1 /* $NetBSD: in6_pcb.c,v 1.123 2013/06/05 19:01:26 christos Exp $ */ 2 /* $KAME: in6_pcb.c,v 1.84 2001/02/08 18:02:08 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1991, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)in_pcb.c 8.2 (Berkeley) 1/4/94 62 */ 63 64 #include <sys/cdefs.h> 65 __KERNEL_RCSID(0, "$NetBSD: in6_pcb.c,v 1.123 2013/06/05 19:01:26 christos Exp $"); 66 67 #include "opt_inet.h" 68 #include "opt_ipsec.h" 69 70 #include <sys/param.h> 71 #include <sys/systm.h> 72 #include <sys/malloc.h> 73 #include <sys/mbuf.h> 74 #include <sys/protosw.h> 75 #include <sys/socket.h> 76 #include <sys/socketvar.h> 77 #include <sys/ioctl.h> 78 #include <sys/errno.h> 79 #include <sys/time.h> 80 #include <sys/proc.h> 81 #include <sys/kauth.h> 82 #include <sys/domain.h> 83 #include <sys/once.h> 84 85 #include <net/if.h> 86 #include <net/route.h> 87 88 #include <netinet/in.h> 89 #include <netinet/in_var.h> 90 #include <netinet/in_systm.h> 91 #include <netinet/ip.h> 92 #include <netinet/in_pcb.h> 93 #include <netinet/ip6.h> 94 #include <netinet/portalgo.h> 95 #include <netinet6/ip6_var.h> 96 #include <netinet6/in6_pcb.h> 97 #include <netinet6/scope6_var.h> 98 #include <netinet6/nd6.h> 99 100 #include "faith.h" 101 102 #ifdef IPSEC 103 #include <netipsec/ipsec.h> 104 #include <netipsec/ipsec6.h> 105 #include <netipsec/key.h> 106 #endif /* IPSEC */ 107 108 #include <netinet/tcp_vtw.h> 109 110 const struct in6_addr zeroin6_addr; 111 112 #define IN6PCBHASH_PORT(table, lport) \ 113 &(table)->inpt_porthashtbl[ntohs(lport) & (table)->inpt_porthash] 114 #define IN6PCBHASH_BIND(table, laddr, lport) \ 115 &(table)->inpt_bindhashtbl[ \ 116 (((laddr)->s6_addr32[0] ^ (laddr)->s6_addr32[1] ^ \ 117 (laddr)->s6_addr32[2] ^ (laddr)->s6_addr32[3]) + ntohs(lport)) & \ 118 (table)->inpt_bindhash] 119 #define IN6PCBHASH_CONNECT(table, faddr, fport, laddr, lport) \ 120 &(table)->inpt_bindhashtbl[ \ 121 ((((faddr)->s6_addr32[0] ^ (faddr)->s6_addr32[1] ^ \ 122 (faddr)->s6_addr32[2] ^ (faddr)->s6_addr32[3]) + ntohs(fport)) + \ 123 (((laddr)->s6_addr32[0] ^ (laddr)->s6_addr32[1] ^ \ 124 (laddr)->s6_addr32[2] ^ (laddr)->s6_addr32[3]) + \ 125 ntohs(lport))) & (table)->inpt_bindhash] 126 127 int ip6_anonportmin = IPV6PORT_ANONMIN; 128 int ip6_anonportmax = IPV6PORT_ANONMAX; 129 int ip6_lowportmin = IPV6PORT_RESERVEDMIN; 130 int ip6_lowportmax = IPV6PORT_RESERVEDMAX; 131 132 static struct pool in6pcb_pool; 133 134 static int 135 in6pcb_poolinit(void) 136 { 137 138 pool_init(&in6pcb_pool, sizeof(struct in6pcb), 0, 0, 0, "in6pcbpl", 139 NULL, IPL_SOFTNET); 140 return 0; 141 } 142 143 void 144 in6_pcbinit(struct inpcbtable *table, int bindhashsize, int connecthashsize) 145 { 146 static ONCE_DECL(control); 147 148 in_pcbinit(table, bindhashsize, connecthashsize); 149 table->inpt_lastport = (u_int16_t)ip6_anonportmax; 150 151 RUN_ONCE(&control, in6pcb_poolinit); 152 } 153 154 int 155 in6_pcballoc(struct socket *so, void *v) 156 { 157 struct inpcbtable *table = v; 158 struct in6pcb *in6p; 159 int s; 160 #if defined(IPSEC) 161 int error; 162 #endif 163 164 s = splnet(); 165 in6p = pool_get(&in6pcb_pool, PR_NOWAIT); 166 splx(s); 167 if (in6p == NULL) 168 return (ENOBUFS); 169 memset((void *)in6p, 0, sizeof(*in6p)); 170 in6p->in6p_af = AF_INET6; 171 in6p->in6p_table = table; 172 in6p->in6p_socket = so; 173 in6p->in6p_hops = -1; /* use kernel default */ 174 in6p->in6p_icmp6filt = NULL; 175 in6p->in6p_portalgo = PORTALGO_DEFAULT; 176 in6p->in6p_bindportonsend = false; 177 #if defined(IPSEC) 178 error = ipsec_init_pcbpolicy(so, &in6p->in6p_sp); 179 if (error != 0) { 180 s = splnet(); 181 pool_put(&in6pcb_pool, in6p); 182 splx(s); 183 return error; 184 } 185 #endif /* IPSEC */ 186 s = splnet(); 187 CIRCLEQ_INSERT_HEAD(&table->inpt_queue, (struct inpcb_hdr*)in6p, 188 inph_queue); 189 LIST_INSERT_HEAD(IN6PCBHASH_PORT(table, in6p->in6p_lport), 190 &in6p->in6p_head, inph_lhash); 191 in6_pcbstate(in6p, IN6P_ATTACHED); 192 splx(s); 193 if (ip6_v6only) 194 in6p->in6p_flags |= IN6P_IPV6_V6ONLY; 195 so->so_pcb = (void *)in6p; 196 return (0); 197 } 198 199 /* 200 * Bind address from sin6 to in6p. 201 */ 202 static int 203 in6_pcbbind_addr(struct in6pcb *in6p, struct sockaddr_in6 *sin6, struct lwp *l) 204 { 205 int error; 206 207 /* 208 * We should check the family, but old programs 209 * incorrectly fail to intialize it. 210 */ 211 if (sin6->sin6_family != AF_INET6) 212 return (EAFNOSUPPORT); 213 214 #ifndef INET 215 