1 /* $NetBSD: in_proto.c,v 1.120 2016/04/26 08:44:44 ozaki-r Exp $ */ 2 3 /* 4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the project nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 /* 33 * Copyright (c) 1982, 1986, 1993 34 * The Regents of the University of California. All rights reserved. 35 * 36 * Redistribution and use in source and binary forms, with or without 37 * modification, are permitted provided that the following conditions 38 * are met: 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 3. Neither the name of the University nor the names of its contributors 45 * may be used to endorse or promote products derived from this software 46 * without specific prior written permission. 47 * 48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58 * SUCH DAMAGE. 59 * 60 * @(#)in_proto.c 8.2 (Berkeley) 2/9/95 61 */ 62 63 #include <sys/cdefs.h> 64 __KERNEL_RCSID(0, "$NetBSD: in_proto.c,v 1.120 2016/04/26 08:44:44 ozaki-r Exp $"); 65 66 #ifdef _KERNEL_OPT 67 #include "opt_mrouting.h" 68 #include "opt_inet.h" 69 #include "opt_ipsec.h" 70 #include "opt_pim.h" 71 #include "opt_gateway.h" 72 #include "opt_dccp.h" 73 #include "opt_sctp.h" 74 #include "opt_compat_netbsd.h" 75 #endif 76 77 #include <sys/param.h> 78 #include <sys/socket.h> 79 #include <sys/protosw.h> 80 #include <sys/domain.h> 81 #include <sys/mbuf.h> 82 83 #include <net/if.h> 84 85 #include <netinet/in.h> 86 #include <netinet/in_systm.h> 87 #include <netinet/in_var.h> 88 #include <netinet/ip.h> 89 #include <netinet/ip_var.h> 90 #include <netinet/ip_icmp.h> 91 #include <netinet/in_ifattach.h> 92 #include <netinet/in_pcb.h> 93 #include <netinet/in_proto.h> 94 95 #ifdef INET6 96 #ifndef INET 97 #include <netinet/in.h> 98 #endif 99 #include <netinet/ip6.h> 100 #endif 101 102 #include <netinet/igmp_var.h> 103 #ifdef PIM 104 #include <netinet/pim_var.h> 105 #endif 106 #include <netinet/tcp.h> 107 #include <netinet/tcp_fsm.h> 108 #include <netinet/tcp_seq.h> 109 #include <netinet/tcp_timer.h> 110 #include <netinet/tcp_var.h> 111 #include <netinet/tcpip.h> 112 #include <netinet/tcp_debug.h> 113 #include <netinet/udp.h> 114 #include <netinet/udp_var.h> 115 #include <netinet/ip_encap.h> 116 117 #ifdef DCCP 118 #include <netinet/dccp.h> 119 #include <netinet/dccp_var.h> 120 #endif 121 122 #ifdef SCTP 123 #include <netinet/sctp.h> 124 #include <netinet/sctp_var.h> 125 #endif 126 127 /* 128 * TCP/IP protocol family: IP, ICMP, UDP, TCP. 129 */ 130 131 #ifdef IPSEC 132 #include <netipsec/ipsec.h> 133 #include <netipsec/key.h> 134 #endif /* IPSEC */ 135 136 #include "carp.h" 137 #if NCARP > 0 138 #include <netinet/ip_carp.h> 139 #endif 140 141 #include "pfsync.h" 142 #if NPFSYNC > 0 143 #include <net/pfvar.h> 144 #include <net/if_pfsync.h> 145 #endif 146 147 #include "etherip.h" 148 #if NETHERIP > 0 149 #include <netinet/ip_etherip.h> 150 #endif 151 152 DOMAIN_DEFINE(inetdomain); /* forward declare and add to link set */ 153 154 /* Wrappers to acquire kernel_lock. */ 155 156 PR_WRAP_CTLINPUT(rip_ctlinput) 157 PR_WRAP_CTLINPUT(udp_ctlinput) 158 PR_WRAP_CTLINPUT(tcp_ctlinput) 159 160 #define rip_ctlinput rip_ctlinput_wrapper 161 #define udp_ctlinput udp_ctlinput_wrapper 162 #define tcp_ctlinput tcp_ctlinput_wrapper 