raw_ip6.c revision 1.11
1 /* $NetBSD: raw_ip6.c,v 1.11 1999/09/13 12:15:56 itojun Exp $ */ 2 3 /* 4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the project nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 /* 33 * Copyright (c) 1982, 1986, 1988, 1993 34 * The Regents of the University of California. All rights reserved. 35 * 36 * Redistribution and use in source and binary forms, with or without 37 * modification, are permitted provided that the following conditions 38 * are met: 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 3. All advertising materials mentioning features or use of this software 45 * must display the following acknowledgement: 46 * This product includes software developed by the University of 47 * California, Berkeley and its contributors. 48 * 4. Neither the name of the University nor the names of its contributors 49 * may be used to endorse or promote products derived from this software 50 * without specific prior written permission. 51 * 52 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 53 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 54 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 55 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 56 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 57 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 58 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 59 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 60 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 61 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 62 * SUCH DAMAGE. 63 * 64 * @(#)raw_ip.c 8.2 (Berkeley) 1/4/94 65 */ 66 67 #ifdef __NetBSD__ /*XXX*/ 68 #include "opt_ipsec.h" 69 #endif 70 71 #include <sys/param.h> 72 #include <sys/malloc.h> 73 #include <sys/mbuf.h> 74 #include <sys/socket.h> 75 #include <sys/protosw.h> 76 #include <sys/socketvar.h> 77 #include <sys/errno.h> 78 #include <sys/systm.h> 79 #ifdef __NetBSD__ 80 #include <sys/proc.h> 81 #endif 82 83 #include <net/if.h> 84 #include <net/route.h> 85 #include <net/if_types.h> 86 87 #include <netinet/in.h> 88 #include <netinet/in_var.h> 89 #include <netinet6/ip6.h> 90 #include <netinet6/ip6_var.h> 91 #include <netinet6/ip6_mroute.h> 92 #include <netinet6/icmp6.h> 93 #include <netinet6/in6_pcb.h> 94 #include <netinet6/nd6.h> 95 96 #ifdef IPSEC 97 #include <netinet6/ipsec.h> 98 #endif /*IPSEC*/ 99 100 #include <machine/stdarg.h> 101 102 #include "faith.h" 103 104 struct in6pcb rawin6pcb; 105 #define ifatoia6(ifa) ((struct in6_ifaddr *)(ifa)) 106 107 /* 108 * Raw interface to IP6 protocol. 109 */ 110 111 /* 112 * Initialize raw connection block queue. 113 */ 114 void 115 rip6_init() 116 { 117 rawin6pcb.in6p_next = rawin6pcb.in6p_prev = &rawin6pcb; 118 } 119 120 /* 121 * Setup generic address and protocol structures 122 * for raw_input routine, then pass them along with 123 * mbuf chain. 