1 /*- 2 * Copyright (c) 2001-2007, by Cisco Systems, Inc. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions are met: 6 * 7 * a) Redistributions of source code must retain the above copyright notice, 8 * this list of conditions and the following disclaimer. 9 * 10 * b) Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in 12 * the documentation and/or other materials provided with the distribution. 13 * 14 * c) Neither the name of Cisco Systems, Inc. nor the names of its 15 * contributors may be used to endorse or promote products derived 16 * from this software without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, 20 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 22 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 23 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 24 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 25 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 26 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 27 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 28 * THE POSSIBILITY OF SUCH DAMAGE. 29 */ 30 31 /* $KAME: sctp_asconf.c,v 1.24 2005/03/06 16:04:16 itojun Exp $ */ 32 33 #include <sys/cdefs.h> 34 __FBSDID("$FreeBSD$"); 35 #include <netinet/sctp_os.h> 36 #include <netinet/sctp_var.h> 37 #include <netinet/sctp_sysctl.h> 38 #include <netinet/sctp_pcb.h> 39 #include <netinet/sctp_header.h> 40 #include <netinet/sctputil.h> 41 #include <netinet/sctp_output.h> 42 #include <netinet/sctp_asconf.h> 43 44 /* 45 * debug flags: 46 * SCTP_DEBUG_ASCONF1: protocol info, general info and errors 47 * SCTP_DEBUG_ASCONF2: detailed info 48 */ 49 #ifdef SCTP_DEBUG 50 #endif /* SCTP_DEBUG */ 51 52 53 static void 54 sctp_asconf_get_source_ip(struct mbuf *m, struct sockaddr *sa) 55 { 56 struct ip *iph; 57 struct sockaddr_in *sin; 58 59 #ifdef INET6 60 struct sockaddr_in6 *sin6; 61 62 #endif 63 64 iph = mtod(m, struct ip *); 65 if (iph->ip_v == IPVERSION) { 66 /* IPv4 source */ 67 sin = (struct sockaddr_in *)sa; 68 bzero(sin, sizeof(*sin)); 69 sin->sin_family = AF_INET; 70 sin->sin_len = sizeof(struct sockaddr_in); 71 sin->sin_port = 0; 72 sin->sin_addr.s_addr = iph->ip_src.s_addr; 73 return; 74 } 75 #ifdef INET6 76 else if (iph->ip_v == (IPV6_VERSION >> 4)) { 77 /* IPv6 source */ 78 struct ip6_hdr *ip6; 79 80 sin6 = (struct sockaddr_in6 *)sa; 81 bzero(sin6, sizeof(*sin6)); 82 sin6->sin6_family = AF_INET6; 83 sin6->sin6_len = sizeof(struct sockaddr_in6); 84 sin6->sin6_port = 0; 85 ip6 = mtod(m, struct ip6_hdr *); 86 sin6->sin6_addr = ip6->ip6_src; 87 return; 88 } 89 #endif /* INET6 */ 90 else 91 return; 92 } 93 94 /* 95 * draft-ietf-tsvwg-addip-sctp 96 * 97 * Address management only currently supported For the bound all case: the asoc 98 * local addr list is always a "DO NOT USE" list For the subset bound case: 99 * If ASCONFs are allowed: the endpoint local addr list is the usable address 100 * list the asoc local addr list is the "DO NOT USE" list If ASCONFs are not 101 * allowed: the endpoint local addr list is the default usable list the asoc 102 * local addr list is the usable address list 103 * 104 * An ASCONF parameter queue exists per asoc which holds the pending address 105 * operations. Lists are updated upon receipt of ASCONF-ACK. 106 * 107 * Deleted addresses are always immediately removed from the lists as they will 108 * (shortly) no longer exist in the kernel. We send ASCONFs as a courtesy, 109 * only if allowed. 110 */ 111 112 /* 113 * ASCONF parameter processing response_required: set if a reply is required 114 * (eg. SUCCESS_REPORT) returns a mbuf to an "error" response parameter or 115 * NULL/"success" if ok FIX: allocating this many mbufs on the fly is pretty 116 * inefficient... 117 */ 118 static struct mbuf * 119 sctp_asconf_success_response(uint32_t id) 120 { 121 struct mbuf *m_reply = NULL; 122 struct sctp_asconf_paramhdr *aph; 123 124 m_reply = sctp_get_mbuf_for_msg(sizeof(struct sctp_asconf_paramhdr), 125 0, M_DONTWAIT, 1, MT_DATA); 126 if (m_reply == NULL) { 127 SCTPDBG(SCTP_DEBUG_ASCONF1, 128 "asconf_success_response: couldn't get mbuf!\n"); 129 return NULL; 130 } 131 aph = mtod(m_reply, struct sctp_asconf_paramhdr *); 132 aph->correlation_id = id; 133 aph->ph.param_type = htons(SCTP_SUCCESS_REPORT); 134 aph->ph.param_length = sizeof(struct sctp_asconf_paramhdr); 135 SCTP_BUF_LEN(m_reply) = aph->ph.param_length; 136 aph->ph.param_length = htons(aph->ph.param_length); 137 138 return m_reply; 139 } 140 141 static struct mbuf * 142 sctp_asconf_error_response(uint32_t id, uint16_t cause, uint8_t * error_tlv, 143 uint16_t tlv_length) 144 { 145 struct mbuf *m_reply = NULL; 146 struct sctp_asconf_paramhdr *aph; 147 struct sctp_error_cause *error; 148 uint8_t *tlv; 149 150 m_reply = sctp_get_mbuf_for_msg((sizeof(struct sctp_asconf_paramhdr) + 151 tlv_length + 152 sizeof(struct sctp_error_cause)), 153 0, M_DONTWAIT, 1, MT_DATA); 154 if (m_reply == NULL) { 155 SCTPDBG(SCTP_DEBUG_ASCONF1, 156 "asconf_error_response: couldn't get mbuf!\n"); 157 return NULL; 158 } 159 aph = mtod(m_reply, struct sctp_asconf_paramhdr *); 160 error = (struct sctp_error_cause *)(aph + 1); 161 162 aph->correlation_id = id; 163 aph->ph.param_type = htons(SCTP_ERROR_CAUSE_IND); 164 error->code = htons(cause); 165 error->length = tlv_length + sizeof(struct sctp_error_cause); 166 aph->ph.param_length = error->length + 167 sizeof(struct sctp_asconf_paramhdr); 168 169 if (aph->ph.param_length > MLEN) { 170 SCTPDBG(SCTP_DEBUG_ASCONF1, 171 "asconf_error_response: tlv_length (%xh) too big\n", 172 tlv_length); 173 sctp_m_freem(m_reply); /* discard */ 174 return NULL; 175 } 176 if (error_tlv != NULL) { 177 tlv = (uint8_t *) (error + 1); 178 memcpy(tlv, error_tlv, tlv_length); 179 } 180 SCTP_BUF_LEN(m_reply) = aph->ph.param_length; 181 error->length = htons(error->length); 182 aph->ph.param_length = htons(aph->ph.param_length); 183 184 return m_reply; 185 } 186 187 static struct mbuf * 188 sctp_process_asconf_add_ip(struct mbuf *m, struct sctp_asconf_paramhdr *aph, 189 struct sctp_tcb *stcb, int response_required) 190 { 191 struct mbuf *m_reply = NULL; 192 struct sockaddr_storage sa_source, sa_store; 193 struct sctp_ipv4addr_param *v4addr; 194 uint16_t param_type, param_length, aparam_length; 195 struct sockaddr *sa; 196 struct sockaddr_in *sin; 197 int zero_address = 0; 198 199 #ifdef INET6 200 struct sockaddr_in6 *sin6; 201 struct sctp_ipv6addr_param *v6addr; 202 203 #endif /* INET6 */ 204 205 aparam_length = ntohs(aph->ph.param_length); 206 v4addr = (struct sctp_ipv4addr_param *)(aph + 1); 207 #ifdef INET6 208 v6addr = (struct sctp_ipv6addr_param *)(aph + 1); 209 #endif /* INET6 */ 210 param_type = ntohs(v4addr->ph.param_type); 211 param_length = ntohs(v4addr->ph.param_length); 212 213 sa = (struct sockaddr *)&sa_store; 214 switch (param_type) { 215 case SCTP_IPV4_ADDRESS: 216 if (param_length != sizeof(struct sctp_ipv4addr_param)) { 217 /* invalid param size */ 218 return NULL; 219 } 220 sin = (struct sockaddr_in *)&sa_store; 221 bzero(sin, sizeof(*sin)); 222 sin->sin_family = AF_INET; 223 sin->sin_len = sizeof(struct sockaddr_in); 224 sin->sin_port = stcb->rport; 225 sin->sin_addr.s_addr = v4addr->addr; 226 if (sin->sin_addr.s_addr == INADDR_ANY) 227 zero_address = 1; 228 SCTPDBG(SCTP_DEBUG_ASCONF1, "process_asconf_add_ip: adding "); 229 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, sa); 230 break; 231 case SCTP_IPV6_ADDRESS: 232 #ifdef INET6 233 if (param_length != sizeof(struct sctp_ipv6addr_param)) { 234 /* invalid param size */ 235 return NULL; 236 } 237 sin6 = (struct sockaddr_in6 *)&sa_store; 238 bzero(sin6, sizeof(*sin6)); 239 sin6->sin6_family = AF_INET6; 240 sin6->sin6_len = sizeof(struct sockaddr_in6); 241 sin6->sin6_port = stcb->rport; 242 memcpy((caddr_t)&sin6->sin6_addr, v6addr->addr, 243 sizeof(struct in6_addr)); 244 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) 245 zero_address = 1; 246 SCTPDBG(SCTP_DEBUG_ASCONF1, "process_asconf_add_ip: adding "); 247 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, sa); 248 #else 249 /* IPv6 not enabled! */ 250 /* FIX ME: currently sends back an invalid param error */ 251 m_reply = sctp_asconf_error_response(aph->correlation_id, 252 SCTP_CAUSE_INVALID_PARAM, (uint8_t *) aph, aparam_length); 253 SCTPDBG(SCTP_DEBUG_ASCONF1, 254 "process_asconf_add_ip: v6 disabled- skipping "); 255 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, sa); 256 return m_reply; 257 #endif 258 break; 259 default: 260 m_reply = sctp_asconf_error_response(aph->correlation_id, 261 SCTP_CAUSE_UNRESOLVABLE_ADDR, (uint8_t *) aph, 262 aparam_length); 263 return m_reply; 264 } /* end switch */ 265 266 /* if 0.0.0.0/::0, add the source address instead */ 267 if (zero_address && sctp_nat_friendly) { 268 sa = (struct sockaddr *)&sa_source; 269 sctp_asconf_get_source_ip(m, sa); 270 SCTPDBG(SCTP_DEBUG_ASCONF1, 271 "process_asconf_add_ip: using source addr "); 272 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, sa); 273 } 274 /* add the address */ 275 if (sctp_add_remote_addr(stcb, sa, SCTP_DONOT_SETSCOPE, 276 SCTP_ADDR_DYNAMIC_ADDED) != 0) { 277 SCTPDBG(SCTP_DEBUG_ASCONF1, 278 "process_asconf_add_ip: error adding address\n"); 279 m_reply = sctp_asconf_error_response(aph->correlation_id, 280 SCTP_CAUSE_RESOURCE_SHORTAGE, (uint8_t *) aph, 281 aparam_length); 282 } else { 283 /* notify upper layer */ 284 sctp_ulp_notify(SCTP_NOTIFY_ASCONF_ADD_IP, stcb, 0, sa); 285 if (response_required) { 286 m_reply = 287 sctp_asconf_success_response(aph->correlation_id); 288 } 289 sctp_timer_stop(SCTP_TIMER_TYPE_HEARTBEAT, stcb->sctp_ep, stcb, 290 NULL, SCTP_FROM_SCTP_ASCONF + SCTP_LOC_1); 291 sctp_timer_start(SCTP_TIMER_TYPE_HEARTBEAT, stcb->sctp_ep, 292 stcb, NULL); 293 } 294 295 return m_reply; 296 } 297 298 static int 299 sctp_asconf_del_remote_addrs_except(struct sctp_tcb *stcb, 300 struct sockaddr *src) 301 { 302 struct sctp_nets *src_net, *net; 303 304 /* make sure the source address exists as a destination net */ 305 src_net = sctp_findnet(stcb, src); 306 if (src_net == NULL) { 307 /* not found */ 308 return -1; 309 } 310 /* delete all destination addresses except the source */ 311 TAILQ_FOREACH(net, &stcb->asoc.nets, sctp_next) { 312 if (net != src_net) { 313 /* delete this address */ 314 sctp_remove_net(stcb, net); 315 SCTPDBG(SCTP_DEBUG_ASCONF1, 316 "asconf_del_remote_addrs_except: deleting "); 317 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, 318 (struct sockaddr *)&net->ro._l_addr); 319 /* notify upper layer */ 320 sctp_ulp_notify(SCTP_NOTIFY_ASCONF_DELETE_IP, stcb, 0, 321 (struct sockaddr *)&net->ro._l_addr); 322 } 323 } 324 return 0; 325 } 326 327 static struct mbuf * 328 sctp_process_asconf_delete_ip(struct