1 /* $NetBSD: in6_pcb.c,v 1.155 2016/12/13 08:29:03 ozaki-r Exp $ */ 2 /* $KAME: in6_pcb.c,v 1.84 2001/02/08 18:02:08 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1991, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)in_pcb.c 8.2 (Berkeley) 1/4/94 62 */ 63 64 #include <sys/cdefs.h> 65 __KERNEL_RCSID(0, "$NetBSD: in6_pcb.c,v 1.155 2016/12/13 08:29:03 ozaki-r Exp $"); 66 67 #ifdef _KERNEL_OPT 68 #include "opt_inet.h" 69 #include "opt_ipsec.h" 70 #endif 71 72 #include <sys/param.h> 73 #include <sys/systm.h> 74 #include <sys/mbuf.h> 75 #include <sys/protosw.h> 76 #include <sys/socket.h> 77 #include <sys/socketvar.h> 78 #include <sys/ioctl.h> 79 #include <sys/errno.h> 80 #include <sys/time.h> 81 #include <sys/proc.h> 82 #include <sys/kauth.h> 83 #include <sys/domain.h> 84 #include <sys/once.h> 85 86 #include <net/if.h> 87 #include <net/route.h> 88 89 #include <netinet/in.h> 90 #include <netinet/in_var.h> 91 #include <netinet/in_systm.h> 92 #include <netinet/ip.h> 93 #include <netinet/in_pcb.h> 94 #include <netinet/ip6.h> 95 #include <netinet/portalgo.h> 96 #include <netinet6/ip6_var.h> 97 #include <netinet6/in6_pcb.h> 98 #include <netinet6/scope6_var.h> 99 100 #include "faith.h" 101 102 #ifdef IPSEC 103 #include <netipsec/ipsec.h> 104 #include <netipsec/ipsec6.h> 105 #include <netipsec/key.h> 106 #endif /* IPSEC */ 107 108 #include <netinet/tcp_vtw.h> 109 110 const struct in6_addr zeroin6_addr; 111 112 #define IN6PCBHASH_PORT(table, lport) \ 113 &(table)->inpt_porthashtbl[ntohs(lport) & (table)->inpt_porthash] 114 #define IN6PCBHASH_BIND(table, laddr, lport) \ 115 &(table)->inpt_bindhashtbl[ \ 116 (((laddr)->s6_addr32[0] ^ (laddr)->s6_addr32[1] ^ \ 117 (laddr)->s6_addr32[2] ^ (laddr)->s6_addr32[3]) + ntohs(lport)) & \ 118 (table)->inpt_bindhash] 119 #define IN6PCBHASH_CONNECT(table, faddr, fport, laddr, lport) \ 120 &(table)->inpt_bindhashtbl[ \ 121 ((((faddr)->s6_addr32[0] ^ (faddr)->s6_addr32[1] ^ \ 122 (faddr)->s6_addr32[2] ^ (faddr)->s6_addr32[3]) + ntohs(fport)) + \ 123 (((laddr)->s6_addr32[0] ^ (laddr)->s6_addr32[1] ^ \ 124 (laddr)->s6_addr32[2] ^ (laddr)->s6_addr32[3]) + \ 125 ntohs(lport))) & (table)->inpt_bindhash] 126 127 int ip6_anonportmin = IPV6PORT_ANONMIN; 128 int ip6_anonportmax = IPV6PORT_ANONMAX; 129 int ip6_lowportmin = IPV6PORT_RESERVEDMIN; 130 int ip6_lowportmax = IPV6PORT_RESERVEDMAX; 131 132 static struct pool in6pcb_pool; 133 134 static int 135 in6pcb_poolinit(void) 136 { 137 138 pool_init(&in6pcb_pool, sizeof(struct in6pcb), 0, 0, 0, "in6pcbpl", 139 NULL, IPL_SOFTNET); 140 return 0; 141 } 142 143 void 144 in6_pcbinit(struct inpcbtable *table, int bindhashsize, int connecthashsize) 145 { 146 static ONCE_DECL(control); 147 148 in_pcbinit(table, bindhashsize, connecthashsize); 149 table->inpt_lastport = (u_int16_t)ip6_anonportmax; 150 151 RUN_ONCE(&control, in6pcb_poolinit); 152 } 153 154 int 155 in6_pcballoc(struct socket *so, void *v) 156 { 157 struct inpcbtable *table = v; 158 struct in6pcb *in6p; 159 int s; 160 161 s = splnet(); 162 in6p = pool_get(&in6pcb_pool, PR_NOWAIT); 163 splx(s); 164 if (in6p == NULL) 165 return (ENOBUFS); 166 memset((void *)in6p, 0, sizeof(*in6p)); 167 in6p->in6p_af = AF_INET6; 168 in6p->in6p_table = table; 169 in6p->in6p_socket = so; 170 in6p->in6p_hops = -1; /* use kernel default */ 171 in6p->in6p_icmp6filt = NULL; 172 in6p->in6p_portalgo = PORTALGO_DEFAULT; 173 in6p->in6p_bindportonsend = false; 174 #if defined(IPSEC) 175 if (ipsec_enabled) { 176 int error = ipsec_init_pcbpolicy(so, &in6p->in6p_sp); 177 if (error != 0) { 178 s = splnet(); 179 pool_put(&in6pcb_pool, in6p); 180 splx(s); 181 return error; 182 } 183 } 184 #endif /* IPSEC */ 185 s = splnet(); 186 TAILQ_INSERT_HEAD(&table->inpt_queue, (struct inpcb_hdr*)in6p, 187 inph_queue); 188 LIST_INSERT_HEAD(IN6PCBHASH_PORT(table, in6p->in6p_lport), 189 &in6p->in6p_head, inph_lhash); 190 in6_pcbstate(in6p, IN6P_ATTACHED); 191 splx(s); 192 if (ip6_v6only) 193 in6p->in6p_flags |= IN6P_IPV6_V6ONLY; 194 so->so_pcb = (void *)in6p; 195 return (0); 196 } 197 198 /* 199 * Bind address from sin6 to in6p. 200 */ 201 static int 202 in6_pcbbind_addr(struct in6pcb *in6p, struct sockaddr_in6 *sin6, struct lwp *l) 203 { 204 int error; 205 int s; 206 207 /* 208 * We should check the family, but old programs 209 * incorrectly fail to intialize it. 210 */ 211 if (sin6->sin6_family != AF_INET6) 212 return (EAFNOSUPPORT); 213 214 #ifndef INET 215 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) 216 return (EADDRNOTAVAIL); 217 #endif 218 219 if ((error = sa6_embedscope(sin6, ip6_use_defzone)) != 0) 