in_proto.c revision 1.120.2.2
1 /* $NetBSD: in_proto.c,v 1.120.2.2 2017/04/26 02:53:29 pgoyette Exp $ */ 2 3 /* 4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the project nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 /* 33 * Copyright (c) 1982, 1986, 1993 34 * The Regents of the University of California. All rights reserved. 35 * 36 * Redistribution and use in source and binary forms, with or without 37 * modification, are permitted provided that the following conditions 38 * are met: 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 3. Neither the name of the University nor the names of its contributors 45 * may be used to endorse or promote products derived from this software 46 * without specific prior written permission. 47 * 48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58 * SUCH DAMAGE. 59 * 60 * @(#)in_proto.c 8.2 (Berkeley) 2/9/95 61 */ 62 63 #include <sys/cdefs.h> 64 __KERNEL_RCSID(0, "$NetBSD: in_proto.c,v 1.120.2.2 2017/04/26 02:53:29 pgoyette Exp $"); 65 66 #ifdef _KERNEL_OPT 67 #include "opt_mrouting.h" 68 #include "opt_inet.h" 69 #include "opt_ipsec.h" 70 #include "opt_pim.h" 71 #include "opt_gateway.h" 72 #include "opt_dccp.h" 73 #include "opt_sctp.h" 74 #include "opt_compat_netbsd.h" 75 #endif 76 77 #include <sys/param.h> 78 #include <sys/socket.h> 79 #include <sys/protosw.h> 80 #include <sys/domain.h> 81 #include <sys/mbuf.h> 82 83 #include <net/if.h> 84 85 #include <netinet/in.h> 86 #include <netinet/in_systm.h> 87 #include <netinet/in_var.h> 88 #include <netinet/ip.h> 89 #include <netinet/ip_var.h> 90 #include <netinet/ip_icmp.h> 91 #include <netinet/in_ifattach.h> 92 #include <netinet/in_pcb.h> 93 #include <netinet/in_proto.h> 94 95 #ifdef INET6 96 #ifndef INET 97 #include <netinet/in.h> 98 #endif 99 #include <netinet/ip6.h> 100 #endif 101 102 #include <netinet/igmp_var.h> 103 #ifdef PIM 104 #include <netinet/pim_var.h> 105 #endif 106 #include <netinet/tcp.h> 107 #include <netinet/tcp_fsm.h> 108 #include <netinet/tcp_seq.h> 109 #include <netinet/tcp_timer.h> 110 #include <netinet/tcp_var.h> 111 #include <netinet/tcpip.h> 112 #include <netinet/tcp_debug.h> 113 #include <netinet/udp.h> 114 #include <netinet/udp_var.h> 115 #include <netinet/ip_encap.h> 116 117 #ifdef DCCP 118 #include <netinet/dccp.h> 119 #include <netinet/dccp_var.h> 120 #endif 121 122 #ifdef SCTP 123 #include <netinet/sctp.h> 124 #include <netinet/sctp_var.h> 125 #endif 126 127 /* 128 * TCP/IP protocol family: IP, ICMP, UDP, TCP. 129 */ 130 131 #ifdef IPSEC 132 #include <netipsec/ipsec.h> 133 #include <netipsec/key.h> 134 #endif /* IPSEC */ 135 136 #include "carp.h" 137 #if NCARP > 0 138 #include <netinet/ip_carp.h> 139 #endif 140 141 #include "pfsync.h" 142 #if NPFSYNC > 0 143 #include <net/pfvar.h> 144 #include <net/if_pfsync.h> 145 #endif 146 147 #include "etherip.h" 148 #if NETHERIP > 0 149 #include <netinet/ip_etherip.h> 150 #endif 