mbuf *m, struct sctp_asconf_paramhdr *aph, 329 struct sctp_tcb *stcb, int response_required) 330 { 331 struct mbuf *m_reply = NULL; 332 struct sockaddr_storage sa_source, sa_store; 333 struct sctp_ipv4addr_param *v4addr; 334 uint16_t param_type, param_length, aparam_length; 335 struct sockaddr *sa; 336 struct sockaddr_in *sin; 337 int zero_address = 0; 338 int result; 339 340 #ifdef INET6 341 struct sockaddr_in6 *sin6; 342 struct sctp_ipv6addr_param *v6addr; 343 344 #endif /* INET6 */ 345 346 /* get the source IP address for src and 0.0.0.0/::0 delete checks */ 347 sctp_asconf_get_source_ip(m, (struct sockaddr *)&sa_source); 348 349 aparam_length = ntohs(aph->ph.param_length); 350 v4addr = (struct sctp_ipv4addr_param *)(aph + 1); 351 #ifdef INET6 352 v6addr = (struct sctp_ipv6addr_param *)(aph + 1); 353 #endif /* INET6 */ 354 param_type = ntohs(v4addr->ph.param_type); 355 param_length = ntohs(v4addr->ph.param_length); 356 357 sa = (struct sockaddr *)&sa_store; 358 switch (param_type) { 359 case SCTP_IPV4_ADDRESS: 360 if (param_length != sizeof(struct sctp_ipv4addr_param)) { 361 /* invalid param size */ 362 return NULL; 363 } 364 sin = (struct sockaddr_in *)&sa_store; 365 bzero(sin, sizeof(*sin)); 366 sin->sin_family = AF_INET; 367 sin->sin_len = sizeof(struct sockaddr_in); 368 sin->sin_port = stcb->rport; 369 sin->sin_addr.s_addr = v4addr->addr; 370 if (sin->sin_addr.s_addr == INADDR_ANY) 371 zero_address = 1; 372 SCTPDBG(SCTP_DEBUG_ASCONF1, 373 "process_asconf_delete_ip: deleting "); 374 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, sa); 375 break; 376 case SCTP_IPV6_ADDRESS: 377 if (param_length != sizeof(struct sctp_ipv6addr_param)) { 378 /* invalid param size */ 379 return NULL; 380 } 381 #ifdef INET6 382 sin6 = (struct sockaddr_in6 *)&sa_store; 383 bzero(sin6, sizeof(*sin6)); 384 sin6->sin6_family = AF_INET6; 385 sin6->sin6_len = sizeof(struct sockaddr_in6); 386 sin6->sin6_port = stcb->rport; 387 memcpy(&sin6->sin6_addr, v6addr->addr, 388 sizeof(struct in6_addr)); 389 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) 390 zero_address = 1; 391 SCTPDBG(SCTP_DEBUG_ASCONF1, 392 "process_asconf_delete_ip: deleting "); 393 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, sa); 394 #else 395 /* IPv6 not enabled! No "action" needed; just ack it */ 396 SCTPDBG(SCTP_DEBUG_ASCONF1, 397 "process_asconf_delete_ip: v6 disabled- ignoring: "); 398 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, sa); 399 /* just respond with a "success" ASCONF-ACK */ 400 return NULL; 401 #endif 402 break; 403 default: 404 m_reply = sctp_asconf_error_response(aph->correlation_id, 405 SCTP_CAUSE_UNRESOLVABLE_ADDR, (uint8_t *) aph, 406 aparam_length); 407 return m_reply; 408 } 409 410 /* make sure the source address is not being deleted */ 411 if (sctp_cmpaddr(sa, (struct sockaddr *)&sa_source)) { 412 /* trying to delete the source address! */ 413 SCTPDBG(SCTP_DEBUG_ASCONF1, "process_asconf_delete_ip: tried to delete source addr\n"); 414 m_reply = sctp_asconf_error_response(aph->correlation_id, 415 SCTP_CAUSE_DELETING_SRC_ADDR, (uint8_t *) aph, 416 aparam_length); 417 return m_reply; 418 } 419 /* if deleting 0.0.0.0/::0, delete all addresses except src addr */ 420 if (zero_address && sctp_nat_friendly) { 421 result = sctp_asconf_del_remote_addrs_except(stcb, 422 (struct sockaddr *)&sa_source); 423 424 if (result) { 425 /* src address did not exist? */ 426 SCTPDBG(SCTP_DEBUG_ASCONF1, "process_asconf_delete_ip: src addr does not exist?\n"); 427 /* what error to reply with?? */ 428 m_reply = 429 sctp_asconf_error_response(aph->correlation_id, 430 SCTP_CAUSE_REQUEST_REFUSED, (uint8_t *) aph, 431 aparam_length); 432 } else if (response_required) { 433 m_reply = 434 sctp_asconf_success_response(aph->correlation_id); 435 } 436 return m_reply; 437 } 438 /* delete the address */ 439 result = sctp_del_remote_addr(stcb, sa); 440 /* 441 * note if result == -2, the address doesn't exist in the asoc but 442 * since it's being deleted anyways, we just ack the delete -- but 443 * this probably means something has already gone awry 444 */ 445 if (result == -1) { 446 /* only one address in the asoc */ 447 SCTPDBG(SCTP_DEBUG_ASCONF1, "process_asconf_delete_ip: tried to delete last IP addr!\n"); 448 m_reply = sctp_asconf_error_response(aph->correlation_id, 449 SCTP_CAUSE_DELETING_LAST_ADDR, (uint8_t *) aph, 450 aparam_length); 451 } else { 452 if (response_required) { 453 m_reply = sctp_asconf_success_response(aph->correlation_id); 454 } 455 /* notify upper layer */ 456 sctp_ulp_notify(SCTP_NOTIFY_ASCONF_DELETE_IP, stcb, 0, sa); 457 } 458 return m_reply; 459 } 460 461 static struct mbuf * 462 sctp_process_asconf_set_primary(struct mbuf *m, 463 struct sctp_asconf_paramhdr *aph, struct sctp_tcb *stcb, 464 int response_required) 465 { 466 struct mbuf *m_reply = NULL; 467 struct sockaddr_storage sa_source, sa_store; 468 struct sctp_ipv4addr_param *v4addr; 469 uint16_t param_type, param_length, aparam_length; 470 struct sockaddr *sa; 471 struct sockaddr_in *sin; 472 int zero_address = 0; 473 474 #ifdef INET6 475 struct sockaddr_in6 *sin6; 476 struct sctp_ipv6addr_param *v6addr; 477 478 #endif /* INET6 */ 479 480 aparam_length = ntohs(aph->ph.param_length); 481 v4addr = (struct sctp_ipv4addr_param *)(aph + 1); 482 #ifdef INET6 483 v6addr = (struct sctp_ipv6addr_param *)(aph + 1); 484 #endif /* INET6 */ 485 param_type = ntohs(v4addr->ph.param_type); 486 param_length = ntohs(v4addr->ph.param_length); 487 488 sa = (struct sockaddr *)&sa_store; 489 switch (param_type) { 490 case SCTP_IPV4_ADDRESS: 491 if (param_length != sizeof(struct sctp_ipv4addr_param)) { 492 /* invalid param size */ 493 return NULL; 494 } 495 sin = (struct sockaddr_in *)&sa_store; 496 bzero(sin, sizeof(*sin)); 497 sin->sin_family = AF_INET; 498 sin->sin_len = sizeof(struct sockaddr_in); 499 sin->sin_addr.s_addr = v4addr->addr; 500 if (sin->sin_addr.s_addr == INADDR_ANY) 501 zero_address = 1; 502 SCTPDBG(SCTP_DEBUG_ASCONF1, "process_asconf_set_primary: "); 503 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, sa); 504 break; 505 case SCTP_IPV6_ADDRESS: 506 if (param_length != sizeof(struct sctp_ipv6addr_param)) { 507 /* invalid param size */ 508 return NULL; 509 } 510 #ifdef INET6 511 sin6 = (struct sockaddr_in6 *)&sa_store; 512 bzero(sin6, sizeof(*sin6)); 513 sin6->sin6_family = AF_INET6; 514 sin6->sin6_len = sizeof(struct sockaddr_in6); 515 memcpy((caddr_t)&sin6->sin6_addr, v6addr->addr, 516 sizeof(struct in6_addr)); 517 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) 518 zero_address = 1; 519 SCTPDBG(SCTP_DEBUG_ASCONF1, "process_asconf_set_primary: "); 520 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, sa); 521 #else 522 /* IPv6 not enabled! No "action" needed; just ack it */ 523 SCTPDBG(SCTP_DEBUG_ASCONF1, 524 "process_asconf_set_primary: v6 disabled- ignoring: "); 525 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, sa); 526 /* just respond with a "success" ASCONF-ACK */ 527 return NULL; 528 #endif 529 break; 530 default: 531 m_reply = sctp_asconf_error_response(aph->correlation_id, 532 SCTP_CAUSE_UNRESOLVABLE_ADDR, (uint8_t *) aph, 533 aparam_length); 534 return m_reply; 535 } 536 537 /* if 0.0.0.0/::0, use the source address instead */ 538 if (zero_address && sctp_nat_friendly) { 539 sa = (struct sockaddr *)&sa_source; 540 sctp_asconf_get_source_ip(m, sa); 541 SCTPDBG(SCTP_DEBUG_ASCONF1, 542 "process_asconf_set_primary: using source addr "); 543 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, sa); 544 } 545 /* set the primary address */ 546 if (sctp_set_primary_addr(stcb, sa, NULL) == 0) { 547 SCTPDBG(SCTP_DEBUG_ASCONF1, 548 "process_asconf_set_primary: primary address set\n"); 549 /* notify upper layer */ 550 sctp_ulp_notify(SCTP_NOTIFY_ASCONF_SET_PRIMARY, stcb, 0, sa); 551 552 if (response_required) { 553 m_reply = sctp_asconf_success_response(aph->correlation_id); 554 } 555 } else { 556 /* couldn't set the requested primary address! */ 557 SCTPDBG(SCTP_DEBUG_ASCONF1, 558 "process_asconf_set_primary: set primary failed!\n"); 559 /* must have been an invalid address, so report */ 560 m_reply = sctp_asconf_error_response(aph->correlation_id, 561 SCTP_CAUSE_UNRESOLVABLE_ADDR, (uint8_t *) aph, 562 aparam_length); 563 } 564 565 return m_reply; 566 } 567 568 /* 569 * handles an ASCONF chunk. 570 * if all parameters are processed ok, send a plain (empty) ASCONF-ACK 571 */ 572 void 573 sctp_handle_asconf(struct mbuf *m, unsigned int offset, 574 struct sctp_asconf_chunk *cp, struct sctp_tcb *stcb) 575 { 576 struct sctp_association *asoc; 577 uint32_t serial_num; 578 struct mbuf *m_ack, *m_result, *m_tail; 579 struct sctp_asconf_ack_chunk *ack_cp; 580 struct sctp_asconf_paramhdr *aph, *ack_aph; 581 struct sctp_ipv6addr_param *p_addr; 582 unsigned int asconf_limit; 583 int error = 0; /* did an error occur? */ 584 585 /* asconf param buffer */ 586 uint8_t aparam_buf[SCTP_PARAM_BUFFER_SIZE]; 587 588 /* verify minimum length */ 589 if (ntohs(cp->ch.chunk_length) < sizeof(struct sctp_asconf_chunk)) { 590 SCTPDBG(SCTP_DEBUG_ASCONF1, 591 "handle_asconf: chunk too small = %xh\n", 592 ntohs(cp->ch.chunk_length)); 593 return; 594 } 595 asoc = &stcb->asoc; 596 serial_num = ntohl(cp->serial_number); 597 598 if (serial_num == asoc->asconf_seq_in) { 599 /* got a duplicate ASCONF */ 600 SCTPDBG(SCTP_DEBUG_ASCONF1, 601 "handle_asconf: got duplicate serial number = %xh\n", 602 serial_num); 603 /* resend last ASCONF-ACK... */ 604 sctp_send_asconf_ack(stcb, 1); 605 return; 606 } else if (serial_num != (asoc->asconf_seq_in + 1)) { 607 SCTPDBG(SCTP_DEBUG_ASCONF1, "handle_asconf: incorrect serial number = %xh (expected next = %xh)\n", 608 serial_num, asoc->asconf_seq_in + 1); 609 return; 610 } 611 /* it's the expected "next" sequence number, so process it */ 612 asoc->asconf_seq_in = serial_num; /* update sequence */ 613 /* get length of all the param's in the ASCONF */ 614 asconf_limit = offset + ntohs(cp->ch.chunk_length); 615 SCTPDBG(SCTP_DEBUG_ASCONF1, 616 "handle_asconf: asconf_limit=%u, sequence=%xh\n", 617 asconf_limit, serial_num); 618 if (asoc->last_asconf_ack_sent != NULL) { 619 /* free last ASCONF-ACK message sent */ 620 sctp_m_freem(asoc->last_asconf_ack_sent); 621 asoc->last_asconf_ack_sent = NULL; 622 } 623 m_ack = sctp_get_mbuf_for_msg(sizeof(struct sctp_asconf_ack_chunk), 0, 624 M_DONTWAIT, 1, MT_DATA); 625 if (m_ack == NULL) { 626 SCTPDBG(SCTP_DEBUG_ASCONF1, 627 "handle_asconf: couldn't get mbuf!