220 return (error); 221 222 s = pserialize_read_enter(); 223 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { 224 if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) { 225 error = EINVAL; 226 goto out; 227 } 228 if (sin6->sin6_addr.s6_addr32[3]) { 229 struct sockaddr_in sin; 230 231 memset(&sin, 0, sizeof(sin)); 232 sin.sin_len = sizeof(sin); 233 sin.sin_family = AF_INET; 234 bcopy(&sin6->sin6_addr.s6_addr32[3], 235 &sin.sin_addr, sizeof(sin.sin_addr)); 236 if (!IN_MULTICAST(sin.sin_addr.s_addr)) { 237 struct ifaddr *ifa; 238 ifa = ifa_ifwithaddr((struct sockaddr *)&sin); 239 if (ifa == NULL) { 240 error = EADDRNOTAVAIL; 241 goto out; 242 } 243 } 244 } 245 } else if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) { 246 // succeed 247 } else if (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 248 struct ifaddr *ifa = NULL; 249 250 if ((in6p->in6p_flags & IN6P_FAITH) == 0) { 251 ifa = ifa_ifwithaddr(sin6tosa(sin6)); 252 if (ifa == NULL) { 253 error = EADDRNOTAVAIL; 254 goto out; 255 } 256 } 257 258 /* 259 * bind to an anycast address might accidentally 260 * cause sending a packet with an anycast source 261 * address, so we forbid it. 262 * 263 * We should allow to bind to a deprecated address, 264 * since the application dare to use it. 265 * But, can we assume that they are careful enough 266 * to check if the address is deprecated or not? 267 * Maybe, as a safeguard, we should have a setsockopt 268 * flag to control the bind(2) behavior against 269 * deprecated addresses (default: forbid bind(2)). 270 */ 271 if (ifa && 272 ifatoia6(ifa)->ia6_flags & 273 (IN6_IFF_ANYCAST | IN6_IFF_DUPLICATED)) { 274 error = EADDRNOTAVAIL; 275 goto out; 276 } 277 } 278 in6p->in6p_laddr = sin6->sin6_addr; 279 error = 0; 280 out: 281 pserialize_read_exit(s); 282 return error; 283 } 284 285 /* 286 * Bind port from sin6 to in6p. 287 */ 288 static int 289 in6_pcbbind_port(struct in6pcb *in6p, struct sockaddr_in6 *sin6, struct lwp *l) 290 { 291 struct inpcbtable *table = in6p->in6p_table; 292 struct socket *so = in6p->in6p_socket; 293 int wild = 0, reuseport = (so->so_options & SO_REUSEPORT); 294 int error; 295 296 if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0 && 297 ((so->so_proto->pr_flags & PR_CONNREQUIRED) == 0 || 298 (so->so_options & SO_ACCEPTCONN) == 0)) 299 wild = 1; 300 301 if (sin6->sin6_port != 0) { 302 enum kauth_network_req req; 303 304 #ifndef IPNOPRIVPORTS 305 if (ntohs(sin6->sin6_port) < IPV6PORT_RESERVED) 306 req = KAUTH_REQ_NETWORK_BIND_PRIVPORT; 307 else 308 #endif /* IPNOPRIVPORTS */ 309 req = KAUTH_REQ_NETWORK_BIND_PORT; 310 311 error = kauth_authorize_network(l->l_cred, KAUTH_NETWORK_BIND, 312 req, so, sin6, NULL); 313 if (error) 314 return (EACCES); 315 } 316 317 if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) { 318 /* 319 * Treat SO_REUSEADDR as SO_REUSEPORT for multicast; 320 * allow compepte duplication of binding if 321 * SO_REUSEPORT is set, or if SO_REUSEADDR is set 322 * and a multicast address is bound on both 323 * new and duplicated sockets. 324 */ 325 if (so->so_options & (SO_REUSEADDR | SO_REUSEPORT)) 326 reuseport = SO_REUSEADDR|SO_REUSEPORT; 327 } 328 329 if (sin6->sin6_port != 0) { 330 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { 331 #ifdef INET 332 struct inpcb *t; 333 struct vestigial_inpcb vestige; 334 335 t = in_pcblookup_port(table, 336 *(struct in_addr *)&sin6->sin6_addr.s6_addr32[3], 337 sin6->sin6_port, wild, &vestige); 338 if (t && (reuseport & t->inp_socket->so_options) == 0) 339 return (EADDRINUSE); 340 if (!t 341 && vestige.valid 342 && !(reuseport && vestige.reuse_port)) 343 return EADDRINUSE; 344 #else 345 return (EADDRNOTAVAIL); 346 #endif 347 } 348 349 { 350 struct in6pcb *t; 351 struct vestigial_inpcb vestige; 352 353 t = in6_pcblookup_port(table, &sin6->sin6_addr, 354 sin6->sin6_port, wild, &vestige); 355 if (t && (reuseport & t->in6p_socket->so_options) == 0) 356 return (EADDRINUSE); 357 if (!t 358 && vestige.valid 359 && !(reuseport && vestige.reuse_port)) 360 return EADDRINUSE; 361 } 362 } 363 364 if (sin6->sin6_port == 0) { 365 int e; 366 e = in6_pcbsetport(sin6, in6p, l); 367 if (e != 0) 368 return (e); 369 } else { 370 in6p->in6p_lport = sin6->sin6_port; 371 in6_pcbstate(in6p, IN6P_BOUND); 372 } 373 374 LIST_REMOVE(&in6p->in6p_head, inph_lhash); 375 LIST_INSERT_HEAD(IN6PCBHASH_PORT(table, in6p->in6p_lport), 376 &in6p->in6p_head, inph_lhash); 377 378 return (0); 379 } 380 381 int 382 in6_pcbbind(void *v, struct sockaddr_in6 *sin6, struct lwp *l) 383 { 384 struct in6pcb *in6p = v; 385 struct sockaddr_in6 lsin6; 386 int error; 387 388 if (in6p->in6p_af != AF_INET6) 389 return (EINVAL); 390 391 /* 392 * If we already have a local port or a local address it means we're 393 * bounded. 