151 152 DOMAIN_DEFINE(inetdomain); /* forward declare and add to link set */ 153 154 /* Wrappers to acquire kernel_lock. */ 155 156 PR_WRAP_CTLINPUT(rip_ctlinput) 157 PR_WRAP_CTLINPUT(udp_ctlinput) 158 PR_WRAP_CTLINPUT(tcp_ctlinput) 159 160 #define rip_ctlinput rip_ctlinput_wrapper 161 #define udp_ctlinput udp_ctlinput_wrapper 162 #define tcp_ctlinput tcp_ctlinput_wrapper 163 164 PR_WRAP_CTLOUTPUT(rip_ctloutput) 165 PR_WRAP_CTLOUTPUT(udp_ctloutput) 166 PR_WRAP_CTLOUTPUT(tcp_ctloutput) 167 168 #define rip_ctloutput rip_ctloutput_wrapper 169 #define udp_ctloutput udp_ctloutput_wrapper 170 #define tcp_ctloutput tcp_ctloutput_wrapper 171 172 #ifdef DCCP 173 PR_WRAP_CTLINPUT(dccp_ctlinput) 174 PR_WRAP_CTLOUTPUT(dccp_ctloutput) 175 176 #define dccp_ctlinput dccp_ctlinput_wrapper 177 #define dccp_ctloutput dccp_ctloutput_wrapper 178 #endif 179 180 #ifdef SCTP 181 PR_WRAP_CTLINPUT(sctp_ctlinput) 182 PR_WRAP_CTLOUTPUT(sctp_ctloutput) 183 184 #define sctp_ctlinput sctp_ctlinput_wrapper 185 #define sctp_ctloutput sctp_ctloutput_wrapper 186 #endif 187 188 #if defined(IPSEC) 189 190 #ifdef IPSEC_RUMPKERNEL 191 /* 192 * .pr_input = ipsec4_common_input won't be resolved on loading 193 * the ipsec shared library. We need a wrapper anyway. 194 */ 195 static void 196 ipsec4_common_input_wrapper(struct mbuf *m, ...) 197 { 198 199 if (ipsec_enabled) { 200 int off, nxt; 201 va_list args; 202 /* XXX just passing args to ipsec4_common_input doesn't work */ 203 va_start(args, m); 204 off = va_arg(args, int); 205 nxt = va_arg(args, int); 206 va_end(args); 207 ipsec4_common_input(m, off, nxt); 208 } else { 209 m_freem(m); 210 } 211 } 212 #define ipsec4_common_input ipsec4_common_input_wrapper 213 214 /* The ctlinput functions may not be loaded */ 215 #define IPSEC_WRAP_CTLINPUT(name) \ 216 static void * \ 217 name##_wrapper(int a, const struct sockaddr *b, void *c)\ 218 { \ 219 void *rv; \ 220 KERNEL_LOCK(1, NULL); \ 221 if (ipsec_enabled) \ 222 rv = name(a, b, c); \ 223 else \ 224 rv = NULL; \ 225 KERNEL_UNLOCK_ONE(NULL); \ 226 return rv; \ 227 } 228 IPSEC_WRAP_CTLINPUT(ah4_ctlinput) 229 IPSEC_WRAP_CTLINPUT(esp4_ctlinput) 230 231 #else /* !IPSEC_RUMPKERNEL */ 232 233 PR_WRAP_CTLINPUT(ah4_ctlinput) 234 PR_WRAP_CTLINPUT(esp4_ctlinput) 235 236 #endif /* !IPSEC_RUMPKERNEL */ 237 238 #define ah4_ctlinput ah4_ctlinput_wrapper 239 #define esp4_ctlinput esp4_ctlinput_wrapper 240 241 #endif /* IPSEC */ 242 243 const struct protosw inetsw[] = { 244 { .pr_domain = &inetdomain, 245 .pr_init = ip_init, 246 .pr_fasttimo = ip_fasttimo, 247 .pr_slowtimo = ip_slowtimo, 248 .pr_drain = ip_drainstub, 249 }, 250 { .pr_type = SOCK_RAW, 251 .pr_domain = &inetdomain, 252 .pr_protocol = IPPROTO_ICMP, 253 .