1686cdd19SJun-ichiro itojun Hagino /* $FreeBSD$ */ 288ff5695SSUZUKI Shinsuke /* $KAME: ip6_output.c,v 1.279 2002/01/26 06:12:30 jinmei Exp $ */ 3686cdd19SJun-ichiro itojun Hagino 4caf43b02SWarner Losh /*- 582cd038dSYoshinobu Inoue * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 682cd038dSYoshinobu Inoue * All rights reserved. 782cd038dSYoshinobu Inoue * 882cd038dSYoshinobu Inoue * Redistribution and use in source and binary forms, with or without 982cd038dSYoshinobu Inoue * modification, are permitted provided that the following conditions 1082cd038dSYoshinobu Inoue * are met: 1182cd038dSYoshinobu Inoue * 1. Redistributions of source code must retain the above copyright 1282cd038dSYoshinobu Inoue * notice, this list of conditions and the following disclaimer. 1382cd038dSYoshinobu Inoue * 2. Redistributions in binary form must reproduce the above copyright 1482cd038dSYoshinobu Inoue * notice, this list of conditions and the following disclaimer in the 1582cd038dSYoshinobu Inoue * documentation and/or other materials provided with the distribution. 1682cd038dSYoshinobu Inoue * 3. Neither the name of the project nor the names of its contributors 1782cd038dSYoshinobu Inoue * may be used to endorse or promote products derived from this software 1882cd038dSYoshinobu Inoue * without specific prior written permission. 1982cd038dSYoshinobu Inoue * 2082cd038dSYoshinobu Inoue * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 2182cd038dSYoshinobu Inoue * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 2282cd038dSYoshinobu Inoue * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 2382cd038dSYoshinobu Inoue * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 2482cd038dSYoshinobu Inoue * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2582cd038dSYoshinobu Inoue * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2682cd038dSYoshinobu Inoue * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2782cd038dSYoshinobu Inoue * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2882cd038dSYoshinobu Inoue * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 2982cd038dSYoshinobu Inoue * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 3082cd038dSYoshinobu Inoue * SUCH DAMAGE. 3182cd038dSYoshinobu Inoue */ 3282cd038dSYoshinobu Inoue 33caf43b02SWarner Losh /*- 3482cd038dSYoshinobu Inoue * Copyright (c) 1982, 1986, 1988, 1990, 1993 3582cd038dSYoshinobu Inoue * The Regents of the University of California. All rights reserved. 3682cd038dSYoshinobu Inoue * 3782cd038dSYoshinobu Inoue * Redistribution and use in source and binary forms, with or without 3882cd038dSYoshinobu Inoue * modification, are permitted provided that the following conditions 3982cd038dSYoshinobu Inoue * are met: 4082cd038dSYoshinobu Inoue * 1. Redistributions of source code must retain the above copyright 4182cd038dSYoshinobu Inoue * notice, this list of conditions and the following disclaimer. 4282cd038dSYoshinobu Inoue * 2. Redistributions in binary form must reproduce the above copyright 4382cd038dSYoshinobu Inoue * notice, this list of conditions and the following disclaimer in the 4482cd038dSYoshinobu Inoue * documentation and/or other materials provided with the distribution. 4582cd038dSYoshinobu Inoue * 4. Neither the name of the University nor the names of its contributors 4682cd038dSYoshinobu Inoue * may be used to endorse or promote products derived from this software 4782cd038dSYoshinobu Inoue * without specific prior written permission. 4882cd038dSYoshinobu Inoue * 4982cd038dSYoshinobu Inoue * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 5082cd038dSYoshinobu Inoue * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 5182cd038dSYoshinobu Inoue * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 5282cd038dSYoshinobu Inoue * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 5382cd038dSYoshinobu Inoue * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 5482cd038dSYoshinobu Inoue * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 5582cd038dSYoshinobu Inoue * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 5682cd038dSYoshinobu Inoue * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 5782cd038dSYoshinobu Inoue * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5882cd038dSYoshinobu Inoue * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5982cd038dSYoshinobu Inoue * SUCH DAMAGE. 6082cd038dSYoshinobu Inoue * 6182cd038dSYoshinobu Inoue * @(#)ip_output.c 8.3 (Berkeley) 1/21/94 6282cd038dSYoshinobu Inoue */ 6382cd038dSYoshinobu Inoue 64210d0432SYoshinobu Inoue #include "opt_ip6fw.h" 65686cdd19SJun-ichiro itojun Hagino #include "opt_inet.h" 66686cdd19SJun-ichiro itojun Hagino #include "opt_inet6.h" 67686cdd19SJun-ichiro itojun Hagino #include "opt_ipsec.h" 6882cd038dSYoshinobu Inoue 6982cd038dSYoshinobu Inoue #include <sys/param.h> 7082cd038dSYoshinobu Inoue #include <sys/malloc.h> 7182cd038dSYoshinobu Inoue #include <sys/mbuf.h> 72b40ce416SJulian Elischer #include <sys/proc.h> 7382cd038dSYoshinobu Inoue #include <sys/errno.h> 7482cd038dSYoshinobu Inoue #include <sys/protosw.h> 7582cd038dSYoshinobu Inoue #include <sys/socket.h> 7682cd038dSYoshinobu Inoue #include <sys/socketvar.h> 7782cd038dSYoshinobu Inoue #include <sys/systm.h> 7882cd038dSYoshinobu Inoue #include <sys/kernel.h> 7982cd038dSYoshinobu Inoue 8082cd038dSYoshinobu Inoue #include <net/if.h> 818195404bSBrooks Davis #include <net/netisr.h> 8282cd038dSYoshinobu Inoue #include <net/route.h> 83c4ac87eaSDarren Reed #include <net/pfil.h> 8482cd038dSYoshinobu Inoue 8582cd038dSYoshinobu Inoue #include <netinet/in.h> 8682cd038dSYoshinobu Inoue #include <netinet/in_var.h> 8733841545SHajimu UMEMOTO #include <netinet6/in6_var.h> 88686cdd19SJun-ichiro itojun Hagino #include <netinet/ip6.h> 89686cdd19SJun-ichiro itojun Hagino #include <netinet/icmp6.h> 9082cd038dSYoshinobu Inoue #include <netinet6/ip6_var.h> 91686cdd19SJun-ichiro itojun Hagino #include <netinet/in_pcb.h> 9297d8d152SAndre Oppermann #include <netinet/tcp_var.h> 9382cd038dSYoshinobu Inoue #include <netinet6/nd6.h> 9482cd038dSYoshinobu Inoue 9582cd038dSYoshinobu Inoue #ifdef IPSEC 9682cd038dSYoshinobu Inoue #include <netinet6/ipsec.h> 97686cdd19SJun-ichiro itojun Hagino #ifdef INET6 9882cd038dSYoshinobu Inoue #include <netinet6/ipsec6.h> 996a800098SYoshinobu Inoue #endif 100686cdd19SJun-ichiro itojun Hagino #include <netkey/key.h> 10182cd038dSYoshinobu Inoue #endif /* IPSEC */ 10282cd038dSYoshinobu Inoue 103b9234fafSSam Leffler #ifdef FAST_IPSEC 104b9234fafSSam Leffler #include <netipsec/ipsec.h> 105b9234fafSSam Leffler #include <netipsec/ipsec6.h> 106b9234fafSSam Leffler #include <netipsec/key.h> 107b9234fafSSam Leffler #endif /* FAST_IPSEC */ 108b9234fafSSam Leffler 10982cd038dSYoshinobu Inoue #include <netinet6/ip6_fw.h> 11082cd038dSYoshinobu Inoue 11133841545SHajimu UMEMOTO #include <net/net_osdep.h> 11233841545SHajimu UMEMOTO 1131469c434SHajimu UMEMOTO #include <netinet6/ip6protosw.h> 1141469c434SHajimu UMEMOTO 11582cd038dSYoshinobu Inoue static MALLOC_DEFINE(M_IPMOPTS, "ip6_moptions", "internet multicast options"); 11682cd038dSYoshinobu Inoue 11782cd038dSYoshinobu Inoue struct ip6_exthdrs { 11882cd038dSYoshinobu Inoue struct mbuf *ip6e_ip6; 11982cd038dSYoshinobu Inoue struct mbuf *ip6e_hbh; 12082cd038dSYoshinobu Inoue struct mbuf *ip6e_dest1; 12182cd038dSYoshinobu Inoue struct mbuf *ip6e_rthdr; 12282cd038dSYoshinobu Inoue struct mbuf *ip6e_dest2; 12382cd038dSYoshinobu Inoue }; 12482cd038dSYoshinobu Inoue 125f95d4633SHajimu UMEMOTO static int ip6_pcbopt __P((int, u_char *, int, struct ip6_pktopts **, 126f95d4633SHajimu UMEMOTO int, int)); 12782cd038dSYoshinobu Inoue static int ip6_pcbopts __P((struct ip6_pktopts **, struct mbuf *, 1287efe5d92SHajimu UMEMOTO struct socket *, struct sockopt *)); 129f95d4633SHajimu UMEMOTO static int ip6_getpcbopt __P((struct ip6_pktopts *, int, struct sockopt *)); 130d5e3406dSHajimu UMEMOTO static int ip6_setpktopt __P((int, u_char *, int, struct ip6_pktopts *, int, 131f95d4633SHajimu UMEMOTO int, int, int)); 132f95d4633SHajimu UMEMOTO 13382cd038dSYoshinobu Inoue static int ip6_setmoptions __P((int, struct ip6_moptions **, struct mbuf *)); 13482cd038dSYoshinobu Inoue static int ip6_getmoptions __P((int, struct ip6_moptions *, struct mbuf **)); 13582cd038dSYoshinobu Inoue static int ip6_copyexthdr __P((struct mbuf **, caddr_t, int)); 13682cd038dSYoshinobu Inoue static int ip6_insertfraghdr __P((struct mbuf *, struct mbuf *, int, 13782cd038dSYoshinobu Inoue struct ip6_frag **)); 13882cd038dSYoshinobu Inoue static int ip6_insert_jumboopt __P((struct ip6_exthdrs *, u_int32_t)); 13982cd038dSYoshinobu Inoue static int ip6_splithdr __P((struct mbuf *, struct ip6_exthdrs *)); 14031b3783cSHajimu UMEMOTO static int ip6_getpmtu __P((struct route_in6 *, struct route_in6 *, 141f95d4633SHajimu UMEMOTO struct ifnet *, struct in6_addr *, u_long *, int *)); 14282cd038dSYoshinobu Inoue 1437efe5d92SHajimu UMEMOTO 14482cd038dSYoshinobu Inoue /* 14582cd038dSYoshinobu Inoue * IP6 output. The packet in mbuf chain m contains a skeletal IP6 14682cd038dSYoshinobu Inoue * header (with pri, len, nxt, hlim, src, dst). 14782cd038dSYoshinobu Inoue * This function may modify ver and hlim only. 14882cd038dSYoshinobu Inoue * The mbuf chain containing the packet will be freed. 14982cd038dSYoshinobu Inoue * The mbuf opt, if present, will not be freed. 15033841545SHajimu UMEMOTO * 15133841545SHajimu UMEMOTO * type of "mtu": rt_rmx.rmx_mtu is u_long, ifnet.ifr_mtu is int, and 15233841545SHajimu UMEMOTO * nd_ifinfo.linkmtu is u_int32_t. so we use u_long to hold largest one, 15333841545SHajimu UMEMOTO * which is rt_rmx.rmx_mtu. 15482cd038dSYoshinobu Inoue */ 15582cd038dSYoshinobu Inoue int 1565d846453SSam Leffler ip6_output(m0, opt, ro, flags, im6o, ifpp, inp) 15782cd038dSYoshinobu Inoue struct mbuf *m0; 15882cd038dSYoshinobu Inoue struct ip6_pktopts *opt; 15982cd038dSYoshinobu Inoue struct route_in6 *ro; 16082cd038dSYoshinobu Inoue int flags; 16182cd038dSYoshinobu Inoue struct ip6_moptions *im6o; 16282cd038dSYoshinobu Inoue struct ifnet **ifpp; /* XXX: just for statistics */ 1635d846453SSam Leffler struct inpcb *inp; 16482cd038dSYoshinobu Inoue { 16582cd038dSYoshinobu Inoue struct ip6_hdr *ip6, *mhip6; 166686cdd19SJun-ichiro itojun Hagino struct ifnet *ifp, *origifp; 16782cd038dSYoshinobu Inoue struct mbuf *m = m0; 16882cd038dSYoshinobu Inoue int hlen, tlen, len, off; 16982cd038dSYoshinobu Inoue struct route_in6 ip6route; 17082cd038dSYoshinobu Inoue struct sockaddr_in6 *dst; 1718195404bSBrooks Davis struct in6_addr odst; 17282cd038dSYoshinobu Inoue int error = 0; 1735da9f8faSJosef Karthauser struct in6_ifaddr *ia = NULL; 17482cd038dSYoshinobu Inoue u_long mtu; 175f95d4633SHajimu UMEMOTO int alwaysfrag, dontfrag; 17682cd038dSYoshinobu Inoue u_int32_t optlen = 0, plen = 0, unfragpartlen = 0; 17782cd038dSYoshinobu Inoue struct ip6_exthdrs exthdrs; 17882cd038dSYoshinobu Inoue struct in6_addr finaldst; 17982cd038dSYoshinobu Inoue struct route_in6 *ro_pmtu = NULL; 18082cd038dSYoshinobu Inoue int hdrsplit = 0; 18182cd038dSYoshinobu Inoue int needipsec = 0; 182da0f4099SHajimu UMEMOTO #if defined(IPSEC) || defined(FAST_IPSEC) 183b9234fafSSam Leffler int needipsectun = 0; 184b9234fafSSam Leffler struct secpolicy *sp = NULL; 185da0f4099SHajimu UMEMOTO #endif /*IPSEC || FAST_IPSEC*/ 186b9234fafSSam Leffler 187b9234fafSSam Leffler ip6 = mtod(m, struct ip6_hdr *); 18803a1bc3eSSUZUKI Shinsuke finaldst = ip6->ip6_dst; 18982cd038dSYoshinobu Inoue 19082cd038dSYoshinobu Inoue #define MAKE_EXTHDR(hp, mp) \ 191686cdd19SJun-ichiro itojun Hagino do { \ 19282cd038dSYoshinobu Inoue if (hp) { \ 19382cd038dSYoshinobu Inoue struct ip6_ext *eh = (struct ip6_ext *)(hp); \ 19482cd038dSYoshinobu Inoue error = ip6_copyexthdr((mp), (caddr_t)(hp), \ 19582cd038dSYoshinobu Inoue ((eh)->ip6e_len + 1) << 3); \ 19682cd038dSYoshinobu Inoue if (error) \ 19782cd038dSYoshinobu Inoue goto freehdrs; \ 19882cd038dSYoshinobu Inoue } \ 1997efe5d92SHajimu UMEMOTO } while (/*CONSTCOND*/ 0) 20082cd038dSYoshinobu Inoue 20182cd038dSYoshinobu Inoue bzero(&exthdrs, sizeof(exthdrs)); 202686cdd19SJun-ichiro itojun Hagino 20382cd038dSYoshinobu Inoue if (opt) { 20482cd038dSYoshinobu Inoue /* Hop-by-Hop options header */ 20582cd038dSYoshinobu Inoue MAKE_EXTHDR(opt->ip6po_hbh, &exthdrs.ip6e_hbh); 20682cd038dSYoshinobu Inoue /* Destination options header(1st part) */ 20729bc2c48SHajimu UMEMOTO if (opt->ip6po_rthdr) { 20829bc2c48SHajimu UMEMOTO /* 20929bc2c48SHajimu UMEMOTO * Destination options header(1st part) 21029bc2c48SHajimu UMEMOTO * This only makes sence with a routing header. 21129bc2c48SHajimu UMEMOTO * See Section 9.2 of RFC 3542. 21229bc2c48SHajimu UMEMOTO * Disabling this part just for MIP6 convenience is 21329bc2c48SHajimu UMEMOTO * a bad idea. We need to think carefully about a 21429bc2c48SHajimu UMEMOTO * way to make the advanced API coexist with MIP6 21529bc2c48SHajimu UMEMOTO * options, which might automatically be inserted in 21629bc2c48SHajimu UMEMOTO * the kernel. 21729bc2c48SHajimu UMEMOTO */ 21882cd038dSYoshinobu Inoue MAKE_EXTHDR(opt->ip6po_dest1, &exthdrs.ip6e_dest1); 21929bc2c48SHajimu UMEMOTO } 22082cd038dSYoshinobu Inoue /* Routing header */ 22182cd038dSYoshinobu Inoue MAKE_EXTHDR(opt->ip6po_rthdr, &exthdrs.ip6e_rthdr); 22282cd038dSYoshinobu Inoue /* Destination options header(2nd part) */ 22382cd038dSYoshinobu Inoue MAKE_EXTHDR(opt->ip6po_dest2, &exthdrs.ip6e_dest2); 22482cd038dSYoshinobu Inoue } 22582cd038dSYoshinobu Inoue 22682cd038dSYoshinobu Inoue #ifdef IPSEC 22782cd038dSYoshinobu Inoue /* get a security policy for this packet */ 228f073c60fSHajimu UMEMOTO if (inp == NULL) 22982cd038dSYoshinobu Inoue sp = ipsec6_getpolicybyaddr(m, IPSEC_DIR_OUTBOUND, 0, &error); 23082cd038dSYoshinobu Inoue else 231f073c60fSHajimu UMEMOTO sp = ipsec6_getpolicybypcb(m, IPSEC_DIR_OUTBOUND, inp, &error); 23282cd038dSYoshinobu Inoue 23382cd038dSYoshinobu Inoue if (sp == NULL) { 23482cd038dSYoshinobu Inoue ipsec6stat.out_inval++; 235686cdd19SJun-ichiro itojun Hagino goto freehdrs; 23682cd038dSYoshinobu Inoue } 23782cd038dSYoshinobu Inoue 23882cd038dSYoshinobu Inoue error = 0; 23982cd038dSYoshinobu Inoue 24082cd038dSYoshinobu Inoue /* check policy */ 24182cd038dSYoshinobu Inoue switch (sp->policy) { 24282cd038dSYoshinobu Inoue case IPSEC_POLICY_DISCARD: 24382cd038dSYoshinobu Inoue /* 24482cd038dSYoshinobu Inoue * This packet is just discarded. 24582cd038dSYoshinobu Inoue */ 24682cd038dSYoshinobu Inoue ipsec6stat.out_polvio++; 247686cdd19SJun-ichiro itojun Hagino goto freehdrs; 24882cd038dSYoshinobu Inoue 24982cd038dSYoshinobu Inoue case IPSEC_POLICY_BYPASS: 25082cd038dSYoshinobu Inoue case IPSEC_POLICY_NONE: 25182cd038dSYoshinobu Inoue /* no need to do IPsec. */ 25282cd038dSYoshinobu Inoue needipsec = 0; 25382cd038dSYoshinobu Inoue break; 25482cd038dSYoshinobu Inoue 25582cd038dSYoshinobu Inoue case IPSEC_POLICY_IPSEC: 25682cd038dSYoshinobu Inoue if (sp->req == NULL) { 257686cdd19SJun-ichiro itojun Hagino /* acquire a policy */ 258686cdd19SJun-ichiro itojun Hagino error = key_spdacquire(sp); 259686cdd19SJun-ichiro itojun Hagino goto freehdrs; 26082cd038dSYoshinobu Inoue } 26182cd038dSYoshinobu Inoue needipsec = 1; 26282cd038dSYoshinobu Inoue break; 26382cd038dSYoshinobu Inoue 26482cd038dSYoshinobu Inoue case IPSEC_POLICY_ENTRUST: 26582cd038dSYoshinobu Inoue default: 26682cd038dSYoshinobu Inoue printf("ip6_output: Invalid policy found. %d\n", sp->policy); 26782cd038dSYoshinobu Inoue } 26882cd038dSYoshinobu Inoue #endif /* IPSEC */ 269b9234fafSSam Leffler #ifdef FAST_IPSEC 270b9234fafSSam Leffler /* get a security policy for this packet */ 271b9234fafSSam Leffler if (inp == NULL) 272b9234fafSSam Leffler sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_OUTBOUND, 0, &error); 273b9234fafSSam Leffler else 274b9234fafSSam Leffler sp = ipsec_getpolicybysock(m, IPSEC_DIR_OUTBOUND, inp, &error); 275b9234fafSSam Leffler 276b9234fafSSam Leffler if (sp == NULL) { 277b9234fafSSam Leffler newipsecstat.ips_out_inval++; 278b9234fafSSam Leffler goto freehdrs; 279b9234fafSSam Leffler } 280b9234fafSSam Leffler 281b9234fafSSam Leffler error = 0; 282b9234fafSSam Leffler 283b9234fafSSam Leffler /* check policy */ 284b9234fafSSam Leffler switch (sp->policy) { 285b9234fafSSam Leffler case IPSEC_POLICY_DISCARD: 286b9234fafSSam Leffler /* 287b9234fafSSam Leffler * This packet is just discarded. 288b9234fafSSam Leffler */ 289b9234fafSSam Leffler newipsecstat.ips_out_polvio++; 290b9234fafSSam Leffler goto freehdrs; 291b9234fafSSam Leffler 292b9234fafSSam Leffler case IPSEC_POLICY_BYPASS: 293b9234fafSSam Leffler case IPSEC_POLICY_NONE: 294b9234fafSSam Leffler /* no need to do IPsec. */ 295b9234fafSSam Leffler needipsec = 0; 296b9234fafSSam Leffler break; 297b9234fafSSam Leffler 298b9234fafSSam Leffler case IPSEC_POLICY_IPSEC: 299b9234fafSSam Leffler if (sp->req == NULL) { 300b9234fafSSam Leffler /* acquire a policy */ 301b9234fafSSam Leffler error = key_spdacquire(sp); 302b9234fafSSam Leffler goto freehdrs; 303b9234fafSSam Leffler } 304b9234fafSSam Leffler needipsec = 1; 305b9234fafSSam Leffler break; 306b9234fafSSam Leffler 307b9234fafSSam Leffler case IPSEC_POLICY_ENTRUST: 308b9234fafSSam Leffler default: 309b9234fafSSam Leffler printf("ip6_output: Invalid policy found. %d\n", sp->policy); 310b9234fafSSam Leffler } 311b9234fafSSam Leffler #endif /* FAST_IPSEC */ 31282cd038dSYoshinobu Inoue 31382cd038dSYoshinobu Inoue /* 31482cd038dSYoshinobu Inoue * Calculate the total length of the extension header chain. 31582cd038dSYoshinobu Inoue * Keep the length of the unfragmentable part for fragmentation. 31682cd038dSYoshinobu Inoue */ 31782cd038dSYoshinobu Inoue optlen = 0; 31882cd038dSYoshinobu Inoue if (exthdrs.ip6e_hbh) optlen += exthdrs.ip6e_hbh->m_len; 31982cd038dSYoshinobu Inoue if (exthdrs.ip6e_dest1) optlen += exthdrs.ip6e_dest1->m_len; 32082cd038dSYoshinobu Inoue if (exthdrs.ip6e_rthdr) optlen += exthdrs.ip6e_rthdr->m_len; 32182cd038dSYoshinobu Inoue unfragpartlen = optlen + sizeof(struct ip6_hdr); 32282cd038dSYoshinobu Inoue /* NOTE: we don't add AH/ESP length here. do that later. */ 32382cd038dSYoshinobu Inoue if (exthdrs.ip6e_dest2) optlen += exthdrs.ip6e_dest2->m_len; 32482cd038dSYoshinobu Inoue 32582cd038dSYoshinobu Inoue /* 32682cd038dSYoshinobu Inoue * If we need IPsec, or there is at least one extension header, 32782cd038dSYoshinobu Inoue * separate IP6 header from the payload. 32882cd038dSYoshinobu Inoue */ 32982cd038dSYoshinobu Inoue if ((needipsec || optlen) && !hdrsplit) { 33082cd038dSYoshinobu Inoue if ((error = ip6_splithdr(m, &exthdrs)) != 0) { 33182cd038dSYoshinobu Inoue m = NULL; 33282cd038dSYoshinobu Inoue goto freehdrs; 33382cd038dSYoshinobu Inoue } 33482cd038dSYoshinobu Inoue m = exthdrs.ip6e_ip6; 33582cd038dSYoshinobu Inoue hdrsplit++; 33682cd038dSYoshinobu Inoue } 33782cd038dSYoshinobu Inoue 33882cd038dSYoshinobu Inoue /* adjust pointer */ 33982cd038dSYoshinobu Inoue ip6 = mtod(m, struct ip6_hdr *); 34082cd038dSYoshinobu Inoue 34182cd038dSYoshinobu Inoue /* adjust mbuf packet header length */ 34282cd038dSYoshinobu Inoue m->m_pkthdr.len += optlen; 34382cd038dSYoshinobu Inoue plen = m->m_pkthdr.len - sizeof(*ip6); 34482cd038dSYoshinobu Inoue 34582cd038dSYoshinobu Inoue /* If this is a jumbo payload, insert a jumbo payload option. */ 34682cd038dSYoshinobu Inoue if (plen > IPV6_MAXPACKET) { 34782cd038dSYoshinobu Inoue if (!hdrsplit) { 34882cd038dSYoshinobu Inoue if ((error = ip6_splithdr(m, &exthdrs)) != 0) { 34982cd038dSYoshinobu Inoue m = NULL; 35082cd038dSYoshinobu Inoue goto freehdrs; 35182cd038dSYoshinobu Inoue } 35282cd038dSYoshinobu Inoue m = exthdrs.ip6e_ip6; 35382cd038dSYoshinobu Inoue hdrsplit++; 35482cd038dSYoshinobu Inoue } 35582cd038dSYoshinobu Inoue /* adjust pointer */ 35682cd038dSYoshinobu Inoue ip6 = mtod(m, struct ip6_hdr *); 35782cd038dSYoshinobu Inoue if ((error = ip6_insert_jumboopt(&exthdrs, plen)) != 0) 35882cd038dSYoshinobu Inoue goto freehdrs; 35982cd038dSYoshinobu Inoue ip6->ip6_plen = 0; 36082cd038dSYoshinobu Inoue } else 36182cd038dSYoshinobu Inoue ip6->ip6_plen = htons(plen); 36282cd038dSYoshinobu Inoue 36382cd038dSYoshinobu Inoue /* 36482cd038dSYoshinobu Inoue * Concatenate headers and fill in next header fields. 36582cd038dSYoshinobu Inoue * Here we have, on "m" 36682cd038dSYoshinobu Inoue * IPv6 payload 36782cd038dSYoshinobu Inoue * and we insert headers accordingly. Finally, we should be getting: 36882cd038dSYoshinobu Inoue * IPv6 hbh dest1 rthdr ah* [esp* dest2 payload] 36982cd038dSYoshinobu Inoue * 37082cd038dSYoshinobu Inoue * during the header composing process, "m" points to IPv6 header. 37182cd038dSYoshinobu Inoue * "mprev" points to an extension header prior to esp. 37282cd038dSYoshinobu Inoue */ 37382cd038dSYoshinobu Inoue { 37482cd038dSYoshinobu Inoue u_char *nexthdrp = &ip6->ip6_nxt; 37582cd038dSYoshinobu Inoue struct mbuf *mprev = m; 37682cd038dSYoshinobu Inoue 37782cd038dSYoshinobu Inoue /* 37882cd038dSYoshinobu Inoue * we treat dest2 specially. this makes IPsec processing 37988ff5695SSUZUKI Shinsuke * much easier. the goal here is to make mprev point the 38088ff5695SSUZUKI Shinsuke * mbuf prior to dest2. 38182cd038dSYoshinobu Inoue * 38282cd038dSYoshinobu Inoue * result: IPv6 dest2 payload 38382cd038dSYoshinobu Inoue * m and mprev will point to IPv6 header. 38482cd038dSYoshinobu Inoue */ 38582cd038dSYoshinobu Inoue if (exthdrs.ip6e_dest2) { 38682cd038dSYoshinobu Inoue if (!hdrsplit) 38782cd038dSYoshinobu Inoue panic("assumption failed: hdr not split"); 38882cd038dSYoshinobu Inoue exthdrs.ip6e_dest2->m_next = m->m_next; 38982cd038dSYoshinobu Inoue m->m_next = exthdrs.ip6e_dest2; 39082cd038dSYoshinobu Inoue *mtod(exthdrs.ip6e_dest2, u_char *) = ip6->ip6_nxt; 39182cd038dSYoshinobu Inoue ip6->ip6_nxt = IPPROTO_DSTOPTS; 39282cd038dSYoshinobu Inoue } 39382cd038dSYoshinobu Inoue 39482cd038dSYoshinobu Inoue #define MAKE_CHAIN(m, mp, p, i)\ 395686cdd19SJun-ichiro itojun Hagino do {\ 39682cd038dSYoshinobu Inoue if (m) {\ 39782cd038dSYoshinobu Inoue if (!hdrsplit) \ 39882cd038dSYoshinobu Inoue panic("assumption failed: hdr not split"); \ 39982cd038dSYoshinobu Inoue *mtod((m), u_char *) = *(p);\ 40082cd038dSYoshinobu Inoue *(p) = (i);\ 40182cd038dSYoshinobu Inoue p = mtod((m), u_char *);\ 40282cd038dSYoshinobu Inoue (m)->m_next = (mp)->m_next;\ 40382cd038dSYoshinobu Inoue (mp)->m_next = (m);\ 40482cd038dSYoshinobu Inoue (mp) = (m);\ 40582cd038dSYoshinobu Inoue }\ 4067efe5d92SHajimu UMEMOTO } while (/*CONSTCOND*/ 0) 40782cd038dSYoshinobu Inoue /* 40882cd038dSYoshinobu Inoue * result: IPv6 hbh dest1 rthdr dest2 payload 40982cd038dSYoshinobu Inoue * m will point to IPv6 header. mprev will point to the 41082cd038dSYoshinobu Inoue * extension header prior to dest2 (rthdr in the above case). 