1 /* 2 * Copyright (C) 2004, 2005, 2007, 2008, 2012 Internet Systems Consortium, Inc. ("ISC") 3 * Copyright (C) 1999-2003 Internet Software Consortium. 4 * 5 * Permission to use, copy, modify, and/or distribute this software for any 6 * purpose with or without fee is hereby granted, provided that the above 7 * copyright notice and this permission notice appear in all copies. 8 * 9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 10 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 11 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 12 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 13 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 14 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 15 * PERFORMANCE OF THIS SOFTWARE. 16 */ 17 18 /* $Id$ */ 19 20 #include <config.h> 21 22 #include <sys/types.h> 23 24 #if defined(HAVE_SYS_SYSCTL_H) 25 #if defined(HAVE_SYS_PARAM_H) 26 #include <sys/param.h> 27 #endif 28 #include <sys/sysctl.h> 29 #endif 30 31 #include <errno.h> 32 #include <unistd.h> 33 34 #include <isc/log.h> 35 #include <isc/msgs.h> 36 #include <isc/net.h> 37 #include <isc/once.h> 38 #include <isc/strerror.h> 39 #include <isc/string.h> 40 #include <isc/util.h> 41 42 /*% 43 * Definitions about UDP port range specification. This is a total mess of 44 * portability variants: some use sysctl (but the sysctl names vary), some use 45 * system-specific interfaces, some have the same interface for IPv4 and IPv6, 46 * some separate them, etc... 47 */ 48 49 /*% 50 * The last resort defaults: use all non well known port space 51 */ 52 #ifndef ISC_NET_PORTRANGELOW 53 #define ISC_NET_PORTRANGELOW 1024 54 #endif /* ISC_NET_PORTRANGELOW */ 55 #ifndef ISC_NET_PORTRANGEHIGH 56 #define ISC_NET_PORTRANGEHIGH 65535 57 #endif /* ISC_NET_PORTRANGEHIGH */ 58 59 #ifdef HAVE_SYSCTLBYNAME 60 61 /*% 62 * sysctl variants 63 */ 64 #if defined(__FreeBSD__) || defined(__APPLE__) || defined(__DragonFly__) 65 #define USE_SYSCTL_PORTRANGE 66 #define SYSCTL_V4PORTRANGE_LOW "net.inet.ip.portrange.hifirst" 67 #define SYSCTL_V4PORTRANGE_HIGH "net.inet.ip.portrange.hilast" 68 #define SYSCTL_V6PORTRANGE_LOW "net.inet.ip.portrange.hifirst" 69 #define SYSCTL_V6PORTRANGE_HIGH "net.inet.ip.portrange.hilast" 70 #endif 71 72 #ifdef __NetBSD__ 73 #define USE_SYSCTL_PORTRANGE 74 #define SYSCTL_V4PORTRANGE_LOW "net.inet.ip.anonportmin" 75 #define SYSCTL_V4PORTRANGE_HIGH "net.inet.ip.anonportmax" 76 #define SYSCTL_V6PORTRANGE_LOW "net.inet6.ip6.anonportmin" 77 #define SYSCTL_V6PORTRANGE_HIGH "net.inet6.ip6.anonportmax" 78 #endif 79 80 #else /* !HAVE_SYSCTLBYNAME */ 81 82 #ifdef __OpenBSD__ 83 #define USE_SYSCTL_PORTRANGE 84 #define SYSCTL_V4PORTRANGE_LOW { CTL_NET, PF_INET, IPPROTO_IP, \ 