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, 254 .pr_input = icmp_input, 255 .pr_ctlinput = rip_ctlinput, 256 .pr_ctloutput = rip_ctloutput, 257 .pr_usrreqs = &rip_usrreqs, 258 .pr_init = icmp_init, 259 }, 260 { .pr_type = SOCK_DGRAM, 261 .pr_domain = &inetdomain, 262 .pr_protocol = IPPROTO_UDP, 263 .pr_flags = PR_ATOMIC|PR_ADDR|PR_PURGEIF, 264 .pr_input = udp_input, 265 .pr_ctlinput = udp_ctlinput, 266 .pr_ctloutput = udp_ctloutput, 267 .pr_usrreqs = &udp_usrreqs, 268 .pr_init = udp_init, 269 }, 270 { .pr_type = SOCK_STREAM, 271 .pr_domain = &inetdomain, 272 .pr_protocol = IPPROTO_TCP, 273 .pr_flags = PR_CONNREQUIRED|PR_WANTRCVD|PR_LISTEN|PR_ABRTACPTDIS|PR_PURGEIF, 274 .pr_input = tcp_input, 275 .pr_ctlinput = tcp_ctlinput, 276 .pr_ctloutput = tcp_ctloutput, 277 .pr_usrreqs = &tcp_usrreqs, 278 .pr_init = tcp_init, 279 .pr_fasttimo = tcp_fasttimo, 280 .pr_drain = tcp_drainstub, 281 }, 282 #ifdef DCCP 283 { .pr_type = SOCK_CONN_DGRAM, 284 .pr_domain = &inetdomain, 285 .pr_protocol = IPPROTO_DCCP, 286 .pr_flags = PR_CONNREQUIRED|PR_WANTRCVD|PR_ATOMIC|PR_LISTEN|PR_ABRTACPTDIS, 287 .pr_input = dccp_input, 288 .pr_ctlinput = dccp_ctlinput, 289 .pr_ctloutput = dccp_ctloutput, 290 .pr_usrreqs = &dccp_usrreqs, 291 .pr_init = dccp_init, 292 }, 293 #endif 294 #ifdef SCTP 295 { .pr_type = SOCK_DGRAM, 296 .pr_domain = &inetdomain, 297 .pr_protocol = IPPROTO_SCTP, 298 .pr_flags = PR_ADDR_OPT|PR_WANTRCVD, 299 .pr_input = sctp_input, 300 .pr_ctlinput = sctp_ctlinput, 301 .pr_ctloutput = sctp_ctloutput, 302 .pr_usrreqs = &sctp_usrreqs, 303 .pr_init = sctp_init, 304 .pr_drain = sctp_drain 305 }, 306 { .pr_type = SOCK_SEQPACKET, 307 .pr_domain = &inetdomain, 308 .pr_protocol = IPPROTO_SCTP, 309 .pr_flags = PR_ADDR_OPT|PR_WANTRCVD, 310 .pr_input = sctp_input, 311 .pr_ctlinput = sctp_ctlinput, 312 .pr_ctloutput = sctp_ctloutput, 313 .pr_usrreqs = &sctp_usrreqs, 314 .pr_drain = sctp_drain 315 }, 316 { .pr_type = SOCK_STREAM, 317 .pr_domain = &inetdomain, 318 .pr_protocol = IPPROTO_SCTP, 319 .pr_flags = PR_CONNREQUIRED|PR_ADDR_OPT|PR_WANTRCVD|PR_LISTEN, 320 .pr_input = sctp_input, 321 .pr_ctlinput = sctp_ctlinput, 322 .pr_ctloutput = sctp_ctloutput, 323 .pr_usrreqs = &sctp_usrreqs, 324 .pr_drain = sctp_drain 325 }, 326 #endif /* SCTP */ 327 { .pr_type = SOCK_RAW, 328 .pr_domain = &inetdomain, 329 .pr_protocol = IPPROTO_RAW, 330 .pr_flags = PR_ATOMIC|PR_ADDR|PR_PURGEIF, 331 .pr_input = rip_input, 332 .pr_ctlinput = rip_ctlinput, 333 .pr_ctloutput = rip_ctloutput, 334 .pr_usrreqs = &rip_usrreqs, 335 }, 336 #ifdef GATEWAY 337 { .pr_domain = &inetdomain, 338 .pr_protocol = IPPROTO_IP, 339 .pr_slowtimo = ipflow_slowtimo, 340 .pr_init = ipflow_poolinit, 341 }, 342 #endif /* GATEWAY */ 343 #ifdef IPSEC 344 { .pr_type = SOCK_RAW, 345 .pr_domain = &inetdomain, 346 .pr_protocol = IPPROTO_AH, 347 .pr_flags = PR_ATOMIC|PR_ADDR, 348 .pr_input = ipsec4_common_input, 349 .pr_ctlinput = ah4_ctlinput, 350 }, 351 { .pr_type = SOCK_RAW, 352 .pr_domain = &inetdomain, 353 .pr_protocol = IPPROTO_ESP, 354 .pr_flags = PR_ATOMIC|PR_ADDR, 355 .pr_input = ipsec4_common_input, 356 .pr_ctlinput = esp4_ctlinput, 357 }, 358 { .pr_type = SOCK_RAW, 359 .pr_domain = &inetdomain, 360 .pr_protocol = IPPROTO_IPCOMP, 361 .pr_flags = PR_ATOMIC|PR_ADDR, 362 .pr_input = ipsec4_common_input, 363 }, 364 #endif /* IPSEC */ 365 { .pr_type = SOCK_RAW, 366 .pr_domain = &inetdomain, 367 .pr_protocol = IPPROTO_IPV4, 368 .