1 /* $FreeBSD: src/sys/netinet6/in6_pcb.c,v 1.10.2.9 2003/01/24 05:11:35 sam Exp $ */ 2 /* $KAME: in6_pcb.c,v 1.31 2001/05/21 05:45:10 jinmei Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 */ 33 34 /* 35 * Copyright (c) 1982, 1986, 1991, 1993 36 * The Regents of the University of California. All rights reserved. 37 * 38 * Redistribution and use in source and binary forms, with or without 39 * modification, are permitted provided that the following conditions 40 * are met: 41 * 1. Redistributions of source code must retain the above copyright 42 * notice, this list of conditions and the following disclaimer. 43 * 2. Redistributions in binary form must reproduce the above copyright 44 * notice, this list of conditions and the following disclaimer in the 45 * documentation and/or other materials provided with the distribution. 46 * 3. Neither the name of the University nor the names of its contributors 47 * may be used to endorse or promote products derived from this software 48 * without specific prior written permission. 49 * 50 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 51 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 53 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 54 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 55 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 56 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 58 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 59 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 60 * SUCH DAMAGE. 61 * 62 * @(#)in_pcb.c 8.2 (Berkeley) 1/4/94 63 */ 64 65 #include "opt_inet.h" 66 #include "opt_inet6.h" 67 #include "opt_ipsec.h" 68 69 #include <sys/param.h> 70 #include <sys/systm.h> 71 #include <sys/malloc.h> 72 #include <sys/mbuf.h> 73 #include <sys/domain.h> 74 #include <sys/protosw.h> 75 #include <sys/socket.h> 76 #include <sys/socketvar.h> 77 #include <sys/sockio.h> 78 #include <sys/errno.h> 79 #include <sys/time.h> 80 #include <sys/proc.h> 81 #include <sys/priv.h> 82 #include <sys/jail.h> 83 84 #include <sys/thread2.h> 85 #include <sys/msgport2.h> 86 87 #include <vm/vm_zone.h> 88 89 #include <net/if.h> 90 #include <net/if_types.h> 91 #include <net/route.h> 92 93 #include <netinet/in.h> 94 #include <netinet/in_var.h> 95 #include <netinet/in_systm.h> 96 #include <netinet/ip6.h> 97 #include <netinet/ip_var.h> 98 #include <netinet6/ip6_var.h> 99 #include <netinet6/nd6.h> 100 #include <netinet/in_pcb.h> 101 #include <netinet6/in6_pcb.h> 102 103 #ifdef IPSEC 104 #include <netinet6/ipsec.h> 105 #ifdef INET6 106 #include <netinet6/ipsec6.h> 107 #endif 108 #include <netinet6/ah.h> 109 #ifdef INET6 110 #include <netinet6/ah6.h> 111 #endif 112 #include <netproto/key/key.h> 113 #endif /* IPSEC */ 114 115 #ifdef FAST_IPSEC 116 #include <netproto/ipsec/ipsec.h> 117 #include <netproto/ipsec/ipsec6.h> 118 #include <netproto/ipsec/key.h> 119 #define IPSEC 120 #endif /* FAST_IPSEC */ 121 122 struct in6_addr zeroin6_addr; 123 124 int 125 in6_pcbbind(struct inpcb *inp, struct sockaddr *nam, struct thread *td) 126 { 127 struct socket *so = inp->inp_socket; 128 struct sockaddr_in6 jsin6; 129 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 130 struct proc *p = td->td_proc; 131 struct ucred *cred = NULL; 132 u_short lport = 0; 133 int wild = 0, reuseport = (so->so_options & SO_REUSEPORT); 134 int error; 135 136 if (!in6_ifaddr) /* XXX broken! */ 137 return (EADDRNOTAVAIL); 138 if (inp->inp_lport || !IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) 139 return (EINVAL); 140 if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0) 141 wild = 1; 142 if (p) 143 cred = p->p_ucred; 144 145 /* 146 * This has to be atomic. If the porthash is shared across multiple 147 * protocol threads (aka tcp) then the token will be non-NULL. 148 */ 149 if (pcbinfo->porttoken) 150 lwkt_gettoken(pcbinfo->porttoken); 151 152 if (nam) { 153 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam; 154 155 if (nam->sa_len != sizeof(*sin6)) { 156 error = EINVAL; 157 goto done; 158 } 159 /* 160 * family check. 161 */ 162 if (nam->sa_family != AF_INET6) { 163 error = EAFNOSUPPORT; 164 goto done; 165 } 166 167 if (!prison_replace_wildcards(td, nam)) { 168 error = EINVAL; 169 goto done; 170 } 171 172 /* KAME hack: embed scopeid */ 173 if (in6_embedscope(&sin6->sin6_addr, sin6, inp, NULL) != 0) { 174 error = EINVAL; 175 goto done; 176 } 177 /* this must be cleared for ifa_ifwithaddr() */ 178 sin6->sin6_scope_id = 0; 179 180 lport = sin6->sin6_port; 181 if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) { 182 /* 183 * Treat SO_REUSEADDR as SO_REUSEPORT for multicast; 184 * allow compepte duplication of binding if 185 * SO_REUSEPORT is set, or if SO_REUSEADDR is set 186 * and a multicast address is bound on both 187 * new and duplicated sockets. 