394 */ 395 if (in6p->in6p_lport || !(IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) || 396 (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr) && 397 in6p->in6p_laddr.s6_addr32[3] == 0))) 398 return (EINVAL); 399 400 if (NULL != sin6) { 401 /* We were provided a sockaddr_in6 to use. */ 402 if (sin6->sin6_len != sizeof(*sin6)) 403 return (EINVAL); 404 } else { 405 /* We always bind to *something*, even if it's "anything". */ 406 lsin6 = *((const struct sockaddr_in6 *) 407 in6p->in6p_socket->so_proto->pr_domain->dom_sa_any); 408 sin6 = &lsin6; 409 } 410 411 /* Bind address. */ 412 error = in6_pcbbind_addr(in6p, sin6, l); 413 if (error) 414 return (error); 415 416 /* Bind port. */ 417 error = in6_pcbbind_port(in6p, sin6, l); 418 if (error) { 419 /* 420 * Reset the address here to "any" so we don't "leak" the 421 * in6pcb. 422 */ 423 in6p->in6p_laddr = in6addr_any; 424 425 return (error); 426 } 427 428 429 #if 0 430 in6p->in6p_flowinfo = 0; /* XXX */ 431 #endif 432 return (0); 433 } 434 435 /* 436 * Connect from a socket to a specified address. 437 * Both address and port must be specified in argument sin6. 438 * If don't have a local address for this socket yet, 439 * then pick one. 440 */ 441 int 442 in6_pcbconnect(void *v, struct sockaddr_in6 *sin6, struct lwp *l) 443 { 444 struct in6pcb *in6p = v; 445 struct in6_addr *in6a = NULL; 446 struct in6_addr ia6; 447 struct ifnet *ifp = NULL; /* outgoing interface */ 448 int error = 0; 449 int scope_ambiguous = 0; 450 #ifdef INET 451 struct in6_addr mapped; 452 #endif 453 struct sockaddr_in6 tmp; 454 struct vestigial_inpcb vestige; 455 struct psref psref; 456 int bound; 457 458 (void)&in6a; /* XXX fool gcc */ 459 460 if (in6p->in6p_af != AF_INET6) 461 return (EINVAL); 462 463 if (sin6->sin6_len != sizeof(*sin6)) 464 return (EINVAL); 465 if (sin6->sin6_family != AF_INET6) 466 return (EAFNOSUPPORT); 467 if (sin6->sin6_port == 0) 468 return (EADDRNOTAVAIL); 469 470 if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr) && 471 in6p->in6p_socket->so_type == SOCK_STREAM) 472 return EADDRNOTAVAIL; 473 474 if (sin6->sin6_scope_id == 0 && !ip6_use_defzone) 475 scope_ambiguous = 1; 476 if ((error = sa6_embedscope(sin6, ip6_use_defzone)) != 0) 477 return(error); 478 479 /* sanity check for mapped address case */ 480 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { 481 if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) 482 return EINVAL; 483 if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr)) 484 in6p->in6p_laddr.s6_addr16[5] = htons(0xffff); 485 if (!IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr)) 486 return EINVAL; 487 } else 488 { 489 if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr)) 490 return EINVAL; 491 } 492 493 /* protect *sin6 from overwrites */ 494 tmp = *sin6; 495 sin6 = &tmp; 496 497 bound = curlwp_bind(); 498 /* Source address selection. */ 499 if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr) && 500 in6p->in6p_laddr.s6_addr32[3] == 0) { 501 #ifdef INET 502 struct sockaddr_in sin; 503 struct in_ifaddr *ia4; 504 struct psref _psref; 505 506 memset(&sin, 0, sizeof(sin)); 507 sin.sin_len = sizeof(sin); 508 sin.sin_family = AF_INET; 509 memcpy(&sin.sin_addr, &sin6->sin6_addr.s6_addr32[3], 510 sizeof(sin.sin_addr)); 511 ia4 = in_selectsrc(&sin, &in6p->in6p_route, 512 in6p->in6p_socket->so_options, NULL, &error, &_psref); 513 if (ia4 == NULL) { 514 if (error == 0) 515 error = EADDRNOTAVAIL; 516 return (error); 517 } 518 memset(&mapped, 0, sizeof(mapped)); 519 mapped.s6_addr16[5] = htons(0xffff); 520 memcpy(&mapped.s6_addr32[3], &IA_SIN(ia4)->sin_addr, 521 sizeof(IA_SIN(ia4)->sin_addr)); 522 ia4_release(ia4, &_psref); 523 in6a = &mapped; 524 #else 525 return EADDRNOTAVAIL; 526 #endif 527 } else { 528 /* 529 * XXX: in6_selectsrc might replace the bound local address 530 * with the address specified by setsockopt(IPV6_PKTINFO). 531 * Is it the intended behavior? 