41182cd038dSYoshinobu Inoue */ 4127efe5d92SHajimu UMEMOTO MAKE_CHAIN(exthdrs.ip6e_hbh, mprev, nexthdrp, IPPROTO_HOPOPTS); 4137efe5d92SHajimu UMEMOTO MAKE_CHAIN(exthdrs.ip6e_dest1, mprev, nexthdrp, 4147efe5d92SHajimu UMEMOTO IPPROTO_DSTOPTS); 4157efe5d92SHajimu UMEMOTO MAKE_CHAIN(exthdrs.ip6e_rthdr, mprev, nexthdrp, 4167efe5d92SHajimu UMEMOTO IPPROTO_ROUTING); 41782cd038dSYoshinobu Inoue 418b9234fafSSam Leffler #if defined(IPSEC) || defined(FAST_IPSEC) 41982cd038dSYoshinobu Inoue if (!needipsec) 42082cd038dSYoshinobu Inoue goto skip_ipsec2; 42182cd038dSYoshinobu Inoue 42282cd038dSYoshinobu Inoue /* 42382cd038dSYoshinobu Inoue * pointers after IPsec headers are not valid any more. 42482cd038dSYoshinobu Inoue * other pointers need a great care too. 42582cd038dSYoshinobu Inoue * (IPsec routines should not mangle mbufs prior to AH/ESP) 42682cd038dSYoshinobu Inoue */ 42782cd038dSYoshinobu Inoue exthdrs.ip6e_dest2 = NULL; 42882cd038dSYoshinobu Inoue 42982cd038dSYoshinobu Inoue { 43082cd038dSYoshinobu Inoue struct ip6_rthdr *rh = NULL; 43182cd038dSYoshinobu Inoue int segleft_org = 0; 43282cd038dSYoshinobu Inoue struct ipsec_output_state state; 43382cd038dSYoshinobu Inoue 43482cd038dSYoshinobu Inoue if (exthdrs.ip6e_rthdr) { 43582cd038dSYoshinobu Inoue rh = mtod(exthdrs.ip6e_rthdr, struct ip6_rthdr *); 43682cd038dSYoshinobu Inoue segleft_org = rh->ip6r_segleft; 43782cd038dSYoshinobu Inoue rh->ip6r_segleft = 0; 43882cd038dSYoshinobu Inoue } 43982cd038dSYoshinobu Inoue 44082cd038dSYoshinobu Inoue bzero(&state, sizeof(state)); 44182cd038dSYoshinobu Inoue state.m = m; 44282cd038dSYoshinobu Inoue error = ipsec6_output_trans(&state, nexthdrp, mprev, sp, flags, 44382cd038dSYoshinobu Inoue &needipsectun); 44482cd038dSYoshinobu Inoue m = state.m; 44582cd038dSYoshinobu Inoue if (error) { 44682cd038dSYoshinobu Inoue /* mbuf is already reclaimed in ipsec6_output_trans. */ 44782cd038dSYoshinobu Inoue m = NULL; 44882cd038dSYoshinobu Inoue switch (error) { 44982cd038dSYoshinobu Inoue case EHOSTUNREACH: 45082cd038dSYoshinobu Inoue case ENETUNREACH: 45182cd038dSYoshinobu Inoue case EMSGSIZE: 45282cd038dSYoshinobu Inoue case ENOBUFS: 45382cd038dSYoshinobu Inoue case ENOMEM: 45482cd038dSYoshinobu Inoue break; 45582cd038dSYoshinobu Inoue default: 45682cd038dSYoshinobu Inoue printf("ip6_output (ipsec): error code %d\n", error); 4577efe5d92SHajimu UMEMOTO /* FALLTHROUGH */ 45882cd038dSYoshinobu Inoue case ENOENT: 45982cd038dSYoshinobu Inoue /* don't show these error codes to the user */ 46082cd038dSYoshinobu Inoue error = 0; 46182cd038dSYoshinobu Inoue break; 46282cd038dSYoshinobu Inoue } 46382cd038dSYoshinobu Inoue goto bad; 46482cd038dSYoshinobu Inoue } 46582cd038dSYoshinobu Inoue if (exthdrs.ip6e_rthdr) { 46682cd038dSYoshinobu Inoue /* ah6_output doesn't modify mbuf chain */ 46782cd038dSYoshinobu Inoue rh->ip6r_segleft = segleft_org; 46882cd038dSYoshinobu Inoue } 46982cd038dSYoshinobu Inoue } 47082cd038dSYoshinobu Inoue skip_ipsec2:; 47182cd038dSYoshinobu Inoue #endif 47282cd038dSYoshinobu Inoue } 47382cd038dSYoshinobu Inoue 47482cd038dSYoshinobu Inoue /* 4757efe5d92SHajimu UMEMOTO * If there is a routing header, replace the destination address field 47682cd038dSYoshinobu Inoue * with the first hop of the routing header. 47782cd038dSYoshinobu Inoue */ 47882cd038dSYoshinobu Inoue if (exthdrs.ip6e_rthdr) { 47982cd038dSYoshinobu Inoue struct ip6_rthdr *rh = 48082cd038dSYoshinobu Inoue (struct ip6_rthdr *)(mtod(exthdrs.ip6e_rthdr, 48182cd038dSYoshinobu Inoue struct ip6_rthdr *)); 48282cd038dSYoshinobu Inoue struct ip6_rthdr0 *rh0; 483c302f5bcSHajimu UMEMOTO struct in6_addr *addrs; 48482cd038dSYoshinobu Inoue 48582cd038dSYoshinobu Inoue switch (rh->ip6r_type) { 48682cd038dSYoshinobu Inoue case IPV6_RTHDR_TYPE_0: 48782cd038dSYoshinobu Inoue rh0 = (struct ip6_rthdr0 *)rh; 488aef03e95SSUZUKI Shinsuke addrs = (struct in6_addr *)(rh0 + 1); 489c302f5bcSHajimu UMEMOTO 490c302f5bcSHajimu UMEMOTO ip6->ip6_dst = *addrs; 491c302f5bcSHajimu UMEMOTO bcopy((caddr_t)(addrs + 1), (caddr_t)addrs, 49282cd038dSYoshinobu Inoue sizeof(struct in6_addr)*(rh0->ip6r0_segleft - 1) 49382cd038dSYoshinobu Inoue ); 494c302f5bcSHajimu UMEMOTO *(addrs + rh0->ip6r0_segleft - 1) = finaldst; 49582cd038dSYoshinobu Inoue break; 49682cd038dSYoshinobu Inoue default: /* is it possible? */ 49782cd038dSYoshinobu Inoue error = EINVAL; 49882cd038dSYoshinobu Inoue goto bad; 49982cd038dSYoshinobu Inoue } 50082cd038dSYoshinobu Inoue } 50182cd038dSYoshinobu Inoue 50282cd038dSYoshinobu Inoue /* Source address validation */ 50382cd038dSYoshinobu Inoue if (IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src) && 50482cd038dSYoshinobu Inoue (flags & IPV6_DADOUTPUT) == 0) { 50582cd038dSYoshinobu Inoue error = EOPNOTSUPP; 50682cd038dSYoshinobu Inoue ip6stat.ip6s_badscope++; 50782cd038dSYoshinobu Inoue goto bad; 50882cd038dSYoshinobu Inoue } 50982cd038dSYoshinobu Inoue if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_src)) { 51082cd038dSYoshinobu Inoue error = EOPNOTSUPP; 51182cd038dSYoshinobu Inoue ip6stat.ip6s_badscope++; 51282cd038dSYoshinobu Inoue goto bad; 51382cd038dSYoshinobu Inoue } 51482cd038dSYoshinobu Inoue 51582cd038dSYoshinobu Inoue ip6stat.ip6s_localout++; 51682cd038dSYoshinobu Inoue 51782cd038dSYoshinobu Inoue /* 51882cd038dSYoshinobu Inoue * Route packet. 51982cd038dSYoshinobu Inoue */ 52082cd038dSYoshinobu Inoue if (ro == 0) { 52182cd038dSYoshinobu Inoue ro = &ip6route; 52282cd038dSYoshinobu Inoue bzero((caddr_t)ro, sizeof(*ro)); 52382cd038dSYoshinobu Inoue } 52482cd038dSYoshinobu Inoue ro_pmtu = ro; 52582cd038dSYoshinobu Inoue if (opt && opt->ip6po_rthdr) 52682cd038dSYoshinobu Inoue ro = &opt->ip6po_route; 52782cd038dSYoshinobu Inoue dst = (struct sockaddr_in6 *)&ro->ro_dst; 5287efe5d92SHajimu UMEMOTO 5298195404bSBrooks Davis again: 53082cd038dSYoshinobu Inoue /* 53182cd038dSYoshinobu Inoue * If there is a cached route, 53282cd038dSYoshinobu Inoue * check that it is to the same destination 53382cd038dSYoshinobu Inoue * and is still up. If not, free it and try again. 53482cd038dSYoshinobu Inoue */ 53582cd038dSYoshinobu Inoue if (ro->ro_rt && ((ro->ro_rt->rt_flags & RTF_UP) == 0 || 5361183d014SHajimu UMEMOTO dst->sin6_family != AF_INET6 || 53782cd038dSYoshinobu Inoue !IN6_ARE_ADDR_EQUAL(&dst->sin6_addr, &ip6->ip6_dst))) { 53882cd038dSYoshinobu Inoue RTFREE(ro->ro_rt); 53982cd038dSYoshinobu Inoue ro->ro_rt = (struct rtentry *)0; 54082cd038dSYoshinobu Inoue } 54182cd038dSYoshinobu Inoue if (ro->ro_rt == 0) { 54282cd038dSYoshinobu Inoue bzero(dst, sizeof(*dst)); 54382cd038dSYoshinobu Inoue dst->sin6_family = AF_INET6; 54482cd038dSYoshinobu Inoue dst->sin6_len = sizeof(struct sockaddr_in6); 54582cd038dSYoshinobu Inoue dst->sin6_addr = ip6->ip6_dst; 54682cd038dSYoshinobu Inoue } 547f95d4633SHajimu UMEMOTO 548f95d4633SHajimu UMEMOTO /* 549f95d4633SHajimu UMEMOTO * if specified, try to fill in the traffic class field. 550f95d4633SHajimu UMEMOTO * do not override if a non-zero value is already set. 551f95d4633SHajimu UMEMOTO * we check the diffserv field and the ecn field separately. 552f95d4633SHajimu UMEMOTO */ 553f95d4633SHajimu UMEMOTO if (opt && opt->ip6po_tclass >= 0) { 554f95d4633SHajimu UMEMOTO int mask = 0; 555f95d4633SHajimu UMEMOTO 556f95d4633SHajimu UMEMOTO if ((ip6->ip6_flow & htonl(0xfc << 20)) == 0) 557f95d4633SHajimu UMEMOTO mask |= 0xfc; 558f95d4633SHajimu UMEMOTO if ((ip6->ip6_flow & htonl(0x03 << 20)) == 0) 559f95d4633SHajimu UMEMOTO mask |= 0x03; 560f95d4633SHajimu UMEMOTO if (mask != 0) 561f95d4633SHajimu UMEMOTO ip6->ip6_flow |= htonl((opt->ip6po_tclass & mask) << 20); 562f95d4633SHajimu UMEMOTO } 563f95d4633SHajimu UMEMOTO 564f95d4633SHajimu UMEMOTO /* fill in or override the hop limit field, if necessary. */ 565f95d4633SHajimu UMEMOTO if (opt && opt->ip6po_hlim != -1) 566f95d4633SHajimu UMEMOTO ip6->ip6_hlim = opt->ip6po_hlim & 0xff; 567f95d4633SHajimu UMEMOTO else if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) { 568f95d4633SHajimu UMEMOTO if (im6o != NULL) 569f95d4633SHajimu UMEMOTO ip6->ip6_hlim = im6o->im6o_multicast_hlim; 570f95d4633SHajimu UMEMOTO else 571f95d4633SHajimu UMEMOTO ip6->ip6_hlim = ip6_defmcasthlim; 572f95d4633SHajimu UMEMOTO } 573f95d4633SHajimu UMEMOTO 574b9234fafSSam Leffler #if defined(IPSEC) || defined(FAST_IPSEC) 57582cd038dSYoshinobu Inoue if (needipsec && needipsectun) { 57682cd038dSYoshinobu Inoue struct ipsec_output_state state; 57782cd038dSYoshinobu Inoue 57882cd038dSYoshinobu Inoue /* 57982cd038dSYoshinobu Inoue * All the extension headers will become inaccessible 58082cd038dSYoshinobu Inoue * (since they can be encrypted). 58182cd038dSYoshinobu Inoue * Don't panic, we need no more updates to extension headers 58282cd038dSYoshinobu Inoue * on inner IPv6 packet (since they are now encapsulated). 58382cd038dSYoshinobu Inoue * 58482cd038dSYoshinobu Inoue * IPv6 [ESP|AH] IPv6 [extension headers] payload 58582cd038dSYoshinobu Inoue */ 58682cd038dSYoshinobu Inoue bzero(&exthdrs, sizeof(exthdrs)); 58782cd038dSYoshinobu Inoue exthdrs.ip6e_ip6 = m; 58882cd038dSYoshinobu Inoue 58982cd038dSYoshinobu Inoue bzero(&state, sizeof(state)); 59082cd038dSYoshinobu Inoue state.m = m; 59182cd038dSYoshinobu Inoue state.ro = (struct route *)ro; 59282cd038dSYoshinobu Inoue state.dst = (struct sockaddr *)dst; 59382cd038dSYoshinobu Inoue 59482cd038dSYoshinobu Inoue error = ipsec6_output_tunnel(&state, sp, flags); 59582cd038dSYoshinobu Inoue 59682cd038dSYoshinobu Inoue m = state.m; 59782cd038dSYoshinobu Inoue ro = (struct route_in6 *)state.ro; 59882cd038dSYoshinobu Inoue dst = (struct sockaddr_in6 *)state.dst; 59982cd038dSYoshinobu Inoue if (error) { 60082cd038dSYoshinobu Inoue /* mbuf is already reclaimed in ipsec6_output_tunnel. */ 60182cd038dSYoshinobu Inoue m0 = m = NULL; 60282cd038dSYoshinobu Inoue m = NULL; 60382cd038dSYoshinobu Inoue switch (error) { 60482cd038dSYoshinobu Inoue case EHOSTUNREACH: 60582cd038dSYoshinobu Inoue case ENETUNREACH: 60682cd038dSYoshinobu Inoue case EMSGSIZE: 60782cd038dSYoshinobu Inoue case ENOBUFS: 60882cd038dSYoshinobu Inoue case ENOMEM: 60982cd038dSYoshinobu Inoue break; 61082cd038dSYoshinobu Inoue default: 61182cd038dSYoshinobu Inoue printf("ip6_output (ipsec): error code %d\n", error); 6127efe5d92SHajimu UMEMOTO /* FALLTHROUGH */ 61382cd038dSYoshinobu Inoue case ENOENT: 61482cd038dSYoshinobu Inoue /* don't show these error codes to the user */ 61582cd038dSYoshinobu Inoue error = 0; 61682cd038dSYoshinobu Inoue break; 61782cd038dSYoshinobu Inoue } 61882cd038dSYoshinobu Inoue goto bad; 61982cd038dSYoshinobu Inoue } 62082cd038dSYoshinobu Inoue 62182cd038dSYoshinobu Inoue exthdrs.ip6e_ip6 = m; 62282cd038dSYoshinobu Inoue } 623686cdd19SJun-ichiro itojun Hagino #endif /* IPSEC */ 62482cd038dSYoshinobu Inoue 62582cd038dSYoshinobu Inoue if (!IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) { 62682cd038dSYoshinobu Inoue /* Unicast */ 62782cd038dSYoshinobu Inoue 62882cd038dSYoshinobu Inoue #define ifatoia6(ifa) ((struct in6_ifaddr *)(ifa)) 62982cd038dSYoshinobu Inoue #define sin6tosa(sin6) ((struct sockaddr *)(sin6)) 63082cd038dSYoshinobu Inoue /* xxx 63182cd038dSYoshinobu Inoue * interface selection comes here 63282cd038dSYoshinobu Inoue * if an interface is specified from an upper layer, 63382cd038dSYoshinobu Inoue * ifp must point it. 63482cd038dSYoshinobu Inoue */ 635686cdd19SJun-ichiro itojun Hagino if (ro->ro_rt == 0) { 636686cdd19SJun-ichiro itojun Hagino /* 637686cdd19SJun-ichiro itojun Hagino * non-bsdi always clone routes, if parent is 638686cdd19SJun-ichiro itojun Hagino * PRF_CLONING. 639686cdd19SJun-ichiro itojun Hagino */ 64082cd038dSYoshinobu Inoue rtalloc((struct route *)ro); 641686cdd19SJun-ichiro itojun Hagino } 64282cd038dSYoshinobu Inoue if (ro->ro_rt == 0) { 64382cd038dSYoshinobu Inoue ip6stat.ip6s_noroute++; 64482cd038dSYoshinobu Inoue error = EHOSTUNREACH; 64582cd038dSYoshinobu Inoue /* XXX in6_ifstat_inc(ifp, ifs6_out_discard); */ 64682cd038dSYoshinobu Inoue goto bad; 64782cd038dSYoshinobu Inoue } 64868974f29SSam Leffler /* XXX rt not locked */ 64982cd038dSYoshinobu Inoue ia = ifatoia6(ro->ro_rt->rt_ifa); 65082cd038dSYoshinobu Inoue ifp = ro->ro_rt->rt_ifp; 65197d8d152SAndre Oppermann ro->ro_rt->rt_rmx.rmx_pksent++; 65282cd038dSYoshinobu Inoue if (ro->ro_rt->rt_flags & RTF_GATEWAY) 65382cd038dSYoshinobu Inoue dst = (struct sockaddr_in6 *)ro->ro_rt->rt_gateway; 65482cd038dSYoshinobu Inoue m->m_flags &= ~(M_BCAST | M_MCAST); /* just in case */ 65582cd038dSYoshinobu Inoue 65682cd038dSYoshinobu Inoue in6_ifstat_inc(ifp, ifs6_out_request); 65782cd038dSYoshinobu Inoue 65882cd038dSYoshinobu Inoue /* 659686cdd19SJun-ichiro itojun Hagino * Check if the outgoing interface conflicts with 66082cd038dSYoshinobu Inoue * the interface specified by ifi6_ifindex (if specified). 66182cd038dSYoshinobu Inoue * Note that loopback interface is always okay. 662686cdd19SJun-ichiro itojun Hagino * (this may happen when we are sending a packet to one of 663686cdd19SJun-ichiro itojun Hagino * our own addresses.) 66482cd038dSYoshinobu Inoue */ 66582cd038dSYoshinobu Inoue if (opt && opt->ip6po_pktinfo 66682cd038dSYoshinobu Inoue && opt->ip6po_pktinfo->ipi6_ifindex) { 66782cd038dSYoshinobu Inoue if (!(ifp->if_flags & IFF_LOOPBACK) 66882cd038dSYoshinobu Inoue && ifp->if_index != opt->ip6po_pktinfo->ipi6_ifindex) { 66982cd038dSYoshinobu Inoue ip6stat.ip6s_noroute++; 67082cd038dSYoshinobu Inoue in6_ifstat_inc(ifp, ifs6_out_discard); 67182cd038dSYoshinobu Inoue error = EHOSTUNREACH; 67282cd038dSYoshinobu Inoue goto bad; 67382cd038dSYoshinobu Inoue } 67482cd038dSYoshinobu Inoue } 67582cd038dSYoshinobu Inoue 67682cd038dSYoshinobu Inoue if (opt && opt->ip6po_hlim != -1) 67782cd038dSYoshinobu Inoue ip6->ip6_hlim = opt->ip6po_hlim & 0xff; 67882cd038dSYoshinobu Inoue } else { 67982cd038dSYoshinobu Inoue /* Multicast */ 68082cd038dSYoshinobu Inoue struct in6_multi *in6m; 68182cd038dSYoshinobu Inoue 68282cd038dSYoshinobu Inoue m->m_flags = (m->m_flags & ~M_BCAST) | M_MCAST; 68382cd038dSYoshinobu Inoue 68482cd038dSYoshinobu Inoue /* 68582cd038dSYoshinobu Inoue * See if the caller provided any multicast options 68682cd038dSYoshinobu Inoue */ 68782cd038dSYoshinobu Inoue ifp = NULL; 68882cd038dSYoshinobu Inoue if (im6o != NULL) { 68982cd038dSYoshinobu Inoue ip6->ip6_hlim = im6o->im6o_multicast_hlim; 69082cd038dSYoshinobu Inoue if (im6o->im6o_multicast_ifp != NULL) 69182cd038dSYoshinobu Inoue ifp = im6o->im6o_multicast_ifp; 69282cd038dSYoshinobu Inoue } else 69382cd038dSYoshinobu Inoue ip6->ip6_hlim = ip6_defmcasthlim; 69482cd038dSYoshinobu Inoue 69582cd038dSYoshinobu Inoue /* 69682cd038dSYoshinobu Inoue * See if the caller provided the outgoing interface 69782cd038dSYoshinobu Inoue * as an ancillary data. 69882cd038dSYoshinobu Inoue * Boundary check for ifindex is assumed to be already done. 69982cd038dSYoshinobu Inoue */ 70082cd038dSYoshinobu Inoue if (opt && opt->ip6po_pktinfo && opt->ip6po_pktinfo->ipi6_ifindex) 701f9132cebSJonathan Lemon ifp = ifnet_byindex(opt->ip6po_pktinfo->ipi6_ifindex); 70282cd038dSYoshinobu Inoue 70382cd038dSYoshinobu Inoue /* 70482cd038dSYoshinobu Inoue * If the destination is a node-local scope multicast, 70582cd038dSYoshinobu Inoue * the packet should be loop-backed only. 70682cd038dSYoshinobu Inoue */ 7079a4f9608SHajimu UMEMOTO if (IN6_IS_ADDR_MC_INTFACELOCAL(&ip6->ip6_dst)) { 70882cd038dSYoshinobu Inoue /* 70982cd038dSYoshinobu Inoue * If the outgoing interface is already specified, 71082cd038dSYoshinobu Inoue * it should be a loopback interface. 71182cd038dSYoshinobu Inoue */ 71282cd038dSYoshinobu Inoue if (ifp && (ifp->if_flags & IFF_LOOPBACK) == 0) { 71382cd038dSYoshinobu Inoue ip6stat.ip6s_badscope++; 71482cd038dSYoshinobu Inoue error = ENETUNREACH; /* XXX: better error? */ 71582cd038dSYoshinobu Inoue /* XXX correct ifp? */ 71682cd038dSYoshinobu Inoue in6_ifstat_inc(ifp, ifs6_out_discard); 71782cd038dSYoshinobu Inoue goto bad; 71882cd038dSYoshinobu Inoue } else { 71982cd038dSYoshinobu Inoue ifp = &loif[0]; 72082cd038dSYoshinobu Inoue } 72182cd038dSYoshinobu Inoue } 72282cd038dSYoshinobu Inoue 72382cd038dSYoshinobu Inoue if (opt && opt->ip6po_hlim != -1) 72482cd038dSYoshinobu Inoue ip6->ip6_hlim = opt->ip6po_hlim & 0xff; 72582cd038dSYoshinobu Inoue 72682cd038dSYoshinobu Inoue /* 72782cd038dSYoshinobu Inoue * If caller did not provide an interface lookup a 72882cd038dSYoshinobu Inoue * default in the routing table. This is either a 72982cd038dSYoshinobu Inoue * default for the speicfied group (i.e. a host 73082cd038dSYoshinobu Inoue * route), or a multicast default (a route for the 73182cd038dSYoshinobu Inoue * ``net'' ff00::/8). 73282cd038dSYoshinobu Inoue */ 73382cd038dSYoshinobu Inoue if (ifp == NULL) { 73468974f29SSam Leffler if (ro->ro_rt == 0) 73582cd038dSYoshinobu Inoue ro->ro_rt = rtalloc1((struct sockaddr *) 73682cd038dSYoshinobu Inoue &ro->ro_dst, 0, 0UL); 73768974f29SSam Leffler else 73868974f29SSam Leffler RT_LOCK(ro->ro_rt); 73982cd038dSYoshinobu Inoue if (ro->ro_rt == 0) { 74082cd038dSYoshinobu Inoue ip6stat.ip6s_noroute++; 74182cd038dSYoshinobu Inoue error = EHOSTUNREACH; 74282cd038dSYoshinobu Inoue /* XXX in6_ifstat_inc(ifp, ifs6_out_discard) */ 74382cd038dSYoshinobu Inoue goto bad; 74482cd038dSYoshinobu Inoue } 74582cd038dSYoshinobu Inoue ia = ifatoia6(ro->ro_rt->rt_ifa); 74682cd038dSYoshinobu Inoue ifp = ro->ro_rt->rt_ifp; 74797d8d152SAndre Oppermann ro->ro_rt->rt_rmx.rmx_pksent++; 748d1dd20beSSam Leffler RT_UNLOCK(ro->ro_rt); 74982cd038dSYoshinobu Inoue } 75082cd038dSYoshinobu Inoue 75182cd038dSYoshinobu Inoue if ((flags & IPV6_FORWARDING) == 0) 75282cd038dSYoshinobu Inoue in6_ifstat_inc(ifp, ifs6_out_request); 75382cd038dSYoshinobu Inoue in6_ifstat_inc(ifp, ifs6_out_mcast); 75482cd038dSYoshinobu Inoue 75582cd038dSYoshinobu Inoue /* 75682cd038dSYoshinobu Inoue * Confirm that the outgoing interface supports multicast. 75782cd038dSYoshinobu Inoue */ 75882cd038dSYoshinobu Inoue if ((ifp->if_flags & IFF_MULTICAST) == 0) { 75982cd038dSYoshinobu Inoue ip6stat.ip6s_noroute++; 76082cd038dSYoshinobu Inoue in6_ifstat_inc(ifp, ifs6_out_discard); 76182cd038dSYoshinobu Inoue error = ENETUNREACH; 76282cd038dSYoshinobu Inoue goto bad; 76382cd038dSYoshinobu Inoue } 76482cd038dSYoshinobu Inoue IN6_LOOKUP_MULTI(ip6->ip6_dst, ifp, in6m); 76582cd038dSYoshinobu Inoue if (in6m != NULL && 76682cd038dSYoshinobu Inoue (im6o == NULL || im6o->im6o_multicast_loop)) { 76782cd038dSYoshinobu Inoue /* 76882cd038dSYoshinobu Inoue * If we belong to the destination multicast group 76982cd038dSYoshinobu Inoue * on the outgoing interface, and the caller did not 77082cd038dSYoshinobu Inoue * forbid loopback, loop back a copy. 77182cd038dSYoshinobu Inoue */ 77282cd038dSYoshinobu Inoue ip6_mloopback(ifp, m, dst); 77391ec0a1eSYoshinobu Inoue } else { 77491ec0a1eSYoshinobu Inoue /* 77591ec0a1eSYoshinobu Inoue * If we are acting as a multicast router, perform 77691ec0a1eSYoshinobu Inoue * multicast forwarding as if the packet had just 77791ec0a1eSYoshinobu Inoue * arrived on the interface to which we are about 77891ec0a1eSYoshinobu Inoue * to send. The multicast forwarding function 77991ec0a1eSYoshinobu Inoue * recursively calls this function, using the 78091ec0a1eSYoshinobu Inoue * IPV6_FORWARDING flag to prevent infinite recursion. 78191ec0a1eSYoshinobu Inoue * 78291ec0a1eSYoshinobu Inoue * Multicasts that are looped back by ip6_mloopback(), 78391ec0a1eSYoshinobu Inoue * above, will be forwarded by the ip6_input() routine, 78491ec0a1eSYoshinobu Inoue * if necessary. 78591ec0a1eSYoshinobu Inoue */ 78691ec0a1eSYoshinobu Inoue if (ip6_mrouter && (flags & IPV6_FORWARDING) == 0) { 787686cdd19SJun-ichiro itojun Hagino if (ip6_mforward(ip6, ifp, m) != 0) { 78891ec0a1eSYoshinobu Inoue m_freem(m); 78991ec0a1eSYoshinobu Inoue goto done; 79091ec0a1eSYoshinobu Inoue } 79191ec0a1eSYoshinobu Inoue } 79282cd038dSYoshinobu Inoue } 79382cd038dSYoshinobu Inoue /* 79482cd038dSYoshinobu Inoue * Multicasts with a hoplimit of zero may be looped back, 79582cd038dSYoshinobu Inoue * above, but must not be transmitted on a network. 79682cd038dSYoshinobu Inoue * Also, multicasts addressed to the loopback interface 79782cd038dSYoshinobu Inoue * are not sent -- the above call to ip6_mloopback() will 79882cd038dSYoshinobu Inoue * loop back a copy if this host actually belongs to the 79982cd038dSYoshinobu Inoue * destination group on the loopback interface. 80082cd038dSYoshinobu Inoue */ 801f95d4633SHajimu UMEMOTO if (ip6->ip6_hlim == 0 || (ifp->if_flags & IFF_LOOPBACK) || 802f95d4633SHajimu UMEMOTO IN6_IS_ADDR_MC_INTFACELOCAL(&ip6->ip6_dst)) { 80382cd038dSYoshinobu Inoue m_freem(m); 80482cd038dSYoshinobu Inoue goto done; 80582cd038dSYoshinobu Inoue } 80682cd038dSYoshinobu Inoue } 80782cd038dSYoshinobu Inoue 80882cd038dSYoshinobu Inoue /* 80982cd038dSYoshinobu Inoue * Fill the outgoing inteface to tell the upper layer 81082cd038dSYoshinobu Inoue * to increment per-interface statistics. 81182cd038dSYoshinobu Inoue */ 81282cd038dSYoshinobu Inoue if (ifpp) 81382cd038dSYoshinobu Inoue *ifpp = ifp; 81482cd038dSYoshinobu Inoue 81531b3783cSHajimu UMEMOTO /* Determine path MTU. */ 816f95d4633SHajimu UMEMOTO if ((error = ip6_getpmtu(ro_pmtu, ro, ifp, &finaldst, &mtu, 817f95d4633SHajimu UMEMOTO &alwaysfrag)) != 0) 81831b3783cSHajimu UMEMOTO goto bad; 81982cd038dSYoshinobu Inoue 82033841545SHajimu UMEMOTO /* 8218b00e59dSHajimu UMEMOTO * The caller of this function may specify to use the minimum MTU 8228b00e59dSHajimu UMEMOTO * in some cases. 8238b00e59dSHajimu UMEMOTO * An advanced API option (IPV6_USE_MIN_MTU) can also override MTU 8248b00e59dSHajimu UMEMOTO * setting. The logic is a bit complicated; by default, unicast 8258b00e59dSHajimu UMEMOTO * packets will follow path MTU while multicast packets will be sent at 8268b00e59dSHajimu UMEMOTO * the minimum MTU. If IP6PO_MINMTU_ALL is specified, all packets 8278b00e59dSHajimu UMEMOTO * including unicast ones will be sent at the minimum MTU. Multicast 8288b00e59dSHajimu UMEMOTO * packets will always be sent at the minimum MTU unless 8298b00e59dSHajimu UMEMOTO * IP6PO_MINMTU_DISABLE is explicitly specified. 8308b00e59dSHajimu UMEMOTO * See RFC 3542 for more details. 