ip_output.c revision 1.63 1 /* $NetBSD: ip_output.c,v 1.63 1999/12/13 15:17:20 itojun Exp $ */
2
3 /*
4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the project nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 /*-
33 * Copyright (c) 1998 The NetBSD Foundation, Inc.
34 * All rights reserved.
35 *
36 * This code is derived from software contributed to The NetBSD Foundation
37 * by Public Access Networks Corporation ("Panix"). It was developed under
38 * contract to Panix by Eric Haszlakiewicz and Thor Lancelot Simon.
39 *
40 * Redistribution and use in source and binary forms, with or without
41 * modification, are permitted provided that the following conditions
42 * are met:
43 * 1. Redistributions of source code must retain the above copyright
44 * notice, this list of conditions and the following disclaimer.
45 * 2. Redistributions in binary form must reproduce the above copyright
46 * notice, this list of conditions and the following disclaimer in the
47 * documentation and/or other materials provided with the distribution.
48 * 3. All advertising materials mentioning features or use of this software
49 * must display the following acknowledgement:
50 * This product includes software developed by the NetBSD
51 * Foundation, Inc. and its contributors.
52 * 4. Neither the name of The NetBSD Foundation nor the names of its
53 * contributors may be used to endorse or promote products derived
54 * from this software without specific prior written permission.
55 *
56 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
57 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
58 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
59 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
60 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
61 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
62 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
63 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
64 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
65 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
66 * POSSIBILITY OF SUCH DAMAGE.
67 */
68
69 /*
70 * Copyright (c) 1982, 1986, 1988, 1990, 1993
71 * The Regents of the University of California. All rights reserved.
72 *
73 * Redistribution and use in source and binary forms, with or without
74 * modification, are permitted provided that the following conditions
75 * are met:
76 * 1. Redistributions of source code must retain the above copyright
77 * notice, this list of conditions and the following disclaimer.
78 * 2. Redistributions in binary form must reproduce the above copyright
79 * notice, this list of conditions and the following disclaimer in the
80 * documentation and/or other materials provided with the distribution.
81 * 3. All advertising materials mentioning features or use of this software
82 * must display the following acknowledgement:
83 * This product includes software developed by the University of
84 * California, Berkeley and its contributors.
85 * 4. Neither the name of the University nor the names of its contributors
86 * may be used to endorse or promote products derived from this software
87 * without specific prior written permission.
88 *
89 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
90 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
91 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
92 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
93 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
94 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
95 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
96 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
97 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
98 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
99 * SUCH DAMAGE.
100 *
101 * @(#)ip_output.c 8.3 (Berkeley) 1/21/94
102 */
103
104 #include "opt_pfil_hooks.h"
105 #include "opt_ipsec.h"
106 #include "opt_mrouting.h"
107
108 #include <sys/param.h>
109 #include <sys/malloc.h>
110 #include <sys/mbuf.h>
111 #include <sys/errno.h>
112 #include <sys/protosw.h>
113 #include <sys/socket.h>
114 #include <sys/socketvar.h>
115 #include <sys/systm.h>
116
117 #include <vm/vm.h>
118 #include <sys/proc.h>
119
120 #include <net/if.h>
121 #include <net/route.h>
122 #include <net/pfil.h>
123
124 #include <netinet/in.h>
125 #include <netinet/in_systm.h>
126 #include <netinet/ip.h>
127 #include <netinet/in_pcb.h>
128 #include <netinet/in_var.h>
129 #include <netinet/ip_var.h>
130
131 #ifdef __vax__
132 #include <machine/mtpr.h>
133 #endif
134
135 #include <machine/stdarg.h>
136
137 #ifdef IPSEC
138 #include <netinet6/ipsec.h>
139 #include <netkey/key.h>
140 #include <netkey/key_debug.h>
141 #endif /*IPSEC*/
142
143 static struct mbuf *ip_insertoptions __P((struct mbuf *, struct mbuf *, int *));
144 static void ip_mloopback
145 __P((struct ifnet *, struct mbuf *, struct sockaddr_in *));
146
147 /*
148 * IP output. The packet in mbuf chain m contains a skeletal IP
149 * header (with len, off, ttl, proto, tos, src, dst).
150 * The mbuf chain containing the packet will be freed.
151 * The mbuf opt, if present, will not be freed.
152 */
153 int
154 #if __STDC__
155 ip_output(struct mbuf *m0, ...)
156 #else
157 ip_output(m0, va_alist)
158 struct mbuf *m0;
159 va_dcl
160 #endif
161 {
162 register struct ip *ip, *mhip;
163 register struct ifnet *ifp;
164 register struct mbuf *m = m0;
165 register int hlen = sizeof (struct ip);
166 int len, off, error = 0;
167 struct route iproute;
168 struct sockaddr_in *dst;
169 #if IFA_STATS
170 struct sockaddr_in src;
171 #endif
172 struct in_ifaddr *ia;
173 struct mbuf *opt;
174 struct route *ro;
175 int flags;
176 int *mtu_p;
177 int mtu;
178 struct ip_moptions *imo;
179 va_list ap;
180 #ifdef PFIL_HOOKS
181 struct packet_filter_hook *pfh;
182 struct mbuf *m1;
183 int rv;
184 #endif /* PFIL_HOOKS */
185 #ifdef IPSEC
186 struct socket *so = (struct socket *)m->m_pkthdr.rcvif;
187 struct secpolicy *sp = NULL;
188 #endif /*IPSEC*/
189
190 va_start(ap, m0);
191 opt = va_arg(ap, struct mbuf *);
192 ro = va_arg(ap, struct route *);
193 flags = va_arg(ap, int);
194 imo = va_arg(ap, struct ip_moptions *);
195 if (flags & IP_RETURNMTU)
196 mtu_p = va_arg(ap, int *);
197 else
198 mtu_p = NULL;
199 va_end(ap);
200
201 #ifdef IPSEC
202 m->m_pkthdr.rcvif = NULL;
203 #endif /*IPSEC*/
204
205 #ifdef DIAGNOSTIC
206 if ((m->m_flags & M_PKTHDR) == 0)
207 panic("ip_output no HDR");
208 #endif
209 if (opt) {
210 m = ip_insertoptions(m, opt, &len);
211 hlen = len;
212 }
213 ip = mtod(m, struct ip *);
214 /*
215 * Fill in IP header.
