int
in6_pcbladdr(
struct inpcb *inp,
struct sockaddr *nam,
struct in6_addr *plocal_addr6)
{
struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam;
struct in6_addr *addr6 = NULL;
struct in6_addr src_storage;
struct ifnet *ifp = NULL;
int error = 0;
if (nam->sa_len != sizeof (*sin6))
return (EINVAL);
if (sin6->sin6_family != AF_INET6)
return (EAFNOSUPPORT);
if (sin6->sin6_port == 0)
return (EADDRNOTAVAIL);
/* KAME hack: embed scopeid */
if (in6_embedscope(&sin6->sin6_addr, sin6, inp, &ifp) != 0)
return EINVAL;
if (in6_ifaddrs) {
/*
* If the destination address is UNSPECIFIED addr,
* use the loopback addr, e.g ::1.
*/
if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr))
sin6->sin6_addr = in6addr_loopback;
}
{
/*
* XXX: in6_selectsrc might replace the bound local address
* with the address specified by setsockopt(IPV6_PKTINFO).
* Is it the intended behavior?
*/
addr6 = in6_selectsrc(sin6, inp->in6p_outputopts,
inp->in6p_moptions,
&inp->in6p_route,
&inp->in6p_laddr, &src_storage, &error);
if (addr6 == 0) {
if (error == 0)
error = EADDRNOTAVAIL;
return(error);
}
*plocal_addr6 = *addr6;
/*
* Don't do pcblookup call here; return interface in
* plocal_addr6
* and exit to caller, that will do the lookup.
*/
}
if (inp->in6p_route.ro_rt)
ifp = inp->in6p_route.ro_rt->rt_ifp;
return(0);
}
int
udp6_output(struct in6pcb *in6p, struct mbuf *m, struct sockaddr *addr6,
struct mbuf *control, struct thread *td)
{
u_int32_t ulen = m->m_pkthdr.len;
u_int32_t plen = sizeof(struct udphdr) + ulen;
struct ip6_hdr *ip6;
struct udphdr *udp6;
struct in6_addr *laddr, *faddr;
u_short fport;
int error = 0;
struct ip6_pktopts opt, *stickyopt = in6p->in6p_outputopts;
int priv;
int af = AF_INET6, hlen = sizeof(struct ip6_hdr);
int flags;
struct sockaddr_in6 tmp;
priv = !priv_check(td, PRIV_ROOT); /* 1 if privileged, 0 if not */
if (control) {
if ((error = ip6_setpktoptions(control, &opt,
in6p->in6p_outputopts,
IPPROTO_UDP, priv)) != 0)
goto release;
in6p->in6p_outputopts = &opt;
}
if (addr6) {
/*
* IPv4 version of udp_output calls in_pcbconnect in this case,
* which needs splnet and affects performance.
* Since we saw no essential reason for calling in_pcbconnect,
* we get rid of such kind of logic, and call in6_selectsrc
* and in6_pcbsetport in order to fill in the local address
* and the local port.
*/
struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)addr6;
if (sin6->sin6_port == 0) {
error = EADDRNOTAVAIL;
goto release;
}
if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) {
/* how about ::ffff:0.0.0.0 case? */
error = EISCONN;
goto release;
}
if (!prison_remote_ip(td, addr6)) {
error = EAFNOSUPPORT; /* IPv4 only jail */
goto release;
}
/* protect *sin6 from overwrites */
tmp = *sin6;
sin6 = &tmp;
faddr = &sin6->sin6_addr;
fport = sin6->sin6_port; /* allow 0 port */
if (IN6_IS_ADDR_V4MAPPED(faddr)) {
if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY)) {
/*
* I believe we should explicitly discard the
* packet when mapped addresses are disabled,
* rather than send the packet as an IPv6 one.
* If we chose the latter approach, the packet
* might be sent out on the wire based on the
* default route, the situation which we'd
* probably want to avoid.
* (20010421 [email protected])
*/
error = EINVAL;
goto release;
} else
af = AF_INET;
}
/* KAME hack: embed scopeid */
if (in6_embedscope(&sin6->sin6_addr, sin6, in6p, NULL) != 0) {
error = EINVAL;
goto release;
}
if (!IN6_IS_ADDR_V4MAPPED(faddr)) {
laddr = in6_selectsrc(sin6, in6p->in6p_outputopts,
in6p->in6p_moptions,
&in6p->in6p_route,
&in6p->in6p_laddr, &error, NULL);
} else
laddr = &in6p->in6p_laddr; /* XXX */
if (laddr == NULL) {
if (error == 0)
error = EADDRNOTAVAIL;
goto release;
}
if (in6p->in6p_lport == 0 &&
(error = in6_pcbsetport(laddr, in6p, td)) != 0)
goto release;
} else {
if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) {
error = ENOTCONN;
goto release;
}
if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr)) {
if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY)) {
/*
* XXX: this case would happen when the
* application sets the V6ONLY flag after
* connecting the foreign address.
* Such applications should be fixed,
* so we bark here.
*/
log(LOG_INFO, "udp6_output: IPV6_V6ONLY "
"option was set for a connected socket\n");
error = EINVAL;
goto release;
} else
af = AF_INET;
}
laddr = &in6p->in6p_laddr;
faddr = &in6p->in6p_faddr;
fport = in6p->in6p_fport;
}
if (af == AF_INET)
hlen = sizeof(struct ip);
/*
* Calculate data length and get a mbuf
* for UDP and IP6 headers.
*/
M_PREPEND(m, hlen + sizeof(struct udphdr), MB_DONTWAIT);
if (m == NULL) {
error = ENOBUFS;
goto release;
}
/*
* Stuff checksum and output datagram.