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, 369 .pr_input = encap4_input, 370 .pr_ctlinput = rip_ctlinput, 371 .pr_ctloutput = rip_ctloutput, 372 .pr_usrreqs = &rip_usrreqs, 373 .pr_init = encap_init, 374 }, 375 #ifdef INET6 376 { .pr_type = SOCK_RAW, 377 .pr_domain = &inetdomain, 378 .pr_protocol = IPPROTO_IPV6, 379 .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, 380 .pr_input = encap4_input, 381 .pr_ctlinput = rip_ctlinput, 382 .pr_ctloutput = rip_ctloutput, 383 .pr_usrreqs = &rip_usrreqs, 384 .pr_init = encap_init, 385 }, 386 #endif /* INET6 */ 387 #if NETHERIP > 0 388 { .pr_type = SOCK_RAW, 389 .pr_domain = &inetdomain, 390 .pr_protocol = IPPROTO_ETHERIP, 391 .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, 392 .pr_input = ip_etherip_input, 393 .pr_ctlinput = rip_ctlinput, 394 .pr_ctloutput = rip_ctloutput, 395 .pr_usrreqs = &rip_usrreqs, 396 }, 397 #endif /* NETHERIP > 0 */ 398 #if NCARP > 0 399 { .pr_type = SOCK_RAW, 400 .pr_domain = &inetdomain, 401 .pr_protocol = IPPROTO_CARP, 402 .pr_flags = PR_ATOMIC|PR_ADDR, 403 .pr_input = carp_proto_input, 404 .pr_ctloutput = rip_ctloutput, 405 .pr_usrreqs = &rip_usrreqs, 406 .pr_init = carp_init, 407 }, 408 #endif /* NCARP > 0 */ 409 { .pr_type = SOCK_RAW, 410 .pr_domain = &inetdomain, 411 .pr_protocol = IPPROTO_L2TP, 412 .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, 413 .pr_input = encap4_input, 414 .pr_ctlinput = rip_ctlinput, 415 .pr_ctloutput = rip_ctloutput, 416 .pr_usrreqs = &rip_usrreqs, /*XXX*/ 417 .pr_init = encap_init, 418 }, 419 #if NPFSYNC > 0 420 { .pr_type = SOCK_RAW, 421 .pr_domain = &inetdomain, 422 .pr_protocol = IPPROTO_PFSYNC, 423 .pr_flags = PR_ATOMIC|PR_ADDR, 424 .pr_input = pfsync_input, 425 .pr_ctloutput = rip_ctloutput, 426 .pr_usrreqs = &rip_usrreqs, 427 }, 428 #endif /* NPFSYNC > 0 */ 429 { .pr_type = SOCK_RAW, 430 .pr_domain = &inetdomain, 431 .pr_protocol = IPPROTO_IGMP, 432 .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, 433 .pr_input = igmp_input, 434 .pr_ctloutput = rip_ctloutput, 435 .pr_ctlinput = rip_ctlinput, 436 .pr_usrreqs = &rip_usrreqs, 437 .pr_fasttimo = igmp_fasttimo, 438 .pr_slowtimo = igmp_slowtimo, 439 .pr_init = igmp_init, 440 }, 441 #ifdef PIM 442 { .pr_type = SOCK_RAW, 443 .pr_domain = &inetdomain, 444 .pr_protocol = IPPROTO_PIM, 445 .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, 446 .pr_input = pim_input, 447 .pr_ctloutput = rip_ctloutput, 448 .pr_ctlinput = rip_ctlinput, 449 .pr_usrreqs = &rip_usrreqs, 450 }, 451 #endif /* PIM */ 452 /* raw wildcard */ 453 { .pr_type = SOCK_RAW, 454 .pr_domain = &inetdomain, 455 .