xref: /freebsd/sys/netinet6/in6_src.c (revision 9162f64b58d01ec01481d60b6cdc06ffd8e8c7fc)
1 /*-
2  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  * 3. Neither the name of the project nor the names of its contributors
14  *    may be used to endorse or promote products derived from this software
15  *    without specific prior written permission.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  *
29  *	$KAME: in6_src.c,v 1.132 2003/08/26 04:42:27 keiichi Exp $
30  */
31 
32 /*-
33  * Copyright (c) 1982, 1986, 1991, 1993
34  *	The Regents of the University of California.  All rights reserved.
35  *
36  * Redistribution and use in source and binary forms, with or without
37  * modification, are permitted provided that the following conditions
38  * are met:
39  * 1. Redistributions of source code must retain the above copyright
40  *    notice, this list of conditions and the following disclaimer.
41  * 2. Redistributions in binary form must reproduce the above copyright
42  *    notice, this list of conditions and the following disclaimer in the
43  *    documentation and/or other materials provided with the distribution.
44  * 4. Neither the name of the University nor the names of its contributors
45  *    may be used to endorse or promote products derived from this software
46  *    without specific prior written permission.
47  *
48  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58  * SUCH DAMAGE.
59  *
60  *	@(#)in_pcb.c	8.2 (Berkeley) 1/4/94
61  */
62 
63 #include <sys/cdefs.h>
64 __FBSDID("$FreeBSD$");
65 
66 #include "opt_inet.h"
67 #include "opt_inet6.h"
68 #include "opt_mpath.h"
69 
70 #include <sys/param.h>
71 #include <sys/systm.h>
72 #include <sys/lock.h>
73 #include <sys/malloc.h>
74 #include <sys/mbuf.h>
75 #include <sys/priv.h>
76 #include <sys/protosw.h>
77 #include <sys/socket.h>
78 #include <sys/socketvar.h>
79 #include <sys/sockio.h>
80 #include <sys/sysctl.h>
81 #include <sys/errno.h>
82 #include <sys/time.h>
83 #include <sys/jail.h>
84 #include <sys/kernel.h>
85 #include <sys/sx.h>
86 #include <sys/vimage.h>
87 
88 #include <net/if.h>
89 #include <net/route.h>
90 #include <net/if_llatbl.h>
91 #ifdef RADIX_MPATH
92 #include <net/radix_mpath.h>
93 #endif
94 
95 #include <netinet/in.h>
96 #include <netinet/in_var.h>
97 #include <netinet/in_systm.h>
98 #include <netinet/ip.h>
99 #include <netinet/in_pcb.h>
100 #include <netinet/ip_var.h>
101 #include <netinet/udp.h>
102 #include <netinet/udp_var.h>
103 #include <netinet/vinet.h>
104 
105 #include <netinet6/in6_var.h>
106 #include <netinet/ip6.h>
107 #include <netinet6/in6_pcb.h>
108 #include <netinet6/ip6_var.h>
109 #include <netinet6/scope6_var.h>
110 #include <netinet6/nd6.h>
111 #include <netinet6/vinet6.h>
112 
113 static struct mtx addrsel_lock;
114 #define	ADDRSEL_LOCK_INIT()	mtx_init(&addrsel_lock, "addrsel_lock", NULL, MTX_DEF)
115 #define	ADDRSEL_LOCK()		mtx_lock(&addrsel_lock)
116 #define	ADDRSEL_UNLOCK()	mtx_unlock(&addrsel_lock)
117 #define	ADDRSEL_LOCK_ASSERT()	mtx_assert(&addrsel_lock, MA_OWNED)
118 
119 static struct sx addrsel_sxlock;
120 #define	ADDRSEL_SXLOCK_INIT()	sx_init(&addrsel_sxlock, "addrsel_sxlock")
121 #define	ADDRSEL_SLOCK()		sx_slock(&addrsel_sxlock)
122 #define	ADDRSEL_SUNLOCK()	sx_sunlock(&addrsel_sxlock)
123 #define	ADDRSEL_XLOCK()		sx_xlock(&addrsel_sxlock)
124 #define	ADDRSEL_XUNLOCK()	sx_xunlock(&addrsel_sxlock)
125 
126 #define ADDR_LABEL_NOTAPP (-1)
127 
128 #ifdef VIMAGE_GLOBALS
129 struct in6_addrpolicy defaultaddrpolicy;
130 int ip6_prefer_tempaddr;
131 #endif
132 
133 static int selectroute __P((struct sockaddr_in6 *, struct ip6_pktopts *,
134 	struct ip6_moptions *, struct route_in6 *, struct ifnet **,
135 	struct rtentry **, int));
136 static int in6_selectif __P((struct sockaddr_in6 *, struct ip6_pktopts *,
137 	struct ip6_moptions *, struct route_in6 *ro, struct ifnet **));
138 
139 static struct in6_addrpolicy *lookup_addrsel_policy(struct sockaddr_in6 *);
140 
141 static void init_policy_queue(void);
142 static int add_addrsel_policyent(struct in6_addrpolicy *);
143 static int delete_addrsel_policyent(struct in6_addrpolicy *);
144 static int walk_addrsel_policy __P((int (*)(struct in6_addrpolicy *, void *),
145 				    void *));
146 static int dump_addrsel_policyent(struct in6_addrpolicy *, void *);
147 static struct in6_addrpolicy *match_addrsel_policy(struct sockaddr_in6 *);
148 
149 /*
150  * Return an IPv6 address, which is the most appropriate for a given
151  * destination and user specified options.
152  * If necessary, this function lookups the routing table and returns
153  * an entry to the caller for later use.