*/
udp6 = (struct udphdr *)(mtod(m, caddr_t) + hlen);
udp6->uh_sport = in6p->in6p_lport; /* lport is always set in the PCB */
udp6->uh_dport = fport;
if (plen <= 0xffff)
udp6->uh_ulen = htons((u_short)plen);
else
udp6->uh_ulen = 0;
udp6->uh_sum = 0;
switch (af) {
case AF_INET6:
ip6 = mtod(m, struct ip6_hdr *);
ip6->ip6_flow = in6p->in6p_flowinfo & IPV6_FLOWINFO_MASK;
ip6->ip6_vfc &= ~IPV6_VERSION_MASK;
ip6->ip6_vfc |= IPV6_VERSION;
#if 0 /* ip6_plen will be filled in ip6_output. */
ip6->ip6_plen = htons((u_short)plen);
#endif
ip6->ip6_nxt = IPPROTO_UDP;
ip6->ip6_hlim = in6_selecthlim(in6p,
in6p->in6p_route.ro_rt ?
in6p->in6p_route.ro_rt->rt_ifp : NULL);
ip6->ip6_src = *laddr;
ip6->ip6_dst = *faddr;
if ((udp6->uh_sum = in6_cksum(m, IPPROTO_UDP,
sizeof(struct ip6_hdr), plen)) == 0) {
udp6->uh_sum = 0xffff;
}
flags = 0;
udp6stat.udp6s_opackets++;
error = ip6_output(m, in6p->in6p_outputopts, &in6p->in6p_route,
flags, in6p->in6p_moptions, NULL, in6p);
break;
case AF_INET:
error = EAFNOSUPPORT;
goto release;
}
goto releaseopt;
release:
m_freem(m);
releaseopt:
if (control) {
ip6_clearpktopts(in6p->in6p_outputopts, -1);
in6p->in6p_outputopts = stickyopt;
m_freem(control);
}
return (error);
}
/*
* Import flow information to two struct sockaddr_encap's. Either
* all or none of the address arguments are NULL.
*/
void
import_flow(struct sockaddr_encap *flow, struct sockaddr_encap *flowmask,
struct sadb_address *ssrc, struct sadb_address *ssrcmask,
struct sadb_address *ddst, struct sadb_address *ddstmask,
struct sadb_protocol *sab, struct sadb_protocol *ftype)
{
u_int8_t transproto = 0;
union sockaddr_union *src = (union sockaddr_union *)(ssrc + 1);
union sockaddr_union *dst = (union sockaddr_union *)(ddst + 1);
union sockaddr_union *srcmask = (union sockaddr_union *)(ssrcmask + 1);
union sockaddr_union *dstmask = (union sockaddr_union *)(ddstmask + 1);
if (ssrc == NULL)
return; /* There wasn't any information to begin with. */
bzero(flow, sizeof(*flow));
bzero(flowmask, sizeof(*flowmask));
if (sab != NULL)
transproto = sab->sadb_protocol_proto;
/*
* Check that all the address families match. We know they are
* valid and supported because pfkeyv2_parsemessage() checked that.
*/
if ((src->sa.sa_family != dst->sa.sa_family) ||
(src->sa.sa_family != srcmask->sa.sa_family) ||
(src->sa.sa_family != dstmask->sa.sa_family))
return;
/*
* We set these as an indication that tdb_filter/tdb_filtermask are
* in fact initialized.
*/
flow->sen_family = flowmask->sen_family = PF_KEY;
flow->sen_len = flowmask->sen_len = SENT_LEN;
switch (src->sa.sa_family)
{
#ifdef INET
case AF_INET:
/* netmask handling */
rt_maskedcopy(&src->sa, &src->sa, &srcmask->sa);
rt_maskedcopy(&dst->sa, &dst->sa, &dstmask->sa);
flow->sen_type = SENT_IP4;
flow->sen_direction = ftype->sadb_protocol_direction;
flow->sen_ip_src = src->sin.sin_addr;
flow->sen_ip_dst = dst->sin.sin_addr;
flow->sen_proto = transproto;
flow->sen_sport = src->sin.sin_port;
flow->sen_dport = dst->sin.sin_port;
flowmask->sen_type = SENT_IP4;
flowmask->sen_direction = 0xff;
flowmask->sen_ip_src = srcmask->sin.sin_addr;
flowmask->sen_ip_dst = dstmask->sin.sin_addr;
flowmask->sen_sport = srcmask->sin.sin_port;
flowmask->sen_dport = dstmask->sin.sin_port;
if (transproto)
flowmask->sen_proto = 0xff;
break;
#endif /* INET */
#ifdef INET6
case AF_INET6:
in6_embedscope(&src->sin6.sin6_addr, &src->sin6,
NULL, NULL);
in6_embedscope(&dst->sin6.sin6_addr, &dst->sin6,
NULL, NULL);
/* netmask handling */
rt_maskedcopy(&src->sa, &src->sa, &srcmask->sa);
rt_maskedcopy(&dst->sa, &dst->sa, &dstmask->sa);
flow->sen_type = SENT_IP6;
flow->sen_ip6_direction = ftype->sadb_protocol_direction;
flow->sen_ip6_src = src->sin6.sin6_addr;
flow->sen_ip6_dst = dst->sin6.sin6_addr;
flow->sen_ip6_proto = transproto;
flow->sen_ip6_sport = src->sin6.sin6_port;
flow->sen_ip6_dport = dst->sin6.sin6_port;
flowmask->sen_type = SENT_IP6;
flowmask->sen_ip6_direction = 0xff;
flowmask->sen_ip6_src = srcmask->sin6.sin6_addr;
flowmask->sen_ip6_dst = dstmask->sin6.sin6_addr;
flowmask->sen_ip6_sport = srcmask->sin6.sin6_port;
flowmask->sen_ip6_dport = dstmask->sin6.sin6_port;
if (transproto)
flowmask->sen_ip6_proto = 0xff;
break;
#endif /* INET6 */
}
}
int
in6_pcbbind(
struct inpcb *inp,
struct sockaddr *nam,
struct proc *p)
{
struct socket *so = inp->inp_socket;
struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)NULL;
struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
u_short lport = 0;
int wild = 0, reuseport = (so->so_options & SO_REUSEPORT);
if (!in6_ifaddrs) /* XXX broken! */
return (EADDRNOTAVAIL);
if (inp->inp_lport || !IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr))
return(EINVAL);
if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0)
wild = 1;
socket_unlock(so, 0); /* keep reference */
lck_rw_lock_exclusive(pcbinfo->mtx);
if (nam) {
sin6 = (struct sockaddr_in6 *)nam;
if (nam->sa_len != sizeof(*sin6)) {
lck_rw_done(pcbinfo->mtx);
socket_lock(so, 0);
return(EINVAL);
}
/*
* family check.
