0; 392 393 LOG_DBG((LOG_REPORT, 0, "udp_report: fd %d src %s:%u dst %s:%u", u->s, 394 src, ntohs(sport), dst ? dst : "<none>", ntohs(dport))); 395 396 free(dst); 397 free(src); 398 } 399 400 /* 401 * A message has arrived on transport T's socket. If T is single-ended, 402 * clone it into a double-ended transport which we will use from now on. 403 * Package the message as we want it and continue processing in the message 404 * module. 405 */ 406 static void 407 udp_handle_message(struct transport *t) 408 { 409 struct udp_transport *u = (struct udp_transport *)t; 410 u_int8_t buf[UDP_SIZE]; 411 struct sockaddr_storage from; 412 u_int32_t len = sizeof from; 413 ssize_t n; 414 struct message *msg; 415 416 n = recvfrom(u->s, buf, UDP_SIZE, 0, (struct sockaddr *)&from, &len); 417 if (n == -1) { 418 log_error("recvfrom (%d, %p, %d, %d, %p, %p)", u->s, buf, 419 UDP_SIZE, 0, &from, &len); 420 return; 421 } 422 423 if (t->virtual == (struct transport *)virtual_get_default(AF_INET) || 424 t->virtual == (struct transport *)virtual_get_default(AF_INET6)) { 425 t->virtual->vtbl->reinit(); 426 427 /* 428 * As we don't know the actual destination address of the 429 * packet, we can't really deal with it. So, just ignore it 430 * and hope we catch the retransmission. 431 */ 432 return; 433 } 434 435 /* 436 * Make a specialized UDP transport structure out of the incoming 437 * transport and the address information we got from recvfrom(2). 438 */ 439 t = t->virtual->vtbl->clone(t->virtual, (struct sockaddr *)&from); 440 if (!t) 441 return; 442 443 msg = message_alloc(t, buf, n); 444 if (!msg) { 445 log_error("failed to allocate message structure, dropping " 446 "packet received on transport %p", u); 447 t->vtbl->remove(t); 448 return; 449 } 450 message_recv(msg); 451 } 452 453 /* Physically send the message MSG over its associated transport. */ 454 static int 455 udp_send_message(struct message *msg, struct transport *t) 456 { 457 struct udp_transport *u = (struct udp_transport *)t; 458 ssize_t n; 459 struct msghdr m; 460 461 /* 462 * Sending on connected sockets requires that no destination address is 463 * given, or else EISCONN will occur. 464 */ 465 m.msg_name = (caddr_t) u->dst; 466 m.msg_namelen = SA_LEN(u->dst); 467 m.msg_iov = msg->iov; 468 m.msg_iovlen = msg->iovlen; 469 m.msg_control = 0; 470 m.msg_controllen = 0; 471 m.msg_flags = 0; 472 n = sendmsg(u->s, &m, 0); 473 if (n == -1) { 474 /* XXX We should check whether the address has gone away */ 475 log_error("sendmsg (%d, %p, %d)", u->s, &m, 0); 476 return -1; 477 } 478 return 0; 479 } 480 481 int 482 udp_fd_set(struct transport *t, fd_set *fds, int bit) 483 { 484 struct udp_transport *u = (struct udp_transport *)t; 485 486 if (bit) 487 FD_SET(u->s, fds); 488 else 489 FD_CLR(u->s, fds); 490 491 return u->s + 1; 492 } 493 494 int 495 udp_fd_isset(struct transport *t, fd_set *fds) 496 { 497 struct udp_transport *u = (struct udp_transport *)t; 498 499 return FD_ISSET(u->s, fds); 500 } 501 502 /* 503 * Get transport T's peer address and stuff it into the sockaddr pointed 504 * to by DST. 505 */ 506 void 507 udp_get_dst(struct transport *t, struct sockaddr **dst) 508 { 509 *dst = ((struct udp_transport *)t)->dst; 510 } 511 512 /* 513 * Get transport T's local address and stuff it into the sockaddr pointed 514 * to by SRC. Put its length into SRC_LEN. 515 */ 516 void 517 udp_get_src(struct transport *t, struct sockaddr **src) 518 { 519 *src = ((struct udp_transport *)t)->src; 520 } 521 522 char * 523 udp_decode_ids(struct transport *t) 524 { 525 struct sockaddr *src, *dst; 526 static char result[1024]; 527 char idsrc[256], iddst[256]; 528 529 t->vtbl->get_src(t, &src); 530 t->vtbl->get_dst(t, &dst); 531 532 if (getnameinfo(src, SA_LEN(src), idsrc, sizeof idsrc, NULL, 0, 533 NI_NUMERICHOST) != 0) { 534 log_print("udp_decode_ids: getnameinfo () failed for 'src'"); 535 strlcpy(idsrc, "<error>", 256); 536 } 537 if (getnameinfo(dst, SA_LEN(dst), iddst, sizeof iddst, NULL, 0, 538 NI_NUMERICHOST) != 0) { 539 log_print("udp_decode_ids: getnameinfo () failed for 'dst'"); 540 strlcpy(iddst, "<error>", 256); 541 } 542 543 snprintf(result, sizeof result, "src: %s dst: %s", idsrc, iddst); 544 return result; 545 } 546