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) 216 return (EADDRNOTAVAIL); 217 #endif 218 219 if ((error = sa6_embedscope(sin6, ip6_use_defzone)) != 0) 220 return (error); 221 222 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { 223 if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) 224 return (EINVAL); 225 if (sin6->sin6_addr.s6_addr32[3]) { 226 struct sockaddr_in sin; 227 228 memset(&sin, 0, sizeof(sin)); 229 sin.sin_len = sizeof(sin); 230 sin.sin_family = AF_INET; 231 bcopy(&sin6->sin6_addr.s6_addr32[3], 232 &sin.sin_addr, sizeof(sin.sin_addr)); 233 if (ifa_ifwithaddr((struct sockaddr *)&sin) == 0) 234 return EADDRNOTAVAIL; 235 } 236 } else if (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 237 struct ifaddr *ia = NULL; 238 239 if ((in6p->in6p_flags & IN6P_FAITH) == 0 && 240 (ia = ifa_ifwithaddr((struct sockaddr *)sin6)) == 0) 241 return (EADDRNOTAVAIL); 242 243 /* 244 * bind to an anycast address might accidentally 245 * cause sending a packet with an anycast source 246 * address, so we forbid it. 247 * 248 * We should allow to bind to a deprecated address, 249 * since the application dare to use it. 250 * But, can we assume that they are careful enough 251 * to check if the address is deprecated or not? 252 * Maybe, as a safeguard, we should have a setsockopt 253 * flag to control the bind(2) behavior against 254 * deprecated addresses (default: forbid bind(2)). 255 */ 256 if (ia && 257 ((struct in6_ifaddr *)ia)->ia6_flags & 258 (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY|IN6_IFF_DETACHED)) 259 return (EADDRNOTAVAIL); 260 } 261 262 263 in6p->in6p_laddr = sin6->sin6_addr; 264 265 266 return (0); 267 } 268 269 /* 270 * Bind port from sin6 to in6p. 271 */ 272 static int 273 in6_pcbbind_port(struct in6pcb *in6p, struct sockaddr_in6 *sin6, struct lwp *l) 274 { 275 struct inpcbtable *table = in6p->in6p_table; 276 struct socket *so = in6p->in6p_socket; 277 int wild = 0, reuseport = (so->so_options & SO_REUSEPORT); 278 int error; 279 280 if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0 && 281 ((so->so_proto->pr_flags & PR_CONNREQUIRED) == 0 || 282 (so->so_options & SO_ACCEPTCONN) == 0)) 283 wild = 1; 284 285 if (sin6->sin6_port != 0) { 286 enum kauth_network_req req; 287 288 #ifndef IPNOPRIVPORTS 289 if (ntohs(sin6->sin6_port) < IPV6PORT_RESERVED) 290 req = KAUTH_REQ_NETWORK_BIND_PRIVPORT; 291 else 292 #endif /* IPNOPRIVPORTS */ 293 req = KAUTH_REQ_NETWORK_BIND_PORT; 294 295 error = kauth_authorize_network(l->l_cred, KAUTH_NETWORK_BIND, 296 req, so, sin6, NULL); 297 if (error) 298 return (EACCES); 299 } 300 301 if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) { 302 /* 303 * Treat SO_REUSEADDR as SO_REUSEPORT for multicast; 304 * allow compepte duplication of binding if 305 * SO_REUSEPORT is set, or if SO_REUSEADDR is set 306 * and a multicast address is bound on both 307 * new and duplicated sockets. 308 */ 309 if (so->so_options & SO_REUSEADDR) 310 reuseport = SO_REUSEADDR|SO_REUSEPORT; 311 } 312 313 if (sin6->sin6_port != 0) { 314 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { 315 #ifdef INET 316 struct inpcb *t; 317 struct vestigial_inpcb vestige; 318 319 t = in_pcblookup_port(table, 320 *(struct in_addr *)&sin6->sin6_addr.s6_addr32[3], 321 sin6->sin6_port, wild, &vestige); 322 if (t && (reuseport & t->inp_socket->so_options) == 0) 323 return (EADDRINUSE); 324 if (!t 325 && vestige.valid 326 && !(reuseport && vestige.reuse_port)) 327 return EADDRINUSE; 328 #else 329 return (EADDRNOTAVAIL); 330 #endif 331 } 332 333 { 334 struct in6pcb *t; 335 struct vestigial_inpcb vestige; 336 337 t = in6_pcblookup_port(table, &sin6->sin6_addr, 338 sin6->sin6_port, wild, &vestige); 339 if (t && (reuseport & t->in6p_socket->so_options) == 0) 340 return (EADDRINUSE); 341 if (!t 342 && vestige.valid 343 && !(reuseport && vestige.reuse_port)) 344 return EADDRINUSE; 345 } 346 } 347 348 if (sin6->sin6_port == 0) { 349 int e; 350 e = in6_pcbsetport(sin6, in6p, l); 351 if (e != 0) 352 return (e); 353 } else { 354 in6p->in6p_lport = sin6->sin6_port; 355 in6_pcbstate(in6p, IN6P_BOUND); 356 } 357 358 LIST_REMOVE(&in6p->in6p_head, inph_lhash); 359 LIST_INSERT_HEAD(IN6PCBHASH_PORT(table, in6p->in6p_lport), 360 &in6p->in6p_head, inph_lhash); 361 362 return (0); 363 } 364 365 int 366 in6_pcbbind(void *v, struct mbuf *nam, struct lwp *l) 367 { 368 struct in6pcb *in6p = v; 369 struct sockaddr_in6 lsin6; 370 struct sockaddr_in6 *sin6 = NULL; 371 int error; 372 373 if (in6p->in6p_af != AF_INET6) 374 return (EINVAL); 375 376 /* 377 * If we already have a local port or a local address it means we're 378 * bounded. 