216 */
217 if ((flags & (IP_FORWARDING|IP_RAWOUTPUT)) == 0) {
218 ip->ip_v = IPVERSION;
219 ip->ip_off &= IP_DF;
220 ip->ip_id = htons(ip_id++);
221 ip->ip_hl = hlen >> 2;
222 ipstat.ips_localout++;
223 } else {
224 hlen = ip->ip_hl << 2;
225 }
226 /*
227 * Route packet.
228 */
229 if (ro == 0) {
230 ro = &iproute;
231 bzero((caddr_t)ro, sizeof (*ro));
232 }
233 dst = satosin(&ro->ro_dst);
234 /*
235 * If there is a cached route,
236 * check that it is to the same destination
237 * and is still up. If not, free it and try again.
238 */
239 if (ro->ro_rt && ((ro->ro_rt->rt_flags & RTF_UP) == 0 ||
240 !in_hosteq(dst->sin_addr, ip->ip_dst))) {
241 RTFREE(ro->ro_rt);
242 ro->ro_rt = (struct rtentry *)0;
243 }
244 if (ro->ro_rt == 0) {
245 dst->sin_family = AF_INET;
246 dst->sin_len = sizeof(*dst);
247 dst->sin_addr = ip->ip_dst;
248 }
249 /*
250 * If routing to interface only,
251 * short circuit routing lookup.
252 */
253 if (flags & IP_ROUTETOIF) {
254 if ((ia = ifatoia(ifa_ifwithladdr(sintosa(dst)))) == 0) {
255 ipstat.ips_noroute++;
256 error = ENETUNREACH;
257 goto bad;
258 }
259 ifp = ia->ia_ifp;
260 mtu = ifp->if_mtu;
261 ip->ip_ttl = 1;
262 } else {
263 if (ro->ro_rt == 0)
264 rtalloc(ro);
265 if (ro->ro_rt == 0) {
266 ipstat.ips_noroute++;
267 error = EHOSTUNREACH;
268 goto bad;
269 }
270 ia = ifatoia(ro->ro_rt->rt_ifa);
271 ifp = ro->ro_rt->rt_ifp;
272 if ((mtu = ro->ro_rt->rt_rmx.rmx_mtu) == 0)
273 mtu = ifp->if_mtu;
274 ro->ro_rt->rt_use++;
275 if (ro->ro_rt->rt_flags & RTF_GATEWAY)
276 dst = satosin(ro->ro_rt->rt_gateway);
277 }
278 if (IN_MULTICAST(ip->ip_dst.s_addr)) {
279 struct in_multi *inm;
280
281 m->m_flags |= M_MCAST;
282 /*
283 * IP destination address is multicast. Make sure "dst"
284 * still points to the address in "ro". (It may have been
285 * changed to point to a gateway address, above.)
286 */
287 dst = satosin(&ro->ro_dst);
288 /*
289 * See if the caller provided any multicast options
290 */
291 if (imo != NULL) {
292 ip->ip_ttl = imo->imo_multicast_ttl;
293 if (imo->imo_multicast_ifp != NULL) {
294 ifp = imo->imo_multicast_ifp;
295 mtu = ifp->if_mtu;
296 }
297 } else
298 ip->ip_ttl = IP_DEFAULT_MULTICAST_TTL;
299 /*
300 * Confirm that the outgoing interface supports multicast.
301 */
302 if ((ifp->if_flags & IFF_MULTICAST) == 0) {
303 ipstat.ips_noroute++;
304 error = ENETUNREACH;
305 goto bad;
306 }
307 /*
308 * If source address not specified yet, use an address
309 * of outgoing interface.
310 */
311 if (in_nullhost(ip->ip_src)) {
312 register struct in_ifaddr *ia;
313
314 IFP_TO_IA(ifp, ia);
315 ip->ip_src = ia->ia_addr.sin_addr;
316 }
317
318 IN_LOOKUP_MULTI(ip->ip_dst, ifp, inm);
319 if (inm != NULL &&
320 (imo == NULL || imo->imo_multicast_loop)) {
321 /*
322 * If we belong to the destination multicast group
323 * on the outgoing interface, and the caller did not
324 * forbid loopback, loop back a copy.
325 */
326 ip_mloopback(ifp, m, dst);
327 }
328 #ifdef MROUTING
329 else {
330 /*
331 * If we are acting as a multicast router, perform
332 * multicast forwarding as if the packet had just
333 * arrived on the interface to which we are about
334 * to send. The multicast forwarding function
335 * recursively calls this function, using the
336 * IP_FORWARDING flag to prevent infinite recursion.
337 *
338 * Multicasts that are looped back by ip_mloopback(),
339 * above, will be forwarded by the ip_input() routine,
340 * if necessary.
341 */
342 extern struct socket *ip_mrouter;
343
344 if (ip_mrouter && (flags & IP_FORWARDING) == 0) {
345 if (ip_mforward(m, ifp) != 0) {
346 m_freem(m);
347 goto done;
348 }
349 }
350 }
351 #endif
352 /*
353 * Multicasts with a time-to-live of zero may be looped-
354 * back, above, but must not be transmitted on a network.
355 * Also, multicasts addressed to the loopback interface
356 * are not sent -- the above call to ip_mloopback() will
357 * loop back a copy if this host actually belongs to the
358 * destination group on the loopback interface.
359 */
360 if (ip->ip_ttl == 0 || (ifp->if_flags & IFF_LOOPBACK) != 0) {
361 m_freem(m);
362 goto done;
363 }
364
365 goto sendit;
366 }
367 #ifndef notdef
368 /*
369 * If source address not specified yet, use address
370 * of outgoing interface.
371 */
372 if (in_nullhost(ip->ip_src))
373 ip->ip_src = ia->ia_addr.sin_addr;
374 #endif
375
376 /*
377 * packets with Class-D address as source are not valid per
378 * RFC 1112
379 */
380 if (IN_MULTICAST(ip->ip_src.s_addr)) {
381 ipstat.ips_odropped++;
382 error = EADDRNOTAVAIL;
383 goto bad;
384 }
385
386 /*
387 * Look for broadcast address and
388 * and verify user is allowed to send
389 * such a packet.