532 */ 533 error = in6_selectsrc(sin6, in6p->in6p_outputopts, 534 in6p->in6p_moptions, &in6p->in6p_route, &in6p->in6p_laddr, 535 &ifp, &psref, &ia6); 536 if (error == 0) 537 in6a = &ia6; 538 if (ifp && scope_ambiguous && 539 (error = in6_setscope(&sin6->sin6_addr, ifp, NULL)) != 0) { 540 if_put(ifp, &psref); 541 curlwp_bindx(bound); 542 return error; 543 } 544 545 if (in6a == NULL) { 546 if_put(ifp, &psref); 547 curlwp_bindx(bound); 548 if (error == 0) 549 error = EADDRNOTAVAIL; 550 return error; 551 } 552 } 553 554 if (ifp != NULL) { 555 in6p->in6p_ip6.ip6_hlim = (u_int8_t)in6_selecthlim(in6p, ifp); 556 if_put(ifp, &psref); 557 } else 558 in6p->in6p_ip6.ip6_hlim = (u_int8_t)in6_selecthlim_rt(in6p); 559 curlwp_bindx(bound); 560 561 if (in6_pcblookup_connect(in6p->in6p_table, &sin6->sin6_addr, 562 sin6->sin6_port, 563 IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) ? in6a : &in6p->in6p_laddr, 564 in6p->in6p_lport, 0, &vestige) 565 || vestige.valid) 566 return (EADDRINUSE); 567 if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) || 568 (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr) && 569 in6p->in6p_laddr.s6_addr32[3] == 0)) 570 { 571 if (in6p->in6p_lport == 0) { 572 error = in6_pcbbind(in6p, NULL, l); 573 if (error != 0) 574 return error; 575 } 576 in6p->in6p_laddr = *in6a; 577 } 578 in6p->in6p_faddr = sin6->sin6_addr; 579 in6p->in6p_fport = sin6->sin6_port; 580 581 /* Late bind, if needed */ 582 if (in6p->in6p_bindportonsend) { 583 struct sockaddr_in6 lsin = *((const struct sockaddr_in6 *) 584 in6p->in6p_socket->so_proto->pr_domain->dom_sa_any); 585 lsin.sin6_addr = in6p->in6p_laddr; 586 lsin.sin6_port = 0; 587 588 if ((error = in6_pcbbind_port(in6p, &lsin, l)) != 0) 589 return error; 590 } 591 592 in6_pcbstate(in6p, IN6P_CONNECTED); 593 in6p->in6p_flowinfo &= ~IPV6_FLOWLABEL_MASK; 594 if (ip6_auto_flowlabel) 595 in6p->in6p_flowinfo |= 596 (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK); 597 #if defined(IPSEC) 598 if (ipsec_enabled && in6p->in6p_socket->so_type == SOCK_STREAM) 599 ipsec_pcbconn(in6p->in6p_sp); 600 #endif 601 return (0); 602 } 603 604 void 605 in6_pcbdisconnect(struct in6pcb *in6p) 606 { 607 memset((void *)&in6p->in6p_faddr, 0, sizeof(in6p->in6p_faddr)); 608 in6p->in6p_fport = 0; 609 in6_pcbstate(in6p, IN6P_BOUND); 610 in6p->in6p_flowinfo &= ~IPV6_FLOWLABEL_MASK; 611 #if defined(IPSEC) 612 if (ipsec_enabled) 613 ipsec_pcbdisconn(in6p->in6p_sp); 614 #endif 615 if (in6p->in6p_socket->so_state & SS_NOFDREF) 616 in6_pcbdetach(in6p); 617 } 618 619 void 620 in6_pcbdetach(struct in6pcb *in6p) 621 { 622 struct socket *so = in6p->in6p_socket; 623 int s; 624 625 if (in6p->in6p_af != AF_INET6) 626 return; 627 628 #if defined(IPSEC) 629 if (ipsec_enabled) 630 ipsec6_delete_pcbpolicy(in6p); 631 #endif 632 so->so_pcb = NULL; 633 634 s = splnet(); 635 in6_pcbstate(in6p, IN6P_ATTACHED); 636 LIST_REMOVE(&in6p->in6p_head, inph_lhash); 637 TAILQ_REMOVE(&in6p->in6p_table->inpt_queue, &in6p->in6p_head, 638 inph_queue); 639 splx(s); 640 641 if (in6p->in6p_options) { 642 m_freem(in6p->in6p_options); 643 } 644 if (in6p->in6p_outputopts != NULL) { 645 ip6_clearpktopts(in6p->in6p_outputopts, -1); 646 free(in6p->in6p_outputopts, M_IP6OPT); 647 } 648 rtcache_free(&in6p->in6p_route); 649 ip6_freemoptions(in6p->in6p_moptions); 650 ip_freemoptions(in6p->in6p_v4moptions); 651 sofree(so); /* drops the socket's lock */ 652 653 pool_put(&in6pcb_pool, in6p); 654 mutex_enter(softnet_lock); /* reacquire it */ 655 } 656 657 void 658 in6_setsockaddr(struct in6pcb *in6p, struct sockaddr_in6 *sin6) 659 { 660 661 if (in6p->in6p_af != AF_INET6) 662 return; 663 664 sockaddr_in6_init(sin6, &in6p->in6p_laddr, in6p->in6p_lport, 0, 0); 665 (void)sa6_recoverscope(sin6); /* XXX: should catch errors */ 666 } 667 668 void 669 in6_setpeeraddr(struct in6pcb *in6p, struct sockaddr_in6 *sin6) 670 { 671 672 if (in6p->in6p_af != AF_INET6) 673 return; 674 675 sockaddr_in6_init(sin6, &in6p->in6p_faddr, in6p->in6p_fport, 0, 0); 676 (void)sa6_recoverscope(sin6); /* XXX: should catch errors */ 677 } 678 679 /* 680 * Pass some notification to all connections of a protocol 681 * associated with address dst. The local address and/or port numbers 682 * may be specified to limit the search. The "usual action" will be 683 * taken, depending on the ctlinput cmd. The caller must filter any 684 * cmds that are uninteresting (e.g., no error in the map). 685 * Call the protocol specific routine (if any) to report 686 * any errors for each matching socket. 687 * 688 * Must be called at splsoftnet. 689 * 690 * Note: src (4th arg) carries the flowlabel value on the original IPv6 691 * header, in sin6_flowinfo member. 692 */ 693 int 694 in6_pcbnotify(struct inpcbtable *table, const struct sockaddr *dst, 695 u_int fport_arg, const struct sockaddr *src, u_int lport_arg, int cmd, 696 void *cmdarg, void (*notify)(struct in6pcb *, int)) 697 { 698 struct inpcb_hdr *inph, *ninph; 699 struct sockaddr_in6 sa6_src; 700 const struct sockaddr_in6 *sa6_dst; 701 u_int16_t fport = fport_arg, lport = lport_arg; 702 int errno; 703 int nmatch = 0; 704 u_int32_t flowinfo; 705 706 if ((unsigned)cmd >= PRC_NCMDS || dst->sa_family != AF_INET6) 707 return 0; 708 709 sa6_dst = (const struct sockaddr_in6 *)dst; 710 if (IN6_IS_ADDR_UNSPECIFIED(&sa6_dst->sin6_addr)) 711 return 0; 712 713 /* 714 * note that src can be NULL when we get notify by local fragmentation. 