\n"); 628 return; 629 } 630 m_tail = m_ack; /* current reply chain's tail */ 631 632 /* fill in ASCONF-ACK header */ 633 ack_cp = mtod(m_ack, struct sctp_asconf_ack_chunk *); 634 ack_cp->ch.chunk_type = SCTP_ASCONF_ACK; 635 ack_cp->ch.chunk_flags = 0; 636 ack_cp->serial_number = htonl(serial_num); 637 /* set initial lengths (eg. just an ASCONF-ACK), ntohx at the end! */ 638 SCTP_BUF_LEN(m_ack) = sizeof(struct sctp_asconf_ack_chunk); 639 ack_cp->ch.chunk_length = sizeof(struct sctp_asconf_ack_chunk); 640 641 /* skip the lookup address parameter */ 642 offset += sizeof(struct sctp_asconf_chunk); 643 p_addr = (struct sctp_ipv6addr_param *)sctp_m_getptr(m, offset, sizeof(struct sctp_paramhdr), (uint8_t *) & aparam_buf); 644 if (p_addr == NULL) { 645 SCTPDBG(SCTP_DEBUG_ASCONF1, 646 "handle_asconf: couldn't get lookup addr!\n"); 647 /* respond with a missing/invalid mandatory parameter error */ 648 return; 649 } 650 /* param_length is already validated in process_control... */ 651 offset += ntohs(p_addr->ph.param_length); /* skip lookup addr */ 652 653 /* get pointer to first asconf param in ASCONF-ACK */ 654 ack_aph = (struct sctp_asconf_paramhdr *)(mtod(m_ack, caddr_t)+sizeof(struct sctp_asconf_ack_chunk)); 655 if (ack_aph == NULL) { 656 SCTPDBG(SCTP_DEBUG_ASCONF1, "Gak in asconf2\n"); 657 return; 658 } 659 /* get pointer to first asconf param in ASCONF */ 660 aph = (struct sctp_asconf_paramhdr *)sctp_m_getptr(m, offset, sizeof(struct sctp_asconf_paramhdr), (uint8_t *) & aparam_buf); 661 if (aph == NULL) { 662 SCTPDBG(SCTP_DEBUG_ASCONF1, "Empty ASCONF received?\n"); 663 goto send_reply; 664 } 665 /* process through all parameters */ 666 while (aph != NULL) { 667 unsigned int param_length, param_type; 668 669 param_type = ntohs(aph->ph.param_type); 670 param_length = ntohs(aph->ph.param_length); 671 if (offset + param_length > asconf_limit) { 672 /* parameter goes beyond end of chunk! */ 673 sctp_m_freem(m_ack); 674 return; 675 } 676 m_result = NULL; 677 678 if (param_length > sizeof(aparam_buf)) { 679 SCTPDBG(SCTP_DEBUG_ASCONF1, "handle_asconf: param length (%u) larger than buffer size!\n", param_length); 680 sctp_m_freem(m_ack); 681 return; 682 } 683 if (param_length <= sizeof(struct sctp_paramhdr)) { 684 SCTPDBG(SCTP_DEBUG_ASCONF1, "handle_asconf: param length (%u) too short\n", param_length); 685 sctp_m_freem(m_ack); 686 } 687 /* get the entire parameter */ 688 aph = (struct sctp_asconf_paramhdr *)sctp_m_getptr(m, offset, param_length, aparam_buf); 689 if (aph == NULL) { 690 SCTPDBG(SCTP_DEBUG_ASCONF1, "handle_asconf: couldn't get entire param\n"); 691 sctp_m_freem(m_ack); 692 return; 693 } 694 switch (param_type) { 695 case SCTP_ADD_IP_ADDRESS: 696 asoc->peer_supports_asconf = 1; 697 m_result = sctp_process_asconf_add_ip(m, aph, stcb, 698 error); 699 break; 700 case SCTP_DEL_IP_ADDRESS: 701 asoc->peer_supports_asconf = 1; 702 m_result = sctp_process_asconf_delete_ip(m, aph, stcb, 703 error); 704 break; 705 case SCTP_ERROR_CAUSE_IND: 706 /* not valid in an ASCONF chunk */ 707 break; 708 case SCTP_SET_PRIM_ADDR: 709 asoc->peer_supports_asconf = 1; 710 m_result = sctp_process_asconf_set_primary(m, aph, 711 stcb, error); 712 break; 713 case SCTP_SUCCESS_REPORT: 714 /* not valid in an ASCONF chunk */ 715 break; 716 case SCTP_ULP_ADAPTATION: 717 /* FIX */ 718 break; 719 default: 720 if ((param_type & 0x8000) == 0) { 721 /* Been told to STOP at this param */ 722 asconf_limit = offset; 723 /* 724 * FIX FIX - We need to call 725 * sctp_arethere_unrecognized_parameters() 726 * to get a operr and send it for any 727 * param's with the 0x4000 bit set OR do it 728 * here ourselves... note we still must STOP 729 * if the 0x8000 bit is clear. 730 */ 731 } 732 /* unknown/invalid param type */ 733 break; 734 } /* switch */ 735 736 /* add any (error) result to the reply mbuf chain */ 737 if (m_result != NULL) { 738 SCTP_BUF_NEXT(m_tail) = m_result; 739 m_tail = m_result; 740 /* update lengths, make sure it's aligned too */ 741 SCTP_BUF_LEN(m_result) = SCTP_SIZE32(SCTP_BUF_LEN(m_result)); 742 ack_cp->ch.chunk_length += SCTP_BUF_LEN(m_result); 743 /* set flag to force success reports */ 744 error = 1; 745 } 746 offset += SCTP_SIZE32(param_length); 747 /* update remaining ASCONF message length to process */ 748 if (offset >= asconf_limit) { 749 /* no more data in the mbuf chain */ 750 break; 751 } 752 /* get pointer to next asconf param */ 753 aph = (struct sctp_asconf_paramhdr *)sctp_m_getptr(m, offset, 754 sizeof(struct sctp_asconf_paramhdr), 755 (uint8_t *) & aparam_buf); 756 if (aph == NULL) { 757 /* can't get an asconf paramhdr */ 758 SCTPDBG(SCTP_DEBUG_ASCONF1, "handle_asconf: can't get asconf param hdr!\n"); 759 /* FIX ME - add error here... */ 760 } 761 } 762 763 send_reply: 764 ack_cp->ch.chunk_length = htons(ack_cp->ch.chunk_length); 765 /* save the ASCONF-ACK reply */ 766 asoc->last_asconf_ack_sent = m_ack; 767 768 /* see if last_control_chunk_from is set properly (use IP src addr) */ 769 if (stcb->asoc.last_control_chunk_from == NULL) { 770 /* 771 * this could happen if the source address was just newly 772 * added 773 */ 774 struct ip *iph; 775 struct sctphdr *sh; 776 struct sockaddr_storage from_store; 777 struct sockaddr *from = (struct sockaddr *)&from_store; 778 779 SCTPDBG(SCTP_DEBUG_ASCONF1, "handle_asconf: looking up net for IP source address\n"); 780 /* pullup already done, IP options already stripped */ 781 iph = mtod(m, struct ip *); 782 sh = (struct sctphdr *)((caddr_t)iph + sizeof(*iph)); 783 if (iph->ip_v == IPVERSION) { 784 struct sockaddr_in *from4; 785 786 from4 = (struct sockaddr_in *)&from_store; 787 bzero(from4, sizeof(*from4)); 788 from4->sin_family = AF_INET; 789 from4->sin_len = sizeof(struct sockaddr_in); 790 from4->sin_addr.s_addr = iph->ip_src.s_addr; 791 from4->sin_port = sh->src_port; 792 } else if (iph->ip_v == (IPV6_VERSION >> 4)) { 793 struct ip6_hdr *ip6; 794 struct sockaddr_in6 *from6; 795 796 ip6 = mtod(m, struct ip6_hdr *); 797 from6 = (struct sockaddr_in6 *)&from_store; 798 bzero(from6, sizeof(*from6)); 799 from6->sin6_family = AF_INET6; 800 from6->sin6_len = sizeof(struct sockaddr_in6); 801 from6->sin6_addr = ip6->ip6_src; 802 from6->sin6_port = sh->src_port; 803 /* Get the scopes in properly to the sin6 addr's */ 804 /* we probably don't need these operations */ 805 (void)sa6_recoverscope(from6); 806 sa6_embedscope(from6, ip6_use_defzone); 807 } else { 808 /* unknown address type */ 809 from = NULL; 810 } 811 if (from != NULL) { 812 SCTPDBG(SCTP_DEBUG_ASCONF1, "Looking for IP source: "); 813 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, from); 814 /* look up the from address */ 815 stcb->asoc.last_control_chunk_from = sctp_findnet(stcb, from); 816 #ifdef SCTP_DEBUG 817 if (stcb->asoc.last_control_chunk_from == NULL) 818 SCTPDBG(SCTP_DEBUG_ASCONF1, "handle_asconf: IP source address not found?!\n"); 819 #endif 820 } 821 } 822 /* and send it (a new one) out... */ 823 sctp_send_asconf_ack(stcb, 0); 824 } 825 826 /* 827 * does the address match? returns 0 if not, 1 if so 828 */ 829 static uint32_t 830 sctp_asconf_addr_match(struct sctp_asconf_addr *aa, struct sockaddr *sa) 831 { 832 #ifdef INET6 833 if (sa->sa_family == AF_INET6) { 834 /* IPv6 sa address */ 835 /* XXX scopeid */ 836 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; 837 838 if ((aa->ap.addrp.ph.param_type == SCTP_IPV6_ADDRESS) && 839 (memcmp(&aa->ap.addrp.addr, &sin6->sin6_addr, 840 sizeof(struct in6_addr)) == 0)) { 841 return (1); 842 } 843 } else 844 #endif /* INET6 */ 845 if (sa->sa_family == AF_INET) { 846 /* IPv4 sa address */ 847 struct sockaddr_in *sin = (struct sockaddr_in *)sa; 848 849 if ((aa->ap.addrp.ph.param_type == SCTP_IPV4_ADDRESS) && 850 (memcmp(&aa->ap.addrp.addr, &sin->sin_addr, 851 sizeof(struct in_addr)) == 0)) { 852 return (1); 853 } 854 } 855 return (0); 856 } 857 858 /* 859 * Cleanup for non-responded/OP ERR'd ASCONF 860 */ 861 void 862 sctp_asconf_cleanup(struct sctp_tcb *stcb, struct sctp_nets *net) 863 { 864 /* mark peer as ASCONF incapable */ 865 stcb->asoc.peer_supports_asconf = 0; 866 /* 867 * clear out any existing asconfs going out 868 */ 869 sctp_timer_stop(SCTP_TIMER_TYPE_ASCONF, stcb->sctp_ep, stcb, net, 870 SCTP_FROM_SCTP_ASCONF + SCTP_LOC_2); 871 stcb->asoc.asconf_seq_out++; 872 /* remove the old ASCONF on our outbound queue */ 873 sctp_toss_old_asconf(stcb); 874 } 875 876 /* 877 * process an ADD/DELETE IP ack from peer. 878 * addr corresponding sctp_ifa to the address being added/deleted. 879 * type: SCTP_ADD_IP_ADDRESS or SCTP_DEL_IP_ADDRESS. 880 * flag: 1=success, 0=failure. 881 */ 882 static void 883 sctp_asconf_addr_mgmt_ack(struct sctp_tcb *stcb, struct sctp_ifa *addr, 884 uint16_t type, uint32_t flag) 885 { 886 /* 887 * do the necessary asoc list work- if we get a failure indication, 888 * leave the address on the "do not use" asoc list if we get a 889 * success indication, remove the address from the list 890 */ 891 /* 892 * Note: this will only occur for ADD_IP_ADDRESS, since 893 * DEL_IP_ADDRESS is never actually added to the list... 894 */ 895 if (flag) { 896 /* success case, so remove from the list */ 897 sctp_del_local_addr_assoc(stcb, addr); 898 } 899 /* else, leave it on the list */ 900 } 901 902 /* 903 * add an asconf add/delete IP address parameter to the queue. 904 * type = SCTP_ADD_IP_ADDRESS, SCTP_DEL_IP_ADDRESS, SCTP_SET_PRIM_ADDR. 905 * returns 0 if completed, non-zero if not completed. 906 * NOTE: if adding, but delete already scheduled (and not yet sent out), 907 * simply remove from queue. Same for deleting an address already scheduled 908 * for add. If a duplicate operation is found, ignore the new one. 909 */ 910 static uint32_t 911 sctp_asconf_queue_add(struct sctp_tcb *stcb, struct sctp_ifa *ifa, uint16_t type) 912 { 913 struct sctp_asconf_addr *aa, *aa_next; 914 struct sockaddr *sa; 915 916 /* see if peer supports ASCONF */ 917 if (stcb->asoc.peer_supports_asconf == 0) { 918 return (-1); 919 } 920 /* make sure the request isn't already in the queue */ 921 for (aa = TAILQ_FIRST(&stcb->asoc.asconf_queue); aa != NULL; 922 aa = aa_next) { 923 aa_next = TAILQ_NEXT(aa, next); 924 /* address match? */ 925 if (sctp_asconf_addr_match(aa, &ifa->address.sa) == 0) 926 continue; 927 /* is the request already in queue (sent or not) */ 928 if (aa->ap.aph.ph.param_type == type) { 929 return (-1); 930 } 931 /* is the negative request already in queue, and not sent */ 932 if (aa->sent == 0 && 933 /* add requested, delete already queued */ 934 ((type == SCTP_ADD_IP_ADDRESS && 935 aa->ap.aph.ph.param_type == SCTP_DEL_IP_ADDRESS) || 936 /* delete requested, add already queued */ 937 (type == SCTP_DEL_IP_ADDRESS && 938 aa->ap.aph.ph.param_type == SCTP_ADD_IP_ADDRESS))) { 939 /* delete the existing entry in the queue */ 940 TAILQ_REMOVE(&stcb->asoc.asconf_queue, aa, next); 941 /* take the entry off the appropriate list */ 942 sctp_asconf_addr_mgmt_ack(stcb, aa->ifa, type, 1); 943 /* free the entry */ 944 sctp_free_ifa(aa->ifa); 945 SCTP_FREE(aa); 946 return (-1); 947 } 948 } /* for each aa */ 949 950 /* adding new request to the queue */ 951 SCTP_MALLOC(aa, struct sctp_asconf_addr *, sizeof(*aa), "AsconfAddr"); 952 if (aa == NULL) { 953 /* didn't get memory */ 954 SCTPDBG(SCTP_DEBUG_ASCONF1, 955 "asconf_queue_add: failed to get memory!