83133841545SHajimu UMEMOTO */ 8328b00e59dSHajimu UMEMOTO if (mtu > IPV6_MMTU) { 8338b00e59dSHajimu UMEMOTO if ((flags & IPV6_MINMTU)) 83433841545SHajimu UMEMOTO mtu = IPV6_MMTU; 8358b00e59dSHajimu UMEMOTO else if (opt && opt->ip6po_minmtu == IP6PO_MINMTU_ALL) 8368b00e59dSHajimu UMEMOTO mtu = IPV6_MMTU; 8378b00e59dSHajimu UMEMOTO else if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) && 8388b00e59dSHajimu UMEMOTO (opt == NULL || 8398b00e59dSHajimu UMEMOTO opt->ip6po_minmtu != IP6PO_MINMTU_DISABLE)) { 8408b00e59dSHajimu UMEMOTO mtu = IPV6_MMTU; 8418b00e59dSHajimu UMEMOTO } 8428b00e59dSHajimu UMEMOTO } 84333841545SHajimu UMEMOTO 844686cdd19SJun-ichiro itojun Hagino /* Fake scoped addresses */ 845686cdd19SJun-ichiro itojun Hagino if ((ifp->if_flags & IFF_LOOPBACK) != 0) { 84682cd038dSYoshinobu Inoue /* 847686cdd19SJun-ichiro itojun Hagino * If source or destination address is a scoped address, and 848686cdd19SJun-ichiro itojun Hagino * the packet is going to be sent to a loopback interface, 849686cdd19SJun-ichiro itojun Hagino * we should keep the original interface. 85082cd038dSYoshinobu Inoue */ 851686cdd19SJun-ichiro itojun Hagino 852686cdd19SJun-ichiro itojun Hagino /* 853686cdd19SJun-ichiro itojun Hagino * XXX: this is a very experimental and temporary solution. 854686cdd19SJun-ichiro itojun Hagino * We eventually have sockaddr_in6 and use the sin6_scope_id 855686cdd19SJun-ichiro itojun Hagino * field of the structure here. 856686cdd19SJun-ichiro itojun Hagino * We rely on the consistency between two scope zone ids 85788ff5695SSUZUKI Shinsuke * of source and destination, which should already be assured. 85888ff5695SSUZUKI Shinsuke * Larger scopes than link will be supported in the future. 859686cdd19SJun-ichiro itojun Hagino */ 86033841545SHajimu UMEMOTO origifp = NULL; 861686cdd19SJun-ichiro itojun Hagino if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_src)) 862f9132cebSJonathan Lemon origifp = ifnet_byindex(ntohs(ip6->ip6_src.s6_addr16[1])); 863686cdd19SJun-ichiro itojun Hagino else if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_dst)) 864f9132cebSJonathan Lemon origifp = ifnet_byindex(ntohs(ip6->ip6_dst.s6_addr16[1])); 86533841545SHajimu UMEMOTO /* 86633841545SHajimu UMEMOTO * XXX: origifp can be NULL even in those two cases above. 86733841545SHajimu UMEMOTO * For example, if we remove the (only) link-local address 86833841545SHajimu UMEMOTO * from the loopback interface, and try to send a link-local 86933841545SHajimu UMEMOTO * address without link-id information. Then the source 87033841545SHajimu UMEMOTO * address is ::1, and the destination address is the 87133841545SHajimu UMEMOTO * link-local address with its s6_addr16[1] being zero. 87233841545SHajimu UMEMOTO * What is worse, if the packet goes to the loopback interface 87333841545SHajimu UMEMOTO * by a default rejected route, the null pointer would be 87433841545SHajimu UMEMOTO * passed to looutput, and the kernel would hang. 87533841545SHajimu UMEMOTO * The following last resort would prevent such disaster. 87633841545SHajimu UMEMOTO */ 87733841545SHajimu UMEMOTO if (origifp == NULL) 878686cdd19SJun-ichiro itojun Hagino origifp = ifp; 879686cdd19SJun-ichiro itojun Hagino } 880686cdd19SJun-ichiro itojun Hagino else 881686cdd19SJun-ichiro itojun Hagino origifp = ifp; 88233841545SHajimu UMEMOTO /* 88333841545SHajimu UMEMOTO * clear embedded scope identifiers if necessary. 88433841545SHajimu UMEMOTO * in6_clearscope will touch the addresses only when necessary. 88533841545SHajimu UMEMOTO */ 88633841545SHajimu UMEMOTO in6_clearscope(&ip6->ip6_src); 88733841545SHajimu UMEMOTO in6_clearscope(&ip6->ip6_dst); 88882cd038dSYoshinobu Inoue 88982cd038dSYoshinobu Inoue /* 89082cd038dSYoshinobu Inoue * Check with the firewall... 89182cd038dSYoshinobu Inoue */ 89220cb9f9eSHajimu UMEMOTO if (ip6_fw_enable && ip6_fw_chk_ptr) { 89382cd038dSYoshinobu Inoue u_short port = 0; 894686cdd19SJun-ichiro itojun Hagino m->m_pkthdr.rcvif = NULL; /* XXX */ 89582cd038dSYoshinobu Inoue /* If ipfw says divert, we have to just drop packet */ 89682cd038dSYoshinobu Inoue if ((*ip6_fw_chk_ptr)(&ip6, ifp, &port, &m)) { 89782cd038dSYoshinobu Inoue m_freem(m); 89882cd038dSYoshinobu Inoue goto done; 89982cd038dSYoshinobu Inoue } 90082cd038dSYoshinobu Inoue if (!m) { 90182cd038dSYoshinobu Inoue error = EACCES; 90282cd038dSYoshinobu Inoue goto done; 90382cd038dSYoshinobu Inoue } 90482cd038dSYoshinobu Inoue } 90582cd038dSYoshinobu Inoue 90682cd038dSYoshinobu Inoue /* 90782cd038dSYoshinobu Inoue * If the outgoing packet contains a hop-by-hop options header, 90882cd038dSYoshinobu Inoue * it must be examined and processed even by the source node. 90982cd038dSYoshinobu Inoue * (RFC 2460, section 4.) 91082cd038dSYoshinobu Inoue */ 91182cd038dSYoshinobu Inoue if (exthdrs.ip6e_hbh) { 91233841545SHajimu UMEMOTO struct ip6_hbh *hbh = mtod(exthdrs.ip6e_hbh, struct ip6_hbh *); 913283f9f8aSHajimu UMEMOTO u_int32_t dummy; /* XXX unused */ 914283f9f8aSHajimu UMEMOTO u_int32_t plen = 0; /* XXX: ip6_process will check the value */ 91582cd038dSYoshinobu Inoue 91633841545SHajimu UMEMOTO #ifdef DIAGNOSTIC 91733841545SHajimu UMEMOTO if ((hbh->ip6h_len + 1) << 3 > exthdrs.ip6e_hbh->m_len) 91833841545SHajimu UMEMOTO panic("ip6e_hbh is not continuous"); 91933841545SHajimu UMEMOTO #endif 92082cd038dSYoshinobu Inoue /* 92182cd038dSYoshinobu Inoue * XXX: if we have to send an ICMPv6 error to the sender, 92282cd038dSYoshinobu Inoue * we need the M_LOOP flag since icmp6_error() expects 92382cd038dSYoshinobu Inoue * the IPv6 and the hop-by-hop options header are 92482cd038dSYoshinobu Inoue * continuous unless the flag is set. 92582cd038dSYoshinobu Inoue */ 92682cd038dSYoshinobu Inoue m->m_flags |= M_LOOP; 92782cd038dSYoshinobu Inoue m->m_pkthdr.rcvif = ifp; 9287efe5d92SHajimu UMEMOTO if (ip6_process_hopopts(m, (u_int8_t *)(hbh + 1), 9297efe5d92SHajimu UMEMOTO ((hbh->ip6h_len + 1) << 3) - sizeof(struct ip6_hbh), 930283f9f8aSHajimu UMEMOTO &dummy, &plen) < 0) { 93182cd038dSYoshinobu Inoue /* m was already freed at this point */ 93282cd038dSYoshinobu Inoue error = EINVAL;/* better error? */ 93382cd038dSYoshinobu Inoue goto done; 93482cd038dSYoshinobu Inoue } 93582cd038dSYoshinobu Inoue m->m_flags &= ~M_LOOP; /* XXX */ 93682cd038dSYoshinobu Inoue m->m_pkthdr.rcvif = NULL; 93782cd038dSYoshinobu Inoue } 93882cd038dSYoshinobu Inoue 939c21fd232SAndre Oppermann /* Jump over all PFIL processing if hooks are not active. */ 940c21fd232SAndre Oppermann if (inet6_pfil_hook.ph_busy_count == -1) 941c21fd232SAndre Oppermann goto passout; 942c21fd232SAndre Oppermann 9438195404bSBrooks Davis odst = ip6->ip6_dst; 944c21fd232SAndre Oppermann /* Run through list of hooks for output packets. */ 945d6a8d588SMax Laier error = pfil_run_hooks(&inet6_pfil_hook, &m, ifp, PFIL_OUT, inp); 946b140bc1fSSam Leffler if (error != 0 || m == NULL) 947c4ac87eaSDarren Reed goto done; 948c4ac87eaSDarren Reed ip6 = mtod(m, struct ip6_hdr *); 9497efe5d92SHajimu UMEMOTO 9508195404bSBrooks Davis /* See if destination IP address was changed by packet filter. */ 9518195404bSBrooks Davis if (!IN6_ARE_ADDR_EQUAL(&odst, &ip6->ip6_dst)) { 9528195404bSBrooks Davis m->m_flags |= M_SKIP_FIREWALL; 9538195404bSBrooks Davis /* If destination is now ourself drop to ip6_input(). */ 9548195404bSBrooks Davis if (in6_localaddr(&ip6->ip6_dst)) { 9558195404bSBrooks Davis if (m->m_pkthdr.rcvif == NULL) 9568195404bSBrooks Davis m->m_pkthdr.rcvif = loif; 9578195404bSBrooks Davis if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA) { 9588195404bSBrooks Davis m->m_pkthdr.csum_flags |= 9598195404bSBrooks Davis CSUM_DATA_VALID | CSUM_PSEUDO_HDR; 9608195404bSBrooks Davis m->m_pkthdr.csum_data = 0xffff; 9618195404bSBrooks Davis } 9628195404bSBrooks Davis m->m_pkthdr.csum_flags |= 9638195404bSBrooks Davis CSUM_IP_CHECKED | CSUM_IP_VALID; 9648195404bSBrooks Davis error = netisr_queue(NETISR_IPV6, m); 9658195404bSBrooks Davis goto done; 9668195404bSBrooks Davis } else 9678195404bSBrooks Davis goto again; /* Redo the routing table lookup. */ 9688195404bSBrooks Davis } 9698195404bSBrooks Davis 9708195404bSBrooks Davis /* XXX: IPFIREWALL_FORWARD */ 9718195404bSBrooks Davis 972c21fd232SAndre Oppermann passout: 97382cd038dSYoshinobu Inoue /* 97482cd038dSYoshinobu Inoue * Send the packet to the outgoing interface. 97582cd038dSYoshinobu Inoue * If necessary, do IPv6 fragmentation before sending. 976f95d4633SHajimu UMEMOTO * 977f95d4633SHajimu UMEMOTO * the logic here is rather complex: 978f95d4633SHajimu UMEMOTO * 1: normal case (dontfrag == 0, alwaysfrag == 0) 979f95d4633SHajimu UMEMOTO * 1-a: send as is if tlen <= path mtu 980f95d4633SHajimu UMEMOTO * 1-b: fragment if tlen > path mtu 981f95d4633SHajimu UMEMOTO * 982f95d4633SHajimu UMEMOTO * 2: if user asks us not to fragment (dontfrag == 1) 983f95d4633SHajimu UMEMOTO * 2-a: send as is if tlen <= interface mtu 984f95d4633SHajimu UMEMOTO * 2-b: error if tlen > interface mtu 985f95d4633SHajimu UMEMOTO * 986f95d4633SHajimu UMEMOTO * 3: if we always need to attach fragment header (alwaysfrag == 1) 987f95d4633SHajimu UMEMOTO * always fragment 988f95d4633SHajimu UMEMOTO * 989f95d4633SHajimu UMEMOTO * 4: if dontfrag == 1 && alwaysfrag == 1 990f95d4633SHajimu UMEMOTO * error, as we cannot handle this conflicting request 99182cd038dSYoshinobu Inoue */ 99282cd038dSYoshinobu Inoue tlen = m->m_pkthdr.len; 99382cd038dSYoshinobu Inoue 994f95d4633SHajimu UMEMOTO if (opt && (opt->ip6po_flags & IP6PO_DONTFRAG)) 995f95d4633SHajimu UMEMOTO dontfrag = 1; 996f95d4633SHajimu UMEMOTO else 997f95d4633SHajimu UMEMOTO dontfrag = 0; 998f95d4633SHajimu UMEMOTO if (dontfrag && alwaysfrag) { /* case 4 */ 999f95d4633SHajimu UMEMOTO /* conflicting request - can't transmit */ 1000f95d4633SHajimu UMEMOTO error = EMSGSIZE; 1001f95d4633SHajimu UMEMOTO goto bad; 1002f95d4633SHajimu UMEMOTO } 1003f95d4633SHajimu UMEMOTO if (dontfrag && tlen > IN6_LINKMTU(ifp)) { /* case 2-b */ 1004f95d4633SHajimu UMEMOTO /* 1005f95d4633SHajimu UMEMOTO * Even if the DONTFRAG option is specified, we cannot send the 1006f95d4633SHajimu UMEMOTO * packet when the data length is larger than the MTU of the 1007f95d4633SHajimu UMEMOTO * outgoing interface. 1008f95d4633SHajimu UMEMOTO * Notify the error by sending IPV6_PATHMTU ancillary data as 1009f95d4633SHajimu UMEMOTO * well as returning an error code (the latter is not described 1010f95d4633SHajimu UMEMOTO * in the API spec.) 1011f95d4633SHajimu UMEMOTO */ 1012f95d4633SHajimu UMEMOTO u_int32_t mtu32; 1013f95d4633SHajimu UMEMOTO struct ip6ctlparam ip6cp; 1014f95d4633SHajimu UMEMOTO 1015f95d4633SHajimu UMEMOTO mtu32 = (u_int32_t)mtu; 1016f95d4633SHajimu UMEMOTO bzero(&ip6cp, sizeof(ip6cp)); 1017f95d4633SHajimu UMEMOTO ip6cp.ip6c_cmdarg = (void *)&mtu32; 1018f95d4633SHajimu UMEMOTO pfctlinput2(PRC_MSGSIZE, (struct sockaddr *)&ro_pmtu->ro_dst, 1019f95d4633SHajimu UMEMOTO (void *)&ip6cp); 1020f95d4633SHajimu UMEMOTO 1021f95d4633SHajimu UMEMOTO error = EMSGSIZE; 1022f95d4633SHajimu UMEMOTO goto bad; 1023f95d4633SHajimu UMEMOTO } 1024f95d4633SHajimu UMEMOTO 1025f95d4633SHajimu UMEMOTO /* 1026f95d4633SHajimu UMEMOTO * transmit packet without fragmentation 1027f95d4633SHajimu UMEMOTO */ 1028f95d4633SHajimu UMEMOTO if (dontfrag || (!alwaysfrag && tlen <= mtu)) { /* case 1-a and 2-a */ 1029f95d4633SHajimu UMEMOTO struct in6_ifaddr *ia6; 1030f95d4633SHajimu UMEMOTO 1031f95d4633SHajimu UMEMOTO ip6 = mtod(m, struct ip6_hdr *); 1032f95d4633SHajimu UMEMOTO ia6 = in6_ifawithifp(ifp, &ip6->ip6_src); 1033f95d4633SHajimu UMEMOTO if (ia6) { 10345da9f8faSJosef Karthauser /* Record statistics for this interface address. */ 1035f95d4633SHajimu UMEMOTO ia6->ia_ifa.if_opackets++; 1036f95d4633SHajimu UMEMOTO ia6->ia_ifa.if_obytes += m->m_pkthdr.len; 10375da9f8faSJosef Karthauser } 103833841545SHajimu UMEMOTO #ifdef IPSEC 103933841545SHajimu UMEMOTO /* clean ipsec history once it goes out of the node */ 104033841545SHajimu UMEMOTO ipsec_delaux(m); 104133841545SHajimu UMEMOTO #endif 1042686cdd19SJun-ichiro itojun Hagino error = nd6_output(ifp, origifp, m, dst, ro->ro_rt); 104382cd038dSYoshinobu Inoue goto done; 1044f95d4633SHajimu UMEMOTO } 1045f95d4633SHajimu UMEMOTO 104682cd038dSYoshinobu Inoue /* 1047f95d4633SHajimu UMEMOTO * try to fragment the packet. case 1-b and 3 104882cd038dSYoshinobu Inoue */ 1049f95d4633SHajimu UMEMOTO if (mtu < IPV6_MMTU) { 1050f95d4633SHajimu UMEMOTO /* path MTU cannot be less than IPV6_MMTU */ 105182cd038dSYoshinobu Inoue error = EMSGSIZE; 105282cd038dSYoshinobu Inoue in6_ifstat_inc(ifp, ifs6_out_fragfail); 105382cd038dSYoshinobu Inoue goto bad; 10547efe5d92SHajimu UMEMOTO } else if (ip6->ip6_plen == 0) { 10557efe5d92SHajimu UMEMOTO /* jumbo payload cannot be fragmented */ 105682cd038dSYoshinobu Inoue error = EMSGSIZE; 105782cd038dSYoshinobu Inoue in6_ifstat_inc(ifp, ifs6_out_fragfail); 105882cd038dSYoshinobu Inoue goto bad; 105982cd038dSYoshinobu Inoue } else { 106082cd038dSYoshinobu Inoue struct mbuf **mnext, *m_frgpart; 106182cd038dSYoshinobu Inoue struct ip6_frag *ip6f; 10628373d51dSHajimu UMEMOTO u_int32_t id = htonl(ip6_randomid()); 106382cd038dSYoshinobu Inoue u_char nextproto; 1064763f534eSDoug White #if 0 10658b00e59dSHajimu UMEMOTO struct ip6ctlparam ip6cp; 10668b00e59dSHajimu UMEMOTO u_int32_t mtu32; 1067763f534eSDoug White #endif 10686f8aee22SBill Paul int qslots = ifp->if_snd.ifq_maxlen - ifp->if_snd.ifq_len; 106982cd038dSYoshinobu Inoue 107082cd038dSYoshinobu Inoue /* 107182cd038dSYoshinobu Inoue * Too large for the destination or interface; 107282cd038dSYoshinobu Inoue * fragment if possible. 107382cd038dSYoshinobu Inoue * Must be able to put at least 8 bytes per fragment. 107482cd038dSYoshinobu Inoue */ 107582cd038dSYoshinobu Inoue hlen = unfragpartlen; 107682cd038dSYoshinobu Inoue if (mtu > IPV6_MAXPACKET) 107782cd038dSYoshinobu Inoue mtu = IPV6_MAXPACKET; 107833841545SHajimu UMEMOTO 1079763f534eSDoug White #if 0 1080763f534eSDoug White /* 1081763f534eSDoug White * It is believed this code is a leftover from the 1082763f534eSDoug White * development of the IPV6_RECVPATHMTU sockopt and 1083763f534eSDoug White * associated work to implement RFC3542. 1084763f534eSDoug White * It's not entirely clear what the intent of the API 1085763f534eSDoug White * is at this point, so disable this code for now. 1086763f534eSDoug White * The IPV6_RECVPATHMTU sockopt and/or IPV6_DONTFRAG 1087763f534eSDoug White * will send notifications if the application requests. 1088763f534eSDoug White */ 1089763f534eSDoug White 10908b00e59dSHajimu UMEMOTO /* Notify a proper path MTU to applications. */ 10918b00e59dSHajimu UMEMOTO mtu32 = (u_int32_t)mtu; 10928b00e59dSHajimu UMEMOTO bzero(&ip6cp, sizeof(ip6cp)); 10938b00e59dSHajimu UMEMOTO ip6cp.ip6c_cmdarg = (void *)&mtu32; 10948b00e59dSHajimu UMEMOTO pfctlinput2(PRC_MSGSIZE, (struct sockaddr *)&ro_pmtu->ro_dst, 10958b00e59dSHajimu UMEMOTO (void *)&ip6cp); 1096763f534eSDoug White #endif 10978b00e59dSHajimu UMEMOTO 109882cd038dSYoshinobu Inoue len = (mtu - hlen - sizeof(struct ip6_frag)) & ~7; 109982cd038dSYoshinobu Inoue if (len < 8) { 110082cd038dSYoshinobu Inoue error = EMSGSIZE; 110182cd038dSYoshinobu Inoue in6_ifstat_inc(ifp, ifs6_out_fragfail); 110282cd038dSYoshinobu Inoue goto bad; 110382cd038dSYoshinobu Inoue } 110482cd038dSYoshinobu Inoue 11056f8aee22SBill Paul /* 11066f8aee22SBill Paul * Verify that we have any chance at all of being able to queue 11076f8aee22SBill Paul * the packet or packet fragments 11086f8aee22SBill Paul */ 11096f8aee22SBill Paul if (qslots <= 0 || ((u_int)qslots * (mtu - hlen) 11106f8aee22SBill Paul < tlen /* - hlen */)) { 11116f8aee22SBill Paul error = ENOBUFS; 11126f8aee22SBill Paul ip6stat.ip6s_odropped++; 11136f8aee22SBill Paul goto bad; 11146f8aee22SBill Paul } 11156f8aee22SBill Paul 111682cd038dSYoshinobu Inoue mnext = &m->m_nextpkt; 111782cd038dSYoshinobu Inoue 111882cd038dSYoshinobu Inoue /* 111982cd038dSYoshinobu Inoue * Change the next header field of the last header in the 112082cd038dSYoshinobu Inoue * unfragmentable part. 112182cd038dSYoshinobu Inoue */ 112282cd038dSYoshinobu Inoue if (exthdrs.ip6e_rthdr) { 112382cd038dSYoshinobu Inoue nextproto = *mtod(exthdrs.ip6e_rthdr, u_char *); 112482cd038dSYoshinobu Inoue *mtod(exthdrs.ip6e_rthdr, u_char *) = IPPROTO_FRAGMENT; 112582cd038dSYoshinobu Inoue } else if (exthdrs.ip6e_dest1) { 112682cd038dSYoshinobu Inoue nextproto = *mtod(exthdrs.ip6e_dest1, u_char *); 112782cd038dSYoshinobu Inoue *mtod(exthdrs.ip6e_dest1, u_char *) = IPPROTO_FRAGMENT; 112882cd038dSYoshinobu Inoue } else if (exthdrs.ip6e_hbh) { 112982cd038dSYoshinobu Inoue nextproto = *mtod(exthdrs.ip6e_hbh, u_char *); 113082cd038dSYoshinobu Inoue *mtod(exthdrs.ip6e_hbh, u_char *) = IPPROTO_FRAGMENT; 113182cd038dSYoshinobu Inoue } else { 113282cd038dSYoshinobu Inoue nextproto = ip6->ip6_nxt; 113382cd038dSYoshinobu Inoue ip6->ip6_nxt = IPPROTO_FRAGMENT; 113482cd038dSYoshinobu Inoue } 113582cd038dSYoshinobu Inoue 113682cd038dSYoshinobu Inoue /* 113782cd038dSYoshinobu Inoue * Loop through length of segment after first fragment, 113888ff5695SSUZUKI Shinsuke * make new header and copy data of each part and link onto 113988ff5695SSUZUKI Shinsuke * chain. 114082cd038dSYoshinobu Inoue */ 114182cd038dSYoshinobu Inoue m0 = m; 114282cd038dSYoshinobu Inoue for (off = hlen; off < tlen; off += len) { 1143a163d034SWarner Losh MGETHDR(m, M_DONTWAIT, MT_HEADER); 114482cd038dSYoshinobu Inoue if (!m) { 114582cd038dSYoshinobu Inoue error = ENOBUFS; 114682cd038dSYoshinobu Inoue ip6stat.ip6s_odropped++; 114782cd038dSYoshinobu Inoue goto sendorfree; 114882cd038dSYoshinobu Inoue } 114933841545SHajimu UMEMOTO m->m_pkthdr.rcvif = NULL; 115082cd038dSYoshinobu Inoue m->m_flags = m0->m_flags & M_COPYFLAGS; 115182cd038dSYoshinobu Inoue *mnext = m; 115282cd038dSYoshinobu Inoue mnext = &m->m_nextpkt; 115382cd038dSYoshinobu Inoue m->m_data += max_linkhdr; 115482cd038dSYoshinobu Inoue mhip6 = mtod(m, struct ip6_hdr *); 115582cd038dSYoshinobu Inoue *mhip6 = *ip6; 115682cd038dSYoshinobu Inoue m->m_len = sizeof(*mhip6); 115782cd038dSYoshinobu Inoue error = ip6_insertfraghdr(m0, m, hlen, &ip6f); 115882cd038dSYoshinobu Inoue if (error) { 115982cd038dSYoshinobu Inoue ip6stat.ip6s_odropped++; 116082cd038dSYoshinobu Inoue goto sendorfree; 116182cd038dSYoshinobu Inoue } 116282cd038dSYoshinobu Inoue ip6f->ip6f_offlg = htons((u_short)((off - hlen) & ~7)); 116382cd038dSYoshinobu Inoue if (off + len >= tlen) 116482cd038dSYoshinobu Inoue len = tlen - off; 116582cd038dSYoshinobu Inoue else 116682cd038dSYoshinobu Inoue ip6f->ip6f_offlg |= IP6F_MORE_FRAG; 116782cd038dSYoshinobu Inoue mhip6->ip6_plen = htons((u_short)(len + hlen + 11687efe5d92SHajimu UMEMOTO sizeof(*ip6f) - sizeof(struct ip6_hdr))); 116982cd038dSYoshinobu Inoue if ((m_frgpart = m_copy(m0, off, len)) == 0) { 117082cd038dSYoshinobu Inoue error = ENOBUFS; 117182cd038dSYoshinobu Inoue ip6stat.ip6s_odropped++; 117282cd038dSYoshinobu Inoue goto sendorfree; 117382cd038dSYoshinobu Inoue } 117482cd038dSYoshinobu Inoue m_cat(m, m_frgpart); 117582cd038dSYoshinobu Inoue m->m_pkthdr.len = len + hlen + sizeof(*ip6f); 1176fc74a9f9SBrooks Davis m->m_pkthdr.rcvif = NULL; 117782cd038dSYoshinobu Inoue ip6f->ip6f_reserved = 0; 117882cd038dSYoshinobu Inoue ip6f->ip6f_ident = id; 117982cd038dSYoshinobu Inoue ip6f->ip6f_nxt = nextproto; 118082cd038dSYoshinobu Inoue ip6stat.ip6s_ofragments++; 118182cd038dSYoshinobu Inoue in6_ifstat_inc(ifp, ifs6_out_fragcreat); 118282cd038dSYoshinobu Inoue } 118382cd038dSYoshinobu Inoue 118482cd038dSYoshinobu Inoue in6_ifstat_inc(ifp, ifs6_out_fragok); 118582cd038dSYoshinobu Inoue } 118682cd038dSYoshinobu Inoue 118782cd038dSYoshinobu Inoue /* 118882cd038dSYoshinobu Inoue * Remove leading garbages. 118982cd038dSYoshinobu Inoue */ 119082cd038dSYoshinobu Inoue sendorfree: 119182cd038dSYoshinobu Inoue m = m0->m_nextpkt; 119282cd038dSYoshinobu Inoue m0->m_nextpkt = 0; 119382cd038dSYoshinobu Inoue m_freem(m0); 119482cd038dSYoshinobu Inoue for (m0 = m; m; m = m0) { 119582cd038dSYoshinobu Inoue m0 = m->m_nextpkt; 119682cd038dSYoshinobu Inoue m->m_nextpkt = 0; 119782cd038dSYoshinobu Inoue if (error == 0) { 1198fe937674SJosef Karthauser /* Record statistics for this interface address. */ 1199fe937674SJosef Karthauser if (ia) { 1200fe937674SJosef Karthauser ia->ia_ifa.if_opackets++; 1201fe937674SJosef Karthauser ia->ia_ifa.if_obytes += m->m_pkthdr.len; 1202fe937674SJosef Karthauser } 120333841545SHajimu UMEMOTO #ifdef IPSEC 120433841545SHajimu UMEMOTO /* clean ipsec history once it goes out of the node */ 120533841545SHajimu UMEMOTO ipsec_delaux(m); 120633841545SHajimu UMEMOTO #endif 1207686cdd19SJun-ichiro itojun Hagino error = nd6_output(ifp, origifp, m, dst, ro->ro_rt); 120882cd038dSYoshinobu Inoue } else 120982cd038dSYoshinobu Inoue m_freem(m); 121082cd038dSYoshinobu Inoue } 121182cd038dSYoshinobu Inoue 121282cd038dSYoshinobu Inoue if (error == 0) 121382cd038dSYoshinobu Inoue ip6stat.ip6s_fragmented++; 121482cd038dSYoshinobu Inoue 121582cd038dSYoshinobu Inoue done: 121682cd038dSYoshinobu Inoue if (ro == &ip6route && ro->ro_rt) { /* brace necessary for RTFREE */ 121782cd038dSYoshinobu Inoue RTFREE(ro->ro_rt); 121882cd038dSYoshinobu Inoue } else if (ro_pmtu == &ip6route && ro_pmtu->ro_rt) { 121982cd038dSYoshinobu Inoue RTFREE(ro_pmtu->ro_rt); 122082cd038dSYoshinobu Inoue } 122182cd038dSYoshinobu Inoue 122282cd038dSYoshinobu Inoue #ifdef IPSEC 122382cd038dSYoshinobu Inoue if (sp != NULL) 122482cd038dSYoshinobu Inoue key_freesp(sp); 122582cd038dSYoshinobu Inoue #endif /* IPSEC */ 1226b9234fafSSam Leffler #ifdef FAST_IPSEC 1227b9234fafSSam Leffler if (sp != NULL) 1228b9234fafSSam Leffler KEY_FREESP(&sp); 1229b9234fafSSam Leffler #endif /* FAST_IPSEC */ 123082cd038dSYoshinobu Inoue 123182cd038dSYoshinobu Inoue return (error); 123282cd038dSYoshinobu Inoue 123382cd038dSYoshinobu Inoue freehdrs: 123482cd038dSYoshinobu Inoue m_freem(exthdrs.ip6e_hbh); /* m_freem will check if mbuf is 0 */ 123582cd038dSYoshinobu Inoue m_freem(exthdrs.ip6e_dest1); 123682cd038dSYoshinobu Inoue m_freem(exthdrs.ip6e_rthdr); 123782cd038dSYoshinobu Inoue m_freem(exthdrs.ip6e_dest2); 12387efe5d92SHajimu UMEMOTO /* FALLTHROUGH */ 123982cd038dSYoshinobu Inoue bad: 124082cd038dSYoshinobu Inoue m_freem(m); 124182cd038dSYoshinobu Inoue goto done; 124282cd038dSYoshinobu Inoue } 124382cd038dSYoshinobu Inoue 124482cd038dSYoshinobu Inoue static int 124582cd038dSYoshinobu Inoue ip6_copyexthdr(mp, hdr, hlen) 124682cd038dSYoshinobu Inoue struct mbuf **mp; 124782cd038dSYoshinobu Inoue caddr_t hdr; 124882cd038dSYoshinobu Inoue int hlen; 124982cd038dSYoshinobu Inoue { 125082cd038dSYoshinobu Inoue struct mbuf *m; 125182cd038dSYoshinobu Inoue 125282cd038dSYoshinobu Inoue if (hlen > MCLBYTES) 125382cd038dSYoshinobu Inoue return (ENOBUFS); /* XXX */ 125482cd038dSYoshinobu Inoue 1255a163d034SWarner Losh MGET(m, M_DONTWAIT, MT_DATA); 125682cd038dSYoshinobu Inoue if (!m) 125782cd038dSYoshinobu Inoue return (ENOBUFS); 125882cd038dSYoshinobu Inoue 125982cd038dSYoshinobu Inoue if (hlen > MLEN) { 1260a163d034SWarner Losh MCLGET(m, M_DONTWAIT); 126182cd038dSYoshinobu Inoue if ((m->m_flags & M_EXT) == 0) { 126282cd038dSYoshinobu Inoue m_free(m); 126382cd038dSYoshinobu Inoue return (ENOBUFS); 126482cd038dSYoshinobu Inoue } 126582cd038dSYoshinobu Inoue } 126682cd038dSYoshinobu Inoue m->m_len = hlen; 126782cd038dSYoshinobu Inoue if (hdr) 126882cd038dSYoshinobu Inoue bcopy(hdr, mtod(m, caddr_t), hlen); 126982cd038dSYoshinobu Inoue 127082cd038dSYoshinobu Inoue *mp = m; 127182cd038dSYoshinobu Inoue return (0); 127282cd038dSYoshinobu Inoue } 127382cd038dSYoshinobu Inoue 127482cd038dSYoshinobu Inoue /* 127582cd038dSYoshinobu Inoue * Insert jumbo payload option. 