1 /* $OpenBSD: udp_usrreq.c,v 1.154 2013/03/14 11:18:37 mpi Exp $ */ 2 /* $NetBSD: udp_usrreq.c,v 1.28 1996/03/16 23:54:03 christos Exp $ */ 3 4 /* 5 * Copyright (c) 1982, 1986, 1988, 1990, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * @(#)COPYRIGHT 1.1 (NRL) 17 January 1995 33 * 34 * NRL grants permission for redistribution and use in source and binary 35 * forms, with or without modification, of the software and documentation 36 * created at NRL provided that the following conditions are met: 37 * 38 * 1. Redistributions of source code must retain the above copyright 39 * notice, this list of conditions and the following disclaimer. 40 * 2. Redistributions in binary form must reproduce the above copyright 41 * notice, this list of conditions and the following disclaimer in the 42 * documentation and/or other materials provided with the distribution. 43 * 3. All advertising materials mentioning features or use of this software 44 * must display the following acknowledgements: 45 * This product includes software developed by the University of 46 * California, Berkeley and its contributors. 47 * This product includes software developed at the Information 48 * Technology Division, US Naval Research Laboratory. 49 * 4. Neither the name of the NRL nor the names of its contributors 50 * may be used to endorse or promote products derived from this software 51 * without specific prior written permission. 52 * 53 * THE SOFTWARE PROVIDED BY NRL IS PROVIDED BY NRL AND CONTRIBUTORS ``AS 54 * IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 55 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A 56 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL NRL OR 57 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 58 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 59 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 60 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 61 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 62 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 63 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 64 * 65 * The views and conclusions contained in the software and documentation 66 * are those of the authors and should not be interpreted as representing 67 * official policies, either expressed or implied, of the US Naval 68 * Research Laboratory (NRL). 69 */ 70 71 #include <sys/param.h> 72 #include <sys/systm.h> 73 #include <sys/mbuf.h> 74 #include <sys/protosw.h> 75 #include <sys/socket.h> 76 #include <sys/socketvar.h> 77 #include <sys/proc.h> 78 #include <sys/sysctl.h> 79 80 #include <net/if.h> 81 #include <net/route.h> 82 83 #include <netinet/in.h> 84 #include <netinet/in_systm.h> 85 #include <netinet/in_var.h> 86 #include <netinet/ip.h> 87 #include <netinet/in_pcb.h> 88 #include <netinet/ip_var.h> 89 #include <netinet/ip_icmp.h> 90 #include <netinet/udp.h> 91 #include <netinet/udp_var.h> 92 93 #ifdef IPSEC 94 #include <netinet/ip_ipsp.h> 95 #include <netinet/ip_esp.h> 96 #endif 97 98 #ifdef INET6 99 #ifndef INET 100 #include <netinet/in.h> 101 #endif 102 #include <netinet6/ip6protosw.h> 103 104 extern int ip6_defhlim; 105 #endif /* INET6 */ 106 107 #include "pf.h" 108 #if NPF > 0 109 #include <net/pfvar.h> 110 #endif 111 112 #ifdef PIPEX 113 #include <netinet/if_ether.h> 114 #include <net/pipex.h> 115 #endif 116 117 /* 118 * UDP protocol implementation. 