*/
if (nam->sa_family != AF_INET6) {
lck_rw_done(pcbinfo->mtx);
socket_lock(so, 0);
return(EAFNOSUPPORT);
}
/* KAME hack: embed scopeid */
if (in6_embedscope(&sin6->sin6_addr, sin6, inp, NULL) != 0) {
lck_rw_done(pcbinfo->mtx);
socket_lock(so, 0);
return EINVAL;
}
/* this must be cleared for ifa_ifwithaddr() */
sin6->sin6_scope_id = 0;
lport = sin6->sin6_port;
if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) {
/*
* Treat SO_REUSEADDR as SO_REUSEPORT for multicast;
* allow compepte duplication of binding if
* SO_REUSEPORT is set, or if SO_REUSEADDR is set
* and a multicast address is bound on both
* new and duplicated sockets.
*/
if (so->so_options & SO_REUSEADDR)
reuseport = SO_REUSEADDR|SO_REUSEPORT;
} else if (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) {
struct ifaddr *ia = NULL;
sin6->sin6_port = 0; /* yech... */
if ((ia = ifa_ifwithaddr((struct sockaddr *)sin6)) == 0) {
lck_rw_done(pcbinfo->mtx);
socket_lock(so, 0);
return(EADDRNOTAVAIL);
}
/*
* XXX: bind to an anycast address might accidentally
* cause sending a packet with anycast source address.
* We should allow to bind to a deprecated address, since
* the application dare to use it.
*/
if (ia &&
((struct in6_ifaddr *)ia)->ia6_flags &
(IN6_IFF_ANYCAST|IN6_IFF_NOTREADY|IN6_IFF_DETACHED)) {
ifafree(ia);
lck_rw_done(pcbinfo->mtx);
socket_lock(so, 0);
return(EADDRNOTAVAIL);
}
ifafree(ia);
ia = NULL;
}
if (lport) {
struct inpcb *t;
/* GROSS */
if (ntohs(lport) < IPV6PORT_RESERVED && p &&
((so->so_state & SS_PRIV) == 0)) {
lck_rw_done(pcbinfo->mtx);
socket_lock(so, 0);
return(EACCES);
}
if (so->so_uid &&
!IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) {
t = in6_pcblookup_local_and_cleanup(pcbinfo,
&sin6->sin6_addr, lport,
INPLOOKUP_WILDCARD);
if (t &&
(!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr) ||
!IN6_IS_ADDR_UNSPECIFIED(&t->in6p_laddr) ||
(t->inp_socket->so_options &
SO_REUSEPORT) == 0) &&
(so->so_uid != t->inp_socket->so_uid) &&
((t->inp_socket->so_flags & SOF_REUSESHAREUID) == 0)) {
lck_rw_done(pcbinfo->mtx);
socket_lock(so, 0);
return (EADDRINUSE);
}
if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0 &&
IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) {
struct sockaddr_in sin;
in6_sin6_2_sin(&sin, sin6);
t = in_pcblookup_local_and_cleanup(pcbinfo,
sin.sin_addr, lport,
INPLOOKUP_WILDCARD);
if (t && (t->inp_socket->so_options & SO_REUSEPORT) == 0 &&
(so->so_uid !=
t->inp_socket->so_uid) &&
(ntohl(t->inp_laddr.s_addr) !=
INADDR_ANY ||
INP_SOCKAF(so) ==
INP_SOCKAF(t->inp_socket))) {
lck_rw_done(pcbinfo->mtx);
socket_lock(so, 0);
return (EADDRINUSE);
}
}
}
t = in6_pcblookup_local_and_cleanup(pcbinfo, &sin6->sin6_addr,
lport, wild);
if (t && (reuseport & t->inp_socket->so_options) == 0) {
lck_rw_done(pcbinfo->mtx);
socket_lock(so, 0);
return(EADDRINUSE);
}
if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0 &&
IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) {
struct sockaddr_in sin;
in6_sin6_2_sin(&sin, sin6);
t = in_pcblookup_local_and_cleanup(pcbinfo, sin.sin_addr,
lport, wild);
if (t &&
(reuseport & t->inp_socket->so_options)
== 0 &&
(ntohl(t->inp_laddr.s_addr)
!= INADDR_ANY ||
INP_SOCKAF(so) ==
INP_SOCKAF(t->inp_socket))) {
lck_rw_done(pcbinfo->mtx);
socket_lock(so, 0);
return (EADDRINUSE);
}
}
}
inp->in6p_laddr = sin6->sin6_addr;
}
socket_lock(so, 0);
if (lport == 0) {
int e;
if ((e = in6_pcbsetport(&inp->in6p_laddr, inp, p, 1)) != 0) {
lck_rw_done(pcbinfo->mtx);
return(e);
}
}
else {
inp->inp_lport = lport;
if (in_pcbinshash(inp, 1) != 0) {
inp->in6p_laddr = in6addr_any;
inp->inp_lport = 0;
lck_rw_done(pcbinfo->mtx);
return (EAGAIN);
}
}
lck_rw_done(pcbinfo->mtx);
sflt_notify(so, sock_evt_bound, NULL);
return(0);
}
struct in6_addr *
in6_selectsrc(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts,
struct ip6_moptions *mopts, struct route *ro,
struct ifnet **ifpp, struct in6_addr *laddr,
int *errorp)
{
struct in6_addr *dst;
struct ifnet *ifp = NULL;
struct in6_ifaddr *ia = NULL, *ia_best = NULL;
struct in6_pktinfo *pi = NULL;
int dst_scope = -1, best_scope = -1, best_matchlen = -1;
struct in6_addrpolicy *dst_policy = NULL, *best_policy = NULL;
#ifdef MIP6
struct hif_softc *sc;
#ifdef MIP6_ALLOW_COA_FALLBACK
struct mip6_bu *mbu_dst;
u_int8_t coafallback = 0;
#endif
#endif
dst = &dstsock->sin6_addr;
*errorp = 0;
if (ifpp)
*ifpp = NULL;
/*
* If the source address is explicitly specified by the caller,
* check if the requested source address is indeed a unicast address
* assigned to the node, and can be used as the packet's source
* address. If everything is okay, use the address as source.
