ip6_output.c revision 1.31.2.5
1 /* $NetBSD: ip6_output.c,v 1.31.2.5 2001/10/22 20:42:03 nathanw Exp $ */ 2 /* $KAME: ip6_output.c,v 1.172 2001/03/25 09:55:56 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1988, 1990, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. All advertising materials mentioning features or use of this software 46 * must display the following acknowledgement: 47 * This product includes software developed by the University of 48 * California, Berkeley and its contributors. 49 * 4. Neither the name of the University nor the names of its contributors 50 * may be used to endorse or promote products derived from this software 51 * without specific prior written permission. 52 * 53 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 54 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 55 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 56 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 57 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 58 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 59 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 60 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 61 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 62 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 63 * SUCH DAMAGE. 64 * 65 * @(#)ip_output.c 8.3 (Berkeley) 1/21/94 66 */ 67 68 #include "opt_inet.h" 69 #include "opt_ipsec.h" 70 #include "opt_pfil_hooks.h" 71 72 #include <sys/param.h> 73 #include <sys/malloc.h> 74 #include <sys/mbuf.h> 75 #include <sys/errno.h> 76 #include <sys/protosw.h> 77 #include <sys/socket.h> 78 #include <sys/socketvar.h> 79 #include <sys/systm.h> 80 #include <sys/lwp.h> 81 #include <sys/proc.h> 82 83 #include <net/if.h> 84 #include <net/route.h> 85 #ifdef PFIL_HOOKS 86 #include <net/pfil.h> 87 #endif 88 89 #include <netinet/in.h> 90 #include <netinet/in_var.h> 91 #include <netinet/ip6.h> 92 #include <netinet/icmp6.h> 93 #include <netinet6/ip6_var.h> 94 #include <netinet6/in6_pcb.h> 95 #include <netinet6/nd6.h> 96 97 #ifdef IPSEC 98 #include <netinet6/ipsec.h> 99 #include <netkey/key.h> 100 #endif /* IPSEC */ 101 102 #include "loop.h" 103 104 #include <net/net_osdep.h> 105 106 #ifdef PFIL_HOOKS 107 extern struct pfil_head inet6_pfil_hook; /* XXX */ 108 #endif 109 110 struct ip6_exthdrs { 111 struct mbuf *ip6e_ip6; 112 struct mbuf *ip6e_hbh; 113 struct mbuf *ip6e_dest1; 114 struct mbuf *ip6e_rthdr; 115 struct mbuf *ip6e_dest2; 116 }; 117 118 static int ip6_pcbopts __P((struct ip6_pktopts **, struct mbuf *, 119 struct socket *)); 120 static int ip6_setmoptions __P((int, struct ip6_moptions **, struct mbuf *)); 121 static int ip6_getmoptions __P((int, struct ip6_moptions *, struct mbuf **)); 122 static int ip6_copyexthdr __P((struct mbuf **, caddr_t, int)); 123 static int ip6_insertfraghdr __P((struct mbuf *, struct mbuf *, int, 124 struct ip6_frag **)); 125 static int ip6_insert_jumboopt __P((struct ip6_exthdrs *, u_int32_t)); 126 static int ip6_splithdr __P((struct mbuf *, struct ip6_exthdrs *)); 127 128 extern struct ifnet loif[NLOOP]; 129 130 /* 131 * IP6 output. The packet in mbuf chain m contains a skeletal IP6 132 * header (with pri, len, nxt, hlim, src, dst). 133 * This function may modify ver and hlim only. 134 * The mbuf chain containing the packet will be freed. 135 * The mbuf opt, if present, will not be freed. 136 */ 137 int 138 ip6_output(m0, opt, ro, flags, im6o, ifpp) 139 struct mbuf *m0; 140 struct ip6_pktopts *opt; 141 struct route_in6 *ro; 142 int flags; 143 struct ip6_moptions *im6o; 144 struct ifnet **ifpp; /* XXX: just for statistics */ 145 { 146 struct ip6_hdr *ip6, *mhip6; 147 struct ifnet *ifp, *origifp; 148 struct mbuf *m = m0; 149 int hlen, tlen, len, off; 150 struct route_in6 ip6route; 151 struct sockaddr_in6 *dst; 152 int error = 0; 153 struct in6_ifaddr *ia; 154 u_long mtu; 155 u_int32_t optlen = 0, plen = 0, unfragpartlen = 0; 156 struct ip6_exthdrs exthdrs; 157 struct in6_addr finaldst; 158 struct route_in6 *ro_pmtu = NULL; 159 int hdrsplit = 0; 160 int needipsec = 0; 161 #ifdef IPSEC 162 int needipsectun = 0; 163 struct socket *so; 164 struct secpolicy *sp = NULL; 165 166 /* for AH processing. stupid to have "socket" variable in IP layer... */ 167 so = ipsec_getsocket(m); 168 (void)ipsec_setsocket(m, NULL); 169 ip6 = mtod(m, struct ip6_hdr *); 170 #endif /* IPSEC */ 171 172 #define MAKE_EXTHDR(hp, mp) \ 173 do { \ 174 if (hp) { \ 175 struct ip6_ext *eh = (struct ip6_ext *)(hp); \ 176 error = ip6_copyexthdr((mp), (caddr_t)(hp), \ 177 ((eh)->ip6e_len + 1) << 3); \ 178 if (error) \ 179 goto freehdrs; \ 180 } \ 181 } while (0) 182 183 bzero(&exthdrs, sizeof(exthdrs)); 184 if (opt) { 185 /* Hop-by-Hop options header */ 186 MAKE_EXTHDR(opt->ip6po_hbh, &exthdrs.ip6e_hbh); 187 /* Destination options header(1st part) */ 188 MAKE_EXTHDR(opt->ip6po_dest1, &exthdrs.ip6e_dest1); 189 /* Routing header */ 190 MAKE_EXTHDR(opt->ip6po_rthdr, &exthdrs.ip6e_rthdr); 191 /* Destination options header(2nd part) */ 192 MAKE_EXTHDR(opt->ip6po_dest2, &exthdrs.ip6e_dest2); 193 } 194 195 #ifdef IPSEC 196 /* get a security policy for this packet */ 197 if (so == NULL) 198 sp = ipsec6_getpolicybyaddr(m, IPSEC_DIR_OUTBOUND, 0, &error); 199 else 200 sp = ipsec6_getpolicybysock(m, IPSEC_DIR_OUTBOUND, so, &error); 201 202 if (sp == NULL) { 203 ipsec6stat.out_inval++; 204 goto freehdrs; 205 } 206 207 error = 0; 208 209 /* check policy */ 210 switch (sp->policy) { 211 case IPSEC_POLICY_DISCARD: 212 /* 213 * This packet is just discarded. 214 */ 215 ipsec6stat.out_polvio++; 216 goto freehdrs; 217 218 case IPSEC_POLICY_BYPASS: 219 case IPSEC_POLICY_NONE: 220 /* no need to do IPsec. */ 221 needipsec = 0; 222 break; 223 224 case IPSEC_POLICY_IPSEC: 225 if (sp->req == NULL) { 226 /* XXX should be panic ? */ 227 printf("ip6_output: No IPsec request specified.\n"); 228 error = EINVAL; 229 goto freehdrs; 230 } 231 needipsec = 1; 232 break; 233 234 case IPSEC_POLICY_ENTRUST: 235 default: 236 printf("ip6_output: Invalid policy found. %d\n", sp->policy); 237 } 238 #endif /* IPSEC */ 239 240 /* 241 * Calculate the total length of the extension header chain. 242 * Keep the length of the unfragmentable part for fragmentation. 243 */ 244 optlen = 0; 245 if (exthdrs.ip6e_hbh) optlen += exthdrs.ip6e_hbh->m_len; 246 if (exthdrs.ip6e_dest1) optlen += exthdrs.ip6e_dest1->m_len; 247 if (exthdrs.ip6e_rthdr) optlen += exthdrs.ip6e_rthdr->m_len; 248 unfragpartlen = optlen + sizeof(struct ip6_hdr); 249 /* NOTE: we don't add AH/ESP length here. do that later. */ 250 if (exthdrs.ip6e_dest2) optlen += exthdrs.ip6e_dest2->m_len; 251 252 /* 253 * If we need IPsec, or there is at least one extension header, 254 * separate IP6 header from the payload. 255 */ 256 if ((needipsec || optlen) && !hdrsplit) { 257 if ((error = ip6_splithdr(m, &exthdrs)) != 0) { 258 m = NULL; 259 goto freehdrs; 260 } 261 m = exthdrs.ip6e_ip6; 262 hdrsplit++; 263 } 264 265 /* adjust pointer */ 266 ip6 = mtod(m, struct ip6_hdr *); 267 268 /* adjust mbuf packet header length */ 269 m->m_pkthdr.len += optlen; 270 plen = m->m_pkthdr.len - sizeof(*ip6); 271 272 /* If this is a jumbo payload, insert a jumbo payload option. */ 273 if (plen > IPV6_MAXPACKET) { 274 if (!hdrsplit) { 275 if ((error = ip6_splithdr(m, &exthdrs)) != 0) { 276 m = NULL; 277 goto freehdrs; 278 } 279 m = exthdrs.ip6e_ip6; 280 hdrsplit++; 281 } 282 /* adjust pointer */ 283 ip6 = mtod(m, struct ip6_hdr *); 284 if ((error = ip6_insert_jumboopt(&exthdrs, plen)) != 0) 285 goto freehdrs; 286 ip6->ip6_plen = 0; 287 } else 288 ip6->ip6_plen = htons(plen); 289 290 /* 291 * Concatenate headers and fill in next header fields. 