188 */ 189 if (so->so_options & SO_REUSEADDR) 190 reuseport = SO_REUSEADDR|SO_REUSEPORT; 191 } else if (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 192 struct ifaddr *ia = NULL; 193 194 sin6->sin6_port = 0; /* yech... */ 195 if (!prison_replace_wildcards(td, (struct sockaddr *)sin6)) { 196 sin6->sin6_addr = kin6addr_any; 197 error = EINVAL; 198 goto done; 199 } 200 if ((ia = ifa_ifwithaddr((struct sockaddr *)sin6)) == NULL) { 201 error = EADDRNOTAVAIL; 202 goto done; 203 } 204 205 /* 206 * XXX: bind to an anycast address might accidentally 207 * cause sending a packet with anycast source address. 208 * We should allow to bind to a deprecated address, since 209 * the application dare to use it. 210 */ 211 if (ia && 212 ((struct in6_ifaddr *)ia)->ia6_flags & 213 (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY|IN6_IFF_DETACHED)) { 214 error = EADDRNOTAVAIL; 215 goto done; 216 } 217 } 218 if (lport) { 219 struct inpcb *t; 220 221 /* GROSS */ 222 if (ntohs(lport) < IPV6PORT_RESERVED && cred && 223 priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT, 0)) { 224 error = EACCES; 225 goto done; 226 } 227 if (so->so_cred->cr_uid != 0 && 228 !IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) { 229 t = in6_pcblookup_local(pcbinfo, 230 &sin6->sin6_addr, lport, 231 INPLOOKUP_WILDCARD, cred); 232 if (t && 233 (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr) || 234 !IN6_IS_ADDR_UNSPECIFIED(&t->in6p_laddr) || 235 (t->inp_socket->so_options & 236 SO_REUSEPORT) == 0) && 237 (so->so_cred->cr_uid != 238 t->inp_socket->so_cred->cr_uid)) { 239 error = EADDRINUSE; 240 goto done; 241 } 242 if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0 && 243 IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 244 struct sockaddr_in sin; 245 246 in6_sin6_2_sin(&sin, sin6); 247 t = in_pcblookup_local(pcbinfo, 248 sin.sin_addr, lport, 249 INPLOOKUP_WILDCARD, cred); 250 if (t && 251 (so->so_cred->cr_uid != 252 t->inp_socket->so_cred->cr_uid) && 253 (ntohl(t->inp_laddr.s_addr) != 254 INADDR_ANY || 255 INP_SOCKAF(so) == 256 INP_SOCKAF(t->inp_socket))) { 257 error = EADDRINUSE; 258 goto done; 259 } 260 } 261 } 262 if (cred && cred->cr_prison && 263 !prison_replace_wildcards(td, nam)) { 264 error = EADDRNOTAVAIL; 265 goto done; 266 } 267 t = in6_pcblookup_local(pcbinfo, &sin6->sin6_addr, 268 lport, wild, cred); 269 if (t && (reuseport & t->inp_socket->so_options) == 0) { 270 error = EADDRINUSE; 271 goto done; 272 } 273 if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0 && 274 IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 275 struct sockaddr_in sin; 276 277 in6_sin6_2_sin(&sin, sin6); 278 t = in_pcblookup_local(pcbinfo, 279 sin.sin_addr, lport, 280 wild, cred); 281 if (t && 282 (reuseport & t->inp_socket->so_options) 283 == 0 && 284 (ntohl(t->inp_laddr.s_addr) 285 != INADDR_ANY || 286 INP_SOCKAF(so) == 287 INP_SOCKAF(t->inp_socket))) { 288 error = EADDRINUSE; 289 goto done; 290 } 291 } 292 } 293 inp->in6p_laddr = sin6->sin6_addr; 294 } 295 if (lport == 0) { 296 int e; 297 298 jsin6.sin6_addr = inp->in6p_laddr; 299 jsin6.sin6_family = AF_INET6; 300 if (!prison_replace_wildcards(td, (struct sockaddr*)&jsin6)) { 301 inp->in6p_laddr = kin6addr_any; 302 inp->inp_lport = 0; 303 error = EINVAL; 304 goto done; 305 } 306 307 if ((e = in6_pcbsetport(&inp->in6p_laddr, inp, td)) != 0) { 308 error = e; 309 goto done; 310 } 311 } 312 else { 313 inp->inp_lport = lport; 314 in_pcbinsporthash(inp); 315 } 316 error = 0; 317 done: 318 if (pcbinfo->porttoken) 319 lwkt_reltoken(pcbinfo->porttoken); 320 return error; 321 } 322 323 /* 324 * Transform old in6_pcbconnect() into an inner subroutine for new 325 * in6_pcbconnect(): Do some validity-checking on the remote 326 * address (in mbuf 'nam') and then determine local host address 327 * (i.e., which interface) to use to access that remote host. 328 * 329 * This preserves definition of in6_pcbconnect(), while supporting a 330 * slightly different version for T/TCP. (This is more than 331 * a bit of a kludge, but cleaning up the internal interfaces would 332 * have forced minor changes in every protocol). 333 */ 334 335 int 336 in6_pcbladdr(struct inpcb *inp, struct sockaddr *nam, 337 struct in6_addr **plocal_addr6, struct thread *td) 338 { 339 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam; 340 struct ifnet *ifp = NULL; 341 int error = 0; 342 343 if (nam->sa_len != sizeof (*sin6)) 344 return (EINVAL); 345 if (sin6->sin6_family != AF_INET6) 346 return (EAFNOSUPPORT); 347 if (sin6->sin6_port == 0) 348 return (EADDRNOTAVAIL); 349 350 /* KAME hack: embed scopeid */ 351 if (in6_embedscope(&sin6->sin6_addr, sin6, inp, &ifp) != 0) 352 return EINVAL; 353 354 if (in6_ifaddr) { 355 /* 356 * If the destination address is UNSPECIFIED addr, 357 * use the loopback addr, e.g ::1. 