154  */
155 #define REPLACE(r) do {\
156 	if ((r) < sizeof(V_ip6stat.ip6s_sources_rule) / \
157 		sizeof(V_ip6stat.ip6s_sources_rule[0])) /* check for safety */ \
158 		V_ip6stat.ip6s_sources_rule[(r)]++; \
159 	/* { \
160 	char ip6buf[INET6_ADDRSTRLEN], ip6b[INET6_ADDRSTRLEN]; \
161 	printf("in6_selectsrc: replace %s with %s by %d\n", ia_best ? ip6_sprintf(ip6buf, &ia_best->ia_addr.sin6_addr) : "none", ip6_sprintf(ip6b, &ia->ia_addr.sin6_addr), (r)); \
162 	} */ \
163 	goto replace; \
164 } while(0)
165 #define NEXT(r) do {\
166 	if ((r) < sizeof(V_ip6stat.ip6s_sources_rule) / \
167 		sizeof(V_ip6stat.ip6s_sources_rule[0])) /* check for safety */ \
168 		V_ip6stat.ip6s_sources_rule[(r)]++; \
169 	/* { \
170 	char ip6buf[INET6_ADDRSTRLEN], ip6b[INET6_ADDRSTRLEN]; \
171 	printf("in6_selectsrc: keep %s against %s by %d\n", ia_best ? ip6_sprintf(ip6buf, &ia_best->ia_addr.sin6_addr) : "none", ip6_sprintf(ip6b, &ia->ia_addr.sin6_addr), (r)); \
172 	} */ \
173 	goto next;		/* XXX: we can't use 'continue' here */ \
174 } while(0)
175 #define BREAK(r) do { \
176 	if ((r) < sizeof(V_ip6stat.ip6s_sources_rule) / \
177 		sizeof(V_ip6stat.ip6s_sources_rule[0])) /* check for safety */ \
178 		V_ip6stat.ip6s_sources_rule[(r)]++; \
179 	goto out;		/* XXX: we can't use 'break' here */ \
180 } while(0)
181 
182 struct in6_addr *
183 in6_selectsrc(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts,
184     struct inpcb *inp, struct route_in6 *ro, struct ucred *cred,
185     struct ifnet **ifpp, int *errorp)
186 {
187 	INIT_VNET_INET6(curvnet);
188 	struct in6_addr dst;
189 	struct ifnet *ifp = NULL;
190 	struct in6_ifaddr *ia = NULL, *ia_best = NULL;
191 	struct in6_pktinfo *pi = NULL;
192 	int dst_scope = -1, best_scope = -1, best_matchlen = -1;
193 	struct in6_addrpolicy *dst_policy = NULL, *best_policy = NULL;
194 	u_int32_t odstzone;
195 	int prefer_tempaddr;
196 	struct ip6_moptions *mopts;
197 
198 	dst = dstsock->sin6_addr; /* make a copy for local operation */
199 	*errorp = 0;
200 	if (ifpp)
201 		*ifpp = NULL;
202 
203 	if (inp != NULL) {
204 		INP_LOCK_ASSERT(inp);
205 		mopts = inp->in6p_moptions;
206 	} else {
207 		mopts = NULL;
208 	}
209 
210 	/*
211 	 * If the source address is explicitly specified by the caller,
212 	 * check if the requested source address is indeed a unicast address
213 	 * assigned to the node, and can be used as the packet's source
214 	 * address.  If everything is okay, use the address as source.
215 	 */
216 	if (opts && (pi = opts->ip6po_pktinfo) &&
217 	    !IN6_IS_ADDR_UNSPECIFIED(&pi->ipi6_addr)) {
218 		struct sockaddr_in6 srcsock;
219 		struct in6_ifaddr *ia6;
220 
221 		/* get the outgoing interface */
222 		if ((*errorp = in6_selectif(dstsock, opts, mopts, ro, &ifp))
223 		    != 0) {
224 			return (NULL);
225 		}
226 
227 		/*
228 		 * determine the appropriate zone id of the source based on
229 		 * the zone of the destination and the outgoing interface.
230 		 * If the specified address is ambiguous wrt the scope zone,
231 		 * the interface must be specified; otherwise, ifa_ifwithaddr()
232 		 * will fail matching the address.
233 		 */
234 		bzero(&srcsock, sizeof(srcsock));
235 		srcsock.sin6_family = AF_INET6;
236 		srcsock.sin6_len = sizeof(srcsock);
237 		srcsock.sin6_addr = pi->ipi6_addr;
238 		if (ifp) {
239 			*errorp = in6_setscope(&srcsock.sin6_addr, ifp, NULL);
240 			if (*errorp != 0)
241 				return (NULL);
242 		}
243 		if (cred != NULL && prison_local_ip6(cred, &srcsock.sin6_addr,
244 		    (inp != NULL && (inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0) {
245 			*errorp = EADDRNOTAVAIL;
246 			return (NULL);
247 		}
248 
249 		ia6 = (struct in6_ifaddr *)ifa_ifwithaddr((struct sockaddr *)(&srcsock));
250 		if (ia6 == NULL ||
251 		    (ia6->ia6_flags & (IN6_IFF_ANYCAST | IN6_IFF_NOTREADY))) {
252 			*errorp = EADDRNOTAVAIL;
253 			return (NULL);
254 		}
255 		pi->ipi6_addr = srcsock.sin6_addr; /* XXX: this overrides pi */
256 		if (ifpp)
257 			*ifpp = ifp;
258 		return (&ia6->ia_addr.sin6_addr);
259 	}
260 
261 	/*
262 	 * Otherwise, if the socket has already bound the source, just use it.
263 	 */
264 	if (inp != NULL && !IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) {
265 		if (cred != NULL && prison_local_ip6(cred, &inp->in6p_laddr,
266 		    ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0) {
267 			*errorp = EADDRNOTAVAIL;
268 			return (NULL);
269 		}
270 		return (&inp->in6p_laddr);
271 	}
272 
273 	/*
274 	 * If the address is not specified, choose the best one based on
275 	 * the outgoing interface and the destination address.