85 IPCTL_IPPORT_HIFIRSTAUTO } 86 #define SYSCTL_V4PORTRANGE_HIGH { CTL_NET, PF_INET, IPPROTO_IP, \ 87 IPCTL_IPPORT_HILASTAUTO } 88 /* Same for IPv6 */ 89 #define SYSCTL_V6PORTRANGE_LOW SYSCTL_V4PORTRANGE_LOW 90 #define SYSCTL_V6PORTRANGE_HIGH SYSCTL_V4PORTRANGE_HIGH 91 #endif 92 93 #endif /* HAVE_SYSCTLBYNAME */ 94 95 #if defined(ISC_PLATFORM_NEEDIN6ADDRANY) 96 const struct in6_addr isc_net_in6addrany = IN6ADDR_ANY_INIT; 97 #endif 98 99 #if defined(ISC_PLATFORM_HAVEIPV6) 100 101 # if defined(ISC_PLATFORM_NEEDIN6ADDRLOOPBACK) 102 const struct in6_addr isc_net_in6addrloop = IN6ADDR_LOOPBACK_INIT; 103 # endif 104 105 # if defined(WANT_IPV6) 106 static isc_once_t once_ipv6only = ISC_ONCE_INIT; 107 # endif 108 109 # if defined(ISC_PLATFORM_HAVEIPV6) && \ 110 defined(WANT_IPV6) && defined(ISC_PLATFORM_HAVEIN6PKTINFO) 111 static isc_once_t once_ipv6pktinfo = ISC_ONCE_INIT; 112 # endif 113 #endif /* ISC_PLATFORM_HAVEIPV6 */ 114 115 static isc_once_t once = ISC_ONCE_INIT; 116 117 static isc_result_t ipv4_result = ISC_R_NOTFOUND; 118 static isc_result_t ipv6_result = ISC_R_NOTFOUND; 119 static isc_result_t unix_result = ISC_R_NOTFOUND; 120 static isc_result_t ipv6only_result = ISC_R_NOTFOUND; 121 static isc_result_t ipv6pktinfo_result = ISC_R_NOTFOUND; 122 123 static isc_result_t 124 try_proto(int domain) { 125 int s; 126 isc_result_t result = ISC_R_SUCCESS; 127 char strbuf[ISC_STRERRORSIZE]; 128 129 s = socket(domain, SOCK_STREAM, 0); 130 if (s == -1) { 131 switch (errno) { 132 #ifdef EAFNOSUPPORT 133 case EAFNOSUPPORT: 134 #endif 135 #ifdef EPROTONOSUPPORT 136 case EPROTONOSUPPORT: 137 #endif 138 #ifdef EINVAL 139 case EINVAL: 140 #endif 141 return (ISC_R_NOTFOUND); 142 default: 143 isc__strerror(errno, strbuf, sizeof(strbuf)); 144 UNEXPECTED_ERROR(__FILE__, __LINE__, 145 "socket() %s: %s", 146 isc_msgcat_get(isc_msgcat, 147 ISC_MSGSET_GENERAL, 148 ISC_MSG_FAILED, 149 "failed"), 150 strbuf); 151 return (ISC_R_UNEXPECTED); 152 } 153 } 154 155 #ifdef ISC_PLATFORM_HAVEIPV6 156 #ifdef WANT_IPV6 157 #ifdef ISC_PLATFORM_HAVEIN6PKTINFO 158 if (domain == PF_INET6) { 159 struct sockaddr_in6 sin6; 160 GETSOCKNAME_SOCKLEN_TYPE len; /* NTP local change */ 161 162 /* 163 * Check to see if IPv6 is broken, as is common on Linux. 164 */ 165 len = sizeof(sin6); 166 if (getsockname(s, (struct sockaddr *)&sin6, &len) < 0) 167 { 168 isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL, 169 ISC_LOGMODULE_SOCKET, ISC_LOG_ERROR, 170 "retrieving the address of an IPv6 " 171 "socket from the kernel failed."); 172 isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL, 173 ISC_LOGMODULE_SOCKET, ISC_LOG_ERROR, 174 "IPv6 is not supported."); 175 result = ISC_R_NOTFOUND; 176 } else { 