127682cd038dSYoshinobu Inoue */ 127782cd038dSYoshinobu Inoue static int 127882cd038dSYoshinobu Inoue ip6_insert_jumboopt(exthdrs, plen) 127982cd038dSYoshinobu Inoue struct ip6_exthdrs *exthdrs; 128082cd038dSYoshinobu Inoue u_int32_t plen; 128182cd038dSYoshinobu Inoue { 128282cd038dSYoshinobu Inoue struct mbuf *mopt; 128382cd038dSYoshinobu Inoue u_char *optbuf; 128433841545SHajimu UMEMOTO u_int32_t v; 128582cd038dSYoshinobu Inoue 128682cd038dSYoshinobu Inoue #define JUMBOOPTLEN 8 /* length of jumbo payload option and padding */ 128782cd038dSYoshinobu Inoue 128882cd038dSYoshinobu Inoue /* 128982cd038dSYoshinobu Inoue * If there is no hop-by-hop options header, allocate new one. 129082cd038dSYoshinobu Inoue * If there is one but it doesn't have enough space to store the 129182cd038dSYoshinobu Inoue * jumbo payload option, allocate a cluster to store the whole options. 129282cd038dSYoshinobu Inoue * Otherwise, use it to store the options. 129382cd038dSYoshinobu Inoue */ 129482cd038dSYoshinobu Inoue if (exthdrs->ip6e_hbh == 0) { 1295a163d034SWarner Losh MGET(mopt, M_DONTWAIT, MT_DATA); 129682cd038dSYoshinobu Inoue if (mopt == 0) 129782cd038dSYoshinobu Inoue return (ENOBUFS); 129882cd038dSYoshinobu Inoue mopt->m_len = JUMBOOPTLEN; 129982cd038dSYoshinobu Inoue optbuf = mtod(mopt, u_char *); 130082cd038dSYoshinobu Inoue optbuf[1] = 0; /* = ((JUMBOOPTLEN) >> 3) - 1 */ 130182cd038dSYoshinobu Inoue exthdrs->ip6e_hbh = mopt; 130282cd038dSYoshinobu Inoue } else { 130382cd038dSYoshinobu Inoue struct ip6_hbh *hbh; 130482cd038dSYoshinobu Inoue 130582cd038dSYoshinobu Inoue mopt = exthdrs->ip6e_hbh; 130682cd038dSYoshinobu Inoue if (M_TRAILINGSPACE(mopt) < JUMBOOPTLEN) { 130733841545SHajimu UMEMOTO /* 130833841545SHajimu UMEMOTO * XXX assumption: 130933841545SHajimu UMEMOTO * - exthdrs->ip6e_hbh is not referenced from places 131033841545SHajimu UMEMOTO * other than exthdrs. 131133841545SHajimu UMEMOTO * - exthdrs->ip6e_hbh is not an mbuf chain. 131233841545SHajimu UMEMOTO */ 131382cd038dSYoshinobu Inoue int oldoptlen = mopt->m_len; 131433841545SHajimu UMEMOTO struct mbuf *n; 131582cd038dSYoshinobu Inoue 131633841545SHajimu UMEMOTO /* 131733841545SHajimu UMEMOTO * XXX: give up if the whole (new) hbh header does 131833841545SHajimu UMEMOTO * not fit even in an mbuf cluster. 131933841545SHajimu UMEMOTO */ 132033841545SHajimu UMEMOTO if (oldoptlen + JUMBOOPTLEN > MCLBYTES) 132182cd038dSYoshinobu Inoue return (ENOBUFS); 132282cd038dSYoshinobu Inoue 132333841545SHajimu UMEMOTO /* 132433841545SHajimu UMEMOTO * As a consequence, we must always prepare a cluster 132533841545SHajimu UMEMOTO * at this point. 132633841545SHajimu UMEMOTO */ 1327a163d034SWarner Losh MGET(n, M_DONTWAIT, MT_DATA); 132833841545SHajimu UMEMOTO if (n) { 1329a163d034SWarner Losh MCLGET(n, M_DONTWAIT); 133033841545SHajimu UMEMOTO if ((n->m_flags & M_EXT) == 0) { 133133841545SHajimu UMEMOTO m_freem(n); 133233841545SHajimu UMEMOTO n = NULL; 133333841545SHajimu UMEMOTO } 133433841545SHajimu UMEMOTO } 133533841545SHajimu UMEMOTO if (!n) 133633841545SHajimu UMEMOTO return (ENOBUFS); 133733841545SHajimu UMEMOTO n->m_len = oldoptlen + JUMBOOPTLEN; 133833841545SHajimu UMEMOTO bcopy(mtod(mopt, caddr_t), mtod(n, caddr_t), 133933841545SHajimu UMEMOTO oldoptlen); 134033841545SHajimu UMEMOTO optbuf = mtod(n, caddr_t) + oldoptlen; 134133841545SHajimu UMEMOTO m_freem(mopt); 134233841545SHajimu UMEMOTO mopt = exthdrs->ip6e_hbh = n; 134382cd038dSYoshinobu Inoue } else { 134482cd038dSYoshinobu Inoue optbuf = mtod(mopt, u_char *) + mopt->m_len; 134582cd038dSYoshinobu Inoue mopt->m_len += JUMBOOPTLEN; 134682cd038dSYoshinobu Inoue } 134782cd038dSYoshinobu Inoue optbuf[0] = IP6OPT_PADN; 134882cd038dSYoshinobu Inoue optbuf[1] = 1; 134982cd038dSYoshinobu Inoue 135082cd038dSYoshinobu Inoue /* 135182cd038dSYoshinobu Inoue * Adjust the header length according to the pad and 135282cd038dSYoshinobu Inoue * the jumbo payload option. 135382cd038dSYoshinobu Inoue */ 135482cd038dSYoshinobu Inoue hbh = mtod(mopt, struct ip6_hbh *); 135582cd038dSYoshinobu Inoue hbh->ip6h_len += (JUMBOOPTLEN >> 3); 135682cd038dSYoshinobu Inoue } 135782cd038dSYoshinobu Inoue 135882cd038dSYoshinobu Inoue /* fill in the option. */ 135982cd038dSYoshinobu Inoue optbuf[2] = IP6OPT_JUMBO; 136082cd038dSYoshinobu Inoue optbuf[3] = 4; 136133841545SHajimu UMEMOTO v = (u_int32_t)htonl(plen + JUMBOOPTLEN); 136233841545SHajimu UMEMOTO bcopy(&v, &optbuf[4], sizeof(u_int32_t)); 136382cd038dSYoshinobu Inoue 136482cd038dSYoshinobu Inoue /* finally, adjust the packet header length */ 136582cd038dSYoshinobu Inoue exthdrs->ip6e_ip6->m_pkthdr.len += JUMBOOPTLEN; 136682cd038dSYoshinobu Inoue 136782cd038dSYoshinobu Inoue return (0); 136882cd038dSYoshinobu Inoue #undef JUMBOOPTLEN 136982cd038dSYoshinobu Inoue } 137082cd038dSYoshinobu Inoue 137182cd038dSYoshinobu Inoue /* 137282cd038dSYoshinobu Inoue * Insert fragment header and copy unfragmentable header portions. 137382cd038dSYoshinobu Inoue */ 137482cd038dSYoshinobu Inoue static int 137582cd038dSYoshinobu Inoue ip6_insertfraghdr(m0, m, hlen, frghdrp) 137682cd038dSYoshinobu Inoue struct mbuf *m0, *m; 137782cd038dSYoshinobu Inoue int hlen; 137882cd038dSYoshinobu Inoue struct ip6_frag **frghdrp; 137982cd038dSYoshinobu Inoue { 138082cd038dSYoshinobu Inoue struct mbuf *n, *mlast; 138182cd038dSYoshinobu Inoue 138282cd038dSYoshinobu Inoue if (hlen > sizeof(struct ip6_hdr)) { 138382cd038dSYoshinobu Inoue n = m_copym(m0, sizeof(struct ip6_hdr), 1384a163d034SWarner Losh hlen - sizeof(struct ip6_hdr), M_DONTWAIT); 138582cd038dSYoshinobu Inoue if (n == 0) 138682cd038dSYoshinobu Inoue return (ENOBUFS); 138782cd038dSYoshinobu Inoue m->m_next = n; 138882cd038dSYoshinobu Inoue } else 138982cd038dSYoshinobu Inoue n = m; 139082cd038dSYoshinobu Inoue 139182cd038dSYoshinobu Inoue /* Search for the last mbuf of unfragmentable part. */ 139282cd038dSYoshinobu Inoue for (mlast = n; mlast->m_next; mlast = mlast->m_next) 139382cd038dSYoshinobu Inoue ; 139482cd038dSYoshinobu Inoue 139582cd038dSYoshinobu Inoue if ((mlast->m_flags & M_EXT) == 0 && 1396686cdd19SJun-ichiro itojun Hagino M_TRAILINGSPACE(mlast) >= sizeof(struct ip6_frag)) { 139782cd038dSYoshinobu Inoue /* use the trailing space of the last mbuf for the fragment hdr */ 13987efe5d92SHajimu UMEMOTO *frghdrp = (struct ip6_frag *)(mtod(mlast, caddr_t) + 13997efe5d92SHajimu UMEMOTO mlast->m_len); 140082cd038dSYoshinobu Inoue mlast->m_len += sizeof(struct ip6_frag); 140182cd038dSYoshinobu Inoue m->m_pkthdr.len += sizeof(struct ip6_frag); 140282cd038dSYoshinobu Inoue } else { 140382cd038dSYoshinobu Inoue /* allocate a new mbuf for the fragment header */ 140482cd038dSYoshinobu Inoue struct mbuf *mfrg; 140582cd038dSYoshinobu Inoue 1406a163d034SWarner Losh MGET(mfrg, M_DONTWAIT, MT_DATA); 140782cd038dSYoshinobu Inoue if (mfrg == 0) 140882cd038dSYoshinobu Inoue return (ENOBUFS); 140982cd038dSYoshinobu Inoue mfrg->m_len = sizeof(struct ip6_frag); 141082cd038dSYoshinobu Inoue *frghdrp = mtod(mfrg, struct ip6_frag *); 141182cd038dSYoshinobu Inoue mlast->m_next = mfrg; 141282cd038dSYoshinobu Inoue } 141382cd038dSYoshinobu Inoue 141482cd038dSYoshinobu Inoue return (0); 141582cd038dSYoshinobu Inoue } 141682cd038dSYoshinobu Inoue 141731b3783cSHajimu UMEMOTO static int 1418f95d4633SHajimu UMEMOTO ip6_getpmtu(ro_pmtu, ro, ifp, dst, mtup, alwaysfragp) 141931b3783cSHajimu UMEMOTO struct route_in6 *ro_pmtu, *ro; 142031b3783cSHajimu UMEMOTO struct ifnet *ifp; 142131b3783cSHajimu UMEMOTO struct in6_addr *dst; 142231b3783cSHajimu UMEMOTO u_long *mtup; 1423f95d4633SHajimu UMEMOTO int *alwaysfragp; 142431b3783cSHajimu UMEMOTO { 142531b3783cSHajimu UMEMOTO u_int32_t mtu = 0; 1426f95d4633SHajimu UMEMOTO int alwaysfrag = 0; 142731b3783cSHajimu UMEMOTO int error = 0; 142831b3783cSHajimu UMEMOTO 142931b3783cSHajimu UMEMOTO if (ro_pmtu != ro) { 143031b3783cSHajimu UMEMOTO /* The first hop and the final destination may differ. */ 143131b3783cSHajimu UMEMOTO struct sockaddr_in6 *sa6_dst = 143231b3783cSHajimu UMEMOTO (struct sockaddr_in6 *)&ro_pmtu->ro_dst; 143331b3783cSHajimu UMEMOTO if (ro_pmtu->ro_rt && 1434e5f467a2SHajimu UMEMOTO ((ro_pmtu->ro_rt->rt_flags & RTF_UP) == 0 || 143531b3783cSHajimu UMEMOTO !IN6_ARE_ADDR_EQUAL(&sa6_dst->sin6_addr, dst))) { 143631b3783cSHajimu UMEMOTO RTFREE(ro_pmtu->ro_rt); 143731b3783cSHajimu UMEMOTO ro_pmtu->ro_rt = (struct rtentry *)NULL; 143831b3783cSHajimu UMEMOTO } 143931b3783cSHajimu UMEMOTO if (ro_pmtu->ro_rt == NULL) { 144031b3783cSHajimu UMEMOTO bzero(sa6_dst, sizeof(*sa6_dst)); 144131b3783cSHajimu UMEMOTO sa6_dst->sin6_family = AF_INET6; 144231b3783cSHajimu UMEMOTO sa6_dst->sin6_len = sizeof(struct sockaddr_in6); 144331b3783cSHajimu UMEMOTO sa6_dst->sin6_addr = *dst; 144431b3783cSHajimu UMEMOTO 144531b3783cSHajimu UMEMOTO rtalloc((struct route *)ro_pmtu); 144631b3783cSHajimu UMEMOTO } 144731b3783cSHajimu UMEMOTO } 144831b3783cSHajimu UMEMOTO if (ro_pmtu->ro_rt) { 144931b3783cSHajimu UMEMOTO u_int32_t ifmtu; 145097d8d152SAndre Oppermann struct in_conninfo inc; 145197d8d152SAndre Oppermann 145297d8d152SAndre Oppermann bzero(&inc, sizeof(inc)); 145397d8d152SAndre Oppermann inc.inc_flags = 1; /* IPv6 */ 145497d8d152SAndre Oppermann inc.inc6_faddr = *dst; 145531b3783cSHajimu UMEMOTO 145631b3783cSHajimu UMEMOTO if (ifp == NULL) 145731b3783cSHajimu UMEMOTO ifp = ro_pmtu->ro_rt->rt_ifp; 145831b3783cSHajimu UMEMOTO ifmtu = IN6_LINKMTU(ifp); 145997d8d152SAndre Oppermann mtu = tcp_hc_getmtu(&inc); 146097d8d152SAndre Oppermann if (mtu) 146197d8d152SAndre Oppermann mtu = min(mtu, ro_pmtu->ro_rt->rt_rmx.rmx_mtu); 146297d8d152SAndre Oppermann else 146331b3783cSHajimu UMEMOTO mtu = ro_pmtu->ro_rt->rt_rmx.rmx_mtu; 146431b3783cSHajimu UMEMOTO if (mtu == 0) 146531b3783cSHajimu UMEMOTO mtu = ifmtu; 1466f95d4633SHajimu UMEMOTO else if (mtu < IPV6_MMTU) { 1467f95d4633SHajimu UMEMOTO /* 1468f95d4633SHajimu UMEMOTO * RFC2460 section 5, last paragraph: 1469f95d4633SHajimu UMEMOTO * if we record ICMPv6 too big message with 1470f95d4633SHajimu UMEMOTO * mtu < IPV6_MMTU, transmit packets sized IPV6_MMTU 1471f95d4633SHajimu UMEMOTO * or smaller, with framgent header attached. 1472f95d4633SHajimu UMEMOTO * (fragment header is needed regardless from the 1473f95d4633SHajimu UMEMOTO * packet size, for translators to identify packets) 1474f95d4633SHajimu UMEMOTO */ 1475f95d4633SHajimu UMEMOTO alwaysfrag = 1; 1476f95d4633SHajimu UMEMOTO mtu = IPV6_MMTU; 1477f95d4633SHajimu UMEMOTO } else if (mtu > ifmtu) { 147831b3783cSHajimu UMEMOTO /* 147931b3783cSHajimu UMEMOTO * The MTU on the route is larger than the MTU on 148031b3783cSHajimu UMEMOTO * the interface! This shouldn't happen, unless the 148131b3783cSHajimu UMEMOTO * MTU of the interface has been changed after the 148231b3783cSHajimu UMEMOTO * interface was brought up. Change the MTU in the 148331b3783cSHajimu UMEMOTO * route to match the interface MTU (as long as the 148431b3783cSHajimu UMEMOTO * field isn't locked). 148531b3783cSHajimu UMEMOTO */ 148631b3783cSHajimu UMEMOTO mtu = ifmtu; 148731b3783cSHajimu UMEMOTO ro_pmtu->ro_rt->rt_rmx.rmx_mtu = mtu; 148831b3783cSHajimu UMEMOTO } 148931b3783cSHajimu UMEMOTO } else if (ifp) { 149031b3783cSHajimu UMEMOTO mtu = IN6_LINKMTU(ifp); 149131b3783cSHajimu UMEMOTO } else 149231b3783cSHajimu UMEMOTO error = EHOSTUNREACH; /* XXX */ 149331b3783cSHajimu UMEMOTO 149431b3783cSHajimu UMEMOTO *mtup = mtu; 1495f95d4633SHajimu UMEMOTO if (alwaysfragp) 1496f95d4633SHajimu UMEMOTO *alwaysfragp = alwaysfrag; 149731b3783cSHajimu UMEMOTO return (error); 149831b3783cSHajimu UMEMOTO } 149931b3783cSHajimu UMEMOTO 150082cd038dSYoshinobu Inoue /* 150182cd038dSYoshinobu Inoue * IP6 socket option processing. 150282cd038dSYoshinobu Inoue */ 150382cd038dSYoshinobu Inoue int 150482cd038dSYoshinobu Inoue ip6_ctloutput(so, sopt) 150582cd038dSYoshinobu Inoue struct socket *so; 150682cd038dSYoshinobu Inoue struct sockopt *sopt; 150782cd038dSYoshinobu Inoue { 1508f95d4633SHajimu UMEMOTO int privileged, optdatalen, uproto; 1509f95d4633SHajimu UMEMOTO void *optdata; 151033841545SHajimu UMEMOTO struct inpcb *in6p = sotoinpcb(so); 151182cd038dSYoshinobu Inoue int error, optval; 151282cd038dSYoshinobu Inoue int level, op, optname; 151382cd038dSYoshinobu Inoue int optlen; 1514b40ce416SJulian Elischer struct thread *td; 151582cd038dSYoshinobu Inoue 151682cd038dSYoshinobu Inoue if (sopt) { 151782cd038dSYoshinobu Inoue level = sopt->sopt_level; 151882cd038dSYoshinobu Inoue op = sopt->sopt_dir; 151982cd038dSYoshinobu Inoue optname = sopt->sopt_name; 152082cd038dSYoshinobu Inoue optlen = sopt->sopt_valsize; 1521b40ce416SJulian Elischer td = sopt->sopt_td; 152282cd038dSYoshinobu Inoue } else { 152382cd038dSYoshinobu Inoue panic("ip6_ctloutput: arg soopt is NULL"); 152482cd038dSYoshinobu Inoue } 152582cd038dSYoshinobu Inoue error = optval = 0; 152682cd038dSYoshinobu Inoue 152744731cabSJohn Baldwin privileged = (td == 0 || suser(td)) ? 0 : 1; 1528f95d4633SHajimu UMEMOTO uproto = (int)so->so_proto->pr_protocol; 152982cd038dSYoshinobu Inoue 153082cd038dSYoshinobu Inoue if (level == IPPROTO_IPV6) { 153182cd038dSYoshinobu Inoue switch (op) { 153233841545SHajimu UMEMOTO 153382cd038dSYoshinobu Inoue case SOPT_SET: 153482cd038dSYoshinobu Inoue switch (optname) { 1535f95d4633SHajimu UMEMOTO case IPV6_2292PKTOPTIONS: 1536f95d4633SHajimu UMEMOTO #ifdef IPV6_PKTOPTIONS 153782cd038dSYoshinobu Inoue case IPV6_PKTOPTIONS: 1538f95d4633SHajimu UMEMOTO #endif 153982cd038dSYoshinobu Inoue { 154082cd038dSYoshinobu Inoue struct mbuf *m; 154182cd038dSYoshinobu Inoue 154282cd038dSYoshinobu Inoue error = soopt_getm(sopt, &m); /* XXX */ 1543a89ec05eSPeter Wemm if (error != 0) 154482cd038dSYoshinobu Inoue break; 154582cd038dSYoshinobu Inoue error = soopt_mcopyin(sopt, m); /* XXX */ 1546a89ec05eSPeter Wemm if (error != 0) 154782cd038dSYoshinobu Inoue break; 154833841545SHajimu UMEMOTO error = ip6_pcbopts(&in6p->in6p_outputopts, 154933841545SHajimu UMEMOTO m, so, sopt); 155033841545SHajimu UMEMOTO m_freem(m); /* XXX */ 155182cd038dSYoshinobu Inoue break; 155282cd038dSYoshinobu Inoue } 155333841545SHajimu UMEMOTO 155433841545SHajimu UMEMOTO /* 155533841545SHajimu UMEMOTO * Use of some Hop-by-Hop options or some 155633841545SHajimu UMEMOTO * Destination options, might require special 155733841545SHajimu UMEMOTO * privilege. That is, normal applications 155833841545SHajimu UMEMOTO * (without special privilege) might be forbidden 155933841545SHajimu UMEMOTO * from setting certain options in outgoing packets, 156033841545SHajimu UMEMOTO * and might never see certain options in received 156133841545SHajimu UMEMOTO * packets. [RFC 2292 Section 6] 156233841545SHajimu UMEMOTO * KAME specific note: 156333841545SHajimu UMEMOTO * KAME prevents non-privileged users from sending or 156433841545SHajimu UMEMOTO * receiving ANY hbh/dst options in order to avoid 156533841545SHajimu UMEMOTO * overhead of parsing options in the kernel. 156633841545SHajimu UMEMOTO */ 1567f95d4633SHajimu UMEMOTO case IPV6_RECVHOPOPTS: 1568f95d4633SHajimu UMEMOTO case IPV6_RECVDSTOPTS: 1569f95d4633SHajimu UMEMOTO case IPV6_RECVRTHDRDSTOPTS: 1570f95d4633SHajimu UMEMOTO if (!privileged) { 1571f95d4633SHajimu UMEMOTO error = EPERM; 1572f95d4633SHajimu UMEMOTO break; 1573f95d4633SHajimu UMEMOTO } 1574f95d4633SHajimu UMEMOTO /* FALLTHROUGH */ 157582cd038dSYoshinobu Inoue case IPV6_UNICAST_HOPS: 1576f95d4633SHajimu UMEMOTO case IPV6_HOPLIMIT: 157782cd038dSYoshinobu Inoue case IPV6_FAITH: 157833841545SHajimu UMEMOTO 1579f95d4633SHajimu UMEMOTO case IPV6_RECVPKTINFO: 1580f95d4633SHajimu UMEMOTO case IPV6_RECVHOPLIMIT: 1581f95d4633SHajimu UMEMOTO case IPV6_RECVRTHDR: 1582f95d4633SHajimu UMEMOTO case IPV6_RECVPATHMTU: 1583f95d4633SHajimu UMEMOTO case IPV6_RECVTCLASS: 158433841545SHajimu UMEMOTO case IPV6_V6ONLY: 1585f95d4633SHajimu UMEMOTO case IPV6_AUTOFLOWLABEL: 158633841545SHajimu UMEMOTO if (optlen != sizeof(int)) { 158782cd038dSYoshinobu Inoue error = EINVAL; 158833841545SHajimu UMEMOTO break; 158933841545SHajimu UMEMOTO } 159082cd038dSYoshinobu Inoue error = sooptcopyin(sopt, &optval, 159182cd038dSYoshinobu Inoue sizeof optval, sizeof optval); 159282cd038dSYoshinobu Inoue if (error) 159382cd038dSYoshinobu Inoue break; 159482cd038dSYoshinobu Inoue switch (optname) { 159582cd038dSYoshinobu Inoue 159682cd038dSYoshinobu Inoue case IPV6_UNICAST_HOPS: 159782cd038dSYoshinobu Inoue if (optval < -1 || optval >= 256) 159882cd038dSYoshinobu Inoue error = EINVAL; 159982cd038dSYoshinobu Inoue else { 160082cd038dSYoshinobu Inoue /* -1 = kernel default */ 160182cd038dSYoshinobu Inoue in6p->in6p_hops = optval; 160282cd038dSYoshinobu Inoue if ((in6p->in6p_vflag & 160382cd038dSYoshinobu Inoue INP_IPV4) != 0) 160482cd038dSYoshinobu Inoue in6p->inp_ip_ttl = optval; 160582cd038dSYoshinobu Inoue } 160682cd038dSYoshinobu Inoue break; 160782cd038dSYoshinobu Inoue #define OPTSET(bit) \ 160833841545SHajimu UMEMOTO do { \ 160982cd038dSYoshinobu Inoue if (optval) \ 161033841545SHajimu UMEMOTO in6p->in6p_flags |= (bit); \ 161182cd038dSYoshinobu Inoue else \ 161233841545SHajimu UMEMOTO in6p->in6p_flags &= ~(bit); \ 16137efe5d92SHajimu UMEMOTO } while (/*CONSTCOND*/ 0) 1614f95d4633SHajimu UMEMOTO #define OPTSET2292(bit) \ 1615f95d4633SHajimu UMEMOTO do { \ 1616f95d4633SHajimu UMEMOTO in6p->in6p_flags |= IN6P_RFC2292; \ 1617f95d4633SHajimu UMEMOTO if (optval) \ 1618f95d4633SHajimu UMEMOTO in6p->in6p_flags |= (bit); \ 1619f95d4633SHajimu UMEMOTO else \ 1620f95d4633SHajimu UMEMOTO in6p->in6p_flags &= ~(bit); \ 1621f95d4633SHajimu UMEMOTO } while (/*CONSTCOND*/ 0) 162233841545SHajimu UMEMOTO #define OPTBIT(bit) (in6p->in6p_flags & (bit) ? 1 : 0) 162382cd038dSYoshinobu Inoue 1624f95d4633SHajimu UMEMOTO case IPV6_RECVPKTINFO: 1625f95d4633SHajimu UMEMOTO /* cannot mix with RFC2292 */ 1626f95d4633SHajimu UMEMOTO if (OPTBIT(IN6P_RFC2292)) { 1627f95d4633SHajimu UMEMOTO error = EINVAL; 1628f95d4633SHajimu UMEMOTO break; 1629f95d4633SHajimu UMEMOTO } 1630f95d4633SHajimu UMEMOTO OPTSET(IN6P_PKTINFO); 1631f95d4633SHajimu UMEMOTO break; 1632f95d4633SHajimu UMEMOTO 1633f95d4633SHajimu UMEMOTO case IPV6_HOPLIMIT: 1634f95d4633SHajimu UMEMOTO { 1635f95d4633SHajimu UMEMOTO struct ip6_pktopts **optp; 1636f95d4633SHajimu UMEMOTO 1637f95d4633SHajimu UMEMOTO /* cannot mix with RFC2292 */ 1638f95d4633SHajimu UMEMOTO if (OPTBIT(IN6P_RFC2292)) { 1639f95d4633SHajimu UMEMOTO error = EINVAL; 1640f95d4633SHajimu UMEMOTO break; 1641f95d4633SHajimu UMEMOTO } 1642f95d4633SHajimu UMEMOTO optp = &in6p->in6p_outputopts; 1643f95d4633SHajimu UMEMOTO error = ip6_pcbopt(IPV6_HOPLIMIT, 1644f95d4633SHajimu UMEMOTO (u_char *)&optval, 1645f95d4633SHajimu UMEMOTO sizeof(optval), 1646f95d4633SHajimu UMEMOTO optp, 1647f95d4633SHajimu UMEMOTO privileged, uproto); 1648f95d4633SHajimu UMEMOTO break; 1649f95d4633SHajimu UMEMOTO } 1650f95d4633SHajimu UMEMOTO 1651f95d4633SHajimu UMEMOTO case IPV6_RECVHOPLIMIT: 1652f95d4633SHajimu UMEMOTO /* cannot mix with RFC2292 */ 1653f95d4633SHajimu UMEMOTO if (OPTBIT(IN6P_RFC2292)) { 1654f95d4633SHajimu UMEMOTO error = EINVAL; 1655f95d4633SHajimu UMEMOTO break; 1656f95d4633SHajimu UMEMOTO } 1657f95d4633SHajimu UMEMOTO OPTSET(IN6P_HOPLIMIT); 1658f95d4633SHajimu UMEMOTO break; 1659f95d4633SHajimu UMEMOTO 1660f95d4633SHajimu UMEMOTO case IPV6_RECVHOPOPTS: 1661f95d4633SHajimu UMEMOTO /* cannot mix with RFC2292 */ 1662f95d4633SHajimu UMEMOTO if (OPTBIT(IN6P_RFC2292)) { 1663f95d4633SHajimu UMEMOTO error = EINVAL; 1664f95d4633SHajimu UMEMOTO break; 1665f95d4633SHajimu UMEMOTO } 1666f95d4633SHajimu UMEMOTO OPTSET(IN6P_HOPOPTS); 1667f95d4633SHajimu UMEMOTO break; 1668f95d4633SHajimu UMEMOTO 1669f95d4633SHajimu UMEMOTO case IPV6_RECVDSTOPTS: 1670f95d4633SHajimu UMEMOTO /* cannot mix with RFC2292 */ 1671f95d4633SHajimu UMEMOTO if (OPTBIT(IN6P_RFC2292)) { 1672f95d4633SHajimu UMEMOTO error = EINVAL; 1673f95d4633SHajimu UMEMOTO break; 1674f95d4633SHajimu UMEMOTO } 1675f95d4633SHajimu UMEMOTO OPTSET(IN6P_DSTOPTS); 1676f95d4633SHajimu UMEMOTO break; 1677f95d4633SHajimu UMEMOTO 1678f95d4633SHajimu UMEMOTO case IPV6_RECVRTHDRDSTOPTS: 1679f95d4633SHajimu UMEMOTO /* cannot mix with RFC2292 */ 1680f95d4633SHajimu UMEMOTO if (OPTBIT(IN6P_RFC2292)) { 1681f95d4633SHajimu UMEMOTO error = EINVAL; 1682f95d4633SHajimu UMEMOTO break; 1683f95d4633SHajimu UMEMOTO } 1684f95d4633SHajimu UMEMOTO OPTSET(IN6P_RTHDRDSTOPTS); 1685f95d4633SHajimu UMEMOTO break; 1686f95d4633SHajimu UMEMOTO 1687f95d4633SHajimu UMEMOTO case IPV6_RECVRTHDR: 1688f95d4633SHajimu UMEMOTO /* cannot mix with RFC2292 */ 1689f95d4633SHajimu UMEMOTO if (OPTBIT(IN6P_RFC2292)) { 1690f95d4633SHajimu UMEMOTO error = EINVAL; 1691f95d4633SHajimu UMEMOTO break; 1692f95d4633SHajimu UMEMOTO } 1693f95d4633SHajimu UMEMOTO OPTSET(IN6P_RTHDR); 169482cd038dSYoshinobu Inoue break; 169582cd038dSYoshinobu Inoue 169682cd038dSYoshinobu Inoue case IPV6_FAITH: 169782cd038dSYoshinobu Inoue OPTSET(IN6P_FAITH); 169882cd038dSYoshinobu Inoue break; 169982cd038dSYoshinobu Inoue 1700f95d4633SHajimu UMEMOTO case IPV6_RECVPATHMTU: 1701f95d4633SHajimu UMEMOTO /* 1702f95d4633SHajimu UMEMOTO * We ignore this option for TCP 1703f95d4633SHajimu UMEMOTO * sockets. 170418b35df8SHajimu UMEMOTO * (RFC3542 leaves this case 1705f95d4633SHajimu UMEMOTO * unspecified.) 1706f95d4633SHajimu UMEMOTO */ 1707f95d4633SHajimu UMEMOTO if (uproto != IPPROTO_TCP) 1708f95d4633SHajimu UMEMOTO OPTSET(IN6P_MTU); 1709f95d4633SHajimu UMEMOTO break; 1710f95d4633SHajimu UMEMOTO 171133841545SHajimu UMEMOTO case IPV6_V6ONLY: 171233841545SHajimu UMEMOTO /* 17130554093bSHajimu UMEMOTO * make setsockopt(IPV6_V6ONLY) 17140554093bSHajimu UMEMOTO * available only prior to bind(2). 17150554093bSHajimu UMEMOTO * see ipng mailing list, Jun 22 2001. 