292 * Here we have, on "m" 293 * IPv6 payload 294 * and we insert headers accordingly. Finally, we should be getting: 295 * IPv6 hbh dest1 rthdr ah* [esp* dest2 payload] 296 * 297 * during the header composing process, "m" points to IPv6 header. 298 * "mprev" points to an extension header prior to esp. 299 */ 300 { 301 u_char *nexthdrp = &ip6->ip6_nxt; 302 struct mbuf *mprev = m; 303 304 /* 305 * we treat dest2 specially. this makes IPsec processing 306 * much easier. 307 * 308 * result: IPv6 dest2 payload 309 * m and mprev will point to IPv6 header. 310 */ 311 if (exthdrs.ip6e_dest2) { 312 if (!hdrsplit) 313 panic("assumption failed: hdr not split"); 314 exthdrs.ip6e_dest2->m_next = m->m_next; 315 m->m_next = exthdrs.ip6e_dest2; 316 *mtod(exthdrs.ip6e_dest2, u_char *) = ip6->ip6_nxt; 317 ip6->ip6_nxt = IPPROTO_DSTOPTS; 318 } 319 320 #define MAKE_CHAIN(m, mp, p, i)\ 321 do {\ 322 if (m) {\ 323 if (!hdrsplit) \ 324 panic("assumption failed: hdr not split"); \ 325 *mtod((m), u_char *) = *(p);\ 326 *(p) = (i);\ 327 p = mtod((m), u_char *);\ 328 (m)->m_next = (mp)->m_next;\ 329 (mp)->m_next = (m);\ 330 (mp) = (m);\ 331 }\ 332 } while (0) 333 /* 334 * result: IPv6 hbh dest1 rthdr dest2 payload 335 * m will point to IPv6 header. mprev will point to the 336 * extension header prior to dest2 (rthdr in the above case). 337 */ 338 MAKE_CHAIN(exthdrs.ip6e_hbh, mprev, 339 nexthdrp, IPPROTO_HOPOPTS); 340 MAKE_CHAIN(exthdrs.ip6e_dest1, mprev, 341 nexthdrp, IPPROTO_DSTOPTS); 342 MAKE_CHAIN(exthdrs.ip6e_rthdr, mprev, 343 nexthdrp, IPPROTO_ROUTING); 344 345 #ifdef IPSEC 346 if (!needipsec) 347 goto skip_ipsec2; 348 349 /* 350 * pointers after IPsec headers are not valid any more. 351 * other pointers need a great care too. 352 * (IPsec routines should not mangle mbufs prior to AH/ESP) 353 */ 354 exthdrs.ip6e_dest2 = NULL; 355 356 { 357 struct ip6_rthdr *rh = NULL; 358 int segleft_org = 0; 359 struct ipsec_output_state state; 360 361 if (exthdrs.ip6e_rthdr) { 362 rh = mtod(exthdrs.ip6e_rthdr, struct ip6_rthdr *); 363 segleft_org = rh->ip6r_segleft; 364 rh->ip6r_segleft = 0; 365 } 366 367 bzero(&state, sizeof(state)); 368 state.m = m; 369 error = ipsec6_output_trans(&state, nexthdrp, mprev, sp, flags, 370 &needipsectun); 371 m = state.m; 372 if (error) { 373 /* mbuf is already reclaimed in ipsec6_output_trans. */ 374 m = NULL; 375 switch (error) { 376 case EHOSTUNREACH: 377 case ENETUNREACH: 378 case EMSGSIZE: 379 case ENOBUFS: 380 case ENOMEM: 381 break; 382 default: 383 printf("ip6_output (ipsec): error code %d\n", error); 384 /*fall through*/ 385 case ENOENT: 386 /* don't show these error codes to the user */ 387 error = 0; 388 break; 389 } 390 goto bad; 391 } 392 if (exthdrs.ip6e_rthdr) { 393 /* ah6_output doesn't modify mbuf chain */ 394 rh->ip6r_segleft = segleft_org; 395 } 396 } 397 skip_ipsec2:; 398 #endif 399 } 400 401 /* 402 * If there is a routing header, replace destination address field 403 * with the first hop of the routing header. 404 */ 405 if (exthdrs.ip6e_rthdr) { 406 struct ip6_rthdr *rh = 407 (struct ip6_rthdr *)(mtod(exthdrs.ip6e_rthdr, 408 struct ip6_rthdr *)); 409 struct ip6_rthdr0 *rh0; 410 411 finaldst = ip6->ip6_dst; 412 switch (rh->ip6r_type) { 413 case IPV6_RTHDR_TYPE_0: 414 rh0 = (struct ip6_rthdr0 *)rh; 415 ip6->ip6_dst = rh0->ip6r0_addr[0]; 416 bcopy((caddr_t)&rh0->ip6r0_addr[1], 417 (caddr_t)&rh0->ip6r0_addr[0], 418 sizeof(struct in6_addr) * (rh0->ip6r0_segleft - 1) 419 ); 420 rh0->ip6r0_addr[rh0->ip6r0_segleft - 1] = finaldst; 421 break; 422 default: /* is it possible? */ 423 error = EINVAL; 424 goto bad; 425 } 426 } 427 428 /* Source address validation */ 429 if (IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src) && 430 (flags & IPV6_DADOUTPUT) == 0) { 431 error = EOPNOTSUPP; 432 ip6stat.ip6s_badscope++; 433 goto bad; 434 } 435 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_src)) { 436 error = EOPNOTSUPP; 437 ip6stat.ip6s_badscope++; 438 goto bad; 439 } 440 441 ip6stat.ip6s_localout++; 442 443 /* 444 * Route packet. 445 */ 446 if (ro == 0) { 447 ro = &ip6route; 448 bzero((caddr_t)ro, sizeof(*ro)); 449 } 450 ro_pmtu = ro; 451 if (opt && opt->ip6po_rthdr) 452 ro = &opt->ip6po_route; 453 dst = (struct sockaddr_in6 *)&ro->ro_dst; 454 /* 455 * If there is a cached route, 456 * check that it is to the same destination 457 * and is still up. If not, free it and try again. 458 */ 459 if (ro->ro_rt && ((ro->ro_rt->rt_flags & RTF_UP) == 0 || 460 !IN6_ARE_ADDR_EQUAL(&dst->sin6_addr, &ip6->ip6_dst))) { 461 RTFREE(ro->ro_rt); 462 ro->ro_rt = (struct rtentry *)0; 463 } 464 if (ro->ro_rt == 0) { 465 bzero(dst, sizeof(*dst)); 466 dst->sin6_family = AF_INET6; 467 dst->sin6_len = sizeof(struct sockaddr_in6); 468 dst->sin6_addr = ip6->ip6_dst; 469 } 470 #ifdef IPSEC 471 if (needipsec && needipsectun) { 472 struct ipsec_output_state state; 473 474 /* 475 * All the extension headers will become inaccessible 476 * (since they can be encrypted). 477 * Don't panic, we need no more updates to extension headers 478 * on inner IPv6 packet (since they are now encapsulated). 479 * 480 * IPv6 [ESP|AH] IPv6 [extension headers] payload 481 */ 482 bzero(&exthdrs, sizeof(exthdrs)); 483 exthdrs.ip6e_ip6 = m; 484 485 bzero(&state, sizeof(state)); 486 state.m = m; 487 state.ro = (struct route *)ro; 488 state.dst = (struct sockaddr *)dst; 489 490 error = ipsec6_output_tunnel(&state, sp, flags); 491 492 m = state.m; 493 ro = (struct route_in6 *)state.ro; 494 dst = (struct sockaddr_in6 *)state.dst; 495 if (error) { 496 /* mbuf is already reclaimed in ipsec6_output_tunnel. */ 497 m0 = m = NULL; 498 m = NULL; 499 switch (error) { 500 case EHOSTUNREACH: 501 case ENETUNREACH: 502 case EMSGSIZE: 503 case ENOBUFS: 504 case ENOMEM: 505 break; 506 default: 507 printf("ip6_output (ipsec): error code %d\n", error); 508 /*fall through*/ 509 case ENOENT: 510 /* don't show these error codes to the user */ 511 error = 0; 512 break; 513 } 514 goto bad; 515 } 516 517 exthdrs.ip6e_ip6 = m; 518 } 519 #endif /*IPSEC*/ 520 521 if (!IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) { 522 /* Unicast */ 523 524 #define ifatoia6(ifa) ((struct in6_ifaddr *)(ifa)) 525 #define sin6tosa(sin6) ((struct sockaddr *)(sin6)) 526 /* xxx 527 * interface selection comes here 528 * if an interface is specified from an upper layer, 529 * ifp must point it. 530 */ 531 if (ro->ro_rt == 0) { 532 /* 533 * non-bsdi always clone routes, if parent is 534 * PRF_CLONING. 535 */ 536 rtalloc((struct route *)ro); 537 } 538 if (ro->ro_rt == 0) { 539 ip6stat.ip6s_noroute++; 540 error = EHOSTUNREACH; 541 /* XXX in6_ifstat_inc(ifp, ifs6_out_discard); */ 542 goto bad; 543 } 544 ia = ifatoia6(ro->ro_rt->rt_ifa); 545 ifp = ro->ro_rt->rt_ifp; 546 ro->ro_rt->rt_use++; 547 if (ro->ro_rt->rt_flags & RTF_GATEWAY) 548 dst = (struct sockaddr_in6 *)ro->ro_rt->rt_gateway; 549 m->m_flags &= ~(M_BCAST | M_MCAST); /* just in case */ 550 551 in6_ifstat_inc(ifp, ifs6_out_request); 552 553 /* 554 * Check if the outgoing interface conflicts with 555 * the interface specified by ifi6_ifindex (if specified). 