177 if (len == sizeof(struct sockaddr_in6)) 178 result = ISC_R_SUCCESS; 179 else { 180 isc_log_write(isc_lctx, 181 ISC_LOGCATEGORY_GENERAL, 182 ISC_LOGMODULE_SOCKET, 183 ISC_LOG_ERROR, 184 "IPv6 structures in kernel and " 185 "user space do not match."); 186 isc_log_write(isc_lctx, 187 ISC_LOGCATEGORY_GENERAL, 188 ISC_LOGMODULE_SOCKET, 189 ISC_LOG_ERROR, 190 "IPv6 is not supported."); 191 result = ISC_R_NOTFOUND; 192 } 193 } 194 } 195 #endif 196 #endif 197 #endif 198 199 (void)close(s); 200 201 return (result); 202 } 203 204 static void 205 initialize_action(void) { 206 ipv4_result = try_proto(PF_INET); 207 #ifdef ISC_PLATFORM_HAVEIPV6 208 #ifdef WANT_IPV6 209 #ifdef ISC_PLATFORM_HAVEIN6PKTINFO 210 ipv6_result = try_proto(PF_INET6); 211 #endif 212 #endif 213 #endif 214 #ifdef ISC_PLATFORM_HAVESYSUNH 215 unix_result = try_proto(PF_UNIX); 216 #endif 217 } 218 219 static void 220 initialize(void) { 221 RUNTIME_CHECK(isc_once_do(&once, initialize_action) == ISC_R_SUCCESS); 222 } 223 224 isc_result_t 225 isc_net_probeipv4(void) { 226 initialize(); 227 return (ipv4_result); 228 } 229 230 isc_result_t 231 isc_net_probeipv6(void) { 232 initialize(); 233 return (ipv6_result); 234 } 235 236 isc_result_t 237 isc_net_probeunix(void) { 238 initialize(); 239 return (unix_result); 240 } 241 242 #ifdef ISC_PLATFORM_HAVEIPV6 243 #ifdef WANT_IPV6 244 static void 245 try_ipv6only(void) { 246 #ifdef IPV6_V6ONLY 247 int s, on; 248 char strbuf[ISC_STRERRORSIZE]; 249 #endif 250 isc_result_t result; 251 252 result = isc_net_probeipv6(); 253 if (result != ISC_R_SUCCESS) { 254 ipv6only_result = result; 255 return; 256 } 257 258 #ifndef IPV6_V6ONLY 259 ipv6only_result = ISC_R_NOTFOUND; 260 return; 261 #else 262 /* check for TCP sockets */ 263 s = socket(PF_INET6, SOCK_STREAM, 0); 264 if (s == -1) { 265 isc__strerror(errno, strbuf, sizeof(strbuf)); 266 UNEXPECTED_ERROR(__FILE__, __LINE__, 267 "socket() %s: %s", 268 isc_msgcat_get(isc_msgcat, 269 ISC_MSGSET_GENERAL, 270 ISC_MSG_FAILED, 271 "failed"), 272 strbuf); 273 ipv6only_result = ISC_R_UNEXPECTED; 274 return; 275 } 276 277 on = 1; 278 if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) < 0) { 279 ipv6only_result = ISC_R_NOTFOUND; 280 goto close; 281 } 282 283 close(s); 284 285 /* check for UDP sockets */ 286 s = socket(PF_INET6, SOCK_DGRAM, 0); 287 if (s == -1) { 288 isc__strerror(errno, strbuf, sizeof(strbuf)); 289 UNEXPECTED_ERROR(__FILE__, __LINE__, 290 "socket() %s: %s", 291 isc_msgcat_get(isc_msgcat, 292 ISC_MSGSET_GENERAL, 293 ISC_MSG_FAILED, 294 "failed"), 295 strbuf); 296 ipv6only_result = ISC_R_UNEXPECTED; 297 return; 298 } 299 300 on = 1; 301 if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) < 0) { 302 ipv6only_result = ISC_R_NOTFOUND; 303 goto close; 304 } 305 306 ipv6only_result = ISC_R_SUCCESS; 307 308 close: 309 close(s); 310 return; 311 #endif /* IPV6_V6ONLY */ 312 } 313 314 static void 315 initialize_ipv6only(void) { 316 RUNTIME_CHECK(isc_once_do(&once_ipv6only, 317 try_ipv6only) == ISC_R_SUCCESS); 318 } 319 320 #ifdef ISC_PLATFORM_HAVEIN6PKTINFO 321 static void 322 try_ipv6pktinfo(void) { 323 int s, on; 324 char strbuf[ISC_STRERRORSIZE]; 325 isc_result_t result; 326 int optname; 327 328 result = isc_net_probeipv6(); 329 if (result != ISC_R_SUCCESS) { 330 ipv6pktinfo_result = result; 331 return; 332 } 333 334 /* we only use this for UDP sockets */ 335 s = socket(PF_INET6, SOCK_DGRAM, IPPROTO_UDP); 336 if (s == -1) { 337 isc__strerror(errno, strbuf, sizeof(strbuf)); 338 UNEXPECTED_ERROR(__FILE__, __LINE__, 339 "socket() %s: %s", 340 isc_msgcat_get(isc_msgcat, 341 ISC_MSGSET_GENERAL, 342 ISC_MSG_FAILED, 343 "failed"), 344 strbuf); 345 ipv6pktinfo_result = ISC_R_UNEXPECTED; 346 return; 347 } 348 349 #ifdef IPV6_RECVPKTINFO 350 optname = IPV6_RECVPKTINFO; 351 #else 352 optname = IPV6_PKTINFO; 353 #endif 354 on = 1; 355 if (setsockopt(s, IPPROTO_IPV6, optname, &on, sizeof(on)) < 0) { 356 ipv6pktinfo_result = ISC_R_NOTFOUND; 357 goto close; 358 } 359 360 ipv6pktinfo_result = ISC_R_SUCCESS; 361 362 close: 363 close(s); 364 return; 365 } 366 367 static void 368 initialize_ipv6pktinfo(void) { 369 RUNTIME_CHECK(isc_once_do(&once_ipv6pktinfo, 370 try_ipv6pktinfo) == ISC_R_SUCCESS); 371 } 372 #endif /* ISC_PLATFORM_HAVEIN6PKTINFO */ 373 #endif /* WANT_IPV6 */ 374 #endif /* ISC_PLATFORM_HAVEIPV6 */ 375 376 isc_result_t 377 isc_net_probe_ipv6only(void) { 378 #ifdef ISC_PLATFORM_HAVEIPV6 379 #ifdef WANT_IPV6 380 initialize_ipv6only(); 381 #else 382 ipv6only_result = ISC_R_NOTFOUND; 383 #endif 384 #endif 385 return (ipv6only_result); 386 } 387 388 isc_result_t 389 isc_net_probe_ipv6pktinfo(void) { 390 #ifdef ISC_PLATFORM_HAVEIPV6 391 #ifdef ISC_PLATFORM_HAVEIN6PKTINFO 392 #ifdef WANT_IPV6 393 initialize_ipv6pktinfo(); 394 #else 395 ipv6pktinfo_result = ISC_R_NOTFOUND; 396 #endif 397 #endif 398 #endif 399 return (ipv6pktinfo_result); 400 } 401 402 #if defined(USE_SYSCTL_PORTRANGE) 403 #if defined(HAVE_SYSCTLBYNAME) 404 static isc_result_t 405 getudpportrange_sysctl(int af, in_port_t *low, in_port_t *high) { 406 int port_low, port_high; 407 size_t portlen; 408 const char *sysctlname_lowport, *sysctlname_hiport; 409 410 if (af == AF_INET) { 411 sysctlname_lowport = SYSCTL_V4PORTRANGE_LOW; 412 sysctlname_hiport = SYSCTL_V4PORTRANGE_HIGH; 413 } else { 414 sysctlname_lowport = SYSCTL_V6PORTRANGE_LOW; 415 sysctlname_hiport = SYSCTL_V6PORTRANGE_HIGH; 416 } 417 portlen = sizeof(portlen); 