raw_ip6.c revision 1.31
1 /* $NetBSD: raw_ip6.c,v 1.31 2001/03/04 16:49:17 itojun Exp $ */ 2 /* $KAME: raw_ip6.c,v 1.69 2001/03/04 15:55:44 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1988, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. All advertising materials mentioning features or use of this software 46 * must display the following acknowledgement: 47 * This product includes software developed by the University of 48 * California, Berkeley and its contributors. 49 * 4. Neither the name of the University nor the names of its contributors 50 * may be used to endorse or promote products derived from this software 51 * without specific prior written permission. 52 * 53 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 54 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 55 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 56 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 57 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 58 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 59 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 60 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 61 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 62 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 63 * SUCH DAMAGE. 64 * 65 * @(#)raw_ip.c 8.2 (Berkeley) 1/4/94 66 */ 67 68 #include "opt_ipsec.h" 69 70 #include <sys/param.h> 71 #include <sys/malloc.h> 72 #include <sys/mbuf.h> 73 #include <sys/socket.h> 74 #include <sys/protosw.h> 75 #include <sys/socketvar.h> 76 #include <sys/errno.h> 77 #include <sys/systm.h> 78 #include <sys/proc.h> 79 80 #include <net/if.h> 81 #include <net/route.h> 82 #include <net/if_types.h> 83 84 #include <netinet/in.h> 85 #include <netinet/in_var.h> 86 #include <netinet/ip6.h> 87 #include <netinet6/ip6_var.h> 88 #include <netinet6/ip6_mroute.h> 89 #include <netinet/icmp6.h> 90 #include <netinet6/in6_pcb.h> 91 #include <netinet6/nd6.h> 92 #include <netinet6/ip6protosw.h> 93 #ifdef ENABLE_DEFAULT_SCOPE 94 #include <netinet6/scope6_var.h> 95 #endif 96 97 #ifdef IPSEC 98 #include <netinet6/ipsec.h> 99 #endif /*IPSEC*/ 100 101 #include <machine/stdarg.h> 102 103 #include "faith.h" 104 105 struct in6pcb rawin6pcb; 106 #define ifatoia6(ifa) ((struct in6_ifaddr *)(ifa)) 107 108 /* 109 * Raw interface to IP6 protocol. 110 */ 111 112 /* 113 * Initialize raw connection block queue. 114 */ 115 void 116 rip6_init() 117 { 118 rawin6pcb.in6p_next = rawin6pcb.in6p_prev = &rawin6pcb; 119 } 120 121 /* 122 * Setup generic address and protocol structures 123 * for raw_input routine, then pass them along with 124 * mbuf chain. 