*/
if (opts && (pi = opts->ip6po_pktinfo) &&
!IN6_IS_ADDR_UNSPECIFIED(&pi->ipi6_addr)) {
struct sockaddr_in6 srcsock;
struct in6_ifaddr *ia6;
/* get the outgoing interface */
if ((*errorp = in6_selectif(dstsock, opts, mopts, ro, &ifp))
!= 0) {
return(NULL);
}
/*
* determine the appropriate zone id of the source based on
* the zone of the destination and the outgoing interface.
*/
bzero(&srcsock, sizeof(srcsock));
srcsock.sin6_family = AF_INET6;
srcsock.sin6_len = sizeof(srcsock);
srcsock.sin6_addr = pi->ipi6_addr;
if (ifp) {
int64_t zone;
zone = in6_addr2zoneid(ifp, &pi->ipi6_addr);
if (zone < 0) { /* XXX: this should not happen */
*errorp = EINVAL;
return(NULL);
}
srcsock.sin6_scope_id = zone;
}
if ((*errorp = in6_embedscope(&srcsock.sin6_addr, &srcsock))
!= 0) {
return(NULL);
}
#ifndef SCOPEDROUTING
srcsock.sin6_scope_id = 0; /* XXX: ifa_ifwithaddr expects 0 */
#endif
ia6 = (struct in6_ifaddr *)ifa_ifwithaddr((struct sockaddr *)(&srcsock));
if (ia6 == NULL ||
(ia6->ia6_flags & (IN6_IFF_ANYCAST | IN6_IFF_NOTREADY))) {
*errorp = EADDRNOTAVAIL;
return(NULL);
}
pi->ipi6_addr = srcsock.sin6_addr; /* XXX: this overrides pi */
if (*ifpp)
*ifpp = ifp;
return(&pi->ipi6_addr);
}
/*
* Otherwise, if the socket has already bound the source, just use it.
*/
if (laddr && !IN6_IS_ADDR_UNSPECIFIED(laddr))
return(laddr);
/*
* If the address is not specified, choose the best one based on
* the outgoing interface and the destination address.
*/
/* get the outgoing interface */
if ((*errorp = in6_selectif(dstsock, opts, mopts, ro, &ifp)) != 0)
return(NULL);
#ifdef MIP6
#ifdef MIP6_ALLOW_COA_FALLBACK
for (sc = TAILQ_FIRST(&hif_softc_list);
sc;
sc = TAILQ_NEXT(sc, hif_entry)) {
mbu_dst = mip6_bu_list_find_withpaddr(&sc->hif_bu_list, dst);
if (mbu_dst != NULL)
coafallback = mbu_dst->mbu_coafallback;
}
#endif /* MIP6_ALLOW_COA_FALLBACK */
#endif /* MIP6 */
#ifdef DIAGNOSTIC
if (ifp == NULL) /* this should not happen */
panic("in6_selectsrc: NULL ifp");
#endif
for (ia = in6_ifaddr; ia; ia = ia->ia_next) {
int new_scope = -1, new_matchlen = -1;
struct in6_addrpolicy *new_policy = NULL;
int64_t srczone, dstzone;
struct ifnet *ifp1 = ia->ia_ifp;
/*
* We'll never take an address that breaks the scope zone
* of the destination. We also skip an address if its zone
* does not contain the outgoing interface.
* XXX: we should probably use sin6_scope_id here.