358 */ 359 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) 360 sin6->sin6_addr = kin6addr_loopback; 361 } 362 { 363 /* 364 * XXX: in6_selectsrc might replace the bound local address 365 * with the address specified by setsockopt(IPV6_PKTINFO). 366 * Is it the intended behavior? 367 */ 368 *plocal_addr6 = in6_selectsrc(sin6, inp->in6p_outputopts, 369 inp->in6p_moptions, 370 &inp->in6p_route, 371 &inp->in6p_laddr, &error, td); 372 if (*plocal_addr6 == NULL) { 373 if (error == 0) 374 error = EADDRNOTAVAIL; 375 return (error); 376 } 377 /* 378 * Don't do pcblookup call here; return interface in 379 * plocal_addr6 380 * and exit to caller, that will do the lookup. 381 */ 382 } 383 384 if (inp->in6p_route.ro_rt) 385 ifp = inp->in6p_route.ro_rt->rt_ifp; 386 387 return (0); 388 } 389 390 /* 391 * Outer subroutine: 392 * Connect from a socket to a specified address. 393 * Both address and port must be specified in argument sin. 394 * If don't have a local address for this socket yet, 395 * then pick one. 396 */ 397 int 398 in6_pcbconnect(struct inpcb *inp, struct sockaddr *nam, struct thread *td) 399 { 400 struct in6_addr *addr6; 401 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam; 402 int error; 403 404 /* 405 * Call inner routine, to assign local interface address. 406 * in6_pcbladdr() may automatically fill in sin6_scope_id. 407 */ 408 if ((error = in6_pcbladdr(inp, nam, &addr6, td)) != 0) 409 return (error); 410 411 if (in6_pcblookup_hash(inp->inp_cpcbinfo, &sin6->sin6_addr, 412 sin6->sin6_port, 413 IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr) 414 ? addr6 : &inp->in6p_laddr, 415 inp->inp_lport, 0, NULL) != NULL) { 416 return (EADDRINUSE); 417 } 418 if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 419 if (inp->inp_lport == 0) { 420 error = in6_pcbbind(inp, NULL, td); 421 if (error) 422 return (error); 423 } 424 inp->in6p_laddr = *addr6; 425 } 426 inp->in6p_faddr = sin6->sin6_addr; 427 inp->inp_fport = sin6->sin6_port; 428 /* update flowinfo - draft-itojun-ipv6-flowlabel-api-00 */ 429 inp->in6p_flowinfo &= ~IPV6_FLOWLABEL_MASK; 430 if (inp->in6p_flags & IN6P_AUTOFLOWLABEL) 431 inp->in6p_flowinfo |= 432 (htonl(ip6_flow_seq++) & IPV6_FLOWLABEL_MASK); 433 434 in_pcbinsconnhash(inp); 435 return (0); 436 } 437 438 #if 0 439 /* 440 * Return an IPv6 address, which is the most appropriate for given 441 * destination and user specified options. 442 * If necessary, this function lookups the routing table and return 443 * an entry to the caller for later use. 444 */ 445 struct in6_addr * 446 in6_selectsrc(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, 447 struct ip6_moptions *mopts, struct route_in6 *ro, 448 struct in6_addr *laddr, int *errorp, struct thread *td) 449 { 450 struct sockaddr_in6 jsin6; 451 struct ucred *cred = NULL; 452 struct in6_addr *dst; 453 struct in6_ifaddr *ia6 = 0; 454 struct in6_pktinfo *pi = NULL; 455 int jailed = 0; 456 457 if (td && td->td_proc && td->td_proc->p_ucred) 458 cred = td->td_proc->p_ucred; 459 if (cred && cred->cr_prison) 460 jailed = 1; 461 jsin6.sin6_family = AF_INET6; 462 dst = &dstsock->sin6_addr; 463 *errorp = 0; 464 465 /* 466 * If the source address is explicitly specified by the caller, 467 * use it. 468 */ 469 if (opts && (pi = opts->ip6po_pktinfo) && 470 !IN6_IS_ADDR_UNSPECIFIED(&pi->ipi6_addr)) { 471 jsin6.sin6_addr = pi->ipi6_addr; 472 if (jailed && !jailed_ip(cred->cr_prison, 473 (struct sockaddr *)&jsin6)) { 474 return(0); 475 } else { 476 return (&pi->ipi6_addr); 477 } 478 } 479 480 /* 481 * If the source address is not specified but the socket(if any) 482 * is already bound, use the bound address. 483 */ 484 if (laddr && !IN6_IS_ADDR_UNSPECIFIED(laddr)) { 485 jsin6.sin6_addr = *laddr; 486 if (jailed && !jailed_ip(cred->cr_prison, 487 (struct sockaddr *)&jsin6)) { 488 return(0); 489 } else { 490 return (laddr); 491 } 492 } 493 494 /* 495 * If the caller doesn't specify the source address but 496 * the outgoing interface, use an address associated with 497 * the interface. 498 */ 499 if (pi && pi->ipi6_ifindex) { 500 /* XXX boundary check is assumed to be already done. */ 501 ia6 = in6_ifawithscope(ifindex2ifnet[pi->ipi6_ifindex], 502 dst, cred); 503 504 if (ia6 && jailed) { 505 jsin6.sin6_addr = (&ia6->ia_addr)->sin6_addr; 506 if (!jailed_ip(cred->cr_prison, 507 (struct sockaddr *)&jsin6)) 508 ia6 = 0; 509 } 510 511 if (ia6 == 0) { 512 *errorp = EADDRNOTAVAIL; 513 return (0); 514 } 515 return (&satosin6(&ia6->ia_addr)->sin6_addr); 516 } 517 518 /* 519 * If the destination address is a link-local unicast address or 520 * a multicast address, and if the outgoing interface is specified 521 * by the sin6_scope_id filed, use an address associated with the 522 * interface. 