556 * Note that loopback interface is always okay. 557 * (this may happen when we are sending a packet to one of 558 * our own addresses.) 559 */ 560 if (opt && opt->ip6po_pktinfo 561 && opt->ip6po_pktinfo->ipi6_ifindex) { 562 if (!(ifp->if_flags & IFF_LOOPBACK) 563 && ifp->if_index != opt->ip6po_pktinfo->ipi6_ifindex) { 564 ip6stat.ip6s_noroute++; 565 in6_ifstat_inc(ifp, ifs6_out_discard); 566 error = EHOSTUNREACH; 567 goto bad; 568 } 569 } 570 571 if (opt && opt->ip6po_hlim != -1) 572 ip6->ip6_hlim = opt->ip6po_hlim & 0xff; 573 } else { 574 /* Multicast */ 575 struct in6_multi *in6m; 576 577 m->m_flags = (m->m_flags & ~M_BCAST) | M_MCAST; 578 579 /* 580 * See if the caller provided any multicast options 581 */ 582 ifp = NULL; 583 if (im6o != NULL) { 584 ip6->ip6_hlim = im6o->im6o_multicast_hlim; 585 if (im6o->im6o_multicast_ifp != NULL) 586 ifp = im6o->im6o_multicast_ifp; 587 } else 588 ip6->ip6_hlim = ip6_defmcasthlim; 589 590 /* 591 * See if the caller provided the outgoing interface 592 * as an ancillary data. 593 * Boundary check for ifindex is assumed to be already done. 594 */ 595 if (opt && opt->ip6po_pktinfo && opt->ip6po_pktinfo->ipi6_ifindex) 596 ifp = ifindex2ifnet[opt->ip6po_pktinfo->ipi6_ifindex]; 597 598 /* 599 * If the destination is a node-local scope multicast, 600 * the packet should be loop-backed only. 601 */ 602 if (IN6_IS_ADDR_MC_NODELOCAL(&ip6->ip6_dst)) { 603 /* 604 * If the outgoing interface is already specified, 605 * it should be a loopback interface. 606 */ 607 if (ifp && (ifp->if_flags & IFF_LOOPBACK) == 0) { 608 ip6stat.ip6s_badscope++; 609 error = ENETUNREACH; /* XXX: better error? */ 610 /* XXX correct ifp? */ 611 in6_ifstat_inc(ifp, ifs6_out_discard); 612 goto bad; 613 } else { 614 ifp = &loif[0]; 615 } 616 } 617 618 if (opt && opt->ip6po_hlim != -1) 619 ip6->ip6_hlim = opt->ip6po_hlim & 0xff; 620 621 /* 622 * If caller did not provide an interface lookup a 623 * default in the routing table. This is either a 624 * default for the speicfied group (i.e. a host 625 * route), or a multicast default (a route for the 626 * ``net'' ff00::/8). 627 */ 628 if (ifp == NULL) { 629 if (ro->ro_rt == 0) { 630 ro->ro_rt = rtalloc1((struct sockaddr *) 631 &ro->ro_dst, 0 632 ); 633 } 634 if (ro->ro_rt == 0) { 635 ip6stat.ip6s_noroute++; 636 error = EHOSTUNREACH; 637 /* XXX in6_ifstat_inc(ifp, ifs6_out_discard) */ 638 goto bad; 639 } 640 ia = ifatoia6(ro->ro_rt->rt_ifa); 641 ifp = ro->ro_rt->rt_ifp; 642 ro->ro_rt->rt_use++; 643 } 644 645 if ((flags & IPV6_FORWARDING) == 0) 646 in6_ifstat_inc(ifp, ifs6_out_request); 647 in6_ifstat_inc(ifp, ifs6_out_mcast); 648 649 /* 650 * Confirm that the outgoing interface supports multicast. 651 */ 652 if ((ifp->if_flags & IFF_MULTICAST) == 0) { 653 ip6stat.ip6s_noroute++; 654 in6_ifstat_inc(ifp, ifs6_out_discard); 655 error = ENETUNREACH; 656 goto bad; 657 } 658 IN6_LOOKUP_MULTI(ip6->ip6_dst, ifp, in6m); 659 if (in6m != NULL && 660 (im6o == NULL || im6o->im6o_multicast_loop)) { 661 /* 662 * If we belong to the destination multicast group 663 * on the outgoing interface, and the caller did not 664 * forbid loopback, loop back a copy. 665 */ 666 ip6_mloopback(ifp, m, dst); 667 } else { 668 /* 669 * If we are acting as a multicast router, perform 670 * multicast forwarding as if the packet had just 671 * arrived on the interface to which we are about 672 * to send. The multicast forwarding function 673 * recursively calls this function, using the 674 * IPV6_FORWARDING flag to prevent infinite recursion. 675 * 676 * Multicasts that are looped back by ip6_mloopback(), 677 * above, will be forwarded by the ip6_input() routine, 678 * if necessary. 679 */ 680 if (ip6_mrouter && (flags & IPV6_FORWARDING) == 0) { 681 if (ip6_mforward(ip6, ifp, m) != 0) { 682 m_freem(m); 683 goto done; 684 } 685 } 686 } 687 /* 688 * Multicasts with a hoplimit of zero may be looped back, 689 * above, but must not be transmitted on a network. 690 * Also, multicasts addressed to the loopback interface 691 * are not sent -- the above call to ip6_mloopback() will 692 * loop back a copy if this host actually belongs to the 693 * destination group on the loopback interface. 694 */ 695 if (ip6->ip6_hlim == 0 || (ifp->if_flags & IFF_LOOPBACK)) { 696 m_freem(m); 697 goto done; 698 } 699 } 700 701 /* 702 * Fill the outgoing inteface to tell the upper layer 703 * to increment per-interface statistics. 704 */ 705 if (ifpp) 706 *ifpp = ifp; 707 708 /* 709 * Determine path MTU. 710 */ 711 if (ro_pmtu != ro) { 712 /* The first hop and the final destination may differ. */ 713 struct sockaddr_in6 *sin6_fin = 714 (struct sockaddr_in6 *)&ro_pmtu->ro_dst; 715 if (ro_pmtu->ro_rt && ((ro->ro_rt->rt_flags & RTF_UP) == 0 || 716 !IN6_ARE_ADDR_EQUAL(&sin6_fin->sin6_addr, 717 &finaldst))) { 718 RTFREE(ro_pmtu->ro_rt); 719 ro_pmtu->ro_rt = (struct rtentry *)0; 720 } 721 if (ro_pmtu->ro_rt == 0) { 722 bzero(sin6_fin, sizeof(*sin6_fin)); 723 sin6_fin->sin6_family = AF_INET6; 724 sin6_fin->sin6_len = sizeof(struct sockaddr_in6); 725 sin6_fin->sin6_addr = finaldst; 726 727 rtalloc((struct route *)ro_pmtu); 728 } 729 } 730 if (ro_pmtu->ro_rt != NULL) { 731 u_int32_t ifmtu = nd_ifinfo[ifp->if_index].linkmtu; 732 733 mtu = ro_pmtu->ro_rt->rt_rmx.rmx_mtu; 734 if (mtu > ifmtu || mtu == 0) { 735 /* 736 * The MTU on the route is larger than the MTU on 737 * the interface! This shouldn't happen, unless the 738 * MTU of the interface has been changed after the 739 * interface was brought up. Change the MTU in the 740 * route to match the interface MTU (as long as the 741 * field isn't locked). 742 * 743 * if MTU on the route is 0, we need to fix the MTU. 744 * this case happens with path MTU discovery timeouts. 745 */ 746 mtu = ifmtu; 747 if ((ro_pmtu->ro_rt->rt_rmx.rmx_locks & RTV_MTU) == 0) 748 ro_pmtu->ro_rt->rt_rmx.rmx_mtu = mtu; /* XXX */ 749 } 750 } else { 751 mtu = nd_ifinfo[ifp->if_index].linkmtu; 752 } 753 754 /* Fake scoped addresses */ 755 if ((ifp->if_flags & IFF_LOOPBACK) != 0) { 756 /* 757 * If source or destination address is a scoped address, and 758 * the packet is going to be sent to a loopback interface, 759 * we should keep the original interface. 760 */ 761 762 /* 763 * XXX: this is a very experimental and temporary solution. 764 * We eventually have sockaddr_in6 and use the sin6_scope_id 765 * field of the structure here. 766 * We rely on the consistency between two scope zone ids 767 * of source add destination, which should already be assured 768 * Larger scopes than link will be supported in the near 769 * future. 770 */ 771 origifp = NULL; 772 if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_src)) 773 origifp = ifindex2ifnet[ntohs(ip6->ip6_src.s6_addr16[1])]; 774 else if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_dst)) 775 origifp = ifindex2ifnet[ntohs(ip6->ip6_dst.s6_addr16[1])]; 776 /* 777 * XXX: origifp can be NULL even in those two cases above. 778 * For example, if we remove the (only) link-local address 779 * from the loopback interface, and try to send a link-local 780 * address without link-id information. Then the source 781 * address is ::1, and the destination address is the 782 * link-local address with its s6_addr16[1] being zero. 783 * What is worse, if the packet goes to the loopback interface 784 * by a default rejected route, the null pointer would be 785 * passed to looutput, and the kernel would hang. 786 * The following last resort would prevent such disaster. 