163 164 PR_WRAP_CTLOUTPUT(rip_ctloutput) 165 PR_WRAP_CTLOUTPUT(udp_ctloutput) 166 PR_WRAP_CTLOUTPUT(tcp_ctloutput) 167 168 #define rip_ctloutput rip_ctloutput_wrapper 169 #define udp_ctloutput udp_ctloutput_wrapper 170 #define tcp_ctloutput tcp_ctloutput_wrapper 171 172 #ifdef DCCP 173 PR_WRAP_CTLINPUT(dccp_ctlinput) 174 PR_WRAP_CTLOUTPUT(dccp_ctloutput) 175 176 #define dccp_ctlinput dccp_ctlinput_wrapper 177 #define dccp_ctloutput dccp_ctloutput_wrapper 178 #endif 179 180 #ifdef SCTP 181 PR_WRAP_CTLINPUT(sctp_ctlinput) 182 PR_WRAP_CTLOUTPUT(sctp_ctloutput) 183 184 #define sctp_ctlinput sctp_ctlinput_wrapper 185 #define sctp_ctloutput sctp_ctloutput_wrapper 186 #endif 187 188 #if defined(IPSEC) 189 PR_WRAP_CTLINPUT(ah4_ctlinput) 190 191 #define ah4_ctlinput ah4_ctlinput_wrapper 192 PR_WRAP_CTLINPUT(esp4_ctlinput) 193 194 #define esp4_ctlinput esp4_ctlinput_wrapper 195 #endif 196 197 const struct protosw inetsw[] = { 198 { .pr_domain = &inetdomain, 199 .pr_init = ip_init, 200 .pr_fasttimo = ip_fasttimo, 201 .pr_slowtimo = ip_slowtimo, 202 .pr_drain = ip_drainstub, 203 }, 204 { .pr_type = SOCK_DGRAM, 205 .pr_domain = &inetdomain, 206 .pr_protocol = IPPROTO_UDP, 207 .pr_flags = PR_ATOMIC|PR_ADDR|PR_PURGEIF, 208 .pr_input = udp_input, 209 .pr_ctlinput = udp_ctlinput, 210 .pr_ctloutput = udp_ctloutput, 211 .pr_usrreqs = &udp_usrreqs, 212 .pr_init = udp_init, 213 }, 214 { .pr_type = SOCK_STREAM, 215 .pr_domain = &inetdomain, 216 .pr_protocol = IPPROTO_TCP, 217 .pr_flags = PR_CONNREQUIRED|PR_WANTRCVD|PR_LISTEN|PR_ABRTACPTDIS|PR_PURGEIF, 218 .pr_input = tcp_input, 219 .pr_ctlinput = tcp_ctlinput, 220 .pr_ctloutput = tcp_ctloutput, 221 .pr_usrreqs = &tcp_usrreqs, 222 .pr_init = tcp_init, 223 .pr_fasttimo = tcp_fasttimo, 224 .pr_drain = tcp_drainstub, 225 }, 226 #ifdef DCCP 227 { .pr_type = SOCK_CONN_DGRAM, 228 .pr_domain = &inetdomain, 229 .pr_protocol = IPPROTO_DCCP, 230 .pr_flags = PR_CONNREQUIRED|PR_WANTRCVD|PR_ATOMIC|PR_LISTEN|PR_ABRTACPTDIS, 231 .pr_input = dccp_input, 232 .pr_ctlinput = dccp_ctlinput, 233 .pr_ctloutput = dccp_ctloutput, 234 .pr_usrreqs = &dccp_usrreqs, 235 .pr_init = dccp_init, 236 }, 237 #endif 238 #ifdef SCTP 239 { .pr_type = SOCK_DGRAM, 240 .pr_domain = &inetdomain, 241 .pr_protocol = IPPROTO_SCTP, 242 .pr_flags = PR_ADDR_OPT|PR_WANTRCVD, 243 .pr_input = sctp_input, 244 .pr_ctlinput = sctp_ctlinput, 245 .pr_ctloutput = sctp_ctloutput, 246 .pr_usrreqs = &sctp_usrreqs, 247 .pr_init = sctp_init, 248 .pr_drain = sctp_drain 249 }, 250 { .pr_type = SOCK_SEQPACKET, 251 .pr_domain = &inetdomain, 252 .pr_protocol = IPPROTO_SCTP, 253 .pr_flags = PR_ADDR_OPT|PR_WANTRCVD, 254 .pr_input = sctp_input, 255 .pr_ctlinput = sctp_ctlinput, 256 .pr_ctloutput = sctp_ctloutput, 257 .pr_usrreqs = &sctp_usrreqs, 258 .pr_drain = sctp_drain 259 }, 260 { .pr_type = SOCK_STREAM, 261 .pr_domain = &inetdomain, 262 .pr_protocol = IPPROTO_SCTP, 263 .pr_flags = PR_CONNREQUIRED|PR_ADDR_OPT|PR_WANTRCVD|PR_LISTEN, 264 .pr_input = sctp_input, 265 .pr_ctlinput = sctp_ctlinput, 266 .pr_ctloutput = sctp_ctloutput, 267 .pr_usrreqs = &sctp_usrreqs, 268 .pr_drain = sctp_drain 269 }, 270 #endif /* SCTP */ 271 { .pr_type = SOCK_RAW, 272 .pr_domain = &inetdomain, 273 .pr_protocol = IPPROTO_RAW, 274 .pr_flags = PR_ATOMIC|PR_ADDR|PR_PURGEIF, 275 .pr_input = rip_input, 276 .pr_ctlinput = rip_ctlinput, 277 .pr_ctloutput = rip_ctloutput, 278 .pr_usrreqs = &rip_usrreqs, 279 }, 280 { .pr_type = SOCK_RAW, 281 .pr_domain = &inetdomain, 282 .pr_protocol = IPPROTO_ICMP, 283 .