523 * XXX: We're now trying to define more specific semantics of 524 * sin6_scope_id field, so this part will be rewritten in 525 * the near future. 526 */ 527 if ((IN6_IS_ADDR_LINKLOCAL(dst) || IN6_IS_ADDR_MULTICAST(dst)) && 528 dstsock->sin6_scope_id) { 529 /* 530 * I'm not sure if boundary check for scope_id is done 531 * somewhere... 532 */ 533 if (dstsock->sin6_scope_id < 0 || 534 if_index < dstsock->sin6_scope_id) { 535 *errorp = ENXIO; /* XXX: better error? */ 536 return (0); 537 } 538 ia6 = in6_ifawithscope(ifindex2ifnet[dstsock->sin6_scope_id], 539 dst, cred); 540 541 if (ia6 && jailed) { 542 jsin6.sin6_addr = (&ia6->ia_addr)->sin6_addr; 543 if (!jailed_ip(cred->cr_prison, 544 (struct sockaddr *)&jsin6)) 545 ia6 = 0; 546 } 547 548 if (ia6 == 0) { 549 *errorp = EADDRNOTAVAIL; 550 return (0); 551 } 552 return (&satosin6(&ia6->ia_addr)->sin6_addr); 553 } 554 555 /* 556 * If the destination address is a multicast address and 557 * the outgoing interface for the address is specified 558 * by the caller, use an address associated with the interface. 559 * There is a sanity check here; if the destination has node-local 560 * scope, the outgoing interfacde should be a loopback address. 561 * Even if the outgoing interface is not specified, we also 562 * choose a loopback interface as the outgoing interface. 563 */ 564 if (!jailed && IN6_IS_ADDR_MULTICAST(dst)) { 565 struct ifnet *ifp = mopts ? mopts->im6o_multicast_ifp : NULL; 566 567 if (ifp == NULL && IN6_IS_ADDR_MC_NODELOCAL(dst)) { 568 ifp = &loif[0]; 569 } 570 571 if (ifp) { 572 ia6 = in6_ifawithscope(ifp, dst, cred); 573 if (ia6 == 0) { 574 *errorp = EADDRNOTAVAIL; 575 return (0); 576 } 577 return (&ia6->ia_addr.sin6_addr); 578 } 579 } 580 581 /* 582 * If the next hop address for the packet is specified 583 * by caller, use an address associated with the route 584 * to the next hop. 585 */ 586 { 587 struct sockaddr_in6 *sin6_next; 588 struct rtentry *rt; 589 590 if (opts && opts->ip6po_nexthop) { 591 sin6_next = satosin6(opts->ip6po_nexthop); 592 rt = nd6_lookup(&sin6_next->sin6_addr, 1, NULL); 593 if (rt) { 594 ia6 = in6_ifawithscope(rt->rt_ifp, dst, cred); 595 if (ia6 == 0) 596 ia6 = ifatoia6(rt->rt_ifa); 597 } 598 if (ia6 && jailed) { 599 jsin6.sin6_addr = (&ia6->ia_addr)->sin6_addr; 600 if (!jailed_ip(cred->cr_prison, 601 (struct sockaddr *)&jsin6)) 602 ia6 = 0; 603 } 604 605 if (ia6 == 0) { 606 *errorp = EADDRNOTAVAIL; 607 return (0); 608 } 609 return (&satosin6(&ia6->ia_addr)->sin6_addr); 610 } 611 } 612 613 /* 614 * If route is known or can be allocated now, 615 * our src addr is taken from the i/f, else punt. 616 */ 617 if (ro) { 618 if (ro->ro_rt && 619 !IN6_ARE_ADDR_EQUAL(&satosin6(&ro->ro_dst)->sin6_addr, dst)) { 620 RTFREE(ro->ro_rt); 621 ro->ro_rt = NULL; 622 } 623 if (ro->ro_rt == NULL || ro->ro_rt->rt_ifp == NULL) { 624 struct sockaddr_in6 *dst6; 625 626 /* No route yet, so try to acquire one */ 627 bzero(&ro->ro_dst, sizeof(struct sockaddr_in6)); 628 dst6 = &ro->ro_dst; 629 dst6->sin6_family = AF_INET6; 630 dst6->sin6_len = sizeof(struct sockaddr_in6); 631 dst6->sin6_addr = *dst; 632 if (!jailed && IN6_IS_ADDR_MULTICAST(dst)) { 633 ro->ro_rt = 634 rtpurelookup((struct sockaddr *)&ro->ro_dst); 635 } else { 636 rtalloc((struct route *)ro); 637 } 638 } 639 640 /* 641 * in_pcbconnect() checks out IFF_LOOPBACK to skip using 642 * the address. But we don't know why it does so. 643 * It is necessary to ensure the scope even for lo0 644 * so doesn't check out IFF_LOOPBACK. 645 */ 646 647 if (ro->ro_rt) { 648 ia6 = in6_ifawithscope(ro->ro_rt->rt_ifa->ifa_ifp, dst, cred); 649 if (ia6 && jailed) { 650 jsin6.sin6_addr = (&ia6->ia_addr)->sin6_addr; 651 if (!jailed_ip(cred->cr_prison, 652 (struct sockaddr *)&jsin6)) 653 ia6 = 0; 654 } 655 656 if (ia6 == 0) /* xxx scope error ?*/ 657 ia6 = ifatoia6(ro->ro_rt->rt_ifa); 658 659 if (ia6 && jailed) { 660 jsin6.sin6_addr = (&ia6->ia_addr)->sin6_addr; 661 if (!jailed_ip(cred->cr_prison, 662 (struct sockaddr *)&jsin6)) 663 ia6 = 0; 664 } 665 } 666 if (ia6 == 0) { 667 *errorp = EHOSTUNREACH; /* no route */ 668 return (0); 669 } 670 return (&satosin6(&ia6->ia_addr)->sin6_addr); 671 } 672 673 *errorp = EADDRNOTAVAIL; 674 return (0); 675 } 676 677 /* 678 * Default hop limit selection. The precedence is as follows: 679 * 1. Hoplimit valued specified via ioctl. 