787 */ 788 if (origifp == NULL) 789 origifp = ifp; 790 } 791 else 792 origifp = ifp; 793 if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_src)) 794 ip6->ip6_src.s6_addr16[1] = 0; 795 if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_dst)) 796 ip6->ip6_dst.s6_addr16[1] = 0; 797 798 /* 799 * If the outgoing packet contains a hop-by-hop options header, 800 * it must be examined and processed even by the source node. 801 * (RFC 2460, section 4.) 802 */ 803 if (exthdrs.ip6e_hbh) { 804 struct ip6_hbh *hbh = mtod(exthdrs.ip6e_hbh, struct ip6_hbh *); 805 u_int32_t dummy1; /* XXX unused */ 806 u_int32_t dummy2; /* XXX unused */ 807 808 /* 809 * XXX: if we have to send an ICMPv6 error to the sender, 810 * we need the M_LOOP flag since icmp6_error() expects 811 * the IPv6 and the hop-by-hop options header are 812 * continuous unless the flag is set. 813 */ 814 m->m_flags |= M_LOOP; 815 m->m_pkthdr.rcvif = ifp; 816 if (ip6_process_hopopts(m, 817 (u_int8_t *)(hbh + 1), 818 ((hbh->ip6h_len + 1) << 3) - 819 sizeof(struct ip6_hbh), 820 &dummy1, &dummy2) < 0) { 821 /* m was already freed at this point */ 822 error = EINVAL;/* better error? */ 823 goto done; 824 } 825 m->m_flags &= ~M_LOOP; /* XXX */ 826 m->m_pkthdr.rcvif = NULL; 827 } 828 829 #ifdef PFIL_HOOKS 830 /* 831 * Run through list of hooks for output packets. 832 */ 833 if ((error = pfil_run_hooks(&inet6_pfil_hook, &m, ifp, 834 PFIL_OUT)) != 0) 835 goto done; 836 if (m == NULL) 837 goto done; 838 ip6 = mtod(m, struct ip6_hdr *); 839 #endif /* PFIL_HOOKS */ 840 /* 841 * Send the packet to the outgoing interface. 842 * If necessary, do IPv6 fragmentation before sending. 843 */ 844 tlen = m->m_pkthdr.len; 845 if (tlen <= mtu 846 #ifdef notyet 847 /* 848 * On any link that cannot convey a 1280-octet packet in one piece, 849 * link-specific fragmentation and reassembly must be provided at 850 * a layer below IPv6. [RFC 2460, sec.5] 851 * Thus if the interface has ability of link-level fragmentation, 852 * we can just send the packet even if the packet size is 853 * larger than the link's MTU. 854 * XXX: IFF_FRAGMENTABLE (or such) flag has not been defined yet... 855 */ 856 857 || ifp->if_flags & IFF_FRAGMENTABLE 858 #endif 859 ) 860 { 861 #ifdef IFA_STATS 862 struct in6_ifaddr *ia6; 863 ip6 = mtod(m, struct ip6_hdr *); 864 ia6 = in6_ifawithifp(ifp, &ip6->ip6_src); 865 if (ia6) { 866 ia6->ia_ifa.ifa_data.ifad_outbytes += 867 m->m_pkthdr.len; 868 } 869 #endif 870 #ifdef IPSEC 871 /* clean ipsec history once it goes out of the node */ 872 ipsec_delaux(m); 873 #endif 874 error = nd6_output(ifp, origifp, m, dst, ro->ro_rt); 875 goto done; 876 } else if (mtu < IPV6_MMTU) { 877 /* 878 * note that path MTU is never less than IPV6_MMTU 879 * (see icmp6_input). 880 */ 881 error = EMSGSIZE; 882 in6_ifstat_inc(ifp, ifs6_out_fragfail); 883 goto bad; 884 } else if (ip6->ip6_plen == 0) { /* jumbo payload cannot be fragmented */ 885 error = EMSGSIZE; 886 in6_ifstat_inc(ifp, ifs6_out_fragfail); 887 goto bad; 888 } else { 889 struct mbuf **mnext, *m_frgpart; 890 struct ip6_frag *ip6f; 891 u_int32_t id = htonl(ip6_id++); 892 u_char nextproto; 893 894 /* 895 * Too large for the destination or interface; 896 * fragment if possible. 897 * Must be able to put at least 8 bytes per fragment. 898 */ 899 hlen = unfragpartlen; 900 if (mtu > IPV6_MAXPACKET) 901 mtu = IPV6_MAXPACKET; 902 len = (mtu - hlen - sizeof(struct ip6_frag)) & ~7; 903 if (len < 8) { 904 error = EMSGSIZE; 905 in6_ifstat_inc(ifp, ifs6_out_fragfail); 906 goto bad; 907 } 908 909 mnext = &m->m_nextpkt; 910 911 /* 912 * Change the next header field of the last header in the 913 * unfragmentable part. 914 */ 915 if (exthdrs.ip6e_rthdr) { 916 nextproto = *mtod(exthdrs.ip6e_rthdr, u_char *); 917 *mtod(exthdrs.ip6e_rthdr, u_char *) = IPPROTO_FRAGMENT; 918 } else if (exthdrs.ip6e_dest1) { 919 nextproto = *mtod(exthdrs.ip6e_dest1, u_char *); 920 *mtod(exthdrs.ip6e_dest1, u_char *) = IPPROTO_FRAGMENT; 921 } else if (exthdrs.ip6e_hbh) { 922 nextproto = *mtod(exthdrs.ip6e_hbh, u_char *); 923 *mtod(exthdrs.ip6e_hbh, u_char *) = IPPROTO_FRAGMENT; 924 } else { 925 nextproto = ip6->ip6_nxt; 926 ip6->ip6_nxt = IPPROTO_FRAGMENT; 927 } 928 929 /* 930 * Loop through length of segment after first fragment, 931 * make new header and copy data of each part and link onto chain. 932 */ 933 m0 = m; 934 for (off = hlen; off < tlen; off += len) { 935 MGETHDR(m, M_DONTWAIT, MT_HEADER); 936 if (!m) { 937 error = ENOBUFS; 938 ip6stat.ip6s_odropped++; 939 goto sendorfree; 940 } 941 m->m_flags = m0->m_flags & M_COPYFLAGS; 942 *mnext = m; 943 mnext = &m->m_nextpkt; 944 m->m_data += max_linkhdr; 945 mhip6 = mtod(m, struct ip6_hdr *); 946 *mhip6 = *ip6; 947 m->m_len = sizeof(*mhip6); 948 error = ip6_insertfraghdr(m0, m, hlen, &ip6f); 949 if (error) { 950 ip6stat.ip6s_odropped++; 951 goto sendorfree; 952 } 953 ip6f->ip6f_offlg = htons((u_short)((off - hlen) & ~7)); 954 if (off + len >= tlen) 955 len = tlen - off; 956 else 957 ip6f->ip6f_offlg |= IP6F_MORE_FRAG; 958 mhip6->ip6_plen = htons((u_short)(len + hlen + 959 sizeof(*ip6f) - 960 sizeof(struct ip6_hdr))); 961 if ((m_frgpart = m_copy(m0, off, len)) == 0) { 962 error = ENOBUFS; 963 ip6stat.ip6s_odropped++; 964 goto sendorfree; 965 } 966 m_cat(m, m_frgpart); 967 m->m_pkthdr.len = len + hlen + sizeof(*ip6f); 968 m->m_pkthdr.rcvif = (struct ifnet *)0; 969 ip6f->ip6f_reserved = 0; 970 ip6f->ip6f_ident = id; 971 ip6f->ip6f_nxt = nextproto; 972 ip6stat.ip6s_ofragments++; 973 in6_ifstat_inc(ifp, ifs6_out_fragcreat); 974 } 975 976 in6_ifstat_inc(ifp, ifs6_out_fragok); 977 } 978 979 /* 980 * Remove leading garbages. 981 */ 982 sendorfree: 983 m = m0->m_nextpkt; 984 m0->m_nextpkt = 0; 985 m_freem(m0); 986 for (m0 = m; m; m = m0) { 987 m0 = m->m_nextpkt; 988 m->m_nextpkt = 0; 989 if (error == 0) { 990 #ifdef IFA_STATS 991 struct in6_ifaddr *ia6; 992 ip6 = mtod(m, struct ip6_hdr *); 993 ia6 = in6_ifawithifp(ifp, &ip6->ip6_src); 994 if (ia6) { 995 ia6->ia_ifa.ifa_data.ifad_outbytes += 996 m->m_pkthdr.len; 997 } 998 #endif 999 #ifdef IPSEC 1000 /* clean ipsec history once it goes out of the node */ 1001 ipsec_delaux(m); 1002 #endif 1003 error = nd6_output(ifp, origifp, m, dst, ro->ro_rt); 1004 } else 1005 m_freem(m); 1006 } 1007 1008 if (error == 0) 1009 ip6stat.ip6s_fragmented++; 1010 1011 done: 1012 if (ro == &ip6route && ro->ro_rt) { /* brace necessary for RTFREE */ 1013 RTFREE(ro->ro_rt); 1014 } else if (ro_pmtu == &ip6route && ro_pmtu->ro_rt) { 1015 RTFREE(ro_pmtu->ro_rt); 1016 } 1017 1018 #ifdef IPSEC 1019 if (sp != NULL) 1020 key_freesp(sp); 1021 #endif /* IPSEC */ 1022 1023 return(error); 1024 1025 freehdrs: 1026 m_freem(exthdrs.ip6e_hbh); /* m_freem will check if mbuf is 0 */ 1027 m_freem(exthdrs.ip6e_dest1); 1028 m_freem(exthdrs.ip6e_rthdr); 1029 m_freem(exthdrs.ip6e_dest2); 1030 /* fall through */ 1031 bad: 1032 m_freem(m); 1033 goto done; 1034 } 1035 1036 static int 1037 ip6_copyexthdr(mp, hdr, hlen) 1038 struct mbuf **mp; 1039 caddr_t hdr; 1040 int hlen; 1041 { 1042 struct mbuf *m; 1043 1044 if (hlen > MCLBYTES) 1045 return(ENOBUFS); /* XXX */ 1046 1047 MGET(m, M_DONTWAIT, MT_DATA); 1048 if (!m) 1049 return(ENOBUFS); 1050 1051 if (hlen > MLEN) { 1052 MCLGET(m, M_DONTWAIT); 1053 if ((m->m_flags & M_EXT) == 0) { 1054 m_free(m); 1055 return(ENOBUFS); 1056 } 1057 } 1058 m->m_len = hlen; 1059 if (hdr) 1060 bcopy(hdr, mtod(m, caddr_t), hlen); 1061 1062 *mp = m; 1063 return(0); 1064 } 1065 1066 /* 1067 * Insert jumbo payload option. 