379 */ 380 if (in6p->in6p_lport || !(IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) || 381 (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr) && 382 in6p->in6p_laddr.s6_addr32[3] == 0))) 383 return (EINVAL); 384 385 if (nam != NULL) { 386 /* We were provided a sockaddr_in6 to use. */ 387 sin6 = mtod(nam, struct sockaddr_in6 *); 388 if (nam->m_len != sizeof(*sin6)) 389 return (EINVAL); 390 } else { 391 /* We always bind to *something*, even if it's "anything". */ 392 lsin6 = *((const struct sockaddr_in6 *) 393 in6p->in6p_socket->so_proto->pr_domain->dom_sa_any); 394 sin6 = &lsin6; 395 } 396 397 /* Bind address. */ 398 error = in6_pcbbind_addr(in6p, sin6, l); 399 if (error) 400 return (error); 401 402 /* Bind port. */ 403 error = in6_pcbbind_port(in6p, sin6, l); 404 if (error) { 405 /* 406 * Reset the address here to "any" so we don't "leak" the 407 * in6pcb. 408 */ 409 in6p->in6p_laddr = in6addr_any; 410 411 return (error); 412 } 413 414 415 #if 0 416 in6p->in6p_flowinfo = 0; /* XXX */ 417 #endif 418 return (0); 419 } 420 421 /* 422 * Connect from a socket to a specified address. 423 * Both address and port must be specified in argument sin6. 424 * If don't have a local address for this socket yet, 425 * then pick one. 426 */ 427 int 428 in6_pcbconnect(void *v, struct mbuf *nam, struct lwp *l) 429 { 430 struct rtentry *rt; 431 struct in6pcb *in6p = v; 432 struct in6_addr *in6a = NULL; 433 struct sockaddr_in6 *sin6 = mtod(nam, struct sockaddr_in6 *); 434 struct ifnet *ifp = NULL; /* outgoing interface */ 435 int error = 0; 436 int scope_ambiguous = 0; 437 #ifdef INET 438 struct in6_addr mapped; 439 #endif 440 struct sockaddr_in6 tmp; 441 struct vestigial_inpcb vestige; 442 443 (void)&in6a; /* XXX fool gcc */ 444 445 if (in6p->in6p_af != AF_INET6) 446 return (EINVAL); 447 448 if (nam->m_len != sizeof(*sin6)) 449 return (EINVAL); 450 if (sin6->sin6_family != AF_INET6) 451 return (EAFNOSUPPORT); 452 if (sin6->sin6_port == 0) 453 return (EADDRNOTAVAIL); 454 455 if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr) && 456 in6p->in6p_socket->so_type == SOCK_STREAM) 457 return EADDRNOTAVAIL; 458 459 if (sin6->sin6_scope_id == 0 && !ip6_use_defzone) 460 scope_ambiguous = 1; 461 if ((error = sa6_embedscope(sin6, ip6_use_defzone)) != 0) 462 return(error); 463 464 /* sanity check for mapped address case */ 465 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { 466 if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) 467 return EINVAL; 468 if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr)) 469 in6p->in6p_laddr.s6_addr16[5] = htons(0xffff); 470 if (!IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr)) 471 return EINVAL; 472 } else 473 { 474 if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr)) 475 return EINVAL; 476 } 477 478 /* protect *sin6 from overwrites */ 479 tmp = *sin6; 480 sin6 = &tmp; 481 482 /* Source address selection. */ 483 if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr) && 484 in6p->in6p_laddr.s6_addr32[3] == 0) { 485 #ifdef INET 486 struct sockaddr_in sin, *sinp; 487 488 memset(&sin, 0, sizeof(sin)); 489 sin.sin_len = sizeof(sin); 490 sin.sin_family = AF_INET; 491 memcpy(&sin.sin_addr, &sin6->sin6_addr.s6_addr32[3], 492 sizeof(sin.sin_addr)); 493 sinp = in_selectsrc(&sin, &in6p->in6p_route, 494 in6p->in6p_socket->so_options, NULL, &error); 495 if (sinp == 0) { 496 if (error == 0) 497 error = EADDRNOTAVAIL; 498 return (error); 499 } 500 memset(&mapped, 0, sizeof(mapped)); 501 mapped.s6_addr16[5] = htons(0xffff); 502 memcpy(&mapped.s6_addr32[3], &sinp->sin_addr, sizeof(sinp->sin_addr)); 503 in6a = &mapped; 504 #else 505 return EADDRNOTAVAIL; 506 #endif 507 } else { 508 /* 509 * XXX: in6_selectsrc might replace the bound local address 510 * with the address specified by setsockopt(IPV6_PKTINFO). 511 * Is it the intended behavior? 