struct ifaddr *
ifa_ifwithroute(int flags, struct sockaddr *dst, struct sockaddr *gateway,
u_int rtableid)
{
struct ifaddr *ifa;
#ifdef IPSEC
/*
* If the destination is a PF_KEY address, we'll look
* for the existence of a encap interface number or address
* in the options list of the gateway. By default, we'll return
* enc0.
*/
if (dst && (dst->sa_family == PF_KEY))
return (encap_findgwifa(gateway));
#endif
if ((flags & RTF_GATEWAY) == 0) {
/*
* If we are adding a route to an interface,
* and the interface is a pt to pt link
* we should search for the destination
* as our clue to the interface. Otherwise
* we can use the local address.
*/
ifa = NULL;
if (flags & RTF_HOST)
ifa = ifa_ifwithdstaddr(dst, rtableid);
if (ifa == NULL)
ifa = ifa_ifwithaddr(gateway, rtableid);
} else {
/*
* If we are adding a route to a remote net
* or host, the gateway may still be on the
* other end of a pt to pt link.
*/
ifa = ifa_ifwithdstaddr(gateway, rtableid);
}
if (ifa == NULL)
ifa = ifa_ifwithnet(gateway, rtableid);
if (ifa == NULL) {
struct rtentry *rt = rtalloc1(gateway, 0, rtable_l2(rtableid));
if (rt == NULL)
return (NULL);
rt->rt_refcnt--;
/* The gateway must be local if the same address family. */
if ((rt->rt_flags & RTF_GATEWAY) &&
rt_key(rt)->sa_family == dst->sa_family)
return (0);
if ((ifa = rt->rt_ifa) == NULL)
return (NULL);
}
if (ifa->ifa_addr->sa_family != dst->sa_family) {
struct ifaddr *oifa = ifa;
ifa = ifaof_ifpforaddr(dst, ifa->ifa_ifp);
if (ifa == NULL)
ifa = oifa;
}
return (ifa);
}
/*
* Do option processing on a datagram, possibly discarding it if bad options
* are encountered, or forwarding it if source-routed.
*
* The pass argument is used when operating in the IPSTEALTH mode to tell
* what options to process: [LS]SRR (pass 0) or the others (pass 1). The
* reason for as many as two passes is that when doing IPSTEALTH, non-routing
* options should be processed only if the packet is for us.
*
* Returns 1 if packet has been forwarded/freed, 0 if the packet should be
* processed further.
*/
int
ip_dooptions(struct mbuf *m, int pass)
{
struct ip *ip = mtod(m, struct ip *);
u_char *cp;
struct in_ifaddr *ia;
int opt, optlen, cnt, off, code, type = ICMP_PARAMPROB, forward = 0;
struct in_addr *sin, dst;
uint32_t ntime;
struct sockaddr_in ipaddr = { sizeof(ipaddr), AF_INET };
/* Ignore or reject packets with IP options. */
if (ip_doopts == 0)
return 0;
else if (ip_doopts == 2) {
type = ICMP_UNREACH;
code = ICMP_UNREACH_FILTER_PROHIB;
goto bad;
}
dst = ip->ip_dst;
cp = (u_char *)(ip + 1);
cnt = (ip->ip_hl << 2) - sizeof (struct ip);
for (; cnt > 0; cnt -= optlen, cp += optlen) {
opt = cp[IPOPT_OPTVAL];
if (opt == IPOPT_EOL)
break;
if (opt == IPOPT_NOP)
optlen = 1;
else {
if (cnt < IPOPT_OLEN + sizeof(*cp)) {
code = &cp[IPOPT_OLEN] - (u_char *)ip;
goto bad;
}
optlen = cp[IPOPT_OLEN];
if (optlen < IPOPT_OLEN + sizeof(*cp) || optlen > cnt) {
code = &cp[IPOPT_OLEN] - (u_char *)ip;
goto bad;
}
}
switch (opt) {
default:
break;
/*
* Source routing with record. Find interface with current
* destination address. If none on this machine then drop if
* strictly routed, or do nothing if loosely routed. Record
* interface address and bring up next address component. If
* strictly routed make sure next address is on directly
* accessible net.
