1 /*- 2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the project nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 /*- 31 * Copyright (c) 1982, 1986, 1988, 1993 32 * The Regents of the University of California. 33 * All rights reserved. 34 * 35 * Redistribution and use in source and binary forms, with or without 36 * modification, are permitted provided that the following conditions 37 * are met: 38 * 1. Redistributions of source code must retain the above copyright 39 * notice, this list of conditions and the following disclaimer. 40 * 2. Redistributions in binary form must reproduce the above copyright 41 * notice, this list of conditions and the following disclaimer in the 42 * documentation and/or other materials provided with the distribution. 43 * 4. Neither the name of the University nor the names of its contributors 44 * may be used to endorse or promote products derived from this software 45 * without specific prior written permission. 46 * 47 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 48 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 49 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 50 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 51 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 52 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 53 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 54 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 55 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 56 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 57 * SUCH DAMAGE. 58 * 59 * @(#)raw_ip.c 8.2 (Berkeley) 1/4/94 60 */ 61 62 #include <sys/cdefs.h> 63 __FBSDID("$FreeBSD$"); 64 65 #include "opt_ipsec.h" 66 #include "opt_inet6.h" 67 68 #include <sys/param.h> 69 #include <sys/errno.h> 70 #include <sys/jail.h> 71 #include <sys/lock.h> 72 #include <sys/malloc.h> 73 #include <sys/mbuf.h> 74 #include <sys/priv.h> 75 #include <sys/proc.h> 76 #include <sys/protosw.h> 77 #include <sys/signalvar.h> 78 #include <sys/socket.h> 79 #include <sys/socketvar.h> 80 #include <sys/sx.h> 81 #include <sys/syslog.h> 82 #include <sys/vimage.h> 83 84 #include <net/if.h> 85 #include <net/if_types.h> 86 #include <net/route.h> 87 #include <net/vnet.h> 88 89 #include <netinet/in.h> 90 #include <netinet/in_var.h> 91 #include <netinet/in_systm.h> 92 #include <netinet/in_pcb.h> 93 #include <netinet/vinet.h> 94 95 #include <netinet/icmp6.h> 96 #include <netinet/ip6.h> 97 #include <netinet6/ip6protosw.h> 98 #include <netinet6/ip6_mroute.h> 99 #include <netinet6/in6_pcb.h> 100 #include <netinet6/ip6_var.h> 101 #include <netinet6/nd6.h> 102 #include <netinet6/raw_ip6.h> 103 #include <netinet6/scope6_var.h> 104 #include <netinet6/vinet6.h> 105 106 #ifdef IPSEC 107 #include <netipsec/ipsec.h> 108 #include <netipsec/ipsec6.h> 109 #endif /* IPSEC */ 110 111 #include <machine/stdarg.h> 112 113 #define satosin6(sa) ((struct sockaddr_in6 *)(sa)) 114 #define ifatoia6(ifa) ((struct in6_ifaddr *)(ifa)) 115 116 /* 117 * Raw interface to IP6 protocol. 118 */ 119 120 #ifdef VIMAGE_GLOBALS 121 extern struct inpcbhead ripcb; 122 extern struct inpcbinfo ripcbinfo; 123 struct rip6stat rip6stat; 124 #endif 125 126 extern u_long rip_sendspace; 127 extern u_long rip_recvspace; 128 129 /* 130 * Hooks for multicast forwarding. 