raw_ip6.c revision 1.31.2.3
1 /* $NetBSD: raw_ip6.c,v 1.31.2.3 2001/06/21 20:09:06 nathanw Exp $ */ 2 /* $KAME: raw_ip6.c,v 1.76 2001/04/29 13:45:09 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1988, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. All advertising materials mentioning features or use of this software 46 * must display the following acknowledgement: 47 * This product includes software developed by the University of 48 * California, Berkeley and its contributors. 49 * 4. Neither the name of the University nor the names of its contributors 50 * may be used to endorse or promote products derived from this software 51 * without specific prior written permission. 52 * 53 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 54 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 55 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 56 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 57 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 58 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 59 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 60 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 61 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 62 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 63 * SUCH DAMAGE. 64 * 65 * @(#)raw_ip.c 8.2 (Berkeley) 1/4/94 66 */ 67 68 #include "opt_ipsec.h" 69 70 #include <sys/param.h> 71 #include <sys/malloc.h> 72 #include <sys/mbuf.h> 73 #include <sys/socket.h> 74 #include <sys/protosw.h> 75 #include <sys/socketvar.h> 76 #include <sys/errno.h> 77 #include <sys/systm.h> 78 #include <sys/lwp.h> 79 #include <sys/proc.h> 80 81 #include <net/if.h> 82 #include <net/route.h> 83 #include <net/if_types.h> 84 85 #include <netinet/in.h> 86 #include <netinet/in_var.h> 87 #include <netinet/ip6.h> 88 #include <netinet6/ip6_var.h> 89 #include <netinet6/ip6_mroute.h> 90 #include <netinet/icmp6.h> 91 #include <netinet6/in6_pcb.h> 92 #include <netinet6/nd6.h> 93 #include <netinet6/ip6protosw.h> 94 #ifdef ENABLE_DEFAULT_SCOPE 95 #include <netinet6/scope6_var.h> 96 #endif 97 98 #ifdef IPSEC 99 #include <netinet6/ipsec.h> 100 #endif /*IPSEC*/ 101 102 #include <machine/stdarg.h> 103 104 #include "faith.h" 105 #if defined(NFAITH) && 0 < NFAITH 106 #include <net/if_faith.h> 107 #endif 108 109 struct in6pcb rawin6pcb; 110 #define ifatoia6(ifa) ((struct in6_ifaddr *)(ifa)) 111 112 /* 113 * Raw interface to IP6 protocol. 114 */ 115 116 /* 117 * Initialize raw connection block queue. 118 */ 119 void 120 rip6_init() 121 { 122 rawin6pcb.in6p_next = rawin6pcb.in6p_prev = &rawin6pcb; 123 } 124 125 /* 126 * Setup generic address and protocol structures 127 * for raw_input routine, then pass them along with 128 * mbuf chain. 