*/
if ((dstzone = in6_addr2zoneid(ifp1, dst)) < 0 ||
dstzone != in6_addr2zoneid(ifp, dst)) {
continue;
}
if ((srczone = in6_addr2zoneid(ifp1, &ia->ia_addr.sin6_addr))
< 0 ||
srczone != in6_addr2zoneid(ifp, &ia->ia_addr.sin6_addr)) {
continue;
}
/* avoid unusable addresses */
if ((ia->ia6_flags &
(IN6_IFF_NOTREADY | IN6_IFF_ANYCAST | IN6_IFF_DETACHED))) {
continue;
}
if (!ip6_use_deprecated && IFA6_IS_DEPRECATED(ia))
continue;
/* Rule 1: Prefer same address */
if (IN6_ARE_ADDR_EQUAL(dst, &ia->ia_addr.sin6_addr)) {
ia_best = ia;
BREAK(1); /* there should be no better candidate */
}
if (ia_best == NULL)
REPLACE(0);
/* Rule 2: Prefer appropriate scope */
if (dst_scope < 0)
dst_scope = in6_addrscope(dst);
new_scope = in6_addrscope(&ia->ia_addr.sin6_addr);
if (IN6_ARE_SCOPE_CMP(best_scope, new_scope) < 0) {
if (IN6_ARE_SCOPE_CMP(best_scope, dst_scope) < 0)
REPLACE(2);
NEXT(2);
} else if (IN6_ARE_SCOPE_CMP(new_scope, best_scope) < 0) {
if (IN6_ARE_SCOPE_CMP(new_scope, dst_scope) < 0)
NEXT(2);
REPLACE(2);
}
/*
* Rule 3: Avoid deprecated addresses. Note that the case of
* !ip6_use_deprecated is already rejected above.
*/
if (!IFA6_IS_DEPRECATED(ia_best) && IFA6_IS_DEPRECATED(ia))
NEXT(3);
if (IFA6_IS_DEPRECATED(ia_best) && !IFA6_IS_DEPRECATED(ia))
REPLACE(3);
/* Rule 4: Prefer home addresses */
/*
* XXX: This is a TODO. We should probably merge the MIP6
* case above.
*/
#ifdef MIP6
/*
* If SA is simultaneously a home address and care-of address
* and SB is not, then prefer SA. Similarly, if SB is
* simultaneously a home address and care-of address and SA is
* not, then prefer SB.
*/
{
struct mip6_bu *mbu_ia_best = NULL, *mbu_ia = NULL;
if (ia_best->ia6_flags & IN6_IFF_HOME) {
/*
* find a binding update entry for ia_best.
*/
for (sc = TAILQ_FIRST(&hif_softc_list);
sc;
sc = TAILQ_NEXT(sc, hif_entry)) {
mbu_ia_best = mip6_bu_list_find_home_registration(
&sc->hif_bu_list,
&ia->ia_addr.sin6_addr);
if (mbu_ia_best)
break;
}
}
if (ia->ia6_flags & IN6_IFF_HOME) {
/*
* find a binding update entry for ia.
*/
for (sc = TAILQ_FIRST(&hif_softc_list);
sc;
sc = TAILQ_NEXT(sc, hif_entry)) {
mbu_ia = mip6_bu_list_find_home_registration(
&sc->hif_bu_list,
&ia->ia_addr.sin6_addr);
if (mbu_ia)
break;
}
}
/*
* if the binding update entry for a certain address
* exists and its registration status is
* MIP6_BU_REG_STATE_NOTREG, the address is a home
* address and a care of addres simultaneously.
*/
if ((mbu_ia_best &&
(mbu_ia_best->mbu_reg_state
== MIP6_BU_REG_STATE_NOTREG))
&&
!(mbu_ia &&
(mbu_ia->mbu_reg_state
== MIP6_BU_REG_STATE_NOTREG))) {
NEXT(4);
}
if (!(mbu_ia_best &&
(mbu_ia_best->mbu_reg_state
== MIP6_BU_REG_STATE_NOTREG))
&&
(mbu_ia &&
(mbu_ia->mbu_reg_state
== MIP6_BU_REG_STATE_NOTREG))) {
REPLACE(4);
}
}
#ifdef MIP6_ALLOW_COA_FALLBACK
if (coafallback) {
/*
* if the peer doesn't recognize a home
* address destination option, we will use a
* CoA as a source address instead of a home
* address we have registered before. Though
* this behavior may arouse a mip6 beleiver's
* anger, is very useful in the current
* transition period that many hosts don't
* recognize a home address destination
* option...
*/
if ((ia_best->ia6_flags & IN6_IFF_HOME) == 0 &&
(ia->ia6_flags & IN6_IFF_HOME) != 0) {
/* XXX will break stat! */
NEXT(0);
}
if ((ia_best->ia6_flags & IN6_IFF_HOME) != 0 &&
(ia->ia6_flags & IN6_IFF_HOME) == 0) {
/* XXX will break stat! */
REPLACE(0);
}
} else
#endif
{
/*
* If SA is just a home address and SB is just
* a care-of address, then prefer
* SA. Similarly, if SB is just a home address
* and SA is just a care-of address, then
* prefer SB.
*/
if ((ia_best->ia6_flags & IN6_IFF_HOME) != 0 &&
(ia->ia6_flags & IN6_IFF_HOME) == 0) {
NEXT(4);
}
if ((ia_best->ia6_flags & IN6_IFF_HOME) == 0 &&
(ia->ia6_flags & IN6_IFF_HOME) != 0) {
REPLACE(4);
}
}
#endif /* MIP6 */
/* Rule 5: Prefer outgoing interface */
if (ia_best->ia_ifp == ifp && ia->ia_ifp != ifp)
NEXT(5);
if (ia_best->ia_ifp != ifp && ia->ia_ifp == ifp)
REPLACE(5);
/*
* Rule 6: Prefer matching label
* Note that best_policy should be non-NULL here.
*/
if (dst_policy == NULL)
dst_policy = lookup_addrsel_policy(dstsock);
if (dst_policy->label != ADDR_LABEL_NOTAPP) {
new_policy = lookup_addrsel_policy(&ia->ia_addr);
if (dst_policy->label == best_policy->label &&
dst_policy->label != new_policy->label)
NEXT(6);
if (dst_policy->label != best_policy->label &&
dst_policy->label == new_policy->label)
REPLACE(6);
}
/*
* Rule 7: Prefer public addresses.
* We allow users to reverse the logic by configuring
* a sysctl variable, so that privacy conscious users can
* always prefer temporary addresses.