276 	 */
277 	/* get the outgoing interface */
278 	if ((*errorp = in6_selectif(dstsock, opts, mopts, ro, &ifp)) != 0)
279 		return (NULL);
280 
281 #ifdef DIAGNOSTIC
282 	if (ifp == NULL)	/* this should not happen */
283 		panic("in6_selectsrc: NULL ifp");
284 #endif
285 	*errorp = in6_setscope(&dst, ifp, &odstzone);
286 	if (*errorp != 0)
287 		return (NULL);
288 
289 	for (ia = V_in6_ifaddr; ia; ia = ia->ia_next) {
290 		int new_scope = -1, new_matchlen = -1;
291 		struct in6_addrpolicy *new_policy = NULL;
292 		u_int32_t srczone, osrczone, dstzone;
293 		struct in6_addr src;
294 		struct ifnet *ifp1 = ia->ia_ifp;
295 
296 		/*
297 		 * We'll never take an address that breaks the scope zone
298 		 * of the destination.  We also skip an address if its zone
299 		 * does not contain the outgoing interface.
300 		 * XXX: we should probably use sin6_scope_id here.
301 		 */
302 		if (in6_setscope(&dst, ifp1, &dstzone) ||
303 		    odstzone != dstzone) {
304 			continue;
305 		}
306 		src = ia->ia_addr.sin6_addr;
307 		if (in6_setscope(&src, ifp, &osrczone) ||
308 		    in6_setscope(&src, ifp1, &srczone) ||
309 		    osrczone != srczone) {
310 			continue;
311 		}
312 
313 		/* avoid unusable addresses */
314 		if ((ia->ia6_flags &
315 		     (IN6_IFF_NOTREADY | IN6_IFF_ANYCAST | IN6_IFF_DETACHED))) {
316 				continue;
317 		}
318 		if (!V_ip6_use_deprecated && IFA6_IS_DEPRECATED(ia))
319 			continue;
320 
321 		if (cred != NULL &&
322 		    prison_local_ip6(cred, &ia->ia_addr.sin6_addr,
323 			(inp != NULL &&
324 			(inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0)
325 			continue;
326 
327 		/* Rule 1: Prefer same address */
328 		if (IN6_ARE_ADDR_EQUAL(&dst, &ia->ia_addr.sin6_addr)) {
329 			ia_best = ia;
330 			BREAK(1); /* there should be no better candidate */
331 		}
332 
333 		if (ia_best == NULL)
334 			REPLACE(0);
335 
336 		/* Rule 2: Prefer appropriate scope */
337 		if (dst_scope < 0)
338 			dst_scope = in6_addrscope(&dst);
339 		new_scope = in6_addrscope(&ia->ia_addr.sin6_addr);
340 		if (IN6_ARE_SCOPE_CMP(best_scope, new_scope) < 0) {
341 			if (IN6_ARE_SCOPE_CMP(best_scope, dst_scope) < 0)
342 				REPLACE(2);
343 			NEXT(2);
344 		} else if (IN6_ARE_SCOPE_CMP(new_scope, best_scope) < 0) {
345 			if (IN6_ARE_SCOPE_CMP(new_scope, dst_scope) < 0)
346 				NEXT(2);
347 			REPLACE(2);
348 		}
349 
350 		/*
351 		 * Rule 3: Avoid deprecated addresses.  Note that the case of
352 		 * !ip6_use_deprecated is already rejected above.
353 		 */
354 		if (!IFA6_IS_DEPRECATED(ia_best) && IFA6_IS_DEPRECATED(ia))
355 			NEXT(3);
356 		if (IFA6_IS_DEPRECATED(ia_best) && !IFA6_IS_DEPRECATED(ia))
357 			REPLACE(3);
358 
359 		/* Rule 4: Prefer home addresses */
360 		/*
361 		 * XXX: This is a TODO.  We should probably merge the MIP6
362 		 * case above.
363 		 */
364 
365 		/* Rule 5: Prefer outgoing interface */
366 		if (ia_best->ia_ifp == ifp && ia->ia_ifp != ifp)
367 			NEXT(5);
368 		if (ia_best->ia_ifp != ifp && ia->ia_ifp == ifp)
369 			REPLACE(5);
370 
371 		/*
372 		 * Rule 6: Prefer matching label
373 		 * Note that best_policy should be non-NULL here.
374 		 */
375 		if (dst_policy == NULL)
376 			dst_policy = lookup_addrsel_policy(dstsock);
377 		if (dst_policy->label != ADDR_LABEL_NOTAPP) {
378 			new_policy = lookup_addrsel_policy(&ia->ia_addr);
379 			if (dst_policy->label == best_policy->label &&
380 			    dst_policy->label != new_policy->label)
381 				NEXT(6);
382 			if (dst_policy->label != best_policy->label &&
383 			    dst_policy->label == new_policy->label)
384 				REPLACE(6);
385 		}
386 
387 		/*
388 		 * Rule 7: Prefer public addresses.
389 		 * We allow users to reverse the logic by configuring
390 		 * a sysctl variable, so that privacy conscious users can
391 		 * always prefer temporary addresses.
392 		 */
393 		if (opts == NULL ||
394 		    opts->ip6po_prefer_tempaddr == IP6PO_TEMPADDR_SYSTEM) {
395 			prefer_tempaddr = V_ip6_prefer_tempaddr;
396 		} else if (opts->ip6po_prefer_tempaddr ==
397 		    IP6PO_TEMPADDR_NOTPREFER) {
398 			prefer_tempaddr = 0;
399 		} else
400 			prefer_tempaddr = 1;
401 		if (!(ia_best->ia6_flags & IN6_IFF_TEMPORARY) &&
402 		    (ia->ia6_flags & IN6_IFF_TEMPORARY)) {
403 			if (prefer_tempaddr)
404 				REPLACE(7);
405 			else
406 				NEXT(7);
407 		}
408 		if ((ia_best->ia6_flags & IN6_IFF_TEMPORARY) &&
409 		    !(ia->ia6_flags & IN6_IFF_TEMPORARY)) {
410 			if (prefer_tempaddr)
411 				NEXT(7);
412 			else
413 				REPLACE(7);
414 		}
415 
416 		/*
417 		 * Rule 8: prefer addresses on alive interfaces.