512 */ 513 in6a = in6_selectsrc(sin6, in6p->in6p_outputopts, 514 in6p->in6p_moptions, 515 &in6p->in6p_route, 516 &in6p->in6p_laddr, &ifp, &error); 517 if (ifp && scope_ambiguous && 518 (error = in6_setscope(&sin6->sin6_addr, ifp, NULL)) != 0) { 519 return(error); 520 } 521 522 if (in6a == 0) { 523 if (error == 0) 524 error = EADDRNOTAVAIL; 525 return (error); 526 } 527 } 528 if (ifp == NULL && (rt = rtcache_validate(&in6p->in6p_route)) != NULL) 529 ifp = rt->rt_ifp; 530 531 in6p->in6p_ip6.ip6_hlim = (u_int8_t)in6_selecthlim(in6p, ifp); 532 533 if (in6_pcblookup_connect(in6p->in6p_table, &sin6->sin6_addr, 534 sin6->sin6_port, 535 IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) ? in6a : &in6p->in6p_laddr, 536 in6p->in6p_lport, 0, &vestige) 537 || vestige.valid) 538 return (EADDRINUSE); 539 if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) || 540 (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr) && 541 in6p->in6p_laddr.s6_addr32[3] == 0)) 542 { 543 if (in6p->in6p_lport == 0) { 544 error = in6_pcbbind(in6p, NULL, l); 545 if (error != 0) 546 return error; 547 } 548 in6p->in6p_laddr = *in6a; 549 } 550 in6p->in6p_faddr = sin6->sin6_addr; 551 in6p->in6p_fport = sin6->sin6_port; 552 553 /* Late bind, if needed */ 554 if (in6p->in6p_bindportonsend) { 555 struct sockaddr_in6 lsin = *((const struct sockaddr_in6 *) 556 in6p->in6p_socket->so_proto->pr_domain->dom_sa_any); 557 lsin.sin6_addr = in6p->in6p_laddr; 558 lsin.sin6_port = 0; 559 560 if ((error = in6_pcbbind_port(in6p, &lsin, l)) != 0) 561 return error; 562 } 563 564 in6_pcbstate(in6p, IN6P_CONNECTED); 565 in6p->in6p_flowinfo &= ~IPV6_FLOWLABEL_MASK; 566 if (ip6_auto_flowlabel) 567 in6p->in6p_flowinfo |= 568 (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK); 569 #if defined(IPSEC) 570 if (in6p->in6p_socket->so_type == SOCK_STREAM) 571 ipsec_pcbconn(in6p->in6p_sp); 572 #endif 573 return (0); 574 } 575 576 void 577 in6_pcbdisconnect(struct in6pcb *in6p) 578 { 579 memset((void *)&in6p->in6p_faddr, 0, sizeof(in6p->in6p_faddr)); 580 in6p->in6p_fport = 0; 581 in6_pcbstate(in6p, IN6P_BOUND); 582 in6p->in6p_flowinfo &= ~IPV6_FLOWLABEL_MASK; 583 #if defined(IPSEC) 584 ipsec_pcbdisconn(in6p->in6p_sp); 585 #endif 586 if (in6p->in6p_socket->so_state & SS_NOFDREF) 587 in6_pcbdetach(in6p); 588 } 589 590 void 591 in6_pcbdetach(struct in6pcb *in6p) 592 { 593 struct socket *so = in6p->in6p_socket; 594 int s; 595 596 if (in6p->in6p_af != AF_INET6) 597 return; 598 599 #if defined(IPSEC) 600 ipsec6_delete_pcbpolicy(in6p); 601 #endif /* IPSEC */ 602 so->so_pcb = 0; 603 if (in6p->in6p_options) 604 m_freem(in6p->in6p_options); 605 if (in6p->in6p_outputopts != NULL) { 606 ip6_clearpktopts(in6p->in6p_outputopts, -1); 607 free(in6p->in6p_outputopts, M_IP6OPT); 608 } 609 rtcache_free(&in6p->in6p_route); 610 ip6_freemoptions(in6p->in6p_moptions); 611 s = splnet(); 612 in6_pcbstate(in6p, IN6P_ATTACHED); 613 LIST_REMOVE(&in6p->in6p_head, inph_lhash); 614 CIRCLEQ_REMOVE(&in6p->in6p_table->inpt_queue, &in6p->in6p_head, 615 inph_queue); 616 pool_put(&in6pcb_pool, in6p); 617 splx(s); 618 sofree(so); /* drops the socket's lock */ 619 mutex_enter(softnet_lock); /* reacquire it */ 620 } 621 622 void 623 in6_setsockaddr(struct in6pcb *in6p, struct mbuf *nam) 624 { 625 struct sockaddr_in6 *sin6; 626 627 if (in6p->in6p_af != AF_INET6) 628 return; 629 630 nam->m_len = sizeof(*sin6); 631 sin6 = mtod(nam, struct sockaddr_in6 *); 632 sockaddr_in6_init(sin6, &in6p->in6p_laddr, in6p->in6p_lport, 0, 0); 633 (void)sa6_recoverscope(sin6); /* XXX: should catch errors */ 634 } 635 636 void 637 in6_setpeeraddr(struct in6pcb *in6p, struct mbuf *nam) 638 { 639 struct sockaddr_in6 *sin6; 640 641 if (in6p->in6p_af != AF_INET6) 642 return; 643 644 nam->m_len = sizeof(*sin6); 645 sin6 = mtod(nam, struct sockaddr_in6 *); 646 sockaddr_in6_init(sin6, &in6p->in6p_faddr, in6p->in6p_fport, 0, 0); 647 (void)sa6_recoverscope(sin6); /* XXX: should catch errors */ 648 } 649 650 /* 651 * Pass some notification to all connections of a protocol 652 * associated with address dst. The local address and/or port numbers 653 * may be specified to limit the search. The "usual action" will be 654 * taken, depending on the ctlinput cmd. The caller must filter any 655 * cmds that are uninteresting (e.g., no error in the map). 656 * Call the protocol specific routine (if any) to report 657 * any errors for each matching socket. 658 * 659 * Must be called at splsoftnet. 660 * 661 * Note: src (4th arg) carries the flowlabel value on the original IPv6 662 * header, in sin6_flowinfo member. 