390 */
391 if (in_broadcast(dst->sin_addr, ifp)) {
392 if ((ifp->if_flags & IFF_BROADCAST) == 0) {
393 error = EADDRNOTAVAIL;
394 goto bad;
395 }
396 if ((flags & IP_ALLOWBROADCAST) == 0) {
397 error = EACCES;
398 goto bad;
399 }
400 /* don't allow broadcast messages to be fragmented */
401 if ((u_int16_t)ip->ip_len > ifp->if_mtu) {
402 error = EMSGSIZE;
403 goto bad;
404 }
405 m->m_flags |= M_BCAST;
406 } else
407 m->m_flags &= ~M_BCAST;
408
409 sendit:
410 #ifdef PFIL_HOOKS
411 /*
412 * Run through list of hooks for output packets.
413 */
414 m1 = m;
415 for (pfh = pfil_hook_get(PFIL_OUT); pfh; pfh = pfh->pfil_link.tqe_next)
416 if (pfh->pfil_func) {
417 rv = pfh->pfil_func(ip, hlen, ifp, 1, &m1);
418 if (rv) {
419 error = EHOSTUNREACH;
420 goto done;
421 }
422 m = m1;
423 if (m == NULL)
424 goto done;
425 ip = mtod(m, struct ip *);
426 }
427 #endif /* PFIL_HOOKS */
428
429 #ifdef IPSEC
430 /* get SP for this packet */
431 if (so == NULL)
432 sp = ipsec4_getpolicybyaddr(m, flags, &error);
433 else
434 sp = ipsec4_getpolicybysock(m, so, &error);
435
436 if (sp == NULL) {
437 ipsecstat.out_inval++;
438 goto bad;
439 }
440
441 error = 0;
442
443 /* check policy */
444 switch (sp->policy) {
445 case IPSEC_POLICY_DISCARD:
446 /*
447 * This packet is just discarded.
448 */
449 ipsecstat.out_polvio++;
450 goto bad;
451
452 case IPSEC_POLICY_BYPASS:
453 case IPSEC_POLICY_NONE:
454 /* no need to do IPsec. */
455 goto skip_ipsec;
456
457 case IPSEC_POLICY_IPSEC:
458 if (sp->req == NULL) {
459 /* XXX should be panic ? */
460 printf("ip_output: No IPsec request specified.\n");
461 error = EINVAL;
462 goto bad;
463 }
464 break;
465
466 case IPSEC_POLICY_ENTRUST:
467 default:
468 printf("ip_output: Invalid policy found. %d\n", sp->policy);
469 }
470
471 ip->ip_len = htons((u_short)ip->ip_len);
472 ip->ip_off = htons((u_short)ip->ip_off);
473 ip->ip_sum = 0;
474
475 {
476 struct ipsec_output_state state;
477 bzero(&state, sizeof(state));
478 state.m = m;
479 if (flags & IP_ROUTETOIF) {
480 state.ro = &iproute;
481 bzero(&iproute, sizeof(iproute));
482 } else
483 state.ro = ro;
484 state.dst = (struct sockaddr *)dst;
485
486 error = ipsec4_output(&state, sp, flags);
487
488 m = state.m;
489 if (flags & IP_ROUTETOIF) {
490 /*
491 * if we have tunnel mode SA, we may need to ignore
492 * IP_ROUTETOIF.
493 */
494 if (state.ro != &iproute || state.ro->ro_rt != NULL) {
495 flags &= ~IP_ROUTETOIF;
496 ro = state.ro;
497 }
498 } else
499 ro = state.ro;
500 dst = (struct sockaddr_in *)state.dst;
501 if (error) {
502 /* mbuf is already reclaimed in ipsec4_output. */
503 m0 = NULL;
504 switch (error) {
505 case EHOSTUNREACH:
506 case ENETUNREACH:
507 case EMSGSIZE:
508 case ENOBUFS:
509 case ENOMEM:
510 break;
511 default:
512 printf("ip4_output (ipsec): error code %d\n", error);
513 /*fall through*/
514 case ENOENT:
515 /* don't show these error codes to the user */
516 error = 0;
517 break;
518 }
519 goto bad;
520 }
521 }
522
523 /* be sure to update variables that are affected by ipsec4_output() */
524 ip = mtod(m, struct ip *);
525 #ifdef _IP_VHL
526 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
527 #else
528 hlen = ip->ip_hl << 2;
529 #endif
530 if (ro->ro_rt == NULL) {
531 if ((flags & IP_ROUTETOIF) == 0) {
532 printf("ip_output: "
533 "can't update route after IPsec processing\n");
534 error = EHOSTUNREACH; /*XXX*/
535 goto bad;
536 }
537 } else {
538 /* nobody uses ia beyond here */
539 ifp = ro->ro_rt->rt_ifp;
540 }
541
542 /* make it flipped, again. */
543 ip->ip_len = ntohs((u_short)ip->ip_len);
544 ip->ip_off = ntohs((u_short)ip->ip_off);
545 skip_ipsec:
546 #endif /*IPSEC*/
547
548 /*
549 * If small enough for mtu of path, can just send directly.
550 */
551 if ((u_int16_t)ip->ip_len <= mtu) {
552 #if IFA_STATS
553 /*
554 * search for the source address structure to
555 * maintain output statistics.
556 */
557 bzero((caddr_t*) &src, sizeof(src));
558 src.sin_family = AF_INET;
559 src.sin_addr.s_addr = ip->ip_src.s_addr;
560 src.sin_len = sizeof(src);
561 ia = ifatoia(ifa_ifwithladdr(sintosa(&src)));
562 if (ia)
563 ia->ia_ifa.ifa_data.ifad_outbytes += ntohs(ip->ip_len);
564 #endif
565 HTONS(ip->ip_len);
566 HTONS(ip->ip_off);
567 ip->ip_sum = 0;
568 ip->ip_sum = in_cksum(m, hlen);
569 error = (*ifp->if_output)(ifp, m, sintosa(dst), ro->ro_rt);
570 goto done;
571 }
572
573 /*
574 * Too large for interface; fragment if possible.
575 * Must be able to put at least 8 bytes per fragment.
576 */
577 #if 0
578 /*
579 * If IPsec packet is too big for the interface, try fragment it.
580 * XXX This really is a quickhack. May be inappropriate.