119 * Per RFC 768, August, 1980. 120 */ 121 int udpcksum = 1; 122 123 u_int udp_sendspace = 9216; /* really max datagram size */ 124 u_int udp_recvspace = 40 * (1024 + sizeof(struct sockaddr_in)); 125 /* 40 1K datagrams */ 126 127 int *udpctl_vars[UDPCTL_MAXID] = UDPCTL_VARS; 128 129 struct inpcbtable udbtable; 130 struct udpstat udpstat; 131 132 void udp_detach(struct inpcb *); 133 void udp_notify(struct inpcb *, int); 134 135 #ifndef UDBHASHSIZE 136 #define UDBHASHSIZE 128 137 #endif 138 int udbhashsize = UDBHASHSIZE; 139 140 /* from in_pcb.c */ 141 extern struct baddynamicports baddynamicports; 142 143 void 144 udp_init() 145 { 146 in_pcbinit(&udbtable, udbhashsize); 147 } 148 149 #ifdef INET6 150 int 151 udp6_input(struct mbuf **mp, int *offp, int proto) 152 { 153 struct mbuf *m = *mp; 154 155 udp_input(m, *offp, proto); 156 return IPPROTO_DONE; 157 } 158 #endif 159 160 void 161 udp_input(struct mbuf *m, ...) 162 { 163 struct ip *ip; 164 struct udphdr *uh; 165 struct inpcb *inp = NULL; 166 struct mbuf *opts = NULL; 167 struct ip save_ip; 168 int iphlen, len; 169 va_list ap; 170 u_int16_t savesum; 171 union { 172 struct sockaddr sa; 173 struct sockaddr_in sin; 174 #ifdef INET6 175 struct sockaddr_in6 sin6; 176 #endif /* INET6 */ 177 } srcsa, dstsa; 178 #ifdef INET6 179 struct ip6_hdr *ip6; 180 #endif /* INET6 */ 181 #ifdef IPSEC 182 struct m_tag *mtag; 183 struct tdb_ident *tdbi; 184 struct tdb *tdb; 185 int error, s; 186 u_int32_t ipsecflowinfo = 0; 187 #endif /* IPSEC */ 188 189 va_start(ap, m); 190 iphlen = va_arg(ap, int); 191 va_end(ap); 192 193 udpstat.udps_ipackets++; 194 195 switch (mtod(m, struct ip *)->ip_v) { 196 case 4: 197 ip = mtod(m, struct ip *); 198 #ifdef INET6 199 ip6 = NULL; 200 #endif /* INET6 */ 201 srcsa.sa.sa_family = AF_INET; 202 break; 203 #ifdef INET6 204 case 6: 205 ip = NULL; 206 ip6 = mtod(m, struct ip6_hdr *); 207 srcsa.sa.sa_family = AF_INET6; 208 break; 209 #endif /* INET6 */ 210 default: 211 goto bad; 212 } 213 214 IP6_EXTHDR_GET(uh, struct udphdr *, m, iphlen, sizeof(struct udphdr)); 215 if (!uh) { 216 udpstat.udps_hdrops++; 217 return; 218 } 219 220 /* Check for illegal destination port 0 */ 221 if (uh->uh_dport == 0) { 222 udpstat.udps_noport++; 223 goto bad; 224 } 225 226 /* 227 * Make mbuf data length reflect UDP length. 228 * If not enough data to reflect UDP length, drop. 229 */ 230 len = ntohs((u_int16_t)uh->uh_ulen); 231 if (ip) { 232 if (m->m_pkthdr.len - iphlen != len) { 233 if (len > (m->m_pkthdr.len - iphlen) || 234 len < sizeof(struct udphdr)) { 235 udpstat.udps_badlen++; 236 goto bad; 237 } 238 m_adj(m, len - (m->m_pkthdr.len - iphlen)); 239 } 240 } 241 #ifdef INET6 242 else if (ip6) { 243 /* jumbograms */ 244 if (len == 0 && m->m_pkthdr.len - iphlen > 0xffff) 245 len = m->m_pkthdr.len - iphlen; 246 if (len != m->m_pkthdr.len - iphlen) { 247 udpstat.udps_badlen++; 248 goto bad; 249 } 250 } 251 #endif 252 else /* shouldn't happen */ 253 goto bad; 254 255 /* 256 * Save a copy of the IP header in case we want restore it 257 * for sending an ICMP error message in response. 