131 */ 132 struct socket *ip6_mrouter = NULL; 133 int (*ip6_mrouter_set)(struct socket *, struct sockopt *); 134 int (*ip6_mrouter_get)(struct socket *, struct sockopt *); 135 int (*ip6_mrouter_done)(void); 136 int (*ip6_mforward)(struct ip6_hdr *, struct ifnet *, struct mbuf *); 137 int (*mrt6_ioctl)(int, caddr_t); 138 139 /* 140 * Setup generic address and protocol structures for raw_input routine, then 141 * pass them along with mbuf chain. 142 */ 143 int 144 rip6_input(struct mbuf **mp, int *offp, int proto) 145 { 146 INIT_VNET_INET(curvnet); 147 INIT_VNET_INET6(curvnet); 148 #ifdef IPSEC 149 INIT_VNET_IPSEC(curvnet); 150 #endif 151 struct mbuf *m = *mp; 152 register struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); 153 register struct inpcb *in6p; 154 struct inpcb *last = 0; 155 struct mbuf *opts = NULL; 156 struct sockaddr_in6 fromsa; 157 158 V_rip6stat.rip6s_ipackets++; 159 160 if (faithprefix_p != NULL && (*faithprefix_p)(&ip6->ip6_dst)) { 161 /* XXX Send icmp6 host/port unreach? */ 162 m_freem(m); 163 return (IPPROTO_DONE); 164 } 165 166 init_sin6(&fromsa, m); /* general init */ 167 168 INP_INFO_RLOCK(&V_ripcbinfo); 169 LIST_FOREACH(in6p, &V_ripcb, inp_list) { 170 /* XXX inp locking */ 171 if ((in6p->inp_vflag & INP_IPV6) == 0) 172 continue; 173 if (in6p->inp_ip_p && 174 in6p->inp_ip_p != proto) 175 continue; 176 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) && 177 !IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &ip6->ip6_dst)) 178 continue; 179 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr) && 180 !IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, &ip6->ip6_src)) 181 continue; 182 if (prison_check_ip6(in6p->inp_cred, &ip6->ip6_dst) != 0) 183 continue; 184 INP_RLOCK(in6p); 185 if (in6p->in6p_cksum != -1) { 186 V_rip6stat.rip6s_isum++; 187 if (in6_cksum(m, proto, *offp, 188 m->m_pkthdr.len - *offp)) { 189 INP_RUNLOCK(in6p); 190 V_rip6stat.rip6s_badsum++; 191 continue; 192 } 193 } 194 if (last != NULL) { 195 struct mbuf *n = m_copy(m, 0, (int)M_COPYALL); 196 197 #ifdef IPSEC 198 /* 199 * Check AH/ESP integrity. 200 */ 201 if (n && ipsec6_in_reject(n, last)) { 202 m_freem(n); 203 V_ipsec6stat.in_polvio++; 204 /* Do not inject data into pcb. */ 205 } else 206 #endif /* IPSEC */ 207 if (n) { 208 if (last->inp_flags & INP_CONTROLOPTS || 209 last->inp_socket->so_options & SO_TIMESTAMP) 210 ip6_savecontrol(last, n, &opts); 211 /* strip intermediate headers */ 212 m_adj(n, *offp); 213 if (sbappendaddr(&last->inp_socket->so_rcv, 214 (struct sockaddr *)&fromsa, 215 n, opts) == 0) { 216 m_freem(n); 217 if (opts) 218 m_freem(opts); 219 V_rip6stat.rip6s_fullsock++; 220 } else 221 sorwakeup(last->inp_socket); 222 opts = NULL; 223 } 224 INP_RUNLOCK(last); 225 } 226 last = in6p; 227 } 228 INP_INFO_RUNLOCK(&V_ripcbinfo); 229 #ifdef IPSEC 230 /* 231 * Check AH/ESP integrity. 