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, 456 .pr_input = rip_input, 457 .pr_ctloutput = rip_ctloutput, 458 .pr_ctlinput = rip_ctlinput, 459 .pr_usrreqs = &rip_usrreqs, 460 .pr_init = rip_init, 461 }, 462 }; 463 464 const struct sockaddr_in in_any = { 465 .sin_len = sizeof(struct sockaddr_in) 466 , .sin_family = AF_INET 467 , .sin_port = 0 468 , .sin_addr = {.s_addr = 0 /* INADDR_ANY */} 469 }; 470 471 struct domain inetdomain = { 472 .dom_family = PF_INET, .dom_name = "internet", .dom_init = NULL, 473 .dom_externalize = NULL, .dom_dispose = NULL, 474 .dom_protosw = inetsw, 475 .dom_protoswNPROTOSW = &inetsw[__arraycount(inetsw)], 476 .dom_rtattach = rt_inithead, 477 .dom_rtoffset = 32, 478 .dom_maxrtkey = sizeof(struct ip_pack4), 479 .dom_if_up = in_if_up, 480 .dom_if_down = in_if_down, 481 .dom_ifattach = in_domifattach, 482 .dom_ifdetach = in_domifdetach, 483 .dom_if_link_state_change = in_if_link_state_change, 484 .dom_ifqueues = { NULL, NULL }, 485 .dom_link = { NULL }, 486 .dom_mowner = MOWNER_INIT("",""), 487 .dom_sa_cmpofs = offsetof(struct sockaddr_in, sin_addr), 488 .dom_sa_cmplen = sizeof(struct in_addr), 489 .dom_sa_any = (const struct sockaddr *)&in_any, 490 .dom_sockaddr_const_addr = sockaddr_in_const_addr, 491 .dom_sockaddr_addr = sockaddr_in_addr, 492 .dom_rtcache = LIST_HEAD_INITIALIZER(inetdomain.dom_rtcache) 493 }; 494 495 u_char ip_protox[IPPROTO_MAX]; 496 497 int icmperrppslim = 100; /* 100pps */ 498 499 static void 500 sockaddr_in_addrlen(const struct sockaddr *sa, socklen_t *slenp) 501 { 502 socklen_t slen; 503 504 if (slenp == NULL) 505 return; 506 507 slen = sockaddr_getlen(sa); 508 *slenp = (socklen_t)MIN(sizeof(struct in_addr), 509 slen - MIN(slen, offsetof(struct sockaddr_in, sin_addr))); 510 } 511 512 const void * 513 sockaddr_in_const_addr(const struct sockaddr *sa, socklen_t *slenp) 514 { 515 const struct sockaddr_in *sin; 516 517 sockaddr_in_addrlen(sa, slenp); 518 sin = (const struct sockaddr_in *)sa; 519 return &sin->sin_addr; 520 } 521 522 void * 523 sockaddr_in_addr(struct sockaddr *sa, socklen_t *slenp) 524 { 525 struct sockaddr_in *sin; 526 527 sockaddr_in_addrlen(sa, slenp); 528 sin = (struct sockaddr_in *)sa; 529 return &sin->sin_addr; 530 } 531 532 int 533 sockaddr_in_cmp(const struct sockaddr *sa1, const struct sockaddr *sa2) 534 { 535 uint_fast8_t len; 536 const uint_fast8_t addrofs = offsetof(struct sockaddr_in, sin_addr), 537 addrend = addrofs + sizeof(struct in_addr); 538 int rc; 539 const struct sockaddr_in *sin1, *sin2; 540 541 sin1 = satocsin(sa1); 542 sin2 = satocsin(sa2); 543 544 len = MIN(addrend, MIN(sin1->sin_len, sin2->sin_len)); 545 546 if (len > addrofs && 547 (rc = memcmp(&sin1->sin_addr, &sin2->sin_addr, 548 len - addrofs)) != 0) 549 return rc; 550 551 return sin1->sin_len - sin2->sin_len; 552 } 553
Indexes created Thu Oct 16 14:10:15 GMT 2025