*/
case IPOPT_LSRR:
case IPOPT_SSRR:
#ifdef IPSTEALTH
if (V_ipstealth && pass > 0)
break;
#endif
if (optlen < IPOPT_OFFSET + sizeof(*cp)) {
code = &cp[IPOPT_OLEN] - (u_char *)ip;
goto bad;
}
if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
code = &cp[IPOPT_OFFSET] - (u_char *)ip;
goto bad;
}
ipaddr.sin_addr = ip->ip_dst;
if (ifa_ifwithaddr_check((struct sockaddr *)&ipaddr)
== 0) {
if (opt == IPOPT_SSRR) {
type = ICMP_UNREACH;
code = ICMP_UNREACH_SRCFAIL;
goto bad;
}
if (!ip_dosourceroute)
goto nosourcerouting;
/*
* Loose routing, and not at next destination
* yet; nothing to do except forward.
*/
break;
}
off--; /* 0 origin */
if (off > optlen - (int)sizeof(struct in_addr)) {
/*
* End of source route. Should be for us.
*/
if (!ip_acceptsourceroute)
goto nosourcerouting;
save_rte(m, cp, ip->ip_src);
break;
}
#ifdef IPSTEALTH
if (V_ipstealth)
goto dropit;
#endif
if (!ip_dosourceroute) {
if (V_ipforwarding) {
char buf[16]; /* aaa.bbb.ccc.ddd\0 */
/*
* Acting as a router, so generate
* ICMP
*/
nosourcerouting:
strcpy(buf, inet_ntoa(ip->ip_dst));
log(LOG_WARNING,
"attempted source route from %s to %s\n",
inet_ntoa(ip->ip_src), buf);
type = ICMP_UNREACH;
code = ICMP_UNREACH_SRCFAIL;
goto bad;
} else {
/*
* Not acting as a router, so
* silently drop.
*/
#ifdef IPSTEALTH
dropit:
#endif
IPSTAT_INC(ips_cantforward);
m_freem(m);
return (1);
}
}
/*
* locate outgoing interface
*/
(void)memcpy(&ipaddr.sin_addr, cp + off,
sizeof(ipaddr.sin_addr));
if (opt == IPOPT_SSRR) {
#define INA struct in_ifaddr *
#define SA struct sockaddr *
if ((ia = (INA)ifa_ifwithdstaddr((SA)&ipaddr)) == NULL)
ia = (INA)ifa_ifwithnet((SA)&ipaddr, 0);
} else
/* XXX MRT 0 for routing */
ia = ip_rtaddr(ipaddr.sin_addr, M_GETFIB(m));
if (ia == NULL) {
type = ICMP_UNREACH;
code = ICMP_UNREACH_SRCFAIL;
goto bad;
}
ip->ip_dst = ipaddr.sin_addr;
(void)memcpy(cp + off, &(IA_SIN(ia)->sin_addr),
sizeof(struct in_addr));
ifa_free(&ia->ia_ifa);
cp[IPOPT_OFFSET] += sizeof(struct in_addr);
/*
* Let ip_intr's mcast routing check handle mcast pkts
*/
forward = !IN_MULTICAST(ntohl(ip->ip_dst.s_addr));
break;
case IPOPT_RR:
#ifdef IPSTEALTH
if (V_ipstealth && pass == 0)
break;
#endif
if (optlen < IPOPT_OFFSET + sizeof(*cp)) {
code = &cp[IPOPT_OFFSET] - (u_char *)ip;
goto bad;
}
if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
code = &cp[IPOPT_OFFSET] - (u_char *)ip;
goto bad;
}
/*
* If no space remains, ignore.
*/
off--; /* 0 origin */
if (off > optlen - (int)sizeof(struct in_addr))
break;
(void)memcpy(&ipaddr.sin_addr, &ip->ip_dst,
sizeof(ipaddr.sin_addr));
/*
* Locate outgoing interface; if we're the
* destination, use the incoming interface (should be
* same).