418 		 * This is a KAME specific rule.
419 		 */
420 		if ((ia_best->ia_ifp->if_flags & IFF_UP) &&
421 		    !(ia->ia_ifp->if_flags & IFF_UP))
422 			NEXT(8);
423 		if (!(ia_best->ia_ifp->if_flags & IFF_UP) &&
424 		    (ia->ia_ifp->if_flags & IFF_UP))
425 			REPLACE(8);
426 
427 		/*
428 		 * Rule 14: Use longest matching prefix.
429 		 * Note: in the address selection draft, this rule is
430 		 * documented as "Rule 8".  However, since it is also
431 		 * documented that this rule can be overridden, we assign
432 		 * a large number so that it is easy to assign smaller numbers
433 		 * to more preferred rules.
434 		 */
435 		new_matchlen = in6_matchlen(&ia->ia_addr.sin6_addr, &dst);
436 		if (best_matchlen < new_matchlen)
437 			REPLACE(14);
438 		if (new_matchlen < best_matchlen)
439 			NEXT(14);
440 
441 		/* Rule 15 is reserved. */
442 
443 		/*
444 		 * Last resort: just keep the current candidate.
445 		 * Or, do we need more rules?
446 		 */
447 		continue;
448 
449 	  replace:
450 		ia_best = ia;
451 		best_scope = (new_scope >= 0 ? new_scope :
452 			      in6_addrscope(&ia_best->ia_addr.sin6_addr));
453 		best_policy = (new_policy ? new_policy :
454 			       lookup_addrsel_policy(&ia_best->ia_addr));
455 		best_matchlen = (new_matchlen >= 0 ? new_matchlen :
456 				 in6_matchlen(&ia_best->ia_addr.sin6_addr,
457 					      &dst));
458 
459 	  next:
460 		continue;
461 
462 	  out:
463 		break;
464 	}
465 
466 	if ((ia = ia_best) == NULL) {
467 		*errorp = EADDRNOTAVAIL;
468 		return (NULL);
469 	}
470 
471 	if (ifpp)
472 		*ifpp = ifp;
473 
474 	return (&ia->ia_addr.sin6_addr);
475 }
476 
477 /*
478  * clone - meaningful only for bsdi and freebsd
479  */
480 static int
481 selectroute(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts,
482     struct ip6_moptions *mopts, struct route_in6 *ro,
483     struct ifnet **retifp, struct rtentry **retrt, int norouteok)
484 {
485 	INIT_VNET_INET6(curvnet);
486 	int error = 0;
487 	struct ifnet *ifp = NULL;
488 	struct rtentry *rt = NULL;
489 	struct sockaddr_in6 *sin6_next;
490 	struct in6_pktinfo *pi = NULL;
491 	struct in6_addr *dst = &dstsock->sin6_addr;
492 #if 0
493 	char ip6buf[INET6_ADDRSTRLEN];
494 
495 	if (dstsock->sin6_addr.s6_addr32[0] == 0 &&
496 	    dstsock->sin6_addr.s6_addr32[1] == 0 &&
497 	    !IN6_IS_ADDR_LOOPBACK(&dstsock->sin6_addr)) {
498 		printf("in6_selectroute: strange destination %s\n",
499 		       ip6_sprintf(ip6buf, &dstsock->sin6_addr));
500 	} else {
501 		printf("in6_selectroute: destination = %s%%%d\n",
502 		       ip6_sprintf(ip6buf, &dstsock->sin6_addr),
503 		       dstsock->sin6_scope_id); /* for debug */
504 	}
505 #endif
506 
507 	/* If the caller specify the outgoing interface explicitly, use it. */
508 	if (opts && (pi = opts->ip6po_pktinfo) != NULL && pi->ipi6_ifindex) {
509 		/* XXX boundary check is assumed to be already done. */
510 		ifp = ifnet_byindex(pi->ipi6_ifindex);
511 		if (ifp != NULL &&
512 		    (norouteok || retrt == NULL ||
513 		    IN6_IS_ADDR_MULTICAST(dst))) {
514 			/*
515 			 * we do not have to check or get the route for
516 			 * multicast.
517 			 */
518 			goto done;
519 		} else
520 			goto getroute;
521 	}
522 
523 	/*
524 	 * If the destination address is a multicast address and the outgoing
525 	 * interface for the address is specified by the caller, use it.
526 	 */
527 	if (IN6_IS_ADDR_MULTICAST(dst) &&
528 	    mopts != NULL && (ifp = mopts->im6o_multicast_ifp) != NULL) {
529 		goto done; /* we do not need a route for multicast. */
530 	}
531 
532   getroute:
533 	/*
534 	 * If the next hop address for the packet is specified by the caller,
535 	 * use it as the gateway.
536 	 */
537 	if (opts && opts->ip6po_nexthop) {
538 		struct route_in6 *ron;
539 		struct llentry *la;
540 
541 		sin6_next = satosin6(opts->ip6po_nexthop);
542 
543 		/* at this moment, we only support AF_INET6 next hops */
544 		if (sin6_next->sin6_family != AF_INET6) {
545 			error = EAFNOSUPPORT; /* or should we proceed? */
546 			goto done;
547 		}
548 
549 		/*
550 		 * If the next hop is an IPv6 address, then the node identified
551 		 * by that address must be a neighbor of the sending host.
552 		 */
553 		ron = &opts->ip6po_nextroute;
554 		/*
555 		 * XXX what do we do here?