1068 */ 1069 static int 1070 ip6_insert_jumboopt(exthdrs, plen) 1071 struct ip6_exthdrs *exthdrs; 1072 u_int32_t plen; 1073 { 1074 struct mbuf *mopt; 1075 u_char *optbuf; 1076 u_int32_t v; 1077 1078 #define JUMBOOPTLEN 8 /* length of jumbo payload option and padding */ 1079 1080 /* 1081 * If there is no hop-by-hop options header, allocate new one. 1082 * If there is one but it doesn't have enough space to store the 1083 * jumbo payload option, allocate a cluster to store the whole options. 1084 * Otherwise, use it to store the options. 1085 */ 1086 if (exthdrs->ip6e_hbh == 0) { 1087 MGET(mopt, M_DONTWAIT, MT_DATA); 1088 if (mopt == 0) 1089 return(ENOBUFS); 1090 mopt->m_len = JUMBOOPTLEN; 1091 optbuf = mtod(mopt, u_char *); 1092 optbuf[1] = 0; /* = ((JUMBOOPTLEN) >> 3) - 1 */ 1093 exthdrs->ip6e_hbh = mopt; 1094 } else { 1095 struct ip6_hbh *hbh; 1096 1097 mopt = exthdrs->ip6e_hbh; 1098 if (M_TRAILINGSPACE(mopt) < JUMBOOPTLEN) { 1099 /* 1100 * XXX assumption: 1101 * - exthdrs->ip6e_hbh is not referenced from places 1102 * other than exthdrs. 1103 * - exthdrs->ip6e_hbh is not an mbuf chain. 1104 */ 1105 int oldoptlen = mopt->m_len; 1106 struct mbuf *n; 1107 1108 /* 1109 * XXX: give up if the whole (new) hbh header does 1110 * not fit even in an mbuf cluster. 1111 */ 1112 if (oldoptlen + JUMBOOPTLEN > MCLBYTES) 1113 return(ENOBUFS); 1114 1115 /* 1116 * As a consequence, we must always prepare a cluster 1117 * at this point. 1118 */ 1119 MGET(n, M_DONTWAIT, MT_DATA); 1120 if (n) { 1121 MCLGET(n, M_DONTWAIT); 1122 if ((n->m_flags & M_EXT) == 0) { 1123 m_freem(n); 1124 n = NULL; 1125 } 1126 } 1127 if (!n) 1128 return(ENOBUFS); 1129 n->m_len = oldoptlen + JUMBOOPTLEN; 1130 bcopy(mtod(mopt, caddr_t), mtod(n, caddr_t), 1131 oldoptlen); 1132 optbuf = mtod(n, caddr_t) + oldoptlen; 1133 m_freem(mopt); 1134 mopt = exthdrs->ip6e_hbh = n; 1135 } else { 1136 optbuf = mtod(mopt, u_char *) + mopt->m_len; 1137 mopt->m_len += JUMBOOPTLEN; 1138 } 1139 optbuf[0] = IP6OPT_PADN; 1140 optbuf[1] = 1; 1141 1142 /* 1143 * Adjust the header length according to the pad and 1144 * the jumbo payload option. 1145 */ 1146 hbh = mtod(mopt, struct ip6_hbh *); 1147 hbh->ip6h_len += (JUMBOOPTLEN >> 3); 1148 } 1149 1150 /* fill in the option. */ 1151 optbuf[2] = IP6OPT_JUMBO; 1152 optbuf[3] = 4; 1153 v = (u_int32_t)htonl(plen + JUMBOOPTLEN); 1154 bcopy(&v, &optbuf[4], sizeof(u_int32_t)); 1155 1156 /* finally, adjust the packet header length */ 1157 exthdrs->ip6e_ip6->m_pkthdr.len += JUMBOOPTLEN; 1158 1159 return(0); 1160 #undef JUMBOOPTLEN 1161 } 1162 1163 /* 1164 * Insert fragment header and copy unfragmentable header portions. 1165 */ 1166 static int 1167 ip6_insertfraghdr(m0, m, hlen, frghdrp) 1168 struct mbuf *m0, *m; 1169 int hlen; 1170 struct ip6_frag **frghdrp; 1171 { 1172 struct mbuf *n, *mlast; 1173 1174 if (hlen > sizeof(struct ip6_hdr)) { 1175 n = m_copym(m0, sizeof(struct ip6_hdr), 1176 hlen - sizeof(struct ip6_hdr), M_DONTWAIT); 1177 if (n == 0) 1178 return(ENOBUFS); 1179 m->m_next = n; 1180 } else 1181 n = m; 1182 1183 /* Search for the last mbuf of unfragmentable part. */ 1184 for (mlast = n; mlast->m_next; mlast = mlast->m_next) 1185 ; 1186 1187 if ((mlast->m_flags & M_EXT) == 0 && 1188 M_TRAILINGSPACE(mlast) >= sizeof(struct ip6_frag)) { 1189 /* use the trailing space of the last mbuf for the fragment hdr */ 1190 *frghdrp = 1191 (struct ip6_frag *)(mtod(mlast, caddr_t) + mlast->m_len); 1192 mlast->m_len += sizeof(struct ip6_frag); 1193 m->m_pkthdr.len += sizeof(struct ip6_frag); 1194 } else { 1195 /* allocate a new mbuf for the fragment header */ 1196 struct mbuf *mfrg; 1197 1198 MGET(mfrg, M_DONTWAIT, MT_DATA); 1199 if (mfrg == 0) 1200 return(ENOBUFS); 1201 mfrg->m_len = sizeof(struct ip6_frag); 1202 *frghdrp = mtod(mfrg, struct ip6_frag *); 1203 mlast->m_next = mfrg; 1204 } 1205 1206 return(0); 1207 } 1208 1209 /* 1210 * IP6 socket option processing. 1211 */ 1212 int 1213 ip6_ctloutput(op, so, level, optname, mp) 1214 int op; 1215 struct socket *so; 1216 int level, optname; 1217 struct mbuf **mp; 1218 { 1219 struct in6pcb *in6p = sotoin6pcb(so); 1220 struct mbuf *m = *mp; 1221 int optval = 0; 1222 int error = 0; 1223 struct proc *p = (curproc ? curproc->l_proc : 0); /* XXX */ 1224 1225 if (level == IPPROTO_IPV6) { 1226 switch (op) { 1227 1228 case PRCO_SETOPT: 1229 switch (optname) { 1230 case IPV6_PKTOPTIONS: 1231 /* m is freed in ip6_pcbopts */ 1232 return(ip6_pcbopts(&in6p->in6p_outputopts, 1233 m, so)); 1234 case IPV6_HOPOPTS: 1235 case IPV6_DSTOPTS: 1236 if (p == 0 || suser(p->p_ucred, &p->p_acflag)) { 1237 error = EPERM; 1238 break; 1239 } 1240 /* fall through */ 1241 case IPV6_UNICAST_HOPS: 1242 case IPV6_RECVOPTS: 1243 case IPV6_RECVRETOPTS: 1244 case IPV6_RECVDSTADDR: 1245 case IPV6_PKTINFO: 1246 case IPV6_HOPLIMIT: 1247 case IPV6_RTHDR: 1248 case IPV6_FAITH: 1249 case IPV6_V6ONLY: 1250 if (!m || m->m_len != sizeof(int)) { 1251 error = EINVAL; 1252 break; 1253 } 1254 optval = *mtod(m, int *); 1255 switch (optname) { 1256 1257 case IPV6_UNICAST_HOPS: 1258 if (optval < -1 || optval >= 256) 1259 error = EINVAL; 1260 else { 1261 /* -1 = kernel default */ 1262 in6p->in6p_hops = optval; 1263 } 1264 break; 1265 #define OPTSET(bit) \ 1266 if (optval) \ 1267 in6p->in6p_flags |= bit; \ 1268 else \ 1269 in6p->in6p_flags &= ~bit; 1270 1271 case IPV6_RECVOPTS: 1272 OPTSET(IN6P_RECVOPTS); 1273 break; 1274 1275 case IPV6_RECVRETOPTS: 1276 OPTSET(IN6P_RECVRETOPTS); 1277 break; 1278 1279 case IPV6_RECVDSTADDR: 1280 OPTSET(IN6P_RECVDSTADDR); 1281 break; 1282 1283 case IPV6_PKTINFO: 1284 OPTSET(IN6P_PKTINFO); 1285 break; 1286 1287 case IPV6_HOPLIMIT: 1288 OPTSET(IN6P_HOPLIMIT); 1289 break; 1290 1291 case IPV6_HOPOPTS: 1292 OPTSET(IN6P_HOPOPTS); 1293 break; 1294 1295 case IPV6_DSTOPTS: 1296 OPTSET(IN6P_DSTOPTS); 1297 break; 1298 1299 case IPV6_RTHDR: 1300 OPTSET(IN6P_RTHDR); 1301 break; 1302 1303 case IPV6_FAITH: 1304 OPTSET(IN6P_FAITH); 1305 break; 1306 1307 case IPV6_V6ONLY: 1308 /* 1309 * make setsockopt(IPV6_V6ONLY) 1310 * available only prior to bind(2). 1311 * see ipng mailing list, Jun 22 2001. 