*/
if (!(ia_best->ia6_flags & IN6_IFF_TEMPORARY) &&
(ia->ia6_flags & IN6_IFF_TEMPORARY)) {
if (ip6_prefer_tempaddr)
REPLACE(7);
else
NEXT(7);
}
if ((ia_best->ia6_flags & IN6_IFF_TEMPORARY) &&
!(ia->ia6_flags & IN6_IFF_TEMPORARY)) {
if (ip6_prefer_tempaddr)
NEXT(7);
else
REPLACE(7);
}
/*
* Rule 8: prefer addresses on alive interfaces.
* This is a KAME specific rule.
*/
if ((ia_best->ia_ifp->if_flags & IFF_UP) &&
!(ia->ia_ifp->if_flags & IFF_UP))
NEXT(8);
if (!(ia_best->ia_ifp->if_flags & IFF_UP) &&
(ia->ia_ifp->if_flags & IFF_UP))
REPLACE(8);
/*
* Rule 9: prefer addresses on "preferred" interfaces.
* This is a KAME specific rule.
*/
#define NDI_BEST (nd_ifinfo[ia_best->ia_ifp->if_index])
#define NDI_NEW (nd_ifinfo[ia->ia_ifp->if_index])
if ((NDI_BEST.flags & ND6_IFF_PREFER_SOURCE) &&
!(NDI_NEW.flags & ND6_IFF_PREFER_SOURCE))
NEXT(9);
if (!(NDI_BEST.flags & ND6_IFF_PREFER_SOURCE) &&
(NDI_NEW.flags & ND6_IFF_PREFER_SOURCE))
REPLACE(9);
#undef NDI_BEST
#undef NDI_NEW
/*
* Rule 14: Use longest matching prefix.
* Note: in the address selection draft, this rule is
* documented as "Rule 8". However, since it is also
* documented that this rule can be overridden, we assign
* a large number so that it is easy to assign smaller numbers
* to more preferred rules.
*/
new_matchlen = in6_matchlen(&ia->ia_addr.sin6_addr, dst);
if (best_matchlen < new_matchlen)
REPLACE(14);
if (new_matchlen < best_matchlen)
NEXT(14);
/* Rule 15 is reserved. */
/*
* Last resort: just keep the current candidate.
* Or, do we need more rules?
*/
continue;
replace:
ia_best = ia;
best_scope = (new_scope >= 0 ? new_scope :
in6_addrscope(&ia_best->ia_addr.sin6_addr));
best_policy = (new_policy ? new_policy :
lookup_addrsel_policy(&ia_best->ia_addr));
best_matchlen = (new_matchlen >= 0 ? new_matchlen :
in6_matchlen(&ia_best->ia_addr.sin6_addr,
dst));
next:
continue;
out:
break;
}
if ((ia = ia_best) == NULL) {
*errorp = EADDRNOTAVAIL;
return(NULL);
}
if (ifpp)
*ifpp = ifp;
return(&ia->ia_addr.sin6_addr);
}
/*
* Connect from a socket to a specified address.
* Both address and port must be specified in argument sin6.
* Eventually, flow labels will have to be dealt with here, as well.
*
* If don't have a local address for this socket yet,
* then pick one.
*
* I believe this has to be called at splnet().
*/
int
in6_pcbconnect(struct inpcb *inp, struct mbuf *nam)
{
struct in6_addr *in6a = NULL;
struct sockaddr_in6 *sin6 = mtod(nam, struct sockaddr_in6 *);
struct ifnet *ifp = NULL; /* outgoing interface */
int error = 0;
struct sockaddr_in6 tmp;
(void)&in6a; /* XXX fool gcc */
if (nam->m_len != sizeof(*sin6))
return (EINVAL);
if (sin6->sin6_family != AF_INET6)
return (EAFNOSUPPORT);
if (sin6->sin6_port == 0)
return (EADDRNOTAVAIL);
/* reject IPv4 mapped address, we have no support for it */
if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr))
return EADDRNOTAVAIL;
/* sanity check for mapped address case */
if (IN6_IS_ADDR_V4MAPPED(&inp->inp_laddr6))
return EINVAL;
/* protect *sin6 from overwrites */
tmp = *sin6;
sin6 = &tmp;
/* KAME hack: embed scopeid */
if (in6_embedscope(&sin6->sin6_addr, sin6, inp, &ifp) != 0)
return EINVAL;
/* this must be cleared for ifa_ifwithaddr() */
sin6->sin6_scope_id = 0;
/* Source address selection. */
/*
* XXX: in6_selectsrc might replace the bound local address
* with the address specified by setsockopt(IPV6_PKTINFO).
* Is it the intended behavior?
*/
in6a = in6_selectsrc(sin6, inp->inp_outputopts6,
inp->inp_moptions6, &inp->inp_route6, &inp->inp_laddr6,
&error);
if (in6a == 0) {
if (error == 0)
error = EADDRNOTAVAIL;
return (error);
}
if (inp->inp_route6.ro_rt)
ifp = inp->inp_route6.ro_rt->rt_ifp;
inp->inp_ipv6.ip6_hlim = (u_int8_t)in6_selecthlim(inp, ifp);
if (in_pcblookup(inp->inp_table, &sin6->sin6_addr, sin6->sin6_port,
IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6) ? in6a : &inp->inp_laddr6,
inp->inp_lport, INPLOOKUP_IPV6)) {
return (EADDRINUSE);
}
if (IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6)) {
if (inp->inp_lport == 0)
(void)in6_pcbbind(inp, NULL, curproc);
inp->inp_laddr6 = *in6a;
}
inp->inp_faddr6 = sin6->sin6_addr;
inp->inp_fport = sin6->sin6_port;
inp->inp_flowinfo &= ~IPV6_FLOWLABEL_MASK;
if (ip6_auto_flowlabel)
inp->inp_flowinfo |=
(htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK);
in_pcbrehash(inp);
return (0);
}
/*
* Bind an address (or at least a port) to an PF_INET6 socket.