125 */ 126 int 127 rip6_input(mp, offp, proto) 128 struct mbuf **mp; 129 int *offp, proto; 130 { 131 struct mbuf *m = *mp; 132 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); 133 struct in6pcb *in6p; 134 struct in6pcb *last = NULL; 135 struct sockaddr_in6 rip6src; 136 struct mbuf *opts = NULL; 137 138 #if defined(NFAITH) && 0 < NFAITH 139 if (m->m_pkthdr.rcvif) { 140 if (m->m_pkthdr.rcvif->if_type == IFT_FAITH) { 141 /* send icmp6 host unreach? */ 142 m_freem(m); 143 return IPPROTO_DONE; 144 } 145 } 146 #endif 147 148 /* Be proactive about malicious use of IPv4 mapped address */ 149 if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) || 150 IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) { 151 /* XXX stat */ 152 m_freem(m); 153 return IPPROTO_DONE; 154 } 155 156 bzero(&rip6src, sizeof(rip6src)); 157 rip6src.sin6_len = sizeof(struct sockaddr_in6); 158 rip6src.sin6_family = AF_INET6; 159 #if 0 /*XXX inbound flowlabel */ 160 rip6src.sin6_flowinfo = ip6->ip6_flow & IPV6_FLOWINFO_MASK; 161 #endif 162 /* KAME hack: recover scopeid */ 163 (void)in6_recoverscope(&rip6src, &ip6->ip6_src, m->m_pkthdr.rcvif); 164 165 for (in6p = rawin6pcb.in6p_next; 166 in6p != &rawin6pcb; in6p = in6p->in6p_next) 167 { 168 if (in6p->in6p_ip6.ip6_nxt && 169 in6p->in6p_ip6.ip6_nxt != proto) 170 continue; 171 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) && 172 !IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &ip6->ip6_dst)) 173 continue; 174 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr) && 175 !IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, &ip6->ip6_src)) 176 continue; 177 if (in6p->in6p_cksum != -1 178 && in6_cksum(m, ip6->ip6_nxt, *offp, m->m_pkthdr.len - *offp)) 179 { 180 /* XXX bark something */ 181 continue; 182 } 183 if (last) { 184 struct mbuf *n; 185 186 #ifdef IPSEC 187 /* 188 * Check AH/ESP integrity. 189 */ 190 if (ipsec6_in_reject(m, last)) { 191 ipsec6stat.in_polvio++; 192 /* do not inject data into pcb */ 193 } else 194 #endif /*IPSEC*/ 195 if ((n = m_copy(m, 0, (int)M_COPYALL)) != NULL) { 196 if (last->in6p_flags & IN6P_CONTROLOPTS) 197 ip6_savecontrol(last, &opts, ip6, n); 198 /* strip intermediate headers */ 199 m_adj(n, *offp); 200 if (sbappendaddr(&last->in6p_socket->so_rcv, 201 (struct sockaddr *)&rip6src, 202 n, opts) == 0) { 203 /* should notify about lost packet */ 204 m_freem(n); 205 if (opts) 206 m_freem(opts); 207 } else 208 sorwakeup(last->in6p_socket); 209 opts = NULL; 210 } 211 } 212 last = in6p; 213 } 214 #ifdef IPSEC 215 /* 216 * Check AH/ESP integrity. 217 */ 218 if (last && ipsec6_in_reject(m, last)) { 219 m_freem(m); 220 ipsec6stat.in_polvio++; 221 ip6stat.ip6s_delivered--; 222 /* do not inject data into pcb */ 223 } else 224 #endif /*IPSEC*/ 225 if (last) { 226 if (last->in6p_flags & IN6P_CONTROLOPTS) 227 ip6_savecontrol(last, &opts, ip6, m); 228 /* strip intermediate headers */ 229 m_adj(m, *offp); 230 if (sbappendaddr(&last->in6p_socket->so_rcv, 231 (struct sockaddr *)&rip6src, m, opts) == 0) { 232 m_freem(m); 233 if (opts) 234 m_freem(opts); 235 } else 236 sorwakeup(last->in6p_socket); 237 } else { 238 if (proto == IPPROTO_NONE) 239 m_freem(m); 240 else { 241 char *prvnxtp = ip6_get_prevhdr(m, *offp); /* XXX */ 242 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_protounknown); 