1312 */ 1313 if (in6p->in6p_lport || 1314 !IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr)) 1315 { 1316 error = EINVAL; 1317 break; 1318 } 1319 #ifdef INET6_BINDV6ONLY 1320 if (!optval) 1321 error = EINVAL; 1322 #else 1323 OPTSET(IN6P_IPV6_V6ONLY); 1324 #endif 1325 break; 1326 } 1327 break; 1328 #undef OPTSET 1329 1330 case IPV6_MULTICAST_IF: 1331 case IPV6_MULTICAST_HOPS: 1332 case IPV6_MULTICAST_LOOP: 1333 case IPV6_JOIN_GROUP: 1334 case IPV6_LEAVE_GROUP: 1335 error = ip6_setmoptions(optname, &in6p->in6p_moptions, m); 1336 break; 1337 1338 case IPV6_PORTRANGE: 1339 optval = *mtod(m, int *); 1340 1341 switch (optval) { 1342 case IPV6_PORTRANGE_DEFAULT: 1343 in6p->in6p_flags &= ~(IN6P_LOWPORT); 1344 in6p->in6p_flags &= ~(IN6P_HIGHPORT); 1345 break; 1346 1347 case IPV6_PORTRANGE_HIGH: 1348 in6p->in6p_flags &= ~(IN6P_LOWPORT); 1349 in6p->in6p_flags |= IN6P_HIGHPORT; 1350 break; 1351 1352 case IPV6_PORTRANGE_LOW: 1353 in6p->in6p_flags &= ~(IN6P_HIGHPORT); 1354 in6p->in6p_flags |= IN6P_LOWPORT; 1355 break; 1356 1357 default: 1358 error = EINVAL; 1359 break; 1360 } 1361 break; 1362 1363 #ifdef IPSEC 1364 case IPV6_IPSEC_POLICY: 1365 { 1366 caddr_t req = NULL; 1367 size_t len = 0; 1368 1369 int priv = 0; 1370 if (p == 0 || suser(p->p_ucred, &p->p_acflag)) 1371 priv = 0; 1372 else 1373 priv = 1; 1374 if (m) { 1375 req = mtod(m, caddr_t); 1376 len = m->m_len; 1377 } 1378 error = ipsec6_set_policy(in6p, 1379 optname, req, len, priv); 1380 } 1381 break; 1382 #endif /* IPSEC */ 1383 1384 default: 1385 error = ENOPROTOOPT; 1386 break; 1387 } 1388 if (m) 1389 (void)m_free(m); 1390 break; 1391 1392 case PRCO_GETOPT: 1393 switch (optname) { 1394 1395 case IPV6_OPTIONS: 1396 case IPV6_RETOPTS: 1397 #if 0 1398 *mp = m = m_get(M_WAIT, MT_SOOPTS); 1399 if (in6p->in6p_options) { 1400 m->m_len = in6p->in6p_options->m_len; 1401 bcopy(mtod(in6p->in6p_options, caddr_t), 1402 mtod(m, caddr_t), 1403 (unsigned)m->m_len); 1404 } else 1405 m->m_len = 0; 1406 break; 1407 #else 1408 error = ENOPROTOOPT; 1409 break; 1410 #endif 1411 1412 case IPV6_PKTOPTIONS: 1413 if (in6p->in6p_options) { 1414 *mp = m_copym(in6p->in6p_options, 0, 1415 M_COPYALL, M_WAIT); 1416 } else { 1417 *mp = m_get(M_WAIT, MT_SOOPTS); 1418 (*mp)->m_len = 0; 1419 } 1420 break; 1421 1422 case IPV6_HOPOPTS: 1423 case IPV6_DSTOPTS: 1424 if (p == 0 || suser(p->p_ucred, &p->p_acflag)) { 1425 error = EPERM; 1426 break; 1427 } 1428 /* fall through */ 1429 case IPV6_UNICAST_HOPS: 1430 case IPV6_RECVOPTS: 1431 case IPV6_RECVRETOPTS: 1432 case IPV6_RECVDSTADDR: 1433 case IPV6_PORTRANGE: 1434 case IPV6_PKTINFO: 1435 case IPV6_HOPLIMIT: 1436 case IPV6_RTHDR: 1437 case IPV6_FAITH: 1438 case IPV6_V6ONLY: 1439 *mp = m = m_get(M_WAIT, MT_SOOPTS); 1440 m->m_len = sizeof(int); 1441 switch (optname) { 1442 1443 case IPV6_UNICAST_HOPS: 1444 optval = in6p->in6p_hops; 1445 break; 1446 1447 #define OPTBIT(bit) (in6p->in6p_flags & bit ? 1 : 0) 1448 1449 case IPV6_RECVOPTS: 1450 optval = OPTBIT(IN6P_RECVOPTS); 1451 break; 1452 1453 case IPV6_RECVRETOPTS: 1454 optval = OPTBIT(IN6P_RECVRETOPTS); 1455 break; 1456 1457 case IPV6_RECVDSTADDR: 1458 optval = OPTBIT(IN6P_RECVDSTADDR); 1459 break; 1460 1461 case IPV6_PORTRANGE: 1462 { 1463 int flags; 1464 flags = in6p->in6p_flags; 1465 if (flags & IN6P_HIGHPORT) 1466 optval = IPV6_PORTRANGE_HIGH; 1467 else if (flags & IN6P_LOWPORT) 1468 optval = IPV6_PORTRANGE_LOW; 1469 else 1470 optval = 0; 1471 break; 1472 } 1473 1474 case IPV6_PKTINFO: 1475 optval = OPTBIT(IN6P_PKTINFO); 1476 break; 1477 1478 case IPV6_HOPLIMIT: 1479 optval = OPTBIT(IN6P_HOPLIMIT); 1480 break; 1481 1482 case IPV6_HOPOPTS: 1483 optval = OPTBIT(IN6P_HOPOPTS); 1484 break; 1485 1486 case IPV6_DSTOPTS: 1487 optval = OPTBIT(IN6P_DSTOPTS); 1488 break; 1489 1490 case IPV6_RTHDR: 1491 optval = OPTBIT(IN6P_RTHDR); 1492 break; 1493 1494 case IPV6_FAITH: 1495 optval = OPTBIT(IN6P_FAITH); 1496 break; 1497 1498 case IPV6_V6ONLY: 1499 optval = OPTBIT(IN6P_IPV6_V6ONLY); 1500 break; 1501 } 1502 *mtod(m, int *) = optval; 1503 break; 1504 1505 case IPV6_MULTICAST_IF: 1506 case IPV6_MULTICAST_HOPS: 1507 case IPV6_MULTICAST_LOOP: 1508 case IPV6_JOIN_GROUP: 1509 case IPV6_LEAVE_GROUP: 1510 error = ip6_getmoptions(optname, in6p->in6p_moptions, mp); 1511 break; 1512 1513 #ifdef IPSEC 1514 case IPV6_IPSEC_POLICY: 1515 { 1516 caddr_t req = NULL; 1517 size_t len = 0; 1518 1519 if (m) { 1520 req = mtod(m, caddr_t); 1521 len = m->m_len; 1522 } 1523 error = ipsec6_get_policy(in6p, req, len, mp); 1524 break; 1525 } 1526 #endif /* IPSEC */ 1527 1528 default: 1529 error = ENOPROTOOPT; 1530 break; 1531 } 1532 break; 1533 } 1534 } else { 1535 error = EINVAL; 1536 if (op == PRCO_SETOPT && *mp) 1537 (void)m_free(*mp); 1538 } 1539 return(error); 1540 } 1541 1542 /* 1543 * Set up IP6 options in pcb for insertion in output packets. 1544 * Store in mbuf with pointer in pcbopt, adding pseudo-option 1545 * with destination address if source routed. 1546 */ 1547 static int 1548 ip6_pcbopts(pktopt, m, so) 1549 struct ip6_pktopts **pktopt; 1550 struct mbuf *m; 1551 struct socket *so; 1552 { 1553 struct ip6_pktopts *opt = *pktopt; 1554 int error = 0; 1555 struct proc *p = (curproc ? curproc->l_proc : 0); /* XXX */ 1556 int priv = 0; 1557 1558 /* turn off any old options. */ 1559 if (opt) { 1560 if (opt->ip6po_m) 1561 (void)m_free(opt->ip6po_m); 1562 } else 1563 opt = malloc(sizeof(*opt), M_IP6OPT, M_WAITOK); 1564 *pktopt = 0; 1565 1566 if (!m || m->m_len == 0) { 1567 /* 1568 * Only turning off any previous options. 1569 */ 1570 if (opt) 1571 free(opt, M_IP6OPT); 1572 if (m) 1573 (void)m_free(m); 1574 return(0); 1575 } 1576 1577 /* set options specified by user. */ 1578 if (p && !suser(p->p_ucred, &p->p_acflag)) 1579 priv = 1; 1580 if ((error = ip6_setpktoptions(m, opt, priv)) != 0) { 1581 (void)m_free(m); 1582 return(error); 1583 } 1584 *pktopt = opt; 1585 return(0); 1586 } 1587 1588 /* 1589 * Set the IP6 multicast options in response to user setsockopt(). 1590 */ 1591 static int 1592 ip6_setmoptions(optname, im6op, m) 1593 int optname; 1594 struct ip6_moptions **im6op; 1595 struct mbuf *m; 1596 { 1597 int error = 0; 1598 u_int loop, ifindex; 1599 struct ipv6_mreq *mreq; 1600 struct ifnet *ifp; 1601 struct ip6_moptions *im6o = *im6op; 1602 struct route_in6 ro; 1603 struct sockaddr_in6 *dst; 1604 struct in6_multi_mship *imm; 1605 struct proc *p = curproc->l_proc; /* XXX */ 1606 1607 if (im6o == NULL) { 1608 /* 1609 * No multicast option buffer attached to the pcb; 1610 * allocate one and initialize to default values. 1611 */ 1612 im6o = (struct ip6_moptions *) 1613 malloc(sizeof(*im6o), M_IPMOPTS, M_WAITOK); 1614 1615 if (im6o == NULL) 1616 return(ENOBUFS); 1617 *im6op = im6o; 1618 im6o->im6o_multicast_ifp = NULL; 1619 im6o->im6o_multicast_hlim = ip6_defmcasthlim; 1620 im6o->im6o_multicast_loop = IPV6_DEFAULT_MULTICAST_LOOP; 1621 LIST_INIT(&im6o->im6o_memberships); 1622 } 1623 1624 switch (optname) { 1625 1626 case IPV6_MULTICAST_IF: 1627 /* 1628 * Select the interface for outgoing multicast packets. 1629 */ 1630 if (m == NULL || m->m_len != sizeof(u_int)) { 1631 error = EINVAL; 1632 break; 1633 } 1634 bcopy(mtod(m, u_int *), &ifindex, sizeof(ifindex)); 1635 if (ifindex < 0 || if_index < ifindex) { 1636 error = ENXIO; /* XXX EINVAL? */ 1637 break; 1638 } 1639 ifp = ifindex2ifnet[ifindex]; 1640 if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0) { 1641 error = EADDRNOTAVAIL; 1642 break; 1643 } 1644 im6o->im6o_multicast_ifp = ifp; 1645 break; 1646 1647 case IPV6_MULTICAST_HOPS: 1648 { 1649 /* 1650 * Set the IP6 hoplimit for outgoing multicast packets. 1651 */ 1652 int optval; 1653 if (m == NULL || m->m_len != sizeof(int)) { 1654 error = EINVAL; 1655 break; 1656 } 1657 bcopy(mtod(m, u_int *), &optval, sizeof(optval)); 1658 if (optval < -1 || optval >= 256) 1659 error = EINVAL; 1660 else if (optval == -1) 1661 im6o->im6o_multicast_hlim = ip6_defmcasthlim; 1662 else 1663 im6o->im6o_multicast_hlim = optval; 1664 break; 1665 } 1666 1667 case IPV6_MULTICAST_LOOP: 1668 /* 1669 * Set the loopback flag for outgoing multicast packets. 