\n"); 956 return (-1); 957 } 958 /* fill in asconf address parameter fields */ 959 /* top level elements are "networked" during send */ 960 aa->ap.aph.ph.param_type = type; 961 aa->ifa = ifa; 962 atomic_add_int(&ifa->refcount, 1); 963 /* correlation_id filled in during send routine later... */ 964 if (ifa->address.sa.sa_family == AF_INET6) { 965 /* IPv6 address */ 966 struct sockaddr_in6 *sin6; 967 968 sin6 = (struct sockaddr_in6 *)&ifa->address.sa; 969 sa = (struct sockaddr *)sin6; 970 aa->ap.addrp.ph.param_type = SCTP_IPV6_ADDRESS; 971 aa->ap.addrp.ph.param_length = (sizeof(struct sctp_ipv6addr_param)); 972 aa->ap.aph.ph.param_length = 973 sizeof(struct sctp_asconf_paramhdr) + 974 sizeof(struct sctp_ipv6addr_param); 975 memcpy(&aa->ap.addrp.addr, &sin6->sin6_addr, 976 sizeof(struct in6_addr)); 977 } else if (ifa->address.sa.sa_family == AF_INET) { 978 /* IPv4 address */ 979 struct sockaddr_in *sin = (struct sockaddr_in *)&ifa->address.sa; 980 981 sa = (struct sockaddr *)sin; 982 aa->ap.addrp.ph.param_type = SCTP_IPV4_ADDRESS; 983 aa->ap.addrp.ph.param_length = (sizeof(struct sctp_ipv4addr_param)); 984 aa->ap.aph.ph.param_length = 985 sizeof(struct sctp_asconf_paramhdr) + 986 sizeof(struct sctp_ipv4addr_param); 987 memcpy(&aa->ap.addrp.addr, &sin->sin_addr, 988 sizeof(struct in_addr)); 989 } else { 990 /* invalid family! */ 991 SCTP_FREE(aa); 992 return (-1); 993 } 994 aa->sent = 0; /* clear sent flag */ 995 996 /* 997 * if we are deleting an address it should go out last otherwise, 998 * add it to front of the pending queue 999 */ 1000 if (type == SCTP_ADD_IP_ADDRESS) { 1001 /* add goes to the front of the queue */ 1002 TAILQ_INSERT_HEAD(&stcb->asoc.asconf_queue, aa, next); 1003 SCTPDBG(SCTP_DEBUG_ASCONF2, 1004 "asconf_queue_add: appended asconf ADD_IP_ADDRESS: "); 1005 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF2, sa); 1006 } else { 1007 /* delete and set primary goes to the back of the queue */ 1008 TAILQ_INSERT_TAIL(&stcb->asoc.asconf_queue, aa, next); 1009 #ifdef SCTP_DEBUG 1010 if (sctp_debug_on && SCTP_DEBUG_ASCONF2) { 1011 if (type == SCTP_DEL_IP_ADDRESS) { 1012 SCTP_PRINTF("asconf_queue_add: inserted asconf DEL_IP_ADDRESS: "); 1013 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF2, sa); 1014 } else { 1015 SCTP_PRINTF("asconf_queue_add: inserted asconf SET_PRIM_ADDR: "); 1016 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF2, sa); 1017 } 1018 } 1019 #endif 1020 } 1021 1022 return (0); 1023 } 1024 1025 /* 1026 * add an asconf add/delete IP address parameter to the queue by addr. 1027 * type = SCTP_ADD_IP_ADDRESS, SCTP_DEL_IP_ADDRESS, SCTP_SET_PRIM_ADDR. 1028 * returns 0 if completed, non-zero if not completed. 1029 * NOTE: if adding, but delete already scheduled (and not yet sent out), 1030 * simply remove from queue. Same for deleting an address already scheduled 1031 * for add. If a duplicate operation is found, ignore the new one. 1032 */ 1033 static uint32_t 1034 sctp_asconf_queue_add_sa(struct sctp_tcb *stcb, struct sockaddr *sa, 1035 uint16_t type) 1036 { 1037 struct sctp_ifa *ifa; 1038 struct sctp_asconf_addr *aa, *aa_next; 1039 uint32_t vrf_id; 1040 1041 if (stcb == NULL) { 1042 return (-1); 1043 } 1044 /* see if peer supports ASCONF */ 1045 if (stcb->asoc.peer_supports_asconf == 0) { 1046 return (-1); 1047 } 1048 /* make sure the request isn't already in the queue */ 1049 for (aa = TAILQ_FIRST(&stcb->asoc.asconf_queue); aa != NULL; 1050 aa = aa_next) { 1051 aa_next = TAILQ_NEXT(aa, next); 1052 /* address match? */ 1053 if (sctp_asconf_addr_match(aa, sa) == 0) 1054 continue; 1055 /* is the request already in queue (sent or not) */ 1056 if (aa->ap.aph.ph.param_type == type) { 1057 return (-1); 1058 } 1059 /* is the negative request already in queue, and not sent */ 1060 if (aa->sent == 1) 1061 continue; 1062 if (type == SCTP_ADD_IP_ADDRESS && 1063 aa->ap.aph.ph.param_type == SCTP_DEL_IP_ADDRESS) { 1064 /* add requested, delete already queued */ 1065 1066 /* delete the existing entry in the queue */ 1067 TAILQ_REMOVE(&stcb->asoc.asconf_queue, aa, next); 1068 /* free the entry */ 1069 sctp_free_ifa(aa->ifa); 1070 SCTP_FREE(aa); 1071 return (-1); 1072 } else if (type == SCTP_DEL_IP_ADDRESS && 1073 aa->ap.aph.ph.param_type == SCTP_ADD_IP_ADDRESS) { 1074 /* delete requested, add already queued */ 1075 1076 /* delete the existing entry in the queue */ 1077 TAILQ_REMOVE(&stcb->asoc.asconf_queue, aa, next); 1078 /* take the entry off the appropriate list */ 1079 sctp_asconf_addr_mgmt_ack(stcb, aa->ifa, type, 1); 1080 /* free the entry */ 1081 sctp_free_ifa(aa->ifa); 1082 SCTP_FREE(aa); 1083 return (-1); 1084 } 1085 } /* for each aa */ 1086 if (stcb) { 1087 vrf_id = stcb->asoc.vrf_id; 1088 } else { 1089 vrf_id = SCTP_DEFAULT_VRFID; 1090 } 1091 1092 ifa = sctp_find_ifa_by_addr(sa, vrf_id, 0); 1093 if (ifa == NULL) { 1094 /* Invalid address */ 1095 return (-1); 1096 } 1097 /* adding new request to the queue */ 1098 SCTP_MALLOC(aa, struct sctp_asconf_addr *, sizeof(*aa), "AsconfAddr"); 1099 if (aa == NULL) { 1100 /* didn't get memory */ 1101 SCTPDBG(SCTP_DEBUG_ASCONF1, 1102 "asconf_queue_add_sa: failed to get memory!\n"); 1103 return (-1); 1104 } 1105 /* fill in asconf address parameter fields */ 1106 /* top level elements are "networked" during send */ 1107 aa->ap.aph.ph.param_type = type; 1108 aa->ifa = ifa; 1109 atomic_add_int(&ifa->refcount, 1); 1110 /* correlation_id filled in during send routine later... */ 1111 if (sa->sa_family == AF_INET6) { 1112 /* IPv6 address */ 1113 struct sockaddr_in6 *sin6; 1114 1115 sin6 = (struct sockaddr_in6 *)sa; 1116 aa->ap.addrp.ph.param_type = SCTP_IPV6_ADDRESS; 1117 aa->ap.addrp.ph.param_length = (sizeof(struct sctp_ipv6addr_param)); 1118 aa->ap.aph.ph.param_length = sizeof(struct sctp_asconf_paramhdr) + sizeof(struct sctp_ipv6addr_param); 1119 memcpy(&aa->ap.addrp.addr, &sin6->sin6_addr, 1120 sizeof(struct in6_addr)); 1121 } else if (sa->sa_family == AF_INET) { 1122 /* IPv4 address */ 1123 struct sockaddr_in *sin = (struct sockaddr_in *)sa; 1124 1125 aa->ap.addrp.ph.param_type = SCTP_IPV4_ADDRESS; 1126 aa->ap.addrp.ph.param_length = (sizeof(struct sctp_ipv4addr_param)); 1127 aa->ap.aph.ph.param_length = sizeof(struct sctp_asconf_paramhdr) + sizeof(struct sctp_ipv4addr_param); 1128 memcpy(&aa->ap.addrp.addr, &sin->sin_addr, 1129 sizeof(struct in_addr)); 1130 } else { 1131 /* invalid family! */ 1132 SCTP_FREE(aa); 1133 return (-1); 1134 } 1135 aa->sent = 0; /* clear sent flag */ 1136 1137 /* 1138 * if we are deleting an address it should go out last otherwise, 1139 * add it to front of the pending queue 1140 */ 1141 if (type == SCTP_ADD_IP_ADDRESS) { 1142 /* add goes to the front of the queue */ 1143 TAILQ_INSERT_HEAD(&stcb->asoc.asconf_queue, aa, next); 1144 } else { 1145 /* delete and set primary goes to the back of the queue */ 1146 TAILQ_INSERT_TAIL(&stcb->asoc.asconf_queue, aa, next); 1147 } 1148 1149 return (0); 1150 } 1151 1152 /* 1153 * find a specific asconf param on our "sent" queue 1154 */ 1155 static struct sctp_asconf_addr * 1156 sctp_asconf_find_param(struct sctp_tcb *stcb, uint32_t correlation_id) 1157 { 1158 struct sctp_asconf_addr *aa; 1159 1160 TAILQ_FOREACH(aa, &stcb->asoc.asconf_queue, next) { 1161 if (aa->ap.aph.correlation_id == correlation_id && 1162 aa->sent == 1) { 1163 /* found it */ 1164 return (aa); 1165 } 1166 } 1167 /* didn't find it */ 1168 return (NULL); 1169 } 1170 1171 /* 1172 * process an SCTP_ERROR_CAUSE_IND for a ASCONF-ACK parameter and do 1173 * notifications based on the error response 1174 */ 1175 static void 1176 sctp_asconf_process_error(struct sctp_tcb *stcb, 1177 struct sctp_asconf_paramhdr *aph) 1178 { 1179 struct sctp_error_cause *eh; 1180 struct sctp_paramhdr *ph; 1181 uint16_t param_type; 1182 uint16_t error_code; 1183 1184 eh = (struct sctp_error_cause *)(aph + 1); 1185 ph = (struct sctp_paramhdr *)(eh + 1); 1186 /* validate lengths */ 1187 if (htons(eh->length) + sizeof(struct sctp_error_cause) > 1188 htons(aph->ph.param_length)) { 1189 /* invalid error cause length */ 1190 SCTPDBG(SCTP_DEBUG_ASCONF1, 1191 "asconf_process_error: cause element too long\n"); 1192 return; 1193 } 1194 if (htons(ph->param_length) + sizeof(struct sctp_paramhdr) > 1195 htons(eh->length)) { 1196 /* invalid included TLV length */ 1197 SCTPDBG(SCTP_DEBUG_ASCONF1, 1198 "asconf_process_error: included TLV too long\n"); 1199 return; 1200 } 1201 /* which error code ? */ 1202 error_code = ntohs(eh->code); 1203 param_type = ntohs(aph->ph.param_type); 1204 /* FIX: this should go back up the REMOTE_ERROR ULP notify */ 1205 switch (error_code) { 1206 case SCTP_CAUSE_RESOURCE_SHORTAGE: 1207 /* we allow ourselves to "try again" for this error */ 1208 break; 1209 default: 1210 /* peer can't handle it... */ 1211 switch (param_type) { 1212 case SCTP_ADD_IP_ADDRESS: 1213 case SCTP_DEL_IP_ADDRESS: 1214 stcb->asoc.peer_supports_asconf = 0; 1215 break; 1216 case SCTP_SET_PRIM_ADDR: 1217 stcb->asoc.peer_supports_asconf = 0; 1218 break; 1219 default: 1220 break; 1221 } 1222 } 1223 } 1224 1225 /* 1226 * process an asconf queue param aparam: parameter to process, will be 1227 * removed from the queue flag: 1=success, 0=failure 1228 */ 1229 static void 1230 sctp_asconf_process_param_ack(struct sctp_tcb *stcb, 1231 struct sctp_asconf_addr *aparam, uint32_t flag) 1232 { 1233 uint16_t param_type; 1234 1235 /* process this param */ 1236 param_type = aparam->ap.aph.ph.param_type; 1237 switch (param_type) { 1238 case SCTP_ADD_IP_ADDRESS: 1239 SCTPDBG(SCTP_DEBUG_ASCONF1, 1240 "process_param_ack: added IP address\n"); 1241 sctp_asconf_addr_mgmt_ack(stcb, aparam->ifa, param_type, flag); 1242 break; 1243 case SCTP_DEL_IP_ADDRESS: 1244 SCTPDBG(SCTP_DEBUG_ASCONF1, 1245 "process_param_ack: deleted IP address\n"); 1246 /* nothing really to do... lists already updated */ 1247 break; 1248 case SCTP_SET_PRIM_ADDR: 1249 /* nothing to do... peer may start using this addr */ 1250 if (flag == 0) 1251 stcb->asoc.peer_supports_asconf = 0; 1252 break; 1253 default: 1254 /* should NEVER happen */ 1255 break; 1256 } 1257 1258 /* remove the param and free it */ 1259 TAILQ_REMOVE(&stcb->asoc.asconf_queue, aparam, next); 1260 sctp_free_ifa(aparam->ifa); 1261 SCTP_FREE(aparam); 1262 } 1263 1264 /* 1265 * cleanup from a bad asconf