556 		 * PLZ to be fixing
557 		 */
558 
559 
560 		if (ron->ro_rt == NULL) {
561 			rtalloc((struct route *)ron); /* multi path case? */
562 			if (ron->ro_rt == NULL) {
563 				if (ron->ro_rt) {
564 					RTFREE(ron->ro_rt);
565 					ron->ro_rt = NULL;
566 				}
567 				error = EHOSTUNREACH;
568 				goto done;
569 			}
570 		}
571 
572 		rt = ron->ro_rt;
573 		ifp = rt->rt_ifp;
574 		IF_AFDATA_LOCK(ifp);
575 		la = lla_lookup(LLTABLE6(ifp), 0, (struct sockaddr *)&sin6_next->sin6_addr);
576 		IF_AFDATA_UNLOCK(ifp);
577 		if (la != NULL)
578 			LLE_RUNLOCK(la);
579 		else {
580 			error = EHOSTUNREACH;
581 			goto done;
582 		}
583 #if 0
584 		if ((ron->ro_rt &&
585 		     (ron->ro_rt->rt_flags & (RTF_UP | RTF_LLINFO)) !=
586 		     (RTF_UP | RTF_LLINFO)) ||
587 		    !IN6_ARE_ADDR_EQUAL(&satosin6(&ron->ro_dst)->sin6_addr,
588 		    &sin6_next->sin6_addr)) {
589 			if (ron->ro_rt) {
590 				RTFREE(ron->ro_rt);
591 				ron->ro_rt = NULL;
592 			}
593 			*satosin6(&ron->ro_dst) = *sin6_next;
594 		}
595 		if (ron->ro_rt == NULL) {
596 			rtalloc((struct route *)ron); /* multi path case? */
597 			if (ron->ro_rt == NULL ||
598 			    !(ron->ro_rt->rt_flags & RTF_LLINFO)) {
599 				if (ron->ro_rt) {
600 					RTFREE(ron->ro_rt);
601 					ron->ro_rt = NULL;
602 				}
603 				error = EHOSTUNREACH;
604 				goto done;
605 			}
606 		}
607 #endif
608 
609 		/*
610 		 * When cloning is required, try to allocate a route to the
611 		 * destination so that the caller can store path MTU
612 		 * information.
613 		 */
614 		goto done;
615 	}
616 
617 	/*
618 	 * Use a cached route if it exists and is valid, else try to allocate
619 	 * a new one.  Note that we should check the address family of the
620 	 * cached destination, in case of sharing the cache with IPv4.
621 	 */
622 	if (ro) {
623 		if (ro->ro_rt &&
624 		    (!(ro->ro_rt->rt_flags & RTF_UP) ||
625 		     ((struct sockaddr *)(&ro->ro_dst))->sa_family != AF_INET6 ||
626 		     !IN6_ARE_ADDR_EQUAL(&satosin6(&ro->ro_dst)->sin6_addr,
627 		     dst))) {
628 			RTFREE(ro->ro_rt);
629 			ro->ro_rt = (struct rtentry *)NULL;
630 		}
631 		if (ro->ro_rt == (struct rtentry *)NULL) {
632 			struct sockaddr_in6 *sa6;
633 
634 			/* No route yet, so try to acquire one */
635 			bzero(&ro->ro_dst, sizeof(struct sockaddr_in6));
636 			sa6 = (struct sockaddr_in6 *)&ro->ro_dst;
637 			*sa6 = *dstsock;
638 			sa6->sin6_scope_id = 0;
639 
640 #ifdef RADIX_MPATH
641 				rtalloc_mpath((struct route *)ro,
642 				    ntohl(sa6->sin6_addr.s6_addr32[3]));
643 #else
644 				ro->ro_rt = rtalloc1(&((struct route *)ro)
645 				    ->ro_dst, 0, 0UL);
646 				if (ro->ro_rt)
647 					RT_UNLOCK(ro->ro_rt);
648 #endif
649 		}
650 
651 		/*
652 		 * do not care about the result if we have the nexthop
653 		 * explicitly specified.
654 		 */
655 		if (opts && opts->ip6po_nexthop)
656 			goto done;
657 
658 		if (ro->ro_rt) {
659 			ifp = ro->ro_rt->rt_ifp;
660 
661 			if (ifp == NULL) { /* can this really happen? */
662 				RTFREE(ro->ro_rt);
663 				ro->ro_rt = NULL;
664 			}
665 		}
666 		if (ro->ro_rt == NULL)
667 			error = EHOSTUNREACH;
668 		rt = ro->ro_rt;
669 
670 		/*
671 		 * Check if the outgoing interface conflicts with
672 		 * the interface specified by ipi6_ifindex (if specified).
673 		 * Note that loopback interface is always okay.
674 		 * (this may happen when we are sending a packet to one of
675 		 *  our own addresses.)
676 		 */
677 		if (ifp && opts && opts->ip6po_pktinfo &&
678 		    opts->ip6po_pktinfo->ipi6_ifindex) {
679 			if (!(ifp->if_flags & IFF_LOOPBACK) &&
680 			    ifp->if_index !=
681 			    opts->ip6po_pktinfo->ipi6_ifindex) {
682 				error = EHOSTUNREACH;
683 				goto done;
684 			}
685 		}
686 	}
687 
688   done:
689 	if (ifp == NULL && rt == NULL) {
690 		/*
691 		 * This can happen if the caller did not pass a cached route
692 		 * nor any other hints.  We treat this case an error.
693 		 */
694 		error = EHOSTUNREACH;
695 	}
696 	if (error == EHOSTUNREACH)
697 		V_ip6stat.ip6s_noroute++;
698 
699 	if (retifp != NULL)
700 		*retifp = ifp;
701 	if (retrt != NULL)
702 		*retrt = rt;	/* rt may be NULL */
703 
704 	return (error);
705 }
706 
707 static int
708 in6_selectif(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts,
709     struct ip6_moptions *mopts, struct route_in6 *ro, struct ifnet **retifp)
710 {
711 	int error;
712 	struct route_in6 sro;
713 	struct rtentry *rt = NULL;
714 
715 	if (ro == NULL) {
716 		bzero(&sro, sizeof(sro));
717 		ro = &sro;
718 	}
719 
720 	if ((error = selectroute(dstsock, opts, mopts, ro, retifp,
721 				     &rt, 1)) != 0) {
722 		if (ro == &sro && rt && rt == sro.ro_rt)
723 			RTFREE(rt);
724 		return (error);
725 	}
726 
727 	/*
728 	 * do not use a rejected or black hole route.