1670 * Must be zero or one. 1671 */ 1672 if (m == NULL || m->m_len != sizeof(u_int)) { 1673 error = EINVAL; 1674 break; 1675 } 1676 bcopy(mtod(m, u_int *), &loop, sizeof(loop)); 1677 if (loop > 1) { 1678 error = EINVAL; 1679 break; 1680 } 1681 im6o->im6o_multicast_loop = loop; 1682 break; 1683 1684 case IPV6_JOIN_GROUP: 1685 /* 1686 * Add a multicast group membership. 1687 * Group must be a valid IP6 multicast address. 1688 */ 1689 if (m == NULL || m->m_len != sizeof(struct ipv6_mreq)) { 1690 error = EINVAL; 1691 break; 1692 } 1693 mreq = mtod(m, struct ipv6_mreq *); 1694 if (IN6_IS_ADDR_UNSPECIFIED(&mreq->ipv6mr_multiaddr)) { 1695 /* 1696 * We use the unspecified address to specify to accept 1697 * all multicast addresses. Only super user is allowed 1698 * to do this. 1699 */ 1700 if (suser(p->p_ucred, &p->p_acflag)) 1701 { 1702 error = EACCES; 1703 break; 1704 } 1705 } else if (!IN6_IS_ADDR_MULTICAST(&mreq->ipv6mr_multiaddr)) { 1706 error = EINVAL; 1707 break; 1708 } 1709 1710 /* 1711 * If the interface is specified, validate it. 1712 */ 1713 if (mreq->ipv6mr_interface < 0 1714 || if_index < mreq->ipv6mr_interface) { 1715 error = ENXIO; /* XXX EINVAL? */ 1716 break; 1717 } 1718 /* 1719 * If no interface was explicitly specified, choose an 1720 * appropriate one according to the given multicast address. 1721 */ 1722 if (mreq->ipv6mr_interface == 0) { 1723 /* 1724 * If the multicast address is in node-local scope, 1725 * the interface should be a loopback interface. 1726 * Otherwise, look up the routing table for the 1727 * address, and choose the outgoing interface. 1728 * XXX: is it a good approach? 1729 */ 1730 if (IN6_IS_ADDR_MC_NODELOCAL(&mreq->ipv6mr_multiaddr)) { 1731 ifp = &loif[0]; 1732 } else { 1733 ro.ro_rt = NULL; 1734 dst = (struct sockaddr_in6 *)&ro.ro_dst; 1735 bzero(dst, sizeof(*dst)); 1736 dst->sin6_len = sizeof(struct sockaddr_in6); 1737 dst->sin6_family = AF_INET6; 1738 dst->sin6_addr = mreq->ipv6mr_multiaddr; 1739 rtalloc((struct route *)&ro); 1740 if (ro.ro_rt == NULL) { 1741 error = EADDRNOTAVAIL; 1742 break; 1743 } 1744 ifp = ro.ro_rt->rt_ifp; 1745 rtfree(ro.ro_rt); 1746 } 1747 } else 1748 ifp = ifindex2ifnet[mreq->ipv6mr_interface]; 1749 1750 /* 1751 * See if we found an interface, and confirm that it 1752 * supports multicast 1753 */ 1754 if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0) { 1755 error = EADDRNOTAVAIL; 1756 break; 1757 } 1758 /* 1759 * Put interface index into the multicast address, 1760 * if the address has link-local scope. 1761 */ 1762 if (IN6_IS_ADDR_MC_LINKLOCAL(&mreq->ipv6mr_multiaddr)) { 1763 mreq->ipv6mr_multiaddr.s6_addr16[1] 1764 = htons(mreq->ipv6mr_interface); 1765 } 1766 /* 1767 * See if the membership already exists. 1768 */ 1769 for (imm = im6o->im6o_memberships.lh_first; 1770 imm != NULL; imm = imm->i6mm_chain.le_next) 1771 if (imm->i6mm_maddr->in6m_ifp == ifp && 1772 IN6_ARE_ADDR_EQUAL(&imm->i6mm_maddr->in6m_addr, 1773 &mreq->ipv6mr_multiaddr)) 1774 break; 1775 if (imm != NULL) { 1776 error = EADDRINUSE; 1777 break; 1778 } 1779 /* 1780 * Everything looks good; add a new record to the multicast 1781 * address list for the given interface. 1782 */ 1783 imm = malloc(sizeof(*imm), M_IPMADDR, M_WAITOK); 1784 if (imm == NULL) { 1785 error = ENOBUFS; 1786 break; 1787 } 1788 if ((imm->i6mm_maddr = 1789 in6_addmulti(&mreq->ipv6mr_multiaddr, ifp, &error)) == NULL) { 1790 free(imm, M_IPMADDR); 1791 break; 1792 } 1793 LIST_INSERT_HEAD(&im6o->im6o_memberships, imm, i6mm_chain); 1794 break; 1795 1796 case IPV6_LEAVE_GROUP: 1797 /* 1798 * Drop a multicast group membership. 1799 * Group must be a valid IP6 multicast address. 1800 */ 1801 if (m == NULL || m->m_len != sizeof(struct ipv6_mreq)) { 1802 error = EINVAL; 1803 break; 1804 } 1805 mreq = mtod(m, struct ipv6_mreq *); 1806 if (IN6_IS_ADDR_UNSPECIFIED(&mreq->ipv6mr_multiaddr)) { 1807 if (suser(p->p_ucred, &p->p_acflag)) 1808 { 1809 error = EACCES; 1810 break; 1811 } 1812 } else if (!IN6_IS_ADDR_MULTICAST(&mreq->ipv6mr_multiaddr)) { 1813 error = EINVAL; 1814 break; 1815 } 1816 /* 1817 * If an interface address was specified, get a pointer 1818 * to its ifnet structure. 1819 */ 1820 if (mreq->ipv6mr_interface < 0 1821 || if_index < mreq->ipv6mr_interface) { 1822 error = ENXIO; /* XXX EINVAL? */ 1823 break; 1824 } 1825 ifp = ifindex2ifnet[mreq->ipv6mr_interface]; 1826 /* 1827 * Put interface index into the multicast address, 1828 * if the address has link-local scope. 1829 */ 1830 if (IN6_IS_ADDR_MC_LINKLOCAL(&mreq->ipv6mr_multiaddr)) { 1831 mreq->ipv6mr_multiaddr.s6_addr16[1] 1832 = htons(mreq->ipv6mr_interface); 1833 } 1834 /* 1835 * Find the membership in the membership list. 1836 */ 1837 for (imm = im6o->im6o_memberships.lh_first; 1838 imm != NULL; imm = imm->i6mm_chain.le_next) { 1839 if ((ifp == NULL || 1840 imm->i6mm_maddr->in6m_ifp == ifp) && 1841 IN6_ARE_ADDR_EQUAL(&imm->i6mm_maddr->in6m_addr, 1842 &mreq->ipv6mr_multiaddr)) 1843 break; 1844 } 1845 if (imm == NULL) { 1846 /* Unable to resolve interface */ 1847 error = EADDRNOTAVAIL; 1848 break; 1849 } 1850 /* 1851 * Give up the multicast address record to which the 1852 * membership points. 1853 */ 1854 LIST_REMOVE(imm, i6mm_chain); 1855 in6_delmulti(imm->i6mm_maddr); 1856 free(imm, M_IPMADDR); 1857 break; 1858 1859 default: 1860 error = EOPNOTSUPP; 1861 break; 1862 } 1863 1864 /* 1865 * If all options have default values, no need to keep the mbuf. 1866 */ 1867 if (im6o->im6o_multicast_ifp == NULL && 1868 im6o->im6o_multicast_hlim == ip6_defmcasthlim && 1869 im6o->im6o_multicast_loop == IPV6_DEFAULT_MULTICAST_LOOP && 1870 im6o->im6o_memberships.lh_first == NULL) { 1871 free(*im6op, M_IPMOPTS); 1872 *im6op = NULL; 1873 } 1874 1875 return(error); 1876 } 1877 1878 /* 1879 * Return the IP6 multicast options in response to user getsockopt(). 1880 */ 1881 static int 1882 ip6_getmoptions(optname, im6o, mp) 1883 int optname; 1884 struct ip6_moptions *im6o; 1885 struct mbuf **mp; 1886 { 1887 u_int *hlim, *loop, *ifindex; 1888 1889 *mp = m_get(M_WAIT, MT_SOOPTS); 1890 1891 switch (optname) { 1892 1893 case IPV6_MULTICAST_IF: 1894 ifindex = mtod(*mp, u_int *); 1895 (*mp)->m_len = sizeof(u_int); 1896 if (im6o == NULL || im6o->im6o_multicast_ifp == NULL) 1897 *ifindex = 0; 1898 else 1899 *ifindex = im6o->im6o_multicast_ifp->if_index; 1900 return(0); 1901 1902 case IPV6_MULTICAST_HOPS: 1903 hlim = mtod(*mp, u_int *); 1904 (*mp)->m_len = sizeof(u_int); 1905 if (im6o == NULL) 1906 *hlim = ip6_defmcasthlim; 1907 else 1908 *hlim = im6o->im6o_multicast_hlim; 1909 return(0); 1910 1911 case IPV6_MULTICAST_LOOP: 1912 loop = mtod(*mp, u_int *); 1913 (*mp)->m_len = sizeof(u_int); 1914 if (im6o == NULL) 1915 *loop = ip6_defmcasthlim; 1916 else 1917 *loop = im6o->im6o_multicast_loop; 1918 return(0); 1919 1920 default: 1921 return(EOPNOTSUPP); 1922 } 1923 } 1924 1925 /* 1926 * Discard the IP6 multicast options. 