17160554093bSHajimu UMEMOTO */ 17170554093bSHajimu UMEMOTO if (in6p->in6p_lport || 17187efe5d92SHajimu UMEMOTO !IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr)) { 17190554093bSHajimu UMEMOTO error = EINVAL; 17200554093bSHajimu UMEMOTO break; 17210554093bSHajimu UMEMOTO } 172233841545SHajimu UMEMOTO OPTSET(IN6P_IPV6_V6ONLY); 172312253795SHajimu UMEMOTO if (optval) 172412253795SHajimu UMEMOTO in6p->in6p_vflag &= ~INP_IPV4; 172512253795SHajimu UMEMOTO else 172612253795SHajimu UMEMOTO in6p->in6p_vflag |= INP_IPV4; 172782cd038dSYoshinobu Inoue break; 1728f95d4633SHajimu UMEMOTO case IPV6_RECVTCLASS: 1729f95d4633SHajimu UMEMOTO /* cannot mix with RFC2292 XXX */ 1730f95d4633SHajimu UMEMOTO if (OPTBIT(IN6P_RFC2292)) { 1731f95d4633SHajimu UMEMOTO error = EINVAL; 1732f95d4633SHajimu UMEMOTO break; 1733f95d4633SHajimu UMEMOTO } 1734f95d4633SHajimu UMEMOTO OPTSET(IN6P_TCLASS); 1735f95d4633SHajimu UMEMOTO break; 1736f95d4633SHajimu UMEMOTO case IPV6_AUTOFLOWLABEL: 1737f95d4633SHajimu UMEMOTO OPTSET(IN6P_AUTOFLOWLABEL); 1738f95d4633SHajimu UMEMOTO break; 1739f95d4633SHajimu UMEMOTO 174082cd038dSYoshinobu Inoue } 174133841545SHajimu UMEMOTO break; 174233841545SHajimu UMEMOTO 1743f95d4633SHajimu UMEMOTO case IPV6_TCLASS: 1744f95d4633SHajimu UMEMOTO case IPV6_DONTFRAG: 1745f95d4633SHajimu UMEMOTO case IPV6_USE_MIN_MTU: 1746f95d4633SHajimu UMEMOTO case IPV6_PREFER_TEMPADDR: 1747f95d4633SHajimu UMEMOTO if (optlen != sizeof(optval)) { 1748f95d4633SHajimu UMEMOTO error = EINVAL; 1749f95d4633SHajimu UMEMOTO break; 1750f95d4633SHajimu UMEMOTO } 1751f95d4633SHajimu UMEMOTO error = sooptcopyin(sopt, &optval, 1752f95d4633SHajimu UMEMOTO sizeof optval, sizeof optval); 1753f95d4633SHajimu UMEMOTO if (error) 1754f95d4633SHajimu UMEMOTO break; 1755f95d4633SHajimu UMEMOTO { 1756f95d4633SHajimu UMEMOTO struct ip6_pktopts **optp; 1757f95d4633SHajimu UMEMOTO optp = &in6p->in6p_outputopts; 1758f95d4633SHajimu UMEMOTO error = ip6_pcbopt(optname, 1759f95d4633SHajimu UMEMOTO (u_char *)&optval, 1760f95d4633SHajimu UMEMOTO sizeof(optval), 1761f95d4633SHajimu UMEMOTO optp, 1762f95d4633SHajimu UMEMOTO privileged, uproto); 1763f95d4633SHajimu UMEMOTO break; 1764f95d4633SHajimu UMEMOTO } 1765f95d4633SHajimu UMEMOTO 1766f95d4633SHajimu UMEMOTO case IPV6_2292PKTINFO: 1767f95d4633SHajimu UMEMOTO case IPV6_2292HOPLIMIT: 1768f95d4633SHajimu UMEMOTO case IPV6_2292HOPOPTS: 1769f95d4633SHajimu UMEMOTO case IPV6_2292DSTOPTS: 1770f95d4633SHajimu UMEMOTO case IPV6_2292RTHDR: 177133841545SHajimu UMEMOTO /* RFC 2292 */ 177233841545SHajimu UMEMOTO if (optlen != sizeof(int)) { 177333841545SHajimu UMEMOTO error = EINVAL; 177433841545SHajimu UMEMOTO break; 177533841545SHajimu UMEMOTO } 177633841545SHajimu UMEMOTO error = sooptcopyin(sopt, &optval, 177733841545SHajimu UMEMOTO sizeof optval, sizeof optval); 177833841545SHajimu UMEMOTO if (error) 177933841545SHajimu UMEMOTO break; 178033841545SHajimu UMEMOTO switch (optname) { 1781f95d4633SHajimu UMEMOTO case IPV6_2292PKTINFO: 1782f95d4633SHajimu UMEMOTO OPTSET2292(IN6P_PKTINFO); 178333841545SHajimu UMEMOTO break; 1784f95d4633SHajimu UMEMOTO case IPV6_2292HOPLIMIT: 1785f95d4633SHajimu UMEMOTO OPTSET2292(IN6P_HOPLIMIT); 178633841545SHajimu UMEMOTO break; 1787f95d4633SHajimu UMEMOTO case IPV6_2292HOPOPTS: 178833841545SHajimu UMEMOTO /* 178933841545SHajimu UMEMOTO * Check super-user privilege. 179033841545SHajimu UMEMOTO * See comments for IPV6_RECVHOPOPTS. 179133841545SHajimu UMEMOTO */ 179233841545SHajimu UMEMOTO if (!privileged) 179333841545SHajimu UMEMOTO return (EPERM); 1794f95d4633SHajimu UMEMOTO OPTSET2292(IN6P_HOPOPTS); 179533841545SHajimu UMEMOTO break; 1796f95d4633SHajimu UMEMOTO case IPV6_2292DSTOPTS: 179733841545SHajimu UMEMOTO if (!privileged) 179833841545SHajimu UMEMOTO return (EPERM); 1799f95d4633SHajimu UMEMOTO OPTSET2292(IN6P_DSTOPTS|IN6P_RTHDRDSTOPTS); /* XXX */ 180033841545SHajimu UMEMOTO break; 1801f95d4633SHajimu UMEMOTO case IPV6_2292RTHDR: 1802f95d4633SHajimu UMEMOTO OPTSET2292(IN6P_RTHDR); 180333841545SHajimu UMEMOTO break; 180482cd038dSYoshinobu Inoue } 180582cd038dSYoshinobu Inoue break; 1806f95d4633SHajimu UMEMOTO case IPV6_PKTINFO: 1807f95d4633SHajimu UMEMOTO case IPV6_HOPOPTS: 1808f95d4633SHajimu UMEMOTO case IPV6_RTHDR: 1809f95d4633SHajimu UMEMOTO case IPV6_DSTOPTS: 1810f95d4633SHajimu UMEMOTO case IPV6_RTHDRDSTOPTS: 1811f95d4633SHajimu UMEMOTO case IPV6_NEXTHOP: 1812f95d4633SHajimu UMEMOTO { 181318b35df8SHajimu UMEMOTO /* new advanced API (RFC3542) */ 1814f95d4633SHajimu UMEMOTO u_char *optbuf; 1815f95d4633SHajimu UMEMOTO int optlen; 1816f95d4633SHajimu UMEMOTO struct ip6_pktopts **optp; 1817f95d4633SHajimu UMEMOTO 1818f95d4633SHajimu UMEMOTO /* cannot mix with RFC2292 */ 1819f95d4633SHajimu UMEMOTO if (OPTBIT(IN6P_RFC2292)) { 1820f95d4633SHajimu UMEMOTO error = EINVAL; 1821f95d4633SHajimu UMEMOTO break; 1822f95d4633SHajimu UMEMOTO } 1823f95d4633SHajimu UMEMOTO 1824a5d1aae3SHajimu UMEMOTO switch (optname) { 1825a5d1aae3SHajimu UMEMOTO case IPV6_HOPOPTS: 1826a5d1aae3SHajimu UMEMOTO case IPV6_DSTOPTS: 1827a5d1aae3SHajimu UMEMOTO case IPV6_RTHDRDSTOPTS: 1828a5d1aae3SHajimu UMEMOTO case IPV6_NEXTHOP: 1829a5d1aae3SHajimu UMEMOTO if (!privileged) 1830a5d1aae3SHajimu UMEMOTO error = EPERM; 1831a5d1aae3SHajimu UMEMOTO break; 1832a5d1aae3SHajimu UMEMOTO } 1833a5d1aae3SHajimu UMEMOTO if (error) 1834a5d1aae3SHajimu UMEMOTO break; 1835a5d1aae3SHajimu UMEMOTO 1836a5d1aae3SHajimu UMEMOTO switch (optname) { 1837a5d1aae3SHajimu UMEMOTO case IPV6_PKTINFO: 1838a5d1aae3SHajimu UMEMOTO optlen = sizeof(struct in6_pktinfo); 1839a5d1aae3SHajimu UMEMOTO break; 1840a5d1aae3SHajimu UMEMOTO case IPV6_NEXTHOP: 1841a5d1aae3SHajimu UMEMOTO optlen = SOCK_MAXADDRLEN; 1842a5d1aae3SHajimu UMEMOTO break; 1843a5d1aae3SHajimu UMEMOTO default: 1844a5d1aae3SHajimu UMEMOTO optlen = IPV6_MAXOPTHDR; 1845a5d1aae3SHajimu UMEMOTO break; 1846a5d1aae3SHajimu UMEMOTO } 1847a5d1aae3SHajimu UMEMOTO if (sopt->sopt_valsize > optlen) { 1848a5d1aae3SHajimu UMEMOTO error = EINVAL; 1849a5d1aae3SHajimu UMEMOTO break; 1850a5d1aae3SHajimu UMEMOTO } 1851a5d1aae3SHajimu UMEMOTO 1852f95d4633SHajimu UMEMOTO optlen = sopt->sopt_valsize; 1853a5d1aae3SHajimu UMEMOTO optbuf = malloc(optlen, M_TEMP, M_WAITOK); 1854a5d1aae3SHajimu UMEMOTO error = sooptcopyin(sopt, optbuf, optlen, 1855a5d1aae3SHajimu UMEMOTO optlen); 1856a5d1aae3SHajimu UMEMOTO if (error) { 1857a5d1aae3SHajimu UMEMOTO free(optbuf, M_TEMP); 1858a5d1aae3SHajimu UMEMOTO break; 1859a5d1aae3SHajimu UMEMOTO } 1860a5d1aae3SHajimu UMEMOTO 1861f95d4633SHajimu UMEMOTO optp = &in6p->in6p_outputopts; 1862f95d4633SHajimu UMEMOTO error = ip6_pcbopt(optname, 1863f95d4633SHajimu UMEMOTO optbuf, optlen, 1864f95d4633SHajimu UMEMOTO optp, privileged, uproto); 1865a5d1aae3SHajimu UMEMOTO free(optbuf, M_TEMP); 1866f95d4633SHajimu UMEMOTO break; 1867f95d4633SHajimu UMEMOTO } 186882cd038dSYoshinobu Inoue #undef OPTSET 186982cd038dSYoshinobu Inoue 187082cd038dSYoshinobu Inoue case IPV6_MULTICAST_IF: 187182cd038dSYoshinobu Inoue case IPV6_MULTICAST_HOPS: 187282cd038dSYoshinobu Inoue case IPV6_MULTICAST_LOOP: 187382cd038dSYoshinobu Inoue case IPV6_JOIN_GROUP: 187482cd038dSYoshinobu Inoue case IPV6_LEAVE_GROUP: 187582cd038dSYoshinobu Inoue { 187682cd038dSYoshinobu Inoue if (sopt->sopt_valsize > MLEN) { 187782cd038dSYoshinobu Inoue error = EMSGSIZE; 187882cd038dSYoshinobu Inoue break; 187982cd038dSYoshinobu Inoue } 188082cd038dSYoshinobu Inoue /* XXX */ 1881f95d4633SHajimu UMEMOTO } 1882f95d4633SHajimu UMEMOTO /* FALLTHROUGH */ 1883f95d4633SHajimu UMEMOTO { 1884f95d4633SHajimu UMEMOTO struct mbuf *m; 1885f95d4633SHajimu UMEMOTO 1886f95d4633SHajimu UMEMOTO if (sopt->sopt_valsize > MCLBYTES) { 1887f95d4633SHajimu UMEMOTO error = EMSGSIZE; 1888f95d4633SHajimu UMEMOTO break; 1889f95d4633SHajimu UMEMOTO } 1890f95d4633SHajimu UMEMOTO /* XXX */ 1891f95d4633SHajimu UMEMOTO MGET(m, sopt->sopt_td ? M_WAIT : M_DONTWAIT, MT_HEADER); 189282cd038dSYoshinobu Inoue if (m == 0) { 189382cd038dSYoshinobu Inoue error = ENOBUFS; 189482cd038dSYoshinobu Inoue break; 189582cd038dSYoshinobu Inoue } 1896f95d4633SHajimu UMEMOTO if (sopt->sopt_valsize > MLEN) { 1897f95d4633SHajimu UMEMOTO MCLGET(m, sopt->sopt_td ? M_WAIT : M_DONTWAIT); 1898f95d4633SHajimu UMEMOTO if ((m->m_flags & M_EXT) == 0) { 1899f95d4633SHajimu UMEMOTO m_free(m); 1900f95d4633SHajimu UMEMOTO error = ENOBUFS; 1901f95d4633SHajimu UMEMOTO break; 1902f95d4633SHajimu UMEMOTO } 1903f95d4633SHajimu UMEMOTO } 190482cd038dSYoshinobu Inoue m->m_len = sopt->sopt_valsize; 190582cd038dSYoshinobu Inoue error = sooptcopyin(sopt, mtod(m, char *), 190682cd038dSYoshinobu Inoue m->m_len, m->m_len); 1907f95d4633SHajimu UMEMOTO if (error) { 1908f95d4633SHajimu UMEMOTO (void)m_free(m); 1909f95d4633SHajimu UMEMOTO break; 1910f95d4633SHajimu UMEMOTO } 191182cd038dSYoshinobu Inoue error = ip6_setmoptions(sopt->sopt_name, 191282cd038dSYoshinobu Inoue &in6p->in6p_moptions, 191382cd038dSYoshinobu Inoue m); 191482cd038dSYoshinobu Inoue (void)m_free(m); 191582cd038dSYoshinobu Inoue } 191682cd038dSYoshinobu Inoue break; 191782cd038dSYoshinobu Inoue 191882cd038dSYoshinobu Inoue case IPV6_PORTRANGE: 1919686cdd19SJun-ichiro itojun Hagino error = sooptcopyin(sopt, &optval, 1920686cdd19SJun-ichiro itojun Hagino sizeof optval, sizeof optval); 192182cd038dSYoshinobu Inoue if (error) 192282cd038dSYoshinobu Inoue break; 192382cd038dSYoshinobu Inoue 192482cd038dSYoshinobu Inoue switch (optval) { 192582cd038dSYoshinobu Inoue case IPV6_PORTRANGE_DEFAULT: 192682cd038dSYoshinobu Inoue in6p->in6p_flags &= ~(IN6P_LOWPORT); 192782cd038dSYoshinobu Inoue in6p->in6p_flags &= ~(IN6P_HIGHPORT); 192882cd038dSYoshinobu Inoue break; 192982cd038dSYoshinobu Inoue 193082cd038dSYoshinobu Inoue case IPV6_PORTRANGE_HIGH: 193182cd038dSYoshinobu Inoue in6p->in6p_flags &= ~(IN6P_LOWPORT); 193282cd038dSYoshinobu Inoue in6p->in6p_flags |= IN6P_HIGHPORT; 193382cd038dSYoshinobu Inoue break; 193482cd038dSYoshinobu Inoue 193582cd038dSYoshinobu Inoue case IPV6_PORTRANGE_LOW: 193682cd038dSYoshinobu Inoue in6p->in6p_flags &= ~(IN6P_HIGHPORT); 193782cd038dSYoshinobu Inoue in6p->in6p_flags |= IN6P_LOWPORT; 193882cd038dSYoshinobu Inoue break; 193982cd038dSYoshinobu Inoue 194082cd038dSYoshinobu Inoue default: 194182cd038dSYoshinobu Inoue error = EINVAL; 194282cd038dSYoshinobu Inoue break; 194382cd038dSYoshinobu Inoue } 194482cd038dSYoshinobu Inoue break; 194582cd038dSYoshinobu Inoue 1946b9234fafSSam Leffler #if defined(IPSEC) || defined(FAST_IPSEC) 194782cd038dSYoshinobu Inoue case IPV6_IPSEC_POLICY: 194882cd038dSYoshinobu Inoue { 194982cd038dSYoshinobu Inoue caddr_t req = NULL; 1950686cdd19SJun-ichiro itojun Hagino size_t len = 0; 195182cd038dSYoshinobu Inoue struct mbuf *m; 195282cd038dSYoshinobu Inoue 1953686cdd19SJun-ichiro itojun Hagino if ((error = soopt_getm(sopt, &m)) != 0) /* XXX */ 195482cd038dSYoshinobu Inoue break; 1955686cdd19SJun-ichiro itojun Hagino if ((error = soopt_mcopyin(sopt, m)) != 0) /* XXX */ 195682cd038dSYoshinobu Inoue break; 1957686cdd19SJun-ichiro itojun Hagino if (m) { 195882cd038dSYoshinobu Inoue req = mtod(m, caddr_t); 1959686cdd19SJun-ichiro itojun Hagino len = m->m_len; 1960686cdd19SJun-ichiro itojun Hagino } 196182cd038dSYoshinobu Inoue error = ipsec6_set_policy(in6p, optname, req, 1962686cdd19SJun-ichiro itojun Hagino len, privileged); 196382cd038dSYoshinobu Inoue m_freem(m); 196482cd038dSYoshinobu Inoue } 196582cd038dSYoshinobu Inoue break; 196633841545SHajimu UMEMOTO #endif /* KAME IPSEC */ 196782cd038dSYoshinobu Inoue 196882cd038dSYoshinobu Inoue case IPV6_FW_ADD: 196982cd038dSYoshinobu Inoue case IPV6_FW_DEL: 197082cd038dSYoshinobu Inoue case IPV6_FW_FLUSH: 197182cd038dSYoshinobu Inoue case IPV6_FW_ZERO: 197282cd038dSYoshinobu Inoue { 197382cd038dSYoshinobu Inoue struct mbuf *m; 197482cd038dSYoshinobu Inoue struct mbuf **mp = &m; 197582cd038dSYoshinobu Inoue 197682cd038dSYoshinobu Inoue if (ip6_fw_ctl_ptr == NULL) 197782cd038dSYoshinobu Inoue return EINVAL; 19783e617560SHajimu UMEMOTO /* XXX */ 19793e617560SHajimu UMEMOTO if ((error = soopt_getm(sopt, &m)) != 0) 198082cd038dSYoshinobu Inoue break; 19813e617560SHajimu UMEMOTO /* XXX */ 19823e617560SHajimu UMEMOTO if ((error = soopt_mcopyin(sopt, m)) != 0) 198382cd038dSYoshinobu Inoue break; 198482cd038dSYoshinobu Inoue error = (*ip6_fw_ctl_ptr)(optname, mp); 198582cd038dSYoshinobu Inoue m = *mp; 198682cd038dSYoshinobu Inoue } 198782cd038dSYoshinobu Inoue break; 198882cd038dSYoshinobu Inoue 198982cd038dSYoshinobu Inoue default: 199082cd038dSYoshinobu Inoue error = ENOPROTOOPT; 199182cd038dSYoshinobu Inoue break; 199282cd038dSYoshinobu Inoue } 199382cd038dSYoshinobu Inoue break; 199482cd038dSYoshinobu Inoue 199582cd038dSYoshinobu Inoue case SOPT_GET: 199682cd038dSYoshinobu Inoue switch (optname) { 199782cd038dSYoshinobu Inoue 1998f95d4633SHajimu UMEMOTO case IPV6_2292PKTOPTIONS: 1999f95d4633SHajimu UMEMOTO #ifdef IPV6_PKTOPTIONS 200082cd038dSYoshinobu Inoue case IPV6_PKTOPTIONS: 2001f95d4633SHajimu UMEMOTO #endif 2002f95d4633SHajimu UMEMOTO /* 2003f95d4633SHajimu UMEMOTO * RFC3542 (effectively) deprecated the 2004f95d4633SHajimu UMEMOTO * semantics of the 2292-style pktoptions. 2005f95d4633SHajimu UMEMOTO * Since it was not reliable in nature (i.e., 2006f95d4633SHajimu UMEMOTO * applications had to expect the lack of some 2007f95d4633SHajimu UMEMOTO * information after all), it would make sense 2008f95d4633SHajimu UMEMOTO * to simplify this part by always returning 2009f95d4633SHajimu UMEMOTO * empty data. 2010f95d4633SHajimu UMEMOTO */ 201182cd038dSYoshinobu Inoue sopt->sopt_valsize = 0; 201282cd038dSYoshinobu Inoue break; 201382cd038dSYoshinobu Inoue 2014f95d4633SHajimu UMEMOTO case IPV6_RECVHOPOPTS: 2015f95d4633SHajimu UMEMOTO case IPV6_RECVDSTOPTS: 2016f95d4633SHajimu UMEMOTO case IPV6_RECVRTHDRDSTOPTS: 201782cd038dSYoshinobu Inoue case IPV6_UNICAST_HOPS: 2018f95d4633SHajimu UMEMOTO case IPV6_RECVPKTINFO: 2019f95d4633SHajimu UMEMOTO case IPV6_RECVHOPLIMIT: 2020f95d4633SHajimu UMEMOTO case IPV6_RECVRTHDR: 2021f95d4633SHajimu UMEMOTO case IPV6_RECVPATHMTU: 202233841545SHajimu UMEMOTO 202382cd038dSYoshinobu Inoue case IPV6_FAITH: 202433841545SHajimu UMEMOTO case IPV6_V6ONLY: 2025fa310a7eSYoshinobu Inoue case IPV6_PORTRANGE: 2026f95d4633SHajimu UMEMOTO case IPV6_RECVTCLASS: 2027f95d4633SHajimu UMEMOTO case IPV6_AUTOFLOWLABEL: 202882cd038dSYoshinobu Inoue switch (optname) { 202982cd038dSYoshinobu Inoue 2030f95d4633SHajimu UMEMOTO case IPV6_RECVHOPOPTS: 2031f95d4633SHajimu UMEMOTO optval = OPTBIT(IN6P_HOPOPTS); 2032f95d4633SHajimu UMEMOTO break; 2033f95d4633SHajimu UMEMOTO 2034f95d4633SHajimu UMEMOTO case IPV6_RECVDSTOPTS: 2035f95d4633SHajimu UMEMOTO optval = OPTBIT(IN6P_DSTOPTS); 2036f95d4633SHajimu UMEMOTO break; 2037f95d4633SHajimu UMEMOTO 2038f95d4633SHajimu UMEMOTO case IPV6_RECVRTHDRDSTOPTS: 2039f95d4633SHajimu UMEMOTO optval = OPTBIT(IN6P_RTHDRDSTOPTS); 2040f95d4633SHajimu UMEMOTO break; 2041f95d4633SHajimu UMEMOTO 204282cd038dSYoshinobu Inoue case IPV6_UNICAST_HOPS: 204382cd038dSYoshinobu Inoue optval = in6p->in6p_hops; 204482cd038dSYoshinobu Inoue break; 204582cd038dSYoshinobu Inoue 2046f95d4633SHajimu UMEMOTO case IPV6_RECVPKTINFO: 2047f95d4633SHajimu UMEMOTO optval = OPTBIT(IN6P_PKTINFO); 2048f95d4633SHajimu UMEMOTO break; 2049f95d4633SHajimu UMEMOTO 2050f95d4633SHajimu UMEMOTO case IPV6_RECVHOPLIMIT: 2051f95d4633SHajimu UMEMOTO optval = OPTBIT(IN6P_HOPLIMIT); 2052f95d4633SHajimu UMEMOTO break; 2053f95d4633SHajimu UMEMOTO 2054f95d4633SHajimu UMEMOTO case IPV6_RECVRTHDR: 2055f95d4633SHajimu UMEMOTO optval = OPTBIT(IN6P_RTHDR); 2056f95d4633SHajimu UMEMOTO break; 2057f95d4633SHajimu UMEMOTO 2058f95d4633SHajimu UMEMOTO case IPV6_RECVPATHMTU: 2059f95d4633SHajimu UMEMOTO optval = OPTBIT(IN6P_MTU); 206082cd038dSYoshinobu Inoue break; 206182cd038dSYoshinobu Inoue 206282cd038dSYoshinobu Inoue case IPV6_FAITH: 206382cd038dSYoshinobu Inoue optval = OPTBIT(IN6P_FAITH); 206482cd038dSYoshinobu Inoue break; 206582cd038dSYoshinobu Inoue 206633841545SHajimu UMEMOTO case IPV6_V6ONLY: 2067854d3b19SHajimu UMEMOTO optval = OPTBIT(IN6P_IPV6_V6ONLY); 206882cd038dSYoshinobu Inoue break; 206982cd038dSYoshinobu Inoue 207082cd038dSYoshinobu Inoue case IPV6_PORTRANGE: 207182cd038dSYoshinobu Inoue { 207282cd038dSYoshinobu Inoue int flags; 207382cd038dSYoshinobu Inoue flags = in6p->in6p_flags; 207482cd038dSYoshinobu Inoue if (flags & IN6P_HIGHPORT) 207582cd038dSYoshinobu Inoue optval = IPV6_PORTRANGE_HIGH; 207682cd038dSYoshinobu Inoue else if (flags & IN6P_LOWPORT) 207782cd038dSYoshinobu Inoue optval = IPV6_PORTRANGE_LOW; 207882cd038dSYoshinobu Inoue else 207982cd038dSYoshinobu Inoue optval = 0; 208082cd038dSYoshinobu Inoue break; 208182cd038dSYoshinobu Inoue } 2082f95d4633SHajimu UMEMOTO case IPV6_RECVTCLASS: 2083f95d4633SHajimu UMEMOTO optval = OPTBIT(IN6P_TCLASS); 2084f95d4633SHajimu UMEMOTO break; 2085f95d4633SHajimu UMEMOTO 2086f95d4633SHajimu UMEMOTO case IPV6_AUTOFLOWLABEL: 2087f95d4633SHajimu UMEMOTO optval = OPTBIT(IN6P_AUTOFLOWLABEL); 2088f95d4633SHajimu UMEMOTO break; 208982cd038dSYoshinobu Inoue } 2090f95d4633SHajimu UMEMOTO if (error) 2091f95d4633SHajimu UMEMOTO break; 209282cd038dSYoshinobu Inoue error = sooptcopyout(sopt, &optval, 209382cd038dSYoshinobu Inoue sizeof optval); 209482cd038dSYoshinobu Inoue break; 209582cd038dSYoshinobu Inoue 2096f95d4633SHajimu UMEMOTO case IPV6_PATHMTU: 2097f95d4633SHajimu UMEMOTO { 2098f95d4633SHajimu UMEMOTO u_long pmtu = 0; 2099f95d4633SHajimu UMEMOTO struct ip6_mtuinfo mtuinfo; 210097d8d152SAndre Oppermann struct route_in6 sro; 210197d8d152SAndre Oppermann 210297d8d152SAndre Oppermann bzero(&sro, sizeof(sro)); 2103f95d4633SHajimu UMEMOTO 2104f95d4633SHajimu UMEMOTO if (!(so->so_state & SS_ISCONNECTED)) 2105f95d4633SHajimu UMEMOTO return (ENOTCONN); 2106f95d4633SHajimu UMEMOTO /* 2107f95d4633SHajimu UMEMOTO * XXX: we dot not consider the case of source 2108f95d4633SHajimu UMEMOTO * routing, or optional information to specify 2109f95d4633SHajimu UMEMOTO * the outgoing interface. 2110f95d4633SHajimu UMEMOTO */ 211197d8d152SAndre Oppermann error = ip6_getpmtu(&sro, NULL, NULL, 2112f95d4633SHajimu UMEMOTO &in6p->in6p_faddr, &pmtu, NULL); 211397d8d152SAndre Oppermann if (sro.ro_rt) 211497d8d152SAndre Oppermann RTFREE(sro.ro_rt); 2115f95d4633SHajimu UMEMOTO if (error) 2116f95d4633SHajimu UMEMOTO break; 2117f95d4633SHajimu UMEMOTO if (pmtu > IPV6_MAXPACKET) 2118f95d4633SHajimu UMEMOTO pmtu = IPV6_MAXPACKET; 2119f95d4633SHajimu UMEMOTO 2120f95d4633SHajimu UMEMOTO bzero(&mtuinfo, sizeof(mtuinfo)); 2121f95d4633SHajimu UMEMOTO mtuinfo.ip6m_mtu = (u_int32_t)pmtu; 2122f95d4633SHajimu UMEMOTO optdata = (void *)&mtuinfo; 2123f95d4633SHajimu UMEMOTO optdatalen = sizeof(mtuinfo); 2124f95d4633SHajimu UMEMOTO error = sooptcopyout(sopt, optdata, 2125f95d4633SHajimu UMEMOTO optdatalen); 2126f95d4633SHajimu UMEMOTO break; 2127f95d4633SHajimu UMEMOTO } 2128f95d4633SHajimu UMEMOTO 2129f95d4633SHajimu UMEMOTO case IPV6_2292PKTINFO: 2130f95d4633SHajimu UMEMOTO case IPV6_2292HOPLIMIT: 2131f95d4633SHajimu UMEMOTO case IPV6_2292HOPOPTS: 2132f95d4633SHajimu UMEMOTO case IPV6_2292RTHDR: 2133f95d4633SHajimu UMEMOTO case IPV6_2292DSTOPTS: 213433841545SHajimu UMEMOTO switch (optname) { 2135f95d4633SHajimu UMEMOTO case IPV6_2292PKTINFO: 213633841545SHajimu UMEMOTO optval = OPTBIT(IN6P_PKTINFO); 213733841545SHajimu UMEMOTO break; 2138f95d4633SHajimu UMEMOTO case IPV6_2292HOPLIMIT: 213933841545SHajimu UMEMOTO optval = OPTBIT(IN6P_HOPLIMIT); 214033841545SHajimu UMEMOTO break; 2141f95d4633SHajimu UMEMOTO case IPV6_2292HOPOPTS: 214233841545SHajimu UMEMOTO optval = OPTBIT(IN6P_HOPOPTS); 214333841545SHajimu UMEMOTO break; 2144f95d4633SHajimu UMEMOTO case IPV6_2292RTHDR: 214533841545SHajimu UMEMOTO optval = OPTBIT(IN6P_RTHDR); 214633841545SHajimu UMEMOTO break; 2147f95d4633SHajimu UMEMOTO case IPV6_2292DSTOPTS: 214833841545SHajimu UMEMOTO optval = OPTBIT(IN6P_DSTOPTS|IN6P_RTHDRDSTOPTS); 214933841545SHajimu UMEMOTO break; 215033841545SHajimu UMEMOTO } 215133841545SHajimu UMEMOTO error = sooptcopyout(sopt, &optval, 215233841545SHajimu UMEMOTO sizeof optval); 215333841545SHajimu UMEMOTO break; 2154f95d4633SHajimu UMEMOTO case IPV6_PKTINFO: 2155f95d4633SHajimu UMEMOTO case IPV6_HOPOPTS: 2156f95d4633SHajimu UMEMOTO case IPV6_RTHDR: 2157f95d4633SHajimu UMEMOTO case IPV6_DSTOPTS: 2158f95d4633SHajimu UMEMOTO case IPV6_RTHDRDSTOPTS: 2159f95d4633SHajimu UMEMOTO case IPV6_NEXTHOP: 2160f95d4633SHajimu UMEMOTO case IPV6_TCLASS: 2161f95d4633SHajimu UMEMOTO case IPV6_DONTFRAG: 2162f95d4633SHajimu UMEMOTO case IPV6_USE_MIN_MTU: 2163f95d4633SHajimu UMEMOTO case IPV6_PREFER_TEMPADDR: 2164f95d4633SHajimu UMEMOTO error = ip6_getpcbopt(in6p->in6p_outputopts, 2165f95d4633SHajimu UMEMOTO optname, sopt); 2166f95d4633SHajimu UMEMOTO break; 216733841545SHajimu UMEMOTO 216882cd038dSYoshinobu Inoue case IPV6_MULTICAST_IF: 216982cd038dSYoshinobu Inoue case IPV6_MULTICAST_HOPS: 217082cd038dSYoshinobu Inoue case IPV6_MULTICAST_LOOP: 217182cd038dSYoshinobu Inoue case IPV6_JOIN_GROUP: 217282cd038dSYoshinobu Inoue case IPV6_LEAVE_GROUP: 217382cd038dSYoshinobu Inoue { 217482cd038dSYoshinobu Inoue struct mbuf *m; 217582cd038dSYoshinobu Inoue error = ip6_getmoptions(sopt->sopt_name, 217682cd038dSYoshinobu Inoue in6p->in6p_moptions, &m); 217782cd038dSYoshinobu Inoue if (error == 0) 217882cd038dSYoshinobu Inoue error = sooptcopyout(sopt, 217982cd038dSYoshinobu Inoue mtod(m, char *), m->m_len); 218082cd038dSYoshinobu Inoue m_freem(m); 218182cd038dSYoshinobu Inoue } 218282cd038dSYoshinobu Inoue break; 218382cd038dSYoshinobu Inoue 2184b9234fafSSam Leffler #if defined(IPSEC) || defined(FAST_IPSEC) 218582cd038dSYoshinobu Inoue case IPV6_IPSEC_POLICY: 218682cd038dSYoshinobu Inoue { 2187f63e7634SYoshinobu Inoue caddr_t req = NULL; 2188686cdd19SJun-ichiro itojun Hagino size_t len = 0; 2189686cdd19SJun-ichiro itojun Hagino struct mbuf *m = NULL; 2190686cdd19SJun-ichiro itojun Hagino struct mbuf **mp = &m; 2191f95d4633SHajimu UMEMOTO size_t ovalsize = sopt->sopt_valsize; 2192f95d4633SHajimu UMEMOTO caddr_t oval = (caddr_t)sopt->sopt_val; 2193f63e7634SYoshinobu Inoue 2194686cdd19SJun-ichiro itojun Hagino error = soopt_getm(sopt, &m); /* XXX */ 2195a46f7e7cSHajimu UMEMOTO if (error != 0) 2196686cdd19SJun-ichiro itojun Hagino break; 2197686cdd19SJun-ichiro itojun Hagino error = soopt_mcopyin(sopt, m); /* XXX */ 2198a46f7e7cSHajimu UMEMOTO if (error != 0) 2199686cdd19SJun-ichiro itojun Hagino break; 2200f95d4633SHajimu UMEMOTO sopt->sopt_valsize = ovalsize; 2201f95d4633SHajimu UMEMOTO sopt->sopt_val = oval; 2202686cdd19SJun-ichiro itojun Hagino if (m) { 220382cd038dSYoshinobu Inoue req = mtod(m, caddr_t); 2204686cdd19SJun-ichiro itojun Hagino len = m->m_len; 2205686cdd19SJun-ichiro itojun Hagino } 2206686cdd19SJun-ichiro itojun Hagino error = ipsec6_get_policy(in6p, req, len, mp); 220782cd038dSYoshinobu Inoue if (error == 0) 220882cd038dSYoshinobu Inoue error = soopt_mcopyout(sopt, m); /* XXX */ 220933841545SHajimu UMEMOTO if (error == 0 && m) 221082cd038dSYoshinobu Inoue m_freem(m); 221182cd038dSYoshinobu Inoue break; 221282cd038dSYoshinobu Inoue } 221333841545SHajimu UMEMOTO #endif /* KAME IPSEC */ 221482cd038dSYoshinobu Inoue 221582cd038dSYoshinobu Inoue case IPV6_FW_GET: 221682cd038dSYoshinobu Inoue { 221782cd038dSYoshinobu Inoue struct mbuf *m; 221882cd038dSYoshinobu Inoue struct mbuf **mp = &m; 221982cd038dSYoshinobu Inoue 222082cd038dSYoshinobu Inoue if (ip6_fw_ctl_ptr == NULL) 222182cd038dSYoshinobu Inoue { 222282cd038dSYoshinobu Inoue return EINVAL; 222382cd038dSYoshinobu Inoue } 222482cd038dSYoshinobu Inoue error = (*ip6_fw_ctl_ptr)(optname, mp); 222582cd038dSYoshinobu Inoue if (error == 0) 222682cd038dSYoshinobu Inoue error = soopt_mcopyout(sopt, m); /* XXX */ 22276c0bea35SHajimu UMEMOTO if (error == 0 && m) 222882cd038dSYoshinobu Inoue m_freem(m); 222982cd038dSYoshinobu Inoue } 223082cd038dSYoshinobu Inoue break; 223182cd038dSYoshinobu Inoue 223282cd038dSYoshinobu Inoue default: 223382cd038dSYoshinobu Inoue error = ENOPROTOOPT; 223482cd038dSYoshinobu Inoue break; 223582cd038dSYoshinobu Inoue } 223682cd038dSYoshinobu Inoue break; 223782cd038dSYoshinobu Inoue } 2238f95d4633SHajimu UMEMOTO } else { /* level != IPPROTO_IPV6 */ 223982cd038dSYoshinobu Inoue error = EINVAL; 224082cd038dSYoshinobu Inoue } 224182cd038dSYoshinobu Inoue return (error); 224282cd038dSYoshinobu Inoue } 224382cd038dSYoshinobu Inoue 224402b9a206SHajimu UMEMOTO int 224502b9a206SHajimu UMEMOTO ip6_raw_ctloutput(so, sopt) 224602b9a206SHajimu UMEMOTO struct socket *so; 224702b9a206SHajimu UMEMOTO struct sockopt *sopt; 224802b9a206SHajimu UMEMOTO { 224902b9a206SHajimu UMEMOTO int error = 0, optval, optlen; 225002b9a206SHajimu UMEMOTO const int icmp6off = offsetof(struct icmp6_hdr, icmp6_cksum); 225102b9a206SHajimu UMEMOTO struct in6pcb *in6p = sotoin6pcb(so); 225202b9a206SHajimu UMEMOTO int level, op, optname; 225302b9a206SHajimu UMEMOTO 225402b9a206SHajimu UMEMOTO if (sopt) { 225502b9a206SHajimu UMEMOTO level = sopt->sopt_level; 225602b9a206SHajimu UMEMOTO op = sopt->sopt_dir; 225702b9a206SHajimu UMEMOTO optname = sopt->sopt_name; 225802b9a206SHajimu UMEMOTO optlen = sopt->sopt_valsize; 225902b9a206SHajimu UMEMOTO } else 226002b9a206SHajimu UMEMOTO panic("ip6_raw_ctloutput: arg soopt is NULL"); 226102b9a206SHajimu UMEMOTO 226202b9a206SHajimu UMEMOTO if (level != IPPROTO_IPV6) { 226302b9a206SHajimu UMEMOTO return (EINVAL); 226402b9a206SHajimu UMEMOTO } 226502b9a206SHajimu UMEMOTO 226602b9a206SHajimu UMEMOTO switch (optname) { 226702b9a206SHajimu UMEMOTO case IPV6_CHECKSUM: 226802b9a206SHajimu UMEMOTO /* 226902b9a206SHajimu UMEMOTO * For ICMPv6 sockets, no modification allowed for checksum 227002b9a206SHajimu UMEMOTO * offset, permit "no change" values to help existing apps. 227102b9a206SHajimu UMEMOTO * 227218b35df8SHajimu UMEMOTO * RFC3542 says: "An attempt to set IPV6_CHECKSUM 227302b9a206SHajimu UMEMOTO * for an ICMPv6 socket will fail." 227418b35df8SHajimu UMEMOTO * The current behavior does not meet RFC3542. 