*/
int
in6_pcbbind(struct inpcb *inp, struct mbuf *nam, struct proc *p)
{
struct socket *so = inp->inp_socket;
struct inpcbtable *head = inp->inp_table;
struct sockaddr_in6 *sin6;
u_short lport = 0;
int wild = INPLOOKUP_IPV6, reuseport = (so->so_options & SO_REUSEPORT);
int error;
/*
* REMINDER: Once up to speed, flow label processing should go here,
* too. (Same with in6_pcbconnect.)
*/
if (in6_ifaddr == 0)
return EADDRNOTAVAIL;
if (inp->inp_lport != 0 || !IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6))
return EINVAL; /* If already bound, EINVAL! */
if ((so->so_options & (SO_REUSEADDR | SO_REUSEPORT)) == 0 &&
((so->so_proto->pr_flags & PR_CONNREQUIRED) == 0 ||
(so->so_options & SO_ACCEPTCONN) == 0))
wild |= INPLOOKUP_WILDCARD;
/*
* If I did get a sockaddr passed in...
*/
if (nam) {
sin6 = mtod(nam, struct sockaddr_in6 *);
if (nam->m_len != sizeof (*sin6))
return EINVAL;
/*
* Unlike v4, I have no qualms about EAFNOSUPPORT if the
* wretched family is not filled in!
*/
if (sin6->sin6_family != AF_INET6)
return EAFNOSUPPORT;
/* KAME hack: embed scopeid */
if (in6_embedscope(&sin6->sin6_addr, sin6, inp, NULL) != 0)
return EINVAL;
/* this must be cleared for ifa_ifwithaddr() */
sin6->sin6_scope_id = 0;
lport = sin6->sin6_port;
/* reject IPv4 mapped address, we have no support for it */
if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr))
return EADDRNOTAVAIL;
if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) {
/*
* Treat SO_REUSEADDR as SO_REUSEPORT for multicast;
* allow complete duplication of binding if
* SO_REUSEPORT is set, or if SO_REUSEADDR is set
* and a multicast address is bound on both
* new and duplicated sockets.
*/
if (so->so_options & SO_REUSEADDR)
reuseport = SO_REUSEADDR | SO_REUSEPORT;
} else if (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) {
struct ifaddr *ia = NULL;
sin6->sin6_port = 0; /*
* Yechhhh, because of upcoming
* call to ifa_ifwithaddr(), which
* does bcmp's over the PORTS as
* well. (What about flow?)
*/
sin6->sin6_flowinfo = 0;
if (!(so->so_options & SO_BINDANY) &&
((ia = ifa_ifwithaddr((struct sockaddr *)sin6))
== NULL))
return EADDRNOTAVAIL;
/*
* bind to an anycast address might accidentally
* cause sending a packet with an anycast source
* address, so we forbid it.
*
* We should allow to bind to a deprecated address,
* since the application dare to use it.
* But, can we assume that they are careful enough
* to check if the address is deprecated or not?
* Maybe, as a safeguard, we should have a setsockopt
* flag to control the bind(2) behavior against
* deprecated addresses (default: forbid bind(2)).
*/
if (ia &&
((struct in6_ifaddr *)ia)->ia6_flags &
(IN6_IFF_ANYCAST|IN6_IFF_NOTREADY|IN6_IFF_DETACHED))
return (EADDRNOTAVAIL);
}
if (lport) {
struct inpcb *t;
/*
* Question: Do we wish to continue the Berkeley
* tradition of ports < IPPORT_RESERVED be only for
* root?
* Answer: For now yes, but IMHO, it should be REMOVED!
* OUCH: One other thing, is there no better way of
* finding a process for a socket instead of using
* curproc? (Marked with BSD's {in,}famous XXX ?
*/
if (ntohs(lport) < IPPORT_RESERVED &&
(error = suser(p, 0)))
return error;
t = in_pcblookup(head,
(struct in_addr *)&zeroin6_addr, 0,
(struct in_addr *)&sin6->sin6_addr, lport,
wild);
if (t && (reuseport & t->inp_socket->so_options) == 0)
return EADDRINUSE;
}
inp->inp_laddr6 = sin6->sin6_addr;
}
if (lport == 0) {
error = in6_pcbsetport(&inp->inp_laddr6, inp, p);
if (error != 0)
return error;
} else {
inp->inp_lport = lport;
in_pcbrehash(inp);
}
return 0;
}
int
in6_pcbladdr(struct inpcb *inp, struct sockaddr *nam,
struct in6_addr *plocal_addr6, unsigned int *poutif)
{
struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam;
struct in6_addr *addr6 = NULL;
struct in6_addr src_storage;
int error = 0;
unsigned int ifscope;
if (nam->sa_len != sizeof (*sin6))
return (EINVAL);
if (sin6->sin6_family != AF_INET6)
return (EAFNOSUPPORT);
if (sin6->sin6_port == 0)
return (EADDRNOTAVAIL);
/* KAME hack: embed scopeid */
if (in6_embedscope(&sin6->sin6_addr, sin6, inp, NULL, NULL) != 0)
return EINVAL;
if (in6_ifaddrs) {
/*
* If the destination address is UNSPECIFIED addr,
* use the loopback addr, e.g ::1.
*/
if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr))
sin6->sin6_addr = in6addr_loopback;
}
ifscope = (inp->inp_flags & INP_BOUND_IF) ?
inp->inp_boundif : IFSCOPE_NONE;
/*
* XXX: in6_selectsrc might replace the bound local address
* with the address specified by setsockopt(IPV6_PKTINFO).