663 */ 664 int 665 in6_pcbnotify(struct inpcbtable *table, const struct sockaddr *dst, 666 u_int fport_arg, const struct sockaddr *src, u_int lport_arg, int cmd, 667 void *cmdarg, void (*notify)(struct in6pcb *, int)) 668 { 669 struct rtentry *rt; 670 struct in6pcb *in6p, *nin6p; 671 struct sockaddr_in6 sa6_src; 672 const struct sockaddr_in6 *sa6_dst; 673 u_int16_t fport = fport_arg, lport = lport_arg; 674 int errno; 675 int nmatch = 0; 676 u_int32_t flowinfo; 677 678 if ((unsigned)cmd >= PRC_NCMDS || dst->sa_family != AF_INET6) 679 return 0; 680 681 sa6_dst = (const struct sockaddr_in6 *)dst; 682 if (IN6_IS_ADDR_UNSPECIFIED(&sa6_dst->sin6_addr)) 683 return 0; 684 685 /* 686 * note that src can be NULL when we get notify by local fragmentation. 687 */ 688 sa6_src = (src == NULL) ? sa6_any : *(const struct sockaddr_in6 *)src; 689 flowinfo = sa6_src.sin6_flowinfo; 690 691 /* 692 * Redirects go to all references to the destination, 693 * and use in6_rtchange to invalidate the route cache. 694 * Dead host indications: also use in6_rtchange to invalidate 695 * the cache, and deliver the error to all the sockets. 696 * Otherwise, if we have knowledge of the local port and address, 697 * deliver only to that socket. 698 */ 699 if (PRC_IS_REDIRECT(cmd) || cmd == PRC_HOSTDEAD) { 700 fport = 0; 701 lport = 0; 702 memset((void *)&sa6_src.sin6_addr, 0, sizeof(sa6_src.sin6_addr)); 703 704 if (cmd != PRC_HOSTDEAD) 705 notify = in6_rtchange; 706 } 707 708 errno = inet6ctlerrmap[cmd]; 709 for (in6p = (struct in6pcb *)CIRCLEQ_FIRST(&table->inpt_queue); 710 in6p != (void *)&table->inpt_queue; 711 in6p = nin6p) { 712 nin6p = (struct in6pcb *)CIRCLEQ_NEXT(in6p, in6p_queue); 713 714 if (in6p->in6p_af != AF_INET6) 715 continue; 716 717 /* 718 * Under the following condition, notify of redirects 719 * to the pcb, without making address matches against inpcb. 720 * - redirect notification is arrived. 721 * - the inpcb is unconnected. 722 * - the inpcb is caching !RTF_HOST routing entry. 723 * - the ICMPv6 notification is from the gateway cached in the 724 * inpcb. i.e. ICMPv6 notification is from nexthop gateway 725 * the inpcb used very recently. 726 * 727 * This is to improve interaction between netbsd/openbsd 728 * redirect handling code, and inpcb route cache code. 729 * without the clause, !RTF_HOST routing entry (which carries 730 * gateway used by inpcb right before the ICMPv6 redirect) 731 * will be cached forever in unconnected inpcb. 732 * 733 * There still is a question regarding to what is TRT: 734 * - On bsdi/freebsd, RTF_HOST (cloned) routing entry will be 735 * generated on packet output. inpcb will always cache 736 * RTF_HOST routing entry so there's no need for the clause 737 * (ICMPv6 redirect will update RTF_HOST routing entry, 738 * and inpcb is caching it already). 739 * However, bsdi/freebsd are vulnerable to local DoS attacks 740 * due to the cloned routing entries. 741 * - Specwise, "destination cache" is mentioned in RFC2461. 742 * Jinmei says that it implies bsdi/freebsd behavior, itojun 743 * is not really convinced. 744 * - Having hiwat/lowat on # of cloned host route (redirect/ 745 * pmtud) may be a good idea. netbsd/openbsd has it. see 746 * icmp6_mtudisc_update(). 747 */ 748 if ((PRC_IS_REDIRECT(cmd) || cmd == PRC_HOSTDEAD) && 749 IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) && 750 (rt = rtcache_validate(&in6p->in6p_route)) != NULL && 751 !(rt->rt_flags & RTF_HOST)) { 752 const struct sockaddr_in6 *dst6; 753 754 dst6 = (const struct sockaddr_in6 *) 755 rtcache_getdst(&in6p->in6p_route); 756 if (dst6 == NULL) 757 ; 758 else if (IN6_ARE_ADDR_EQUAL(&dst6->sin6_addr, 759 &sa6_dst->sin6_addr)) 760 goto do_notify; 761 } 762 763 /* 764 * If the error designates a new path MTU for a destination 765 * and the application (associated with this socket) wanted to 766 * know the value, notify. Note that we notify for all 767 * disconnected sockets if the corresponding application 768 * wanted. This is because some UDP applications keep sending 769 * sockets disconnected. 770 * XXX: should we avoid to notify the value to TCP sockets? 771 */ 772 if (cmd == PRC_MSGSIZE && (in6p->in6p_flags & IN6P_MTU) != 0 && 773 (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr) || 774 IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, &sa6_dst->sin6_addr))) { 775 ip6_notify_pmtu(in6p, (const struct sockaddr_in6 *)dst, 776 (u_int32_t *)cmdarg); 777 } 778 779 /* 780 * Detect if we should notify the error. If no source and 781 * destination ports are specified, but non-zero flowinfo and 782 * local address match, notify the error. This is the case 783 * when the error is delivered with an encrypted buffer 784 * by ESP. Otherwise, just compare addresses and ports 785 * as usual. 