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, 284 .pr_input = icmp_input, 285 .pr_ctlinput = rip_ctlinput, 286 .pr_ctloutput = rip_ctloutput, 287 .pr_usrreqs = &rip_usrreqs, 288 .pr_init = icmp_init, 289 }, 290 #ifdef GATEWAY 291 { .pr_domain = &inetdomain, 292 .pr_protocol = IPPROTO_IP, 293 .pr_slowtimo = ipflow_slowtimo, 294 .pr_init = ipflow_poolinit, 295 }, 296 #endif /* GATEWAY */ 297 #ifdef IPSEC 298 { .pr_type = SOCK_RAW, 299 .pr_domain = &inetdomain, 300 .pr_protocol = IPPROTO_AH, 301 .pr_flags = PR_ATOMIC|PR_ADDR, 302 .pr_input = ipsec4_common_input, 303 .pr_ctlinput = ah4_ctlinput, 304 }, 305 { .pr_type = SOCK_RAW, 306 .pr_domain = &inetdomain, 307 .pr_protocol = IPPROTO_ESP, 308 .pr_flags = PR_ATOMIC|PR_ADDR, 309 .pr_input = ipsec4_common_input, 310 .pr_ctlinput = esp4_ctlinput, 311 }, 312 { .pr_type = SOCK_RAW, 313 .pr_domain = &inetdomain, 314 .pr_protocol = IPPROTO_IPCOMP, 315 .pr_flags = PR_ATOMIC|PR_ADDR, 316 .pr_input = ipsec4_common_input, 317 }, 318 #endif /* IPSEC */ 319 { .pr_type = SOCK_RAW, 320 .pr_domain = &inetdomain, 321 .pr_protocol = IPPROTO_IPV4, 322 .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, 323 .pr_input = encap4_input, 324 .pr_ctlinput = rip_ctlinput, 325 .pr_ctloutput = rip_ctloutput, 326 .pr_usrreqs = &rip_usrreqs, 327 .pr_init = encap_init, 328 }, 329 #ifdef INET6 330 { .pr_type = SOCK_RAW, 331 .pr_domain = &inetdomain, 332 .pr_protocol = IPPROTO_IPV6, 333 .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, 334 .pr_input = encap4_input, 335 .pr_ctlinput = rip_ctlinput, 336 .pr_ctloutput = rip_ctloutput, 337 .pr_usrreqs = &rip_usrreqs, 338 .pr_init = encap_init, 339 }, 340 #endif /* INET6 */ 341 #if NETHERIP > 0 342 { .pr_type = SOCK_RAW, 343 .pr_domain = &inetdomain, 344 .pr_protocol = IPPROTO_ETHERIP, 345 .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, 346 .pr_input = ip_etherip_input, 347 .pr_ctlinput = rip_ctlinput, 348 .pr_ctloutput = rip_ctloutput, 349 .pr_usrreqs = &rip_usrreqs, 350 }, 351 #endif /* NETHERIP > 0 */ 352 #if NCARP > 0 353 { .pr_type = SOCK_RAW, 354 .pr_domain = &inetdomain, 355 .pr_protocol = IPPROTO_CARP, 356 .pr_flags = PR_ATOMIC|PR_ADDR, 357 .pr_input = carp_proto_input, 358 .pr_ctloutput = rip_ctloutput, 359 .pr_usrreqs = &rip_usrreqs, 360 .pr_init = carp_init, 361 }, 362 #endif /* NCARP > 0 */ 363 #if NPFSYNC > 0 364 { .pr_type = SOCK_RAW, 365 .pr_domain = &inetdomain, 366 .pr_protocol = IPPROTO_PFSYNC, 367 .pr_flags = PR_ATOMIC|PR_ADDR, 368 .pr_input = pfsync_input, 369 .pr_ctloutput = rip_ctloutput, 370 .pr_usrreqs = &rip_usrreqs, 371 }, 372 #endif /* NPFSYNC > 0 */ 373 { .pr_type = SOCK_RAW, 374 .pr_domain = &inetdomain, 375 .pr_protocol = IPPROTO_IGMP, 376 .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, 377 .pr_input = igmp_input, 378 .pr_ctloutput = rip_ctloutput, 379 .pr_ctlinput = rip_ctlinput, 380 .pr_usrreqs = &rip_usrreqs, 381 .pr_fasttimo = igmp_fasttimo, 382 .pr_slowtimo = igmp_slowtimo, 383 .pr_init = igmp_init, 384 }, 385 #ifdef PIM 386 { .pr_type = SOCK_RAW, 387 .pr_domain = &inetdomain, 388 .pr_protocol = IPPROTO_PIM, 389 .