129 */ 130 int 131 rip6_input(mp, offp, proto) 132 struct mbuf **mp; 133 int *offp, proto; 134 { 135 struct mbuf *m = *mp; 136 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); 137 struct in6pcb *in6p; 138 struct in6pcb *last = NULL; 139 struct sockaddr_in6 rip6src; 140 struct mbuf *opts = NULL; 141 142 #if defined(NFAITH) && 0 < NFAITH 143 if (faithprefix(&ip6->ip6_dst)) { 144 /* send icmp6 host unreach? */ 145 m_freem(m); 146 return IPPROTO_DONE; 147 } 148 #endif 149 150 /* Be proactive about malicious use of IPv4 mapped address */ 151 if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) || 152 IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) { 153 /* XXX stat */ 154 m_freem(m); 155 return IPPROTO_DONE; 156 } 157 158 bzero(&rip6src, sizeof(rip6src)); 159 rip6src.sin6_len = sizeof(struct sockaddr_in6); 160 rip6src.sin6_family = AF_INET6; 161 #if 0 /*XXX inbound flowlabel */ 162 rip6src.sin6_flowinfo = ip6->ip6_flow & IPV6_FLOWINFO_MASK; 163 #endif 164 /* KAME hack: recover scopeid */ 165 (void)in6_recoverscope(&rip6src, &ip6->ip6_src, m->m_pkthdr.rcvif); 166 167 for (in6p = rawin6pcb.in6p_next; 168 in6p != &rawin6pcb; in6p = in6p->in6p_next) 169 { 170 if (in6p->in6p_ip6.ip6_nxt && 171 in6p->in6p_ip6.ip6_nxt != proto) 172 continue; 173 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) && 174 !IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &ip6->ip6_dst)) 175 continue; 176 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr) && 177 !IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, &ip6->ip6_src)) 178 continue; 179 if (in6p->in6p_cksum != -1 180 && in6_cksum(m, ip6->ip6_nxt, *offp, m->m_pkthdr.len - *offp)) 181 { 182 /* XXX bark something */ 183 continue; 184 } 185 if (last) { 186 struct mbuf *n; 187 188 #ifdef IPSEC 189 /* 190 * Check AH/ESP integrity. 191 */ 192 if (ipsec6_in_reject(m, last)) { 193 ipsec6stat.in_polvio++; 194 /* do not inject data into pcb */ 195 } else 196 #endif /*IPSEC*/ 197 if ((n = m_copy(m, 0, (int)M_COPYALL)) != NULL) { 198 if (last->in6p_flags & IN6P_CONTROLOPTS) 199 ip6_savecontrol(last, &opts, ip6, n); 200 /* strip intermediate headers */ 201 m_adj(n, *offp); 202 if (sbappendaddr(&last->in6p_socket->so_rcv, 203 (struct sockaddr *)&rip6src, 204 n, opts) == 0) { 205 /* should notify about lost packet */ 206 m_freem(n); 207 if (opts) 208 m_freem(opts); 209 } else 210 sorwakeup(last->in6p_socket); 211 opts = NULL; 212 } 213 } 214 last = in6p; 215 } 216 #ifdef IPSEC 217 /* 218 * Check AH/ESP integrity. 219 */ 220 if (last && ipsec6_in_reject(m, last)) { 221 m_freem(m); 222 ipsec6stat.in_polvio++; 223 ip6stat.ip6s_delivered--; 224 /* do not inject data into pcb */ 225 } else 226 #endif /*IPSEC*/ 227 if (last) { 228 if (last->in6p_flags & IN6P_CONTROLOPTS) 229 ip6_savecontrol(last, &opts, ip6, m); 230 /* strip intermediate headers */ 231 m_adj(m, *offp); 232 if (sbappendaddr(&last->in6p_socket->so_rcv, 233 (struct sockaddr *)&rip6src, m, opts) == 0) { 234 m_freem(m); 235 if (opts) 236 m_freem(opts); 237 } else 238 sorwakeup(last->in6p_socket); 239 } else { 240 if (proto == IPPROTO_NONE) 241 m_freem(m); 242 else { 243 char *prvnxtp = ip6_get_prevhdr(m, *offp); /* XXX */ 244 