1 /* $KAME: ip6opt.c,v 1.13 2003/06/06 10:08:20 suz Exp $ */ 2 3 /* 4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the project nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 __FBSDID("$FreeBSD$"); 34 35 #include <sys/param.h> 36 #include <sys/socket.h> 37 38 #include <netinet/in.h> 39 #include <netinet/ip6.h> 40 41 #include <string.h> 42 #include <stdio.h> 43 44 static int ip6optlen(u_int8_t *opt, u_int8_t *lim); 45 static void inet6_insert_padopt(u_char *p, int len); 46 47 #ifndef IPV6_2292HOPOPTS 48 #define IPV6_2292HOPOPTS 22 49 #endif 50 #ifndef IPV6_2292DSTOPTS 51 #define IPV6_2292DSTOPTS 23 52 #endif 53 54 #define is_ipv6_hopopts(x) \ 55 ((x) == IPV6_HOPOPTS || (x) == IPV6_2292HOPOPTS) 56 #define is_ipv6_dstopts(x) \ 57 ((x) == IPV6_DSTOPTS || (x) == IPV6_2292DSTOPTS) 58 59 /* 60 * This function returns the number of bytes required to hold an option 61 * when it is stored as ancillary data, including the cmsghdr structure 62 * at the beginning, and any padding at the end (to make its size a 63 * multiple of 8 bytes). The argument is the size of the structure 64 * defining the option, which must include any pad bytes at the 65 * beginning (the value y in the alignment term "xn + y"), the type 66 * byte, the length byte, and the option data. 67 */ 68 int 69 inet6_option_space(int nbytes) 70 { 71 nbytes += 2; /* we need space for nxt-hdr and length fields */ 72 return(CMSG_SPACE((nbytes + 7) & ~7)); 73 } 74 75 /* 76 * This function is called once per ancillary data object that will 77 * contain either Hop-by-Hop or Destination options. It returns 0 on 78 * success or -1 on an error. 79 */ 80 int 81 inet6_option_init(void *bp, struct cmsghdr **cmsgp, int type) 82 { 83 struct cmsghdr *ch = (struct cmsghdr *)bp; 84 85 /* argument validation */ 86 if (!is_ipv6_hopopts(type) && !is_ipv6_dstopts(type)) 87 return(-1); 88 89 ch->cmsg_level = IPPROTO_IPV6; 90 ch->cmsg_type = type; 91 ch->cmsg_len = CMSG_LEN(0); 92 93 *cmsgp = ch; 94 return(0); 95 } 96 97 /* 98 * This function appends a Hop-by-Hop option or a Destination option 99 * into an ancillary data object that has been initialized by 100 * inet6_option_init(). This function returns 0 if it succeeds or -1 on 101 * an error. 102 * multx is the value x in the alignment term "xn + y" described 103 * earlier. It must have a value of 1, 2, 4, or 8. 104 * plusy is the value y in the alignment term "xn + y" described 105 * earlier. It must have a value between 0 and 7, inclusive. 106 */ 107 int 108 inet6_option_append(struct cmsghdr *cmsg, const u_int8_t *typep, int multx, 109 int plusy) 110 { 111 int padlen, optlen, off; 112 u_char *bp = (u_char *)cmsg + cmsg->cmsg_len; 113 struct ip6_ext *eh = (struct ip6_ext *)CMSG_DATA(cmsg); 114 115 /* argument validation */ 116 if (multx != 1 && multx != 2 && multx != 4 && multx != 8) 117 return(-1); 118 if (plusy < 0 || plusy > 7) 119 return(-1); 120 121 /* 122 * If this is the first option, allocate space for the 123 * first 2 bytes(for next header and length fields) of 124 * the option header. 