*/
if ((ia = (INA)ifa_ifwithaddr((SA)&ipaddr)) == NULL &&
(ia = ip_rtaddr(ipaddr.sin_addr, M_GETFIB(m))) == NULL) {
type = ICMP_UNREACH;
code = ICMP_UNREACH_HOST;
goto bad;
}
(void)memcpy(cp + off, &(IA_SIN(ia)->sin_addr),
sizeof(struct in_addr));
ifa_free(&ia->ia_ifa);
cp[IPOPT_OFFSET] += sizeof(struct in_addr);
break;
case IPOPT_TS:
#ifdef IPSTEALTH
if (V_ipstealth && pass == 0)
break;
#endif
code = cp - (u_char *)ip;
if (optlen < 4 || optlen > 40) {
code = &cp[IPOPT_OLEN] - (u_char *)ip;
goto bad;
}
if ((off = cp[IPOPT_OFFSET]) < 5) {
code = &cp[IPOPT_OLEN] - (u_char *)ip;
goto bad;
}
if (off > optlen - (int)sizeof(int32_t)) {
cp[IPOPT_OFFSET + 1] += (1 << 4);
if ((cp[IPOPT_OFFSET + 1] & 0xf0) == 0) {
code = &cp[IPOPT_OFFSET] - (u_char *)ip;
goto bad;
}
break;
}
off--; /* 0 origin */
sin = (struct in_addr *)(cp + off);
switch (cp[IPOPT_OFFSET + 1] & 0x0f) {
case IPOPT_TS_TSONLY:
break;
case IPOPT_TS_TSANDADDR:
if (off + sizeof(uint32_t) +
sizeof(struct in_addr) > optlen) {
code = &cp[IPOPT_OFFSET] - (u_char *)ip;
goto bad;
}
ipaddr.sin_addr = dst;
ia = (INA)ifaof_ifpforaddr((SA)&ipaddr,
m->m_pkthdr.rcvif);
if (ia == NULL)
continue;
(void)memcpy(sin, &IA_SIN(ia)->sin_addr,
sizeof(struct in_addr));
ifa_free(&ia->ia_ifa);
cp[IPOPT_OFFSET] += sizeof(struct in_addr);
off += sizeof(struct in_addr);
break;
case IPOPT_TS_PRESPEC:
if (off + sizeof(uint32_t) +
sizeof(struct in_addr) > optlen) {
code = &cp[IPOPT_OFFSET] - (u_char *)ip;
goto bad;
}
(void)memcpy(&ipaddr.sin_addr, sin,
sizeof(struct in_addr));
if (ifa_ifwithaddr_check((SA)&ipaddr) == 0)
continue;
cp[IPOPT_OFFSET] += sizeof(struct in_addr);
off += sizeof(struct in_addr);
break;
default:
code = &cp[IPOPT_OFFSET + 1] - (u_char *)ip;
goto bad;
}
ntime = iptime();
(void)memcpy(cp + off, &ntime, sizeof(uint32_t));
cp[IPOPT_OFFSET] += sizeof(uint32_t);
}
}
if (forward && V_ipforwarding) {
ip_forward(m, 1);
return (1);
}
return (0);
bad:
icmp_error(m, type, code, 0, 0);
IPSTAT_INC(ips_badoptions);
return (1);
}
int
in_pcbladdr(struct inpcb *inp, struct mbuf *nam, struct sockaddr_in **plocal_sin)
{
struct in_ifaddr *ia;
register struct sockaddr_in *sin = mtod(nam, struct sockaddr_in *);
if (nam->m_len != sizeof (*sin))
return (EINVAL);
if (sin->sin_family != AF_INET)
return (EAFNOSUPPORT);
if (sin->sin_port == 0)
return (EADDRNOTAVAIL);
if (in_ifaddr) {
/*
* If the destination address is INADDR_ANY,
* use the primary local address.
* If the supplied address is INADDR_BROADCAST,
* and the primary interface supports broadcast,
* choose the broadcast address for that interface.
*/
#define satosin(sa) ((struct sockaddr_in *)(sa))
#define sintosa(sin) ((struct sockaddr *)(sin))
#define ifatoia(ifa) ((struct in_ifaddr *)(ifa))
if (sin->sin_addr.s_addr == INADDR_ANY)
sin->sin_addr = IA_SIN(in_ifaddr)->sin_addr;
else if (sin->sin_addr.s_addr == (u_long)INADDR_BROADCAST &&
(in_ifaddr->ia_ifp->if_flags & IFF_BROADCAST))
sin->sin_addr = satosin(&in_ifaddr->ia_broadaddr)->sin_addr;
}
if (inp->inp_laddr.s_addr == INADDR_ANY) {
register struct route *ro;
ia = (struct in_ifaddr *)0;
/*
* If route is known or can be allocated now,
* our src addr is taken from the i/f, else punt.
