1 /* $NetBSD: net.c,v 1.2 2024/08/18 20:47:16 christos Exp $ */ 2 3 /* 4 * Copyright (C) 2004, 2005, 2007, 2008, 2012 Internet Systems Consortium, Inc. ("ISC") 5 * Copyright (C) 1999-2003 Internet Software Consortium. 6 * 7 * Permission to use, copy, modify, and/or distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 12 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 13 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 14 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 15 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 16 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 17 * PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /* Id */ 21 22 #include <config.h> 23 24 #include <sys/types.h> 25 26 #if defined(HAVE_SYS_SYSCTL_H) 27 #if defined(HAVE_SYS_PARAM_H) 28 #include <sys/param.h> 29 #endif 30 #include <sys/sysctl.h> 31 #endif 32 33 #include <errno.h> 34 #include <unistd.h> 35 36 #include <isc/log.h> 37 #include <isc/msgs.h> 38 #include <isc/net.h> 39 #include <isc/once.h> 40 #include <isc/strerror.h> 41 #include <isc/string.h> 42 #include <isc/util.h> 43 44 /*% 45 * Definitions about UDP port range specification. This is a total mess of 46 * portability variants: some use sysctl (but the sysctl names vary), some use 47 * system-specific interfaces, some have the same interface for IPv4 and IPv6, 48 * some separate them, etc... 49 */ 50 51 /*% 52 * The last resort defaults: use all non well known port space 53 */ 54 #ifndef ISC_NET_PORTRANGELOW 55 #define ISC_NET_PORTRANGELOW 1024 56 #endif /* ISC_NET_PORTRANGELOW */ 57 #ifndef ISC_NET_PORTRANGEHIGH 58 #define ISC_NET_PORTRANGEHIGH 65535 59 #endif /* ISC_NET_PORTRANGEHIGH */ 60 61 #ifdef HAVE_SYSCTLBYNAME 62 63 /*% 64 * sysctl variants 65 */ 66 #if defined(__FreeBSD__) || defined(__APPLE__) || defined(__DragonFly__) 67 #define USE_SYSCTL_PORTRANGE 68 #define SYSCTL_V4PORTRANGE_LOW "net.inet.ip.portrange.hifirst" 69 #define SYSCTL_V4PORTRANGE_HIGH "net.inet.ip.portrange.hilast" 70 #define SYSCTL_V6PORTRANGE_LOW "net.inet.ip.portrange.hifirst" 71 #define SYSCTL_V6PORTRANGE_HIGH "net.inet.ip.portrange.hilast" 72 #endif 73 74 #ifdef __NetBSD__ 75 #define USE_SYSCTL_PORTRANGE 76 #define SYSCTL_V4PORTRANGE_LOW "net.inet.ip.anonportmin" 77 #define SYSCTL_V4PORTRANGE_HIGH "net.inet.ip.anonportmax" 78 #define SYSCTL_V6PORTRANGE_LOW "net.inet6.ip6.anonportmin" 79 #define SYSCTL_V6PORTRANGE_HIGH "net.inet6.ip6.anonportmax" 80 #endif 81 82 #else /* !HAVE_SYSCTLBYNAME */ 83 84 #ifdef __OpenBSD__ 85 #define USE_SYSCTL_PORTRANGE 86 #define SYSCTL_V4PORTRANGE_LOW { CTL_NET, PF_INET, IPPROTO_IP, \ 87 IPCTL_IPPORT_HIFIRSTAUTO } 88 #define SYSCTL_V4PORTRANGE_HIGH { CTL_NET, PF_INET, IPPROTO_IP, \ 89 IPCTL_IPPORT_HILASTAUTO } 90 /* Same for IPv6 */ 91 #define SYSCTL_V6PORTRANGE_LOW SYSCTL_V4PORTRANGE_LOW 92 #define SYSCTL_V6PORTRANGE_HIGH SYSCTL_V4PORTRANGE_HIGH 93 #endif 94 95 #endif /* HAVE_SYSCTLBYNAME */ 96 97 #if defined(ISC_PLATFORM_NEEDIN6ADDRANY) 98 const struct in6_addr isc_net_in6addrany = IN6ADDR_ANY_INIT; 99 #endif 100 101 #if defined(ISC_PLATFORM_HAVEIPV6) 102 103 # if defined(ISC_PLATFORM_NEEDIN6ADDRLOOPBACK) 104 const struct in6_addr isc_net_in6addrloop = IN6ADDR_LOOPBACK_INIT; 105 # endif 106 107 # if defined(WANT_IPV6) 108 static isc_once_t once_ipv6only = ISC_ONCE_INIT; 109 # endif 110 111 # if defined(ISC_PLATFORM_HAVEIPV6) && \ 112 defined(WANT_IPV6) && defined(ISC_PLATFORM_HAVEIN6PKTINFO) 113 static isc_once_t once_ipv6pktinfo = ISC_ONCE_INIT; 114 # endif 115 #endif /* ISC_PLATFORM_HAVEIPV6 */ 116 117 static isc_once_t once = ISC_ONCE_INIT; 118 119 static isc_result_t ipv4_result = ISC_R_NOTFOUND; 120 static isc_result_t ipv6_result = ISC_R_NOTFOUND; 121 static isc_result_t unix_result = ISC_R_NOTFOUND; 122 static isc_result_t ipv6only_result = ISC_R_NOTFOUND; 123 static isc_result_t ipv6pktinfo_result = ISC_R_NOTFOUND; 124 125 static isc_result_t 126 try_proto(int domain) { 127 int s; 128 isc_result_t result = ISC_R_SUCCESS; 129 char strbuf[ISC_STRERRORSIZE]; 130 131 s = socket(domain, SOCK_STREAM, 0); 132 if (s == -1) { 133 switch (errno) { 134 #ifdef EAFNOSUPPORT 135 case EAFNOSUPPORT: 136 #endif 137 #ifdef EPROTONOSUPPORT 138 case EPROTONOSUPPORT: 139 #endif 140 #ifdef EINVAL 141 case EINVAL: 142 #endif 143 return (ISC_R_NOTFOUND); 144 default: 145 isc__strerror(errno, strbuf, sizeof(strbuf)); 146 UNEXPECTED_ERROR(__FILE__, __LINE__, 147 "socket() %s: %s", 148 isc_msgcat_get(isc_msgcat, 149 ISC_MSGSET_GENERAL, 150 ISC_MSG_FAILED, 151 "failed"), 152 strbuf); 153 return (ISC_R_UNEXPECTED); 154 } 155 } 156 157 #ifdef ISC_PLATFORM_HAVEIPV6 158 #ifdef WANT_IPV6 159 #ifdef ISC_PLATFORM_HAVEIN6PKTINFO 160 if (domain == PF_INET6) { 161 struct sockaddr_in6 sin6; 162 GETSOCKNAME_SOCKLEN_TYPE len; /* NTP local change */ 163 164 /* 165 * Check to see if IPv6 is broken, as is common on Linux. 166 */ 167 len = sizeof(sin6); 168 if (getsockname(s, (struct sockaddr *)&sin6, &len) < 0) 169 { 170 isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL, 171 ISC_LOGMODULE_SOCKET, ISC_LOG_ERROR, 172 "retrieving the address of an IPv6 " 173 "socket from the kernel failed."); 174 isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL, 175 ISC_LOGMODULE_SOCKET, ISC_LOG_ERROR, 176 "IPv6 is not supported."); 177 result = ISC_R_NOTFOUND; 178 } else { 179 if (len == sizeof(struct sockaddr_in6)) 180 result = ISC_R_SUCCESS; 181 else { 182 isc_log_write(isc_lctx, 183 ISC_LOGCATEGORY_GENERAL, 184 ISC_LOGMODULE_SOCKET, 185 ISC_LOG_ERROR, 186 "IPv6 structures in kernel and " 187 "user space do not match."); 188 isc_log_write(isc_lctx, 189 ISC_LOGCATEGORY_GENERAL, 190 ISC_LOGMODULE_SOCKET, 191 ISC_LOG_ERROR, 192 "IPv6 is not supported."); 193 result = ISC_R_NOTFOUND; 194 } 195 } 196 } 197 #endif 198 #endif 199 #endif 200 201 (void)close(s); 202 203 return (result); 204 } 205 206 static void 207 initialize_action(void) { 208 ipv4_result = try_proto(PF_INET); 209 #ifdef ISC_PLATFORM_HAVEIPV6 210 #ifdef WANT_IPV6 211 #ifdef ISC_PLATFORM_HAVEIN6PKTINFO 212 ipv6_result = try_proto(PF_INET6); 213 #endif 214 #endif 215 #endif 216 #ifdef ISC_PLATFORM_HAVESYSUNH 217 unix_result = try_proto(PF_UNIX); 218 #endif 219 } 220 221 static void 222 initialize(void) { 223 RUNTIME_CHECK(isc_once_do(&once, initialize_action) == ISC_R_SUCCESS); 224 } 225 226 isc_result_t 227 isc_net_probeipv4(void) { 228 initialize(); 229 return (ipv4_result); 230 } 231 232 isc_result_t 233 isc_net_probeipv6(void) { 234 initialize(); 235 return (ipv6_result); 236 } 237 238 isc_result_t 239 isc_net_probeunix(void) { 240 initialize(); 241 return (unix_result); 242 } 243 244 #ifdef ISC_PLATFORM_HAVEIPV6 245 #ifdef WANT_IPV6 246 static void 247 try_ipv6only(void) { 248 #ifdef IPV6_V6ONLY 249 int s, on; 250 char strbuf[ISC_STRERRORSIZE]; 251 #endif 252 isc_result_t result; 253 254 result = isc_net_probeipv6(); 255 if (result != ISC_R_SUCCESS) { 256 ipv6only_result = result; 257 return; 258 } 259 260 #ifndef IPV6_V6ONLY 261 ipv6only_result = ISC_R_NOTFOUND; 262 return; 263 #else 264 /* check for TCP sockets */ 265 s = socket(PF_INET6, SOCK_STREAM, 0); 266 if (s == -1) { 267 isc__strerror(errno, strbuf, sizeof(strbuf)); 268 UNEXPECTED_ERROR(__FILE__, __LINE__, 269 "socket() %s: %s", 270 isc_msgcat_get(isc_msgcat, 271 ISC_MSGSET_GENERAL, 272 ISC_MSG_FAILED, 273 "failed"), 274 strbuf); 275 ipv6only_result = ISC_R_UNEXPECTED; 276 return; 277 } 278 279 on = 1; 280 if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) < 0) { 281 ipv6only_result = ISC_R_NOTFOUND; 282 goto close; 283 } 284 285 close(s); 286 287 /* check for UDP sockets */ 288 s = socket(PF_INET6, SOCK_DGRAM, 0); 289 if (s == -1) { 290 isc__strerror(errno, strbuf, sizeof(strbuf)); 291 UNEXPECTED_ERROR(__FILE__, __LINE__, 292 "socket() %s: %s", 293 isc_msgcat_get(isc_msgcat, 294 ISC_MSGSET_GENERAL, 295 ISC_MSG_FAILED, 296 "failed"), 297 strbuf); 298 ipv6only_result = ISC_R_UNEXPECTED; 299 return; 300 } 301 302 on = 1; 303 if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) < 0) { 304 ipv6only_result = ISC_R_NOTFOUND; 305 goto close; 306 } 307 308 ipv6only_result = ISC_R_SUCCESS; 309 310 close: 311 close(s); 312 return; 313 #endif /* IPV6_V6ONLY */ 314 } 315 316 static void 317 initialize_ipv6only(void) { 318 RUNTIME_CHECK(isc_once_do(&once_ipv6only, 319 try_ipv6only) == ISC_R_SUCCESS); 320 } 321 322 #ifdef ISC_PLATFORM_HAVEIN6PKTINFO 323 static void 324 try_ipv6pktinfo(void) { 325 int s, on; 326 char strbuf[ISC_STRERRORSIZE]; 327 isc_result_t result; 328 int optname; 329 330 result = isc_net_probeipv6(); 331 if (result != ISC_R_SUCCESS) { 332 ipv6pktinfo_result = result; 333 return; 334 } 335 336 /* we only use this for UDP sockets */ 337 s = socket(PF_INET6, SOCK_DGRAM, IPPROTO_UDP); 338 if (s == -1) { 339 isc__strerror(errno, strbuf, sizeof(strbuf)); 340 UNEXPECTED_ERROR(__FILE__, __LINE__, 341 "socket() %s: %s", 342 isc_msgcat_get(isc_msgcat, 343 ISC_MSGSET_GENERAL, 344 ISC_MSG_FAILED, 345 "failed"), 346 strbuf); 347 ipv6pktinfo_result = ISC_R_UNEXPECTED; 348 return; 349 } 350 351 #ifdef IPV6_RECVPKTINFO 352 optname = IPV6_RECVPKTINFO; 353 #else 354 optname = IPV6_PKTINFO; 355 #endif 356 on = 1; 357 if (setsockopt(s, IPPROTO_IPV6, optname, &on, sizeof(on)) < 0) { 358 ipv6pktinfo_result = ISC_R_NOTFOUND; 359 goto close; 360 } 361 362 ipv6pktinfo_result = ISC_R_SUCCESS; 363 364 close: 365 close(s); 366 return; 367 } 368 369 static void 370 initialize_ipv6pktinfo(void) { 371 RUNTIME_CHECK(isc_once_do(&once_ipv6pktinfo, 372 try_ipv6pktinfo) == ISC_R_SUCCESS); 373 } 374 #endif /* ISC_PLATFORM_HAVEIN6PKTINFO */ 375 #endif /* WANT_IPV6 */ 376 #endif /* ISC_PLATFORM_HAVEIPV6 */ 377 378 isc_result_t 379 isc_net_probe_ipv6only(void) { 380 #ifdef ISC_PLATFORM_HAVEIPV6 381 #ifdef WANT_IPV6 382 initialize_ipv6only(); 383 #else 384 ipv6only_result = ISC_R_NOTFOUND; 385 #endif 386 #endif 387 return (ipv6only_result); 388 } 389 390 isc_result_t 391 isc_net_probe_ipv6pktinfo(void) { 392 #ifdef ISC_PLATFORM_HAVEIPV6 393 #ifdef ISC_PLATFORM_HAVEIN6PKTINFO 394 #ifdef WANT_IPV6 395 initialize_ipv6pktinfo(); 396 #else 397 ipv6pktinfo_result = ISC_R_NOTFOUND; 398 #endif 399 #endif 400 #endif 401 return (ipv6pktinfo_result); 402 } 403 404 #if defined(USE_SYSCTL_PORTRANGE) 405 #if defined(HAVE_SYSCTLBYNAME) 406 static isc_result_t 407 getudpportrange_sysctl(int af, in_port_t *low, in_port_t *high) { 408 int port_low, port_high; 409 size_t portlen; 410 const char *sysctlname_lowport, *sysctlname_hiport; 411 412 if (af == AF_INET) { 413 sysctlname_lowport = SYSCTL_V4PORTRANGE_LOW; 414 sysctlname_hiport = SYSCTL_V4PORTRANGE_HIGH; 415 } else { 416 sysctlname_lowport = SYSCTL_V6PORTRANGE_LOW; 417 sysctlname_hiport = SYSCTL_V6PORTRANGE_HIGH; 418 } 419 portlen = sizeof(portlen); 420 if (sysctlbyname(sysctlname_lowport, &port_low, &portlen, 421 NULL, 0) < 0) { 422 return (ISC_R_FAILURE); 423 } 424 portlen = sizeof(portlen); 425 if (sysctlbyname(sysctlname_hiport, &port_high, &portlen, 426 NULL, 0) < 0) { 427 return (ISC_R_FAILURE); 428 } 429 if ((port_low & ~0xffff) != 0 || (port_high & ~0xffff) != 0) 430 return (ISC_R_RANGE); 431 432 *low = (in_port_t)port_low; 433 *high = (in_port_t)port_high; 434 435 return (ISC_R_SUCCESS); 436 } 437 #else /* !HAVE_SYSCTLBYNAME */ 438 static isc_result_t 439 getudpportrange_sysctl(int af, in_port_t *low, in_port_t *high) { 440 int mib_lo4[4] = SYSCTL_V4PORTRANGE_LOW; 441 int mib_hi4[4] = SYSCTL_V4PORTRANGE_HIGH; 442 int mib_lo6[4] = SYSCTL_V6PORTRANGE_LOW; 443 int mib_hi6[4] = SYSCTL_V6PORTRANGE_HIGH; 444 int *mib_lo, *mib_hi, miblen; 445 int port_low, port_high; 446 size_t portlen; 447 448 if (af == AF_INET) { 449 mib_lo = mib_lo4; 450 mib_hi = mib_hi4; 451 miblen = sizeof(mib_lo4) / sizeof(mib_lo4[0]); 452 } else { 453 mib_lo = mib_lo6; 454 mib_hi = mib_hi6; 455 miblen = sizeof(mib_lo6) / sizeof(mib_lo6[0]); 456 } 457 458 portlen = sizeof(portlen); 459 if (sysctl(mib_lo, miblen, &port_low, &portlen, NULL, 0) < 0) { 460 return (ISC_R_FAILURE); 461 } 462 463 portlen = sizeof(portlen); 464 if (sysctl(mib_hi, miblen, &port_high, &portlen, NULL, 0) < 0) { 465 return (ISC_R_FAILURE); 466 } 467 468 if ((port_low & ~0xffff) != 0 || (port_high & ~0xffff) != 0) 469 return (ISC_R_RANGE); 470 471 *low = (in_port_t) port_low; 472 *high = (in_port_t) port_high; 473 474 return (ISC_R_SUCCESS); 475 } 476 #endif /* HAVE_SYSCTLBYNAME */ 477 #endif /* USE_SYSCTL_PORTRANGE */ 478 479 isc_result_t 480 isc_net_getudpportrange(int af, in_port_t *low, in_port_t *high) { 481 int result = ISC_R_FAILURE; 482 483 REQUIRE(low != NULL && high != NULL); 484 485 #if defined(USE_SYSCTL_PORTRANGE) 486 result = getudpportrange_sysctl(af, low, high); 487 #else 488 UNUSED(af); 489 #endif 490 491 if (result != ISC_R_SUCCESS) { 492 *low = ISC_NET_PORTRANGELOW; 493 *high = ISC_NET_PORTRANGEHIGH; 494 } 495 496 return (ISC_R_SUCCESS); /* we currently never fail in this function */ 497 } 498 499 void 500 isc_net_disableipv4(void) { 501 initialize(); 502 if (ipv4_result == ISC_R_SUCCESS) 503 ipv4_result = ISC_R_DISABLED; 504 } 505 506 void 507 isc_net_disableipv6(void) { 508 initialize(); 509 if (ipv6_result == ISC_R_SUCCESS) 510 ipv6_result = ISC_R_DISABLED; 511 } 512 513 void 514 isc_net_enableipv4(void) { 515 initialize(); 516 if (ipv4_result == ISC_R_DISABLED) 517 ipv4_result = ISC_R_SUCCESS; 518 } 519 520 void 521 isc_net_enableipv6(void) { 522 initialize(); 523 if (ipv6_result == ISC_R_DISABLED) 524 ipv6_result = ISC_R_SUCCESS; 525 } 526