715 */ 716 sa6_src = (src == NULL) ? sa6_any : *(const struct sockaddr_in6 *)src; 717 flowinfo = sa6_src.sin6_flowinfo; 718 719 /* 720 * Redirects go to all references to the destination, 721 * and use in6_rtchange to invalidate the route cache. 722 * Dead host indications: also use in6_rtchange to invalidate 723 * the cache, and deliver the error to all the sockets. 724 * Otherwise, if we have knowledge of the local port and address, 725 * deliver only to that socket. 726 */ 727 if (PRC_IS_REDIRECT(cmd) || cmd == PRC_HOSTDEAD) { 728 fport = 0; 729 lport = 0; 730 memset((void *)&sa6_src.sin6_addr, 0, sizeof(sa6_src.sin6_addr)); 731 732 if (cmd != PRC_HOSTDEAD) 733 notify = in6_rtchange; 734 } 735 736 errno = inet6ctlerrmap[cmd]; 737 TAILQ_FOREACH_SAFE(inph, &table->inpt_queue, inph_queue, ninph) { 738 struct in6pcb *in6p = (struct in6pcb *)inph; 739 struct rtentry *rt = NULL; 740 741 if (in6p->in6p_af != AF_INET6) 742 continue; 743 744 /* 745 * Under the following condition, notify of redirects 746 * to the pcb, without making address matches against inpcb. 747 * - redirect notification is arrived. 748 * - the inpcb is unconnected. 749 * - the inpcb is caching !RTF_HOST routing entry. 750 * - the ICMPv6 notification is from the gateway cached in the 751 * inpcb. i.e. ICMPv6 notification is from nexthop gateway 752 * the inpcb used very recently. 753 * 754 * This is to improve interaction between netbsd/openbsd 755 * redirect handling code, and inpcb route cache code. 756 * without the clause, !RTF_HOST routing entry (which carries 757 * gateway used by inpcb right before the ICMPv6 redirect) 758 * will be cached forever in unconnected inpcb. 759 * 760 * There still is a question regarding to what is TRT: 761 * - On bsdi/freebsd, RTF_HOST (cloned) routing entry will be 762 * generated on packet output. inpcb will always cache 763 * RTF_HOST routing entry so there's no need for the clause 764 * (ICMPv6 redirect will update RTF_HOST routing entry, 765 * and inpcb is caching it already). 766 * However, bsdi/freebsd are vulnerable to local DoS attacks 767 * due to the cloned routing entries. 768 * - Specwise, "destination cache" is mentioned in RFC2461. 769 * Jinmei says that it implies bsdi/freebsd behavior, itojun 770 * is not really convinced. 771 * - Having hiwat/lowat on # of cloned host route (redirect/ 772 * pmtud) may be a good idea. netbsd/openbsd has it. see 773 * icmp6_mtudisc_update(). 774 */ 775 if ((PRC_IS_REDIRECT(cmd) || cmd == PRC_HOSTDEAD) && 776 IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr) && 777 (rt = rtcache_validate(&in6p->in6p_route)) != NULL && 778 !(rt->rt_flags & RTF_HOST)) { 779 const struct sockaddr_in6 *dst6; 780 781 dst6 = (const struct sockaddr_in6 *) 782 rtcache_getdst(&in6p->in6p_route); 783 if (dst6 == NULL) 784 ; 785 else if (IN6_ARE_ADDR_EQUAL(&dst6->sin6_addr, 786 &sa6_dst->sin6_addr)) { 787 rtcache_unref(rt, &in6p->in6p_route); 788 goto do_notify; 789 } 790 } 791 rtcache_unref(rt, &in6p->in6p_route); 792 793 /* 794 * If the error designates a new path MTU for a destination 795 * and the application (associated with this socket) wanted to 796 * know the value, notify. Note that we notify for all 797 * disconnected sockets if the corresponding application 798 * wanted. This is because some UDP applications keep sending 799 * sockets disconnected. 800 * XXX: should we avoid to notify the value to TCP sockets? 801 */ 802 if (cmd == PRC_MSGSIZE && (in6p->in6p_flags & IN6P_MTU) != 0 && 803 (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr) || 804 IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, &sa6_dst->sin6_addr))) { 805 ip6_notify_pmtu(in6p, (const struct sockaddr_in6 *)dst, 806 (u_int32_t *)cmdarg); 807 } 808 809 /* 810 * Detect if we should notify the error. If no source and 811 * destination ports are specified, but non-zero flowinfo and 812 * local address match, notify the error. This is the case 813 * when the error is delivered with an encrypted buffer 814 * by ESP. Otherwise, just compare addresses and ports 815 * as usual. 