232 */ 233 if ((last != NULL) && ipsec6_in_reject(m, last)) { 234 m_freem(m); 235 V_ipsec6stat.in_polvio++; 236 V_ip6stat.ip6s_delivered--; 237 /* Do not inject data into pcb. */ 238 INP_RUNLOCK(last); 239 } else 240 #endif /* IPSEC */ 241 if (last != NULL) { 242 if (last->inp_flags & INP_CONTROLOPTS || 243 last->inp_socket->so_options & SO_TIMESTAMP) 244 ip6_savecontrol(last, m, &opts); 245 /* Strip intermediate headers. */ 246 m_adj(m, *offp); 247 if (sbappendaddr(&last->inp_socket->so_rcv, 248 (struct sockaddr *)&fromsa, m, opts) == 0) { 249 m_freem(m); 250 if (opts) 251 m_freem(opts); 252 V_rip6stat.rip6s_fullsock++; 253 } else 254 sorwakeup(last->inp_socket); 255 INP_RUNLOCK(last); 256 } else { 257 V_rip6stat.rip6s_nosock++; 258 if (m->m_flags & M_MCAST) 259 V_rip6stat.rip6s_nosockmcast++; 260 if (proto == IPPROTO_NONE) 261 m_freem(m); 262 else { 263 char *prvnxtp = ip6_get_prevhdr(m, *offp); /* XXX */ 264 icmp6_error(m, ICMP6_PARAM_PROB, 265 ICMP6_PARAMPROB_NEXTHEADER, 266 prvnxtp - mtod(m, char *)); 267 } 268 V_ip6stat.ip6s_delivered--; 269 } 270 return (IPPROTO_DONE); 271 } 272 273 void 274 rip6_ctlinput(int cmd, struct sockaddr *sa, void *d) 275 { 276 INIT_VNET_INET(curvnet); 277 struct ip6_hdr *ip6; 278 struct mbuf *m; 279 int off = 0; 280 struct ip6ctlparam *ip6cp = NULL; 281 const struct sockaddr_in6 *sa6_src = NULL; 282 void *cmdarg; 283 struct inpcb *(*notify)(struct inpcb *, int) = in6_rtchange; 284 285 if (sa->sa_family != AF_INET6 || 286 sa->sa_len != sizeof(struct sockaddr_in6)) 287 return; 288 289 if ((unsigned)cmd >= PRC_NCMDS) 290 return; 291 if (PRC_IS_REDIRECT(cmd)) 292 notify = in6_rtchange, d = NULL; 293 else if (cmd == PRC_HOSTDEAD) 294 d = NULL; 295 else if (inet6ctlerrmap[cmd] == 0) 296 return; 297 298 /* 299 * If the parameter is from icmp6, decode it. 300 */ 301 if (d != NULL) { 302 ip6cp = (struct ip6ctlparam *)d; 303 m = ip6cp->ip6c_m; 304 ip6 = ip6cp->ip6c_ip6; 305 off = ip6cp->ip6c_off; 306 cmdarg = ip6cp->ip6c_cmdarg; 307 sa6_src = ip6cp->ip6c_src; 308 } else { 309 m = NULL; 310 ip6 = NULL; 311 cmdarg = NULL; 312 sa6_src = &sa6_any; 313 } 314 315 (void) in6_pcbnotify(&V_ripcbinfo, sa, 0, 316 (const struct sockaddr *)sa6_src, 0, cmd, cmdarg, notify); 317 } 318 319 /* 320 * Generate IPv6 header and pass packet to ip6_output. Tack on options user 321 * may have setup with control call. 322 */ 323 int 324 #if __STDC__ 325 rip6_output(struct mbuf *m, ...) 326 #else 327 rip6_output(m, va_alist) 328 struct mbuf *m; 329 va_dcl 330 #endif 331 { 332 INIT_VNET_INET6(curvnet); 333 struct mbuf *control; 334 struct socket *so; 335 struct sockaddr_in6 *dstsock; 336 struct in6_addr *dst; 337 struct ip6_hdr *ip6; 338 struct inpcb *in6p; 339 u_int plen = m->m_pkthdr.len; 340 int error = 0; 341 struct ip6_pktopts opt, *optp; 342 struct ifnet *oifp = NULL; 343 int type = 0, code = 0; /* for ICMPv6 output statistics only */ 344 int scope_ambiguous = 0; 345 struct in6_addr *in6a; 346 va_list ap; 347 348 va_start(ap, m); 349 so = va_arg(ap, struct socket *); 350 dstsock = va_arg(ap, struct sockaddr_in6 *); 351 control = va_arg(ap, struct mbuf *); 352 va_end(ap); 353 354 in6p = sotoinpcb(so); 355 INP_WLOCK(in6p); 356 357 dst = &dstsock->sin6_addr; 358 if (control != NULL) { 359 if ((error = ip6_setpktopts(control, &opt, 360 in6p->in6p_outputopts, so->so_cred, 361 so->so_proto->pr_protocol)) != 0) { 362 goto bad; 363 } 364 optp = &opt; 365 } else 366 optp = in6p->in6p_outputopts; 367 368 /* 369 * Check and convert scope zone ID into internal form. 370 * 371 * XXX: we may still need to determine the zone later. 