227502b9a206SHajimu UMEMOTO */ 227602b9a206SHajimu UMEMOTO switch (op) { 227702b9a206SHajimu UMEMOTO case SOPT_SET: 227802b9a206SHajimu UMEMOTO if (optlen != sizeof(int)) { 227902b9a206SHajimu UMEMOTO error = EINVAL; 228002b9a206SHajimu UMEMOTO break; 228102b9a206SHajimu UMEMOTO } 228202b9a206SHajimu UMEMOTO error = sooptcopyin(sopt, &optval, sizeof(optval), 228302b9a206SHajimu UMEMOTO sizeof(optval)); 228402b9a206SHajimu UMEMOTO if (error) 228502b9a206SHajimu UMEMOTO break; 228602b9a206SHajimu UMEMOTO if ((optval % 2) != 0) { 228702b9a206SHajimu UMEMOTO /* the API assumes even offset values */ 228802b9a206SHajimu UMEMOTO error = EINVAL; 228902b9a206SHajimu UMEMOTO } else if (so->so_proto->pr_protocol == 229002b9a206SHajimu UMEMOTO IPPROTO_ICMPV6) { 229102b9a206SHajimu UMEMOTO if (optval != icmp6off) 229202b9a206SHajimu UMEMOTO error = EINVAL; 229302b9a206SHajimu UMEMOTO } else 229402b9a206SHajimu UMEMOTO in6p->in6p_cksum = optval; 229502b9a206SHajimu UMEMOTO break; 229602b9a206SHajimu UMEMOTO 229702b9a206SHajimu UMEMOTO case SOPT_GET: 229802b9a206SHajimu UMEMOTO if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) 229902b9a206SHajimu UMEMOTO optval = icmp6off; 230002b9a206SHajimu UMEMOTO else 230102b9a206SHajimu UMEMOTO optval = in6p->in6p_cksum; 230202b9a206SHajimu UMEMOTO 230302b9a206SHajimu UMEMOTO error = sooptcopyout(sopt, &optval, sizeof(optval)); 230402b9a206SHajimu UMEMOTO break; 230502b9a206SHajimu UMEMOTO 230602b9a206SHajimu UMEMOTO default: 230702b9a206SHajimu UMEMOTO error = EINVAL; 230802b9a206SHajimu UMEMOTO break; 230902b9a206SHajimu UMEMOTO } 231002b9a206SHajimu UMEMOTO break; 231102b9a206SHajimu UMEMOTO 231202b9a206SHajimu UMEMOTO default: 231302b9a206SHajimu UMEMOTO error = ENOPROTOOPT; 231402b9a206SHajimu UMEMOTO break; 231502b9a206SHajimu UMEMOTO } 231602b9a206SHajimu UMEMOTO 231702b9a206SHajimu UMEMOTO return (error); 231802b9a206SHajimu UMEMOTO } 231902b9a206SHajimu UMEMOTO 232082cd038dSYoshinobu Inoue /* 232133841545SHajimu UMEMOTO * Set up IP6 options in pcb for insertion in output packets or 232233841545SHajimu UMEMOTO * specifying behavior of outgoing packets. 232382cd038dSYoshinobu Inoue */ 232482cd038dSYoshinobu Inoue static int 232582cd038dSYoshinobu Inoue ip6_pcbopts(pktopt, m, so, sopt) 232682cd038dSYoshinobu Inoue struct ip6_pktopts **pktopt; 232733841545SHajimu UMEMOTO struct mbuf *m; 232882cd038dSYoshinobu Inoue struct socket *so; 232982cd038dSYoshinobu Inoue struct sockopt *sopt; 233082cd038dSYoshinobu Inoue { 233133841545SHajimu UMEMOTO struct ip6_pktopts *opt = *pktopt; 233282cd038dSYoshinobu Inoue int error = 0; 2333b40ce416SJulian Elischer struct thread *td = sopt->sopt_td; 233482cd038dSYoshinobu Inoue int priv = 0; 233582cd038dSYoshinobu Inoue 233682cd038dSYoshinobu Inoue /* turn off any old options. */ 233782cd038dSYoshinobu Inoue if (opt) { 233833841545SHajimu UMEMOTO #ifdef DIAGNOSTIC 233933841545SHajimu UMEMOTO if (opt->ip6po_pktinfo || opt->ip6po_nexthop || 234033841545SHajimu UMEMOTO opt->ip6po_hbh || opt->ip6po_dest1 || opt->ip6po_dest2 || 234133841545SHajimu UMEMOTO opt->ip6po_rhinfo.ip6po_rhi_rthdr) 234233841545SHajimu UMEMOTO printf("ip6_pcbopts: all specified options are cleared.\n"); 234333841545SHajimu UMEMOTO #endif 2344f95d4633SHajimu UMEMOTO ip6_clearpktopts(opt, -1); 234582cd038dSYoshinobu Inoue } else 2346a163d034SWarner Losh opt = malloc(sizeof(*opt), M_IP6OPT, M_WAITOK); 234733841545SHajimu UMEMOTO *pktopt = NULL; 234882cd038dSYoshinobu Inoue 234982cd038dSYoshinobu Inoue if (!m || m->m_len == 0) { 235082cd038dSYoshinobu Inoue /* 235135f6695bSHajimu UMEMOTO * Only turning off any previous options, regardless of 235235f6695bSHajimu UMEMOTO * whether the opt is just created or given. 235382cd038dSYoshinobu Inoue */ 235482cd038dSYoshinobu Inoue free(opt, M_IP6OPT); 235582cd038dSYoshinobu Inoue return (0); 235682cd038dSYoshinobu Inoue } 235782cd038dSYoshinobu Inoue 235882cd038dSYoshinobu Inoue /* set options specified by user. */ 235944731cabSJohn Baldwin if (td && !suser(td)) 236082cd038dSYoshinobu Inoue priv = 1; 2361d5e3406dSHajimu UMEMOTO if ((error = ip6_setpktopts(m, opt, NULL, priv, 1, 2362f95d4633SHajimu UMEMOTO so->so_proto->pr_protocol)) != 0) { 2363f95d4633SHajimu UMEMOTO ip6_clearpktopts(opt, -1); /* XXX: discard all options */ 236435f6695bSHajimu UMEMOTO free(opt, M_IP6OPT); 236582cd038dSYoshinobu Inoue return (error); 236682cd038dSYoshinobu Inoue } 236782cd038dSYoshinobu Inoue *pktopt = opt; 236882cd038dSYoshinobu Inoue return (0); 236982cd038dSYoshinobu Inoue } 237082cd038dSYoshinobu Inoue 237182cd038dSYoshinobu Inoue /* 237233841545SHajimu UMEMOTO * initialize ip6_pktopts. beware that there are non-zero default values in 237333841545SHajimu UMEMOTO * the struct. 237433841545SHajimu UMEMOTO */ 237533841545SHajimu UMEMOTO void 2376d5e3406dSHajimu UMEMOTO ip6_initpktopts(opt) 237733841545SHajimu UMEMOTO struct ip6_pktopts *opt; 237833841545SHajimu UMEMOTO { 237933841545SHajimu UMEMOTO 238033841545SHajimu UMEMOTO bzero(opt, sizeof(*opt)); 238133841545SHajimu UMEMOTO opt->ip6po_hlim = -1; /* -1 means default hop limit */ 2382f95d4633SHajimu UMEMOTO opt->ip6po_tclass = -1; /* -1 means default traffic class */ 2383f95d4633SHajimu UMEMOTO opt->ip6po_minmtu = IP6PO_MINMTU_MCASTONLY; 2384f95d4633SHajimu UMEMOTO opt->ip6po_prefer_tempaddr = IP6PO_TEMPADDR_SYSTEM; 2385f95d4633SHajimu UMEMOTO } 2386f95d4633SHajimu UMEMOTO 2387f95d4633SHajimu UMEMOTO static int 2388f95d4633SHajimu UMEMOTO ip6_pcbopt(optname, buf, len, pktopt, priv, uproto) 2389f95d4633SHajimu UMEMOTO int optname, len, priv; 2390f95d4633SHajimu UMEMOTO u_char *buf; 2391f95d4633SHajimu UMEMOTO struct ip6_pktopts **pktopt; 2392f95d4633SHajimu UMEMOTO int uproto; 2393f95d4633SHajimu UMEMOTO { 2394f95d4633SHajimu UMEMOTO struct ip6_pktopts *opt; 2395f95d4633SHajimu UMEMOTO 2396f95d4633SHajimu UMEMOTO if (*pktopt == NULL) { 2397f95d4633SHajimu UMEMOTO *pktopt = malloc(sizeof(struct ip6_pktopts), M_IP6OPT, 2398f95d4633SHajimu UMEMOTO M_WAITOK); 2399d5e3406dSHajimu UMEMOTO ip6_initpktopts(*pktopt); 2400f95d4633SHajimu UMEMOTO (*pktopt)->needfree = 1; 2401f95d4633SHajimu UMEMOTO } 2402f95d4633SHajimu UMEMOTO opt = *pktopt; 2403f95d4633SHajimu UMEMOTO 2404d5e3406dSHajimu UMEMOTO return (ip6_setpktopt(optname, buf, len, opt, priv, 1, 0, uproto)); 2405f95d4633SHajimu UMEMOTO } 2406f95d4633SHajimu UMEMOTO 2407f95d4633SHajimu UMEMOTO static int 2408f95d4633SHajimu UMEMOTO ip6_getpcbopt(pktopt, optname, sopt) 2409f95d4633SHajimu UMEMOTO struct ip6_pktopts *pktopt; 2410f95d4633SHajimu UMEMOTO struct sockopt *sopt; 2411f95d4633SHajimu UMEMOTO int optname; 2412f95d4633SHajimu UMEMOTO { 2413f95d4633SHajimu UMEMOTO void *optdata = NULL; 2414f95d4633SHajimu UMEMOTO int optdatalen = 0; 2415f95d4633SHajimu UMEMOTO struct ip6_ext *ip6e; 2416f95d4633SHajimu UMEMOTO int error = 0; 2417f95d4633SHajimu UMEMOTO struct in6_pktinfo null_pktinfo; 2418f95d4633SHajimu UMEMOTO int deftclass = 0, on; 2419f95d4633SHajimu UMEMOTO int defminmtu = IP6PO_MINMTU_MCASTONLY; 2420f95d4633SHajimu UMEMOTO int defpreftemp = IP6PO_TEMPADDR_SYSTEM; 2421f95d4633SHajimu UMEMOTO 2422f95d4633SHajimu UMEMOTO switch (optname) { 2423f95d4633SHajimu UMEMOTO case IPV6_PKTINFO: 2424f95d4633SHajimu UMEMOTO if (pktopt && pktopt->ip6po_pktinfo) 2425f95d4633SHajimu UMEMOTO optdata = (void *)pktopt->ip6po_pktinfo; 2426f95d4633SHajimu UMEMOTO else { 2427f95d4633SHajimu UMEMOTO /* XXX: we don't have to do this every time... */ 2428f95d4633SHajimu UMEMOTO bzero(&null_pktinfo, sizeof(null_pktinfo)); 2429f95d4633SHajimu UMEMOTO optdata = (void *)&null_pktinfo; 2430f95d4633SHajimu UMEMOTO } 2431f95d4633SHajimu UMEMOTO optdatalen = sizeof(struct in6_pktinfo); 2432f95d4633SHajimu UMEMOTO break; 2433f95d4633SHajimu UMEMOTO case IPV6_TCLASS: 2434f95d4633SHajimu UMEMOTO if (pktopt && pktopt->ip6po_tclass >= 0) 2435f95d4633SHajimu UMEMOTO optdata = (void *)&pktopt->ip6po_tclass; 2436f95d4633SHajimu UMEMOTO else 2437f95d4633SHajimu UMEMOTO optdata = (void *)&deftclass; 2438f95d4633SHajimu UMEMOTO optdatalen = sizeof(int); 2439f95d4633SHajimu UMEMOTO break; 2440f95d4633SHajimu UMEMOTO case IPV6_HOPOPTS: 2441f95d4633SHajimu UMEMOTO if (pktopt && pktopt->ip6po_hbh) { 2442f95d4633SHajimu UMEMOTO optdata = (void *)pktopt->ip6po_hbh; 2443f95d4633SHajimu UMEMOTO ip6e = (struct ip6_ext *)pktopt->ip6po_hbh; 2444f95d4633SHajimu UMEMOTO optdatalen = (ip6e->ip6e_len + 1) << 3; 2445f95d4633SHajimu UMEMOTO } 2446f95d4633SHajimu UMEMOTO break; 2447f95d4633SHajimu UMEMOTO case IPV6_RTHDR: 2448f95d4633SHajimu UMEMOTO if (pktopt && pktopt->ip6po_rthdr) { 2449f95d4633SHajimu UMEMOTO optdata = (void *)pktopt->ip6po_rthdr; 2450f95d4633SHajimu UMEMOTO ip6e = (struct ip6_ext *)pktopt->ip6po_rthdr; 2451f95d4633SHajimu UMEMOTO optdatalen = (ip6e->ip6e_len + 1) << 3; 2452f95d4633SHajimu UMEMOTO } 2453f95d4633SHajimu UMEMOTO break; 2454f95d4633SHajimu UMEMOTO case IPV6_RTHDRDSTOPTS: 2455f95d4633SHajimu UMEMOTO if (pktopt && pktopt->ip6po_dest1) { 2456f95d4633SHajimu UMEMOTO optdata = (void *)pktopt->ip6po_dest1; 2457f95d4633SHajimu UMEMOTO ip6e = (struct ip6_ext *)pktopt->ip6po_dest1; 2458f95d4633SHajimu UMEMOTO optdatalen = (ip6e->ip6e_len + 1) << 3; 2459f95d4633SHajimu UMEMOTO } 2460f95d4633SHajimu UMEMOTO break; 2461f95d4633SHajimu UMEMOTO case IPV6_DSTOPTS: 2462f95d4633SHajimu UMEMOTO if (pktopt && pktopt->ip6po_dest2) { 2463f95d4633SHajimu UMEMOTO optdata = (void *)pktopt->ip6po_dest2; 2464f95d4633SHajimu UMEMOTO ip6e = (struct ip6_ext *)pktopt->ip6po_dest2; 2465f95d4633SHajimu UMEMOTO optdatalen = (ip6e->ip6e_len + 1) << 3; 2466f95d4633SHajimu UMEMOTO } 2467f95d4633SHajimu UMEMOTO break; 2468f95d4633SHajimu UMEMOTO case IPV6_NEXTHOP: 2469f95d4633SHajimu UMEMOTO if (pktopt && pktopt->ip6po_nexthop) { 2470f95d4633SHajimu UMEMOTO optdata = (void *)pktopt->ip6po_nexthop; 2471f95d4633SHajimu UMEMOTO optdatalen = pktopt->ip6po_nexthop->sa_len; 2472f95d4633SHajimu UMEMOTO } 2473f95d4633SHajimu UMEMOTO break; 2474f95d4633SHajimu UMEMOTO case IPV6_USE_MIN_MTU: 2475f95d4633SHajimu UMEMOTO if (pktopt) 2476f95d4633SHajimu UMEMOTO optdata = (void *)&pktopt->ip6po_minmtu; 2477f95d4633SHajimu UMEMOTO else 2478f95d4633SHajimu UMEMOTO optdata = (void *)&defminmtu; 2479f95d4633SHajimu UMEMOTO optdatalen = sizeof(int); 2480f95d4633SHajimu UMEMOTO break; 2481f95d4633SHajimu UMEMOTO case IPV6_DONTFRAG: 2482f95d4633SHajimu UMEMOTO if (pktopt && ((pktopt->ip6po_flags) & IP6PO_DONTFRAG)) 2483f95d4633SHajimu UMEMOTO on = 1; 2484f95d4633SHajimu UMEMOTO else 2485f95d4633SHajimu UMEMOTO on = 0; 2486f95d4633SHajimu UMEMOTO optdata = (void *)&on; 2487f95d4633SHajimu UMEMOTO optdatalen = sizeof(on); 2488f95d4633SHajimu UMEMOTO break; 2489f95d4633SHajimu UMEMOTO case IPV6_PREFER_TEMPADDR: 2490f95d4633SHajimu UMEMOTO if (pktopt) 2491f95d4633SHajimu UMEMOTO optdata = (void *)&pktopt->ip6po_prefer_tempaddr; 2492f95d4633SHajimu UMEMOTO else 2493f95d4633SHajimu UMEMOTO optdata = (void *)&defpreftemp; 2494f95d4633SHajimu UMEMOTO optdatalen = sizeof(int); 2495f95d4633SHajimu UMEMOTO break; 2496f95d4633SHajimu UMEMOTO default: /* should not happen */ 2497f95d4633SHajimu UMEMOTO #ifdef DIAGNOSTIC 2498f95d4633SHajimu UMEMOTO panic("ip6_getpcbopt: unexpected option\n"); 2499f95d4633SHajimu UMEMOTO #endif 2500f95d4633SHajimu UMEMOTO return (ENOPROTOOPT); 2501f95d4633SHajimu UMEMOTO } 2502f95d4633SHajimu UMEMOTO 2503f95d4633SHajimu UMEMOTO error = sooptcopyout(sopt, optdata, optdatalen); 2504f95d4633SHajimu UMEMOTO 2505f95d4633SHajimu UMEMOTO return (error); 250633841545SHajimu UMEMOTO } 250733841545SHajimu UMEMOTO 250833841545SHajimu UMEMOTO void 2509f95d4633SHajimu UMEMOTO ip6_clearpktopts(pktopt, optname) 251033841545SHajimu UMEMOTO struct ip6_pktopts *pktopt; 2511f95d4633SHajimu UMEMOTO int optname; 251233841545SHajimu UMEMOTO { 2513f95d4633SHajimu UMEMOTO int needfree; 251433841545SHajimu UMEMOTO 2515289b28bdSHajimu UMEMOTO if (pktopt == NULL) 2516289b28bdSHajimu UMEMOTO return; 2517289b28bdSHajimu UMEMOTO 2518f95d4633SHajimu UMEMOTO needfree = pktopt->needfree; 2519f95d4633SHajimu UMEMOTO 2520f95d4633SHajimu UMEMOTO if (optname == -1 || optname == IPV6_PKTINFO) { 252133841545SHajimu UMEMOTO if (needfree && pktopt->ip6po_pktinfo) 252233841545SHajimu UMEMOTO free(pktopt->ip6po_pktinfo, M_IP6OPT); 252333841545SHajimu UMEMOTO pktopt->ip6po_pktinfo = NULL; 252433841545SHajimu UMEMOTO } 2525f95d4633SHajimu UMEMOTO if (optname == -1 || optname == IPV6_HOPLIMIT) 252633841545SHajimu UMEMOTO pktopt->ip6po_hlim = -1; 2527f95d4633SHajimu UMEMOTO if (optname == -1 || optname == IPV6_TCLASS) 2528f95d4633SHajimu UMEMOTO pktopt->ip6po_tclass = -1; 2529f95d4633SHajimu UMEMOTO if (optname == -1 || optname == IPV6_NEXTHOP) { 2530f95d4633SHajimu UMEMOTO if (pktopt->ip6po_nextroute.ro_rt) { 2531f95d4633SHajimu UMEMOTO RTFREE(pktopt->ip6po_nextroute.ro_rt); 2532f95d4633SHajimu UMEMOTO pktopt->ip6po_nextroute.ro_rt = NULL; 2533f95d4633SHajimu UMEMOTO } 253433841545SHajimu UMEMOTO if (needfree && pktopt->ip6po_nexthop) 253533841545SHajimu UMEMOTO free(pktopt->ip6po_nexthop, M_IP6OPT); 253633841545SHajimu UMEMOTO pktopt->ip6po_nexthop = NULL; 253733841545SHajimu UMEMOTO } 2538f95d4633SHajimu UMEMOTO if (optname == -1 || optname == IPV6_HOPOPTS) { 253933841545SHajimu UMEMOTO if (needfree && pktopt->ip6po_hbh) 254033841545SHajimu UMEMOTO free(pktopt->ip6po_hbh, M_IP6OPT); 254133841545SHajimu UMEMOTO pktopt->ip6po_hbh = NULL; 254233841545SHajimu UMEMOTO } 2543f95d4633SHajimu UMEMOTO if (optname == -1 || optname == IPV6_RTHDRDSTOPTS) { 254433841545SHajimu UMEMOTO if (needfree && pktopt->ip6po_dest1) 254533841545SHajimu UMEMOTO free(pktopt->ip6po_dest1, M_IP6OPT); 254633841545SHajimu UMEMOTO pktopt->ip6po_dest1 = NULL; 254733841545SHajimu UMEMOTO } 2548f95d4633SHajimu UMEMOTO if (optname == -1 || optname == IPV6_RTHDR) { 254933841545SHajimu UMEMOTO if (needfree && pktopt->ip6po_rhinfo.ip6po_rhi_rthdr) 255033841545SHajimu UMEMOTO free(pktopt->ip6po_rhinfo.ip6po_rhi_rthdr, M_IP6OPT); 255133841545SHajimu UMEMOTO pktopt->ip6po_rhinfo.ip6po_rhi_rthdr = NULL; 255233841545SHajimu UMEMOTO if (pktopt->ip6po_route.ro_rt) { 255333841545SHajimu UMEMOTO RTFREE(pktopt->ip6po_route.ro_rt); 255433841545SHajimu UMEMOTO pktopt->ip6po_route.ro_rt = NULL; 255533841545SHajimu UMEMOTO } 255633841545SHajimu UMEMOTO } 2557f95d4633SHajimu UMEMOTO if (optname == -1 || optname == IPV6_DSTOPTS) { 255833841545SHajimu UMEMOTO if (needfree && pktopt->ip6po_dest2) 255933841545SHajimu UMEMOTO free(pktopt->ip6po_dest2, M_IP6OPT); 256033841545SHajimu UMEMOTO pktopt->ip6po_dest2 = NULL; 256133841545SHajimu UMEMOTO } 256233841545SHajimu UMEMOTO } 256333841545SHajimu UMEMOTO 256433841545SHajimu UMEMOTO #define PKTOPT_EXTHDRCPY(type) \ 256533841545SHajimu UMEMOTO do {\ 256633841545SHajimu UMEMOTO if (src->type) {\ 25677efe5d92SHajimu UMEMOTO int hlen = (((struct ip6_ext *)src->type)->ip6e_len + 1) << 3;\ 256833841545SHajimu UMEMOTO dst->type = malloc(hlen, M_IP6OPT, canwait);\ 256933841545SHajimu UMEMOTO if (dst->type == NULL && canwait == M_NOWAIT)\ 257033841545SHajimu UMEMOTO goto bad;\ 257133841545SHajimu UMEMOTO bcopy(src->type, dst->type, hlen);\ 257233841545SHajimu UMEMOTO }\ 25737efe5d92SHajimu UMEMOTO } while (/*CONSTCOND*/ 0) 257433841545SHajimu UMEMOTO 257533841545SHajimu UMEMOTO struct ip6_pktopts * 257633841545SHajimu UMEMOTO ip6_copypktopts(src, canwait) 257733841545SHajimu UMEMOTO struct ip6_pktopts *src; 257833841545SHajimu UMEMOTO int canwait; 257933841545SHajimu UMEMOTO { 258033841545SHajimu UMEMOTO struct ip6_pktopts *dst; 258133841545SHajimu UMEMOTO 258233841545SHajimu UMEMOTO if (src == NULL) { 258333841545SHajimu UMEMOTO printf("ip6_clearpktopts: invalid argument\n"); 258433841545SHajimu UMEMOTO return (NULL); 258533841545SHajimu UMEMOTO } 258633841545SHajimu UMEMOTO 258733841545SHajimu UMEMOTO dst = malloc(sizeof(*dst), M_IP6OPT, canwait); 258833841545SHajimu UMEMOTO if (dst == NULL && canwait == M_NOWAIT) 258935f6695bSHajimu UMEMOTO return (NULL); 259033841545SHajimu UMEMOTO bzero(dst, sizeof(*dst)); 2591f95d4633SHajimu UMEMOTO dst->needfree = 1; 259233841545SHajimu UMEMOTO 259333841545SHajimu UMEMOTO dst->ip6po_hlim = src->ip6po_hlim; 2594f95d4633SHajimu UMEMOTO dst->ip6po_tclass = src->ip6po_tclass; 2595f95d4633SHajimu UMEMOTO dst->ip6po_flags = src->ip6po_flags; 259633841545SHajimu UMEMOTO if (src->ip6po_pktinfo) { 259733841545SHajimu UMEMOTO dst->ip6po_pktinfo = malloc(sizeof(*dst->ip6po_pktinfo), 259833841545SHajimu UMEMOTO M_IP6OPT, canwait); 259933841545SHajimu UMEMOTO if (dst->ip6po_pktinfo == NULL && canwait == M_NOWAIT) 260033841545SHajimu UMEMOTO goto bad; 260133841545SHajimu UMEMOTO *dst->ip6po_pktinfo = *src->ip6po_pktinfo; 260233841545SHajimu UMEMOTO } 260333841545SHajimu UMEMOTO if (src->ip6po_nexthop) { 260433841545SHajimu UMEMOTO dst->ip6po_nexthop = malloc(src->ip6po_nexthop->sa_len, 260533841545SHajimu UMEMOTO M_IP6OPT, canwait); 2606403cbcf5SGeorge V. Neville-Neil if (dst->ip6po_nexthop == NULL) 260733841545SHajimu UMEMOTO goto bad; 260833841545SHajimu UMEMOTO bcopy(src->ip6po_nexthop, dst->ip6po_nexthop, 260933841545SHajimu UMEMOTO src->ip6po_nexthop->sa_len); 261033841545SHajimu UMEMOTO } 261133841545SHajimu UMEMOTO PKTOPT_EXTHDRCPY(ip6po_hbh); 261233841545SHajimu UMEMOTO PKTOPT_EXTHDRCPY(ip6po_dest1); 261333841545SHajimu UMEMOTO PKTOPT_EXTHDRCPY(ip6po_dest2); 261433841545SHajimu UMEMOTO PKTOPT_EXTHDRCPY(ip6po_rthdr); /* not copy the cached route */ 261533841545SHajimu UMEMOTO return (dst); 261633841545SHajimu UMEMOTO 261733841545SHajimu UMEMOTO bad: 261833841545SHajimu UMEMOTO if (dst->ip6po_pktinfo) free(dst->ip6po_pktinfo, M_IP6OPT); 261933841545SHajimu UMEMOTO if (dst->ip6po_nexthop) free(dst->ip6po_nexthop, M_IP6OPT); 262033841545SHajimu UMEMOTO if (dst->ip6po_hbh) free(dst->ip6po_hbh, M_IP6OPT); 262133841545SHajimu UMEMOTO if (dst->ip6po_dest1) free(dst->ip6po_dest1, M_IP6OPT); 262233841545SHajimu UMEMOTO if (dst->ip6po_dest2) free(dst->ip6po_dest2, M_IP6OPT); 262333841545SHajimu UMEMOTO if (dst->ip6po_rthdr) free(dst->ip6po_rthdr, M_IP6OPT); 262435f6695bSHajimu UMEMOTO free(dst, M_IP6OPT); 262533841545SHajimu UMEMOTO return (NULL); 262633841545SHajimu UMEMOTO } 262733841545SHajimu UMEMOTO #undef PKTOPT_EXTHDRCPY 262833841545SHajimu UMEMOTO 262933841545SHajimu UMEMOTO void 263033841545SHajimu UMEMOTO ip6_freepcbopts(pktopt) 263133841545SHajimu UMEMOTO struct ip6_pktopts *pktopt; 263233841545SHajimu UMEMOTO { 263333841545SHajimu UMEMOTO if (pktopt == NULL) 263433841545SHajimu UMEMOTO return; 263533841545SHajimu UMEMOTO 2636f95d4633SHajimu UMEMOTO ip6_clearpktopts(pktopt, -1); 263733841545SHajimu UMEMOTO 263833841545SHajimu UMEMOTO free(pktopt, M_IP6OPT); 263933841545SHajimu UMEMOTO } 264033841545SHajimu UMEMOTO 264133841545SHajimu UMEMOTO /* 264282cd038dSYoshinobu Inoue * Set the IP6 multicast options in response to user setsockopt(). 264382cd038dSYoshinobu Inoue */ 264482cd038dSYoshinobu Inoue static int 264582cd038dSYoshinobu Inoue ip6_setmoptions(optname, im6op, m) 264682cd038dSYoshinobu Inoue int optname; 264782cd038dSYoshinobu Inoue struct ip6_moptions **im6op; 264882cd038dSYoshinobu Inoue struct mbuf *m; 264982cd038dSYoshinobu Inoue { 265082cd038dSYoshinobu Inoue int error = 0; 265182cd038dSYoshinobu Inoue u_int loop, ifindex; 265282cd038dSYoshinobu Inoue struct ipv6_mreq *mreq; 265382cd038dSYoshinobu Inoue struct ifnet *ifp; 265482cd038dSYoshinobu Inoue struct ip6_moptions *im6o = *im6op; 265582cd038dSYoshinobu Inoue struct route_in6 ro; 265682cd038dSYoshinobu Inoue struct sockaddr_in6 *dst; 265782cd038dSYoshinobu Inoue struct in6_multi_mship *imm; 26587efe5d92SHajimu UMEMOTO struct thread *td = curthread; 265982cd038dSYoshinobu Inoue 266082cd038dSYoshinobu Inoue if (im6o == NULL) { 266182cd038dSYoshinobu Inoue /* 266282cd038dSYoshinobu Inoue * No multicast option buffer attached to the pcb; 266382cd038dSYoshinobu Inoue * allocate one and initialize to default values. 