816 */ 817 if (lport == 0 && fport == 0 && flowinfo && 818 in6p->in6p_socket != NULL && 819 flowinfo == (in6p->in6p_flowinfo & IPV6_FLOWLABEL_MASK) && 820 IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &sa6_src.sin6_addr)) 821 goto do_notify; 822 else if (!IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, 823 &sa6_dst->sin6_addr) || 824 in6p->in6p_socket == NULL || 825 (lport && in6p->in6p_lport != lport) || 826 (!IN6_IS_ADDR_UNSPECIFIED(&sa6_src.sin6_addr) && 827 !IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, 828 &sa6_src.sin6_addr)) || 829 (fport && in6p->in6p_fport != fport)) 830 continue; 831 832 do_notify: 833 if (notify) 834 (*notify)(in6p, errno); 835 nmatch++; 836 } 837 return nmatch; 838 } 839 840 void 841 in6_pcbpurgeif0(struct inpcbtable *table, struct ifnet *ifp) 842 { 843 struct inpcb_hdr *inph, *ninph; 844 struct ip6_moptions *im6o; 845 struct in6_multi_mship *imm, *nimm; 846 847 KASSERT(ifp != NULL); 848 849 TAILQ_FOREACH_SAFE(inph, &table->inpt_queue, inph_queue, ninph) { 850 struct in6pcb *in6p = (struct in6pcb *)inph; 851 if (in6p->in6p_af != AF_INET6) 852 continue; 853 854 im6o = in6p->in6p_moptions; 855 if (im6o) { 856 /* 857 * Unselect the outgoing interface if it is being 858 * detached. 859 */ 860 if (im6o->im6o_multicast_if_index == ifp->if_index) 861 im6o->im6o_multicast_if_index = 0; 862 863 /* 864 * Drop multicast group membership if we joined 865 * through the interface being detached. 866 * XXX controversial - is it really legal for kernel 867 * to force this? 868 */ 869 for (imm = im6o->im6o_memberships.lh_first; 870 imm != NULL; imm = nimm) { 871 nimm = imm->i6mm_chain.le_next; 872 if (imm->i6mm_maddr->in6m_ifp == ifp) { 873 LIST_REMOVE(imm, i6mm_chain); 874 in6_leavegroup(imm); 875 } 876 } 877 } 878 in_purgeifmcast(in6p->in6p_v4moptions, ifp); 879 } 880 } 881 882 void 883 in6_pcbpurgeif(struct inpcbtable *table, struct ifnet *ifp) 884 { 885 struct rtentry *rt; 886 struct inpcb_hdr *inph, *ninph; 887 888 TAILQ_FOREACH_SAFE(inph, &table->inpt_queue, inph_queue, ninph) { 889 struct in6pcb *in6p = (struct in6pcb *)inph; 890 if (in6p->in6p_af != AF_INET6) 891 continue; 892 if ((rt = rtcache_validate(&in6p->in6p_route)) != NULL && 893 rt->rt_ifp == ifp) { 894 rtcache_unref(rt, &in6p->in6p_route); 895 in6_rtchange(in6p, 0); 896 } else 897 rtcache_unref(rt, &in6p->in6p_route); 898 } 899 } 900 901 /* 902 * Check for alternatives when higher level complains 903 * about service problems. For now, invalidate cached 904 * routing information. If the route was created dynamically 905 * (by a redirect), time to try a default gateway again. 906 */ 907 void 908 in6_losing(struct in6pcb *in6p) 909 { 910 struct rtentry *rt; 911 struct rt_addrinfo info; 912 913 if (in6p->in6p_af != AF_INET6) 914 return; 915 916 if ((rt = rtcache_validate(&in6p->in6p_route)) == NULL) 917 return; 918 919 memset(&info, 0, sizeof(info)); 920 info.rti_info[RTAX_DST] = rtcache_getdst(&in6p->in6p_route); 921 info.rti_info[RTAX_GATEWAY] = rt->rt_gateway; 922 info.rti_info[RTAX_NETMASK] = rt_mask(rt); 923 rt_missmsg(RTM_LOSING, &info, rt->rt_flags, 0); 924 if (rt->rt_flags & RTF_DYNAMIC) { 925 int error; 926 struct rtentry *nrt; 927 928 error = rtrequest(RTM_DELETE, rt_getkey(rt), 929 rt->rt_gateway, rt_mask(rt), rt->rt_flags, &nrt); 930 rtcache_unref(rt, &in6p->in6p_route); 931 if (error == 0) 932 rt_free(nrt); 933 } else 934 rtcache_unref(rt, &in6p->in6p_route); 935 /* 936 * A new route can be allocated 937 * the next time output is attempted. 938 */ 939 rtcache_free(&in6p->in6p_route); 940 } 941 942 /* 943 * After a routing change, flush old routing. A new route can be 944 * allocated the next time output is attempted. 945 */ 946 void 947 in6_rtchange(struct in6pcb *in6p, int errno) 948 { 949 if (in6p->in6p_af != AF_INET6) 950 return; 951 952 rtcache_free(&in6p->in6p_route); 953 /* 954 * A new route can be allocated the next time 955 * output is attempted. 956 */ 957 } 958 959 struct in6pcb * 960 in6_pcblookup_port(struct inpcbtable *table, struct in6_addr *laddr6, 961 u_int lport_arg, int lookup_wildcard, struct vestigial_inpcb *vp) 962 { 963 struct inpcbhead *head; 964 struct inpcb_hdr *inph; 965 struct in6pcb *in6p, *match = NULL; 966 int matchwild = 3, wildcard; 967 u_int16_t lport = lport_arg; 968 969 if (vp) 970 vp->valid = 0; 971 972 head = IN6PCBHASH_PORT(table, lport); 973 LIST_FOREACH(inph, head, inph_lhash) { 974 in6p = (struct in6pcb *)inph; 975 if (in6p->in6p_af != AF_INET6) 976 continue; 977 978 if (in6p->in6p_lport != lport) 979 continue; 980 wildcard = 0; 981 if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr)) { 982 if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) 983 continue; 984 } 985 