1 /* $FreeBSD: src/sys/netinet6/udp6_output.c,v 1.1.2.6 2003/01/23 21:06:47 sam Exp $ */ 2 /* $KAME: udp6_output.c,v 1.31 2001/05/21 16:39:15 jinmei Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1989, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. All advertising materials mentioning features or use of this software 46 * must display the following acknowledgement: 47 * This product includes software developed by the University of 48 * California, Berkeley and its contributors. 49 * 4. Neither the name of the University nor the names of its contributors 50 * may be used to endorse or promote products derived from this software 51 * without specific prior written permission. 52 * 53 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 54 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 55 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 56 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 57 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 58 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 59 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 60 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 61 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 62 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 63 * SUCH DAMAGE. 64 * 65 * @(#)udp_var.h 8.1 (Berkeley) 6/10/93 66 */ 67 68 #include "opt_ipsec.h" 69 #include "opt_inet.h" 70 #include "opt_inet6.h" 71 72 #include <sys/param.h> 73 #include <sys/malloc.h> 74 #include <sys/mbuf.h> 75 #include <sys/protosw.h> 76 #include <sys/socket.h> 77 #include <sys/socketvar.h> 78 #include <sys/sysctl.h> 79 #include <sys/errno.h> 80 #include <sys/stat.h> 81 #include <sys/systm.h> 82 #include <sys/proc.h> 83 #include <sys/priv.h> 84 #include <sys/syslog.h> 85 86 #include <net/if.h> 87 #include <net/route.h> 88 #include <net/if_types.h> 89 90 #include <netinet/in.h> 91 #include <netinet/in_var.h> 92 #include <netinet/in_systm.h> 93 #include <netinet/ip.h> 94 #include <netinet/ip_var.h> 95 #include <netinet/in_pcb.h> 96 #include <netinet/udp.h> 97 #include <netinet/udp_var.h> 98 #include <netinet/ip6.h> 99 #include <netinet6/ip6_var.h> 100 #include <netinet6/in6_pcb.h> 101 #include <netinet6/udp6_var.h> 102 #include <netinet/icmp6.h> 103 #include <netinet6/ip6protosw.h> 104 105 #ifdef IPSEC 106 #include <netinet6/ipsec.h> 107 #ifdef INET6 108 #include <netinet6/ipsec6.h> 109 #endif 110 #endif /* IPSEC */ 111 112 #include <net/net_osdep.h> 113 114 /* 115 * UDP protocol inplementation. 116 * Per RFC 768, August, 1980. 117 */ 118 119 #define in6pcb inpcb 120 #define udp6stat udpstat 121 #define udp6s_opackets udps_opackets 122 123 int 124 udp6_output(struct in6pcb *in6p, struct mbuf *m, struct sockaddr *addr6, 125 struct mbuf *control, struct thread *td) 126 { 127 u_int32_t ulen = m->m_pkthdr.len; 128 u_int32_t plen = sizeof(struct udphdr) + ulen; 129 struct ip6_hdr *ip6; 130 struct udphdr *udp6; 131 struct in6_addr *laddr, *faddr; 132 u_short fport; 133 int error = 0; 134 struct ip6_pktopts opt, *stickyopt = in6p->in6p_outputopts; 135 int priv; 136 int af = AF_INET6, hlen = sizeof(struct ip6_hdr); 137 int flags; 138 struct sockaddr_in6 tmp; 139 140 priv = !priv_check(td, PRIV_ROOT); /* 1 if privileged, 0 if not */ 141 if (control) { 142 if ((error = ip6_setpktoptions(control, &opt, 143 in6p->in6p_outputopts, 144 IPPROTO_UDP, priv)) != 0) 145 goto release; 146 in6p->in6p_outputopts = &opt; 147 } 148 149 if (addr6) { 150 /* 151 * IPv4 version of udp_output calls in_pcbconnect in this case, 152 * which needs splnet and affects performance. 