124 */ 125 int 126 rip6_input(mp, offp, proto) 127 struct mbuf **mp; 128 int *offp, proto; 129 { 130 struct mbuf *m = *mp; 131 register struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); 132 register struct in6pcb *in6p; 133 struct in6pcb *last = NULL; 134 struct sockaddr_in6 rip6src; 135 struct mbuf *opts = NULL; 136 137 #if defined(NFAITH) && 0 < NFAITH 138 if (m->m_pkthdr.rcvif) { 139 if (m->m_pkthdr.rcvif->if_type == IFT_FAITH) { 140 /* send icmp6 host unreach? */ 141 m_freem(m); 142 return IPPROTO_DONE; 143 } 144 } 145 #endif 146 bzero(&rip6src, sizeof(rip6src)); 147 rip6src.sin6_len = sizeof(struct sockaddr_in6); 148 rip6src.sin6_family = AF_INET6; 149 rip6src.sin6_addr = ip6->ip6_src; 150 if (IN6_IS_SCOPE_LINKLOCAL(&rip6src.sin6_addr)) 151 rip6src.sin6_addr.s6_addr16[1] = 0; 152 if (m->m_pkthdr.rcvif) { 153 if (IN6_IS_SCOPE_LINKLOCAL(&rip6src.sin6_addr)) 154 rip6src.sin6_scope_id = m->m_pkthdr.rcvif->if_index; 155 else 156 rip6src.sin6_scope_id = 0; 157 } else 158 rip6src.sin6_scope_id = 0; 159 160 for (in6p = rawin6pcb.in6p_next; 161 in6p != &rawin6pcb; in6p = in6p->in6p_next) { 162 if (in6p->in6p_ip6.ip6_nxt && 163 in6p->in6p_ip6.ip6_nxt != proto) 164 continue; 165 if (!IN6_IS_ADDR_ANY(&in6p->in6p_laddr) && 166 !IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &ip6->ip6_dst)) 167 continue; 168 if (!IN6_IS_ADDR_ANY(&in6p->in6p_faddr) && 169 !IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, &ip6->ip6_src)) 170 continue; 171 if (in6p->in6p_cksum != -1 172 && in6_cksum(m, ip6->ip6_nxt, *offp, m->m_pkthdr.len - *offp)) 173 { 174 /* XXX bark something */ 175 continue; 176 } 177 if (last) { 178 struct mbuf *n; 179 if ((n = m_copy(m, 0, (int)M_COPYALL)) != NULL) { 180 if (last->in6p_flags & IN6P_CONTROLOPTS) 181 ip6_savecontrol(last, &opts, ip6, n); 182 /* strip intermediate headers */ 183 m_adj(n, *offp); 184 if (sbappendaddr(&last->in6p_socket->so_rcv, 185 (struct sockaddr *)&rip6src, 186 n, opts) == 0) { 187 /* should notify about lost packet */ 188 m_freem(n); 189 if (opts) 190 m_freem(opts); 191 } else 192 sorwakeup(last->in6p_socket); 193 opts = NULL; 194 } 195 } 196 last = in6p; 197 } 198 if (last) { 199 if (last->in6p_flags & IN6P_CONTROLOPTS) 200 ip6_savecontrol(last, &opts, ip6, m); 201 /* strip intermediate headers */ 202 m_adj(m, *offp); 203 if (sbappendaddr(&last->in6p_socket->so_rcv, 204 (struct sockaddr *)&rip6src, m, opts) == 0) { 205 m_freem(m); 206 if (opts) 207 m_freem(opts); 208 } else 209 sorwakeup(last->in6p_socket); 210 } else { 211 if (proto == IPPROTO_NONE) 212 m_freem(m); 213 else { 214 char *prvnxtp = ip6_get_prevhdr(m, *offp); /* XXX */ 215 icmp6_error(m, ICMP6_PARAM_PROB, 216 ICMP6_PARAMPROB_NEXTHEADER, 217 prvnxtp - mtod(m, char *)); 218 } 219 ip6stat.ip6s_delivered--; 220 } 221 return IPPROTO_DONE; 222 } 223 224 /* 225 * Generate IPv6 header and pass packet to ip6_output. 226 * Tack on options user may have setup with control call. 227 */ 228 int 229 #if __STDC__ 230 rip6_output(struct mbuf *m, ...) 231 #else 232 rip6_output(m, va_alist) 233 struct mbuf *m; 234 va_dcl 235 #endif 236 { 237 struct socket *so; 238 struct sockaddr_in6 *dstsock; 239 struct mbuf *control; 240 struct in6_addr *dst; 241 struct ip6_hdr *ip6; 242 struct in6pcb *in6p; 243 u_int plen = m->m_pkthdr.len; 244 int error = 0; 245 struct ip6_pktopts opt, *optp = NULL; 246 struct ifnet *oifp = NULL; 247 int priv = 0; 248 va_list ap; 249 250 va_start(ap, m); 251 so = va_arg(ap, struct socket *); 252 dstsock = va_arg(ap, struct sockaddr_in6 *); 253 control = va_arg(ap, struct mbuf *); 254 va_end(ap); 255 256 in6p = sotoin6pcb(so); 257 258 { 259 struct proc *p = curproc; /* XXX */ 260 261 if (p && !suser(p->p_ucred, &p->p_acflag)) 262 priv = 1; 263 } 264 dst = &dstsock->sin6_addr; 265 if (control) { 266 if ((error = ip6_setpktoptions(control, &opt, priv)) != 0) 267 goto bad; 268 optp = &opt; 269 } else 270 optp = in6p->in6p_outputopts; 271 272 M_PREPEND(m, sizeof(*ip6), M_WAIT); 273 ip6 = mtod(m, struct ip6_hdr *); 274 275 /* 276 * Next header might not be ICMP6 but use its pseudo header anyway. 277 */ 278 ip6->ip6_dst = *dst; 279 280 /* 281 * If the scope of the destination is link-local, embed the interface 282 * index in the address. 283 * 284 * XXX advanced-api value overrides sin6_scope_id 285 */ 286 if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_dst)) { 287 struct in6_pktinfo *pi; 288 289 /* 290 * XXX Boundary check is assumed to be already done in 291 * in6_setpktoptions(). 292 */ 293 if (optp && (pi = optp->ip6po_pktinfo) && pi->ipi6_ifindex) { 294 ip6->ip6_dst.s6_addr16[1] = htons(pi->ipi6_ifindex); 295 oifp = ifindex2ifnet[pi->ipi6_ifindex]; 296 } 297 else if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) && 298 in6p->in6p_moptions && 299 in6p->in6p_moptions->im6o_multicast_ifp) { 300 ip6->ip6_dst.s6_addr16[1] = 301 htons(in6p->in6p_moptions->im6o_multicast_ifp->if_index); 302 oifp = ifindex2ifnet[in6p->in6p_moptions->im6o_multicast_ifp->if_index]; 303 } else if (dstsock->sin6_scope_id) { 304 /* boundary check */ 305 if (dstsock->sin6_scope_id < 0 306 || if_index < dstsock->sin6_scope_id) { 307 error = ENXIO; /* XXX EINVAL? */ 308 goto bad; 309 } 310 ip6->ip6_dst.s6_addr16[1] 311 = htons(dstsock->sin6_scope_id & 0xffff);/*XXX*/ 312 } 313 } 314 315 if (IN6_IS_ADDR_ANY(&in6p->in6p_laddr)) { 316 struct in6_addr *in6a; 317 318 if ((in6a = in6_selectsrc(dstsock, optp, 319 in6p->in6p_moptions, 320 &in6p->in6p_route, 321 &error)) == 0) { 322 if (error == 0) 323 error = EADDRNOTAVAIL; 324 goto bad; 325 } 326 ip6->ip6_src = *in6a; 327 if (in6p->in6p_route.ro_rt) 328 oifp = ifindex2ifnet[in6p->in6p_route.ro_rt->rt_ifp->if_index]; 329 } else 330 ip6->ip6_src = in6p->in6p_laddr; 331 332 ip6->ip6_flow = in6p->in6p_flowinfo & IPV6_FLOWINFO_MASK; 333 ip6->ip6_vfc = IPV6_VERSION; 334 #if 0 /* ip6_plen will be filled in ip6_output. */ 335 ip6->ip6_plen = htons((u_short)plen); 336 #endif 337 ip6->ip6_nxt = in6p->in6p_ip6.ip6_nxt; 338 if (oifp) 339 ip6->ip6_hlim = nd_ifinfo[oifp->if_index].chlim; 340 else 341 ip6->ip6_hlim = in6p->in6p_ip6.ip6_hlim; 342 343 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6 || 344 in6p->in6p_cksum != -1) { 345 struct mbuf *n; 346 int off; 347 u_int16_t *p; 348 349 #define offsetof(type, member) ((size_t)(&((type *)0)->member)) /* XXX */ 350 351 /* compute checksum */ 352 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) 353 off = offsetof(struct icmp6_hdr, icmp6_cksum); 354 else 355 off = in6p->in6p_cksum; 356 if (plen < off + 1) { 357 error = EINVAL; 358 goto bad; 359 } 360 off += sizeof(struct ip6_hdr); 361 362 n = m; 363 while (n && n->m_len <= off) { 364 off -= n->m_len; 365 n = n->m_next; 366 } 367 if (!n) 368 goto bad; 