418 if (sysctlbyname(sysctlname_lowport, &port_low, &portlen, 419 NULL, 0) < 0) { 420 return (ISC_R_FAILURE); 421 } 422 portlen = sizeof(portlen); 423 if (sysctlbyname(sysctlname_hiport, &port_high, &portlen, 424 NULL, 0) < 0) { 425 return (ISC_R_FAILURE); 426 } 427 if ((port_low & ~0xffff) != 0 || (port_high & ~0xffff) != 0) 428 return (ISC_R_RANGE); 429 430 *low = (in_port_t)port_low; 431 *high = (in_port_t)port_high; 432 433 return (ISC_R_SUCCESS); 434 } 435 #else /* !HAVE_SYSCTLBYNAME */ 436 static isc_result_t 437 getudpportrange_sysctl(int af, in_port_t *low, in_port_t *high) { 438 int mib_lo4[4] = SYSCTL_V4PORTRANGE_LOW; 439 int mib_hi4[4] = SYSCTL_V4PORTRANGE_HIGH; 440 int mib_lo6[4] = SYSCTL_V6PORTRANGE_LOW; 441 int mib_hi6[4] = SYSCTL_V6PORTRANGE_HIGH; 442 int *mib_lo, *mib_hi, miblen; 443 int port_low, port_high; 444 size_t portlen; 445 446 if (af == AF_INET) { 447 mib_lo = mib_lo4; 448 mib_hi = mib_hi4; 449 miblen = sizeof(mib_lo4) / sizeof(mib_lo4[0]); 450 } else { 451 mib_lo = mib_lo6; 452 mib_hi = mib_hi6; 453 miblen = sizeof(mib_lo6) / sizeof(mib_lo6[0]); 454 } 455 456 portlen = sizeof(portlen); 457 if (sysctl(mib_lo, miblen, &port_low, &portlen, NULL, 0) < 0) { 458 return (ISC_R_FAILURE); 459 } 460 461 portlen = sizeof(portlen); 462 if (sysctl(mib_hi, miblen, &port_high, &portlen, NULL, 0) < 0) { 463 return (ISC_R_FAILURE); 464 } 465 466 if ((port_low & ~0xffff) != 0 || (port_high & ~0xffff) != 0) 467 return (ISC_R_RANGE); 468 469 *low = (in_port_t) port_low; 470 *high = (in_port_t) port_high; 471 472 return (ISC_R_SUCCESS); 473 } 474 #endif /* HAVE_SYSCTLBYNAME */ 475 #endif /* USE_SYSCTL_PORTRANGE */ 476 477 isc_result_t 478 isc_net_getudpportrange(int af, in_port_t *low, in_port_t *high) { 479 int result = ISC_R_FAILURE; 480 481 REQUIRE(low != NULL && high != NULL); 482 483 #if defined(USE_SYSCTL_PORTRANGE) 484 result = getudpportrange_sysctl(af, low, high); 485 #else 486 UNUSED(af); 487 #endif 488 489 if (result != ISC_R_SUCCESS) { 490 *low = ISC_NET_PORTRANGELOW; 491 *high = ISC_NET_PORTRANGEHIGH; 492 } 493 494 return (ISC_R_SUCCESS); /* we currently never fail in this function */ 495 } 496 497 void 498 isc_net_disableipv4(void) { 499 initialize(); 500 if (ipv4_result == ISC_R_SUCCESS) 501 ipv4_result = ISC_R_DISABLED; 502 } 503 504 void 505 isc_net_disableipv6(void) { 506 initialize(); 507 if (ipv6_result == ISC_R_SUCCESS) 508 ipv6_result = ISC_R_DISABLED; 509 } 510 511 void 512 isc_net_enableipv4(void) { 513 initialize(); 514 if (ipv4_result == ISC_R_DISABLED) 515 ipv4_result = ISC_R_SUCCESS; 516 } 517 518 void 519 isc_net_enableipv6(void) { 520 initialize(); 521 if (ipv6_result == ISC_R_DISABLED) 522 ipv6_result = ISC_R_SUCCESS; 523 } 524