125 */ 126 if (bp == (u_char *)eh) { 127 bp += 2; 128 cmsg->cmsg_len += 2; 129 } 130 131 /* calculate pad length before the option. */ 132 off = bp - (u_char *)eh; 133 padlen = roundup2(off % multx, multx) - (off % multx); 134 padlen += plusy; 135 padlen %= multx; /* keep the pad as short as possible */ 136 /* insert padding */ 137 inet6_insert_padopt(bp, padlen); 138 cmsg->cmsg_len += padlen; 139 bp += padlen; 140 141 /* copy the option */ 142 if (typep[0] == IP6OPT_PAD1) 143 optlen = 1; 144 else 145 optlen = typep[1] + 2; 146 memcpy(bp, typep, optlen); 147 bp += optlen; 148 cmsg->cmsg_len += optlen; 149 150 /* calculate pad length after the option and insert the padding */ 151 off = bp - (u_char *)eh; 152 padlen = ((off + 7) & ~7) - off; 153 inet6_insert_padopt(bp, padlen); 154 bp += padlen; 155 cmsg->cmsg_len += padlen; 156 157 /* update the length field of the ip6 option header */ 158 eh->ip6e_len = ((bp - (u_char *)eh) >> 3) - 1; 159 160 return(0); 161 } 162 163 /* 164 * This function appends a Hop-by-Hop option or a Destination option 165 * into an ancillary data object that has been initialized by 166 * inet6_option_init(). This function returns a pointer to the 8-bit 167 * option type field that starts the option on success, or NULL on an 168 * error. 169 * The difference between this function and inet6_option_append() is 170 * that the latter copies the contents of a previously built option into 171 * the ancillary data object while the current function returns a 172 * pointer to the space in the data object where the option's TLV must 173 * then be built by the caller. 174 * 175 */ 176 u_int8_t * 177 inet6_option_alloc(struct cmsghdr *cmsg, int datalen, int multx, int plusy) 178 { 179 int padlen, off; 180 u_int8_t *bp = (u_char *)cmsg + cmsg->cmsg_len; 181 u_int8_t *retval; 182 struct ip6_ext *eh = (struct ip6_ext *)CMSG_DATA(cmsg); 183 184 /* argument validation */ 185 if (multx != 1 && multx != 2 && multx != 4 && multx != 8) 186 return(NULL); 187 if (plusy < 0 || plusy > 7) 188 return(NULL); 189 190 /* 191 * If this is the first option, allocate space for the 192 * first 2 bytes(for next header and length fields) of 193 * the option header. 194 */ 195 if (bp == (u_char *)eh) { 196 bp += 2; 197 cmsg->cmsg_len += 2; 198 } 199 200 /* calculate pad length before the option. */ 201 off = bp - (u_char *)eh; 202 padlen = roundup2(off % multx, multx) - 203 (off % multx); 204 padlen += plusy; 205 padlen %= multx; /* keep the pad as short as possible */ 206 /* insert padding */ 207 inet6_insert_padopt(bp, padlen); 208 cmsg->cmsg_len += padlen; 209 bp += padlen; 210 211 /* keep space to store specified length of data */ 212 retval = bp; 213 bp += datalen; 214 cmsg->cmsg_len += datalen; 215 216 /* calculate pad length after the option and insert the padding */ 217 off = bp - (u_char *)eh; 218 padlen = ((off + 7) & ~7) - off; 219 inet6_insert_padopt(bp, padlen); 220 bp += padlen; 221 cmsg->cmsg_len += padlen; 222 223 /* update the length field of the ip6 option header */ 224 eh->ip6e_len = ((bp - (u_char *)eh) >> 3) - 1; 225 226 return(retval); 227 } 228 229 /* 230 * This function processes the next Hop-by-Hop option or Destination 231 * option in an ancillary data