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) 986 wildcard++; 987 if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr)) { 988 if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) 989 continue; 990 if (!IN6_IS_ADDR_V4MAPPED(laddr6)) 991 continue; 992 993 /* duplicate of IPv4 logic */ 994 wildcard = 0; 995 if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr) && 996 in6p->in6p_faddr.s6_addr32[3]) 997 wildcard++; 998 if (!in6p->in6p_laddr.s6_addr32[3]) { 999 if (laddr6->s6_addr32[3]) 1000 wildcard++; 1001 } else { 1002 if (!laddr6->s6_addr32[3]) 1003 wildcard++; 1004 else { 1005 if (in6p->in6p_laddr.s6_addr32[3] != 1006 laddr6->s6_addr32[3]) 1007 continue; 1008 } 1009 } 1010 } else if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr)) { 1011 if (IN6_IS_ADDR_V4MAPPED(laddr6)) { 1012 if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) 1013 continue; 1014 } 1015 if (!IN6_IS_ADDR_UNSPECIFIED(laddr6)) 1016 wildcard++; 1017 } else { 1018 if (IN6_IS_ADDR_V4MAPPED(laddr6)) { 1019 if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) 1020 continue; 1021 } 1022 if (IN6_IS_ADDR_UNSPECIFIED(laddr6)) 1023 wildcard++; 1024 else { 1025 if (!IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, 1026 laddr6)) 1027 continue; 1028 } 1029 } 1030 if (wildcard && !lookup_wildcard) 1031 continue; 1032 if (wildcard < matchwild) { 1033 match = in6p; 1034 matchwild = wildcard; 1035 if (matchwild == 0) 1036 break; 1037 } 1038 } 1039 if (match && matchwild == 0) 1040 return match; 1041 1042 if (vp && table->vestige && table->vestige->init_ports6) { 1043 struct vestigial_inpcb better; 1044 void *state; 1045 1046 state = (*table->vestige->init_ports6)(laddr6, 1047 lport_arg, 1048 lookup_wildcard); 1049 while (table->vestige 1050 && (*table->vestige->next_port6)(state, vp)) { 1051 1052 if (vp->lport != lport) 1053 continue; 1054 wildcard = 0; 1055 if (!IN6_IS_ADDR_UNSPECIFIED(&vp->faddr.v6)) 1056 wildcard++; 1057 if (IN6_IS_ADDR_UNSPECIFIED(&vp->laddr.v6)) { 1058 if (!IN6_IS_ADDR_UNSPECIFIED(laddr6)) 1059 wildcard++; 1060 } else { 1061 if (IN6_IS_ADDR_V4MAPPED(laddr6)) { 1062 if (vp->v6only) 1063 continue; 1064 } 1065 if (IN6_IS_ADDR_UNSPECIFIED(laddr6)) 1066 wildcard++; 1067 else { 1068 if (!IN6_ARE_ADDR_EQUAL(&vp->laddr.v6, laddr6)) 1069 continue; 1070 } 1071 } 1072 if (wildcard && !lookup_wildcard) 1073 continue; 1074 if (wildcard < matchwild) { 1075 better = *vp; 1076 match = (void*)&better; 1077 1078 matchwild = wildcard; 1079 if (matchwild == 0) 1080 break; 1081 } 1082 } 1083 1084 if (match) { 1085 if (match != (void*)&better) 1086 return match; 1087 else { 1088 *vp = better; 1089 return 0; 1090 } 1091 } 1092 } 1093 return (match); 1094 } 1095 1096 /* 1097 * WARNING: return value (rtentry) could be IPv4 one if in6pcb is connected to 1098 * IPv4 mapped address. 1099 */ 1100 struct rtentry * 1101 in6_pcbrtentry(struct in6pcb *in6p) 1102 { 1103 struct rtentry *rt; 1104 struct route *ro; 1105 union { 1106 const struct sockaddr *sa; 1107 const struct sockaddr_in6 *sa6; 1108 #ifdef INET 1109 const struct sockaddr_in *sa4; 1110 #endif 1111 } cdst; 1112 1113 ro = &in6p->in6p_route; 1114 1115 if (in6p->in6p_af != AF_INET6) 1116 return (NULL); 1117 1118 cdst.sa = rtcache_getdst(ro); 1119 if (cdst.sa == NULL) 1120 ; 1121 #ifdef INET 1122 else if (cdst.sa->sa_family == AF_INET) { 1123 KASSERT(IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr)); 1124 if (cdst.sa4->sin_addr.s_addr != in6p->in6p_faddr.s6_addr32[3]) 1125 rtcache_free(ro); 1126 } 1127 #endif 1128 else { 1129 if (!IN6_ARE_ADDR_EQUAL(&cdst.sa6->sin6_addr, 1130 &in6p->in6p_faddr)) 1131 rtcache_free(ro); 1132 } 1133 if ((rt = rtcache_validate(ro)) == NULL) 1134 rt = rtcache_update(ro, 1); 1135 #ifdef INET 1136 if (rt == NULL && IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr)) { 1137 union { 1138 struct sockaddr dst; 1139 struct sockaddr_in dst4; 1140 } u; 1141 struct in_addr addr; 1142 1143 addr.s_addr = in6p->in6p_faddr.s6_addr32[3]; 1144 1145 sockaddr_in_init(&u.dst4, &addr, 0); 1146 if (rtcache_setdst(ro, &u.dst) != 0) 1147 return NULL; 1148 1149 rt = rtcache_init(ro); 1150 } else 1151 #endif 1152 if (rt == NULL && !IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) { 1153 union { 1154 struct sockaddr dst; 1155 struct sockaddr_in6 dst6; 1156 } u; 1157 1158 sockaddr_in6_init(&u.dst6, &in6p->in6p_faddr, 0, 0, 0); 1159 if (rtcache_setdst(ro, &u.dst) != 0) 1160 return NULL; 1161 1162 rt = rtcache_init(ro); 1163 } 1164 return rt; 1165 } 1166 1167 void 1168 in6_pcbrtentry_unref(struct rtentry *rt, struct in6pcb *in6p) 1169 { 1170 1171 