266482cd038dSYoshinobu Inoue */ 266582cd038dSYoshinobu Inoue im6o = (struct ip6_moptions *) 2666a163d034SWarner Losh malloc(sizeof(*im6o), M_IPMOPTS, M_WAITOK); 266782cd038dSYoshinobu Inoue 266882cd038dSYoshinobu Inoue if (im6o == NULL) 266982cd038dSYoshinobu Inoue return (ENOBUFS); 267082cd038dSYoshinobu Inoue *im6op = im6o; 267182cd038dSYoshinobu Inoue im6o->im6o_multicast_ifp = NULL; 267282cd038dSYoshinobu Inoue im6o->im6o_multicast_hlim = ip6_defmcasthlim; 267382cd038dSYoshinobu Inoue im6o->im6o_multicast_loop = IPV6_DEFAULT_MULTICAST_LOOP; 267482cd038dSYoshinobu Inoue LIST_INIT(&im6o->im6o_memberships); 267582cd038dSYoshinobu Inoue } 267682cd038dSYoshinobu Inoue 267782cd038dSYoshinobu Inoue switch (optname) { 267882cd038dSYoshinobu Inoue 267982cd038dSYoshinobu Inoue case IPV6_MULTICAST_IF: 268082cd038dSYoshinobu Inoue /* 268182cd038dSYoshinobu Inoue * Select the interface for outgoing multicast packets. 268282cd038dSYoshinobu Inoue */ 268382cd038dSYoshinobu Inoue if (m == NULL || m->m_len != sizeof(u_int)) { 268482cd038dSYoshinobu Inoue error = EINVAL; 268582cd038dSYoshinobu Inoue break; 268682cd038dSYoshinobu Inoue } 268733841545SHajimu UMEMOTO bcopy(mtod(m, u_int *), &ifindex, sizeof(ifindex)); 268882cd038dSYoshinobu Inoue if (ifindex < 0 || if_index < ifindex) { 268982cd038dSYoshinobu Inoue error = ENXIO; /* XXX EINVAL? */ 269082cd038dSYoshinobu Inoue break; 269182cd038dSYoshinobu Inoue } 2692f9132cebSJonathan Lemon ifp = ifnet_byindex(ifindex); 269382cd038dSYoshinobu Inoue if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0) { 269482cd038dSYoshinobu Inoue error = EADDRNOTAVAIL; 269582cd038dSYoshinobu Inoue break; 269682cd038dSYoshinobu Inoue } 269782cd038dSYoshinobu Inoue im6o->im6o_multicast_ifp = ifp; 269882cd038dSYoshinobu Inoue break; 269982cd038dSYoshinobu Inoue 270082cd038dSYoshinobu Inoue case IPV6_MULTICAST_HOPS: 270182cd038dSYoshinobu Inoue { 270282cd038dSYoshinobu Inoue /* 270382cd038dSYoshinobu Inoue * Set the IP6 hoplimit for outgoing multicast packets. 270482cd038dSYoshinobu Inoue */ 270582cd038dSYoshinobu Inoue int optval; 270682cd038dSYoshinobu Inoue if (m == NULL || m->m_len != sizeof(int)) { 270782cd038dSYoshinobu Inoue error = EINVAL; 270882cd038dSYoshinobu Inoue break; 270982cd038dSYoshinobu Inoue } 271033841545SHajimu UMEMOTO bcopy(mtod(m, u_int *), &optval, sizeof(optval)); 271182cd038dSYoshinobu Inoue if (optval < -1 || optval >= 256) 271282cd038dSYoshinobu Inoue error = EINVAL; 271382cd038dSYoshinobu Inoue else if (optval == -1) 271482cd038dSYoshinobu Inoue im6o->im6o_multicast_hlim = ip6_defmcasthlim; 271582cd038dSYoshinobu Inoue else 271682cd038dSYoshinobu Inoue im6o->im6o_multicast_hlim = optval; 271782cd038dSYoshinobu Inoue break; 271882cd038dSYoshinobu Inoue } 271982cd038dSYoshinobu Inoue 272082cd038dSYoshinobu Inoue case IPV6_MULTICAST_LOOP: 272182cd038dSYoshinobu Inoue /* 272282cd038dSYoshinobu Inoue * Set the loopback flag for outgoing multicast packets. 272382cd038dSYoshinobu Inoue * Must be zero or one. 272482cd038dSYoshinobu Inoue */ 272533841545SHajimu UMEMOTO if (m == NULL || m->m_len != sizeof(u_int)) { 272633841545SHajimu UMEMOTO error = EINVAL; 272733841545SHajimu UMEMOTO break; 272833841545SHajimu UMEMOTO } 272933841545SHajimu UMEMOTO bcopy(mtod(m, u_int *), &loop, sizeof(loop)); 273033841545SHajimu UMEMOTO if (loop > 1) { 273182cd038dSYoshinobu Inoue error = EINVAL; 273282cd038dSYoshinobu Inoue break; 273382cd038dSYoshinobu Inoue } 273482cd038dSYoshinobu Inoue im6o->im6o_multicast_loop = loop; 273582cd038dSYoshinobu Inoue break; 273682cd038dSYoshinobu Inoue 273782cd038dSYoshinobu Inoue case IPV6_JOIN_GROUP: 273882cd038dSYoshinobu Inoue /* 273982cd038dSYoshinobu Inoue * Add a multicast group membership. 274082cd038dSYoshinobu Inoue * Group must be a valid IP6 multicast address. 274182cd038dSYoshinobu Inoue */ 274282cd038dSYoshinobu Inoue if (m == NULL || m->m_len != sizeof(struct ipv6_mreq)) { 274382cd038dSYoshinobu Inoue error = EINVAL; 274482cd038dSYoshinobu Inoue break; 274582cd038dSYoshinobu Inoue } 274682cd038dSYoshinobu Inoue mreq = mtod(m, struct ipv6_mreq *); 274782cd038dSYoshinobu Inoue if (IN6_IS_ADDR_UNSPECIFIED(&mreq->ipv6mr_multiaddr)) { 274882cd038dSYoshinobu Inoue /* 274982cd038dSYoshinobu Inoue * We use the unspecified address to specify to accept 275082cd038dSYoshinobu Inoue * all multicast addresses. Only super user is allowed 275182cd038dSYoshinobu Inoue * to do this. 275282cd038dSYoshinobu Inoue */ 27537efe5d92SHajimu UMEMOTO if (suser(td)) { 275482cd038dSYoshinobu Inoue error = EACCES; 275582cd038dSYoshinobu Inoue break; 275682cd038dSYoshinobu Inoue } 275782cd038dSYoshinobu Inoue } else if (!IN6_IS_ADDR_MULTICAST(&mreq->ipv6mr_multiaddr)) { 275882cd038dSYoshinobu Inoue error = EINVAL; 275982cd038dSYoshinobu Inoue break; 276082cd038dSYoshinobu Inoue } 276182cd038dSYoshinobu Inoue 276282cd038dSYoshinobu Inoue /* 276382cd038dSYoshinobu Inoue * If the interface is specified, validate it. 276482cd038dSYoshinobu Inoue */ 276507027f9dSHajimu UMEMOTO if (mreq->ipv6mr_interface < 0 || 276607027f9dSHajimu UMEMOTO if_index < mreq->ipv6mr_interface) { 276782cd038dSYoshinobu Inoue error = ENXIO; /* XXX EINVAL? */ 276882cd038dSYoshinobu Inoue break; 276982cd038dSYoshinobu Inoue } 277082cd038dSYoshinobu Inoue /* 277182cd038dSYoshinobu Inoue * If no interface was explicitly specified, choose an 277282cd038dSYoshinobu Inoue * appropriate one according to the given multicast address. 277382cd038dSYoshinobu Inoue */ 277482cd038dSYoshinobu Inoue if (mreq->ipv6mr_interface == 0) { 277582cd038dSYoshinobu Inoue /* 277682cd038dSYoshinobu Inoue * If the multicast address is in node-local scope, 277782cd038dSYoshinobu Inoue * the interface should be a loopback interface. 277882cd038dSYoshinobu Inoue * Otherwise, look up the routing table for the 277982cd038dSYoshinobu Inoue * address, and choose the outgoing interface. 278082cd038dSYoshinobu Inoue * XXX: is it a good approach? 278182cd038dSYoshinobu Inoue */ 27829a4f9608SHajimu UMEMOTO if (IN6_IS_ADDR_MC_INTFACELOCAL(&mreq->ipv6mr_multiaddr)) { 278382cd038dSYoshinobu Inoue ifp = &loif[0]; 278482cd038dSYoshinobu Inoue } else { 278582cd038dSYoshinobu Inoue ro.ro_rt = NULL; 278682cd038dSYoshinobu Inoue dst = (struct sockaddr_in6 *)&ro.ro_dst; 278782cd038dSYoshinobu Inoue bzero(dst, sizeof(*dst)); 278882cd038dSYoshinobu Inoue dst->sin6_len = sizeof(struct sockaddr_in6); 278982cd038dSYoshinobu Inoue dst->sin6_family = AF_INET6; 279082cd038dSYoshinobu Inoue dst->sin6_addr = mreq->ipv6mr_multiaddr; 279182cd038dSYoshinobu Inoue rtalloc((struct route *)&ro); 279282cd038dSYoshinobu Inoue if (ro.ro_rt == NULL) { 279382cd038dSYoshinobu Inoue error = EADDRNOTAVAIL; 279482cd038dSYoshinobu Inoue break; 279582cd038dSYoshinobu Inoue } 279682cd038dSYoshinobu Inoue ifp = ro.ro_rt->rt_ifp; 2797d1dd20beSSam Leffler RTFREE(ro.ro_rt); 279882cd038dSYoshinobu Inoue } 279982cd038dSYoshinobu Inoue } else 2800f9132cebSJonathan Lemon ifp = ifnet_byindex(mreq->ipv6mr_interface); 280182cd038dSYoshinobu Inoue 280282cd038dSYoshinobu Inoue /* 280382cd038dSYoshinobu Inoue * See if we found an interface, and confirm that it 280482cd038dSYoshinobu Inoue * supports multicast 280582cd038dSYoshinobu Inoue */ 280682cd038dSYoshinobu Inoue if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0) { 280782cd038dSYoshinobu Inoue error = EADDRNOTAVAIL; 280882cd038dSYoshinobu Inoue break; 280982cd038dSYoshinobu Inoue } 281082cd038dSYoshinobu Inoue /* 281182cd038dSYoshinobu Inoue * Put interface index into the multicast address, 281282cd038dSYoshinobu Inoue * if the address has link-local scope. 281382cd038dSYoshinobu Inoue */ 281482cd038dSYoshinobu Inoue if (IN6_IS_ADDR_MC_LINKLOCAL(&mreq->ipv6mr_multiaddr)) { 281507027f9dSHajimu UMEMOTO mreq->ipv6mr_multiaddr.s6_addr16[1] = 281607027f9dSHajimu UMEMOTO htons(ifp->if_index); 281782cd038dSYoshinobu Inoue } 281882cd038dSYoshinobu Inoue /* 281982cd038dSYoshinobu Inoue * See if the membership already exists. 282082cd038dSYoshinobu Inoue */ 2821686cdd19SJun-ichiro itojun Hagino for (imm = im6o->im6o_memberships.lh_first; 2822686cdd19SJun-ichiro itojun Hagino imm != NULL; imm = imm->i6mm_chain.le_next) 282382cd038dSYoshinobu Inoue if (imm->i6mm_maddr->in6m_ifp == ifp && 282482cd038dSYoshinobu Inoue IN6_ARE_ADDR_EQUAL(&imm->i6mm_maddr->in6m_addr, 282582cd038dSYoshinobu Inoue &mreq->ipv6mr_multiaddr)) 282682cd038dSYoshinobu Inoue break; 282782cd038dSYoshinobu Inoue if (imm != NULL) { 282882cd038dSYoshinobu Inoue error = EADDRINUSE; 282982cd038dSYoshinobu Inoue break; 283082cd038dSYoshinobu Inoue } 283182cd038dSYoshinobu Inoue /* 283282cd038dSYoshinobu Inoue * Everything looks good; add a new record to the multicast 283382cd038dSYoshinobu Inoue * address list for the given interface. 283482cd038dSYoshinobu Inoue */ 2835a163d034SWarner Losh imm = malloc(sizeof(*imm), M_IPMADDR, M_WAITOK); 283682cd038dSYoshinobu Inoue if (imm == NULL) { 283782cd038dSYoshinobu Inoue error = ENOBUFS; 283882cd038dSYoshinobu Inoue break; 283982cd038dSYoshinobu Inoue } 284082cd038dSYoshinobu Inoue if ((imm->i6mm_maddr = 284182cd038dSYoshinobu Inoue in6_addmulti(&mreq->ipv6mr_multiaddr, ifp, &error)) == NULL) { 284282cd038dSYoshinobu Inoue free(imm, M_IPMADDR); 284382cd038dSYoshinobu Inoue break; 284482cd038dSYoshinobu Inoue } 284582cd038dSYoshinobu Inoue LIST_INSERT_HEAD(&im6o->im6o_memberships, imm, i6mm_chain); 284682cd038dSYoshinobu Inoue break; 284782cd038dSYoshinobu Inoue 284882cd038dSYoshinobu Inoue case IPV6_LEAVE_GROUP: 284982cd038dSYoshinobu Inoue /* 285082cd038dSYoshinobu Inoue * Drop a multicast group membership. 285182cd038dSYoshinobu Inoue * Group must be a valid IP6 multicast address. 285282cd038dSYoshinobu Inoue */ 285382cd038dSYoshinobu Inoue if (m == NULL || m->m_len != sizeof(struct ipv6_mreq)) { 285482cd038dSYoshinobu Inoue error = EINVAL; 285582cd038dSYoshinobu Inoue break; 285682cd038dSYoshinobu Inoue } 285782cd038dSYoshinobu Inoue mreq = mtod(m, struct ipv6_mreq *); 285882cd038dSYoshinobu Inoue if (IN6_IS_ADDR_UNSPECIFIED(&mreq->ipv6mr_multiaddr)) { 285944731cabSJohn Baldwin if (suser(td)) { 286082cd038dSYoshinobu Inoue error = EACCES; 286182cd038dSYoshinobu Inoue break; 286282cd038dSYoshinobu Inoue } 286382cd038dSYoshinobu Inoue } else if (!IN6_IS_ADDR_MULTICAST(&mreq->ipv6mr_multiaddr)) { 286482cd038dSYoshinobu Inoue error = EINVAL; 286582cd038dSYoshinobu Inoue break; 286682cd038dSYoshinobu Inoue } 286782cd038dSYoshinobu Inoue /* 286882cd038dSYoshinobu Inoue * If an interface address was specified, get a pointer 286982cd038dSYoshinobu Inoue * to its ifnet structure. 287082cd038dSYoshinobu Inoue */ 287182cd038dSYoshinobu Inoue if (mreq->ipv6mr_interface < 0 287282cd038dSYoshinobu Inoue || if_index < mreq->ipv6mr_interface) { 287382cd038dSYoshinobu Inoue error = ENXIO; /* XXX EINVAL? */ 287482cd038dSYoshinobu Inoue break; 287582cd038dSYoshinobu Inoue } 2876f9132cebSJonathan Lemon ifp = ifnet_byindex(mreq->ipv6mr_interface); 287782cd038dSYoshinobu Inoue /* 287882cd038dSYoshinobu Inoue * Put interface index into the multicast address, 287982cd038dSYoshinobu Inoue * if the address has link-local scope. 288082cd038dSYoshinobu Inoue */ 288182cd038dSYoshinobu Inoue if (IN6_IS_ADDR_MC_LINKLOCAL(&mreq->ipv6mr_multiaddr)) { 288282cd038dSYoshinobu Inoue mreq->ipv6mr_multiaddr.s6_addr16[1] 288382cd038dSYoshinobu Inoue = htons(mreq->ipv6mr_interface); 288482cd038dSYoshinobu Inoue } 28857efe5d92SHajimu UMEMOTO 288682cd038dSYoshinobu Inoue /* 288782cd038dSYoshinobu Inoue * Find the membership in the membership list. 288882cd038dSYoshinobu Inoue */ 2889686cdd19SJun-ichiro itojun Hagino for (imm = im6o->im6o_memberships.lh_first; 2890686cdd19SJun-ichiro itojun Hagino imm != NULL; imm = imm->i6mm_chain.le_next) { 28917efe5d92SHajimu UMEMOTO if ((ifp == NULL || imm->i6mm_maddr->in6m_ifp == ifp) && 289282cd038dSYoshinobu Inoue IN6_ARE_ADDR_EQUAL(&imm->i6mm_maddr->in6m_addr, 289382cd038dSYoshinobu Inoue &mreq->ipv6mr_multiaddr)) 289482cd038dSYoshinobu Inoue break; 289582cd038dSYoshinobu Inoue } 289682cd038dSYoshinobu Inoue if (imm == NULL) { 289782cd038dSYoshinobu Inoue /* Unable to resolve interface */ 289882cd038dSYoshinobu Inoue error = EADDRNOTAVAIL; 289982cd038dSYoshinobu Inoue break; 290082cd038dSYoshinobu Inoue } 290182cd038dSYoshinobu Inoue /* 290282cd038dSYoshinobu Inoue * Give up the multicast address record to which the 290382cd038dSYoshinobu Inoue * membership points. 290482cd038dSYoshinobu Inoue */ 290582cd038dSYoshinobu Inoue LIST_REMOVE(imm, i6mm_chain); 290682cd038dSYoshinobu Inoue in6_delmulti(imm->i6mm_maddr); 290782cd038dSYoshinobu Inoue free(imm, M_IPMADDR); 290882cd038dSYoshinobu Inoue break; 290982cd038dSYoshinobu Inoue 291082cd038dSYoshinobu Inoue default: 291182cd038dSYoshinobu Inoue error = EOPNOTSUPP; 291282cd038dSYoshinobu Inoue break; 291382cd038dSYoshinobu Inoue } 291482cd038dSYoshinobu Inoue 291582cd038dSYoshinobu Inoue /* 291682cd038dSYoshinobu Inoue * If all options have default values, no need to keep the mbuf. 291782cd038dSYoshinobu Inoue */ 291882cd038dSYoshinobu Inoue if (im6o->im6o_multicast_ifp == NULL && 291982cd038dSYoshinobu Inoue im6o->im6o_multicast_hlim == ip6_defmcasthlim && 292082cd038dSYoshinobu Inoue im6o->im6o_multicast_loop == IPV6_DEFAULT_MULTICAST_LOOP && 2921686cdd19SJun-ichiro itojun Hagino im6o->im6o_memberships.lh_first == NULL) { 292282cd038dSYoshinobu Inoue free(*im6op, M_IPMOPTS); 292382cd038dSYoshinobu Inoue *im6op = NULL; 292482cd038dSYoshinobu Inoue } 292582cd038dSYoshinobu Inoue 292682cd038dSYoshinobu Inoue return (error); 292782cd038dSYoshinobu Inoue } 292882cd038dSYoshinobu Inoue 292982cd038dSYoshinobu Inoue /* 293082cd038dSYoshinobu Inoue * Return the IP6 multicast options in response to user getsockopt(). 293182cd038dSYoshinobu Inoue */ 293282cd038dSYoshinobu Inoue static int 293382cd038dSYoshinobu Inoue ip6_getmoptions(optname, im6o, mp) 293482cd038dSYoshinobu Inoue int optname; 293533841545SHajimu UMEMOTO struct ip6_moptions *im6o; 293633841545SHajimu UMEMOTO struct mbuf **mp; 293782cd038dSYoshinobu Inoue { 293882cd038dSYoshinobu Inoue u_int *hlim, *loop, *ifindex; 293982cd038dSYoshinobu Inoue 2940a163d034SWarner Losh *mp = m_get(M_TRYWAIT, MT_HEADER); /* XXX */ 294182cd038dSYoshinobu Inoue 294282cd038dSYoshinobu Inoue switch (optname) { 294382cd038dSYoshinobu Inoue 294482cd038dSYoshinobu Inoue case IPV6_MULTICAST_IF: 294582cd038dSYoshinobu Inoue ifindex = mtod(*mp, u_int *); 294682cd038dSYoshinobu Inoue (*mp)->m_len = sizeof(u_int); 294782cd038dSYoshinobu Inoue if (im6o == NULL || im6o->im6o_multicast_ifp == NULL) 294882cd038dSYoshinobu Inoue *ifindex = 0; 294982cd038dSYoshinobu Inoue else 295082cd038dSYoshinobu Inoue *ifindex = im6o->im6o_multicast_ifp->if_index; 295182cd038dSYoshinobu Inoue return (0); 295282cd038dSYoshinobu Inoue 295382cd038dSYoshinobu Inoue case IPV6_MULTICAST_HOPS: 295482cd038dSYoshinobu Inoue hlim = mtod(*mp, u_int *); 295582cd038dSYoshinobu Inoue (*mp)->m_len = sizeof(u_int); 295682cd038dSYoshinobu Inoue if (im6o == NULL) 295782cd038dSYoshinobu Inoue *hlim = ip6_defmcasthlim; 295882cd038dSYoshinobu Inoue else 295982cd038dSYoshinobu Inoue *hlim = im6o->im6o_multicast_hlim; 296082cd038dSYoshinobu Inoue return (0); 296182cd038dSYoshinobu Inoue 296282cd038dSYoshinobu Inoue case IPV6_MULTICAST_LOOP: 296382cd038dSYoshinobu Inoue loop = mtod(*mp, u_int *); 296482cd038dSYoshinobu Inoue (*mp)->m_len = sizeof(u_int); 296582cd038dSYoshinobu Inoue if (im6o == NULL) 296682cd038dSYoshinobu Inoue *loop = ip6_defmcasthlim; 296782cd038dSYoshinobu Inoue else 296882cd038dSYoshinobu Inoue *loop = im6o->im6o_multicast_loop; 296982cd038dSYoshinobu Inoue return (0); 297082cd038dSYoshinobu Inoue 297182cd038dSYoshinobu Inoue default: 297282cd038dSYoshinobu Inoue return (EOPNOTSUPP); 297382cd038dSYoshinobu Inoue } 297482cd038dSYoshinobu Inoue } 297582cd038dSYoshinobu Inoue 297682cd038dSYoshinobu Inoue /* 297782cd038dSYoshinobu Inoue * Discard the IP6 multicast options. 297882cd038dSYoshinobu Inoue */ 297982cd038dSYoshinobu Inoue void 298082cd038dSYoshinobu Inoue ip6_freemoptions(im6o) 298133841545SHajimu UMEMOTO struct ip6_moptions *im6o; 298282cd038dSYoshinobu Inoue { 298382cd038dSYoshinobu Inoue struct in6_multi_mship *imm; 298482cd038dSYoshinobu Inoue 298582cd038dSYoshinobu Inoue if (im6o == NULL) 298682cd038dSYoshinobu Inoue return; 298782cd038dSYoshinobu Inoue 2988686cdd19SJun-ichiro itojun Hagino while ((imm = im6o->im6o_memberships.lh_first) != NULL) { 298982cd038dSYoshinobu Inoue LIST_REMOVE(imm, i6mm_chain); 299082cd038dSYoshinobu Inoue if (imm->i6mm_maddr) 299182cd038dSYoshinobu Inoue in6_delmulti(imm->i6mm_maddr); 299282cd038dSYoshinobu Inoue free(imm, M_IPMADDR); 299382cd038dSYoshinobu Inoue } 299482cd038dSYoshinobu Inoue free(im6o, M_IPMOPTS); 299582cd038dSYoshinobu Inoue } 299682cd038dSYoshinobu Inoue 299782cd038dSYoshinobu Inoue /* 299882cd038dSYoshinobu Inoue * Set IPv6 outgoing packet options based on advanced API. 299982cd038dSYoshinobu Inoue */ 300082cd038dSYoshinobu Inoue int 3001d5e3406dSHajimu UMEMOTO ip6_setpktopts(control, opt, stickyopt, priv, needcopy, uproto) 300282cd038dSYoshinobu Inoue struct mbuf *control; 3003f95d4633SHajimu UMEMOTO struct ip6_pktopts *opt, *stickyopt; 3004f95d4633SHajimu UMEMOTO int priv, needcopy, uproto; 300582cd038dSYoshinobu Inoue { 300633841545SHajimu UMEMOTO struct cmsghdr *cm = 0; 300782cd038dSYoshinobu Inoue 30088507acb1SHajimu UMEMOTO if (control == NULL || opt == NULL) 300982cd038dSYoshinobu Inoue return (EINVAL); 301082cd038dSYoshinobu Inoue 3011f95d4633SHajimu UMEMOTO if (stickyopt) { 3012f95d4633SHajimu UMEMOTO /* 3013f95d4633SHajimu UMEMOTO * If stickyopt is provided, make a local copy of the options 3014f95d4633SHajimu UMEMOTO * for this particular packet, then override them by ancillary 3015f95d4633SHajimu UMEMOTO * objects. 3016f95d4633SHajimu UMEMOTO * XXX: need to gain a reference for the cached route of the 3017f95d4633SHajimu UMEMOTO * next hop in case of the overriding. 3018f95d4633SHajimu UMEMOTO */ 3019f95d4633SHajimu UMEMOTO *opt = *stickyopt; 3020f95d4633SHajimu UMEMOTO if (opt->ip6po_nextroute.ro_rt) { 3021f95d4633SHajimu UMEMOTO RT_LOCK(opt->ip6po_nextroute.ro_rt); 30227138d65cSSam Leffler RT_ADDREF(opt->ip6po_nextroute.ro_rt); 3023f95d4633SHajimu UMEMOTO RT_UNLOCK(opt->ip6po_nextroute.ro_rt); 3024f95d4633SHajimu UMEMOTO } 3025f95d4633SHajimu UMEMOTO } else 3026d5e3406dSHajimu UMEMOTO ip6_initpktopts(opt); 3027f95d4633SHajimu UMEMOTO opt->needfree = needcopy; 302882cd038dSYoshinobu Inoue 302982cd038dSYoshinobu Inoue /* 303082cd038dSYoshinobu Inoue * XXX: Currently, we assume all the optional information is stored 303182cd038dSYoshinobu Inoue * in a single mbuf. 303282cd038dSYoshinobu Inoue */ 303382cd038dSYoshinobu Inoue if (control->m_next) 303482cd038dSYoshinobu Inoue return (EINVAL); 303582cd038dSYoshinobu Inoue 303633841545SHajimu UMEMOTO for (; control->m_len; control->m_data += CMSG_ALIGN(cm->cmsg_len), 303733841545SHajimu UMEMOTO control->m_len -= CMSG_ALIGN(cm->cmsg_len)) { 3038f95d4633SHajimu UMEMOTO int error; 3039f95d4633SHajimu UMEMOTO 3040f95d4633SHajimu UMEMOTO if (control->m_len < CMSG_LEN(0)) 3041f95d4633SHajimu UMEMOTO return (EINVAL); 3042f95d4633SHajimu UMEMOTO 304382cd038dSYoshinobu Inoue cm = mtod(control, struct cmsghdr *); 304482cd038dSYoshinobu Inoue if (cm->cmsg_len == 0 || cm->cmsg_len > control->m_len) 304582cd038dSYoshinobu Inoue return (EINVAL); 304682cd038dSYoshinobu Inoue if (cm->cmsg_level != IPPROTO_IPV6) 304782cd038dSYoshinobu Inoue continue; 304882cd038dSYoshinobu Inoue 3049d5e3406dSHajimu UMEMOTO error = ip6_setpktopt(cm->cmsg_type, CMSG_DATA(cm), 3050f95d4633SHajimu UMEMOTO cm->cmsg_len - CMSG_LEN(0), opt, priv, needcopy, 1, uproto); 3051f95d4633SHajimu UMEMOTO if (error) 3052f95d4633SHajimu UMEMOTO return (error); 3053f95d4633SHajimu UMEMOTO } 305482cd038dSYoshinobu Inoue 3055f95d4633SHajimu UMEMOTO return (0); 3056f95d4633SHajimu UMEMOTO } 3057f95d4633SHajimu UMEMOTO 3058f95d4633SHajimu UMEMOTO /* 3059f95d4633SHajimu UMEMOTO * Set a particular packet option, as a sticky option or an ancillary data 3060f95d4633SHajimu UMEMOTO * item. "len" can be 0 only when it's a sticky option. 3061f95d4633SHajimu UMEMOTO * We have 4 cases of combination of "sticky" and "cmsg": 3062f95d4633SHajimu UMEMOTO * "sticky=0, cmsg=0": impossible 306318b35df8SHajimu UMEMOTO * "sticky=0, cmsg=1": RFC2292 or RFC3542 ancillary data 306418b35df8SHajimu UMEMOTO * "sticky=1, cmsg=0": RFC3542 socket option 3065f95d4633SHajimu UMEMOTO * "sticky=1, cmsg=1": RFC2292 socket option 3066f95d4633SHajimu UMEMOTO */ 3067f95d4633SHajimu UMEMOTO static int 3068d5e3406dSHajimu UMEMOTO ip6_setpktopt(optname, buf, len, opt, priv, sticky, cmsg, uproto) 3069f95d4633SHajimu UMEMOTO int optname, len, priv, sticky, cmsg, uproto; 3070f95d4633SHajimu UMEMOTO u_char *buf; 3071f95d4633SHajimu UMEMOTO struct ip6_pktopts *opt; 3072f95d4633SHajimu UMEMOTO { 3073f95d4633SHajimu UMEMOTO int minmtupolicy, preftemp; 3074f95d4633SHajimu UMEMOTO 3075f95d4633SHajimu UMEMOTO if (!sticky && !cmsg) { 3076f95d4633SHajimu UMEMOTO #ifdef DIAGNOSTIC 3077d5e3406dSHajimu UMEMOTO printf("ip6_setpktopt: impossible case\n"); 3078f95d4633SHajimu UMEMOTO #endif 3079f95d4633SHajimu UMEMOTO return (EINVAL); 3080f95d4633SHajimu UMEMOTO } 3081f95d4633SHajimu UMEMOTO 3082f95d4633SHajimu UMEMOTO /* 3083f95d4633SHajimu UMEMOTO * IPV6_2292xxx is for backward compatibility to RFC2292, and should 308418b35df8SHajimu UMEMOTO * not be specified in the context of RFC3542. Conversely, 308518b35df8SHajimu UMEMOTO * RFC3542 types should not be specified in the context of RFC2292. 