object. If another option remains to be 232 * processed, the return value of the function is 0 and *tptrp points to 233 * the 8-bit option type field (which is followed by the 8-bit option 234 * data length, followed by the option data). If no more options remain 235 * to be processed, the return value is -1 and *tptrp is NULL. If an 236 * error occurs, the return value is -1 and *tptrp is not NULL. 237 * (RFC 2292, 6.3.5) 238 */ 239 int 240 inet6_option_next(const struct cmsghdr *cmsg, u_int8_t **tptrp) 241 { 242 struct ip6_ext *ip6e; 243 int hdrlen, optlen; 244 u_int8_t *lim; 245 246 if (cmsg->cmsg_level != IPPROTO_IPV6 || 247 (!is_ipv6_hopopts(cmsg->cmsg_type) && 248 !is_ipv6_dstopts(cmsg->cmsg_type))) 249 return(-1); 250 251 /* message length validation */ 252 if (cmsg->cmsg_len < CMSG_SPACE(sizeof(struct ip6_ext))) 253 return(-1); 254 ip6e = (struct ip6_ext *)CMSG_DATA(cmsg); 255 hdrlen = (ip6e->ip6e_len + 1) << 3; 256 if (cmsg->cmsg_len < CMSG_SPACE(hdrlen)) 257 return(-1); 258 259 /* 260 * If the caller does not specify the starting point, 261 * simply return the 1st option. 262 * Otherwise, search the option list for the next option. 263 */ 264 lim = (u_int8_t *)ip6e + hdrlen; 265 if (*tptrp == NULL) 266 *tptrp = (u_int8_t *)(ip6e + 1); 267 else { 268 if ((optlen = ip6optlen(*tptrp, lim)) == 0) 269 return(-1); 270 271 *tptrp = *tptrp + optlen; 272 } 273 if (*tptrp >= lim) { /* there is no option */ 274 *tptrp = NULL; 275 return(-1); 276 } 277 /* 278 * Finally, checks if the next option is safely stored in the 279 * cmsg data. 280 */ 281 if (ip6optlen(*tptrp, lim) == 0) 282 return(-1); 283 else 284 return(0); 285 } 286 287 /* 288 * This function is similar to the inet6_option_next() function, 289 * except this function lets the caller specify the option type to be 290 * searched for, instead of always returning the next option in the 291 * ancillary data object. 292 * Note: RFC 2292 says the type of tptrp is u_int8_t *, but we think 293 * it's a typo. The variable should be type of u_int8_t **. 294 */ 295 int 296 inet6_option_find(const struct cmsghdr *cmsg, u_int8_t **tptrp, int type) 297 { 298 struct ip6_ext *ip6e; 299 int hdrlen, optlen; 300 u_int8_t *optp, *lim; 301 302 if (cmsg->cmsg_level != IPPROTO_IPV6 || 303 (!is_ipv6_hopopts(cmsg->cmsg_type) && 304 !is_ipv6_dstopts(cmsg->cmsg_type))) 305 return(-1); 306 307 /* message length validation */ 308 if (cmsg->cmsg_len < CMSG_SPACE(sizeof(struct ip6_ext))) 309 return(-1); 310 ip6e = (struct ip6_ext *)CMSG_DATA(cmsg); 311 hdrlen = (ip6e->ip6e_len + 1) << 3; 312 if (cmsg->cmsg_len < CMSG_SPACE(hdrlen)) 313 return(-1); 314 315 /* 316 * If the caller does not specify the starting point, 317 * search from the beginning of the option list. 318 * Otherwise, search from *the next option* of the specified point. 