rtcache_unref(rt, &in6p->in6p_route); 1172 } 1173 1174 struct in6pcb * 1175 in6_pcblookup_connect(struct inpcbtable *table, const struct in6_addr *faddr6, 1176 u_int fport_arg, const struct in6_addr *laddr6, u_int lport_arg, 1177 int faith, 1178 struct vestigial_inpcb *vp) 1179 { 1180 struct inpcbhead *head; 1181 struct inpcb_hdr *inph; 1182 struct in6pcb *in6p; 1183 u_int16_t fport = fport_arg, lport = lport_arg; 1184 1185 if (vp) 1186 vp->valid = 0; 1187 1188 head = IN6PCBHASH_CONNECT(table, faddr6, fport, laddr6, lport); 1189 LIST_FOREACH(inph, head, inph_hash) { 1190 in6p = (struct in6pcb *)inph; 1191 if (in6p->in6p_af != AF_INET6) 1192 continue; 1193 1194 /* find exact match on both source and dest */ 1195 if (in6p->in6p_fport != fport) 1196 continue; 1197 if (in6p->in6p_lport != lport) 1198 continue; 1199 if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) 1200 continue; 1201 if (!IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr, faddr6)) 1202 continue; 1203 if (IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr)) 1204 continue; 1205 if (!IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, laddr6)) 1206 continue; 1207 if ((IN6_IS_ADDR_V4MAPPED(laddr6) || 1208 IN6_IS_ADDR_V4MAPPED(faddr6)) && 1209 (in6p->in6p_flags & IN6P_IPV6_V6ONLY)) 1210 continue; 1211 return in6p; 1212 } 1213 if (vp && table->vestige) { 1214 if ((*table->vestige->lookup6)(faddr6, fport_arg, 1215 laddr6, lport_arg, vp)) 1216 return NULL; 1217 } 1218 1219 return NULL; 1220 } 1221 1222 struct in6pcb * 1223 in6_pcblookup_bind(struct inpcbtable *table, const struct in6_addr *laddr6, 1224 u_int lport_arg, int faith) 1225 { 1226 struct inpcbhead *head; 1227 struct inpcb_hdr *inph; 1228 struct in6pcb *in6p; 1229 u_int16_t lport = lport_arg; 1230 #ifdef INET 1231 struct in6_addr zero_mapped; 1232 #endif 1233 1234 head = IN6PCBHASH_BIND(table, laddr6, lport); 1235 LIST_FOREACH(inph, head, inph_hash) { 1236 in6p = (struct in6pcb *)inph; 1237 if (in6p->in6p_af != AF_INET6) 1238 continue; 1239 1240 if (faith && (in6p->in6p_flags & IN6P_FAITH) == 0) 1241 continue; 1242 if (in6p->in6p_fport != 0) 1243 continue; 1244 if (in6p->in6p_lport != lport) 1245 continue; 1246 if (IN6_IS_ADDR_V4MAPPED(laddr6) && 1247 (in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) 1248 continue; 1249 if (IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, laddr6)) 1250 goto out; 1251 } 1252 #ifdef INET 1253 if (IN6_IS_ADDR_V4MAPPED(laddr6)) { 1254 memset(&zero_mapped, 0, sizeof(zero_mapped)); 1255 zero_mapped.s6_addr16[5] = 0xffff; 1256 head = IN6PCBHASH_BIND(table, &zero_mapped, lport); 1257 LIST_FOREACH(inph, head, inph_hash) { 1258 in6p = (struct in6pcb *)inph; 1259 if (in6p->in6p_af != AF_INET6) 1260 continue; 1261 1262 if (faith && (in6p->in6p_flags & IN6P_FAITH) == 0) 1263 continue; 1264 if (in6p->in6p_fport != 0) 1265 continue; 1266 if (in6p->in6p_lport != lport) 1267 continue; 1268 if ((in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) 1269 continue; 1270 if (IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &zero_mapped)) 1271 goto out; 1272 } 1273 } 1274 #endif 1275 head = IN6PCBHASH_BIND(table, &zeroin6_addr, lport); 1276 LIST_FOREACH(inph, head, inph_hash) { 1277 in6p = (struct in6pcb *)inph; 1278 if (in6p->in6p_af != AF_INET6) 1279 continue; 1280 1281 if (faith && (in6p->in6p_flags & IN6P_FAITH) == 0) 1282 continue; 1283 if (in6p->in6p_fport != 0) 1284 continue; 1285 if (in6p->in6p_lport != lport) 1286 continue; 1287 if (IN6_IS_ADDR_V4MAPPED(laddr6) && 1288 (in6p->in6p_flags & IN6P_IPV6_V6ONLY) != 0) 1289 continue; 1290 if (IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr, &zeroin6_addr)) 1291 goto out; 1292 } 1293 return (NULL); 1294 1295 out: 1296 inph = &in6p->in6p_head; 1297 if (inph != LIST_FIRST(head)) { 1298 LIST_REMOVE(inph, inph_hash); 1299 LIST_INSERT_HEAD(head, inph, inph_hash); 1300 } 1301 return in6p; 1302 } 1303 1304 void 1305 in6_pcbstate(struct in6pcb *in6p, int state) 1306 { 1307 1308 if (in6p->in6p_af != AF_INET6) 1309 return; 1310 1311 if (in6p->in6p_state > IN6P_ATTACHED) 1312 LIST_REMOVE(&in6p->in6p_head, inph_hash); 1313 1314 switch (state) { 1315 case IN6P_BOUND: 1316 LIST_INSERT_HEAD(IN6PCBHASH_BIND(in6p->in6p_table, 1317 &in6p->in6p_laddr, in6p->in6p_lport), &in6p->in6p_head, 1318 inph_hash); 1319 break; 1320 case IN6P_CONNECTED: 1321 LIST_INSERT_HEAD(IN6PCBHASH_CONNECT(in6p->in6p_table, 1322 &in6p->in6p_faddr, in6p->in6p_fport, 1323 &in6p->in6p_laddr, in6p->in6p_lport), &in6p->in6p_head, 1324 inph_hash); 1325 break; 1326 } 1327 1328 in6p->in6p_state = state; 1329 } 1330