3086f95d4633SHajimu UMEMOTO */ 3087f95d4633SHajimu UMEMOTO if (!cmsg) { 3088f95d4633SHajimu UMEMOTO switch (optname) { 3089f95d4633SHajimu UMEMOTO case IPV6_2292PKTINFO: 3090f95d4633SHajimu UMEMOTO case IPV6_2292HOPLIMIT: 3091f95d4633SHajimu UMEMOTO case IPV6_2292NEXTHOP: 3092f95d4633SHajimu UMEMOTO case IPV6_2292HOPOPTS: 3093f95d4633SHajimu UMEMOTO case IPV6_2292DSTOPTS: 3094f95d4633SHajimu UMEMOTO case IPV6_2292RTHDR: 3095f95d4633SHajimu UMEMOTO case IPV6_2292PKTOPTIONS: 3096f95d4633SHajimu UMEMOTO return (ENOPROTOOPT); 3097f95d4633SHajimu UMEMOTO } 3098f95d4633SHajimu UMEMOTO } 3099f95d4633SHajimu UMEMOTO if (sticky && cmsg) { 3100f95d4633SHajimu UMEMOTO switch (optname) { 3101f95d4633SHajimu UMEMOTO case IPV6_PKTINFO: 3102f95d4633SHajimu UMEMOTO case IPV6_HOPLIMIT: 3103f95d4633SHajimu UMEMOTO case IPV6_NEXTHOP: 3104f95d4633SHajimu UMEMOTO case IPV6_HOPOPTS: 3105f95d4633SHajimu UMEMOTO case IPV6_DSTOPTS: 3106f95d4633SHajimu UMEMOTO case IPV6_RTHDRDSTOPTS: 3107f95d4633SHajimu UMEMOTO case IPV6_RTHDR: 3108f95d4633SHajimu UMEMOTO case IPV6_USE_MIN_MTU: 3109f95d4633SHajimu UMEMOTO case IPV6_DONTFRAG: 3110f95d4633SHajimu UMEMOTO case IPV6_TCLASS: 311118b35df8SHajimu UMEMOTO case IPV6_PREFER_TEMPADDR: /* XXX: not an RFC3542 option */ 3112f95d4633SHajimu UMEMOTO return (ENOPROTOOPT); 3113f95d4633SHajimu UMEMOTO } 3114f95d4633SHajimu UMEMOTO } 3115f95d4633SHajimu UMEMOTO 3116f95d4633SHajimu UMEMOTO switch (optname) { 3117f95d4633SHajimu UMEMOTO case IPV6_2292PKTINFO: 3118f95d4633SHajimu UMEMOTO case IPV6_PKTINFO: 3119f95d4633SHajimu UMEMOTO { 3120f95d4633SHajimu UMEMOTO struct ifnet *ifp = NULL; 3121f95d4633SHajimu UMEMOTO struct in6_pktinfo *pktinfo; 3122f95d4633SHajimu UMEMOTO 3123f95d4633SHajimu UMEMOTO if (len != sizeof(struct in6_pktinfo)) 3124f95d4633SHajimu UMEMOTO return (EINVAL); 3125f95d4633SHajimu UMEMOTO 3126f95d4633SHajimu UMEMOTO pktinfo = (struct in6_pktinfo *)buf; 3127f95d4633SHajimu UMEMOTO 3128f95d4633SHajimu UMEMOTO /* 3129f95d4633SHajimu UMEMOTO * An application can clear any sticky IPV6_PKTINFO option by 3130f95d4633SHajimu UMEMOTO * doing a "regular" setsockopt with ipi6_addr being 3131f95d4633SHajimu UMEMOTO * in6addr_any and ipi6_ifindex being zero. 3132f95d4633SHajimu UMEMOTO * [RFC 3542, Section 6] 3133f95d4633SHajimu UMEMOTO */ 3134f95d4633SHajimu UMEMOTO if (optname == IPV6_PKTINFO && opt->ip6po_pktinfo && 3135f95d4633SHajimu UMEMOTO pktinfo->ipi6_ifindex == 0 && 3136f95d4633SHajimu UMEMOTO IN6_IS_ADDR_UNSPECIFIED(&pktinfo->ipi6_addr)) { 3137f95d4633SHajimu UMEMOTO ip6_clearpktopts(opt, optname); 3138f95d4633SHajimu UMEMOTO break; 3139f95d4633SHajimu UMEMOTO } 3140f95d4633SHajimu UMEMOTO 3141f95d4633SHajimu UMEMOTO if (uproto == IPPROTO_TCP && optname == IPV6_PKTINFO && 3142f95d4633SHajimu UMEMOTO sticky && !IN6_IS_ADDR_UNSPECIFIED(&pktinfo->ipi6_addr)) { 3143f95d4633SHajimu UMEMOTO return (EINVAL); 3144f95d4633SHajimu UMEMOTO } 3145f95d4633SHajimu UMEMOTO 3146f95d4633SHajimu UMEMOTO /* validate the interface index if specified. */ 3147f95d4633SHajimu UMEMOTO if (pktinfo->ipi6_ifindex > if_index || 3148f95d4633SHajimu UMEMOTO pktinfo->ipi6_ifindex < 0) { 3149f95d4633SHajimu UMEMOTO return (ENXIO); 3150f95d4633SHajimu UMEMOTO } 3151f95d4633SHajimu UMEMOTO if (pktinfo->ipi6_ifindex) { 3152f95d4633SHajimu UMEMOTO ifp = ifnet_byindex(pktinfo->ipi6_ifindex); 3153f95d4633SHajimu UMEMOTO if (ifp == NULL) 315482cd038dSYoshinobu Inoue return (ENXIO); 315582cd038dSYoshinobu Inoue } 315682cd038dSYoshinobu Inoue 315733841545SHajimu UMEMOTO /* 3158f95d4633SHajimu UMEMOTO * We store the address anyway, and let in6_selectsrc() 3159f95d4633SHajimu UMEMOTO * validate the specified address. This is because ipi6_addr 3160f95d4633SHajimu UMEMOTO * may not have enough information about its scope zone, and 3161f95d4633SHajimu UMEMOTO * we may need additional information (such as outgoing 3162f95d4633SHajimu UMEMOTO * interface or the scope zone of a destination address) to 3163f95d4633SHajimu UMEMOTO * disambiguate the scope. 3164f95d4633SHajimu UMEMOTO * XXX: the delay of the validation may confuse the 3165f95d4633SHajimu UMEMOTO * application when it is used as a sticky option. 316633841545SHajimu UMEMOTO */ 3167f95d4633SHajimu UMEMOTO if (sticky) { 3168f95d4633SHajimu UMEMOTO if (opt->ip6po_pktinfo == NULL) { 3169f95d4633SHajimu UMEMOTO opt->ip6po_pktinfo = malloc(sizeof(*pktinfo), 3170f95d4633SHajimu UMEMOTO M_IP6OPT, M_WAITOK); 317182cd038dSYoshinobu Inoue } 3172f95d4633SHajimu UMEMOTO bcopy(pktinfo, opt->ip6po_pktinfo, sizeof(*pktinfo)); 3173f95d4633SHajimu UMEMOTO } else 3174f95d4633SHajimu UMEMOTO opt->ip6po_pktinfo = pktinfo; 317582cd038dSYoshinobu Inoue break; 3176f95d4633SHajimu UMEMOTO } 317782cd038dSYoshinobu Inoue 3178f95d4633SHajimu UMEMOTO case IPV6_2292HOPLIMIT: 317982cd038dSYoshinobu Inoue case IPV6_HOPLIMIT: 3180f95d4633SHajimu UMEMOTO { 3181f95d4633SHajimu UMEMOTO int *hlimp; 3182f95d4633SHajimu UMEMOTO 3183f95d4633SHajimu UMEMOTO /* 3184f95d4633SHajimu UMEMOTO * RFC 3542 deprecated the usage of sticky IPV6_HOPLIMIT 3185f95d4633SHajimu UMEMOTO * to simplify the ordering among hoplimit options. 3186f95d4633SHajimu UMEMOTO */ 3187f95d4633SHajimu UMEMOTO if (optname == IPV6_HOPLIMIT && sticky) 3188f95d4633SHajimu UMEMOTO return (ENOPROTOOPT); 3189f95d4633SHajimu UMEMOTO 3190f95d4633SHajimu UMEMOTO if (len != sizeof(int)) 3191f95d4633SHajimu UMEMOTO return (EINVAL); 3192f95d4633SHajimu UMEMOTO hlimp = (int *)buf; 3193f95d4633SHajimu UMEMOTO if (*hlimp < -1 || *hlimp > 255) 319482cd038dSYoshinobu Inoue return (EINVAL); 319582cd038dSYoshinobu Inoue 3196f95d4633SHajimu UMEMOTO opt->ip6po_hlim = *hlimp; 319782cd038dSYoshinobu Inoue break; 3198f95d4633SHajimu UMEMOTO } 319982cd038dSYoshinobu Inoue 3200f95d4633SHajimu UMEMOTO case IPV6_TCLASS: 3201f95d4633SHajimu UMEMOTO { 3202f95d4633SHajimu UMEMOTO int tclass; 3203f95d4633SHajimu UMEMOTO 3204f95d4633SHajimu UMEMOTO if (len != sizeof(int)) 3205f95d4633SHajimu UMEMOTO return (EINVAL); 3206f95d4633SHajimu UMEMOTO tclass = *(int *)buf; 3207f95d4633SHajimu UMEMOTO if (tclass < -1 || tclass > 255) 3208f95d4633SHajimu UMEMOTO return (EINVAL); 3209f95d4633SHajimu UMEMOTO 3210f95d4633SHajimu UMEMOTO opt->ip6po_tclass = tclass; 3211f95d4633SHajimu UMEMOTO break; 3212f95d4633SHajimu UMEMOTO } 3213f95d4633SHajimu UMEMOTO 3214f95d4633SHajimu UMEMOTO case IPV6_2292NEXTHOP: 321582cd038dSYoshinobu Inoue case IPV6_NEXTHOP: 321682cd038dSYoshinobu Inoue if (!priv) 321782cd038dSYoshinobu Inoue return (EPERM); 321833841545SHajimu UMEMOTO 3219f95d4633SHajimu UMEMOTO if (len == 0) { /* just remove the option */ 3220f95d4633SHajimu UMEMOTO ip6_clearpktopts(opt, IPV6_NEXTHOP); 3221f95d4633SHajimu UMEMOTO break; 3222f95d4633SHajimu UMEMOTO } 3223f95d4633SHajimu UMEMOTO 322433841545SHajimu UMEMOTO /* check if cmsg_len is large enough for sa_len */ 3225f95d4633SHajimu UMEMOTO if (len < sizeof(struct sockaddr) || len < *buf) 322682cd038dSYoshinobu Inoue return (EINVAL); 322782cd038dSYoshinobu Inoue 3228f95d4633SHajimu UMEMOTO switch (((struct sockaddr *)buf)->sa_family) { 3229f95d4633SHajimu UMEMOTO case AF_INET6: 3230f95d4633SHajimu UMEMOTO { 3231f95d4633SHajimu UMEMOTO struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)buf; 3232f95d4633SHajimu UMEMOTO #if 0 3233f95d4633SHajimu UMEMOTO int error; 3234f95d4633SHajimu UMEMOTO #endif 3235f95d4633SHajimu UMEMOTO 3236f95d4633SHajimu UMEMOTO if (sa6->sin6_len != sizeof(struct sockaddr_in6)) 3237f95d4633SHajimu UMEMOTO return (EINVAL); 3238f95d4633SHajimu UMEMOTO 3239f95d4633SHajimu UMEMOTO if (IN6_IS_ADDR_UNSPECIFIED(&sa6->sin6_addr) || 3240f95d4633SHajimu UMEMOTO IN6_IS_ADDR_MULTICAST(&sa6->sin6_addr)) { 3241f95d4633SHajimu UMEMOTO return (EINVAL); 3242f95d4633SHajimu UMEMOTO } 3243f95d4633SHajimu UMEMOTO #if 0 3244f95d4633SHajimu UMEMOTO if ((error = scope6_check_id(sa6, ip6_use_defzone)) 3245f95d4633SHajimu UMEMOTO != 0) { 3246f95d4633SHajimu UMEMOTO return (error); 3247f95d4633SHajimu UMEMOTO } 3248f95d4633SHajimu UMEMOTO #endif 3249f95d4633SHajimu UMEMOTO sa6->sin6_scope_id = 0; /* XXX */ 3250f95d4633SHajimu UMEMOTO break; 3251f95d4633SHajimu UMEMOTO } 3252f95d4633SHajimu UMEMOTO case AF_LINK: /* should eventually be supported */ 3253f95d4633SHajimu UMEMOTO default: 3254f95d4633SHajimu UMEMOTO return (EAFNOSUPPORT); 3255f95d4633SHajimu UMEMOTO } 3256f95d4633SHajimu UMEMOTO 3257f95d4633SHajimu UMEMOTO /* turn off the previous option, then set the new option. */ 3258f95d4633SHajimu UMEMOTO ip6_clearpktopts(opt, IPV6_NEXTHOP); 3259f95d4633SHajimu UMEMOTO if (sticky) { 3260f95d4633SHajimu UMEMOTO opt->ip6po_nexthop = malloc(*buf, M_IP6OPT, M_WAITOK); 3261f95d4633SHajimu UMEMOTO bcopy(buf, opt->ip6po_nexthop, *buf); 326233841545SHajimu UMEMOTO } else 3263f95d4633SHajimu UMEMOTO opt->ip6po_nexthop = (struct sockaddr *)buf; 326482cd038dSYoshinobu Inoue break; 326582cd038dSYoshinobu Inoue 3266f95d4633SHajimu UMEMOTO case IPV6_2292HOPOPTS: 326782cd038dSYoshinobu Inoue case IPV6_HOPOPTS: 326833841545SHajimu UMEMOTO { 326933841545SHajimu UMEMOTO struct ip6_hbh *hbh; 327033841545SHajimu UMEMOTO int hbhlen; 327133841545SHajimu UMEMOTO 3272f95d4633SHajimu UMEMOTO /* 3273f95d4633SHajimu UMEMOTO * XXX: We don't allow a non-privileged user to set ANY HbH 3274f95d4633SHajimu UMEMOTO * options, since per-option restriction has too much 3275f95d4633SHajimu UMEMOTO * overhead. 3276f95d4633SHajimu UMEMOTO */ 3277f95d4633SHajimu UMEMOTO if (!priv) 3278f95d4633SHajimu UMEMOTO return (EPERM); 3279f95d4633SHajimu UMEMOTO 3280f95d4633SHajimu UMEMOTO if (len == 0) { 3281f95d4633SHajimu UMEMOTO ip6_clearpktopts(opt, IPV6_HOPOPTS); 3282f95d4633SHajimu UMEMOTO break; /* just remove the option */ 3283f95d4633SHajimu UMEMOTO } 3284f95d4633SHajimu UMEMOTO 3285f95d4633SHajimu UMEMOTO /* message length validation */ 3286f95d4633SHajimu UMEMOTO if (len < sizeof(struct ip6_hbh)) 328782cd038dSYoshinobu Inoue return (EINVAL); 3288f95d4633SHajimu UMEMOTO hbh = (struct ip6_hbh *)buf; 328933841545SHajimu UMEMOTO hbhlen = (hbh->ip6h_len + 1) << 3; 3290f95d4633SHajimu UMEMOTO if (len != hbhlen) 329182cd038dSYoshinobu Inoue return (EINVAL); 329233841545SHajimu UMEMOTO 3293f95d4633SHajimu UMEMOTO /* turn off the previous option, then set the new option. */ 3294f95d4633SHajimu UMEMOTO ip6_clearpktopts(opt, IPV6_HOPOPTS); 3295f95d4633SHajimu UMEMOTO if (sticky) { 3296f95d4633SHajimu UMEMOTO opt->ip6po_hbh = malloc(hbhlen, M_IP6OPT, M_WAITOK); 329733841545SHajimu UMEMOTO bcopy(hbh, opt->ip6po_hbh, hbhlen); 329833841545SHajimu UMEMOTO } else 329933841545SHajimu UMEMOTO opt->ip6po_hbh = hbh; 3300f95d4633SHajimu UMEMOTO 330182cd038dSYoshinobu Inoue break; 330233841545SHajimu UMEMOTO } 330382cd038dSYoshinobu Inoue 3304f95d4633SHajimu UMEMOTO case IPV6_2292DSTOPTS: 330582cd038dSYoshinobu Inoue case IPV6_DSTOPTS: 3306f95d4633SHajimu UMEMOTO case IPV6_RTHDRDSTOPTS: 330733841545SHajimu UMEMOTO { 3308f95d4633SHajimu UMEMOTO struct ip6_dest *dest, **newdest = NULL; 330933841545SHajimu UMEMOTO int destlen; 331033841545SHajimu UMEMOTO 3311f95d4633SHajimu UMEMOTO if (!priv) /* XXX: see the comment for IPV6_HOPOPTS */ 3312f95d4633SHajimu UMEMOTO return (EPERM); 3313f95d4633SHajimu UMEMOTO 3314f95d4633SHajimu UMEMOTO if (len == 0) { 3315f95d4633SHajimu UMEMOTO ip6_clearpktopts(opt, optname); 3316f95d4633SHajimu UMEMOTO break; /* just remove the option */ 3317f95d4633SHajimu UMEMOTO } 3318f95d4633SHajimu UMEMOTO 3319f95d4633SHajimu UMEMOTO /* message length validation */ 3320f95d4633SHajimu UMEMOTO if (len < sizeof(struct ip6_dest)) 332182cd038dSYoshinobu Inoue return (EINVAL); 3322f95d4633SHajimu UMEMOTO dest = (struct ip6_dest *)buf; 332333841545SHajimu UMEMOTO destlen = (dest->ip6d_len + 1) << 3; 3324f95d4633SHajimu UMEMOTO if (len != destlen) 332533841545SHajimu UMEMOTO return (EINVAL); 332682cd038dSYoshinobu Inoue 332782cd038dSYoshinobu Inoue /* 3328f95d4633SHajimu UMEMOTO * Determine the position that the destination options header 3329f95d4633SHajimu UMEMOTO * should be inserted; before or after the routing header. 3330f95d4633SHajimu UMEMOTO */ 3331f95d4633SHajimu UMEMOTO switch (optname) { 3332f95d4633SHajimu UMEMOTO case IPV6_2292DSTOPTS: 3333f95d4633SHajimu UMEMOTO /* 3334f95d4633SHajimu UMEMOTO * The old advacned API is ambiguous on this point. 3335f95d4633SHajimu UMEMOTO * Our approach is to determine the position based 3336f95d4633SHajimu UMEMOTO * according to the existence of a routing header. 3337f95d4633SHajimu UMEMOTO * Note, however, that this depends on the order of the 3338f95d4633SHajimu UMEMOTO * extension headers in the ancillary data; the 1st 3339f95d4633SHajimu UMEMOTO * part of the destination options header must appear 3340f95d4633SHajimu UMEMOTO * before the routing header in the ancillary data, 3341f95d4633SHajimu UMEMOTO * too. 334218b35df8SHajimu UMEMOTO * RFC3542 solved the ambiguity by introducing 3343f95d4633SHajimu UMEMOTO * separate ancillary data or option types. 334482cd038dSYoshinobu Inoue */ 334533841545SHajimu UMEMOTO if (opt->ip6po_rthdr == NULL) 334633841545SHajimu UMEMOTO newdest = &opt->ip6po_dest1; 334733841545SHajimu UMEMOTO else 334833841545SHajimu UMEMOTO newdest = &opt->ip6po_dest2; 3349f95d4633SHajimu UMEMOTO break; 3350f95d4633SHajimu UMEMOTO case IPV6_RTHDRDSTOPTS: 3351f95d4633SHajimu UMEMOTO newdest = &opt->ip6po_dest1; 3352f95d4633SHajimu UMEMOTO break; 3353f95d4633SHajimu UMEMOTO case IPV6_DSTOPTS: 3354f95d4633SHajimu UMEMOTO newdest = &opt->ip6po_dest2; 3355f95d4633SHajimu UMEMOTO break; 3356f95d4633SHajimu UMEMOTO } 335733841545SHajimu UMEMOTO 3358f95d4633SHajimu UMEMOTO /* turn off the previous option, then set the new option. */ 3359f95d4633SHajimu UMEMOTO ip6_clearpktopts(opt, optname); 3360f95d4633SHajimu UMEMOTO if (sticky) { 3361a163d034SWarner Losh *newdest = malloc(destlen, M_IP6OPT, M_WAITOK); 336233841545SHajimu UMEMOTO bcopy(dest, *newdest, destlen); 336333841545SHajimu UMEMOTO } else 336433841545SHajimu UMEMOTO *newdest = dest; 336533841545SHajimu UMEMOTO 336682cd038dSYoshinobu Inoue break; 336733841545SHajimu UMEMOTO } 336882cd038dSYoshinobu Inoue 3369f95d4633SHajimu UMEMOTO case IPV6_2292RTHDR: 337082cd038dSYoshinobu Inoue case IPV6_RTHDR: 337133841545SHajimu UMEMOTO { 337233841545SHajimu UMEMOTO struct ip6_rthdr *rth; 337333841545SHajimu UMEMOTO int rthlen; 337433841545SHajimu UMEMOTO 3375f95d4633SHajimu UMEMOTO if (len == 0) { 3376f95d4633SHajimu UMEMOTO ip6_clearpktopts(opt, IPV6_RTHDR); 3377f95d4633SHajimu UMEMOTO break; /* just remove the option */ 3378f95d4633SHajimu UMEMOTO } 3379f95d4633SHajimu UMEMOTO 3380f95d4633SHajimu UMEMOTO /* message length validation */ 3381f95d4633SHajimu UMEMOTO if (len < sizeof(struct ip6_rthdr)) 338282cd038dSYoshinobu Inoue return (EINVAL); 3383f95d4633SHajimu UMEMOTO rth = (struct ip6_rthdr *)buf; 338433841545SHajimu UMEMOTO rthlen = (rth->ip6r_len + 1) << 3; 3385f95d4633SHajimu UMEMOTO if (len != rthlen) 338682cd038dSYoshinobu Inoue return (EINVAL); 338733841545SHajimu UMEMOTO 338833841545SHajimu UMEMOTO switch (rth->ip6r_type) { 338982cd038dSYoshinobu Inoue case IPV6_RTHDR_TYPE_0: 3390f95d4633SHajimu UMEMOTO if (rth->ip6r_len == 0) /* must contain one addr */ 339133841545SHajimu UMEMOTO return (EINVAL); 3392f95d4633SHajimu UMEMOTO if (rth->ip6r_len % 2) /* length must be even */ 339333841545SHajimu UMEMOTO return (EINVAL); 339433841545SHajimu UMEMOTO if (rth->ip6r_len / 2 != rth->ip6r_segleft) 339582cd038dSYoshinobu Inoue return (EINVAL); 339682cd038dSYoshinobu Inoue break; 339782cd038dSYoshinobu Inoue default: 339833841545SHajimu UMEMOTO return (EINVAL); /* not supported */ 339982cd038dSYoshinobu Inoue } 340033841545SHajimu UMEMOTO 3401f95d4633SHajimu UMEMOTO /* turn off the previous option */ 3402f95d4633SHajimu UMEMOTO ip6_clearpktopts(opt, IPV6_RTHDR); 3403f95d4633SHajimu UMEMOTO if (sticky) { 3404f95d4633SHajimu UMEMOTO opt->ip6po_rthdr = malloc(rthlen, M_IP6OPT, M_WAITOK); 340533841545SHajimu UMEMOTO bcopy(rth, opt->ip6po_rthdr, rthlen); 340633841545SHajimu UMEMOTO } else 340733841545SHajimu UMEMOTO opt->ip6po_rthdr = rth; 340833841545SHajimu UMEMOTO 340982cd038dSYoshinobu Inoue break; 341033841545SHajimu UMEMOTO } 341182cd038dSYoshinobu Inoue 3412f95d4633SHajimu UMEMOTO case IPV6_USE_MIN_MTU: 3413f95d4633SHajimu UMEMOTO if (len != sizeof(int)) 3414f95d4633SHajimu UMEMOTO return (EINVAL); 3415f95d4633SHajimu UMEMOTO minmtupolicy = *(int *)buf; 3416f95d4633SHajimu UMEMOTO if (minmtupolicy != IP6PO_MINMTU_MCASTONLY && 3417f95d4633SHajimu UMEMOTO minmtupolicy != IP6PO_MINMTU_DISABLE && 3418f95d4633SHajimu UMEMOTO minmtupolicy != IP6PO_MINMTU_ALL) { 3419f95d4633SHajimu UMEMOTO return (EINVAL); 3420f95d4633SHajimu UMEMOTO } 3421f95d4633SHajimu UMEMOTO opt->ip6po_minmtu = minmtupolicy; 3422f95d4633SHajimu UMEMOTO break; 3423f95d4633SHajimu UMEMOTO 3424f95d4633SHajimu UMEMOTO case IPV6_DONTFRAG: 3425f95d4633SHajimu UMEMOTO if (len != sizeof(int)) 3426f95d4633SHajimu UMEMOTO return (EINVAL); 3427f95d4633SHajimu UMEMOTO 3428f95d4633SHajimu UMEMOTO if (uproto == IPPROTO_TCP || *(int *)buf == 0) { 3429f95d4633SHajimu UMEMOTO /* 3430f95d4633SHajimu UMEMOTO * we ignore this option for TCP sockets. 343118b35df8SHajimu UMEMOTO * (RFC3542 leaves this case unspecified.) 3432f95d4633SHajimu UMEMOTO */ 3433f95d4633SHajimu UMEMOTO opt->ip6po_flags &= ~IP6PO_DONTFRAG; 3434f95d4633SHajimu UMEMOTO } else 3435f95d4633SHajimu UMEMOTO opt->ip6po_flags |= IP6PO_DONTFRAG; 3436f95d4633SHajimu UMEMOTO break; 3437f95d4633SHajimu UMEMOTO 3438f95d4633SHajimu UMEMOTO case IPV6_PREFER_TEMPADDR: 3439f95d4633SHajimu UMEMOTO if (len != sizeof(int)) 3440f95d4633SHajimu UMEMOTO return (EINVAL); 3441f95d4633SHajimu UMEMOTO preftemp = *(int *)buf; 3442f95d4633SHajimu UMEMOTO if (preftemp != IP6PO_TEMPADDR_SYSTEM && 3443f95d4633SHajimu UMEMOTO preftemp != IP6PO_TEMPADDR_NOTPREFER && 3444f95d4633SHajimu UMEMOTO preftemp != IP6PO_TEMPADDR_PREFER) { 3445f95d4633SHajimu UMEMOTO return (EINVAL); 3446f95d4633SHajimu UMEMOTO } 3447f95d4633SHajimu UMEMOTO opt->ip6po_prefer_tempaddr = preftemp; 3448f95d4633SHajimu UMEMOTO break; 3449f95d4633SHajimu UMEMOTO 345082cd038dSYoshinobu Inoue default: 345182cd038dSYoshinobu Inoue return (ENOPROTOOPT); 3452f95d4633SHajimu UMEMOTO } /* end of switch */ 345382cd038dSYoshinobu Inoue 345482cd038dSYoshinobu Inoue return (0); 345582cd038dSYoshinobu Inoue } 345682cd038dSYoshinobu Inoue 345782cd038dSYoshinobu Inoue /* 345882cd038dSYoshinobu Inoue * Routine called from ip6_output() to loop back a copy of an IP6 multicast 345982cd038dSYoshinobu Inoue * packet to the input queue of a specified interface. Note that this 346082cd038dSYoshinobu Inoue * calls the output routine of the loopback "driver", but with an interface 346182cd038dSYoshinobu Inoue * pointer that might NOT be &loif -- easier than replicating that code here. 346282cd038dSYoshinobu Inoue */ 346382cd038dSYoshinobu Inoue void 346482cd038dSYoshinobu Inoue ip6_mloopback(ifp, m, dst) 346582cd038dSYoshinobu Inoue struct ifnet *ifp; 346633841545SHajimu UMEMOTO struct mbuf *m; 346733841545SHajimu UMEMOTO struct sockaddr_in6 *dst; 346882cd038dSYoshinobu Inoue { 346982cd038dSYoshinobu Inoue struct mbuf *copym; 3470686cdd19SJun-ichiro itojun Hagino struct ip6_hdr *ip6; 347182cd038dSYoshinobu Inoue 347282cd038dSYoshinobu Inoue copym = m_copy(m, 0, M_COPYALL); 3473686cdd19SJun-ichiro itojun Hagino if (copym == NULL) 3474686cdd19SJun-ichiro itojun Hagino return; 3475686cdd19SJun-ichiro itojun Hagino 3476686cdd19SJun-ichiro itojun Hagino /* 3477686cdd19SJun-ichiro itojun Hagino * Make sure to deep-copy IPv6 header portion in case the data 3478686cdd19SJun-ichiro itojun Hagino * is in an mbuf cluster, so that we can safely override the IPv6 3479686cdd19SJun-ichiro itojun Hagino * header portion later. 3480686cdd19SJun-ichiro itojun Hagino */ 3481686cdd19SJun-ichiro itojun Hagino if ((copym->m_flags & M_EXT) != 0 || 3482686cdd19SJun-ichiro itojun Hagino copym->m_len < sizeof(struct ip6_hdr)) { 3483686cdd19SJun-ichiro itojun Hagino copym = m_pullup(copym, sizeof(struct ip6_hdr)); 3484686cdd19SJun-ichiro itojun Hagino if (copym == NULL) 3485686cdd19SJun-ichiro itojun Hagino return; 348682cd038dSYoshinobu Inoue } 3487686cdd19SJun-ichiro itojun Hagino 3488686cdd19SJun-ichiro itojun Hagino #ifdef DIAGNOSTIC 3489686cdd19SJun-ichiro itojun Hagino if (copym->m_len < sizeof(*ip6)) { 3490686cdd19SJun-ichiro itojun Hagino m_freem(copym); 3491686cdd19SJun-ichiro itojun Hagino return; 3492686cdd19SJun-ichiro itojun Hagino } 3493686cdd19SJun-ichiro itojun Hagino #endif 3494686cdd19SJun-ichiro itojun Hagino 3495686cdd19SJun-ichiro itojun Hagino ip6 = mtod(copym, struct ip6_hdr *); 349633841545SHajimu UMEMOTO /* 349733841545SHajimu UMEMOTO * clear embedded scope identifiers if necessary. 349833841545SHajimu UMEMOTO * in6_clearscope will touch the addresses only when necessary. 349933841545SHajimu UMEMOTO */ 350033841545SHajimu UMEMOTO in6_clearscope(&ip6->ip6_src); 350133841545SHajimu UMEMOTO in6_clearscope(&ip6->ip6_dst); 3502686cdd19SJun-ichiro itojun Hagino 3503a89ec05eSPeter Wemm (void)if_simloop(ifp, copym, dst->sin6_family, 0); 350482cd038dSYoshinobu Inoue } 350582cd038dSYoshinobu Inoue 350682cd038dSYoshinobu Inoue /* 350782cd038dSYoshinobu Inoue * Chop IPv6 header off from the payload. 350882cd038dSYoshinobu Inoue */ 350982cd038dSYoshinobu Inoue static int 351082cd038dSYoshinobu Inoue ip6_splithdr(m, exthdrs) 351182cd038dSYoshinobu Inoue struct mbuf *m; 351282cd038dSYoshinobu Inoue struct ip6_exthdrs *exthdrs; 351382cd038dSYoshinobu Inoue { 351482cd038dSYoshinobu Inoue struct mbuf *mh; 351582cd038dSYoshinobu Inoue struct ip6_hdr *ip6; 351682cd038dSYoshinobu Inoue 351782cd038dSYoshinobu Inoue ip6 = mtod(m, struct ip6_hdr *); 351882cd038dSYoshinobu Inoue if (m->m_len > sizeof(*ip6)) { 3519a163d034SWarner Losh MGETHDR(mh, M_DONTWAIT, MT_HEADER); 352082cd038dSYoshinobu Inoue if (mh == 0) { 352182cd038dSYoshinobu Inoue m_freem(m); 352282cd038dSYoshinobu Inoue return ENOBUFS; 352382cd038dSYoshinobu Inoue } 35249967cafcSSam Leffler M_MOVE_PKTHDR(mh, m); 352582cd038dSYoshinobu Inoue MH_ALIGN(mh, sizeof(*ip6)); 352682cd038dSYoshinobu Inoue m->m_len -= sizeof(*ip6); 352782cd038dSYoshinobu Inoue m->m_data += sizeof(*ip6); 352882cd038dSYoshinobu Inoue mh->m_next = m; 352982cd038dSYoshinobu Inoue m = mh; 353082cd038dSYoshinobu Inoue m->m_len = sizeof(*ip6); 353182cd038dSYoshinobu Inoue bcopy((caddr_t)ip6, mtod(m, caddr_t), sizeof(*ip6)); 353282cd038dSYoshinobu Inoue } 353382cd038dSYoshinobu Inoue exthdrs->ip6e_ip6 = m; 353482cd038dSYoshinobu Inoue return 0; 353582cd038dSYoshinobu Inoue } 353682cd038dSYoshinobu Inoue 353782cd038dSYoshinobu Inoue /* 353882cd038dSYoshinobu Inoue * Compute IPv6 extension header length. 353982cd038dSYoshinobu Inoue */ 354082cd038dSYoshinobu Inoue int 354182cd038dSYoshinobu Inoue ip6_optlen(in6p) 354282cd038dSYoshinobu Inoue struct in6pcb *in6p; 354382cd038dSYoshinobu Inoue { 354482cd038dSYoshinobu Inoue int len; 354582cd038dSYoshinobu Inoue 354682cd038dSYoshinobu Inoue if (!in6p->in6p_outputopts) 354782cd038dSYoshinobu Inoue return 0; 354882cd038dSYoshinobu Inoue 354982cd038dSYoshinobu Inoue len = 0; 355082cd038dSYoshinobu Inoue #define elen(x) \ 355182cd038dSYoshinobu Inoue (((struct ip6_ext *)(x)) ? (((struct ip6_ext *)(x))->ip6e_len + 1) << 3 : 0) 355282cd038dSYoshinobu Inoue 355382cd038dSYoshinobu Inoue len += elen(in6p->in6p_outputopts->ip6po_hbh); 355433841545SHajimu UMEMOTO if (in6p->in6p_outputopts->ip6po_rthdr) 355533841545SHajimu UMEMOTO /* dest1 is valid with rthdr only */ 355682cd038dSYoshinobu Inoue len += elen(in6p->in6p_outputopts->ip6po_dest1); 355782cd038dSYoshinobu Inoue len += elen(in6p->in6p_outputopts->ip6po_rthdr); 355882cd038dSYoshinobu Inoue len += elen(in6p->in6p_outputopts->ip6po_dest2); 355982cd038dSYoshinobu Inoue return len; 356082cd038dSYoshinobu Inoue #undef elen 356182cd038dSYoshinobu Inoue } 3562