581 * XXX fails if somebody is sending AH'ed packet, with:
582 * sizeof(packet without AH) < mtu < sizeof(packet with AH)
583 */
584 if (sab && ip->ip_p != IPPROTO_AH && (flags & IP_FORWARDING) == 0)
585 ip->ip_off &= ~IP_DF;
586 #endif /*IPSEC*/
587 if (ip->ip_off & IP_DF) {
588 if (flags & IP_RETURNMTU)
589 *mtu_p = mtu;
590 error = EMSGSIZE;
591 ipstat.ips_cantfrag++;
592 goto bad;
593 }
594 len = (mtu - hlen) &~ 7;
595 if (len < 8) {
596 error = EMSGSIZE;
597 goto bad;
598 }
599
600 {
601 int mhlen, firstlen = len;
602 struct mbuf **mnext = &m->m_nextpkt;
603 int fragments = 0;
604 int s;
605
606 /*
607 * Loop through length of segment after first fragment,
608 * make new header and copy data of each part and link onto chain.
609 */
610 m0 = m;
611 mhlen = sizeof (struct ip);
612 for (off = hlen + len; off < (u_int16_t)ip->ip_len; off += len) {
613 MGETHDR(m, M_DONTWAIT, MT_HEADER);
614 if (m == 0) {
615 error = ENOBUFS;
616 ipstat.ips_odropped++;
617 goto sendorfree;
618 }
619 *mnext = m;
620 mnext = &m->m_nextpkt;
621 m->m_data += max_linkhdr;
622 mhip = mtod(m, struct ip *);
623 *mhip = *ip;
624 if (hlen > sizeof (struct ip)) {
625 mhlen = ip_optcopy(ip, mhip) + sizeof (struct ip);
626 mhip->ip_hl = mhlen >> 2;
627 }
628 m->m_len = mhlen;
629 mhip->ip_off = ((off - hlen) >> 3) + (ip->ip_off & ~IP_MF);
630 if (ip->ip_off & IP_MF)
631 mhip->ip_off |= IP_MF;
632 if (off + len >= (u_int16_t)ip->ip_len)
633 len = (u_int16_t)ip->ip_len - off;
634 else
635 mhip->ip_off |= IP_MF;
636 mhip->ip_len = htons((u_int16_t)(len + mhlen));
637 m->m_next = m_copy(m0, off, len);
638 if (m->m_next == 0) {
639 error = ENOBUFS; /* ??? */
640 ipstat.ips_odropped++;
641 goto sendorfree;
642 }
643 m->m_pkthdr.len = mhlen + len;
644 m->m_pkthdr.rcvif = (struct ifnet *)0;
645 HTONS(mhip->ip_off);
646 mhip->ip_sum = 0;
647 mhip->ip_sum = in_cksum(m, mhlen);
648 ipstat.ips_ofragments++;
649 fragments++;
650 }
651 /*
652 * Update first fragment by trimming what's been copied out
653 * and updating header, then send each fragment (in order).
654 */
655 m = m0;
656 m_adj(m, hlen + firstlen - (u_int16_t)ip->ip_len);
657 m->m_pkthdr.len = hlen + firstlen;
658 ip->ip_len = htons((u_int16_t)m->m_pkthdr.len);
659 ip->ip_off |= IP_MF;
660 HTONS(ip->ip_off);
661 ip->ip_sum = 0;
662 ip->ip_sum = in_cksum(m, hlen);
663 sendorfree:
664 /*
665 * If there is no room for all the fragments, don't queue
666 * any of them.
667 */
668 s = splimp();
669 if (ifp->if_snd.ifq_maxlen - ifp->if_snd.ifq_len < fragments)
670 error = ENOBUFS;
671 splx(s);
672 for (m = m0; m; m = m0) {
673 m0 = m->m_nextpkt;
674 m->m_nextpkt = 0;
675 if (error == 0) {
676 #if IFA_STATS
677 /*
678 * search for the source address structure to
679 * maintain output statistics.
680 */
681 bzero((caddr_t*) &src, sizeof(src));
682 src.sin_family = AF_INET;
683 src.sin_addr.s_addr = ip->ip_src.s_addr;
684 src.sin_len = sizeof(src);
685 ia = ifatoia(ifa_ifwithladdr(sintosa(&src)));
686 if (ia) {
687 ia->ia_ifa.ifa_data.ifad_outbytes +=
688 ntohs(ip->ip_len);
689 }
690 #endif
691 error = (*ifp->if_output)(ifp, m, sintosa(dst),
692 ro->ro_rt);
693 } else
694 m_freem(m);
695 }
696
697 if (error == 0)
698 ipstat.ips_fragmented++;
699 }
700 done:
701 if (ro == &iproute && (flags & IP_ROUTETOIF) == 0 && ro->ro_rt) {
702 RTFREE(ro->ro_rt);
703 ro->ro_rt = 0;
704 }
705
706 #ifdef IPSEC
707 if (sp != NULL) {
708 KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
709 printf("DP ip_output call free SP:%p\n", sp));
710 key_freesp(sp);
711 }
712 #endif /* IPSEC */
713
714 return (error);
715 bad:
716 m_freem(m);
717 goto done;
718 }
719
720 /*
721 * Determine the maximum length of the options to be inserted;
722 * we would far rather allocate too much space rather than too little.
723 */
724
725 u_int
726 ip_optlen(inp)
727 struct inpcb *inp;
728 {
729 struct mbuf *m = inp->inp_options;
730
731 if (m && m->m_len > offsetof(struct ipoption, ipopt_dst))
732 return(m->m_len - offsetof(struct ipoption, ipopt_dst));
733 else
734 return 0;
735 }
736
737
738 /*
739 * Insert IP options into preformed packet.
740 * Adjust IP destination as required for IP source routing,
741 * as indicated by a non-zero in_addr at the start of the options.