680 * 2. (If the outgoing interface is detected) the current 681 * hop limit of the interface specified by router advertisement. 682 * 3. The system default hoplimit. 683 */ 684 int 685 in6_selecthlim(struct in6pcb *in6p, struct ifnet *ifp) 686 { 687 if (in6p && in6p->in6p_hops >= 0) 688 return (in6p->in6p_hops); 689 else if (ifp) 690 return (ND_IFINFO(ifp)->chlim); 691 else 692 return (ip6_defhlim); 693 } 694 #endif 695 696 void 697 in6_pcbdisconnect(struct inpcb *inp) 698 { 699 bzero((caddr_t)&inp->in6p_faddr, sizeof(inp->in6p_faddr)); 700 inp->inp_fport = 0; 701 /* clear flowinfo - draft-itojun-ipv6-flowlabel-api-00 */ 702 inp->in6p_flowinfo &= ~IPV6_FLOWLABEL_MASK; 703 in_pcbremconnhash(inp); 704 if (inp->inp_socket->so_state & SS_NOFDREF) 705 in6_pcbdetach(inp); 706 } 707 708 void 709 in6_pcbdetach(struct inpcb *inp) 710 { 711 struct socket *so = inp->inp_socket; 712 struct inpcbinfo *ipi = inp->inp_pcbinfo; 713 714 #ifdef IPSEC 715 if (inp->in6p_sp != NULL) 716 ipsec6_delete_pcbpolicy(inp); 717 #endif /* IPSEC */ 718 inp->inp_gencnt = ++ipi->ipi_gencnt; 719 in_pcbremlists(inp); 720 so->so_pcb = NULL; 721 KKASSERT((so->so_state & SS_ASSERTINPROG) == 0); 722 sofree(so); /* remove pcb ref */ 723 724 if (inp->in6p_options) 725 m_freem(inp->in6p_options); 726 ip6_freepcbopts(inp->in6p_outputopts); 727 ip6_freemoptions(inp->in6p_moptions); 728 if (inp->in6p_route.ro_rt) 729 rtfree(inp->in6p_route.ro_rt); 730 /* Check and free IPv4 related resources in case of mapped addr */ 731 if (inp->inp_options) 732 m_free(inp->inp_options); 733 ip_freemoptions(inp->inp_moptions); 734 735 inp->inp_vflag = 0; 736 kfree(inp, M_PCB); 737 } 738 739 /* 740 * The calling convention of in6_setsockaddr() and in6_setpeeraddr() was 741 * modified to match the pru_sockaddr() and pru_peeraddr() entry points 742 * in struct pr_usrreqs, so that protocols can just reference then directly 743 * without the need for a wrapper function. The socket must have a valid 744 * (i.e., non-nil) PCB, but it should be impossible to get an invalid one 745 * except through a kernel programming error, so it is acceptable to panic 746 * (or in this case trap) if the PCB is invalid. (Actually, we don't trap 747 * because there actually /is/ a programming error somewhere... XXX) 748 */ 749 void 750 in6_setsockaddr_dispatch(netmsg_t msg) 751 { 752 int error; 753 754 error = in6_setsockaddr(msg->sockaddr.base.nm_so, msg->sockaddr.nm_nam); 755 lwkt_replymsg(&msg->sockaddr.base.lmsg, error); 756 } 757 758 int 759 in6_setsockaddr(struct socket *so, struct sockaddr **nam) 760 { 761 struct inpcb *inp; 762 struct sockaddr_in6 *sin6; 763 764 /* 765 * Do the malloc first in case it blocks. 766 */ 767 sin6 = kmalloc(sizeof *sin6, M_SONAME, M_WAITOK | M_ZERO); 768 sin6->sin6_family = AF_INET6; 769 sin6->sin6_len = sizeof(*sin6); 770 771 crit_enter(); 772 inp = so->so_pcb; 773 if (!inp) { 774 crit_exit(); 775 kfree(sin6, M_SONAME); 776 return EINVAL; 777 } 778 sin6->sin6_port = inp->inp_lport; 779 sin6->sin6_addr = inp->in6p_laddr; 780 crit_exit(); 781 if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr)) 782 sin6->sin6_scope_id = ntohs(sin6->sin6_addr.s6_addr16[1]); 783 else 784 sin6->sin6_scope_id = 0; /*XXX*/ 785 if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr)) 786 sin6->sin6_addr.s6_addr16[1] = 0; 787 788 *nam = (struct sockaddr *)sin6; 789 return 0; 790 } 791 792 void 793 in6_setpeeraddr_dispatch(netmsg_t msg) 794 { 795 int error; 796 797 error = in6_setpeeraddr(msg->peeraddr.base.nm_so, msg->peeraddr.nm_nam); 798 lwkt_replymsg(&msg->peeraddr.base.lmsg, error); 799 } 800 801 int 802 in6_setpeeraddr(struct socket *so, struct sockaddr **nam) 803 { 804 struct inpcb *inp; 805 struct sockaddr_in6 *sin6; 806 807 /* 808 * Do the malloc first in case it blocks. 809 */ 810 sin6 = kmalloc(sizeof(*sin6), M_SONAME, M_WAITOK | M_ZERO); 811 sin6->sin6_family = AF_INET6; 812 sin6->sin6_len = sizeof(struct sockaddr_in6); 813 814 crit_enter(); 815 inp = so->so_pcb; 816 if (!inp) { 817 crit_exit(); 818 kfree(sin6, M_SONAME); 819 return EINVAL; 820 } 821 sin6->sin6_port = inp->inp_fport; 822 sin6->sin6_addr = inp->in6p_faddr; 823 crit_exit(); 824 if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr)) 825 sin6->sin6_scope_id = ntohs(sin6->sin6_addr.s6_addr16[1]); 826 else 827 sin6->sin6_scope_id = 0; /*XXX*/ 828 if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr)) 829 sin6->sin6_addr.s6_addr16[1] = 0; 830 831 *nam = (struct sockaddr *)sin6; 832 return 0; 833 } 834 835 void 836 in6_mapped_sockaddr_dispatch(netmsg_t msg) 837 { 838 int error; 839 840 error = in6_mapped_sockaddr(msg->sockaddr.base.nm_so, 841 msg->sockaddr.nm_nam); 842 