729 	 * XXX: this check should be done in the L2 output routine.
730 	 * However, if we skipped this check here, we'd see the following
731 	 * scenario:
732 	 * - install a rejected route for a scoped address prefix
733 	 *   (like fe80::/10)
734 	 * - send a packet to a destination that matches the scoped prefix,
735 	 *   with ambiguity about the scope zone.
736 	 * - pick the outgoing interface from the route, and disambiguate the
737 	 *   scope zone with the interface.
738 	 * - ip6_output() would try to get another route with the "new"
739 	 *   destination, which may be valid.
740 	 * - we'd see no error on output.
741 	 * Although this may not be very harmful, it should still be confusing.
742 	 * We thus reject the case here.
743 	 */
744 	if (rt && (rt->rt_flags & (RTF_REJECT | RTF_BLACKHOLE))) {
745 		int flags = (rt->rt_flags & RTF_HOST ? EHOSTUNREACH : ENETUNREACH);
746 
747 		if (ro == &sro && rt && rt == sro.ro_rt)
748 			RTFREE(rt);
749 		return (flags);
750 	}
751 
752 	/*
753 	 * Adjust the "outgoing" interface.  If we're going to loop the packet
754 	 * back to ourselves, the ifp would be the loopback interface.
755 	 * However, we'd rather know the interface associated to the
756 	 * destination address (which should probably be one of our own
757 	 * addresses.)
758 	 */
759 	if (rt && rt->rt_ifa && rt->rt_ifa->ifa_ifp)
760 		*retifp = rt->rt_ifa->ifa_ifp;
761 
762 	if (ro == &sro && rt && rt == sro.ro_rt)
763 		RTFREE(rt);
764 	return (0);
765 }
766 
767 /*
768  * clone - meaningful only for bsdi and freebsd
769  */
770 int
771 in6_selectroute(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts,
772     struct ip6_moptions *mopts, struct route_in6 *ro,
773     struct ifnet **retifp, struct rtentry **retrt)
774 {
775 
776 	return (selectroute(dstsock, opts, mopts, ro, retifp,
777 	    retrt, 0));
778 }
779 
780 /*
781  * Default hop limit selection. The precedence is as follows:
782  * 1. Hoplimit value specified via ioctl.
783  * 2. (If the outgoing interface is detected) the current
784  *     hop limit of the interface specified by router advertisement.
785  * 3. The system default hoplimit.
786  */
787 int
788 in6_selecthlim(struct inpcb *in6p, struct ifnet *ifp)
789 {
790 	INIT_VNET_INET6(curvnet);
791 
792 	if (in6p && in6p->in6p_hops >= 0)
793 		return (in6p->in6p_hops);
794 	else if (ifp)
795 		return (ND_IFINFO(ifp)->chlim);
796 	else if (in6p && !IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) {
797 		struct route_in6 ro6;
798 		struct ifnet *lifp;
799 
800 		bzero(&ro6, sizeof(ro6));
801 		ro6.ro_dst.sin6_family = AF_INET6;
802 		ro6.ro_dst.sin6_len = sizeof(struct sockaddr_in6);
803 		ro6.ro_dst.sin6_addr = in6p->in6p_faddr;
804 		rtalloc((struct route *)&ro6);
805 		if (ro6.ro_rt) {
806 			lifp = ro6.ro_rt->rt_ifp;
807 			RTFREE(ro6.ro_rt);
808 			if (lifp)
809 				return (ND_IFINFO(lifp)->chlim);
810 		} else
811 			return (V_ip6_defhlim);
812 	}
813 	return (V_ip6_defhlim);
814 }
815 
816 /*
817  * XXX: this is borrowed from in6_pcbbind(). If possible, we should
818  * share this function by all *bsd*...
819  */
820 int
821 in6_pcbsetport(struct in6_addr *laddr, struct inpcb *inp, struct ucred *cred)
822 {
823 	INIT_VNET_INET(curvnet);
824 	struct socket *so = inp->inp_socket;
825 	u_int16_t lport = 0, first, last, *lastport;
826 	int count, error = 0, wild = 0, dorandom;
827 	struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
828 
829 	INP_INFO_WLOCK_ASSERT(pcbinfo);
830 	INP_WLOCK_ASSERT(inp);
831 
832 	if (prison_local_ip6(cred, laddr,
833 	    ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0)
834 		return(EINVAL);
835 
836 	/* XXX: this is redundant when called from in6_pcbbind */
837 	if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0)
838 		wild = INPLOOKUP_WILDCARD;
839 
840 	inp->inp_flags |= INP_ANONPORT;
841 
842 	if (inp->inp_flags & INP_HIGHPORT) {
843 		first = V_ipport_hifirstauto;	/* sysctl */
844 		last  = V_ipport_hilastauto;
845 		lastport = &pcbinfo->ipi_lasthi;
846 	} else if (inp->inp_flags & INP_LOWPORT) {
847 		error = priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT, 0);
848 		if (error)
849 			return error;
850 		first = V_ipport_lowfirstauto;	/* 1023 */
851 		last  = V_ipport_lowlastauto;	/* 600 */
852 		lastport = &pcbinfo->ipi_lastlow;
853 	} else {
854 		first = V_ipport_firstauto;	/* sysctl */
855 		last  = V_ipport_lastauto;
856 		lastport = &pcbinfo->ipi_lastport;
857 	}
858 
859 	/*
860 	 * For UDP, use random port allocation as long as the user
861 	 * allows it.  For TCP (and as of yet unknown) connections,
862 	 * use random port allocation only if the user allows it AND
863 	 * ipport_tick() allows it.