372 */ 373 if (!(so->so_state & SS_ISCONNECTED)) { 374 if (dstsock->sin6_scope_id == 0 && !V_ip6_use_defzone) 375 scope_ambiguous = 1; 376 if ((error = sa6_embedscope(dstsock, V_ip6_use_defzone)) != 0) 377 goto bad; 378 } 379 380 /* 381 * For an ICMPv6 packet, we should know its type and code to update 382 * statistics. 383 */ 384 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) { 385 struct icmp6_hdr *icmp6; 386 if (m->m_len < sizeof(struct icmp6_hdr) && 387 (m = m_pullup(m, sizeof(struct icmp6_hdr))) == NULL) { 388 error = ENOBUFS; 389 goto bad; 390 } 391 icmp6 = mtod(m, struct icmp6_hdr *); 392 type = icmp6->icmp6_type; 393 code = icmp6->icmp6_code; 394 } 395 396 M_PREPEND(m, sizeof(*ip6), M_DONTWAIT); 397 if (m == NULL) { 398 error = ENOBUFS; 399 goto bad; 400 } 401 ip6 = mtod(m, struct ip6_hdr *); 402 403 /* 404 * Source address selection. 405 */ 406 if ((in6a = in6_selectsrc(dstsock, optp, in6p, NULL, so->so_cred, 407 &oifp, &error)) == NULL) { 408 if (error == 0) 409 error = EADDRNOTAVAIL; 410 goto bad; 411 } 412 error = prison_get_ip6(in6p->inp_cred, in6a); 413 if (error != 0) 414 goto bad; 415 ip6->ip6_src = *in6a; 416 417 if (oifp && scope_ambiguous) { 418 /* 419 * Application should provide a proper zone ID or the use of 420 * default zone IDs should be enabled. Unfortunately, some 421 * applications do not behave as it should, so we need a 422 * workaround. Even if an appropriate ID is not determined 423 * (when it's required), if we can determine the outgoing 424 * interface. determine the zone ID based on the interface. 425 */ 426 error = in6_setscope(&dstsock->sin6_addr, oifp, NULL); 427 if (error != 0) 428 goto bad; 429 } 430 ip6->ip6_dst = dstsock->sin6_addr; 431 432 /* 433 * Fill in the rest of the IPv6 header fields. 434 */ 435 ip6->ip6_flow = (ip6->ip6_flow & ~IPV6_FLOWINFO_MASK) | 436 (in6p->inp_flow & IPV6_FLOWINFO_MASK); 437 ip6->ip6_vfc = (ip6->ip6_vfc & ~IPV6_VERSION_MASK) | 438 (IPV6_VERSION & IPV6_VERSION_MASK); 439 440 /* 441 * ip6_plen will be filled in ip6_output, so not fill it here. 442 */ 443 ip6->ip6_nxt = in6p->inp_ip_p; 444 ip6->ip6_hlim = in6_selecthlim(in6p, oifp); 445 446 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6 || 447 in6p->in6p_cksum != -1) { 448 struct mbuf *n; 449 int off; 450 u_int16_t *p; 451 452 /* Compute checksum. */ 453 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) 454 off = offsetof(struct icmp6_hdr, icmp6_cksum); 455 else 456 off = in6p->in6p_cksum; 457 if (plen < off + 1) { 458 error = EINVAL; 459 goto bad; 460 } 461 off += sizeof(struct ip6_hdr); 462 463 n = m; 464 while (n && n->m_len <= off) { 465 off -= n->m_len; 466 n = n->m_next; 467 } 468 if (!n) 469 goto bad; 470 p = (u_int16_t *)(mtod(n, caddr_t) + off); 471 *p = 0; 472 *p = in6_cksum(m, ip6->ip6_nxt, sizeof(*ip6), plen); 473 } 474 475 error = ip6_output(m, optp, NULL, 0, in6p->in6p_moptions, &oifp, in6p); 476 if (so->so_proto->pr_protocol == IPPROTO_ICMPV6) { 477 if (oifp) 478 icmp6_ifoutstat_inc(oifp, type, code); 479 V_icmp6stat.icp6s_outhist[type]++; 480 } else 481 V_rip6stat.rip6s_opackets++; 482 483 goto freectl; 484 485 bad: 486 if (m) 487 m_freem(m); 488 489 freectl: 490 if (control != NULL) { 491 ip6_clearpktopts(&opt, -1); 492 m_freem(control); 493 } 494 INP_WUNLOCK(in6p); 495 return (error); 496 } 497 498 /* 499 * Raw IPv6 socket option processing. 