742 */
743 static struct mbuf *
744 ip_insertoptions(m, opt, phlen)
745 register struct mbuf *m;
746 struct mbuf *opt;
747 int *phlen;
748 {
749 register struct ipoption *p = mtod(opt, struct ipoption *);
750 struct mbuf *n;
751 register struct ip *ip = mtod(m, struct ip *);
752 unsigned optlen;
753
754 optlen = opt->m_len - sizeof(p->ipopt_dst);
755 if (optlen + (u_int16_t)ip->ip_len > IP_MAXPACKET)
756 return (m); /* XXX should fail */
757 if (!in_nullhost(p->ipopt_dst))
758 ip->ip_dst = p->ipopt_dst;
759 if (m->m_flags & M_EXT || m->m_data - optlen < m->m_pktdat) {
760 MGETHDR(n, M_DONTWAIT, MT_HEADER);
761 if (n == 0)
762 return (m);
763 n->m_pkthdr.len = m->m_pkthdr.len + optlen;
764 m->m_len -= sizeof(struct ip);
765 m->m_data += sizeof(struct ip);
766 n->m_next = m;
767 m = n;
768 m->m_len = optlen + sizeof(struct ip);
769 m->m_data += max_linkhdr;
770 bcopy((caddr_t)ip, mtod(m, caddr_t), sizeof(struct ip));
771 } else {
772 m->m_data -= optlen;
773 m->m_len += optlen;
774 m->m_pkthdr.len += optlen;
775 memmove(mtod(m, caddr_t), ip, sizeof(struct ip));
776 }
777 ip = mtod(m, struct ip *);
778 bcopy((caddr_t)p->ipopt_list, (caddr_t)(ip + 1), (unsigned)optlen);
779 *phlen = sizeof(struct ip) + optlen;
780 ip->ip_len += optlen;
781 return (m);
782 }
783
784 /*
785 * Copy options from ip to jp,
786 * omitting those not copied during fragmentation.
787 */
788 int
789 ip_optcopy(ip, jp)
790 struct ip *ip, *jp;
791 {
792 register u_char *cp, *dp;
793 int opt, optlen, cnt;
794
795 cp = (u_char *)(ip + 1);
796 dp = (u_char *)(jp + 1);
797 cnt = (ip->ip_hl << 2) - sizeof (struct ip);
798 for (; cnt > 0; cnt -= optlen, cp += optlen) {
799 opt = cp[0];
800 if (opt == IPOPT_EOL)
801 break;
802 if (opt == IPOPT_NOP) {
803 /* Preserve for IP mcast tunnel's LSRR alignment. */
804 *dp++ = IPOPT_NOP;
805 optlen = 1;
806 continue;
807 } else
808 optlen = cp[IPOPT_OLEN];
809 /* bogus lengths should have been caught by ip_dooptions */
810 if (optlen > cnt)
811 optlen = cnt;
812 if (IPOPT_COPIED(opt)) {
813 bcopy((caddr_t)cp, (caddr_t)dp, (unsigned)optlen);
814 dp += optlen;
815 }
816 }
817 for (optlen = dp - (u_char *)(jp+1); optlen & 0x3; optlen++)
818 *dp++ = IPOPT_EOL;
819 return (optlen);
820 }
821
822 /*
823 * IP socket option processing.
824 */
825 int
826 ip_ctloutput(op, so, level, optname, mp)
827 int op;
828 struct socket *so;
829 int level, optname;
830 struct mbuf **mp;
831 {
832 register struct inpcb *inp = sotoinpcb(so);
833 register struct mbuf *m = *mp;
834 register int optval = 0;
835 int error = 0;
836 #ifdef IPSEC
837 #ifdef __NetBSD__
838 struct proc *p = curproc; /*XXX*/
839 #endif
840 #endif
841
842 if (level != IPPROTO_IP) {
843 error = EINVAL;
844 if (op == PRCO_SETOPT && *mp)
845 (void) m_free(*mp);
846 } else switch (op) {
847
848 case PRCO_SETOPT:
849 switch (optname) {
850 case IP_OPTIONS:
851 #ifdef notyet
852 case IP_RETOPTS:
853 return (ip_pcbopts(optname, &inp->inp_options, m));
854 #else
855 return (ip_pcbopts(&inp->inp_options, m));
856 #endif
857
858 case IP_TOS:
859 case IP_TTL:
860 case IP_RECVOPTS:
861 case IP_RECVRETOPTS:
862 case IP_RECVDSTADDR:
863 case IP_RECVIF:
864 if (m == NULL || m->m_len != sizeof(int))
865 error = EINVAL;
866 else {
867 optval = *mtod(m, int *);
868 switch (optname) {
869
870 case IP_TOS:
871 inp->inp_ip.ip_tos = optval;
872 break;
873
874 case IP_TTL:
875 inp->inp_ip.ip_ttl = optval;
876 break;
877 #define OPTSET(bit) \
878 if (optval) \
879 inp->inp_flags |= bit; \
880 else \
881 inp->inp_flags &= ~bit;
882
883 case IP_RECVOPTS:
884 OPTSET(INP_RECVOPTS);
885 break;
886
887 case IP_RECVRETOPTS:
888 OPTSET(INP_RECVRETOPTS);
889 break;
890
891 case IP_RECVDSTADDR:
892 OPTSET(INP_RECVDSTADDR);
893 break;
894
895 case IP_RECVIF:
896 OPTSET(INP_RECVIF);
897 break;
898 }
899 }
900 break;
901 #undef OPTSET
902
903 case IP_MULTICAST_IF:
904 case IP_MULTICAST_TTL:
905 case IP_MULTICAST_LOOP:
906 case IP_ADD_MEMBERSHIP:
907 case IP_DROP_MEMBERSHIP:
908 error = ip_setmoptions(optname, &inp->inp_moptions, m);
909 break;
910
911 case IP_PORTRANGE:
912 if (m == 0 || m->m_len != sizeof(int))
913 error = EINVAL;
914 else {
915 optval = *mtod(m, int *);
916
917 switch (optval) {
918
919 case IP_PORTRANGE_DEFAULT:
920 case IP_PORTRANGE_HIGH:
921 inp->inp_flags &= ~(INP_LOWPORT);
922 break;
923
924 case IP_PORTRANGE_LOW:
925 inp->inp_flags |= INP_LOWPORT;
926 break;
927
928 default:
929 error = EINVAL;
930 break;
931 }
932 }
933 break;
934
935 #ifdef IPSEC
936 case IP_IPSEC_POLICY:
937 {
938 caddr_t req = NULL;
939 int len = 0;
940 int priv = 0;
941 #ifdef __NetBSD__
942 if (p == 0 || suser(p->p_ucred, &p->p_acflag))