864 	 */
865 	if (V_ipport_randomized &&
866 	    (!V_ipport_stoprandom || pcbinfo == &V_udbinfo))
867 		dorandom = 1;
868 	else
869 		dorandom = 0;
870 	/*
871 	 * It makes no sense to do random port allocation if
872 	 * we have the only port available.
873 	 */
874 	if (first == last)
875 		dorandom = 0;
876 	/* Make sure to not include UDP packets in the count. */
877 	if (pcbinfo != &V_udbinfo)
878 		V_ipport_tcpallocs++;
879 
880 	/*
881 	 * Instead of having two loops further down counting up or down
882 	 * make sure that first is always <= last and go with only one
883 	 * code path implementing all logic.
884 	 */
885 	if (first > last) {
886 		u_int16_t aux;
887 
888 		aux = first;
889 		first = last;
890 		last = aux;
891 	}
892 
893 	if (dorandom)
894 		*lastport = first + (arc4random() % (last - first));
895 
896 	count = last - first;
897 
898 	do {
899 		if (count-- < 0) {	/* completely used? */
900 			/* Undo an address bind that may have occurred. */
901 			inp->in6p_laddr = in6addr_any;
902 			return (EADDRNOTAVAIL);
903 		}
904 		++*lastport;
905 		if (*lastport < first || *lastport > last)
906 			*lastport = first;
907 		lport = htons(*lastport);
908 	} while (in6_pcblookup_local(pcbinfo, &inp->in6p_laddr,
909 	    lport, wild, cred));
910 
911 	inp->inp_lport = lport;
912 	if (in_pcbinshash(inp) != 0) {
913 		inp->in6p_laddr = in6addr_any;
914 		inp->inp_lport = 0;
915 		return (EAGAIN);
916 	}
917 
918 	return (0);
919 }
920 
921 void
922 addrsel_policy_init(void)
923 {
924 	ADDRSEL_LOCK_INIT();
925 	ADDRSEL_SXLOCK_INIT();
926 	INIT_VNET_INET6(curvnet);
927 
928 	V_ip6_prefer_tempaddr = 0;
929 
930 	init_policy_queue();
931 
932 	/* initialize the "last resort" policy */
933 	bzero(&V_defaultaddrpolicy, sizeof(V_defaultaddrpolicy));
934 	V_defaultaddrpolicy.label = ADDR_LABEL_NOTAPP;
935 }
936 
937 static struct in6_addrpolicy *
938 lookup_addrsel_policy(struct sockaddr_in6 *key)
939 {
940 	INIT_VNET_INET6(curvnet);
941 	struct in6_addrpolicy *match = NULL;
942 
943 	ADDRSEL_LOCK();
944 	match = match_addrsel_policy(key);
945 
946 	if (match == NULL)
947 		match = &V_defaultaddrpolicy;
948 	else
949 		match->use++;
950 	ADDRSEL_UNLOCK();
951 
952 	return (match);
953 }
954 
955 /*
956  * Subroutines to manage the address selection policy table via sysctl.
957  */
958 struct walkarg {
959 	struct sysctl_req *w_req;
960 };
961 
962 static int in6_src_sysctl(SYSCTL_HANDLER_ARGS);
963 SYSCTL_DECL(_net_inet6_ip6);
964 SYSCTL_NODE(_net_inet6_ip6, IPV6CTL_ADDRCTLPOLICY, addrctlpolicy,
965 	CTLFLAG_RD, in6_src_sysctl, "");
966 
967 static int
968 in6_src_sysctl(SYSCTL_HANDLER_ARGS)
969 {
970 	struct walkarg w;
971 
972 	if (req->newptr)
973 		return EPERM;
974 
975 	bzero(&w, sizeof(w));
976 	w.w_req = req;
977 
978 	return (walk_addrsel_policy(dump_addrsel_policyent, &w));
979 }
980 
981 int
982 in6_src_ioctl(u_long cmd, caddr_t data)
983 {
984 	int i;
985 	struct in6_addrpolicy ent0;
986 
987 	if (cmd != SIOCAADDRCTL_POLICY && cmd != SIOCDADDRCTL_POLICY)
988 		return (EOPNOTSUPP); /* check for safety */
989 
990 	ent0 = *(struct in6_addrpolicy *)data;
991 
992 	if (ent0.label == ADDR_LABEL_NOTAPP)
993 		return (EINVAL);
994 	/* check if the prefix mask is consecutive. */
995 	if (in6_mask2len(&ent0.addrmask.sin6_addr, NULL) < 0)
996 		return (EINVAL);
997 	/* clear trailing garbages (if any) of the prefix address. */
998 	for (i = 0; i < 4; i++) {
999 		ent0.addr.sin6_addr.s6_addr32[i] &=
1000 			ent0.addrmask.sin6_addr.s6_addr32[i];
1001 	}
1002 	ent0.use = 0;
1003 
1004 	switch (cmd) {
1005 	case SIOCAADDRCTL_POLICY:
1006 		return (add_addrsel_policyent(&ent0));
1007 	case SIOCDADDRCTL_POLICY:
1008 		return (delete_addrsel_policyent(&ent0));
1009 	}
1010 
1011 	return (0);		/* XXX: compromise compilers */
1012 }
1013 
1014 /*
1015  * The followings are implementation of the policy table using a
1016  * simple tail queue.
1017  * XXX such details should be hidden.
1018  * XXX implementation using binary tree should be more efficient.