in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_protounknown); 245 icmp6_error(m, ICMP6_PARAM_PROB, 246 ICMP6_PARAMPROB_NEXTHEADER, 247 prvnxtp - mtod(m, char *)); 248 } 249 ip6stat.ip6s_delivered--; 250 } 251 return IPPROTO_DONE; 252 } 253 254 void 255 rip6_ctlinput(cmd, sa, d) 256 int cmd; 257 struct sockaddr *sa; 258 void *d; 259 { 260 struct ip6_hdr *ip6; 261 struct mbuf *m; 262 int off; 263 struct ip6ctlparam *ip6cp = NULL; 264 const struct sockaddr_in6 *sa6_src = NULL; 265 void *cmdarg; 266 void (*notify) __P((struct in6pcb *, int)) = in6_rtchange; 267 int nxt; 268 269 if (sa->sa_family != AF_INET6 || 270 sa->sa_len != sizeof(struct sockaddr_in6)) 271 return; 272 273 if ((unsigned)cmd >= PRC_NCMDS) 274 return; 275 if (PRC_IS_REDIRECT(cmd)) 276 notify = in6_rtchange, d = NULL; 277 else if (cmd == PRC_HOSTDEAD) 278 d = NULL; 279 else if (cmd == PRC_MSGSIZE) 280 ; /* special code is present, see below */ 281 else if (inet6ctlerrmap[cmd] == 0) 282 return; 283 284 /* if the parameter is from icmp6, decode it. */ 285 if (d != NULL) { 286 ip6cp = (struct ip6ctlparam *)d; 287 m = ip6cp->ip6c_m; 288 ip6 = ip6cp->ip6c_ip6; 289 off = ip6cp->ip6c_off; 290 cmdarg = ip6cp->ip6c_cmdarg; 291 sa6_src = ip6cp->ip6c_src; 292 nxt = ip6cp->ip6c_nxt; 293 } else { 294 m = NULL; 295 ip6 = NULL; 296 cmdarg = NULL; 297 sa6_src = &sa6_any; 298 nxt = -1; 299 } 300 301 if (ip6 && cmd == PRC_MSGSIZE) { 302 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)sa; 303 int valid = 0; 304 struct in6pcb *in6p; 305 306 /* 307 * Check to see if we have a valid raw IPv6 socket 308 * corresponding to the address in the ICMPv6 message 309 * payload, and the protocol (ip6_nxt) meets the socket. 310 * XXX chase extension headers, or pass final nxt value 311 * from icmp6_notify_error() 312 */ 313 in6p = NULL; 314 in6p = in6_pcblookup_connect(&rawin6pcb, 315 &sa6->sin6_addr, 0, 316 (struct in6_addr *)&sa6_src->sin6_addr, 0, 0); 317 #if 0 318 if (!in6p) { 319 /* 320 * As the use of sendto(2) is fairly popular, 321 * we may want to allow non-connected pcb too. 322 * But it could be too weak against attacks... 323 * We should at least check if the local 324 * address (= s) is really ours. 325 */ 326 in6p = in6_pcblookup_bind(&rawin6pcb, 327 &sa6->sin6_addr, 0, 0)) 328 } 329 #endif 330 331 if (in6p && in6p->in6p_ip6.ip6_nxt && 332 in6p->in6p_ip6.ip6_nxt == nxt) 333 valid++; 334 335 /* 336 * Depending on the value of "valid" and routing table 337 * size (mtudisc_{hi,lo}wat), we will: 338 * - recalcurate the new MTU and create the 339 * corresponding routing entry, or 340 * - ignore the MTU change notification. 341 */ 342 icmp6_mtudisc_update((struct ip6ctlparam *)d, valid); 343 344 /* 345 * regardless of if we called icmp6_mtudisc_update(), 346 * we need to call in6_pcbnotify(), to notify path 347 * MTU change to the userland (2292bis-02), because 348 * some unconnected sockets may share the same 349 * destination and want to know the path MTU. 350 */ 351 } 352 353 (void) in6_pcbnotify(&rawin6pcb, sa, 0, 354 (struct sockaddr *)sa6_src, 0, cmd, cmdarg, notify); 355 } 356 357 /* 358 * Generate IPv6 header and pass packet to ip6_output. 