* Is it the intended behavior?
*/
addr6 = in6_selectsrc(sin6, inp->in6p_outputopts, inp,
&inp->in6p_route, NULL, &src_storage, ifscope, &error);
if (addr6 == 0) {
if (error == 0)
error = EADDRNOTAVAIL;
return(error);
}
if (poutif != NULL) {
struct rtentry *rt;
if ((rt = inp->in6p_route.ro_rt) != NULL)
*poutif = rt->rt_ifp->if_index;
else
*poutif = 0;
}
*plocal_addr6 = *addr6;
/*
* Don't do pcblookup call here; return interface in
* plocal_addr6
* and exit to caller, that will do the lookup.
*/
return(0);
}
int
udp6_output(struct in6pcb *in6p, struct mbuf *m, struct sockaddr *addr6,
struct mbuf *control, struct thread *td)
{
u_int32_t ulen = m->m_pkthdr.len;
u_int32_t plen = sizeof(struct udphdr) + ulen;
struct ip6_hdr *ip6;
struct udphdr *udp6;
struct in6_addr *laddr, *faddr;
u_short fport;
int error = 0;
struct ip6_pktopts opt, *stickyopt = in6p->in6p_outputopts;
int priv;
int hlen = sizeof(struct ip6_hdr);
struct sockaddr_in6 tmp;
priv = !priv_check(td, PRIV_ROOT); /* 1 if privileged, 0 if not */
if (control) {
if ((error = ip6_setpktoptions(control, &opt,
in6p->in6p_outputopts,
IPPROTO_UDP, priv)) != 0)
goto release;
in6p->in6p_outputopts = &opt;
}
if (addr6) {
/*
* IPv4 version of udp_output calls in_pcbconnect in this case,
* which needs splnet and affects performance.
* Since we saw no essential reason for calling in_pcbconnect,
* we get rid of such kind of logic, and call in6_selectsrc
* and in6_pcbsetlport in order to fill in the local address
* and the local port.
*/
struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)addr6;
/* Caller should have rejected the v4-mapped address */
KASSERT(!IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr),
("v4-mapped address"));
if (sin6->sin6_port == 0) {
error = EADDRNOTAVAIL;
goto release;
}
if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) {
/* how about ::ffff:0.0.0.0 case? */
error = EISCONN;
goto release;
}
if (!prison_remote_ip(td, addr6)) {
error = EAFNOSUPPORT; /* IPv4 only jail */
goto release;
}
/* protect *sin6 from overwrites */
tmp = *sin6;
sin6 = &tmp;
faddr = &sin6->sin6_addr;
fport = sin6->sin6_port; /* allow 0 port */
/* KAME hack: embed scopeid */
if (in6_embedscope(&sin6->sin6_addr, sin6, in6p, NULL) != 0) {
error = EINVAL;
goto release;
}
laddr = in6_selectsrc(sin6, in6p->in6p_outputopts,
in6p->in6p_moptions,
&in6p->in6p_route,
&in6p->in6p_laddr, &error, NULL);
if (laddr == NULL) {
if (error == 0)
error = EADDRNOTAVAIL;
goto release;
}
if (in6p->in6p_lport == 0 &&
(error = in6_pcbsetlport(laddr, in6p, td)) != 0)
goto release;
} else {
if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) {
error = ENOTCONN;
goto release;
}
/* Connection to v4-mapped address should have been rejected */
KASSERT(!IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr),
("bound to v4-mapped address"));
laddr = &in6p->in6p_laddr;
faddr = &in6p->in6p_faddr;
fport = in6p->in6p_fport;
}
/*
* Calculate data length and get a mbuf
* for UDP and IP6 headers.
*/
M_PREPEND(m, hlen + sizeof(struct udphdr), M_NOWAIT);
if (m == NULL) {
error = ENOBUFS;
goto release;
}
/*
* Stuff checksum and output datagram.
*/
udp6 = (struct udphdr *)(mtod(m, caddr_t) + hlen);
udp6->uh_sport = in6p->in6p_lport; /* lport is always set in the PCB */
udp6->uh_dport = fport;
if (plen <= 0xffff)
udp6->uh_ulen = htons((u_short)plen);
else
udp6->uh_ulen = 0;
udp6->uh_sum = 0;
ip6 = mtod(m, struct ip6_hdr *);
ip6->ip6_flow = in6p->in6p_flowinfo & IPV6_FLOWINFO_MASK;
ip6->ip6_vfc &= ~IPV6_VERSION_MASK;
ip6->ip6_vfc |= IPV6_VERSION;
#if 0 /* ip6_plen will be filled in ip6_output. */
ip6->ip6_plen = htons((u_short)plen);
#endif
ip6->ip6_nxt = IPPROTO_UDP;
ip6->ip6_hlim = in6_selecthlim(in6p,
in6p->in6p_route.ro_rt ?
in6p->in6p_route.ro_rt->rt_ifp : NULL);
ip6->ip6_src = *laddr;
ip6->ip6_dst = *faddr;
if ((udp6->uh_sum = in6_cksum(m, IPPROTO_UDP,
sizeof(struct ip6_hdr), plen)) == 0) {
udp6->uh_sum = 0xffff;
}
udp6stat.udp6s_opackets++;
error = ip6_output(m, in6p->in6p_outputopts, &in6p->in6p_route, 0,
in6p->in6p_moptions, NULL, in6p);
goto releaseopt;
release:
m_freem(m);
releaseopt:
if (control) {
ip6_clearpktopts(in6p->in6p_outputopts, -1);
in6p->in6p_outputopts = stickyopt;
m_freem(control);
}
return (error);
}