243 icmp6_error(m, ICMP6_PARAM_PROB, 244 ICMP6_PARAMPROB_NEXTHEADER, 245 prvnxtp - mtod(m, char *)); 246 } 247 ip6stat.ip6s_delivered--; 248 } 249 return IPPROTO_DONE; 250 } 251 252 void 253 rip6_ctlinput(cmd, sa, d) 254 int cmd; 255 struct sockaddr *sa; 256 void *d; 257 { 258 struct ip6_hdr *ip6; 259 struct mbuf *m; 260 int off; 261 struct ip6ctlparam *ip6cp = NULL; 262 const struct sockaddr_in6 *sa6_src = NULL; 263 void *cmdarg; 264 void (*notify) __P((struct in6pcb *, int)) = in6_rtchange; 265 int nxt; 266 267 if (sa->sa_family != AF_INET6 || 268 sa->sa_len != sizeof(struct sockaddr_in6)) 269 return; 270 271 if ((unsigned)cmd >= PRC_NCMDS) 272 return; 273 if (PRC_IS_REDIRECT(cmd)) 274 notify = in6_rtchange, d = NULL; 275 else if (cmd == PRC_HOSTDEAD) 276 d = NULL; 277 else if (cmd == PRC_MSGSIZE) 278 ; /* special code is present, see below */ 279 else if (inet6ctlerrmap[cmd] == 0) 280 return; 281 282 /* if the parameter is from icmp6, decode it. */ 283 if (d != NULL) { 284 ip6cp = (struct ip6ctlparam *)d; 285 m = ip6cp->ip6c_m; 286 ip6 = ip6cp->ip6c_ip6; 287 off = ip6cp->ip6c_off; 288 cmdarg = ip6cp->ip6c_cmdarg; 289 sa6_src = ip6cp->ip6c_src; 290 nxt = ip6cp->ip6c_nxt; 291 } else { 292 m = NULL; 293 ip6 = NULL; 294 cmdarg = NULL; 295 sa6_src = &sa6_any; 296 nxt = -1; 297 } 298 299 if (ip6 && cmd == PRC_MSGSIZE) { 300 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)sa; 301 int valid = 0; 302 struct in6pcb *in6p; 303 304 /* 305 * Check to see if we have a valid raw IPv6 socket 306 * corresponding to the address in the ICMPv6 message 307 * payload, and the protocol (ip6_nxt) meets the socket. 308 * XXX chase extension headers, or pass final nxt value 309 * from icmp6_notify_error() 310 */ 311 in6p = NULL; 312 in6p = in6_pcblookup_connect(&rawin6pcb, 313 &sa6->sin6_addr, 0, 314 (struct in6_addr *)&sa6_src->sin6_addr, 0, 0); 315 #if 0 316 if (!in6p) { 317 /* 318 * As the use of sendto(2) is fairly popular, 319 * we may want to allow non-connected pcb too. 320 * But it could be too weak against attacks... 321 * We should at least check if the local 322 * address (= s) is really ours. 323 */ 324 in6p = in6_pcblookup_bind(&rawin6pcb, 325 &sa6->sin6_addr, 0, 0)) 326 } 327 #endif 328 329 if (in6p && in6p->in6p_ip6.ip6_nxt && 330 in6p->in6p_ip6.ip6_nxt == nxt) 331 valid++; 332 333 /* 334 * Depending on the value of "valid" and routing table 335 * size (mtudisc_{hi,lo}wat), we will: 336 * - recalcurate the new MTU and create the 337 * corresponding routing entry, or 338 * - ignore the MTU change notification. 339 */ 340 icmp6_mtudisc_update((struct ip6ctlparam *)d, valid); 341 342 /* 343 * regardless of if we called icmp6_mtudisc_update(), 344 * we need to call in6_pcbnotify(), to notify path 345 * MTU change to the userland (2292bis-02), because 346 * some unconnected sockets may share the same 347 * destination and want to know the path MTU. 348 */ 349 } 350 351 (void) in6_pcbnotify(&rawin6pcb, sa, 0, 352 (struct sockaddr *)sa6_src, 0, cmd, cmdarg, notify); 353 } 354 355 /* 356 * Generate IPv6 header and pass packet to ip6_output. 