ack parameter 1266 */ 1267 static void 1268 sctp_asconf_ack_clear(struct sctp_tcb *stcb) 1269 { 1270 /* assume peer doesn't really know how to do asconfs */ 1271 stcb->asoc.peer_supports_asconf = 0; 1272 /* XXX we could free the pending queue here */ 1273 } 1274 1275 void 1276 sctp_handle_asconf_ack(struct mbuf *m, int offset, 1277 struct sctp_asconf_ack_chunk *cp, struct sctp_tcb *stcb, 1278 struct sctp_nets *net) 1279 { 1280 struct sctp_association *asoc; 1281 uint32_t serial_num; 1282 uint16_t ack_length; 1283 struct sctp_asconf_paramhdr *aph; 1284 struct sctp_asconf_addr *aa, *aa_next; 1285 uint32_t last_error_id = 0; /* last error correlation id */ 1286 uint32_t id; 1287 struct sctp_asconf_addr *ap; 1288 1289 /* asconf param buffer */ 1290 uint8_t aparam_buf[SCTP_PARAM_BUFFER_SIZE]; 1291 1292 /* verify minimum length */ 1293 if (ntohs(cp->ch.chunk_length) < sizeof(struct sctp_asconf_ack_chunk)) { 1294 SCTPDBG(SCTP_DEBUG_ASCONF1, 1295 "handle_asconf_ack: chunk too small = %xh\n", 1296 ntohs(cp->ch.chunk_length)); 1297 return; 1298 } 1299 asoc = &stcb->asoc; 1300 serial_num = ntohl(cp->serial_number); 1301 1302 /* 1303 * NOTE: we may want to handle this differently- currently, we will 1304 * abort when we get an ack for the expected serial number + 1 (eg. 1305 * we didn't send it), process an ack normally if it is the expected 1306 * serial number, and re-send the previous ack for *ALL* other 1307 * serial numbers 1308 */ 1309 1310 /* 1311 * if the serial number is the next expected, but I didn't send it, 1312 * abort the asoc, since someone probably just hijacked us... 1313 */ 1314 if (serial_num == (asoc->asconf_seq_out + 1)) { 1315 SCTPDBG(SCTP_DEBUG_ASCONF1, "handle_asconf_ack: got unexpected next serial number! Aborting asoc!\n"); 1316 sctp_abort_an_association(stcb->sctp_ep, stcb, 1317 SCTP_CAUSE_ILLEGAL_ASCONF_ACK, NULL); 1318 return; 1319 } 1320 if (serial_num != asoc->asconf_seq_out) { 1321 /* got a duplicate/unexpected ASCONF-ACK */ 1322 SCTPDBG(SCTP_DEBUG_ASCONF1, "handle_asconf_ack: got duplicate/unexpected serial number = %xh (expected = %xh)\n", 1323 serial_num, asoc->asconf_seq_out); 1324 return; 1325 } 1326 if (stcb->asoc.asconf_sent == 0) { 1327 /* got a unexpected ASCONF-ACK for serial not in flight */ 1328 SCTPDBG(SCTP_DEBUG_ASCONF1, "handle_asconf_ack: got serial number = %xh but not in flight\n", 1329 serial_num); 1330 /* nothing to do... duplicate ACK received */ 1331 return; 1332 } 1333 /* stop our timer */ 1334 sctp_timer_stop(SCTP_TIMER_TYPE_ASCONF, stcb->sctp_ep, stcb, net, 1335 SCTP_FROM_SCTP_ASCONF + SCTP_LOC_3); 1336 1337 /* process the ASCONF-ACK contents */ 1338 ack_length = ntohs(cp->ch.chunk_length) - 1339 sizeof(struct sctp_asconf_ack_chunk); 1340 offset += sizeof(struct sctp_asconf_ack_chunk); 1341 /* process through all parameters */ 1342 while (ack_length >= sizeof(struct sctp_asconf_paramhdr)) { 1343 unsigned int param_length, param_type; 1344 1345 /* get pointer to next asconf parameter */ 1346 aph = (struct sctp_asconf_paramhdr *)sctp_m_getptr(m, offset, 1347 sizeof(struct sctp_asconf_paramhdr), aparam_buf); 1348 if (aph == NULL) { 1349 /* can't get an asconf paramhdr */ 1350 sctp_asconf_ack_clear(stcb); 1351 return; 1352 } 1353 param_type = ntohs(aph->ph.param_type); 1354 param_length = ntohs(aph->ph.param_length); 1355 if (param_length > ack_length) { 1356 sctp_asconf_ack_clear(stcb); 1357 return; 1358 } 1359 if (param_length < sizeof(struct sctp_paramhdr)) { 1360 sctp_asconf_ack_clear(stcb); 1361 return; 1362 } 1363 /* get the complete parameter... */ 1364 if (param_length > sizeof(aparam_buf)) { 1365 SCTPDBG(SCTP_DEBUG_ASCONF1, 1366 "param length (%u) larger than buffer size!\n", param_length); 1367 sctp_asconf_ack_clear(stcb); 1368 return; 1369 } 1370 aph = (struct sctp_asconf_paramhdr *)sctp_m_getptr(m, offset, param_length, aparam_buf); 1371 if (aph == NULL) { 1372 sctp_asconf_ack_clear(stcb); 1373 return; 1374 } 1375 /* correlation_id is transparent to peer, no ntohl needed */ 1376 id = aph->correlation_id; 1377 1378 switch (param_type) { 1379 case SCTP_ERROR_CAUSE_IND: 1380 last_error_id = id; 1381 /* find the corresponding asconf param in our queue */ 1382 ap = sctp_asconf_find_param(stcb, id); 1383 if (ap == NULL) { 1384 /* hmm... can't find this in our queue! */ 1385 break; 1386 } 1387 /* process the parameter, failed flag */ 1388 sctp_asconf_process_param_ack(stcb, ap, 0); 1389 /* process the error response */ 1390 sctp_asconf_process_error(stcb, aph); 1391 break; 1392 case SCTP_SUCCESS_REPORT: 1393 /* find the corresponding asconf param in our queue */ 1394 ap = sctp_asconf_find_param(stcb, id); 1395 if (ap == NULL) { 1396 /* hmm... can't find this in our queue! */ 1397 break; 1398 } 1399 /* process the parameter, success flag */ 1400 sctp_asconf_process_param_ack(stcb, ap, 1); 1401 break; 1402 default: 1403 break; 1404 } /* switch */ 1405 1406 /* update remaining ASCONF-ACK message length to process */ 1407 ack_length -= SCTP_SIZE32(param_length); 1408 if (ack_length <= 0) { 1409 /* no more data in the mbuf chain */ 1410 break; 1411 } 1412 offset += SCTP_SIZE32(param_length); 1413 } /* while */ 1414 1415 /* 1416 * if there are any "sent" params still on the queue, these are 1417 * implicitly "success", or "failed" (if we got an error back) ... 1418 * so process these appropriately 1419 * 1420 * we assume that the correlation_id's are monotonically increasing 1421 * beginning from 1 and that we don't have *that* many outstanding 1422 * at any given time 1423 */ 1424 if (last_error_id == 0) 1425 last_error_id--;/* set to "max" value */ 1426 for (aa = TAILQ_FIRST(&stcb->asoc.asconf_queue); aa != NULL; 1427 aa = aa_next) { 1428 aa_next = TAILQ_NEXT(aa, next); 1429 if (aa->sent == 1) { 1430 /* 1431 * implicitly successful or failed if correlation_id 1432 * < last_error_id, then success else, failure 1433 */ 1434 if (aa->ap.aph.correlation_id < last_error_id) 1435 sctp_asconf_process_param_ack(stcb, aa, 1436 SCTP_SUCCESS_REPORT); 1437 else 1438 sctp_asconf_process_param_ack(stcb, aa, 1439 SCTP_ERROR_CAUSE_IND); 1440 } else { 1441 /* 1442 * since we always process in order (FIFO queue) if 1443 * we reach one that hasn't been sent, the rest 1444 * should not have been sent either. so, we're 1445 * done... 1446 */ 1447 break; 1448 } 1449 } 1450 1451 /* update the next sequence number to use */ 1452 asoc->asconf_seq_out++; 1453 /* remove the old ASCONF on our outbound queue */ 1454 sctp_toss_old_asconf(stcb); 1455 /* clear the sent flag to allow new ASCONFs */ 1456 asoc->asconf_sent = 0; 1457 if (!TAILQ_EMPTY(&stcb->asoc.asconf_queue)) { 1458 /* we have more params, so restart our timer */ 1459 sctp_timer_start(SCTP_TIMER_TYPE_ASCONF, stcb->sctp_ep, 1460 stcb, net); 1461 } 1462 } 1463 1464 static uint32_t 1465 sctp_is_scopeid_in_nets(struct sctp_tcb *stcb, struct sockaddr *sa) 1466 { 1467 struct sockaddr_in6 *sin6, *net6; 1468 struct sctp_nets *net; 1469 1470 if (sa->sa_family != AF_INET6) { 1471 /* wrong family */ 1472 return (0); 1473 } 1474 sin6 = (struct sockaddr_in6 *)sa; 1475 if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr) == 0) { 1476 /* not link local address */ 1477 return (0); 1478 } 1479 /* hunt through our destination nets list for this scope_id */ 1480 TAILQ_FOREACH(net, &stcb->asoc.nets, sctp_next) { 1481 if (((struct sockaddr *)(&net->ro._l_addr))->sa_family != 1482 AF_INET6) 1483 continue; 1484 net6 = (struct sockaddr_in6 *)&net->ro._l_addr; 1485 if (IN6_IS_ADDR_LINKLOCAL(&net6->sin6_addr) == 0) 1486 continue; 1487 if (sctp_is_same_scope(sin6, net6)) { 1488 /* found one */ 1489 return (1); 1490 } 1491 } 1492 /* didn't find one */ 1493 return (0); 1494 } 1495 1496 /* 1497 * address management functions 1498 */ 1499 static void 1500 sctp_addr_mgmt_assoc(struct sctp_inpcb *inp, struct sctp_tcb *stcb, 1501 struct sctp_ifa *ifa, uint16_t type) 1502 { 1503 int status; 1504 1505 1506 if ((inp->sctp_flags & SCTP_PCB_FLAGS_BOUNDALL) == 0 && 1507 sctp_is_feature_off(inp, SCTP_PCB_FLAGS_DO_ASCONF)) { 1508 /* subset bound, no ASCONF allowed case, so ignore */ 1509 return; 1510 } 1511 /* 1512 * note: we know this is not the subset bound, no ASCONF case eg. 1513 * this is boundall or subset bound w/ASCONF allowed 1514 */ 1515 1516 /* first, make sure it's a good address family */ 1517 if (ifa->address.sa.sa_family != AF_INET6 && 1518 ifa->address.sa.sa_family != AF_INET) { 1519 return; 1520 } 1521 /* make sure we're "allowed" to add this type of addr */ 1522 if (ifa->address.sa.sa_family == AF_INET6) { 1523 /* invalid if we're not a v6 endpoint */ 1524 if ((inp->sctp_flags & SCTP_PCB_FLAGS_BOUND_V6) == 0) 1525 return; 1526 /* is the v6 addr really valid ? */ 1527 if (ifa->localifa_flags & SCTP_ADDR_IFA_UNUSEABLE) { 1528 return; 1529 } 1530 } 1531 /* put this address on the "pending/do not use yet" list */ 1532 /* 1533 * Note: we do this primarily for the subset bind case We don't have 1534 * scoping flags at the EP level, so we must add link local/site 1535 * local addresses to the EP, then need to "negate" them here. 1536 * Recall that this routine is only called for the subset bound 1537 * w/ASCONF allowed case. 1538 */ 1539 sctp_add_local_addr_assoc(stcb, ifa, 1); 1540 /* 1541 * check address scope if address is out of scope, don't queue 1542 * anything... note: this would leave the address on both inp and 1543 * asoc lists 1544 */ 1545 if (ifa->address.sa.sa_family == AF_INET6) { 1546 struct sockaddr_in6 *sin6; 1547 1548 sin6 = (struct sockaddr_in6 *)&ifa->address.sin6; 1549 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 1550 /* we skip unspecifed addresses */ 1551 return; 1552 } 1553 if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr)) { 1554 if (stcb->asoc.local_scope == 0) { 1555 return; 1556 } 1557 /* is it the right link local scope? */ 1558 if (sctp_is_scopeid_in_nets(stcb, &ifa->address.sa) == 0) { 1559 return; 1560 } 1561 } 1562 if (stcb->asoc.site_scope == 0 && 1563 IN6_IS_ADDR_SITELOCAL(&sin6->sin6_addr)) { 1564 return; 1565 } 1566 } else if (ifa->address.sa.sa_family == AF_INET) { 1567 struct sockaddr_in *sin; 1568 struct in6pcb *inp6; 1569 1570 inp6 = (struct in6pcb *)&inp->ip_inp.inp; 1571 /* invalid if we are a v6 only endpoint */ 1572 if ((inp->sctp_flags & SCTP_PCB_FLAGS_BOUND_V6) && 1573 SCTP_IPV6_V6ONLY(inp6)) 1574 return; 1575 1576 sin = (struct sockaddr_in *)&ifa->address.sa; 1577 if (sin->sin_addr.s_addr == 0) { 1578 /* we skip unspecifed addresses */ 1579 return; 1580 } 1581 if (stcb->asoc.ipv4_local_scope == 0 && 1582 IN4_ISPRIVATE_ADDRESS(&sin->sin_addr)) { 1583 return; 1584 } 1585 } else { 1586 /* else, not AF_INET or AF_INET6, so skip */ 1587 return; 1588 } 1589 1590 /* queue an asconf for this address add/delete */ 1591 if (sctp_is_feature_on(inp, SCTP_PCB_FLAGS_DO_ASCONF)) { 1592 /* does the peer do asconf? */ 1593 if (stcb->asoc.peer_supports_asconf) { 1594 /* queue an asconf for this addr */ 1595 status = sctp_asconf_queue_add(stcb, ifa, type); 1596 /* 1597 * if queued ok, and in correct state, set the 1598 * ASCONF timer if in non-open state, we will set 1599 * this timer when the state does go open and do all 1600 * the asconf's 1601 */ 1602 if (status == 0 && 1603 SCTP_GET_STATE(&stcb->asoc) == SCTP_STATE_OPEN) { 1604 sctp_timer_start(SCTP_TIMER_TYPE_ASCONF, inp, 1605 stcb, stcb->asoc.primary_destination); 1606 } 1607 } 1608 } 1609 } 1610 1611 1612 int 1613 sctp_iterator_ep(struct sctp_inpcb *inp, void *ptr, uint32_t val) 1614 { 1615 struct sctp_asconf_iterator *asc; 1616 struct sctp_ifa *ifa; 1617 struct sctp_laddr *l; 1618 int type; 1619 int cnt_invalid = 0; 1620 1621 asc = (struct sctp_asconf_iterator *)ptr; 1622 LIST_FOREACH(l, &asc->list_of_work, sctp_nxt_addr) { 1623 ifa = l->ifa; 1624 type = l->action; 1625 if (ifa->address.sa.sa_family == AF_INET6) { 1626 /* invalid if we're not a v6 endpoint */ 1627 if ((inp->sctp_flags & SCTP_PCB_FLAGS_BOUND_V6) == 0) { 1628 cnt_invalid++; 1629 if (asc->cnt == cnt_invalid) 1630 return (1); 1631 else 1632 continue; 1633 } 1634 } else if (ifa->address.sa.sa_family == AF_INET) { 1635 /* invalid if we are a v6 only endpoint */ 1636 struct in6pcb *inp6; 1637 1638 inp6 = (struct in6pcb *)&inp->ip_inp.inp; 1639 if ((inp->sctp_flags & SCTP_PCB_FLAGS_BOUND_V6) && 1640 SCTP_IPV6_V6ONLY(inp6)) { 1641 cnt_invalid++; 1642 if (asc->cnt == cnt_invalid) 1643 return (1); 1644 else 1645 continue; 1646 } 1647 } else { 1648 /* invalid address family */ 1649 cnt_invalid++; 1650 if (asc->cnt == cnt_invalid) 1651 return (1); 1652 else 1653 continue; 1654 } 1655 } 1656 return (0); 1657 } 1658 1659 int 1660 sctp_iterator_ep_end(struct sctp_inpcb *inp, void *ptr, uint32_t val) 1661 { 1662 struct sctp_ifa *ifa; 1663 struct sctp_asconf_iterator *asc; 1664 struct sctp_laddr *laddr, *nladdr, *l; 1665 1666 /* Only for specific case not bound all */ 1667 asc = (struct sctp_asconf_iterator *)ptr; 1668 LIST_FOREACH(l, &asc->list_of_work, sctp_nxt_addr) { 1669 ifa = l->ifa; 1670 if (l->action == SCTP_ADD_IP_ADDRESS) { 1671 LIST_FOREACH(laddr, &inp->sctp_addr_list, 1672 sctp_nxt_addr) { 1673 if (laddr->ifa == ifa) { 1674 laddr->action = 0; 1675 break; 1676 } 1677 } 1678 } else if (l->action == SCTP_DEL_IP_ADDRESS) { 1679 laddr = LIST_FIRST(&inp->sctp_addr_list); 1680 while (laddr) { 1681 nladdr = LIST_NEXT(laddr, sctp_nxt_addr); 1682 /* remove only after all guys are done */ 1683 if (laddr->ifa == ifa) { 1684 sctp_del_local_addr_ep(inp, ifa); 1685 } 1686 laddr = nladdr; 1687 } 1688 } 1689 } 1690 return (0); 1691 } 1692 1693 void 1694 sctp_iterator_stcb(struct sctp_inpcb *inp, struct sctp_tcb *stcb, void *ptr, 1695 uint32_t val) 1696 { 1697 struct sctp_asconf_iterator *asc; 1698 struct sctp_ifa *ifa; 1699 struct sctp_laddr *l; 1700 int cnt_invalid = 0; 1701 int type, status; 1702 1703 asc = (struct sctp_asconf_iterator *)ptr; 1704 LIST_FOREACH(l, &asc->list_of_work, sctp_nxt_addr) { 1705 ifa = l->ifa; 1706 type = l->action; 1707 /* Same checks again for assoc */ 1708 if (ifa->address.sa.sa_family == AF_INET6) { 1709 /* invalid if we're not a v6 endpoint */ 1710 struct sockaddr_in6 *sin6; 1711 1712 if ((inp->sctp_flags & SCTP_PCB_FLAGS_BOUND_V6) == 0) { 1713 cnt_invalid++; 1714 if (asc->cnt == cnt_invalid) 1715 return; 1716 else 1717 continue; 1718 } 1719 sin6 = (struct sockaddr_in6 *)&ifa->address.sin6; 1720 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 1721 /* we skip unspecifed addresses */ 1722 continue; 1723 } 1724 if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr)) { 1725 if (stcb->asoc.local_scope == 0) { 1726 continue; 1727 } 1728 /* is it the right link local scope? */ 1729 if (sctp_is_scopeid_in_nets(stcb, &ifa->address.sa) == 0) { 1730 continue; 1731 } 1732 } 1733 } else if (ifa->address.sa.sa_family == AF_INET) { 1734 /* invalid if we are a v6 only endpoint */ 1735 struct in6pcb *inp6; 1736 struct sockaddr_in *sin; 1737 1738 inp6 = (struct in6pcb *)&inp->ip_inp.inp; 1739 /* invalid if we are a v6 only endpoint */ 1740 if ((inp->sctp_flags & SCTP_PCB_FLAGS_BOUND_V6) && 1741 SCTP_IPV6_V6ONLY(inp6)) 1742 continue; 1743 1744 sin = (struct sockaddr_in *)&ifa->address.sa; 1745 if (sin->sin_addr.s_addr == 0) { 1746 /* we skip unspecifed addresses */ 1747 continue; 1748 } 1749 if (stcb->asoc.ipv4_local_scope == 0 && 1750 IN4_ISPRIVATE_ADDRESS(&sin->sin_addr)) { 1751 continue;; 1752 } 1753 if ((inp->sctp_flags & SCTP_PCB_FLAGS_BOUND_V6) && 1754 SCTP_IPV6_V6ONLY(inp6)) { 1755 cnt_invalid++; 1756 if (asc->cnt == cnt_invalid) 1757 return; 1758 else 1759 continue; 1760 } 1761 } else { 1762 /* invalid address family */ 1763 cnt_invalid++; 1764 if (asc->cnt == cnt_invalid) 1765 return; 1766 else 1767 continue; 1768 } 1769 1770 /* put this address on the "pending/do not use yet" list */ 1771 if (type == SCTP_ADD_IP_ADDRESS) { 1772 sctp_add_local_addr_assoc(stcb, ifa, 1); 1773 } else if (type == SCTP_DEL_IP_ADDRESS) { 1774 struct sctp_nets *net; 1775 1776 TAILQ_FOREACH(net, &stcb->asoc.nets, sctp_next) { 1777 sctp_rtentry_t *rt; 1778 1779 /* delete this address if cached */ 1780 if (net->ro._s_addr && 1781 (net->ro._s_addr->ifa == ifa)) { 1782 sctp_free_ifa(net->ro._s_addr); 1783 net->ro._s_addr = NULL; 1784 net->src_addr_selected = 0; 1785 rt = net->ro.ro_rt; 1786 if (rt) { 1787 RTFREE(rt); 1788 net->ro.ro_rt = NULL; 1789 } 1790 /* 1791 * Now we deleted our src address, 1792 * should we not also now reset the 1793 * cwnd/rto to start as if its a new 1794 * address? 1795 */ 1796 sctp_set_initial_cc_param(stcb, net); 1797 net->RTO = stcb->asoc.initial_rto; 1798 1799 } 1800 } 1801 } else if (type == SCTP_SET_PRIM_ADDR) { 1802 if ((stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_BOUNDALL) == 0) { 1803 /* 1804 * must validate the ifa in question is in 1805 * the ep 1806 */ 1807 if (sctp_is_addr_in_ep(stcb->sctp_ep, ifa) == 0) { 1808 continue; 1809 } 1810 } else { 1811 /* Need to check scopes for this guy */ 1812 if (sctp_is_address_in_scope(ifa, 1813 stcb->asoc.ipv4_addr_legal, 1814 stcb->asoc.ipv6_addr_legal, 1815 stcb->asoc.loopback_scope, 1816 stcb->asoc.ipv4_local_scope, 1817 stcb->asoc.local_scope, 1818 stcb->asoc.site_scope, 0) == 0) { 1819 continue; 1820 } 1821 } 1822 1823 } 1824 /* queue an asconf for this address add/delete */ 1825 if (sctp_is_feature_on(inp, SCTP_PCB_FLAGS_DO_ASCONF)) { 1826 /* does the peer do asconf? */ 1827 if (stcb->asoc.peer_supports_asconf) { 1828 /* queue an asconf for this addr */ 1829 status = sctp_asconf_queue_add(stcb, ifa, type); 1830 /* 1831 * if queued ok, and in correct state, set 1832 * the ASCONF timer if in non-open state, we 1833 * will set this timer when the state does 1834 * go open and do all the asconf's 1835 */ 1836 if (status == 0 && 1837 SCTP_GET_STATE(&stcb->asoc) == SCTP_STATE_OPEN) { 1838 sctp_timer_start(SCTP_TIMER_TYPE_ASCONF, inp, 1839 stcb, stcb->asoc.primary_destination); 1840 } 1841 } 1842 } 1843 } 1844 } 1845 1846 void 1847 sctp_iterator_end(void *ptr, uint32_t val) 1848 { 1849 struct sctp_asconf_iterator *asc; 1850 struct sctp_ifa *ifa; 1851 struct sctp_laddr *l, *l_next; 1852 1853 asc = (struct sctp_asconf_iterator *)ptr; 1854 l = LIST_FIRST(&asc->list_of_work); 1855 while (l != NULL) { 1856 l_next = LIST_NEXT(l, sctp_nxt_addr); 1857 ifa = l->ifa; 1858 if (l->action == SCTP_ADD_IP_ADDRESS) { 1859 /* Clear the defer use flag */ 1860 ifa->localifa_flags &= ~SCTP_ADDR_DEFER_USE; 1861 } 1862 sctp_free_ifa(ifa); 1863 SCTP_ZONE_FREE(sctppcbinfo.ipi_zone_laddr, l); 1864 SCTP_DECR_LADDR_COUNT(); 1865 l = l_next; 1866 } 1867 SCTP_FREE(asc); 1868 } 1869 1870 /* 1871 * sa is the sockaddr to ask the peer to set primary to returns: 0 = 1872 * completed, -1 = error 1873 */ 1874 int32_t 1875 sctp_set_primary_ip_address_sa(struct sctp_tcb *stcb, struct sockaddr *sa) 1876 { 1877 /* NOTE: we currently don't check the validity of the address! */ 1878 1879 /* queue an ASCONF:SET_PRIM_ADDR to be sent */ 1880 if (!sctp_asconf_queue_add_sa(stcb, sa, SCTP_SET_PRIM_ADDR)) { 1881 /* set primary queuing succeeded */ 1882 if (SCTP_GET_STATE(&stcb->asoc) == SCTP_STATE_OPEN) { 1883 sctp_timer_start(SCTP_TIMER_TYPE_ASCONF, 1884 stcb->sctp_ep, stcb, 1885 stcb->asoc.primary_destination); 1886 } 1887 SCTPDBG(SCTP_DEBUG_ASCONF1, 1888 "set_primary_ip_address_sa: queued on tcb=%p, ", 1889 stcb); 1890 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, sa); 1891 } else { 1892 SCTPDBG(SCTP_DEBUG_ASCONF1, "set_primary_ip_address_sa: failed to add to queue on tcb=%p, ", 1893 stcb); 1894 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, sa); 1895 return (-1); 1896 } 1897 return (0); 1898 } 1899 1900 void 1901 sctp_set_primary_ip_address(struct sctp_ifa *ifa) 1902 { 1903 struct sctp_inpcb *inp; 1904 1905 /* go through all our PCB's */ 1906 LIST_FOREACH(inp, &sctppcbinfo.listhead, sctp_list) { 1907 struct sctp_tcb *stcb; 1908 1909 /* process for all associations for this endpoint */ 1910 LIST_FOREACH(stcb, &inp->sctp_asoc_list, sctp_tcblist) { 1911 /* queue an ASCONF:SET_PRIM_ADDR to be sent */ 1912 if (!sctp_asconf_queue_add(stcb, ifa, 1913 SCTP_SET_PRIM_ADDR)) { 1914 /* set primary queuing succeeded */ 1915 if (SCTP_GET_STATE(&stcb->asoc) == 1916 SCTP_STATE_OPEN) { 1917 sctp_timer_start(SCTP_TIMER_TYPE_ASCONF, 1918 stcb->sctp_ep, stcb, 1919 stcb->asoc.primary_destination); 1920 } 1921 SCTPDBG(SCTP_DEBUG_ASCONF1, "set_primary_ip_address: queued on stcb=%p, ", 1922 stcb); 1923 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, &ifa->address.sa); 1924 } 1925 } /* for each stcb */ 1926 } /* for each inp */ 1927 } 1928 1929 static struct sockaddr * 1930 sctp_find_valid_localaddr(struct sctp_tcb *stcb) 1931 { 1932 struct sctp_vrf *vrf = NULL; 1933 struct sctp_ifn *sctp_ifn; 1934 struct sctp_ifa *sctp_ifa; 1935 1936 vrf = sctp_find_vrf(stcb->asoc.vrf_id); 1937 if (vrf == NULL) { 1938 return (NULL); 1939 } 1940 LIST_FOREACH(sctp_ifn, &vrf->ifnlist, next_ifn) { 1941 if (stcb->asoc.loopback_scope == 0 && 1942 SCTP_IFN_IS_IFT_LOOP(sctp_ifn)) { 1943 /* Skip if loopback_scope not set */ 1944 continue; 1945 } 1946 LIST_FOREACH(sctp_ifa, &sctp_ifn->ifalist, next_ifa) { 1947 if (sctp_ifa->address.sa.sa_family == AF_INET && 1948 stcb->asoc.ipv4_addr_legal) { 1949 struct sockaddr_in *sin; 1950 1951 sin = (struct sockaddr_in *)&sctp_ifa->address.sa; 1952 if (sin->sin_addr.s_addr == 0) { 1953 /* skip unspecifed addresses */ 1954 continue; 1955 } 1956 if (stcb->asoc.ipv4_local_scope == 0 && 1957 