319 */ 320 lim = (u_int8_t *)ip6e + hdrlen; 321 if (*tptrp == NULL) 322 *tptrp = (u_int8_t *)(ip6e + 1); 323 else { 324 if ((optlen = ip6optlen(*tptrp, lim)) == 0) 325 return(-1); 326 327 *tptrp = *tptrp + optlen; 328 } 329 for (optp = *tptrp; optp < lim; optp += optlen) { 330 if (*optp == type) { 331 *tptrp = optp; 332 return(0); 333 } 334 if ((optlen = ip6optlen(optp, lim)) == 0) 335 return(-1); 336 } 337 338 /* search failed */ 339 *tptrp = NULL; 340 return(-1); 341 } 342 343 /* 344 * Calculate the length of a given IPv6 option. Also checks 345 * if the option is safely stored in user's buffer according to the 346 * calculated length and the limitation of the buffer. 347 */ 348 static int 349 ip6optlen(u_int8_t *opt, u_int8_t *lim) 350 { 351 int optlen; 352 353 if (*opt == IP6OPT_PAD1) 354 optlen = 1; 355 else { 356 /* is there enough space to store type and len? */ 357 if (opt + 2 > lim) 358 return(0); 359 optlen = *(opt + 1) + 2; 360 } 361 if (opt + optlen <= lim) 362 return(optlen); 363 364 return(0); 365 } 366 367 static void 368 inet6_insert_padopt(u_char *p, int len) 369 { 370 switch(len) { 371 case 0: 372 return; 373 case 1: 374 p[0] = IP6OPT_PAD1; 375 return; 376 default: 377 p[0] = IP6OPT_PADN; 378 p[1] = len - 2; 379 memset(&p[2], 0, len - 2); 380 return; 381 } 382 } 383 384 /* 385 * The following functions are defined in RFC3542, which is a successor 386 * of RFC2292. 387 */ 388 389 int 390 inet6_opt_init(void *extbuf, socklen_t extlen) 391 { 392 struct ip6_ext *ext = (struct ip6_ext *)extbuf; 393 394 if (ext) { 395 if (extlen <= 0 || (extlen % 8)) 396 return(-1); 397 ext->ip6e_len = (extlen >> 3) - 1; 398 } 399 400 return(2); /* sizeof the next and the length fields */ 401 } 402 403 int 404 inet6_opt_append(void *extbuf, socklen_t extlen, int offset, u_int8_t type, 405 socklen_t len, u_int8_t align, void **databufp) 406 { 407 int currentlen = offset, padlen = 0; 408 409 /* 410 * The option type must have a value from 2 to 255, inclusive. 411 * (0 and 1 are reserved for the Pad1 and PadN options, respectively.) 412 */ 413 if (type < 2) 414 return(-1); 415 416 /* 417 * The option data length must have a value between 0 and 255, 418 * inclusive, and is the length of the option data that follows. 419 */ 420 if (len > 255 || len < 0 ) 421 return(-1); 422 423 /* 424 * The align parameter must have a value of 1, 2, 4, or 8. 425 * The align value can not exceed the value of len. 426 */ 427 if (align != 1 && align != 2 && align != 4 && align != 8) 428 return(-1); 429 if (align > len) 430 return(-1); 431 432 /* Calculate the padding length. */ 433 currentlen += 2 + len; /* 2 means "type + len" */ 434 if (currentlen % align) 435 padlen = align - (currentlen % align); 436 437 /* The option must fit in the extension header buffer. */ 438 currentlen += padlen; 439 if (extlen && /* XXX: right? */ 440 currentlen > extlen) 441 return(-1); 442 443 if (extbuf) { 444 u_int8_t *optp = (u_int8_t *)extbuf + offset; 445 446 if (padlen == 1) { 447 /* insert a Pad1 option */ 448 *optp = IP6OPT_PAD1; 449 optp++; 450 } 451 else if (padlen > 0) { 452 /* insert a PadN option for alignment */ 453 *optp++ = IP6OPT_PADN; 454 *optp++ = padlen - 2; 455 memset(optp, 0, padlen - 2); 456 optp += (padlen - 2); 457 } 458 459 *optp++ = type; 460 *optp++ = len; 461 462 *databufp = optp; 463 } 464 465 return(currentlen); 466 } 467 468 int 469 inet6_opt_finish(void *extbuf, socklen_t extlen, int offset) 470 { 471 int