lwkt_replymsg(&msg->sockaddr.base.lmsg, error); 843 } 844 845 int 846 in6_mapped_sockaddr(struct socket *so, struct sockaddr **nam) 847 { 848 struct inpcb *inp = so->so_pcb; 849 int error; 850 851 if (inp == NULL) 852 return EINVAL; 853 if (inp->inp_vflag & INP_IPV4) { 854 error = in_setsockaddr(so, nam); 855 if (error == 0) 856 in6_sin_2_v4mapsin6_in_sock(nam); 857 } else 858 /* scope issues will be handled in in6_setsockaddr(). */ 859 error = in6_setsockaddr(so, nam); 860 861 return error; 862 } 863 864 int 865 in6_mapped_peeraddr(struct socket *so, struct sockaddr **nam) 866 { 867 struct inpcb *inp = so->so_pcb; 868 int error; 869 870 if (inp == NULL) 871 return EINVAL; 872 if (inp->inp_vflag & INP_IPV4) { 873 error = in_setpeeraddr(so, nam); 874 if (error == 0) 875 in6_sin_2_v4mapsin6_in_sock(nam); 876 } else 877 /* scope issues will be handled in in6_setpeeraddr(). */ 878 error = in6_setpeeraddr(so, nam); 879 880 return error; 881 } 882 883 void 884 in6_mapped_peeraddr_dispatch(netmsg_t msg) 885 { 886 int error; 887 888 error = in6_mapped_peeraddr(msg->base.nm_so, msg->peeraddr.nm_nam); 889 lwkt_replymsg(&msg->base.lmsg, error); 890 } 891 892 /* 893 * Pass some notification to all connections of a protocol 894 * associated with address dst. The local address and/or port numbers 895 * may be specified to limit the search. The "usual action" will be 896 * taken, depending on the ctlinput cmd. The caller must filter any 897 * cmds that are uninteresting (e.g., no error in the map). 898 * Call the protocol specific routine (if any) to report 899 * any errors for each matching socket. 900 * 901 * Must be called under crit_enter(). 902 */ 903 void 904 in6_pcbnotify(struct inpcbhead *head, struct sockaddr *dst, in_port_t fport, 905 const struct sockaddr *src, in_port_t lport, int cmd, int arg, 906 void (*notify) (struct inpcb *, int)) 907 { 908 struct inpcb *inp, *ninp; 909 struct sockaddr_in6 sa6_src, *sa6_dst; 910 u_int32_t flowinfo; 911 912 if ((unsigned)cmd >= PRC_NCMDS || dst->sa_family != AF_INET6) 913 return; 914 915 sa6_dst = (struct sockaddr_in6 *)dst; 916 if (IN6_IS_ADDR_UNSPECIFIED(&sa6_dst->sin6_addr)) 917 return; 918 919 /* 920 * note that src can be NULL when we get notify by local fragmentation. 921 */ 922 sa6_src = (src == NULL) ? sa6_any : *(const struct sockaddr_in6 *)src; 923 flowinfo = sa6_src.sin6_flowinfo; 924 925 /* 926 * Redirects go to all references to the destination, 927 * and use in6_rtchange to invalidate the route cache. 928 * Dead host indications: also use in6_rtchange to invalidate 929 * the cache, and deliver the error to all the sockets. 930 * Otherwise, if we have knowledge of the local port and address, 931 * deliver only to that socket. 932 */ 933 if (PRC_IS_REDIRECT(cmd) || cmd == PRC_HOSTDEAD) { 934 fport = 0; 935 lport = 0; 936 bzero((caddr_t)&sa6_src.sin6_addr, sizeof(sa6_src.sin6_addr)); 937 938 if (cmd != PRC_HOSTDEAD) 939 notify = in6_rtchange; 940 } 941 if (cmd != PRC_MSGSIZE) 942 arg = inet6ctlerrmap[cmd]; 943 crit_enter(); 944 for (inp = LIST_FIRST(head); inp != NULL; inp = ninp) { 945 ninp = LIST_NEXT(inp, inp_list); 946 947 if (inp->inp_flags & INP_PLACEMARKER) 948 continue; 949 950 if ((inp->inp_vflag & INP_IPV6) == 0) 951 continue; 952 /* 953 * If the error designates a new path MTU for a destination 954 * and the application (associated with this socket) wanted to 955 * know the value, notify. Note that we notify for all 956 * disconnected sockets if the corresponding application 957 * wanted. This is because some UDP applications keep sending 958 * sockets disconnected. 959 * XXX: should we avoid to notify the value to TCP sockets? 960 */ 961 if (cmd == PRC_MSGSIZE && (inp->inp_flags & IN6P_MTU) != 0 && 962 (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) || 963 IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, &sa6_dst->sin6_addr))) { 964 ip6_notify_pmtu(inp, (struct sockaddr_in6 *)dst, &arg); 965 } 966 967 /* 968 * Detect if we should notify the error. If no source and 969 * destination ports are specifed, but non-zero flowinfo and 970 * local address match, notify the error. This is the case 971 * when the error is delivered with an encrypted buffer 972 * by ESP. Otherwise, just compare addresses and ports 973 * as usual. 