1019  */
1020 struct addrsel_policyent {
1021 	TAILQ_ENTRY(addrsel_policyent) ape_entry;
1022 	struct in6_addrpolicy ape_policy;
1023 };
1024 
1025 TAILQ_HEAD(addrsel_policyhead, addrsel_policyent);
1026 
1027 #ifdef VIMAGE_GLOBALS
1028 struct addrsel_policyhead addrsel_policytab;
1029 #endif
1030 
1031 static void
1032 init_policy_queue(void)
1033 {
1034 	INIT_VNET_INET6(curvnet);
1035 
1036 	TAILQ_INIT(&V_addrsel_policytab);
1037 }
1038 
1039 static int
1040 add_addrsel_policyent(struct in6_addrpolicy *newpolicy)
1041 {
1042 	INIT_VNET_INET6(curvnet);
1043 	struct addrsel_policyent *new, *pol;
1044 
1045 	new = malloc(sizeof(*new), M_IFADDR,
1046 	       M_WAITOK);
1047 	ADDRSEL_XLOCK();
1048 	ADDRSEL_LOCK();
1049 
1050 	/* duplication check */
1051 	TAILQ_FOREACH(pol, &V_addrsel_policytab, ape_entry) {
1052 		if (IN6_ARE_ADDR_EQUAL(&newpolicy->addr.sin6_addr,
1053 				       &pol->ape_policy.addr.sin6_addr) &&
1054 		    IN6_ARE_ADDR_EQUAL(&newpolicy->addrmask.sin6_addr,
1055 				       &pol->ape_policy.addrmask.sin6_addr)) {
1056 			ADDRSEL_UNLOCK();
1057 			ADDRSEL_XUNLOCK();
1058 			free(new, M_IFADDR);
1059 			return (EEXIST);	/* or override it? */
1060 		}
1061 	}
1062 
1063 	bzero(new, sizeof(*new));
1064 
1065 	/* XXX: should validate entry */
1066 	new->ape_policy = *newpolicy;
1067 
1068 	TAILQ_INSERT_TAIL(&V_addrsel_policytab, new, ape_entry);
1069 	ADDRSEL_UNLOCK();
1070 	ADDRSEL_XUNLOCK();
1071 
1072 	return (0);
1073 }
1074 
1075 static int
1076 delete_addrsel_policyent(struct in6_addrpolicy *key)
1077 {
1078 	INIT_VNET_INET6(curvnet);
1079 	struct addrsel_policyent *pol;
1080 
1081 	ADDRSEL_XLOCK();
1082 	ADDRSEL_LOCK();
1083 
1084 	/* search for the entry in the table */
1085 	TAILQ_FOREACH(pol, &V_addrsel_policytab, ape_entry) {
1086 		if (IN6_ARE_ADDR_EQUAL(&key->addr.sin6_addr,
1087 		    &pol->ape_policy.addr.sin6_addr) &&
1088 		    IN6_ARE_ADDR_EQUAL(&key->addrmask.sin6_addr,
1089 		    &pol->ape_policy.addrmask.sin6_addr)) {
1090 			break;
1091 		}
1092 	}
1093 	if (pol == NULL) {
1094 		ADDRSEL_UNLOCK();
1095 		ADDRSEL_XUNLOCK();
1096 		return (ESRCH);
1097 	}
1098 
1099 	TAILQ_REMOVE(&V_addrsel_policytab, pol, ape_entry);
1100 	ADDRSEL_UNLOCK();
1101 	ADDRSEL_XUNLOCK();
1102 
1103 	return (0);
1104 }
1105 
1106 static int
1107 walk_addrsel_policy(int (*callback)(struct in6_addrpolicy *, void *),
1108     void *w)
1109 {
1110 	INIT_VNET_INET6(curvnet);
1111 	struct addrsel_policyent *pol;
1112 	int error = 0;
1113 
1114 	ADDRSEL_SLOCK();
1115 	TAILQ_FOREACH(pol, &V_addrsel_policytab, ape_entry) {
1116 		if ((error = (*callback)(&pol->ape_policy, w)) != 0) {
1117 			ADDRSEL_SUNLOCK();
1118 			return (error);
1119 		}
1120 	}
1121 	ADDRSEL_SUNLOCK();
1122 	return (error);
1123 }
1124 
1125 static int
1126 dump_addrsel_policyent(struct in6_addrpolicy *pol, void *arg)
1127 {
1128 	int error = 0;
1129 	struct walkarg *w = arg;
1130 
1131 	error = SYSCTL_OUT(w->w_req, pol, sizeof(*pol));
1132 
1133 	return (error);
1134 }
1135 
1136 static struct in6_addrpolicy *
1137 match_addrsel_policy(struct sockaddr_in6 *key)
1138 {
1139 	INIT_VNET_INET6(curvnet);
1140 	struct addrsel_policyent *pent;
1141 	struct in6_addrpolicy *bestpol = NULL, *pol;
1142 	int matchlen, bestmatchlen = -1;
1143 	u_char *mp, *ep, *k, *p, m;
1144 
1145 	TAILQ_FOREACH(pent, &V_addrsel_policytab, ape_entry) {
1146 		matchlen = 0;
1147 
1148 		pol = &pent->ape_policy;
1149 		mp = (u_char *)&pol->addrmask.sin6_addr;
1150 		ep = mp + 16;	/* XXX: scope field? */
1151 		k = (u_char *)&key->sin6_addr;
1152 		p = (u_char *)&pol->addr.sin6_addr;
1153 		for (; mp < ep && *mp; mp++, k++, p++) {
1154 			m = *mp;
1155 			if ((*k & m) != *p)
1156 				goto next; /* not match */
1157 			if (m == 0xff) /* short cut for a typical case */
1158 				matchlen += 8;
1159 			else {
1160 				while (m >= 0x80) {
1161 					matchlen++;
1162 					m <<= 1;
1163 				}
1164 			}
1165 		}
1166 
1167 		/* matched.  check if this is better than the current best. */
1168 		if (bestpol == NULL ||
1169 		    matchlen > bestmatchlen) {
1170 			bestpol = pol;
1171 			bestmatchlen = matchlen;
1172 		}
1173 
1174 	  next:
1175 		continue;
1176 	}
1177 
1178 	return (bestpol);
1179 }
1180