359 * Tack on options user may have setup with control call. 360 */ 361 int 362 #if __STDC__ 363 rip6_output(struct mbuf *m, ...) 364 #else 365 rip6_output(m, va_alist) 366 struct mbuf *m; 367 va_dcl 368 #endif 369 { 370 struct socket *so; 371 struct sockaddr_in6 *dstsock; 372 struct mbuf *control; 373 struct in6_addr *dst; 374 struct ip6_hdr *ip6; 375 struct in6pcb *in6p; 376 u_int plen = m->m_pkthdr.len; 377 int error = 0; 378 struct ip6_pktopts opt, *optp = NULL, *origoptp; 379 struct ifnet *oifp = NULL; 380 int type, code; /* for ICMPv6 output statistics only */ 381 int priv = 0; 382 va_list ap; 383 int flags; 384 385 va_start(ap, m); 386 so = va_arg(ap, struct socket *); 387 dstsock = va_arg(ap, struct sockaddr_in6 *); 388 control = va_arg(ap, struct mbuf *); 389 va_end(ap); 390 391 in6p = sotoin6pcb(so); 392 393 priv = 0; 394 { 395 struct proc *p = (curproc ? curproc->l_proc : 0); /* XXX */ 396 397 if (p && !suser(p->p_ucred, &p->p_acflag)) 398 priv = 1; 399 } 400 dst = &dstsock->sin6_addr; 401 if (control) { 402 if ((error = ip6_setpktoptions(control, &opt, priv)) != 0) 403 goto bad; 404 optp = &opt; 405 } else 406 optp = in6p->in6p_outputopts; 407 408 /* 409 * For an ICMPv6 packet, we should know its type and code 410 * to update statistics. 411 */ 412 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) { 413 struct icmp6_hdr *icmp6; 414 if (m->m_len < sizeof(struct icmp6_hdr) && 415 (m = m_pullup(m, sizeof(struct icmp6_hdr))) == NULL) { 416 error = ENOBUFS; 417 goto bad; 418 } 419 icmp6 = mtod(m, struct icmp6_hdr *); 420 type = icmp6->icmp6_type; 421 code = icmp6->icmp6_code; 422 } 423 424 M_PREPEND(m, sizeof(*ip6), M_WAIT); 425 ip6 = mtod(m, struct ip6_hdr *); 426 427 /* 428 * Next header might not be ICMP6 but use its pseudo header anyway. 429 */ 430 ip6->ip6_dst = *dst; 431 432 /* KAME hack: embed scopeid */ 433 origoptp = in6p->in6p_outputopts; 434 in6p->in6p_outputopts = optp; 435 if (in6_embedscope(&ip6->ip6_dst, dstsock, in6p, &oifp) != 0) { 436 error = EINVAL; 437 goto bad; 438 } 439 in6p->in6p_outputopts = origoptp; 440 441 /* 442 * Source address selection. 443 */ 444 { 445 struct in6_addr *in6a; 446 447 if ((in6a = in6_selectsrc(dstsock, optp, 448 in6p->in6p_moptions, 449 &in6p->in6p_route, 450 &in6p->in6p_laddr, 451 &error)) == 0) { 452 if (error == 0) 453 error = EADDRNOTAVAIL; 454 goto bad; 455 } 456 ip6->ip6_src = *in6a; 457 if (in6p->in6p_route.ro_rt) { 458 /* what if oifp contradicts ? */ 459 oifp = ifindex2ifnet[in6p->in6p_route.ro_rt->rt_ifp->if_index]; 460 } 461 } 462 463 ip6->ip6_flow = in6p->in6p_flowinfo & IPV6_FLOWINFO_MASK; 464 ip6->ip6_vfc &= ~IPV6_VERSION_MASK; 465 ip6->ip6_vfc |= IPV6_VERSION; 466 #if 0 /* ip6_plen will be filled in ip6_output. */ 467 ip6->ip6_plen = htons((u_short)plen); 468 #endif 469 ip6->ip6_nxt = in6p->in6p_ip6.ip6_nxt; 470 ip6->ip6_hlim = in6_selecthlim(in6p, oifp); 471 472 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6 || 473 in6p->in6p_cksum != -1) { 474 int off; 475 u_int16_t sum; 476 477 #define offsetof(type, member) ((size_t)(&((type *)0)->member)) /* XXX */ 478 479 /* compute checksum */ 480 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) 481 off = offsetof(struct icmp6_hdr, icmp6_cksum); 482 else 483 off = in6p->in6p_cksum; 484 if (plen < off + 1) { 485 error = EINVAL; 486 goto bad; 487 } 488 off += sizeof(struct ip6_hdr); 489 490 sum = 0; 491 m_copyback(m, off, sizeof(sum), (caddr_t)&sum); 492 sum = in6_cksum(m, ip6->ip6_nxt, sizeof(*ip6), plen); 493 m_copyback(m, off, sizeof(sum), (caddr_t)&sum); 494 } 495 496 #ifdef IPSEC 497 if (ipsec_setsocket(m, so) != 0) { 498 error = ENOBUFS; 499 goto bad; 500 } 501 #endif /*IPSEC*/ 502 503 flags = 0; 504 #ifdef IPV6_MINMTU 505 if (in6p->in6p_flags & IN6P_MINMTU) 506 flags |= IPV6_MINMTU; 507 #endif 508 509 error = ip6_output(m, optp, &in6p->in6p_route, flags, 510 in6p->in6p_moptions, &oifp); 511 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) { 512 if (oifp) 513 icmp6_ifoutstat_inc(oifp, type, code); 514 icmp6stat.icp6s_outhist[type]++; 515 } 516 517 goto freectl; 518 519 bad: 520 if (m) 521 m_freem(m); 522 523 freectl: 524 if (optp == &opt && optp->ip6po_rthdr && optp->ip6po_route.ro_rt) 525 RTFREE(optp->ip6po_route.ro_rt); 526 if (control) 527 m_freem(control); 528 return(error); 529 } 530 531 /* 532 * Raw IPv6 socket option processing. 533 */ 534 int 535 rip6_ctloutput(op, so, level, optname, m) 536 int op; 537 struct socket *so; 538 int level, optname; 539 struct mbuf **m; 540 { 541 int error = 0; 542 543 switch (level) { 544 case IPPROTO_IPV6: 545 switch (optname) { 546 case MRT6_INIT: 547 case MRT6_DONE: 548 case MRT6_ADD_MIF: 549 case MRT6_DEL_MIF: 550 case MRT6_ADD_MFC: 551 case MRT6_DEL_MFC: 552 case MRT6_PIM: 553 if (op == PRCO_SETOPT) { 554 error = ip6_mrouter_set(optname, so, *m); 555 if (*m) 556 (void)m_free(*m); 557 } else if (op == PRCO_GETOPT) { 558 error = ip6_mrouter_get(optname, so, m); 559 } else 560 error = EINVAL; 561 return (error); 562 } 563 return (ip6_ctloutput(op, so, level, optname, m)); 564 /* NOTREACHED */ 565 566 case IPPROTO_ICMPV6: 567 /* 568 * XXX: is it better to call icmp6_ctloutput() directly 569 * from protosw? 570 */ 571 return(icmp6_ctloutput(op, so, level, optname, m)); 572 573 default: 574 if (op == PRCO_SETOPT && *m) 575 (void)m_free(*m); 576 return(EINVAL); 577 } 578 } 579 580 extern u_long rip6_sendspace; 581 extern u_long rip6_recvspace; 582 583 int 584 rip6_usrreq(so, req, m, nam, control, p) 585 struct socket *so; 586 int req; 587 struct mbuf *m, *nam, *control; 588 struct proc *p; 589 { 590 struct in6pcb *in6p = sotoin6pcb(so); 591 int s; 592 int error = 0; 593 /* extern struct socket *ip6_mrouter; */ /* xxx */ 594 int priv; 595 596 priv = 0; 597 if (p && !suser(p->p_ucred, &p->p_acflag)) 598 priv++; 599 600 if (req == PRU_CONTROL) 601 return (in6_control(so, (u_long)m, (caddr_t)nam, 602 (struct ifnet *)control, p)); 603 604 if (req == PRU_PURGEIF) { 605 in6_purgeif((struct ifnet *)control); 606 in6_pcbpurgeif(&rawin6pcb, (struct ifnet *)control); 607 return (0); 608 } 609 610 switch (req) { 611 case PRU_ATTACH: 612 if (in6p) 613 panic("rip6_attach"); 614 if (!priv) { 615 error = EACCES; 616 break; 617 } 618 s = splsoftnet(); 619 if ((error = soreserve(so, rip6_sendspace, rip6_recvspace)) != 0) { 620 splx(s); 621 break; 622 } 623 if ((error = in6_pcballoc(so, &rawin6pcb)) != 0) 624 { 625 splx(s); 626 break; 627 } 628 splx(s); 629 in6p = sotoin6pcb(so); 630 in6p->in6p_ip6.ip6_nxt = (long)nam; 631 in6p->in6p_cksum = -1; 632 #ifdef IPSEC 633 error = ipsec_init_policy(so, &in6p->in6p_sp); 634 if (error != 0) { 635 in6_pcbdetach(in6p); 636 break; 637 } 638 #endif /*IPSEC*/ 639 640 MALLOC(in6p->in6p_icmp6filt, struct icmp6_filter *, 641 sizeof(struct icmp6_filter), M_PCB, M_NOWAIT); 642 if (in6p->in6p_icmp6filt == NULL) { 643 in6_pcbdetach(in6p); 644 error = ENOMEM; 645 break; 646 } 647 ICMP6_FILTER_SETPASSALL(in6p->in6p_icmp6filt); 648 break; 649 650 case PRU_DISCONNECT: 651 if ((so->so_state & SS_ISCONNECTED) == 0) { 652 error = ENOTCONN; 653 break; 654 } 655 in6p->in6p_faddr = in6addr_any; 656 so->so_state &= ~SS_ISCONNECTED; /* XXX */ 657 break; 658 659 case PRU_ABORT: 660 soisdisconnected(so); 661 /* Fallthrough */ 662 case PRU_DETACH: 663 if (in6p == 0) 664 panic("rip6_detach"); 665 if (so == ip6_mrouter) 666 ip6_mrouter_done(); 667 /* xxx: RSVP */ 668 if (in6p->in6p_icmp6filt) { 669 FREE(in6p->in6p_icmp6filt, M_PCB); 670 in6p->in6p_icmp6filt = NULL; 671 } 672 in6_pcbdetach(in6p); 673 break; 674 675 case PRU_BIND: 676 { 677 struct sockaddr_in6 *addr = mtod(nam, struct sockaddr_in6 *); 678 struct ifaddr *ia = NULL; 679 680 if (nam->m_len != sizeof(*addr)) { 681 error = EINVAL; 682 break; 683 } 684 if ((ifnet.tqh_first == 0) || (addr->sin6_family != AF_INET6)) { 685 error = EADDRNOTAVAIL; 686 break; 687 } 688 #ifdef ENABLE_DEFAULT_SCOPE 689 if (addr->sin6_scope_id == 0) /* not change if specified */ 690 addr->sin6_scope_id = 691 scope6_addr2default(&addr->sin6_addr); 692 #endif 693 /* 694 * we don't support mapped address here, it would confuse 695 * users so reject it 696 */ 697 if (IN6_IS_ADDR_V4MAPPED(&addr->sin6_addr)) { 698 error = EADDRNOTAVAIL; 699 break; 700 } 701 /* 702 * Currently, ifa_ifwithaddr tends to fail for a link-local 703 * address, since it implicitly expects that the link ID 704 * for the address is embedded in the sin6_addr part. 705 * For now, we'd rather keep this "as is". We'll eventually fix 706 * this in a more natural way. 707 */ 708 if (!IN6_IS_ADDR_UNSPECIFIED(&addr->sin6_addr) && 709 (ia = ifa_ifwithaddr((struct sockaddr *)addr)) == 0) { 710 error = EADDRNOTAVAIL; 711 break; 712 } 713 if (ia && 714 ((struct in6_ifaddr *)ia)->ia6_flags & 715 (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY| 716 IN6_IFF_DETACHED|IN6_IFF_DEPRECATED)) { 717 error = EADDRNOTAVAIL; 718 break; 719 } 720 in6p->in6p_laddr = addr->sin6_addr; 721 break; 722 } 723 724 case PRU_CONNECT: 725 { 726 struct sockaddr_in6 *addr = mtod(nam, struct sockaddr_in6 *); 727 struct in6_addr *in6a = NULL; 728 #ifdef ENABLE_DEFAULT_SCOPE 729 struct sockaddr_in6 sin6; 730 #endif 731 732 if (nam->m_len != sizeof(*addr)) { 733 error = EINVAL; 734 break; 735 } 736 if (ifnet.tqh_first == 0) 737 { 738 error = EADDRNOTAVAIL; 739 break; 740 } 741 if (addr->sin6_family != AF_INET6) { 742 error = EAFNOSUPPORT; 743 break; 744 } 745 746 #ifdef ENABLE_DEFAULT_SCOPE 747 if (addr->sin6_scope_id == 0) { 748 /* protect *addr */ 749 sin6 = *addr; 750 addr = &sin6; 751 addr->sin6_scope_id = 752 scope6_addr2default(&addr->sin6_addr); 753 } 754 #endif 755 756 /* Source address selection. XXX: need pcblookup? */ 757 in6a = in6_selectsrc(addr, in6p->in6p_outputopts, 758 in6p->in6p_moptions, 759 &in6p->in6p_route, 760 &in6p->in6p_laddr, 761 &error); 762 if (in6a == NULL) { 763 if (error == 0) 764 error = EADDRNOTAVAIL; 765 break; 766 } 767 in6p->in6p_laddr = *in6a; 768 in6p->in6p_faddr = addr->sin6_addr; 769 soisconnected(so); 770 break; 771 } 772 773 case PRU_CONNECT2: 774 error = EOPNOTSUPP; 775 break; 776 777 /* 778 * Mark the connection as being incapable of futther input. 779 */ 780 case PRU_SHUTDOWN: 781 socantsendmore(so); 782 break; 783 /* 784 * Ship a packet out. The appropriate raw output 785 * routine handles any messaging necessary. 786 */ 787 case PRU_SEND: 788 { 789 struct sockaddr_in6 tmp; 790 struct sockaddr_in6 *dst; 791 792 /* always copy sockaddr to avoid overwrites */ 793 if (so->so_state & SS_ISCONNECTED) { 794 if (nam) { 795 error = EISCONN; 796 break; 797 } 798 /* XXX */ 799 bzero(&tmp, sizeof(tmp)); 800 tmp.sin6_family = AF_INET6; 801 tmp.sin6_len = sizeof(struct sockaddr_in6); 802 bcopy(&in6p->in6p_faddr, &tmp.sin6_addr, 803 sizeof(struct in6_addr)); 804 dst = &tmp; 805 } else { 806 if (nam == NULL) { 807 error = ENOTCONN; 808 break; 809 } 810 tmp = *mtod(nam, struct sockaddr_in6 *); 811 dst = &tmp; 812 } 813 #ifdef ENABLE_DEFAULT_SCOPE 814 if (dst->sin6_scope_id == 0) { 815 dst->sin6_scope_id = 816 scope6_addr2default(&dst->sin6_addr); 817 } 818 #endif 819 error = rip6_output(m, so, dst, control); 820 m = NULL; 821 break; 822 } 823 824 case PRU_SENSE: 825 /* 826 * stat: don't bother with a blocksize 827 */ 828 return(0); 829 /* 830 * Not supported. 831 */ 832 case PRU_RCVOOB: 833 case PRU_RCVD: 834 case PRU_LISTEN: 835 case PRU_ACCEPT: 836 case PRU_SENDOOB: 837 error = EOPNOTSUPP; 838 break; 839 840 case PRU_SOCKADDR: 841 in6_setsockaddr(in6p, nam); 842 break; 843 844 case PRU_PEERADDR: 845 in6_setpeeraddr(in6p, nam); 846 break; 847 848 default: 849 panic("rip6_usrreq"); 850 } 851 if (m != NULL) 852 m_freem(m); 853 return(error); 854 } 855
Indexes created Tue Sep 30 20:09:53 GMT 2025