974 */ 975 if (lport == 0 && fport == 0 && flowinfo && 976 inp->inp_socket != NULL && 977 flowinfo == (inp->in6p_flowinfo & IPV6_FLOWLABEL_MASK) && 978 IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, &sa6_src.sin6_addr)) 979 goto do_notify; 980 else if (!IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, 981 &sa6_dst->sin6_addr) || 982 inp->inp_socket == 0 || 983 (lport && inp->inp_lport != lport) || 984 (!IN6_IS_ADDR_UNSPECIFIED(&sa6_src.sin6_addr) && 985 !IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, 986 &sa6_src.sin6_addr)) || 987 (fport && inp->inp_fport != fport)) 988 continue; 989 990 do_notify: 991 if (notify) 992 (*notify)(inp, arg); 993 } 994 crit_exit(); 995 } 996 997 /* 998 * Lookup a PCB based on the local address and port. 999 */ 1000 struct inpcb * 1001 in6_pcblookup_local(struct inpcbinfo *pcbinfo, struct in6_addr *laddr, 1002 u_int lport_arg, int wild_okay, struct ucred *cred) 1003 { 1004 struct inpcb *inp; 1005 int matchwild = 3, wildcard; 1006 u_short lport = lport_arg; 1007 struct inpcbporthead *porthash; 1008 struct inpcbport *phd; 1009 struct inpcb *match = NULL; 1010 1011 /* 1012 * If the porthashbase is shared across several cpus, it must 1013 * have been locked. 1014 */ 1015 if (pcbinfo->porttoken) 1016 ASSERT_LWKT_TOKEN_HELD(pcbinfo->porttoken); 1017 1018 /* 1019 * Best fit PCB lookup. 1020 * 1021 * First see if this local port is in use by looking on the 1022 * port hash list. 1023 */ 1024 porthash = &pcbinfo->porthashbase[ 1025 INP_PCBPORTHASH(lport, pcbinfo->porthashmask)]; 1026 LIST_FOREACH(phd, porthash, phd_hash) { 1027 if (phd->phd_port == lport) 1028 break; 1029 } 1030 1031 if (phd != NULL) { 1032 /* 1033 * Port is in use by one or more PCBs. Look for best 1034 * fit. 1035 */ 1036 LIST_FOREACH(inp, &phd->phd_pcblist, inp_portlist) { 1037 wildcard = 0; 1038 if ((inp->inp_vflag & INP_IPV6) == 0) 1039 continue; 1040 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr)) 1041 wildcard++; 1042 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 1043 if (IN6_IS_ADDR_UNSPECIFIED(laddr)) 1044 wildcard++; 1045 else if (!IN6_ARE_ADDR_EQUAL( 1046 &inp->in6p_laddr, laddr)) 1047 continue; 1048 } else { 1049 if (!IN6_IS_ADDR_UNSPECIFIED(laddr)) 1050 wildcard++; 1051 } 1052 if (wildcard && !wild_okay) 1053 continue; 1054 if (wildcard < matchwild && 1055 (cred == NULL || 1056 cred->cr_prison == 1057 inp->inp_socket->so_cred->cr_prison)) { 1058 match = inp; 1059 matchwild = wildcard; 1060 if (wildcard == 0) 1061 break; 1062 else 1063 matchwild = wildcard; 1064 } 1065 } 1066 } 1067 return (match); 1068 } 1069 1070 void 1071 in6_pcbpurgeif0(struct in6pcb *head, struct ifnet *ifp) 1072 { 1073 struct in6pcb *in6p; 1074 struct ip6_moptions *im6o; 1075 struct in6_multi_mship *imm, *nimm; 1076 1077 for (in6p = head; in6p != NULL; in6p = LIST_NEXT(in6p, inp_list)) { 1078 if (in6p->in6p_flags & INP_PLACEMARKER) 1079 continue; 1080 im6o = in6p->in6p_moptions; 1081 if ((in6p->inp_vflag & INP_IPV6) && 1082 im6o) { 1083 /* 1084 * Unselect the outgoing interface if it is being 1085 * detached. 1086 */ 1087 if (im6o->im6o_multicast_ifp == ifp) 1088 im6o->im6o_multicast_ifp = NULL; 1089 1090 /* 1091 * Drop multicast group membership if we joined 1092 * through the interface being detached. 1093 * XXX controversial - is it really legal for kernel 1094 * to force this? 1095 */ 1096 for (imm = im6o->im6o_memberships.lh_first; 1097 imm != NULL; imm = nimm) { 1098 nimm = imm->i6mm_chain.le_next; 1099 if (imm->i6mm_maddr->in6m_ifp == ifp) { 1100 LIST_REMOVE(imm, i6mm_chain); 1101 in6_delmulti(imm->i6mm_maddr); 1102 kfree(imm, M_IPMADDR); 1103 } 1104 } 1105 } 1106 } 1107 } 1108 1109 /* 1110 * Check for alternatives when higher level complains 1111 * about service problems. For now, invalidate cached 1112 * routing information. If the route was created dynamically 1113 * (by a redirect), time to try a default gateway again. 1114 */ 1115 void 1116 in6_losing(struct inpcb *in6p) 1117 { 1118 struct rtentry *rt; 1119 struct rt_addrinfo info; 1120 1121 if ((rt = in6p->in6p_route.ro_rt) != NULL) { 1122 bzero((caddr_t)&info, sizeof(info)); 1123 info.rti_flags = rt->rt_flags; 1124 info.rti_info[RTAX_DST] = rt_key(rt); 1125 info.rti_info[RTAX_GATEWAY] = rt->rt_gateway; 1126 info.rti_info[RTAX_NETMASK] = rt_mask(rt); 1127 rt_missmsg(RTM_LOSING, &info, rt->rt_flags, 0); 1128 if (rt->rt_flags & RTF_DYNAMIC) { 1129 rtrequest(RTM_DELETE, rt_key(rt), rt->rt_gateway, 1130 rt_mask(rt), rt->rt_flags, NULL); 1131 } 1132 in6p->in6p_route.ro_rt = NULL; 1133 rtfree(rt); 1134 /* 1135 * A new route can be allocated 1136 * the next time output is attempted. 1137 */ 1138 } 1139 } 1140 1141 /* 1142 * After a routing change, flush old routing 1143 * and allocate a (hopefully) better one. 1144 */ 1145 void 1146 in6_rtchange(struct inpcb *inp, int error) 1147 { 1148 if (inp->in6p_route.ro_rt) { 1149 rtfree(inp->in6p_route.ro_rt); 1150 inp->in6p_route.ro_rt = 0; 1151 /* 1152 * A new route can be allocated the next time 1153 * output is attempted. 