369 p = (u_int16_t *)(mtod(n, caddr_t) + off); 370 *p = 0; 371 *p = in6_cksum(m, ip6->ip6_nxt, sizeof(*ip6), plen); 372 } 373 374 #ifdef IPSEC 375 m->m_pkthdr.rcvif = (struct ifnet *)so; 376 #endif /*IPSEC*/ 377 378 error = ip6_output(m, optp, &in6p->in6p_route, 0, in6p->in6p_moptions); 379 goto freectl; 380 381 bad: 382 if (m) 383 m_freem(m); 384 385 freectl: 386 if (optp == &opt && optp->ip6po_rthdr && optp->ip6po_route.ro_rt) 387 RTFREE(optp->ip6po_route.ro_rt); 388 if (control) 389 m_freem(control); 390 return(error); 391 } 392 393 /* 394 * Raw IPv6 socket option processing. 395 */ 396 int 397 rip6_ctloutput(op, so, level, optname, m) 398 int op; 399 struct socket *so; 400 int level, optname; 401 struct mbuf **m; 402 { 403 int error = 0; 404 405 switch(level) { 406 case IPPROTO_IPV6: 407 switch(optname) { 408 case MRT6_INIT: 409 case MRT6_DONE: 410 case MRT6_ADD_MIF: 411 case MRT6_DEL_MIF: 412 case MRT6_ADD_MFC: 413 case MRT6_DEL_MFC: 414 case MRT6_PIM: 415 if (op == PRCO_SETOPT) { 416 error = ip6_mrouter_set(optname, so, *m); 417 if (*m) 418 (void)m_free(*m); 419 } else if (op == PRCO_GETOPT) { 420 error = ip6_mrouter_get(optname, so, m); 421 } else 422 error = EINVAL; 423 return (error); 424 } 425 return (ip6_ctloutput(op, so, level, optname, m)); 426 /* NOTREACHED */ 427 428 case IPPROTO_ICMPV6: 429 /* 430 * XXX: is it better to call icmp6_ctloutput() directly 431 * from protosw? 432 */ 433 return(icmp6_ctloutput(op, so, level, optname, m)); 434 435 default: 436 if (op == PRCO_SETOPT && *m) 437 (void)m_free(*m); 438 return(EINVAL); 439 } 440 } 441 442 extern u_long rip6_sendspace; 443 extern u_long rip6_recvspace; 444 445 int 446 rip6_usrreq(so, req, m, nam, control, p) 447 register struct socket *so; 448 int req; 449 struct mbuf *m, *nam, *control; 450 struct proc *p; 451 { 452 register struct in6pcb *in6p = sotoin6pcb(so); 453 int s; 454 int error = 0; 455 /* extern struct socket *ip6_mrouter; */ /* xxx */ 456 457 if (req == PRU_CONTROL) 458 return (in6_control(so, (u_long)m, (caddr_t)nam, 459 (struct ifnet *)control, p)); 460 461 switch (req) { 462 case PRU_ATTACH: 463 if (in6p) 464 panic("rip6_attach"); 465 if (p == 0 || suser(p->p_ucred, &p->p_acflag)) { 466 error = EACCES; 467 break; 468 } 469 s = splsoftnet(); 470 if ((error = soreserve(so, rip6_sendspace, rip6_recvspace)) || 471 (error = in6_pcballoc(so, &rawin6pcb))) { 472 splx(s); 473 break; 474 } 475 splx(s); 476 in6p = sotoin6pcb(so); 477 in6p->in6p_ip6.ip6_nxt = (long)nam; 478 in6p->in6p_ip6.ip6_hlim = ip6_defhlim; 479 in6p->in6p_cksum = -1; 480 #ifdef IPSEC 481 if ((error = ipsec_init_policy(&in6p->in6p_sp)) != 0) { 482 in6_pcbdetach(in6p); 483 break; 484 } 485 #endif /*IPSEC*/ 486 487 MALLOC(in6p->in6p_icmp6filt, struct icmp6_filter *, 488 sizeof(struct icmp6_filter), M_PCB, M_NOWAIT); 489 ICMP6_FILTER_SETPASSALL(in6p->in6p_icmp6filt); 490 break; 491 492 case PRU_DISCONNECT: 493 if ((so->so_state & SS_ISCONNECTED) == 0) { 494 error = ENOTCONN; 495 break; 496 } 497 in6p->in6p_faddr = in6addr_any; 498 so->so_state &= ~SS_ISCONNECTED; /* XXX */ 499 break; 500 501 case PRU_ABORT: 502 soisdisconnected(so); 503 /* Fallthrough */ 504 case PRU_DETACH: 505 if (in6p == 0) 506 