943 priv = 0;
944 else
945 priv = 1;
946 #else
947 priv = (in6p->in6p_socket->so_state & SS_PRIV);
948 #endif
949 if (m != 0) {
950 req = mtod(m, caddr_t);
951 len = m->m_len;
952 }
953 error = ipsec_set_policy(&inp->inp_sp,
954 optname, req, len, priv);
955 break;
956 }
957 #endif /*IPSEC*/
958
959 default:
960 error = ENOPROTOOPT;
961 break;
962 }
963 if (m)
964 (void)m_free(m);
965 break;
966
967 case PRCO_GETOPT:
968 switch (optname) {
969 case IP_OPTIONS:
970 case IP_RETOPTS:
971 *mp = m = m_get(M_WAIT, MT_SOOPTS);
972 if (inp->inp_options) {
973 m->m_len = inp->inp_options->m_len;
974 bcopy(mtod(inp->inp_options, caddr_t),
975 mtod(m, caddr_t), (unsigned)m->m_len);
976 } else
977 m->m_len = 0;
978 break;
979
980 case IP_TOS:
981 case IP_TTL:
982 case IP_RECVOPTS:
983 case IP_RECVRETOPTS:
984 case IP_RECVDSTADDR:
985 case IP_RECVIF:
986 case IP_ERRORMTU:
987 *mp = m = m_get(M_WAIT, MT_SOOPTS);
988 m->m_len = sizeof(int);
989 switch (optname) {
990
991 case IP_TOS:
992 optval = inp->inp_ip.ip_tos;
993 break;
994
995 case IP_TTL:
996 optval = inp->inp_ip.ip_ttl;
997 break;
998
999 case IP_ERRORMTU:
1000 optval = inp->inp_errormtu;
1001 break;
1002
1003 #define OPTBIT(bit) (inp->inp_flags & bit ? 1 : 0)
1004
1005 case IP_RECVOPTS:
1006 optval = OPTBIT(INP_RECVOPTS);
1007 break;
1008
1009 case IP_RECVRETOPTS:
1010 optval = OPTBIT(INP_RECVRETOPTS);
1011 break;
1012
1013 case IP_RECVDSTADDR:
1014 optval = OPTBIT(INP_RECVDSTADDR);
1015 break;
1016
1017 case IP_RECVIF:
1018 optval = OPTBIT(INP_RECVIF);
1019 break;
1020 }
1021 *mtod(m, int *) = optval;
1022 break;
1023
1024 #ifdef IPSEC
1025 case IP_IPSEC_POLICY:
1026 error = ipsec_get_policy(inp->inp_sp, mp);
1027 break;
1028 #endif /*IPSEC*/
1029
1030 case IP_MULTICAST_IF:
1031 case IP_MULTICAST_TTL:
1032 case IP_MULTICAST_LOOP:
1033 case IP_ADD_MEMBERSHIP:
1034 case IP_DROP_MEMBERSHIP:
1035 error = ip_getmoptions(optname, inp->inp_moptions, mp);
1036 break;
1037
1038 case IP_PORTRANGE:
1039 *mp = m = m_get(M_WAIT, MT_SOOPTS);
1040 m->m_len = sizeof(int);
1041
1042 if (inp->inp_flags & INP_LOWPORT)
1043 optval = IP_PORTRANGE_LOW;
1044 else
1045 optval = IP_PORTRANGE_DEFAULT;
1046
1047 *mtod(m, int *) = optval;
1048 break;
1049
1050 default:
1051 error = ENOPROTOOPT;
1052 break;
1053 }
1054 break;
1055 }
1056 return (error);
1057 }
1058
1059 /*
1060 * Set up IP options in pcb for insertion in output packets.
1061 * Store in mbuf with pointer in pcbopt, adding pseudo-option
1062 * with destination address if source routed.
1063 */
1064 int
1065 #ifdef notyet
1066 ip_pcbopts(optname, pcbopt, m)
1067 int optname;
1068 #else
1069 ip_pcbopts(pcbopt, m)
1070 #endif
1071 struct mbuf **pcbopt;
1072 register struct mbuf *m;
1073 {
1074 register int cnt, optlen;
1075 register u_char *cp;
1076 u_char opt;
1077
1078 /* turn off any old options */
1079 if (*pcbopt)
1080 (void)m_free(*pcbopt);
1081 *pcbopt = 0;
1082 if (m == (struct mbuf *)0 || m->m_len == 0) {
1083 /*
1084 * Only turning off any previous options.
1085 */
1086 if (m)
1087 (void)m_free(m);
1088 return (0);
1089 }
1090
1091 #ifndef vax
1092 if (m->m_len % sizeof(int32_t))
1093 goto bad;
1094 #endif
1095 /*
1096 * IP first-hop destination address will be stored before
1097 * actual options; move other options back
1098 * and clear it when none present.
1099 */
1100 if (m->m_data + m->m_len + sizeof(struct in_addr) >= &m->m_dat[MLEN])
1101 goto bad;
1102 cnt = m->m_len;
1103 m->m_len += sizeof(struct in_addr);
1104 cp = mtod(m, u_char *) + sizeof(struct in_addr);
1105 memmove(cp, mtod(m, caddr_t), (unsigned)cnt);
1106 bzero(mtod(m, caddr_t), sizeof(struct in_addr));
1107
1108 for (; cnt > 0; cnt -= optlen, cp += optlen) {
1109 opt = cp[IPOPT_OPTVAL];
1110 if (opt == IPOPT_EOL)
1111 break;
1112 if (opt == IPOPT_NOP)
1113 optlen = 1;
1114 else {
1115 optlen = cp[IPOPT_OLEN];
1116 if (optlen <= IPOPT_OLEN || optlen > cnt)
1117 goto bad;
1118 }
1119 switch (opt) {
1120
1121 default:
1122 break;
1123
1124 case IPOPT_LSRR:
1125 case IPOPT_SSRR:
1126 /*
1127 * user process specifies route as:
1128 * ->A->B->C->D
1129 * D must be our final destination (but we can't
1130 * check that since we may not have connected yet).
1131 * A is first hop destination, which doesn't appear in
1132 * actual IP option, but is stored before the options.
1133 */
1134 if (optlen < IPOPT_MINOFF - 1 + sizeof(struct in_addr))
1135 goto bad;
1136 m->m_len -= sizeof(struct in_addr);
1137 cnt -= sizeof(struct in_addr);
1138 optlen -= sizeof(struct in_addr);
1139 cp[IPOPT_OLEN] = optlen;
1140 /*
1141 * Move first hop before start of options.