786 */ 787 if (lport == 0 && fport == 0 && flowinfo && 788 in6p->in6p_socket != NULL && 789 flowinfo == (in6p->in6p_flowinfo & IPV6_FLOWLABEL_MASK) && 790 IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &sa6_src.sin6_addr)) 791 goto do_notify; 792 else if (!IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, 793 &sa6_dst->sin6_addr) || 794 in6p->in6p_socket == 0 || 795 (lport && in6p->in6p_lport != lport) || 796 (!IN6_IS_ADDR_UNSPECIFIED(&sa6_src.sin6_addr) && 797 !IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, 798 &sa6_src.sin6_addr)) || 799 (fport && in6p->in6p_fport != fport)) 800 continue; 801 802 do_notify: 803 if (notify) 804 (*notify)(in6p, errno); 805 nmatch++; 806 } 807 return nmatch; 808 } 809 810 void 811 in6_pcbpurgeif0(struct inpcbtable *table, struct ifnet *ifp) 812 { 813 struct in6pcb *in6p, *nin6p; 814 struct ip6_moptions *im6o; 815 struct in6_multi_mship *imm, *nimm; 816 817 for (in6p = (struct in6pcb *)CIRCLEQ_FIRST(&table->inpt_queue); 818 in6p != (void *)&table->inpt_queue; 819 in6p = nin6p) { 820 nin6p = (struct in6pcb *)CIRCLEQ_NEXT(in6p, in6p_queue); 821 if (in6p->in6p_af != AF_INET6) 822 continue; 823 824 im6o = in6p->in6p_moptions; 825 if (im6o) { 826 /* 827 * Unselect the outgoing interface if it is being 828 * detached. 829 */ 830 if (im6o->im6o_multicast_ifp == ifp) 831 im6o->im6o_multicast_ifp = NULL; 832 833 /* 834 * Drop multicast group membership if we joined 835 * through the interface being detached. 836 * XXX controversial - is it really legal for kernel 837 * to force this? 838 */ 839 for (imm = im6o->im6o_memberships.lh_first; 840 imm != NULL; imm = nimm) { 841 nimm = imm->i6mm_chain.le_next; 842 if (imm->i6mm_maddr->in6m_ifp == ifp) { 843 LIST_REMOVE(imm, i6mm_chain); 844 in6_leavegroup(imm); 845 } 846 } 847 } 848 } 849 } 850 851 void 852 in6_pcbpurgeif(struct inpcbtable *table, struct ifnet *ifp) 853 { 854 struct rtentry *rt; 855 struct in6pcb *in6p, *nin6p; 856 857 for (in6p = (struct in6pcb *)CIRCLEQ_FIRST(&table->inpt_queue); 858 in6p != (void *)&table->inpt_queue; 859 in6p = nin6p) { 860 nin6p = (struct in6pcb *)CIRCLEQ_NEXT(in6p, in6p_queue); 861 if (in6p->in6p_af != AF_INET6) 862 continue; 863 if ((rt = rtcache_validate(&in6p->in6p_route)) != NULL && 864 rt->rt_ifp == ifp) 865 in6_rtchange(in6p, 0); 866 } 867 } 868 869 /* 870 * Check for alternatives when higher level complains 871 * about service problems. For now, invalidate cached 872 * routing information. If the route was created dynamically 873 * (by a redirect), time to try a default gateway again. 874 */ 875 void 876 in6_losing(struct in6pcb *in6p) 877 { 878 struct rtentry *rt; 879 struct rt_addrinfo info; 880 881 if (in6p->in6p_af != AF_INET6) 882 return; 883 884 if ((rt = rtcache_validate(&in6p->in6p_route)) == NULL) 885 return; 886 887 memset(&info, 0, sizeof(info)); 888 info.rti_info[RTAX_DST] = rtcache_getdst(&in6p->in6p_route); 889 info.rti_info[RTAX_GATEWAY] = rt->rt_gateway; 890 info.rti_info[RTAX_NETMASK] = rt_mask(rt); 891 rt_missmsg(RTM_LOSING, &info, rt->rt_flags, 0); 892 if (rt->rt_flags & RTF_DYNAMIC) { 893 (void)rtrequest(RTM_DELETE, rt_getkey(rt), 894 rt->rt_gateway, rt_mask(rt), rt->rt_flags, NULL); 895 } 896 /* 897 * A new route can be allocated 898 * the next time output is attempted. 899 */ 900 rtcache_free(&in6p->in6p_route); 901 } 902 903 /* 904 * After a routing change, flush old routing. A new route can be 905 * allocated the next time output is attempted. 906 */ 907 void 908 in6_rtchange(struct in6pcb *in6p, int errno) 909 { 910 if (in6p->in6p_af != AF_INET6) 911 return; 912 913 rtcache_free(&in6p->in6p_route); 914 /* 915 * A new route can be allocated the next time 916 * output is attempted. 917 */ 918 } 919 920 struct in6pcb * 921 in6_pcblookup_port(struct inpcbtable *table, struct in6_addr *laddr6, 922 u_int lport_arg, int lookup_wildcard, struct vestigial_inpcb *vp) 923 { 924 struct inpcbhead *head; 925 struct inpcb_hdr *inph; 926 struct in6pcb *in6p, *match = 0; 927 int matchwild = 3, wildcard; 928 u_int16_t lport = lport_arg; 929 930 if (vp) 931 vp->valid = 0; 932 933 head = IN6PCBHASH_PORT(table, lport); 934 LIST_FOREACH(inph, head, inph_lhash) { 935 in6p = (struct in6pcb *)inph; 936 if (in6p->in6p_af != AF_INET6) 937 continue; 938 939 if (in6p->in6p_lport != lport) 940 continue; 941 wildcard = 0; 942 if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr)) { 943 if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) 944 continue; 945 } 946 