357 * Tack on options user may have setup with control call. 358 */ 359 int 360 #if __STDC__ 361 rip6_output(struct mbuf *m, ...) 362 #else 363 rip6_output(m, va_alist) 364 struct mbuf *m; 365 va_dcl 366 #endif 367 { 368 struct socket *so; 369 struct sockaddr_in6 *dstsock; 370 struct mbuf *control; 371 struct in6_addr *dst; 372 struct ip6_hdr *ip6; 373 struct in6pcb *in6p; 374 u_int plen = m->m_pkthdr.len; 375 int error = 0; 376 struct ip6_pktopts opt, *optp = NULL, *origoptp; 377 struct ifnet *oifp = NULL; 378 int type, code; /* for ICMPv6 output statistics only */ 379 int priv = 0; 380 va_list ap; 381 int flags; 382 383 va_start(ap, m); 384 so = va_arg(ap, struct socket *); 385 dstsock = va_arg(ap, struct sockaddr_in6 *); 386 control = va_arg(ap, struct mbuf *); 387 va_end(ap); 388 389 in6p = sotoin6pcb(so); 390 391 priv = 0; 392 { 393 struct proc *p = curproc; /* XXX */ 394 395 if (p && !suser(p->p_ucred, &p->p_acflag)) 396 priv = 1; 397 } 398 dst = &dstsock->sin6_addr; 399 if (control) { 400 if ((error = ip6_setpktoptions(control, &opt, priv)) != 0) 401 goto bad; 402 optp = &opt; 403 } else 404 optp = in6p->in6p_outputopts; 405 406 /* 407 * For an ICMPv6 packet, we should know its type and code 408 * to update statistics. 409 */ 410 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) { 411 struct icmp6_hdr *icmp6; 412 if (m->m_len < sizeof(struct icmp6_hdr) && 413 (m = m_pullup(m, sizeof(struct icmp6_hdr))) == NULL) { 414 error = ENOBUFS; 415 goto bad; 416 } 417 icmp6 = mtod(m, struct icmp6_hdr *); 418 type = icmp6->icmp6_type; 419 code = icmp6->icmp6_code; 420 } 421 422 M_PREPEND(m, sizeof(*ip6), M_WAIT); 423 ip6 = mtod(m, struct ip6_hdr *); 424 425 /* 426 * Next header might not be ICMP6 but use its pseudo header anyway. 427 */ 428 ip6->ip6_dst = *dst; 429 430 /* KAME hack: embed scopeid */ 431 origoptp = in6p->in6p_outputopts; 432 in6p->in6p_outputopts = optp; 433 if (in6_embedscope(&ip6->ip6_dst, dstsock, in6p, &oifp) != 0) { 434 error = EINVAL; 435 goto bad; 436 } 437 in6p->in6p_outputopts = origoptp; 438 439 /* 440 * Source address selection. 441 */ 442 { 443 struct in6_addr *in6a; 444 445 if ((in6a = in6_selectsrc(dstsock, optp, 446 in6p->in6p_moptions, 447 &in6p->in6p_route, 448 &in6p->in6p_laddr, 449 &error)) == 0) { 450 if (error == 0) 451 error = EADDRNOTAVAIL; 452 goto bad; 453 } 454 ip6->ip6_src = *in6a; 455 if (in6p->in6p_route.ro_rt) { 456 /* what if oifp contradicts ? */ 457 oifp = ifindex2ifnet[in6p->in6p_route.ro_rt->rt_ifp->if_index]; 458 } 459 } 460 461 ip6->ip6_flow = in6p->in6p_flowinfo & IPV6_FLOWINFO_MASK; 462 ip6->ip6_vfc &= ~IPV6_VERSION_MASK; 463 ip6->ip6_vfc |= IPV6_VERSION; 464 #if 0 /* ip6_plen will be filled in ip6_output. */ 465 ip6->ip6_plen = htons((u_short)plen); 466 #endif 467 ip6->ip6_nxt = in6p->in6p_ip6.ip6_nxt; 