1142 */
1143 bcopy((caddr_t)&cp[IPOPT_OFFSET+1], mtod(m, caddr_t),
1144 sizeof(struct in_addr));
1145 /*
1146 * Then copy rest of options back
1147 * to close up the deleted entry.
1148 */
1149 memmove(&cp[IPOPT_OFFSET+1],
1150 (caddr_t)(&cp[IPOPT_OFFSET+1] + sizeof(struct in_addr)),
1151 (unsigned)cnt + sizeof(struct in_addr));
1152 break;
1153 }
1154 }
1155 if (m->m_len > MAX_IPOPTLEN + sizeof(struct in_addr))
1156 goto bad;
1157 *pcbopt = m;
1158 return (0);
1159
1160 bad:
1161 (void)m_free(m);
1162 return (EINVAL);
1163 }
1164
1165 /*
1166 * Set the IP multicast options in response to user setsockopt().
1167 */
1168 int
1169 ip_setmoptions(optname, imop, m)
1170 int optname;
1171 struct ip_moptions **imop;
1172 struct mbuf *m;
1173 {
1174 register int error = 0;
1175 u_char loop;
1176 register int i;
1177 struct in_addr addr;
1178 register struct ip_mreq *mreq;
1179 register struct ifnet *ifp;
1180 register struct ip_moptions *imo = *imop;
1181 struct route ro;
1182 register struct sockaddr_in *dst;
1183
1184 if (imo == NULL) {
1185 /*
1186 * No multicast option buffer attached to the pcb;
1187 * allocate one and initialize to default values.
1188 */
1189 imo = (struct ip_moptions *)malloc(sizeof(*imo), M_IPMOPTS,
1190 M_WAITOK);
1191
1192 if (imo == NULL)
1193 return (ENOBUFS);
1194 *imop = imo;
1195 imo->imo_multicast_ifp = NULL;
1196 imo->imo_multicast_ttl = IP_DEFAULT_MULTICAST_TTL;
1197 imo->imo_multicast_loop = IP_DEFAULT_MULTICAST_LOOP;
1198 imo->imo_num_memberships = 0;
1199 }
1200
1201 switch (optname) {
1202
1203 case IP_MULTICAST_IF:
1204 /*
1205 * Select the interface for outgoing multicast packets.
1206 */
1207 if (m == NULL || m->m_len != sizeof(struct in_addr)) {
1208 error = EINVAL;
1209 break;
1210 }
1211 addr = *(mtod(m, struct in_addr *));
1212 /*
1213 * INADDR_ANY is used to remove a previous selection.
1214 * When no interface is selected, a default one is
1215 * chosen every time a multicast packet is sent.
1216 */
1217 if (in_nullhost(addr)) {
1218 imo->imo_multicast_ifp = NULL;
1219 break;
1220 }
1221 /*
1222 * The selected interface is identified by its local
1223 * IP address. Find the interface and confirm that
1224 * it supports multicasting.
1225 */
1226 INADDR_TO_IFP(addr, ifp);
1227 if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0) {
1228 error = EADDRNOTAVAIL;
1229 break;
1230 }
1231 imo->imo_multicast_ifp = ifp;
1232 break;
1233
1234 case IP_MULTICAST_TTL:
1235 /*
1236 * Set the IP time-to-live for outgoing multicast packets.
1237 */
1238 if (m == NULL || m->m_len != 1) {
1239 error = EINVAL;
1240 break;
1241 }
1242 imo->imo_multicast_ttl = *(mtod(m, u_char *));
1243 break;
1244
1245 case IP_MULTICAST_LOOP:
1246 /*
1247 * Set the loopback flag for outgoing multicast packets.
1248 * Must be zero or one.
1249 */
1250 if (m == NULL || m->m_len != 1 ||
1251 (loop = *(mtod(m, u_char *))) > 1) {
1252 error = EINVAL;
1253 break;
1254 }
1255 imo->imo_multicast_loop = loop;
1256 break;
1257
1258 case IP_ADD_MEMBERSHIP:
1259 /*
1260 * Add a multicast group membership.
1261 * Group must be a valid IP multicast address.
1262 */
1263 if (m == NULL || m->m_len != sizeof(struct ip_mreq)) {
1264 error = EINVAL;
1265 break;
1266 }
1267 mreq = mtod(m, struct ip_mreq *);
1268 if (!IN_MULTICAST(mreq->imr_multiaddr.s_addr)) {
1269 error = EINVAL;
1270 break;
1271 }
1272 /*
1273 * If no interface address was provided, use the interface of
1274 * the route to the given multicast address.
1275 */
1276 if (in_nullhost(mreq->imr_interface)) {
1277 bzero((caddr_t)&ro, sizeof(ro));
1278 ro.ro_rt = NULL;
1279 dst = satosin(&ro.ro_dst);
1280 dst->sin_len = sizeof(*dst);
1281 dst->sin_family = AF_INET;
1282 dst->sin_addr = mreq->imr_multiaddr;
1283 rtalloc(&ro);
1284 if (ro.ro_rt == NULL) {
1285 error = EADDRNOTAVAIL;
1286 break;
1287 }
1288 ifp = ro.ro_rt->rt_ifp;
1289 rtfree(ro.ro_rt);
1290 } else {
1291 INADDR_TO_IFP(mreq->imr_interface, ifp);
1292 }
1293 /*
1294 * See if we found an interface, and confirm that it
1295 * supports multicast.
1296 */
1297 if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0) {
1298 error = EADDRNOTAVAIL;
1299 break;
1300 }
1301 /*
1302 * See if the membership already exists or if all the
1303 * membership slots are full.
1304 */
1305 for (i = 0; i < imo->imo_num_memberships; ++i) {
1306 if (imo->imo_membership[i]->inm_ifp == ifp &&
1307 in_hosteq(imo->imo_membership[i]->inm_addr,
1308 mreq->imr_multiaddr))
1309 break;
1310 }
1311 if (i < imo->imo_num_memberships) {
1312 error = EADDRINUSE;
1313 break;
1314 }
1315 if (i == IP_MAX_MEMBERSHIPS) {
1316 error = ETOOMANYREFS;
1317 break;
1318 }
1319 /*
1320 * Everything looks good; add a new record to the multicast
1321 * address list for the given interface.