500 */ 501 int 502 rip6_ctloutput(struct socket *so, struct sockopt *sopt) 503 { 504 int error; 505 506 if (sopt->sopt_level == IPPROTO_ICMPV6) 507 /* 508 * XXX: is it better to call icmp6_ctloutput() directly 509 * from protosw? 510 */ 511 return (icmp6_ctloutput(so, sopt)); 512 else if (sopt->sopt_level != IPPROTO_IPV6) 513 return (EINVAL); 514 515 error = 0; 516 517 switch (sopt->sopt_dir) { 518 case SOPT_GET: 519 switch (sopt->sopt_name) { 520 case MRT6_INIT: 521 case MRT6_DONE: 522 case MRT6_ADD_MIF: 523 case MRT6_DEL_MIF: 524 case MRT6_ADD_MFC: 525 case MRT6_DEL_MFC: 526 case MRT6_PIM: 527 error = ip6_mrouter_get ? ip6_mrouter_get(so, sopt) : 528 EOPNOTSUPP; 529 break; 530 case IPV6_CHECKSUM: 531 error = ip6_raw_ctloutput(so, sopt); 532 break; 533 default: 534 error = ip6_ctloutput(so, sopt); 535 break; 536 } 537 break; 538 539 case SOPT_SET: 540 switch (sopt->sopt_name) { 541 case MRT6_INIT: 542 case MRT6_DONE: 543 case MRT6_ADD_MIF: 544 case MRT6_DEL_MIF: 545 case MRT6_ADD_MFC: 546 case MRT6_DEL_MFC: 547 case MRT6_PIM: 548 error = ip6_mrouter_set ? ip6_mrouter_set(so, sopt) : 549 EOPNOTSUPP; 550 break; 551 case IPV6_CHECKSUM: 552 error = ip6_raw_ctloutput(so, sopt); 553 break; 554 default: 555 error = ip6_ctloutput(so, sopt); 556 break; 557 } 558 break; 559 } 560 561 return (error); 562 } 563 564 static int 565 rip6_attach(struct socket *so, int proto, struct thread *td) 566 { 567 INIT_VNET_INET(so->so_vnet); 568 struct inpcb *inp; 569 struct icmp6_filter *filter; 570 int error; 571 572 inp = sotoinpcb(so); 573 KASSERT(inp == NULL, ("rip6_attach: inp != NULL")); 574 575 error = priv_check(td, PRIV_NETINET_RAW); 576 if (error) 577 return (error); 578 error = soreserve(so, rip_sendspace, rip_recvspace); 579 if (error) 580 return (error); 581 filter = malloc(sizeof(struct icmp6_filter), M_PCB, M_NOWAIT); 582 if (filter == NULL) 583 return (ENOMEM); 584 INP_INFO_WLOCK(&V_ripcbinfo); 585 error = in_pcballoc(so, &V_ripcbinfo); 586 if (error) { 587 INP_INFO_WUNLOCK(&V_ripcbinfo); 588 free(filter, M_PCB); 589 return (error); 590 } 591 inp = (struct inpcb *)so->so_pcb; 592 INP_INFO_WUNLOCK(&V_ripcbinfo); 593 inp->inp_vflag |= INP_IPV6; 594 inp->inp_ip_p = (long)proto; 595 inp->in6p_hops = -1; /* use kernel default */ 596 inp->in6p_cksum = -1; 597 inp->in6p_icmp6filt = filter; 598 ICMP6_FILTER_SETPASSALL(inp->in6p_icmp6filt); 599 INP_WUNLOCK(inp); 600 return (0); 601 } 602 603 static void 604 rip6_detach(struct socket *so) 605 { 606 INIT_VNET_INET(so->so_vnet); 607 struct inpcb *inp; 608 609 inp = sotoinpcb(so); 610 KASSERT(inp != NULL, ("rip6_detach: inp == NULL")); 611 612 if (so == ip6_mrouter && ip6_mrouter_done) 613 ip6_mrouter_done(); 614 /* xxx: RSVP */ 615 