*/
ro = &inp->inp_route;
if (ro->ro_rt &&
(satosin(&ro->ro_dst)->sin_addr.s_addr !=
sin->sin_addr.s_addr ||
inp->inp_socket->so_options & SO_DONTROUTE)) {
RTFREE(ro->ro_rt);
ro->ro_rt = (struct rtentry *)0;
}
if ((inp->inp_socket->so_options & SO_DONTROUTE) == 0 && /*XXX*/
(ro->ro_rt == (struct rtentry *)0 ||
ro->ro_rt->rt_ifp == (struct ifnet *)0)) {
/* No route yet, so try to acquire one */
ro->ro_dst.sa_family = AF_INET;
ro->ro_dst.sa_len = sizeof(struct sockaddr_in);
((struct sockaddr_in *) &ro->ro_dst)->sin_addr =
sin->sin_addr;
rtalloc(ro);
}
/*
* If we found a route, use the address
* corresponding to the outgoing interface
* unless it is the loopback (in case a route
* to our address on another net goes to loopback).
*/
if (ro->ro_rt && !(ro->ro_rt->rt_ifp->if_flags & IFF_LOOPBACK))
ia = ifatoia(ro->ro_rt->rt_ifa);
if (ia == 0) {
u_short fport = sin->sin_port;
sin->sin_port = 0;
ia = ifatoia(ifa_ifwithdstaddr(sintosa(sin)));
if (ia == 0)
ia = ifatoia(ifa_ifwithnet(sintosa(sin)));
sin->sin_port = fport;
if (ia == 0)
ia = in_ifaddr;
if (ia == 0)
return (EADDRNOTAVAIL);
}
/*
* If the destination address is multicast and an outgoing
* interface has been set as a multicast option, use the
* address of that interface as our source address.
*/
if (IN_MULTICAST(ntohl(sin->sin_addr.s_addr)) &&
inp->inp_moptions != NULL) {
struct ip_moptions *imo;
struct ifnet *ifp;
imo = inp->inp_moptions;
if (imo->imo_multicast_ifp != NULL) {
ifp = imo->imo_multicast_ifp;
for (ia = in_ifaddr; ia; ia = ia->ia_next)
if (ia->ia_ifp == ifp)
break;
if (ia == 0)
return (EADDRNOTAVAIL);
}
}
/*
* Don't do pcblookup call here; return interface in plocal_sin
* and exit to caller, that will do the lookup.
*/
*plocal_sin = &ia->ia_addr;
}
return(0);
}
/*
* Connect from a socket to a specified address.
* Both address and port must be specified in argument slpx.
* If don't have a local address for this socket yet,
* then pick one.
*/
int Lpx_PCB_connect( struct lpxpcb *lpxp,
struct sockaddr *nam,
struct proc *td )
{
struct lpx_ifaddr *ia = NULL;
register struct sockaddr_lpx *slpx = (struct sockaddr_lpx *)nam;
register struct lpx_addr *dst;
register struct route *ro;
struct ifnet *ifp;
struct lpx_addr laddr;
DEBUG_CALL(4, ("Lpx_PCB_connect\n"));
if (nam == NULL) {
return(EINVAL);
}
DEBUG_CALL(2, ("slpx->sipx_addr.x_net = %x\n", slpx->sipx_addr.x_net));
if (slpx->slpx_family != AF_LPX)
return (EAFNOSUPPORT);
if (slpx->slpx_port == 0 || lpx_nullhost(slpx->sipx_addr))
return (EADDRNOTAVAIL);
/*
* If we haven't bound which network number to use as ours,
* we will use the number of the outgoing interface.
* This depends on having done a routing lookup, which
* we will probably have to do anyway, so we might
* as well do it now. On the other hand if we are
* sending to multiple destinations we may have already
* done the lookup, so see if we can use the route
* from before. In any case, we only
* chose a port number once, even if sending to multiple
* destinations.