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) 947 wildcard++; 948 if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr)) { 949 if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) 950 continue; 951 if (!IN6_IS_ADDR_V4MAPPED(laddr6)) 952 continue; 953 954 /* duplicate of IPv4 logic */ 955 wildcard = 0; 956 if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr) && 957 in6p->in6p_faddr.s6_addr32[3]) 958 wildcard++; 959 if (!in6p->in6p_laddr.s6_addr32[3]) { 960 if (laddr6->s6_addr32[3]) 961 wildcard++; 962 } else { 963 if (!laddr6->s6_addr32[3]) 964 wildcard++; 965 else { 966 if (in6p->in6p_laddr.s6_addr32[3] != 967 laddr6->s6_addr32[3]) 968 continue; 969 } 970 } 971 } else if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr)) { 972 if (IN6_IS_ADDR_V4MAPPED(laddr6)) { 973 if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) 974 continue; 975 } 976 if (!IN6_IS_ADDR_UNSPECIFIED(laddr6)) 977 wildcard++; 978 } else { 979 if (IN6_IS_ADDR_V4MAPPED(laddr6)) { 980 if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) 981 continue; 982 } 983 if (IN6_IS_ADDR_UNSPECIFIED(laddr6)) 984 wildcard++; 985 else { 986 if (!IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, 987 laddr6)) 988 continue; 989 } 990 } 991 if (wildcard && !lookup_wildcard) 992 continue; 993 if (wildcard < matchwild) { 994 match = in6p; 995 matchwild = wildcard; 996 if (matchwild == 0) 997 break; 998 } 999 } 1000 if (match && matchwild == 0) 1001 return match; 1002 1003 if (vp && table->vestige && table->vestige->init_ports6) { 1004 struct vestigial_inpcb better; 1005 void *state; 1006 1007 state = (*table->vestige->init_ports6)(laddr6, 1008 lport_arg, 1009 lookup_wildcard); 1010 while (table->vestige 1011 && (*table->vestige->next_port6)(state, vp)) { 1012 1013 if (vp->lport != lport) 1014 continue; 1015 wildcard = 0; 1016 if (!IN6_IS_ADDR_UNSPECIFIED(&vp->faddr.v6)) 1017 wildcard++; 1018 if (IN6_IS_ADDR_UNSPECIFIED(&vp->laddr.v6)) { 1019 if (!IN6_IS_ADDR_UNSPECIFIED(laddr6)) 1020 wildcard++; 1021 } else { 1022 if (IN6_IS_ADDR_V4MAPPED(laddr6)) { 1023 if (vp->v6only) 1024 continue; 1025 } 1026 if (IN6_IS_ADDR_UNSPECIFIED(laddr6)) 1027 wildcard++; 1028 else { 1029 if (!IN6_ARE_ADDR_EQUAL(&vp->laddr.v6, laddr6)) 1030 continue; 1031 } 1032 } 1033 if (wildcard && !lookup_wildcard) 1034 continue; 1035 if (wildcard < matchwild) { 1036 better = *vp; 1037 match = (void*)&better; 1038 1039 matchwild = wildcard; 1040 if (matchwild == 0) 1041 break; 1042 } 1043 } 1044 1045 if (match) { 1046 if (match != (void*)&better) 1047 return match; 1048 else { 1049 *vp = better; 1050 return 0; 1051 } 1052 } 1053 } 1054 return (match); 1055 } 1056 1057 /* 1058 * WARNING: return value (rtentry) could be IPv4 one if in6pcb is connected to 1059 * IPv4 mapped address. 1060 */ 1061 struct rtentry * 1062 in6_pcbrtentry(struct in6pcb *in6p) 1063 { 1064 struct rtentry *rt; 1065 struct route *ro; 1066 union { 1067 const struct sockaddr *sa; 1068 const struct sockaddr_in6 *sa6; 1069 #ifdef INET 1070 const struct sockaddr_in *sa4; 1071 #endif 1072 } cdst; 1073 1074 ro = &in6p->in6p_route; 1075 1076 if (in6p->in6p_af != AF_INET6) 1077 return (NULL); 1078 1079 cdst.sa = rtcache_getdst(ro); 1080 if (cdst.sa == NULL) 1081 ; 1082 #ifdef INET 1083 else if (cdst.sa->sa_family == AF_INET) { 1084 KASSERT(IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr)); 1085 if (cdst.sa4->sin_addr.s_addr != in6p->in6p_faddr.s6_addr32[3]) 1086 rtcache_free(ro); 1087 } 1088 #endif 1089 else { 1090 if (!IN6_ARE_ADDR_EQUAL(&cdst.sa6->sin6_addr, 1091 &in6p->in6p_faddr)) 1092 rtcache_free(ro); 1093 } 1094 if ((rt = rtcache_validate(ro)) == NULL) 1095 rt = rtcache_update(ro, 1); 1096 #ifdef INET 1097 if (rt == NULL && IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr)) { 1098 union { 1099 struct sockaddr dst; 1100 struct sockaddr_in dst4; 1101 } u; 1102 struct in_addr addr; 1103 1104 addr.s_addr = in6p->in6p_faddr.s6_addr32[3]; 1105 1106 sockaddr_in_init(&u.dst4, &addr, 0); 1107 rtcache_setdst(ro, &u.dst); 1108 1109 rt = rtcache_init(ro); 1110 } else 1111 #endif 1112 if (rt == NULL && !IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) { 1113 union { 1114 struct sockaddr dst; 1115 struct sockaddr_in6 dst6; 1116 } u; 1117 1118 sockaddr_in6_init(&u.dst6, &in6p->in6p_faddr, 0, 0, 0); 1119 rtcache_setdst(ro, &u.dst); 1120 1121 rt = rtcache_init(ro); 1122 } 1123 return rt; 1124 } 1125 1126 struct in6pcb * 1127 in6_pcblookup_connect(struct inpcbtable *table, const struct in6_addr *faddr6, 1128 u_int fport_arg, const struct in6_addr *laddr6, u_int lport_arg, 1129 int faith, 1130 struct vestigial_inpcb *vp) 1131 { 1132 struct inpcbhead *head; 1133 struct inpcb_hdr *inph; 1134 struct in6pcb *in6p; 1135 u_int16_t fport = fport_arg, lport = lport_arg; 1136 1137 if (vp) 1138 vp->valid = 0; 1139 1140 head = IN6PCBHASH_CONNECT(table, faddr6, fport, laddr6, lport); 1141 LIST_FOREACH(inph, head, inph_hash) { 1142 in6p = (struct in6pcb *)inph; 1143 if (in6p->in6p_af != AF_INET6) 1144 continue; 1145 1146 /* find exact match on both source and dest */ 1147 if (in6p->in6p_fport != fport) 1148 continue; 1149 if (in6p->in6p_lport != lport) 1150 continue; 1151 if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) 1152 continue; 1153 if (!IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, faddr6)) 1154 continue; 1155 if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr)) 1156 continue; 1157 if (!IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, laddr6)) 1158 continue; 1159 if ((IN6_IS_ADDR_V4MAPPED(laddr6) || 1160 IN6_IS_ADDR_V4MAPPED(faddr6)) && 1161 (in6p->in6p_flags & IN6P_IPV6_V6ONLY)) 1162 continue; 1163 return in6p; 1164 } 1165 if (vp && table->vestige) { 1166 if ((*table->vestige->lookup6)(faddr6, fport_arg, 1167 laddr6, lport_arg, vp)) 1168 return 0; 1169 } 1170 1171 return NULL; 1172 } 1173 1174 struct in6pcb * 1175 in6_pcblookup_bind(struct inpcbtable *table, const struct in6_addr *laddr6, 1176 u_int lport_arg, int faith) 1177 { 1178 struct inpcbhead *head; 1179 struct inpcb_hdr *inph; 1180 struct in6pcb *in6p; 1181 u_int16_t lport = lport_arg; 1182 #ifdef INET 1183 struct in6_addr zero_mapped; 1184 #endif 1185 1186 head = IN6PCBHASH_BIND(table, laddr6, lport); 1187 LIST_FOREACH(inph, head, inph_hash) { 1188 in6p = (struct in6pcb *)inph; 1189 if (in6p->in6p_af != AF_INET6) 1190 continue; 1191 1192 if (faith && (in6p->in6p_flags & IN6P_FAITH) == 0) 1193 continue; 1194 if (in6p->in6p_fport != 0) 1195 continue; 1196 if (in6p->in6p_lport != lport) 1197 continue; 1198 if (IN6_IS_ADDR_V4MAPPED(laddr6) && 1199 (in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) 1200 continue; 1201 if (IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, laddr6)) 1202 goto out; 1203 } 1204 #ifdef INET 1205 if (IN6_IS_ADDR_V4MAPPED(laddr6)) { 1206 memset(&zero_mapped, 0, sizeof(zero_mapped)); 1207 zero_mapped.s6_addr16[5] = 0xffff; 1208 head = IN6PCBHASH_BIND(table, &zero_mapped, lport); 1209 LIST_FOREACH(inph, head, inph_hash) { 1210 in6p = (struct in6pcb *)inph; 1211 if (in6p->in6p_af != AF_INET6) 1212 continue; 1213 1214 if (faith && (in6p->in6p_flags & IN6P_FAITH) == 0) 1215 continue; 1216 if (in6p->in6p_fport != 0) 1217 continue; 1218 if (in6p->in6p_lport != lport) 1219 continue; 1220 if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) 1221 continue; 1222 if (IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &zero_mapped)) 1223 goto out; 1224 } 1225 } 1226 #endif 1227 head = IN6PCBHASH_BIND(table, &zeroin6_addr, lport); 1228 LIST_FOREACH(inph, head, inph_hash) { 1229 in6p = (struct in6pcb *)inph; 1230 if (in6p->in6p_af != AF_INET6) 1231 continue; 1232 1233 if (faith && (in6p->in6p_flags & IN6P_FAITH) == 0) 1234 continue; 1235 if (in6p->in6p_fport != 0) 1236 continue; 1237 if (in6p->in6p_lport != lport) 1238 continue; 1239 if (IN6_IS_ADDR_V4MAPPED(laddr6) && 1240 (in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) 1241 continue; 1242 if (IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &zeroin6_addr)) 1243 goto out; 1244 } 1245 return (NULL); 1246 1247 out: 1248 inph = &in6p->in6p_head; 1249 if (inph != LIST_FIRST(head)) { 1250 LIST_REMOVE(inph, inph_hash); 1251 LIST_INSERT_HEAD(head, inph, inph_hash); 1252 } 1253 return in6p; 1254 } 1255 1256 void 1257 in6_pcbstate(struct in6pcb *in6p, int state) 1258 { 1259 1260 if (in6p->in6p_af != AF_INET6) 1261 return; 1262 1263 if (in6p->in6p_state > IN6P_ATTACHED) 1264 LIST_REMOVE(&in6p->in6p_head, inph_hash); 1265 1266 switch (state) { 1267 case IN6P_BOUND: 1268 LIST_INSERT_HEAD(IN6PCBHASH_BIND(in6p->in6p_table, 1269 &in6p->in6p_laddr, in6p->in6p_lport), &in6p->in6p_head, 1270 inph_hash); 1271 break; 1272 case IN6P_CONNECTED: 1273 LIST_INSERT_HEAD(IN6PCBHASH_CONNECT(in6p->in6p_table, 1274 &in6p->in6p_faddr, in6p->in6p_fport, 1275 &in6p->in6p_laddr, in6p->in6p_lport), &in6p->in6p_head, 1276 inph_hash); 1277 break; 1278 } 1279 1280 in6p->in6p_state = state; 1281 } 1282