INP_INFO_WLOCK(&V_ripcbinfo); 616 INP_WLOCK(inp); 617 free(inp->in6p_icmp6filt, M_PCB); 618 in_pcbdetach(inp); 619 in_pcbfree(inp); 620 INP_INFO_WUNLOCK(&V_ripcbinfo); 621 } 622 623 /* XXXRW: This can't ever be called. */ 624 static void 625 rip6_abort(struct socket *so) 626 { 627 struct inpcb *inp; 628 629 inp = sotoinpcb(so); 630 KASSERT(inp != NULL, ("rip6_abort: inp == NULL")); 631 632 soisdisconnected(so); 633 } 634 635 static void 636 rip6_close(struct socket *so) 637 { 638 struct inpcb *inp; 639 640 inp = sotoinpcb(so); 641 KASSERT(inp != NULL, ("rip6_close: inp == NULL")); 642 643 soisdisconnected(so); 644 } 645 646 static int 647 rip6_disconnect(struct socket *so) 648 { 649 struct inpcb *inp; 650 651 inp = sotoinpcb(so); 652 KASSERT(inp != NULL, ("rip6_disconnect: inp == NULL")); 653 654 if ((so->so_state & SS_ISCONNECTED) == 0) 655 return (ENOTCONN); 656 inp->in6p_faddr = in6addr_any; 657 rip6_abort(so); 658 return (0); 659 } 660 661 static int 662 rip6_bind(struct socket *so, struct sockaddr *nam, struct thread *td) 663 { 664 INIT_VNET_NET(so->so_vnet); 665 INIT_VNET_INET(so->so_vnet); 666 INIT_VNET_INET6(so->so_vnet); 667 struct inpcb *inp; 668 struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam; 669 struct ifaddr *ia = NULL; 670 int error = 0; 671 672 inp = sotoinpcb(so); 673 KASSERT(inp != NULL, ("rip6_bind: inp == NULL")); 674 675 if (nam->sa_len != sizeof(*addr)) 676 return (EINVAL); 677 if ((error = prison_check_ip6(td->td_ucred, &addr->sin6_addr)) != 0) 678 return (error); 679 if (TAILQ_EMPTY(&V_ifnet) || addr->sin6_family != AF_INET6) 680 return (EADDRNOTAVAIL); 681 if ((error = sa6_embedscope(addr, V_ip6_use_defzone)) != 0) 682 return (error); 683 684 if (!IN6_IS_ADDR_UNSPECIFIED(&addr->sin6_addr) && 685 (ia = ifa_ifwithaddr((struct sockaddr *)addr)) == 0) 686 return (EADDRNOTAVAIL); 687 if (ia && 688 ((struct in6_ifaddr *)ia)->ia6_flags & 689 (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY| 690 IN6_IFF_DETACHED|IN6_IFF_DEPRECATED)) { 691 return (EADDRNOTAVAIL); 692 } 693 INP_INFO_WLOCK(&V_ripcbinfo); 694 INP_WLOCK(inp); 695 inp->in6p_laddr = addr->sin6_addr; 696 INP_WUNLOCK(inp); 697 INP_INFO_WUNLOCK(&V_ripcbinfo); 698 return (0); 699 } 700 701 static int 702 rip6_connect(struct socket *so, struct sockaddr *nam, struct thread *td) 703 { 704 INIT_VNET_NET(so->so_vnet); 705 INIT_VNET_INET(so->so_vnet); 706 INIT_VNET_INET6(so->so_vnet); 707 struct inpcb *inp; 708 struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam; 709 struct in6_addr *in6a = NULL; 710 struct ifnet *ifp = NULL; 711 int error = 0, scope_ambiguous = 0; 712 713 inp = sotoinpcb(so); 714 KASSERT(inp != NULL, ("rip6_connect: inp == NULL")); 715 716 if (nam->sa_len != sizeof(*addr)) 717 return (EINVAL); 718 if (TAILQ_EMPTY(&V_ifnet)) 719 return (EADDRNOTAVAIL); 720 if (addr->sin6_family != AF_INET6) 721 return (EAFNOSUPPORT); 722 723 /* 724 * Application should provide a proper zone ID or the use of default 725 * zone IDs should be enabled. Unfortunately, some applications do 726 * not behave as it should, so we need a workaround. Even if an 727 * appropriate ID is not determined, we'll see if we can determine 728 * the outgoing interface. If we can, determine the zone ID based on 729 * the interface below. 