153 * Since we saw no essential reason for calling in_pcbconnect, 154 * we get rid of such kind of logic, and call in6_selectsrc 155 * and in6_pcbsetport in order to fill in the local address 156 * and the local port. 157 */ 158 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)addr6; 159 if (sin6->sin6_port == 0) { 160 error = EADDRNOTAVAIL; 161 goto release; 162 } 163 164 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) { 165 /* how about ::ffff:0.0.0.0 case? */ 166 error = EISCONN; 167 goto release; 168 } 169 if (!prison_remote_ip(td, (struct sockaddr *)addr6)) { 170 error = EAFNOSUPPORT; /* IPv4 only jail */ 171 goto release; 172 } 173 174 /* protect *sin6 from overwrites */ 175 tmp = *sin6; 176 sin6 = &tmp; 177 178 faddr = &sin6->sin6_addr; 179 fport = sin6->sin6_port; /* allow 0 port */ 180 181 if (IN6_IS_ADDR_V4MAPPED(faddr)) { 182 if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY)) { 183 /* 184 * I believe we should explicitly discard the 185 * packet when mapped addresses are disabled, 186 * rather than send the packet as an IPv6 one. 187 * If we chose the latter approach, the packet 188 * might be sent out on the wire based on the 189 * default route, the situation which we'd 190 * probably want to avoid. 191 * (20010421 jinmei@kame.net) 192 */ 193 error = EINVAL; 194 goto release; 195 } else 196 af = AF_INET; 197 } 198 199 /* KAME hack: embed scopeid */ 200 if (in6_embedscope(&sin6->sin6_addr, sin6, in6p, NULL) != 0) { 201 error = EINVAL; 202 goto release; 203 } 204 205 if (!IN6_IS_ADDR_V4MAPPED(faddr)) { 206 laddr = in6_selectsrc(sin6, in6p->in6p_outputopts, 207 in6p->in6p_moptions, 208 &in6p->in6p_route, 209 &in6p->in6p_laddr, &error, NULL); 210 } else 211 laddr = &in6p->in6p_laddr; /* XXX */ 212 if (laddr == NULL) { 213 if (error == 0) 214 error = EADDRNOTAVAIL; 215 goto release; 216 } 217 if (in6p->in6p_lport == 0 && 218 (error = in6_pcbsetport(laddr, in6p, td)) != 0) 219 goto release; 220 } else { 221 if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) { 222 error = ENOTCONN; 223 goto release; 224 } 225 if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr)) { 226 if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY)) { 227 /* 228 * XXX: this case would happen when the 229 * application sets the V6ONLY flag after 230 * connecting the foreign address. 231 * Such applications should be fixed, 232 * so we bark here. 233 */ 234 log(LOG_INFO, "udp6_output: IPV6_V6ONLY " 235 "option was set for a connected socket\n"); 236 error = EINVAL; 237 goto release; 238 } else 239 af = AF_INET; 240 } 241 laddr = &in6p->in6p_laddr; 242 faddr = &in6p->in6p_faddr; 243 fport = in6p->in6p_fport; 244 } 245 246 if (af == AF_INET) 247 hlen = sizeof(struct ip); 248 249 /* 250 * Calculate data length and get a mbuf 251 * for UDP and IP6 headers. 252 */ 253 M_PREPEND(m, hlen + sizeof(struct udphdr), MB_DONTWAIT); 254 if (m == NULL) { 255 error = ENOBUFS; 256 goto release; 257 } 258 259 /* 260 * Stuff checksum and output datagram. 261 */ 262 udp6 = (struct udphdr *)(mtod(m, caddr_t) + hlen); 263 udp6->uh_sport = in6p->in6p_lport; /* lport is always set in the PCB */ 264 udp6->uh_dport = fport; 265 if (plen <= 0xffff) 266 udp6->uh_ulen = htons((u_short)plen); 267 else 268 udp6->uh_ulen = 0; 269 udp6->uh_sum = 0; 270 271 switch (af) { 272 case AF_INET6: 273 ip6 = mtod(m, struct ip6_hdr *); 274 ip6->ip6_flow = in6p->in6p_flowinfo & IPV6_FLOWINFO_MASK; 275 ip6->ip6_vfc &= ~IPV6_VERSION_MASK; 276 ip6->ip6_vfc |= IPV6_VERSION; 277 #if 0 /* ip6_plen will be filled in ip6_output. */ 278 ip6->ip6_plen = htons((u_short)plen); 279 #endif 280 ip6->ip6_nxt = IPPROTO_UDP; 281 ip6->ip6_hlim = in6_selecthlim(in6p, 282 in6p->in6p_route.ro_rt ? 283 in6p->in6p_route.ro_rt->rt_ifp : NULL); 284 ip6->ip6_src = *laddr; 285 ip6->ip6_dst = *faddr; 286 287 if ((udp6->uh_sum = in6_cksum(m, IPPROTO_UDP, 288 sizeof(struct ip6_hdr), plen)) == 0) { 289 udp6->uh_sum = 0xffff; 290 } 291 292 flags = 0; 293 294 udp6stat.udp6s_opackets++; 295 error = ip6_output(m, in6p->in6p_outputopts, &in6p->in6p_route, 296 flags, in6p->in6p_moptions, NULL, in6p); 297 break; 298 case AF_INET: 299 error = EAFNOSUPPORT; 300 goto release; 301 } 302 goto releaseopt; 303 304 release: 305 m_freem(m); 306 307 releaseopt: 308 if (control) { 309 ip6_clearpktopts(in6p->in6p_outputopts, -1); 310 in6p->in6p_outputopts = stickyopt; 311 m_freem(control); 312 } 313 return (error); 314 } 315