258 */ 259 if (ip) 260 save_ip = *ip; 261 262 /* 263 * Checksum extended UDP header and data. 264 * from W.R.Stevens: check incoming udp cksums even if 265 * udpcksum is not set. 266 */ 267 savesum = uh->uh_sum; 268 #ifdef INET6 269 if (ip6) { 270 /* Be proactive about malicious use of IPv4 mapped address */ 271 if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) || 272 IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) { 273 /* XXX stat */ 274 goto bad; 275 } 276 277 /* 278 * In IPv6, the UDP checksum is ALWAYS used. 279 */ 280 if (uh->uh_sum == 0) { 281 udpstat.udps_nosum++; 282 goto bad; 283 } 284 if ((m->m_pkthdr.csum_flags & M_UDP_CSUM_IN_OK) == 0) { 285 if (m->m_pkthdr.csum_flags & M_UDP_CSUM_IN_BAD) { 286 udpstat.udps_badsum++; 287 udpstat.udps_inhwcsum++; 288 goto bad; 289 } 290 291 if ((uh->uh_sum = in6_cksum(m, IPPROTO_UDP, 292 iphlen, len))) { 293 udpstat.udps_badsum++; 294 goto bad; 295 } 296 } else { 297 m->m_pkthdr.csum_flags &= ~M_UDP_CSUM_IN_OK; 298 udpstat.udps_inhwcsum++; 299 } 300 } else 301 #endif /* INET6 */ 302 if (uh->uh_sum) { 303 if ((m->m_pkthdr.csum_flags & M_UDP_CSUM_IN_OK) == 0) { 304 if (m->m_pkthdr.csum_flags & M_UDP_CSUM_IN_BAD) { 305 udpstat.udps_badsum++; 306 udpstat.udps_inhwcsum++; 307 m_freem(m); 308 return; 309 } 310 311 if ((uh->uh_sum = in4_cksum(m, IPPROTO_UDP, 312 iphlen, len))) { 313 udpstat.udps_badsum++; 314 m_freem(m); 315 return; 316 } 317 } else { 318 m->m_pkthdr.csum_flags &= ~M_UDP_CSUM_IN_OK; 319 udpstat.udps_inhwcsum++; 320 } 321 } else 322 udpstat.udps_nosum++; 323 324 #ifdef IPSEC 325 if (udpencap_enable && udpencap_port && 326 uh->uh_dport == htons(udpencap_port)) { 327 u_int32_t spi; 328 int skip = iphlen + sizeof(struct udphdr); 329 330 if (m->m_pkthdr.len - skip < sizeof(u_int32_t)) { 331 /* packet too short */ 332 m_freem(m); 333 return; 334 } 335 m_copydata(m, skip, sizeof(u_int32_t), (caddr_t) &spi); 336 /* 337 * decapsulate if the SPI is not zero, otherwise pass 338 * to userland 339 */ 340 if (spi != 0) { 341 if ((m = m_pullup(m, skip)) == NULL) { 342 udpstat.udps_hdrops++; 343 return; 344 } 345 346 /* remove the UDP header */ 347 bcopy(mtod(m, u_char *), 348 mtod(m, u_char *) + sizeof(struct udphdr), iphlen); 349 m_adj(m, sizeof(struct udphdr)); 350 skip -= sizeof(struct udphdr); 351 352 espstat.esps_udpencin++; 353 ipsec_common_input(m, skip, offsetof(struct ip, ip_p), 354 srcsa.sa.sa_family, IPPROTO_ESP, 1); 355 return; 356 } 357 } 358 #endif 359 360 switch (srcsa.sa.sa_family) { 361 case AF_INET: 362 bzero(&srcsa, sizeof(struct sockaddr_in)); 363 srcsa.sin.sin_len = sizeof(struct sockaddr_in); 364 srcsa.sin.sin_family = AF_INET; 365 srcsa.sin.sin_port = uh->uh_sport; 366 srcsa.sin.sin_addr = ip->ip_src; 367 368 bzero(&dstsa, sizeof(struct