IN4_ISPRIVATE_ADDRESS(&sin->sin_addr)) 1958 continue; 1959 1960 if (sctp_is_addr_restricted(stcb, sctp_ifa)) 1961 continue; 1962 /* found a valid local v4 address to use */ 1963 return (&sctp_ifa->address.sa); 1964 } else if (sctp_ifa->address.sa.sa_family == AF_INET6 && 1965 stcb->asoc.ipv6_addr_legal) { 1966 struct sockaddr_in6 *sin6; 1967 1968 if (sctp_ifa->localifa_flags & SCTP_ADDR_IFA_UNUSEABLE) { 1969 continue; 1970 } 1971 sin6 = (struct sockaddr_in6 *)&sctp_ifa->address.sa; 1972 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 1973 /* we skip unspecifed addresses */ 1974 continue; 1975 } 1976 if (stcb->asoc.local_scope == 0 && 1977 IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr)) 1978 continue; 1979 if (stcb->asoc.site_scope == 0 && 1980 IN6_IS_ADDR_SITELOCAL(&sin6->sin6_addr)) 1981 continue; 1982 1983 /* found a valid local v6 address to use */ 1984 return (&sctp_ifa->address.sa); 1985 } 1986 } 1987 } 1988 /* no valid addresses found */ 1989 return (NULL); 1990 } 1991 1992 static struct sockaddr * 1993 sctp_find_valid_localaddr_ep(struct sctp_tcb *stcb) 1994 { 1995 struct sctp_laddr *laddr; 1996 1997 LIST_FOREACH(laddr, &stcb->sctp_ep->sctp_addr_list, sctp_nxt_addr) { 1998 if (laddr->ifa == NULL) { 1999 continue; 2000 } 2001 if (laddr->ifa == NULL) { 2002 continue; 2003 } 2004 /* is the address restricted ? */ 2005 if (sctp_is_addr_restricted(stcb, laddr->ifa)) 2006 continue; 2007 2008 /* found a valid local address to use */ 2009 return (&laddr->ifa->address.sa); 2010 } 2011 /* no valid addresses found */ 2012 return (NULL); 2013 } 2014 2015 /* 2016 * builds an ASCONF chunk from queued ASCONF params returns NULL on error (no 2017 * mbuf, no ASCONF params queued, etc) 2018 */ 2019 struct mbuf * 2020 sctp_compose_asconf(struct sctp_tcb *stcb, int *retlen) 2021 { 2022 struct mbuf *m_asconf, *m_asconf_chk; 2023 struct sctp_asconf_addr *aa; 2024 struct sctp_asconf_chunk *acp; 2025 struct sctp_asconf_paramhdr *aph; 2026 struct sctp_asconf_addr_param *aap; 2027 uint32_t p_length; 2028 uint32_t correlation_id = 1; /* 0 is reserved... */ 2029 caddr_t ptr, lookup_ptr; 2030 uint8_t lookup_used = 0; 2031 2032 /* are there any asconf params to send? */ 2033 if (TAILQ_EMPTY(&stcb->asoc.asconf_queue)) { 2034 return (NULL); 2035 } 2036 /* 2037 * get a chunk header mbuf and a cluster for the asconf params since 2038 * it's simpler to fill in the asconf chunk header lookup address on 2039 * the fly 2040 */ 2041 m_asconf_chk = sctp_get_mbuf_for_msg(sizeof(struct sctp_asconf_chunk), 0, M_DONTWAIT, 1, MT_DATA); 2042 if (m_asconf_chk == NULL) { 2043 /* no mbuf's */ 2044 SCTPDBG(SCTP_DEBUG_ASCONF1, 2045 "compose_asconf: couldn't get chunk mbuf!\n"); 2046 return (NULL); 2047 } 2048 m_asconf = sctp_get_mbuf_for_msg(MCLBYTES, 0, M_DONTWAIT, 1, MT_DATA); 2049 if (m_asconf == NULL) { 2050 /* no mbuf's */ 2051 SCTPDBG(SCTP_DEBUG_ASCONF1, 2052 "compose_asconf: couldn't get mbuf!\n"); 2053 sctp_m_freem(m_asconf_chk); 2054 return (NULL); 2055 } 2056 SCTP_BUF_LEN(m_asconf_chk) = sizeof(struct sctp_asconf_chunk); 2057 SCTP_BUF_LEN(m_asconf) = 0; 2058 acp = mtod(m_asconf_chk, struct sctp_asconf_chunk *); 2059 bzero(acp, sizeof(struct sctp_asconf_chunk)); 2060 /* save pointers to lookup address and asconf params */ 2061 lookup_ptr = (caddr_t)(acp + 1); /* after the header */ 2062 ptr = mtod(m_asconf, caddr_t); /* beginning of cluster */ 2063 2064 /* fill in chunk header info */ 2065 acp->ch.chunk_type = SCTP_ASCONF; 2066 acp->ch.chunk_flags = 0; 2067 acp->serial_number = htonl(stcb->asoc.asconf_seq_out); 2068 2069 /* add parameters... up to smallest MTU allowed */ 2070 TAILQ_FOREACH(aa, &stcb->asoc.asconf_queue, next) { 2071 /* get the parameter length */ 2072 p_length = SCTP_SIZE32(aa->ap.aph.ph.param_length); 2073 /* will it fit in current chunk? */ 2074 if (SCTP_BUF_LEN(m_asconf) + p_length > stcb->asoc.smallest_mtu) { 2075 /* won't fit, so we're done with this chunk */ 2076 break; 2077 } 2078 /* assign (and store) a correlation id */ 2079 aa->ap.aph.correlation_id = correlation_id++; 2080 2081 /* 2082 * fill in address if we're doing a delete this is a simple 2083 * way for us to fill in the correlation address, which 2084 * should only be used by the peer if we're deleting our 2085 * source address and adding a new address (e.g. renumbering 2086 * case) 2087 */ 2088 if (lookup_used == 0 && 2089 aa->ap.aph.ph.param_type == SCTP_DEL_IP_ADDRESS) { 2090 struct sctp_ipv6addr_param *lookup; 2091 uint16_t p_size, addr_size; 2092 2093 lookup = (struct sctp_ipv6addr_param *)lookup_ptr; 2094 lookup->ph.param_type = 2095 htons(aa->ap.addrp.ph.param_type); 2096 if (aa->ap.addrp.ph.param_type == SCTP_IPV6_ADDRESS) { 2097 /* copy IPv6 address */ 2098 p_size = sizeof(struct sctp_ipv6addr_param); 2099 addr_size = sizeof(struct in6_addr); 2100 } else { 2101 /* copy IPv4 address */ 2102 p_size = sizeof(struct sctp_ipv4addr_param); 2103 addr_size = sizeof(struct in_addr); 2104 } 2105 lookup->ph.param_length = htons(SCTP_SIZE32(p_size)); 2106 memcpy(lookup->addr, &aa->ap.addrp.addr, addr_size); 2107 SCTP_BUF_LEN(m_asconf_chk) += SCTP_SIZE32(p_size); 2108 lookup_used = 1; 2109 } 2110 /* copy into current space */ 2111 memcpy(ptr, &aa->ap, p_length); 2112 2113 /* network elements and update lengths */ 2114 aph = (struct sctp_asconf_paramhdr *)ptr; 2115 aap = (struct sctp_asconf_addr_param *)ptr; 2116 /* correlation_id is transparent to peer, no htonl needed */ 2117 aph->ph.param_type = htons(aph->ph.param_type); 2118 aph->ph.param_length = htons(aph->ph.param_length); 2119 aap->addrp.ph.param_type = htons(aap->addrp.ph.param_type); 2120 aap->addrp.ph.param_length = htons(aap->addrp.ph.param_length); 2121 2122 SCTP_BUF_LEN(m_asconf) += SCTP_SIZE32(p_length); 2123 ptr += SCTP_SIZE32(p_length); 2124 2125 /* 2126 * these params are removed off the pending list upon 2127 * getting an ASCONF-ACK back from the peer, just set flag 2128 */ 2129 aa->sent = 1; 2130 } 2131 /* check to see if the lookup addr has been populated yet */ 2132 if (lookup_used == 0) { 2133 /* NOTE: if the address param is optional, can skip this... */ 2134 /* add any valid (existing) address... */ 2135 struct sctp_ipv6addr_param *lookup; 2136 uint16_t p_size, addr_size; 2137 struct sockaddr *found_addr; 2138 caddr_t addr_ptr; 2139 2140 if (stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_BOUNDALL) 2141 found_addr = sctp_find_valid_localaddr(stcb); 2142 else 2143 found_addr = sctp_find_valid_localaddr_ep(stcb); 2144 2145 lookup = (struct sctp_ipv6addr_param *)lookup_ptr; 2146 if (found_addr != NULL) { 2147 if (found_addr->sa_family == AF_INET6) { 2148 /* copy IPv6 address */ 2149 lookup->ph.param_type = 2150 htons(SCTP_IPV6_ADDRESS); 2151 p_size = sizeof(struct sctp_ipv6addr_param); 2152 addr_size = sizeof(struct in6_addr); 2153 addr_ptr = (caddr_t)&((struct sockaddr_in6 *) 2154 found_addr)->sin6_addr; 2155 } else { 2156 /* copy IPv4 address */ 2157 lookup->ph.param_type = 2158 htons(SCTP_IPV4_ADDRESS); 2159 p_size = sizeof(struct sctp_ipv4addr_param); 2160 addr_size = sizeof(struct in_addr); 2161 addr_ptr = (caddr_t)&((struct sockaddr_in *) 2162 found_addr)->sin_addr; 2163 } 2164 lookup->ph.param_length = htons(SCTP_SIZE32(p_size)); 2165 memcpy(lookup->addr, addr_ptr, addr_size); 2166 SCTP_BUF_LEN(m_asconf_chk) += SCTP_SIZE32(p_size); 2167 lookup_used = 1; 2168 } else { 2169 /* uh oh... don't have any address?? */ 2170 SCTPDBG(SCTP_DEBUG_ASCONF1, 2171 "compose_asconf: no lookup addr!\n"); 2172 /* for now, we send a IPv4 address of 0.0.0.0 */ 2173 lookup->ph.param_type = htons(SCTP_IPV4_ADDRESS); 2174 lookup->ph.param_length = htons(SCTP_SIZE32(sizeof(struct sctp_ipv4addr_param))); 2175 bzero(lookup->addr, sizeof(struct in_addr)); 2176 SCTP_BUF_LEN(m_asconf_chk) += SCTP_SIZE32(sizeof(struct sctp_ipv4addr_param)); 2177 lookup_used = 1; 2178 } 2179 } 2180 /* chain it all together */ 2181 SCTP_BUF_NEXT(m_asconf_chk) = m_asconf; 2182 *retlen = SCTP_BUF_LEN(m_asconf_chk) + SCTP_BUF_LEN(m_asconf); 2183 acp->ch.chunk_length = ntohs(*retlen); 2184 2185 /* update "sent" flag */ 2186 stcb->asoc.asconf_sent++; 2187 2188 return (m_asconf_chk); 2189 } 2190 2191 /* 2192 * section to handle address changes before an association is up eg. changes 2193 * during INIT/INIT-ACK/COOKIE-ECHO handshake 2194 */ 2195 2196 /* 2197 * processes the (local) addresses in the INIT-ACK chunk 2198 */ 2199 static void 2200 sctp_process_initack_addresses(struct sctp_tcb *stcb, struct mbuf *m, 2201 unsigned int offset, unsigned int length) 2202 { 2203 struct sctp_paramhdr tmp_param, *ph; 2204 uint16_t plen, ptype; 2205 struct sctp_ifa *sctp_ifa; 2206 struct sctp_ipv6addr_param addr_store; 2207 struct sockaddr_in6 sin6; 2208 struct sockaddr_in sin; 2209 struct sockaddr *sa; 2210 uint32_t vrf_id; 2211 2212 SCTPDBG(SCTP_DEBUG_ASCONF2, "processing init-ack addresses\n"); 2213 if (stcb == NULL) /* Un-needed check for SA */ 2214 return; 2215 2216 /* convert to upper bound */ 2217 length += offset; 2218 2219 if ((offset + sizeof(struct sctp_paramhdr)) > length) { 2220 return; 2221 } 2222 /* init the addresses */ 2223 bzero(&sin6, sizeof(sin6)); 2224 sin6.sin6_family = AF_INET6; 2225 sin6.sin6_len = sizeof(sin6); 2226 sin6.sin6_port = stcb->rport; 2227 2228 bzero(&sin, sizeof(sin)); 2229 sin.sin_len = sizeof(sin); 2230 sin.sin_family = AF_INET; 2231 sin.sin_port = stcb->rport; 2232 2233 /* go through the addresses in the init-ack */ 2234 ph = (struct sctp_paramhdr *)sctp_m_getptr(m, offset, 2235 sizeof(struct sctp_paramhdr), (uint8_t *) & tmp_param); 2236 while (ph != NULL) { 2237 ptype = ntohs(ph->param_type); 2238 plen = ntohs(ph->param_length); 2239 if (ptype == SCTP_IPV6_ADDRESS) { 2240 struct sctp_ipv6addr_param *a6p; 2241 2242 /* get the entire IPv6 address param */ 2243 a6p = (struct sctp_ipv6addr_param *) 2244 sctp_m_getptr(m, offset, 2245 sizeof(struct sctp_ipv6addr_param), 2246 (uint8_t *) & addr_store); 2247 if (plen != sizeof(struct sctp_ipv6addr_param) || 2248 a6p == NULL) { 2249 return; 2250 } 2251 memcpy(&sin6.sin6_addr, a6p->addr, 2252 sizeof(struct in6_addr)); 2253 sa = (struct sockaddr *)&sin6; 2254 } else if (ptype == SCTP_IPV4_ADDRESS) { 2255 struct sctp_ipv4addr_param *a4p; 2256 2257 /* get the entire IPv4 address param */ 2258 a4p = (struct sctp_ipv4addr_param *)sctp_m_getptr(m, offset, 2259 sizeof(struct sctp_ipv4addr_param), 2260 (uint8_t *) & addr_store); 2261 if (plen != sizeof(struct sctp_ipv4addr_param) || 2262 a4p == NULL) { 2263 return; 2264 } 2265 sin.sin_addr.s_addr = a4p->addr; 2266 sa = (struct sockaddr *)&sin; 2267 } else { 2268 goto next_addr; 2269 } 2270 2271 /* see if this address really (still) exists */ 2272 if (stcb) { 2273 vrf_id = stcb->asoc.vrf_id; 2274 } else { 2275 vrf_id = SCTP_DEFAULT_VRFID; 2276 } 2277 2278 sctp_ifa = sctp_find_ifa_by_addr(sa, vrf_id, 0); 2279 if (sctp_ifa == NULL) { 2280 /* address doesn't exist anymore */ 2281 int status; 2282 2283 /* are ASCONFs allowed ? */ 2284 if ((sctp_is_feature_on(stcb->sctp_ep, 2285 SCTP_PCB_FLAGS_DO_ASCONF)) && 2286 stcb->asoc.peer_supports_asconf) { 2287 /* queue an ASCONF DEL_IP_ADDRESS */ 2288 status = sctp_asconf_queue_add_sa(stcb, sa, 2289 SCTP_DEL_IP_ADDRESS); 2290 /* 2291 * if queued ok, and in correct state, set 2292 * the ASCONF timer 2293 */ 2294 if (status == 0 && 2295 SCTP_GET_STATE(&stcb->asoc) == 2296 SCTP_STATE_OPEN) { 2297 sctp_timer_start(SCTP_TIMER_TYPE_ASCONF, 2298 stcb->sctp_ep, stcb, 2299 stcb->asoc.primary_destination); 2300 } 2301 } 2302 } 2303 next_addr: 2304 /* 2305 * Sanity check: Make sure the length isn't 0, otherwise 2306 * we'll be stuck in this loop for a long time... 2307 */ 2308 if (SCTP_SIZE32(plen) == 0) { 2309 SCTP_PRINTF("process_initack_addrs: bad len (%d) type=%xh\n", 2310 plen, ptype); 2311 return; 2312 } 2313 /* get next parameter */ 2314 offset += SCTP_SIZE32(plen); 2315 if ((offset + sizeof(struct sctp_paramhdr)) > length) 2316 return; 2317 ph = (struct sctp_paramhdr *)sctp_m_getptr(m, offset, 2318 sizeof(struct sctp_paramhdr), (uint8_t *) & tmp_param); 2319 } /* while */ 2320 } 2321 2322 /* FIX ME: need to verify return result for v6 address type if v6 disabled */ 2323 /* 2324 * checks to see if a specific address is in the initack address list returns 2325 * 1 if found, 0 if not 2326 */ 2327 static uint32_t 2328 sctp_addr_in_initack(struct sctp_tcb *stcb, struct mbuf *m, uint32_t offset, 2329 uint32_t length, struct sockaddr *sa) 2330 { 2331 struct sctp_paramhdr tmp_param, *ph; 2332 uint16_t plen, ptype; 2333 struct sctp_ipv6addr_param addr_store; 2334 struct sockaddr_in *sin; 2335 struct sctp_ipv4addr_param *a4p; 2336 2337 #ifdef INET6 2338 struct sockaddr_in6 *sin6; 2339 struct sctp_ipv6addr_param *a6p; 2340 struct sockaddr_in6 sin6_tmp; 2341 2342 #endif /* INET6 */ 2343 2344 if ( 2345 #ifdef INET6 2346 (sa->sa_family != AF_INET6) && 2347 #endif /* INET6 */ 2348 (sa->sa_family != AF_INET)) 2349 return (0); 2350 2351 SCTPDBG(SCTP_DEBUG_ASCONF2, "find_initack_addr: starting search for "); 2352 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF2, sa); 2353 /* convert to upper bound */ 2354 length += offset; 2355 2356 if ((offset + sizeof(struct sctp_paramhdr)) > length) { 2357 SCTPDBG(SCTP_DEBUG_ASCONF1, 2358 "find_initack_addr: invalid offset?\n"); 2359 return (0); 2360 } 2361 /* go through the addresses in the init-ack */ 2362 ph = (struct sctp_paramhdr *)sctp_m_getptr(m, offset, 2363 sizeof(struct sctp_paramhdr), (uint8_t *) & tmp_param); 2364 while (ph != NULL) { 2365 ptype = ntohs(ph->param_type); 2366 plen = ntohs(ph->param_length); 2367 #ifdef INET6 2368 if (ptype == SCTP_IPV6_ADDRESS && sa->sa_family == AF_INET6) { 2369 /* get the entire IPv6 address param */ 2370 a6p = (struct sctp_ipv6addr_param *) 2371 sctp_m_getptr(m, offset, 2372 sizeof(struct sctp_ipv6addr_param), 2373 (uint8_t *) & addr_store); 2374 if (plen != sizeof(struct sctp_ipv6addr_param) || 2375 (ph == NULL) || 2376 (a6p == NULL)) { 2377 return (0); 2378 } 2379 sin6 = (struct sockaddr_in6 *)sa; 2380 if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr)) { 2381 /* create a copy and clear scope */ 2382 memcpy(&sin6_tmp, sin6, 2383 sizeof(struct sockaddr_in6)); 2384 sin6 = &sin6_tmp; 2385 in6_clearscope(&sin6->sin6_addr); 2386 } 2387 if (memcmp(&sin6->sin6_addr, a6p->addr, 2388 sizeof(struct in6_addr)) == 0) { 2389 /* found it */ 2390 return (1); 2391 } 2392 } else 2393 #endif /* INET6 */ 2394 2395 if (ptype == SCTP_IPV4_ADDRESS && 2396 sa->sa_family == AF_INET) { 2397 /* get the entire IPv4 address param */ 2398 a4p = (struct sctp_ipv4addr_param *)sctp_m_getptr(m, 2399 offset, sizeof(struct sctp_ipv4addr_param), 2400 (uint8_t *) & addr_store); 2401 if (plen != sizeof(struct sctp_ipv4addr_param) || 2402 (ph == NULL) || 2403 (a4p == NULL)) { 2404 return (0); 2405 } 2406 sin = (struct sockaddr_in *)sa; 2407 if (sin->sin_addr.s_addr == a4p->addr) { 2408 /* found it */ 2409 return (1); 2410 } 2411 } 2412 /* get next parameter */ 2413 offset += SCTP_SIZE32(plen); 2414 if (offset + sizeof(struct sctp_paramhdr) > length) 2415 return (0); 2416 ph = (struct sctp_paramhdr *) 2417 sctp_m_getptr(m, offset, sizeof(struct sctp_paramhdr), 2418 (uint8_t *) & tmp_param); 2419 } /* while */ 2420 /* not found! */ 2421 return (0); 2422 } 2423 2424 /* 2425 * makes sure that the current endpoint local addr list is consistent with 2426 * the new association (eg. subset bound, asconf allowed) adds addresses as 2427 * necessary 2428 */ 2429 static void 2430 sctp_check_address_list_ep(struct sctp_tcb *stcb, struct mbuf *m, int offset, 2431 int length, struct sockaddr *init_addr) 2432 { 2433 struct sctp_laddr *laddr; 2434 2435 /* go through the endpoint list */ 2436 LIST_FOREACH(laddr, &stcb->sctp_ep->sctp_addr_list, sctp_nxt_addr) { 2437 /* be paranoid and validate the laddr */ 2438 if (laddr->ifa == NULL) { 2439 SCTPDBG(SCTP_DEBUG_ASCONF1, 2440 "check_addr_list_ep: laddr->ifa is NULL"); 2441 continue; 2442 } 2443 if (laddr->ifa == NULL) { 2444 SCTPDBG(SCTP_DEBUG_ASCONF1, "check_addr_list_ep: laddr->ifa->ifa_addr is NULL"); 2445 continue; 2446 } 2447 /* do i have it implicitly? */ 2448 if (sctp_cmpaddr(&laddr->ifa->address.sa, init_addr)) { 2449 continue; 2450 } 2451 /* check to see if in the init-ack */ 2452 if (!sctp_addr_in_initack(stcb, m, offset, length, 2453 &laddr->ifa->address.sa)) { 2454 /* try to add it */ 2455 sctp_addr_mgmt_assoc(stcb->sctp_ep, stcb, laddr->ifa, 2456 SCTP_ADD_IP_ADDRESS); 2457 } 2458 } 2459 } 2460 2461 /* 2462 * makes sure that the current kernel address list is consistent with the new 2463 * association (with all addrs bound) adds addresses as necessary 2464 */ 2465 static void 2466 sctp_check_address_list_all(struct sctp_tcb *stcb, struct mbuf *m, int offset, 2467 int length, struct sockaddr *init_addr, 2468 uint16_t local_scope, uint16_t site_scope, 2469 uint16_t ipv4_scope, uint16_t loopback_scope) 2470 { 2471 struct sctp_vrf *vrf = NULL; 2472 struct sctp_ifn *sctp_ifn; 2473 struct sctp_ifa *sctp_ifa; 2474 uint32_t vrf_id; 2475 2476 if (stcb) { 2477 vrf_id = stcb->asoc.vrf_id; 2478 } else { 2479 return; 2480 } 2481 vrf = sctp_find_vrf(vrf_id); 2482 if (vrf == NULL) { 2483 return; 2484 } 2485 /* go through all our known interfaces */ 2486 LIST_FOREACH(sctp_ifn, &vrf->ifnlist, next_ifn) { 2487 if (loopback_scope == 0 && SCTP_IFN_IS_IFT_LOOP(sctp_ifn)) { 2488 /* skip loopback interface */ 2489 continue; 2490 } 2491 /* go through each interface address */ 2492 LIST_FOREACH(sctp_ifa, &sctp_ifn->ifalist, next_ifa) { 2493 /* do i have it implicitly? */ 2494 if (sctp_cmpaddr(&sctp_ifa->address.sa, init_addr)) { 2495 continue; 2496 } 2497 /* check to see if in the init-ack */ 2498 if (!sctp_addr_in_initack(stcb, m, offset, length, 2499 &sctp_ifa->address.sa)) { 2500 /* try to add it */ 2501 sctp_addr_mgmt_assoc(stcb->sctp_ep, stcb, 2502 sctp_ifa, SCTP_ADD_IP_ADDRESS); 2503 } 2504 } /* end foreach ifa */ 2505 } /* end foreach ifn */ 2506 } 2507 2508 /* 2509 * validates an init-ack chunk (from a cookie-echo) with current addresses 2510 * adds addresses from the init-ack into our local address list, if needed 2511 * queues asconf adds/deletes addresses as needed and makes appropriate list 2512 * changes for source address selection m, offset: points to the start of the 2513 * address list in an init-ack chunk length: total length of the address 2514 * params only init_addr: address where my INIT-ACK was sent from 2515 */ 2516 void 2517 sctp_check_address_list(struct sctp_tcb *stcb, struct mbuf *m, int offset, 2518 int length, struct sockaddr *init_addr, 2519 uint16_t local_scope, uint16_t site_scope, 2520 uint16_t ipv4_scope, uint16_t loopback_scope) 2521 { 2522 /* process the local addresses in the initack */ 2523 sctp_process_initack_addresses(stcb, m, offset, length); 2524 2525 if (stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_BOUNDALL) { 2526 /* bound all case */ 2527 sctp_check_address_list_all(stcb, m, offset, length, init_addr, 2528 local_scope, site_scope, ipv4_scope, loopback_scope); 2529 } else { 2530 /* subset bound case */ 2531 if (sctp_is_feature_on(stcb->sctp_ep, 2532 SCTP_PCB_FLAGS_DO_ASCONF)) { 2533 /* asconf's allowed */ 2534 sctp_check_address_list_ep(stcb, m, offset, length, 2535 init_addr); 2536 } 2537 /* else, no asconfs allowed, so what we sent is what we get */ 2538 } 2539 } 2540 2541 /* 2542 * sctp_bindx() support 2543 */ 2544 uint32_t 2545 sctp_addr_mgmt_ep_sa(struct sctp_inpcb *inp, struct sockaddr *sa, 2546 uint32_t type, uint32_t vrf_id) 2547 { 2548 struct sctp_ifa *ifa; 2549 2550 if (sa->sa_len == 0) { 2551 return (EINVAL); 2552 } 2553 if (type == SCTP_ADD_IP_ADDRESS) { 2554 /* For an add the address MUST be on the system */ 2555 ifa = sctp_find_ifa_by_addr(sa, vrf_id, 0); 2556 } else if (type == SCTP_DEL_IP_ADDRESS) { 2557 /* For a delete we need to find it in the inp */ 2558 ifa = sctp_find_ifa_in_ep(inp, sa, 0); 2559 } else { 2560 ifa = NULL; 2561 } 2562 if (ifa != NULL) { 2563 /* add this address */ 2564 struct sctp_asconf_iterator *asc; 2565 struct sctp_laddr *wi; 2566 2567 SCTP_MALLOC(asc, struct sctp_asconf_iterator *, 2568 sizeof(struct sctp_asconf_iterator), 2569 "SCTP_ASCONF_ITERATOR"); 2570 if (asc == NULL) { 2571 return (ENOMEM); 2572 } 2573 wi = SCTP_ZONE_GET(sctppcbinfo.ipi_zone_laddr, 2574 struct sctp_laddr); 2575 if (wi == NULL) { 2576 SCTP_FREE(asc); 2577 return (ENOMEM); 2578 } 2579 if (type == SCTP_ADD_IP_ADDRESS) { 2580 sctp_add_local_addr_ep(inp, ifa, type); 2581 } else if (type == SCTP_DEL_IP_ADDRESS) { 2582 struct sctp_laddr *laddr; 2583 2584 if (inp->laddr_count < 2) { 2585 /* can't delete the last local address */ 2586 return (EINVAL); 2587 } 2588 LIST_FOREACH(laddr, &inp->sctp_addr_list, 2589 sctp_nxt_addr) { 2590 if (ifa == laddr->ifa) { 2591 /* Mark in the delete */ 2592 laddr->action = type; 2593 } 2594 } 2595 } 2596 LIST_INIT(&asc->list_of_work); 2597 asc->cnt = 1; 2598 SCTP_INCR_LADDR_COUNT(); 2599 wi->ifa = ifa; 2600 wi->action = type; 2601 atomic_add_int(&ifa->refcount, 1); 2602 LIST_INSERT_HEAD(&asc->list_of_work, wi, sctp_nxt_addr); 2603 (void)sctp_initiate_iterator(sctp_iterator_ep, 2604 sctp_iterator_stcb, 2605 sctp_iterator_ep_end, 2606 SCTP_PCB_ANY_FLAGS, 2607 SCTP_PCB_ANY_FEATURES, 2608 SCTP_ASOC_ANY_STATE, (void *)asc, 0, 2609 sctp_iterator_end, inp, 0); 2610 } else { 2611 /* invalid address! */ 2612 return (EADDRNOTAVAIL); 2613 } 2614 return (0); 2615 } 2616