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, 390 .pr_input = pim_input, 391 .pr_ctloutput = rip_ctloutput, 392 .pr_ctlinput = rip_ctlinput, 393 .pr_usrreqs = &rip_usrreqs, 394 }, 395 #endif /* PIM */ 396 /* raw wildcard */ 397 { .pr_type = SOCK_RAW, 398 .pr_domain = &inetdomain, 399 .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, 400 .pr_input = rip_input, 401 .pr_ctloutput = rip_ctloutput, 402 .pr_ctlinput = rip_ctlinput, 403 .pr_usrreqs = &rip_usrreqs, 404 .pr_init = rip_init, 405 }, 406 }; 407 408 const struct sockaddr_in in_any = { 409 .sin_len = sizeof(struct sockaddr_in) 410 , .sin_family = AF_INET 411 , .sin_port = 0 412 , .sin_addr = {.s_addr = 0 /* INADDR_ANY */} 413 }; 414 415 struct domain inetdomain = { 416 .dom_family = PF_INET, .dom_name = "internet", .dom_init = NULL, 417 .dom_externalize = NULL, .dom_dispose = NULL, 418 .dom_protosw = inetsw, 419 .dom_protoswNPROTOSW = &inetsw[__arraycount(inetsw)], 420 .dom_rtattach = rt_inithead, 421 .dom_rtoffset = 32, 422 .dom_maxrtkey = sizeof(struct ip_pack4), 423 .dom_if_up = in_if_up, 424 .dom_if_down = in_if_down, 425 .dom_ifattach = in_domifattach, 426 .dom_ifdetach = in_domifdetach, 427 .dom_if_link_state_change = in_if_link_state_change, 428 .dom_ifqueues = { NULL, NULL }, 429 .dom_link = { NULL }, 430 .dom_mowner = MOWNER_INIT("",""), 431 .dom_sa_cmpofs = offsetof(struct sockaddr_in, sin_addr), 432 .dom_sa_cmplen = sizeof(struct in_addr), 433 .dom_sa_any = (const struct sockaddr *)&in_any, 434 .dom_sockaddr_const_addr = sockaddr_in_const_addr, 435 .dom_sockaddr_addr = sockaddr_in_addr, 436 .dom_rtcache = LIST_HEAD_INITIALIZER(inetdomain.dom_rtcache) 437 }; 438 439 u_char ip_protox[IPPROTO_MAX]; 440 441 int icmperrppslim = 100; /* 100pps */ 442 443 static void 444 sockaddr_in_addrlen(const struct sockaddr *sa, socklen_t *slenp) 445 { 446 socklen_t slen; 447 448 if (slenp == NULL) 449 return; 450 451 slen = sockaddr_getlen(sa); 452 *slenp = (socklen_t)MIN(sizeof(struct in_addr), 453 slen - MIN(slen, offsetof(struct sockaddr_in, sin_addr))); 454 } 455 456 const void * 457 sockaddr_in_const_addr(const struct sockaddr *sa, socklen_t *slenp) 458 { 459 const struct sockaddr_in *sin; 460 461 sockaddr_in_addrlen(sa, slenp); 462 sin = (const struct sockaddr_in *)sa; 463 return &sin->sin_addr; 464 } 465 466 void * 467 sockaddr_in_addr(struct sockaddr *sa, socklen_t *slenp) 468 { 469 struct sockaddr_in *sin; 470 471 sockaddr_in_addrlen(sa, slenp); 472 sin = (struct sockaddr_in *)sa; 473 return &sin->sin_addr; 474 } 475 476 int 477 sockaddr_in_cmp(const struct sockaddr *sa1, const struct sockaddr *sa2) 478 { 479 uint_fast8_t len; 480 const uint_fast8_t addrofs = offsetof(struct sockaddr_in, sin_addr), 481 addrend = addrofs + sizeof(struct in_addr); 482 int rc; 483 const struct sockaddr_in *sin1, *sin2; 484 485 sin1 = satocsin(sa1); 486 sin2 = satocsin(sa2); 487 488 len = MIN(addrend, MIN(sin1->sin_len, sin2->sin_len)); 489 490 if (len > addrofs && 491 (rc = memcmp(&sin1->sin_addr, &sin2->sin_addr, 492 len - addrofs)) != 0) 493 return rc; 494 495 return sin1->sin_len - sin2->sin_len; 496 } 497