468 ip6->ip6_hlim = in6_selecthlim(in6p, oifp); 469 470 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6 || 471 in6p->in6p_cksum != -1) { 472 int off; 473 u_int16_t sum; 474 475 #define offsetof(type, member) ((size_t)(&((type *)0)->member)) /* XXX */ 476 477 /* compute checksum */ 478 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) 479 off = offsetof(struct icmp6_hdr, icmp6_cksum); 480 else 481 off = in6p->in6p_cksum; 482 if (plen < off + 1) { 483 error = EINVAL; 484 goto bad; 485 } 486 off += sizeof(struct ip6_hdr); 487 488 sum = 0; 489 m_copyback(m, off, sizeof(sum), (caddr_t)&sum); 490 sum = in6_cksum(m, ip6->ip6_nxt, sizeof(*ip6), plen); 491 m_copyback(m, off, sizeof(sum), (caddr_t)&sum); 492 } 493 494 #ifdef IPSEC 495 if (ipsec_setsocket(m, so) != 0) { 496 error = ENOBUFS; 497 goto bad; 498 } 499 #endif /*IPSEC*/ 500 501 flags = 0; 502 #ifdef IPV6_MINMTU 503 if (in6p->in6p_flags & IN6P_MINMTU) 504 flags |= IPV6_MINMTU; 505 #endif 506 507 error = ip6_output(m, optp, &in6p->in6p_route, flags, 508 in6p->in6p_moptions, &oifp); 509 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) { 510 if (oifp) 511 icmp6_ifoutstat_inc(oifp, type, code); 512 icmp6stat.icp6s_outhist[type]++; 513 } 514 515 goto freectl; 516 517 bad: 518 if (m) 519 m_freem(m); 520 521 freectl: 522 if (optp == &opt && optp->ip6po_rthdr && optp->ip6po_route.ro_rt) 523 RTFREE(optp->ip6po_route.ro_rt); 524 if (control) 525 m_freem(control); 526 return(error); 527 } 528 529 /* 530 * Raw IPv6 socket option processing. 531 */ 532 int 533 rip6_ctloutput(op, so, level, optname, m) 534 int op; 535 struct socket *so; 536 int level, optname; 537 struct mbuf **m; 538 { 539 int error = 0; 540 541 switch (level) { 542 case IPPROTO_IPV6: 543 switch (optname) { 544 case MRT6_INIT: 545 case MRT6_DONE: 546 case MRT6_ADD_MIF: 547 case MRT6_DEL_MIF: 548 case MRT6_ADD_MFC: 549 case MRT6_DEL_MFC: 550 case MRT6_PIM: 551 if (op == PRCO_SETOPT) { 552 error = ip6_mrouter_set(optname, so, *m); 553 if (*m) 554 (void)m_free(*m); 555 } else if (op == PRCO_GETOPT) { 556 error = ip6_mrouter_get(optname, so, m); 557 } else 558 error = EINVAL; 559 return (error); 560 } 561 return (ip6_ctloutput(op, so, level, optname, m)); 562 /* NOTREACHED */ 563 564 case IPPROTO_ICMPV6: 565 /* 566 * XXX: is it better to call icmp6_ctloutput() directly 567 * from protosw? 568 */ 569 return(icmp6_ctloutput(op, so, level, optname, m)); 570 571 default: 572 if (op == PRCO_SETOPT && *m) 573 (void)m_free(*m); 574 return(EINVAL); 575 } 576 } 577 578 extern u_long rip6_sendspace; 579 extern u_long rip6_recvspace; 580 581 int 582 rip6_usrreq(so, req, m, nam, control, p) 583 struct socket *so; 584 int req; 585 struct mbuf *m, *nam, *control; 586 struct proc *p; 587 { 588 struct in6pcb *in6p = sotoin6pcb(so); 589 int s; 590 int error = 0; 591 /* extern struct socket *ip6_mrouter; */ /* xxx */ 592 int priv; 593 594 priv = 0; 595 if (p && !suser(p->p_ucred, &p->p_acflag)) 