1322 */
1323 if ((imo->imo_membership[i] =
1324 in_addmulti(&mreq->imr_multiaddr, ifp)) == NULL) {
1325 error = ENOBUFS;
1326 break;
1327 }
1328 ++imo->imo_num_memberships;
1329 break;
1330
1331 case IP_DROP_MEMBERSHIP:
1332 /*
1333 * Drop a multicast group membership.
1334 * Group must be a valid IP multicast address.
1335 */
1336 if (m == NULL || m->m_len != sizeof(struct ip_mreq)) {
1337 error = EINVAL;
1338 break;
1339 }
1340 mreq = mtod(m, struct ip_mreq *);
1341 if (!IN_MULTICAST(mreq->imr_multiaddr.s_addr)) {
1342 error = EINVAL;
1343 break;
1344 }
1345 /*
1346 * If an interface address was specified, get a pointer
1347 * to its ifnet structure.
1348 */
1349 if (in_nullhost(mreq->imr_interface))
1350 ifp = NULL;
1351 else {
1352 INADDR_TO_IFP(mreq->imr_interface, ifp);
1353 if (ifp == NULL) {
1354 error = EADDRNOTAVAIL;
1355 break;
1356 }
1357 }
1358 /*
1359 * Find the membership in the membership array.
1360 */
1361 for (i = 0; i < imo->imo_num_memberships; ++i) {
1362 if ((ifp == NULL ||
1363 imo->imo_membership[i]->inm_ifp == ifp) &&
1364 in_hosteq(imo->imo_membership[i]->inm_addr,
1365 mreq->imr_multiaddr))
1366 break;
1367 }
1368 if (i == imo->imo_num_memberships) {
1369 error = EADDRNOTAVAIL;
1370 break;
1371 }
1372 /*
1373 * Give up the multicast address record to which the
1374 * membership points.
1375 */
1376 in_delmulti(imo->imo_membership[i]);
1377 /*
1378 * Remove the gap in the membership array.
1379 */
1380 for (++i; i < imo->imo_num_memberships; ++i)
1381 imo->imo_membership[i-1] = imo->imo_membership[i];
1382 --imo->imo_num_memberships;
1383 break;
1384
1385 default:
1386 error = EOPNOTSUPP;
1387 break;
1388 }
1389
1390 /*
1391 * If all options have default values, no need to keep the mbuf.
1392 */
1393 if (imo->imo_multicast_ifp == NULL &&
1394 imo->imo_multicast_ttl == IP_DEFAULT_MULTICAST_TTL &&
1395 imo->imo_multicast_loop == IP_DEFAULT_MULTICAST_LOOP &&
1396 imo->imo_num_memberships == 0) {
1397 free(*imop, M_IPMOPTS);
1398 *imop = NULL;
1399 }
1400
1401 return (error);
1402 }
1403
1404 /*
1405 * Return the IP multicast options in response to user getsockopt().
1406 */
1407 int
1408 ip_getmoptions(optname, imo, mp)
1409 int optname;
1410 register struct ip_moptions *imo;
1411 register struct mbuf **mp;
1412 {
1413 u_char *ttl;
1414 u_char *loop;
1415 struct in_addr *addr;
1416 struct in_ifaddr *ia;
1417
1418 *mp = m_get(M_WAIT, MT_SOOPTS);
1419
1420 switch (optname) {
1421
1422 case IP_MULTICAST_IF:
1423 addr = mtod(*mp, struct in_addr *);
1424 (*mp)->m_len = sizeof(struct in_addr);
1425 if (imo == NULL || imo->imo_multicast_ifp == NULL)
1426 *addr = zeroin_addr;
1427 else {
1428 IFP_TO_IA(imo->imo_multicast_ifp, ia);
1429 *addr = ia ? ia->ia_addr.sin_addr : zeroin_addr;
1430 }
1431 return (0);
1432
1433 case IP_MULTICAST_TTL:
1434 ttl = mtod(*mp, u_char *);
1435 (*mp)->m_len = 1;
1436 *ttl = imo ? imo->imo_multicast_ttl
1437 : IP_DEFAULT_MULTICAST_TTL;
1438 return (0);
1439
1440 case IP_MULTICAST_LOOP:
1441 loop = mtod(*mp, u_char *);
1442 (*mp)->m_len = 1;
1443 *loop = imo ? imo->imo_multicast_loop
1444 : IP_DEFAULT_MULTICAST_LOOP;
1445 return (0);
1446
1447 default:
1448 return (EOPNOTSUPP);
1449 }
1450 }
1451
1452 /*
1453 * Discard the IP multicast options.
1454 */
1455 void
1456 ip_freemoptions(imo)
1457 register struct ip_moptions *imo;
1458 {
1459 register int i;
1460
1461 if (imo != NULL) {
1462 for (i = 0; i < imo->imo_num_memberships; ++i)
1463 in_delmulti(imo->imo_membership[i]);
1464 free(imo, M_IPMOPTS);
1465 }
1466 }
1467
1468 /*
1469 * Routine called from ip_output() to loop back a copy of an IP multicast
1470 * packet to the input queue of a specified interface. Note that this
1471 * calls the output routine of the loopback "driver", but with an interface
1472 * pointer that might NOT be &loif -- easier than replicating that code here.
1473 */
1474 static void
1475 ip_mloopback(ifp, m, dst)
1476 struct ifnet *ifp;
1477 register struct mbuf *m;
1478 register struct sockaddr_in *dst;
1479 {
1480 register struct ip *ip;
1481 struct mbuf *copym;
1482
1483 copym = m_copy(m, 0, M_COPYALL);
1484 if (copym != NULL) {
1485 /*
1486 * We don't bother to fragment if the IP length is greater
1487 * than the interface's MTU. Can this possibly matter?
1488 */
1489 ip = mtod(copym, struct ip *);
1490 HTONS(ip->ip_len);
1491 HTONS(ip->ip_off);
1492 ip->ip_sum = 0;
1493 ip->ip_sum = in_cksum(copym, ip->ip_hl << 2);
1494 (void) looutput(ifp, copym, sintosa(dst), NULL);
1495 }
1496 }
1497