*/
ro = &lpxp->lpxp_route;
dst = &satolpx_addr(ro->ro_dst);
if (lpxp->lpxp_socket->so_options & SO_DONTROUTE)
goto flush;
if (!lpx_neteq(lpxp->lpxp_lastdst, slpx->sipx_addr))
goto flush;
if (!lpx_hosteq(lpxp->lpxp_lastdst, slpx->sipx_addr)) {
if (ro->ro_rt != NULL && !(ro->ro_rt->rt_flags & RTF_HOST)) {
/* can patch route to avoid rtalloc */
*dst = slpx->sipx_addr;
} else {
flush:
if (ro->ro_rt != NULL)
RTFREE(ro->ro_rt);
ro->ro_rt = NULL;
}
}/* else cached route is ok; do nothing */
lpxp->lpxp_lastdst = slpx->sipx_addr;
if ((lpxp->lpxp_socket->so_options & SO_DONTROUTE) == 0 && /*XXX*/
(ro->ro_rt == NULL || ro->ro_rt->rt_ifp == NULL)) {
/* No route yet, so try to acquire one */
ro->ro_dst.sa_family = AF_LPX;
ro->ro_dst.sa_len = sizeof(ro->ro_dst);
*dst = slpx->sipx_addr;
dst->x_port = 0;
rtalloc(ro);
DEBUG_CALL(4, ("Lpx_PCB_connect RO 1\n"));
}
if (lpx_neteqnn(lpxp->lpxp_laddr.x_net, lpx_zeronet)) {
DEBUG_CALL(4, ("Lpx_PCB_connect RO 2\n"));
/*
* If route is known or can be allocated now,
* our src addr is taken from the i/f, else punt.
*/
/*
* If we found a route, use the address
* corresponding to the outgoing interface
*/
ia = NULL;
if (ro->ro_rt != NULL && (ifp = ro->ro_rt->rt_ifp) != NULL)
for (ia = lpx_ifaddr; ia != NULL; ia = ia->ia_next)
if (ia->ia_ifp == ifp)
break;
if (ia == NULL) {
// u_short fport = slpx->sipx_addr.x_port;
//slpx->sipx_addr.x_port = 0;
ia = (struct lpx_ifaddr *)
ifa_ifwithaddr((struct sockaddr *)&lpxp->lpxp_laddr);
//slpx->sipx_addr.x_port = fport;
// BUG BUG BUG!!!
if (ia == NULL)
ia = Lpx_CTL_iaonnetof(&slpx->sipx_addr);
if (ia == NULL)
ia = lpx_ifaddr;
if (ia == NULL)
return (EADDRNOTAVAIL);
}
lpxp->lpxp_laddr.x_net = satolpx_addr(ia->ia_addr).x_net;
}
if (lpx_nullhost(lpxp->lpxp_laddr)) {
DEBUG_CALL(4, ("Lpx_PCB_connect RO 3\n"));
/*
* If route is known or can be allocated now,
* our src addr is taken from the i/f, else punt.
*/
/*
* If we found a route, use the address
* corresponding to the outgoing interface
*/
ia = NULL;
if (ro->ro_rt != NULL && (ifp = ro->ro_rt->rt_ifp) != NULL)
for (ia = lpx_ifaddr; ia != NULL; ia = ia->ia_next)
if (ia->ia_ifp == ifp)
break;
if (ia == NULL) {
u_short fport = slpx->sipx_addr.x_port;
slpx->sipx_addr.x_port = 0;
ia = (struct lpx_ifaddr *)
ifa_ifwithdstaddr((struct sockaddr *)slpx);
slpx->sipx_addr.x_port = fport;
// BUG BUG BUG!!!
if (ia == NULL)
ia = Lpx_CTL_iaonnetof(&slpx->sipx_addr);
if (ia == NULL)
ia = lpx_ifaddr;
if (ia == NULL)
return (EADDRNOTAVAIL);
}
lpxp->lpxp_laddr.x_host = satolpx_addr(ia->ia_addr).x_host;
}
DEBUG_CALL(4, ("Lpx_PCB_connect: 4.\n"));
laddr.x_port = lpxp->lpxp_lport;
if (Lpx_PCB_lookup(&slpx->sipx_addr, &laddr, 0))
return (EADDRINUSE);
if (lpxp->lpxp_lport == 0)
Lpx_PCB_bind(lpxp, (struct sockaddr *)NULL, td);
/* XXX just leave it zero if we can't find a route */
lpxp->lpxp_faddr = slpx->sipx_addr;
/* Includes lpxp->lpxp_fport = slpx->slpx_port; */
return (0);
}