596 priv++; 597 598 if (req == PRU_CONTROL) 599 return (in6_control(so, (u_long)m, (caddr_t)nam, 600 (struct ifnet *)control, p)); 601 602 if (req == PRU_PURGEIF) { 603 in6_purgeif((struct ifnet *)control); 604 in6_pcbpurgeif(&rawin6pcb, (struct ifnet *)control); 605 return (0); 606 } 607 608 switch (req) { 609 case PRU_ATTACH: 610 if (in6p) 611 panic("rip6_attach"); 612 if (!priv) { 613 error = EACCES; 614 break; 615 } 616 s = splsoftnet(); 617 if ((error = soreserve(so, rip6_sendspace, rip6_recvspace)) != 0) { 618 splx(s); 619 break; 620 } 621 if ((error = in6_pcballoc(so, &rawin6pcb)) != 0) 622 { 623 splx(s); 624 break; 625 } 626 splx(s); 627 in6p = sotoin6pcb(so); 628 in6p->in6p_ip6.ip6_nxt = (long)nam; 629 in6p->in6p_cksum = -1; 630 #ifdef IPSEC 631 error = ipsec_init_policy(so, &in6p->in6p_sp); 632 if (error != 0) { 633 in6_pcbdetach(in6p); 634 break; 635 } 636 #endif /*IPSEC*/ 637 638 MALLOC(in6p->in6p_icmp6filt, struct icmp6_filter *, 639 sizeof(struct icmp6_filter), M_PCB, M_NOWAIT); 640 if (in6p->in6p_icmp6filt == NULL) { 641 in6_pcbdetach(in6p); 642 error = ENOMEM; 643 break; 644 } 645 ICMP6_FILTER_SETPASSALL(in6p->in6p_icmp6filt); 646 break; 647 648 case PRU_DISCONNECT: 649 if ((so->so_state & SS_ISCONNECTED) == 0) { 650 error = ENOTCONN; 651 break; 652 } 653 in6p->in6p_faddr = in6addr_any; 654 so->so_state &= ~SS_ISCONNECTED; /* XXX */ 655 break; 656 657 case PRU_ABORT: 658 soisdisconnected(so); 659 /* Fallthrough */ 660 case PRU_DETACH: 661 if (in6p == 0) 662 panic("rip6_detach"); 663 if (so == ip6_mrouter) 664 ip6_mrouter_done(); 665 /* xxx: RSVP */ 666 if (in6p->in6p_icmp6filt) { 667 FREE(in6p->in6p_icmp6filt, M_PCB); 668 in6p->in6p_icmp6filt = NULL; 669 } 670 in6_pcbdetach(in6p); 671 break; 672 673 case PRU_BIND: 674 { 675 struct sockaddr_in6 *addr = mtod(nam, struct sockaddr_in6 *); 676 struct ifaddr *ia = NULL; 677 678 if (nam->m_len != sizeof(*addr)) { 679 error = EINVAL; 680 break; 681 } 682 if ((ifnet.tqh_first == 0) || (addr->sin6_family != AF_INET6)) { 683 error = EADDRNOTAVAIL; 684 break; 685 } 686 #ifdef ENABLE_DEFAULT_SCOPE 687 if (addr->sin6_scope_id == 0) /* not change if specified */ 688 addr->sin6_scope_id = 689 scope6_addr2default(&addr->sin6_addr); 690 #endif 691 /* 692 * we don't support mapped address here, it would confuse 693 * users so reject it 694 */ 695 if (IN6_IS_ADDR_V4MAPPED(&addr->sin6_addr)) { 696 error = EADDRNOTAVAIL; 697 break; 698 } 699 /* 700 * Currently, ifa_ifwithaddr tends to fail for a link-local 701 * address, since it implicitly expects that the link ID 702 * for the address is embedded in the sin6_addr part. 703 * For now, we'd rather keep this "as is". We'll eventually fix 704 * this in a more natural way. 705 */ 706 if (!IN6_IS_ADDR_UNSPECIFIED(&addr->sin6_addr) && 707 (ia = ifa_ifwithaddr((struct sockaddr *)addr)) == 0) { 708 error = EADDRNOTAVAIL; 709 break; 710 } 711 if (ia && 712 ((struct in6_ifaddr *)ia)->ia6_flags & 713 (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY| 714 IN6_IFF_DETACHED|IN6_IFF_DEPRECATED)) { 715 error = EADDRNOTAVAIL; 716 break; 717 } 718 in6p->in6p_laddr = addr->sin6_addr; 719 break; 720 } 721 722 case PRU_CONNECT: 723 { 724 struct sockaddr_in6 *addr = mtod(nam, struct sockaddr_in6 *); 725 struct in6_addr *in6a = NULL; 726 #ifdef ENABLE_DEFAULT_SCOPE 727 struct sockaddr_in6 sin6; 728 #endif 729 730 if (nam->m_len != sizeof(*addr)) { 731 error = EINVAL; 732 break; 733 } 734 if (ifnet.tqh_first == 0) 735 { 736 error = EADDRNOTAVAIL; 737 break; 738 } 739 if (addr->sin6_family != AF_INET6) { 740 error = EAFNOSUPPORT; 741 break; 742 } 743 744 #ifdef ENABLE_DEFAULT_SCOPE 745 if (addr->sin6_scope_id == 0) { 746 /* protect *addr */ 747 sin6 = *addr; 748 addr = &sin6; 749 addr->sin6_scope_id = 750 scope6_addr2default(&addr->sin6_addr); 751 } 752 #endif 753 754 /* Source address selection. XXX: need pcblookup? */ 755 in6a = in6_selectsrc(addr, in6p->in6p_outputopts, 756 in6p->in6p_moptions, 757 &in6p->in6p_route, 758 &in6p->in6p_laddr, 759 &error); 760 if (in6a == NULL) { 761 if (error == 0) 762 error = EADDRNOTAVAIL; 763 break; 764 } 765 in6p->in6p_laddr = *in6a; 766 in6p->in6p_faddr = addr->sin6_addr; 767 soisconnected(so); 768 break; 769 } 770 771 case PRU_CONNECT2: 772 error = EOPNOTSUPP; 773 break; 774 775 /* 776 * Mark the connection as being incapable of futther input. 777 */ 778 case PRU_SHUTDOWN: 779 socantsendmore(so); 780 break; 781 /* 782 * Ship a packet out. The appropriate raw output 783 * routine handles any messaging necessary. 784 */ 785 case PRU_SEND: 786 { 787 struct sockaddr_in6 tmp; 788 struct sockaddr_in6 *dst; 789 790 /* always copy sockaddr to avoid overwrites */ 791 if (so->so_state & SS_ISCONNECTED) { 792 if (nam) { 793 error = EISCONN; 794 break; 795 } 796 /* XXX */ 797 bzero(&tmp, sizeof(tmp)); 798 tmp.sin6_family = AF_INET6; 799 tmp.sin6_len = sizeof(struct sockaddr_in6); 800 bcopy(&in6p->in6p_faddr, &tmp.sin6_addr, 801 sizeof(struct in6_addr)); 802 dst = &tmp; 803 } else { 804 if (nam == NULL) { 805 error = ENOTCONN; 806 break; 807 } 808 tmp = *mtod(nam, struct sockaddr_in6 *); 809 dst = &tmp; 810 } 811 #ifdef ENABLE_DEFAULT_SCOPE 812 if (dst->sin6_scope_id == 0) { 813 dst->sin6_scope_id = 814 scope6_addr2default(&dst->sin6_addr); 815 } 816 #endif 817 error = rip6_output(m, so, dst, control); 818 m = NULL; 819 break; 820 } 821 822 case PRU_SENSE: 823 /* 824 * stat: don't bother with a blocksize 825 */ 826 return(0); 827 /* 828 * Not supported. 829 */ 830 case PRU_RCVOOB: 831 case PRU_RCVD: 832 case PRU_LISTEN: 833 case PRU_ACCEPT: 834 case PRU_SENDOOB: 835 error = EOPNOTSUPP; 836 break; 837 838 case PRU_SOCKADDR: 839 in6_setsockaddr(in6p, nam); 840 break; 841 842 case PRU_PEERADDR: 843 in6_setpeeraddr(in6p, nam); 844 break; 845 846 default: 847 panic("rip6_usrreq"); 848 } 849 if (m != NULL) 850 m_freem(m); 851 return(error); 852 } 853
Indexes created Tue Sep 23 14:10:03 GMT 2025