updatelen = offset > 0 ? (1 + ((offset - 1) | 7)) : 0; 472 473 if (extbuf) { 474 u_int8_t *padp; 475 int padlen = updatelen - offset; 476 477 if (updatelen > extlen) 478 return(-1); 479 480 padp = (u_int8_t *)extbuf + offset; 481 if (padlen == 1) 482 *padp = IP6OPT_PAD1; 483 else if (padlen > 0) { 484 *padp++ = IP6OPT_PADN; 485 *padp++ = (padlen - 2); 486 memset(padp, 0, padlen - 2); 487 } 488 } 489 490 return(updatelen); 491 } 492 493 int 494 inet6_opt_set_val(void *databuf, int offset, void *val, socklen_t vallen) 495 { 496 497 memcpy((u_int8_t *)databuf + offset, val, vallen); 498 return(offset + vallen); 499 } 500 501 int 502 inet6_opt_next(void *extbuf, socklen_t extlen, int offset, u_int8_t *typep, 503 socklen_t *lenp, void **databufp) 504 { 505 u_int8_t *optp, *lim; 506 int optlen; 507 508 /* Validate extlen. XXX: is the variable really necessary?? */ 509 if (extlen == 0 || (extlen % 8)) 510 return(-1); 511 lim = (u_int8_t *)extbuf + extlen; 512 513 /* 514 * If this is the first time this function called for this options 515 * header, simply return the 1st option. 516 * Otherwise, search the option list for the next option. 517 */ 518 if (offset == 0) { 519 optp = (u_int8_t *)((struct ip6_hbh *)extbuf + 1); 520 } 521 else 522 optp = (u_int8_t *)extbuf + offset; 523 524 /* Find the next option skipping any padding options. */ 525 while(optp < lim) { 526 switch(*optp) { 527 case IP6OPT_PAD1: 528 optp++; 529 break; 530 case IP6OPT_PADN: 531 if ((optlen = ip6optlen(optp, lim)) == 0) 532 goto optend; 533 optp += optlen; 534 break; 535 default: /* found */ 536 if ((optlen = ip6optlen(optp, lim)) == 0) 537 goto optend; 538 *typep = *optp; 539 *lenp = optlen - 2; 540 *databufp = optp + 2; 541 return(optp + optlen - (u_int8_t *)extbuf); 542 } 543 } 544 545 optend: 546 *databufp = NULL; /* for safety */ 547 return(-1); 548 } 549 550 int 551 inet6_opt_find(void *extbuf, socklen_t extlen, int offset, u_int8_t type, 552 socklen_t *lenp, void **databufp) 553 { 554 u_int8_t *optp, *lim; 555 int optlen; 556 557 /* Validate extlen. XXX: is the variable really necessary?? */ 558 if (extlen == 0 || (extlen % 8)) 559 return(-1); 560 lim = (u_int8_t *)extbuf + extlen; 561 562 /* 563 * If this is the first time this function called for this options 564 * header, simply return the 1st option. 565 * Otherwise, search the option list for the next option. 566 */ 567 if (offset == 0) { 568 optp = (u_int8_t *)((struct ip6_hbh *)extbuf + 1); 569 } 570 else 571 optp = (u_int8_t *)extbuf + offset; 572 573 /* Find the specified option */ 574 while(optp < lim) { 575 if ((optlen = ip6optlen(optp, lim)) == 0) 576 goto optend; 577 578 if (*optp == type) { /* found */ 579 *lenp = optlen - 2; 580 *databufp = optp + 2; 581 return(optp + optlen - (u_int8_t *)extbuf); 582 } 583 584 optp += optlen; 585 } 586 587 optend: 588 *databufp = NULL; /* for safety */ 589 return(-1); 590 } 591 592 int 593 inet6_opt_get_val(void *databuf, int offset, void *val, socklen_t vallen) 594 { 595 596 /* we can't assume alignment here */ 597 memcpy(val, (u_int8_t *)databuf + offset, vallen); 598 599 return(offset + vallen); 600 } 601