1927 */ 1928 void 1929 ip6_freemoptions(im6o) 1930 struct ip6_moptions *im6o; 1931 { 1932 struct in6_multi_mship *imm; 1933 1934 if (im6o == NULL) 1935 return; 1936 1937 while ((imm = im6o->im6o_memberships.lh_first) != NULL) { 1938 LIST_REMOVE(imm, i6mm_chain); 1939 if (imm->i6mm_maddr) 1940 in6_delmulti(imm->i6mm_maddr); 1941 free(imm, M_IPMADDR); 1942 } 1943 free(im6o, M_IPMOPTS); 1944 } 1945 1946 /* 1947 * Set IPv6 outgoing packet options based on advanced API. 1948 */ 1949 int 1950 ip6_setpktoptions(control, opt, priv) 1951 struct mbuf *control; 1952 struct ip6_pktopts *opt; 1953 int priv; 1954 { 1955 struct cmsghdr *cm = 0; 1956 1957 if (control == 0 || opt == 0) 1958 return(EINVAL); 1959 1960 bzero(opt, sizeof(*opt)); 1961 opt->ip6po_hlim = -1; /* -1 means to use default hop limit */ 1962 1963 /* 1964 * XXX: Currently, we assume all the optional information is stored 1965 * in a single mbuf. 1966 */ 1967 if (control->m_next) 1968 return(EINVAL); 1969 1970 opt->ip6po_m = control; 1971 1972 for (; control->m_len; control->m_data += CMSG_ALIGN(cm->cmsg_len), 1973 control->m_len -= CMSG_ALIGN(cm->cmsg_len)) { 1974 cm = mtod(control, struct cmsghdr *); 1975 if (cm->cmsg_len == 0 || cm->cmsg_len > control->m_len) 1976 return(EINVAL); 1977 if (cm->cmsg_level != IPPROTO_IPV6) 1978 continue; 1979 1980 switch (cm->cmsg_type) { 1981 case IPV6_PKTINFO: 1982 if (cm->cmsg_len != CMSG_LEN(sizeof(struct in6_pktinfo))) 1983 return(EINVAL); 1984 opt->ip6po_pktinfo = (struct in6_pktinfo *)CMSG_DATA(cm); 1985 if (opt->ip6po_pktinfo->ipi6_ifindex && 1986 IN6_IS_ADDR_LINKLOCAL(&opt->ip6po_pktinfo->ipi6_addr)) 1987 opt->ip6po_pktinfo->ipi6_addr.s6_addr16[1] = 1988 htons(opt->ip6po_pktinfo->ipi6_ifindex); 1989 1990 if (opt->ip6po_pktinfo->ipi6_ifindex > if_index 1991 || opt->ip6po_pktinfo->ipi6_ifindex < 0) { 1992 return(ENXIO); 1993 } 1994 1995 /* 1996 * Check if the requested source address is indeed a 1997 * unicast address assigned to the node, and can be 1998 * used as the packet's source address. 1999 */ 2000 if (!IN6_IS_ADDR_UNSPECIFIED(&opt->ip6po_pktinfo->ipi6_addr)) { 2001 struct ifaddr *ia; 2002 struct in6_ifaddr *ia6; 2003 struct sockaddr_in6 sin6; 2004 2005 bzero(&sin6, sizeof(sin6)); 2006 sin6.sin6_len = sizeof(sin6); 2007 sin6.sin6_family = AF_INET6; 2008 sin6.sin6_addr = 2009 opt->ip6po_pktinfo->ipi6_addr; 2010 ia = ifa_ifwithaddr(sin6tosa(&sin6)); 2011 if (ia == NULL || 2012 (opt->ip6po_pktinfo->ipi6_ifindex && 2013 (ia->ifa_ifp->if_index != 2014 opt->ip6po_pktinfo->ipi6_ifindex))) { 2015 return(EADDRNOTAVAIL); 2016 } 2017 ia6 = (struct in6_ifaddr *)ia; 2018 if ((ia6->ia6_flags & (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY)) != 0) { 2019 return(EADDRNOTAVAIL); 2020 } 2021 2022 /* 2023 * Check if the requested source address is 2024 * indeed a unicast address assigned to the 2025 * node. 2026 */ 2027 if (IN6_IS_ADDR_MULTICAST(&opt->ip6po_pktinfo->ipi6_addr)) 2028 return(EADDRNOTAVAIL); 2029 } 2030 break; 2031 2032 case IPV6_HOPLIMIT: 2033 if (cm->cmsg_len != CMSG_LEN(sizeof(int))) 2034 return(EINVAL); 2035 2036 bcopy(CMSG_DATA(cm), &opt->ip6po_hlim, 2037 sizeof(opt->ip6po_hlim)); 2038 if (opt->ip6po_hlim < -1 || opt->ip6po_hlim > 255) 2039 return(EINVAL); 2040 break; 2041 2042 case IPV6_NEXTHOP: 2043 if (!priv) 2044 return(EPERM); 2045 2046 if (cm->cmsg_len < sizeof(u_char) || 2047 /* check if cmsg_len is large enough for sa_len */ 2048 cm->cmsg_len < CMSG_LEN(*CMSG_DATA(cm))) 2049 return(EINVAL); 2050 2051 opt->ip6po_nexthop = (struct sockaddr *)CMSG_DATA(cm); 2052 2053 break; 2054 2055 case IPV6_HOPOPTS: 2056 if (cm->cmsg_len < CMSG_LEN(sizeof(struct ip6_hbh))) 2057 return(EINVAL); 2058 opt->ip6po_hbh = (struct ip6_hbh *)CMSG_DATA(cm); 2059 if (cm->cmsg_len != 2060 CMSG_LEN((opt->ip6po_hbh->ip6h_len + 1) << 3)) 2061 return(EINVAL); 2062 break; 2063 2064 case IPV6_DSTOPTS: 2065 if (cm->cmsg_len < CMSG_LEN(sizeof(struct ip6_dest))) 2066 return(EINVAL); 2067 2068 /* 2069 * If there is no routing header yet, the destination 2070 * options header should be put on the 1st part. 2071 * Otherwise, the header should be on the 2nd part. 2072 * (See RFC 2460, section 4.1) 2073 */ 2074 if (opt->ip6po_rthdr == NULL) { 2075 opt->ip6po_dest1 = 2076 (struct ip6_dest *)CMSG_DATA(cm); 2077 if (cm->cmsg_len != 2078 CMSG_LEN((opt->ip6po_dest1->ip6d_len + 1) 2079 << 3)) 2080 return(EINVAL); 2081 } 2082 else { 2083 opt->ip6po_dest2 = 2084 (struct ip6_dest *)CMSG_DATA(cm); 2085 if (cm->cmsg_len != 2086 CMSG_LEN((opt->ip6po_dest2->ip6d_len + 1) 2087 << 3)) 2088 return(EINVAL); 2089 } 2090 break; 2091 2092 case IPV6_RTHDR: 2093 if (cm->cmsg_len < CMSG_LEN(sizeof(struct ip6_rthdr))) 2094 return(EINVAL); 2095 opt->ip6po_rthdr = (struct ip6_rthdr *)CMSG_DATA(cm); 2096 if (cm->cmsg_len != 2097 CMSG_LEN((opt->ip6po_rthdr->ip6r_len + 1) << 3)) 2098 return(EINVAL); 2099 switch (opt->ip6po_rthdr->ip6r_type) { 2100 case IPV6_RTHDR_TYPE_0: 2101 if (opt->ip6po_rthdr->ip6r_segleft == 0) 2102 return(EINVAL); 2103 break; 2104 default: 2105 return(EINVAL); 2106 } 2107 break; 2108 2109 default: 2110 return(ENOPROTOOPT); 2111 } 2112 } 2113 2114 return(0); 2115 } 2116 2117 /* 2118 * Routine called from ip6_output() to loop back a copy of an IP6 multicast 2119 * packet to the input queue of a specified interface. Note that this 2120 * calls the output routine of the loopback "driver", but with an interface 2121 * pointer that might NOT be &loif -- easier than replicating that code here. 2122 */ 2123 void 2124 ip6_mloopback(ifp, m, dst) 2125 struct ifnet *ifp; 2126 struct mbuf *m; 2127 struct sockaddr_in6 *dst; 2128 { 2129 struct mbuf *copym; 2130 struct ip6_hdr *ip6; 2131 2132 copym = m_copy(m, 0, M_COPYALL); 2133 if (copym == NULL) 2134 return; 2135 2136 /* 2137 * Make sure to deep-copy IPv6 header portion in case the data 2138 * is in an mbuf cluster, so that we can safely override the IPv6 2139 * header portion later. 2140 */ 2141 if ((copym->m_flags & M_EXT) != 0 || 2142 copym->m_len < sizeof(struct ip6_hdr)) { 2143 copym = m_pullup(copym, sizeof(struct ip6_hdr)); 2144 if (copym == NULL) 2145 return; 2146 } 2147 2148 #ifdef DIAGNOSTIC 2149 if (copym->m_len < sizeof(*ip6)) { 2150 m_freem(copym); 2151 return; 2152 } 2153 #endif 2154 2155 ip6 = mtod(copym, struct ip6_hdr *); 2156 if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_src)) 2157 ip6->ip6_src.s6_addr16[1] = 0; 2158 if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_dst)) 2159 ip6->ip6_dst.s6_addr16[1] = 0; 2160 2161 (void)looutput(ifp, copym, (struct sockaddr *)dst, NULL); 2162 } 2163 2164 /* 2165 * Chop IPv6 header off from the payload. 2166 */ 2167 static int 2168 ip6_splithdr(m, exthdrs) 2169 struct mbuf *m; 2170 struct ip6_exthdrs *exthdrs; 2171 { 2172 struct mbuf *mh; 2173 struct ip6_hdr *ip6; 2174 2175 ip6 = mtod(m, struct ip6_hdr *); 2176 if (m->m_len > sizeof(*ip6)) { 2177 MGETHDR(mh, M_DONTWAIT, MT_HEADER); 2178 if (mh == 0) { 2179 m_freem(m); 2180 return ENOBUFS; 2181 } 2182 M_COPY_PKTHDR(mh, m); 2183 MH_ALIGN(mh, sizeof(*ip6)); 2184 m->m_flags &= ~M_PKTHDR; 2185 m->m_len -= sizeof(*ip6); 2186 m->m_data += sizeof(*ip6); 2187 mh->m_next = m; 2188 m = mh; 2189 m->m_len = sizeof(*ip6); 2190 bcopy((caddr_t)ip6, mtod(m, caddr_t), sizeof(*ip6)); 2191 } 2192 exthdrs->ip6e_ip6 = m; 2193 return 0; 2194 } 2195 2196 /* 2197 * Compute IPv6 extension header length. 2198 */ 2199 int 2200 ip6_optlen(in6p) 2201 struct in6pcb *in6p; 2202 { 2203 int len; 2204 2205 if (!in6p->in6p_outputopts) 2206 return 0; 2207 2208 len = 0; 2209 #define elen(x) \ 2210 (((struct ip6_ext *)(x)) ? (((struct ip6_ext *)(x))->ip6e_len + 1) << 3 : 0) 2211 2212 len += elen(in6p->in6p_outputopts->ip6po_hbh); 2213 len += elen(in6p->in6p_outputopts->ip6po_dest1); 2214 len += elen(in6p->in6p_outputopts->ip6po_rthdr); 2215 len += elen(in6p->in6p_outputopts->ip6po_dest2); 2216 return len; 2217 #undef elen 2218 } 2219
Indexes created Tue Sep 30 20:09:53 GMT 2025