1154 */ 1155 } 1156 } 1157 1158 /* 1159 * Lookup PCB in hash list. 1160 */ 1161 struct inpcb * 1162 in6_pcblookup_hash(struct inpcbinfo *pcbinfo, struct in6_addr *faddr, 1163 u_int fport_arg, struct in6_addr *laddr, u_int lport_arg, 1164 int wildcard, struct ifnet *ifp) 1165 { 1166 struct inpcbhead *head; 1167 struct inpcb *inp; 1168 struct inpcb *jinp = NULL; 1169 u_short fport = fport_arg, lport = lport_arg; 1170 int faith; 1171 1172 if (faithprefix_p != NULL) 1173 faith = (*faithprefix_p)(laddr); 1174 else 1175 faith = 0; 1176 1177 /* 1178 * First look for an exact match. 1179 */ 1180 head = &pcbinfo->hashbase[INP_PCBCONNHASH(faddr->s6_addr32[3] /* XXX */, 1181 fport, 1182 laddr->s6_addr32[3], /* XXX JH */ 1183 lport, 1184 pcbinfo->hashmask)]; 1185 LIST_FOREACH(inp, head, inp_hash) { 1186 if ((inp->inp_vflag & INP_IPV6) == 0) 1187 continue; 1188 if (IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, faddr) && 1189 IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr) && 1190 inp->inp_fport == fport && 1191 inp->inp_lport == lport) { 1192 /* 1193 * Found. 1194 */ 1195 if (inp->inp_socket == NULL || 1196 inp->inp_socket->so_cred->cr_prison == NULL) { 1197 return (inp); 1198 } else { 1199 if (jinp == NULL) 1200 jinp = inp; 1201 } 1202 } 1203 } 1204 if (jinp != NULL) 1205 return(jinp); 1206 if (wildcard) { 1207 struct inpcontainerhead *chead; 1208 struct inpcontainer *ic; 1209 struct inpcb *local_wild = NULL; 1210 struct inpcb *jinp_wild = NULL; 1211 struct sockaddr_in6 jsin6; 1212 struct ucred *cred; 1213 1214 /* 1215 * Order of socket selection: 1216 * 1. non-jailed, non-wild. 1217 * 2. non-jailed, wild. 1218 * 3. jailed, non-wild. 1219 * 4. jailed, wild. 1220 */ 1221 jsin6.sin6_family = AF_INET6; 1222 chead = &pcbinfo->wildcardhashbase[INP_PCBWILDCARDHASH(lport, 1223 pcbinfo->wildcardhashmask)]; 1224 LIST_FOREACH(ic, chead, ic_list) { 1225 inp = ic->ic_inp; 1226 1227 if (!(inp->inp_vflag & INP_IPV6)) 1228 continue; 1229 if (inp->inp_socket != NULL) 1230 cred = inp->inp_socket->so_cred; 1231 else 1232 cred = NULL; 1233 1234 if (cred != NULL && jailed(cred)) { 1235 if (jinp != NULL) { 1236 continue; 1237 } else { 1238 jsin6.sin6_addr = *laddr; 1239 if (!jailed_ip(cred->cr_prison, 1240 (struct sockaddr *)&jsin6)) 1241 continue; 1242 } 1243 } 1244 if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) && 1245 inp->inp_lport == lport) { 1246 if (faith && (inp->inp_flags & INP_FAITH) == 0) 1247 continue; 1248 if (IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, 1249 laddr)) { 1250 if (cred != NULL && jailed(cred)) 1251 jinp = inp; 1252 else 1253 return (inp); 1254 } else if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) { 1255 if (cred != NULL && jailed(cred)) 1256 jinp_wild = inp; 1257 else 1258 local_wild = inp; 1259 } 1260 } 1261 } 1262 if (local_wild != NULL) 1263 return (local_wild); 1264 if (jinp != NULL) 1265 return (jinp); 1266 return (jinp_wild); 1267 } 1268 1269 /* 1270 * Not found. 1271 */ 1272 return (NULL); 1273 } 1274 1275 void 1276 init_sin6(struct sockaddr_in6 *sin6, struct mbuf *m) 1277 { 1278 struct ip6_hdr *ip; 1279 1280 ip = mtod(m, struct ip6_hdr *); 1281 bzero(sin6, sizeof(*sin6)); 1282 sin6->sin6_len = sizeof(*sin6); 1283 sin6->sin6_family = AF_INET6; 1284 sin6->sin6_addr = ip->ip6_src; 1285 if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr)) 1286 sin6->sin6_addr.s6_addr16[1] = 0; 1287 sin6->sin6_scope_id = 1288 (m->m_pkthdr.rcvif && IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr)) 1289 ? m->m_pkthdr.rcvif->if_index : 0; 1290 1291 return; 1292 } 1293 1294 static void 1295 in6_savefaddr(struct socket *so, const struct sockaddr *faddr) 1296 { 1297 struct sockaddr_in6 *sin6; 1298 1299 KASSERT(faddr->sa_family == AF_INET6, 1300 ("not AF_INET6 faddr %d", faddr->sa_family)); 1301 1302 sin6 = kmalloc(sizeof(*sin6), M_SONAME, M_WAITOK | M_ZERO); 1303 sin6->sin6_family = AF_INET6; 1304 sin6->sin6_len = sizeof(*sin6); 1305 1306 sin6->sin6_port = ((const struct sockaddr_in6 *)faddr)->sin6_port; 1307 sin6->sin6_addr = ((const struct sockaddr_in6 *)faddr)->sin6_addr; 1308 1309 if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr)) 1310 sin6->sin6_scope_id = ntohs(sin6->sin6_addr.s6_addr16[1]); 1311 else 1312 sin6->sin6_scope_id = 0; /*XXX*/ 1313 if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr)) 1314 sin6->sin6_addr.s6_addr16[1] = 0; 1315 1316 so->so_faddr = (struct sockaddr *)sin6; 1317 } 1318 1319 void 1320 in6_mapped_savefaddr(struct socket *so, const struct sockaddr *faddr) 1321 { 1322 if (faddr->sa_family == AF_INET) { 1323 in_savefaddr(so, faddr); 1324 in6_sin_2_v4mapsin6_in_sock(&so->so_faddr); 1325 } else { 1326 in6_savefaddr(so, faddr); 1327 } 1328 } 1329