panic("rip6_detach"); 507 if (so == ip6_mrouter) 508 ip6_mrouter_done(); 509 /* xxx: RSVP */ 510 if (in6p->in6p_icmp6filt) { 511 FREE(in6p->in6p_icmp6filt, M_PCB); 512 in6p->in6p_icmp6filt = NULL; 513 } 514 in6_pcbdetach(in6p); 515 break; 516 517 case PRU_BIND: 518 { 519 struct sockaddr_in6 *addr = mtod(nam, struct sockaddr_in6 *); 520 struct ifaddr *ia = NULL; 521 522 if (nam->m_len != sizeof(*addr)) { 523 error = EINVAL; 524 break; 525 } 526 if ((ifnet.tqh_first == 0) || 527 (addr->sin6_family != AF_INET6) || 528 (!IN6_IS_ADDR_ANY(&addr->sin6_addr) && 529 (ia = ifa_ifwithaddr((struct sockaddr *)addr)) == 0)) { 530 error = EADDRNOTAVAIL; 531 break; 532 } 533 if (ia && 534 ((struct in6_ifaddr *)ia)->ia6_flags & 535 (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY| 536 IN6_IFF_DETACHED|IN6_IFF_DEPRECATED)) { 537 error = EADDRNOTAVAIL; 538 break; 539 } 540 in6p->in6p_laddr = addr->sin6_addr; 541 break; 542 } 543 544 case PRU_CONNECT: 545 { 546 struct sockaddr_in6 *addr = mtod(nam, struct sockaddr_in6 *); 547 struct in6_addr *in6a = NULL; 548 549 if (nam->m_len != sizeof(*addr)) { 550 error = EINVAL; 551 break; 552 } 553 if (ifnet.tqh_first == 0) { 554 error = EADDRNOTAVAIL; 555 break; 556 } 557 if (addr->sin6_family != AF_INET6) { 558 error = EAFNOSUPPORT; 559 break; 560 } 561 562 /* Source address selection. XXX: need pcblookup? */ 563 in6a = &in6p->in6p_laddr; 564 if (IN6_IS_ADDR_ANY(in6a) && 565 (in6a = in6_selectsrc(addr, in6p->in6p_outputopts, 566 in6p->in6p_moptions, &in6p->in6p_route, 567 &error)) == NULL) { 568 if (error == 0) 569 error = EADDRNOTAVAIL; 570 break; 571 } 572 in6p->in6p_laddr = *in6a; 573 in6p->in6p_faddr = addr->sin6_addr; 574 soisconnected(so); 575 break; 576 } 577 578 case PRU_CONNECT2: 579 error = EOPNOTSUPP; 580 break; 581 582 /* 583 * Mark the connection as being incapable of futther input. 584 */ 585 case PRU_SHUTDOWN: 586 socantsendmore(so); 587 break; 588 /* 589 * Ship a packet out. The appropriate raw output 590 * routine handles any messaging necessary. 591 */ 592 case PRU_SEND: 593 { 594 struct sockaddr_in6 tmp; 595 struct sockaddr_in6 *dst; 596 597 if (so->so_state & SS_ISCONNECTED) { 598 if (nam) { 599 error = EISCONN; 600 break; 601 } 602 /* XXX */ 603 bzero(&tmp, sizeof(tmp)); 604 tmp.sin6_family = AF_INET6; 605 tmp.sin6_len = sizeof(struct sockaddr_in6); 606 bcopy(&in6p->in6p_faddr, &tmp.sin6_addr, 607 sizeof(struct in6_addr)); 608 dst = &tmp; 609 } else { 610 if (nam == NULL) { 611 error = ENOTCONN; 612 break; 613 } 614 dst = mtod(nam, struct sockaddr_in6 *); 615 } 616 error = rip6_output(m, so, dst, control); 617 m = NULL; 618 break; 619 } 620 621 case PRU_SENSE: 622 /* 623 * stat: don't bother with a blocksize 624 */ 625 return(0); 626 /* 627 * Not supported. 628 */ 629 case PRU_RCVOOB: 630 case PRU_RCVD: 631 case PRU_LISTEN: 632 case PRU_ACCEPT: 633 case PRU_SENDOOB: 634 error = EOPNOTSUPP; 635 break; 636 637 case PRU_SOCKADDR: 638 in6_setsockaddr(in6p, nam); 639 break; 640 641 case PRU_PEERADDR: 642 in6_setpeeraddr(in6p, nam); 643 break; 644 645 default: 646 panic("rip6_usrreq"); 647 } 648 if (m != NULL) 649 m_freem(m); 650 return(error); 651 } 652
Indexes created Wed Sep 24 14:09:57 GMT 2025