730 */ 731 if (addr->sin6_scope_id == 0 && !V_ip6_use_defzone) 732 scope_ambiguous = 1; 733 if ((error = sa6_embedscope(addr, V_ip6_use_defzone)) != 0) 734 return (error); 735 736 INP_INFO_WLOCK(&V_ripcbinfo); 737 INP_WLOCK(inp); 738 /* Source address selection. XXX: need pcblookup? */ 739 in6a = in6_selectsrc(addr, inp->in6p_outputopts, 740 inp, NULL, so->so_cred, 741 &ifp, &error); 742 if (in6a == NULL) { 743 INP_WUNLOCK(inp); 744 INP_INFO_WUNLOCK(&V_ripcbinfo); 745 return (error ? error : EADDRNOTAVAIL); 746 } 747 748 /* XXX: see above */ 749 if (ifp && scope_ambiguous && 750 (error = in6_setscope(&addr->sin6_addr, ifp, NULL)) != 0) { 751 INP_WUNLOCK(inp); 752 INP_INFO_WUNLOCK(&V_ripcbinfo); 753 return (error); 754 } 755 inp->in6p_faddr = addr->sin6_addr; 756 inp->in6p_laddr = *in6a; 757 soisconnected(so); 758 INP_WUNLOCK(inp); 759 INP_INFO_WUNLOCK(&V_ripcbinfo); 760 return (0); 761 } 762 763 static int 764 rip6_shutdown(struct socket *so) 765 { 766 struct inpcb *inp; 767 768 inp = sotoinpcb(so); 769 KASSERT(inp != NULL, ("rip6_shutdown: inp == NULL")); 770 771 INP_WLOCK(inp); 772 socantsendmore(so); 773 INP_WUNLOCK(inp); 774 return (0); 775 } 776 777 static int 778 rip6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, 779 struct mbuf *control, struct thread *td) 780 { 781 struct inpcb *inp; 782 struct sockaddr_in6 tmp; 783 struct sockaddr_in6 *dst; 784 int ret; 785 786 inp = sotoinpcb(so); 787 KASSERT(inp != NULL, ("rip6_send: inp == NULL")); 788 789 /* Always copy sockaddr to avoid overwrites. */ 790 /* Unlocked read. */ 791 if (so->so_state & SS_ISCONNECTED) { 792 if (nam) { 793 m_freem(m); 794 return (EISCONN); 795 } 796 /* XXX */ 797 bzero(&tmp, sizeof(tmp)); 798 tmp.sin6_family = AF_INET6; 799 tmp.sin6_len = sizeof(struct sockaddr_in6); 800 INP_RLOCK(inp); 801 bcopy(&inp->in6p_faddr, &tmp.sin6_addr, 802 sizeof(struct in6_addr)); 803 INP_RUNLOCK(inp); 804 dst = &tmp; 805 } else { 806 if (nam == NULL) { 807 m_freem(m); 808 return (ENOTCONN); 809 } 810 if (nam->sa_len != sizeof(struct sockaddr_in6)) { 811 m_freem(m); 812 return (EINVAL); 813 } 814 tmp = *(struct sockaddr_in6 *)nam; 815 dst = &tmp; 816 817 if (dst->sin6_family == AF_UNSPEC) { 818 /* 819 * XXX: we allow this case for backward 820 * compatibility to buggy applications that 821 * rely on old (and wrong) kernel behavior. 822 */ 823 log(LOG_INFO, "rip6 SEND: address family is " 824 "unspec. Assume AF_INET6\n"); 825 dst->sin6_family = AF_INET6; 826 } else if (dst->sin6_family != AF_INET6) { 827 m_freem(m); 828 return(EAFNOSUPPORT); 829 } 830 } 831 ret = rip6_output(m, so, dst, control); 832 return (ret); 833 } 834 835 struct pr_usrreqs rip6_usrreqs = { 836 .pru_abort = rip6_abort, 837 .pru_attach = rip6_attach, 838 .pru_bind = rip6_bind, 839 .pru_connect = rip6_connect, 840 .pru_control = in6_control, 841 .pru_detach = rip6_detach, 842 .pru_disconnect = rip6_disconnect, 843 .pru_peeraddr = in6_getpeeraddr, 844 .pru_send = rip6_send, 845 .pru_shutdown = rip6_shutdown, 846 .pru_sockaddr = in6_getsockaddr, 847 .pru_close = rip6_close, 848 }; 849