sockaddr_in)); 369 dstsa.sin.sin_len = sizeof(struct sockaddr_in); 370 dstsa.sin.sin_family = AF_INET; 371 dstsa.sin.sin_port = uh->uh_dport; 372 dstsa.sin.sin_addr = ip->ip_dst; 373 break; 374 #ifdef INET6 375 case AF_INET6: 376 bzero(&srcsa, sizeof(struct sockaddr_in6)); 377 srcsa.sin6.sin6_len = sizeof(struct sockaddr_in6); 378 srcsa.sin6.sin6_family = AF_INET6; 379 srcsa.sin6.sin6_port = uh->uh_sport; 380 #if 0 /*XXX inbound flowinfo */ 381 srcsa.sin6.sin6_flowinfo = htonl(0x0fffffff) & ip6->ip6_flow; 382 #endif 383 /* KAME hack: recover scopeid */ 384 (void)in6_recoverscope(&srcsa.sin6, &ip6->ip6_src, 385 m->m_pkthdr.rcvif); 386 387 bzero(&dstsa, sizeof(struct sockaddr_in6)); 388 dstsa.sin6.sin6_len = sizeof(struct sockaddr_in6); 389 dstsa.sin6.sin6_family = AF_INET6; 390 dstsa.sin6.sin6_port = uh->uh_dport; 391 /* KAME hack: recover scopeid */ 392 (void)in6_recoverscope(&dstsa.sin6, &ip6->ip6_dst, 393 m->m_pkthdr.rcvif); 394 break; 395 #endif /* INET6 */ 396 } 397 398 #ifdef INET6 399 if ((ip6 && IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) || 400 (ip && IN_MULTICAST(ip->ip_dst.s_addr)) || 401 (ip && in_broadcast(ip->ip_dst, m->m_pkthdr.rcvif, 402 m->m_pkthdr.rdomain))) { 403 #else /* INET6 */ 404 if (IN_MULTICAST(ip->ip_dst.s_addr) || 405 in_broadcast(ip->ip_dst, m->m_pkthdr.rcvif, m->m_pkthdr.rdomain)) { 406 #endif /* INET6 */ 407 struct inpcb *last; 408 /* 409 * Deliver a multicast or broadcast datagram to *all* sockets 410 * for which the local and remote addresses and ports match 411 * those of the incoming datagram. This allows more than 412 * one process to receive multi/broadcasts on the same port. 413 * (This really ought to be done for unicast datagrams as 414 * well, but that would cause problems with existing 415 * applications that open both address-specific sockets and 416 * a wildcard socket listening to the same port -- they would 417 * end up receiving duplicates of every unicast datagram. 418 * Those applications open the multiple sockets to overcome an 419 * inadequacy of the UDP socket interface, but for backwards 420 * compatibility we avoid the problem here rather than 421 * fixing the interface. Maybe 4.5BSD will remedy this?) 422 */ 423 424 iphlen += sizeof(struct udphdr); 425 426 /* 427 * Locate pcb(s) for datagram. 428 * (Algorithm copied from raw_intr().) 429 */ 430 last = NULL; 431 CIRCLEQ_FOREACH(inp, &udbtable.inpt_queue, inp_queue) { 432 if (inp->inp_socket->so_state & SS_CANTRCVMORE) 433 continue; 434 #ifdef INET6 435 /* don't accept it if AF does not match */ 436 if (ip6 && !(inp->inp_flags & INP_IPV6)) 437 continue; 438 if (!ip6 && (inp->inp_flags & INP_IPV6)) 439 continue; 440 #endif 441 if (rtable_l2(inp->inp_rtableid) != 442 rtable_l2(m->m_pkthdr.rdomain)) 443 continue; 444 if (inp->inp_lport != uh->uh_dport) 445 continue; 446 #ifdef INET6 447 if (ip6) { 448 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6)) 449 if (!IN6_ARE_ADDR_EQUAL(&inp->inp_laddr6, 450 &ip6->ip6_dst)) 451 continue; 452 } else 453 #endif /* INET6 */ 454 if (inp->inp_laddr.s_addr != INADDR_ANY) { 455 if (inp->inp_laddr.s_addr != ip->ip_dst.s_addr) 456 continue; 457 } 458 #ifdef INET6 459 if (ip6) { 460 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->inp_faddr6)) 461 if (!IN6_ARE_ADDR_EQUAL(&inp->inp_faddr6, 462 &ip6->ip6_src) || 463 inp->inp_fport != uh->uh_sport) 464 continue; 465 } else 466 #endif /* INET6 */ 467 if (inp->inp_faddr.s_addr != INADDR_ANY) { 468 if (inp->inp_faddr.s_addr != 469 ip->ip_src.s_addr || 470 inp->inp_fport != uh->uh_sport) 471 continue; 472 } 473 474 if (last != NULL) { 475 struct mbuf *n; 476 477 if ((n = m_copy(m, 0, M_COPYALL)) != NULL) { 478 #ifdef INET6 479 if (ip6 && (last->inp_flags & 480 IN6P_CONTROLOPTS || 481 last->inp_socket->so_options & 482 SO_TIMESTAMP)) 483 ip6_savecontrol(last, n, &opts); 484 #endif /* INET6 */ 485 if (ip && (last->inp_flags & 486 INP_CONTROLOPTS || 487 last->inp_socket->so_options & 488 SO_TIMESTAMP)) 489 ip_savecontrol(last, &opts, 490 ip, n); 491 492 m_adj(n, iphlen); 493 if (sbappendaddr( 494 &last->inp_socket->so_rcv, 495 &srcsa.sa, n, opts) == 0) { 496 m_freem(n); 497 if (opts) 498 m_freem(opts); 499 udpstat.udps_fullsock++; 500 } else 501 sorwakeup(last->inp_socket); 502 opts = NULL; 503 } 504 } 505 last = inp; 506 /* 507 * Don't look for additional matches if this one does 508 * not have either the SO_REUSEPORT or SO_REUSEADDR 509 * socket options set. This heuristic avoids searching 510 * through all pcbs in the common case of a non-shared 511 * port. It assumes that an application will never 512 * clear these options after setting them. 513 */ 514 if ((last->inp_socket->so_options & (SO_REUSEPORT | 515 SO_REUSEADDR)) == 0) 516 break; 517 } 518 519 if (last == NULL) { 520 /* 521 * No matching pcb found; discard datagram. 522 * (No need to send an ICMP Port Unreachable 523 * for a broadcast or multicast datgram.) 524 */ 525 udpstat.udps_noportbcast++; 526 goto bad; 527 } 528 529 #ifdef INET6 530 if (ip6 && (last->inp_flags & IN6P_CONTROLOPTS || 531 last->inp_socket->so_options & SO_TIMESTAMP)) 532 ip6_savecontrol(last, m, &opts); 533 #endif /* INET6 */ 534 if (ip && (last->inp_flags & INP_CONTROLOPTS || 535 last->inp_socket->so_options & SO_TIMESTAMP)) 536 ip_savecontrol(last, &opts, ip, m); 537 538 m_adj(m, iphlen); 539 if (sbappendaddr(&last->inp_socket->so_rcv, 540 &srcsa.sa, m, opts) == 0) { 541 udpstat.udps_fullsock++; 542 goto bad; 543 } 544 sorwakeup(last->inp_socket); 545 return; 546 } 547 /* 548 * Locate pcb for datagram. 549 */ 550 #if 0 551 if (m->m_pkthdr.pf.statekey) 552 inp = ((struct pf_state_key *)m->m_pkthdr.pf.statekey)->inp; 553 #endif 554 if (inp == NULL) { 555 #ifdef INET6 556 if (ip6) 557 inp = in6_pcbhashlookup(&udbtable, &ip6->ip6_src, 558 uh->uh_sport, &ip6->ip6_dst, uh->uh_dport); 559 else 560 #endif /* INET6 */ 561 inp = in_pcbhashlookup(&udbtable, ip->ip_src, uh->uh_sport, 562 ip->ip_dst, uh->uh_dport, m->m_pkthdr.rdomain); 563 #if NPF > 0 564 if (m->m_pkthdr.pf.statekey && inp) { 565 ((struct pf_state_key *)m->m_pkthdr.pf.statekey)->inp = 566 inp; 567 inp->inp_pf_sk = m->m_pkthdr.pf.statekey; 568 } 569 #endif 570 } 571 if (inp == 0) { 572 int inpl_reverse = 0; 573 if (m->m_pkthdr.pf.flags & PF_TAG_TRANSLATE_LOCALHOST) 574 inpl_reverse = 1; 575 ++udpstat.udps_pcbhashmiss; 576 #ifdef INET6 577 if (ip6) { 578 inp = in6_pcblookup_listen(&udbtable, 579 &ip6->ip6_dst, uh->uh_dport, inpl_reverse, m); 580 } else 581 #endif /* INET6 */ 582 inp = in_pcblookup_listen(&udbtable, 583 ip->ip_dst, uh->uh_dport, inpl_reverse, m, 584 m->m_pkthdr.rdomain); 585 if (inp == 0) { 586 udpstat.udps_noport++; 587 if (m->m_flags & (M_BCAST | M_MCAST)) { 588 udpstat.udps_noportbcast++; 589 goto bad; 590 } 591 #ifdef INET6 592 if (ip6) { 593 uh->uh_sum = savesum; 594 icmp6_error(m, ICMP6_DST_UNREACH, 595 ICMP6_DST_UNREACH_NOPORT,0); 596 } else 597 #endif /* INET6 */ 598 { 599 *ip = save_ip; 600 uh->uh_sum = savesum; 601 icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_PORT, 602 0, 0); 603 } 604 return; 605 } 606 } 607 608 #if NPF > 0 609 /* The statekey has finished finding the inp, it is no longer needed. */ 610 m->m_pkthdr.pf.statekey = NULL; 611 #endif 612 613 #ifdef IPSEC 614 mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL); 615 s = splnet(); 616 if (mtag != NULL) { 617 tdbi = (struct tdb_ident *)(mtag + 1); 618 tdb = gettdb(tdbi->rdomain, tdbi->spi, 619 &tdbi->dst, tdbi->proto); 620 } else 621 tdb = NULL; 622 ipsp_spd_lookup(m, srcsa.sa.sa_family, iphlen, &error, 623 IPSP_DIRECTION_IN, tdb, inp, 0); 624 if (error) { 625 splx(s); 626 goto bad; 627 } 628 629 /* Latch SA only if the socket is connected */ 630 if (inp->inp_tdb_in != tdb && 631 (inp->inp_socket->so_state & SS_ISCONNECTED)) { 632 if (tdb) { 633 tdb_add_inp(tdb, inp, 1); 634 if (inp->inp_ipo == NULL) { 635 inp->inp_ipo = ipsec_add_policy(inp, 636 srcsa.sa.sa_family, IPSP_DIRECTION_OUT); 637 if (inp->inp_ipo == NULL) { 638 splx(s); 639 goto bad; 640 } 641 } 642 if (inp->inp_ipo->ipo_dstid == NULL && 643 tdb->tdb_srcid != NULL) { 644 inp->inp_ipo->ipo_dstid = tdb->tdb_srcid; 645 tdb->tdb_srcid->ref_count++; 646 } 647 if (inp->inp_ipsec_remotecred == NULL && 648 tdb->tdb_remote_cred != NULL) { 649 inp->inp_ipsec_remotecred = 650 tdb->tdb_remote_cred; 651 tdb->tdb_remote_cred->ref_count++; 652 } 653 if (inp->inp_ipsec_remoteauth == NULL && 654 tdb->tdb_remote_auth != NULL) { 655 inp->inp_ipsec_remoteauth = 656 tdb->tdb_remote_auth; 657 tdb->tdb_remote_auth->ref_count++; 658 } 659 } else { /* Just reset */ 660 TAILQ_REMOVE(&inp->inp_tdb_in->tdb_inp_in, inp, 661 inp_tdb_in_next); 662 inp->inp_tdb_in = NULL; 663 } 664 } 665 /* create ipsec options while we know that tdb cannot be modified */ 666 if (tdb) 667 ipsecflowinfo = tdb->tdb_spi; 668 669 splx(s); 670 #endif /*IPSEC */ 671 672 opts = NULL; 673 #ifdef INET6 674 if (ip6 && (inp->inp_flags & IN6P_CONTROLOPTS || 675 inp->inp_socket->so_options & SO_TIMESTAMP)) 676 ip6_savecontrol(inp, m, &opts); 677 #endif /* INET6 */ 678 if (ip && (inp->inp_flags & INP_CONTROLOPTS || 679 inp->inp_socket->so_options & SO_TIMESTAMP)) 680 ip_savecontrol(inp, &opts, ip, m); 681 #ifdef INET6 682 if (ip6 && (inp->inp_flags & IN6P_RECVDSTPORT)) { 683 struct mbuf **mp = &opts; 684 685 while (*mp) 686 mp = &(*mp)->m_next; 687 *mp = sbcreatecontrol((caddr_t)&uh->uh_dport, sizeof(u_int16_t), 688 IPV6_RECVDSTPORT, IPPROTO_IPV6); 689 } 690 #endif /* INET6 */ 691 if (ip && (inp->inp_flags & INP_RECVDSTPORT)) { 692 struct mbuf **mp = &opts; 693 694 while (*mp) 695 mp = &(*mp)->m_next; 696 *mp = sbcreatecontrol((caddr_t)&uh->uh_dport, sizeof(u_int16_t), 697 IP_RECVDSTPORT, IPPROTO_IP); 698 } 699 #ifdef IPSEC 700 if (ipsecflowinfo && (inp->inp_flags & INP_IPSECFLOWINFO)) { 701 struct mbuf **mp = &opts; 702 703 while (*mp) 704 mp = &(*mp)->m_next; 705 *mp = sbcreatecontrol((caddr_t)&ipsecflowinfo, 706 sizeof(u_int32_t), IP_IPSECFLOWINFO, IPPROTO_IP); 707 } 708 #endif 709 #ifdef PIPEX 710 if (pipex_enable && inp->inp_pipex) { 711 struct pipex_session *session; 712 int off = iphlen + sizeof(struct udphdr); 713 if ((session = pipex_l2tp_lookup_session(m, off)) != NULL) { 714 if ((m = pipex_l2tp_input(m, off, session, 715 ipsecflowinfo)) == NULL) { 716 if (opts) 717 m_freem(opts); 718 return; /* the packet is handled by PIPEX */ 719 } 720 } 721 } 722 #endif 723 724 iphlen += sizeof(struct udphdr); 725 m_adj(m, iphlen); 726 if (sbappendaddr(&inp->inp_socket->so_rcv, &srcsa.sa, m, opts) == 0) { 727 udpstat.udps_fullsock++; 728 goto bad; 729 } 730 sorwakeup(inp->inp_socket); 731 return; 732 bad: 733 m_freem(m); 734 if (opts) 735 m_freem(opts); 736 } 737 738 /* 739 * Notify a udp user of an asynchronous error; 740 * just wake up so that he can collect error status. 741 */ 742 void 743 udp_notify(struct inpcb *inp, int errno) 744 { 745 inp->inp_socket->so_error = errno; 746 sorwakeup(inp->inp_socket); 747 sowwakeup(inp->inp_socket); 748 } 749 750 #ifdef INET6 751 void 752 udp6_ctlinput(int cmd, struct sockaddr *sa, void *d) 753 { 754 struct udphdr uh; 755 struct sockaddr_in6 sa6; 756 struct ip6_hdr *ip6; 757 struct mbuf *m; 758 int off; 759 void *cmdarg; 760 struct ip6ctlparam *ip6cp = NULL; 761 struct udp_portonly { 762 u_int16_t uh_sport; 763 u_int16_t uh_dport; 764 } *uhp; 765 void (*notify)(struct inpcb *, int) = udp_notify; 766 767 if (sa == NULL) 768 return; 769 if (sa->sa_family != AF_INET6 || 770 sa->sa_len != sizeof(struct sockaddr_in6)) 771 return; 772 773 if ((unsigned)cmd >= PRC_NCMDS) 774 return; 775 if (PRC_IS_REDIRECT(cmd)) 776 notify = in_rtchange, d = NULL; 777 else if (cmd == PRC_HOSTDEAD) 778 d = NULL; 779 else if (cmd == PRC_MSGSIZE) 780 ; /* special code is present, see below */ 781 else if (inet6ctlerrmap[cmd] == 0) 782 return; 783 784 /* if the parameter is from icmp6, decode it. */ 785 if (d != NULL) { 786 ip6cp = (struct ip6ctlparam *)d; 787 m = ip6cp->ip6c_m; 788 ip6 = ip6cp->ip6c_ip6; 789 off = ip6cp->ip6c_off; 790 cmdarg = ip6cp->ip6c_cmdarg; 791 } else { 792 m = NULL; 793 ip6 = NULL; 794 cmdarg = NULL; 795 /* XXX: translate addresses into internal form */ 796 sa6 = *(struct sockaddr_in6 *)sa; 797 #ifndef SCOPEDROUTING 798 if (in6_embedscope(&sa6.sin6_addr, &sa6, NULL, NULL)) { 799 /* should be impossible */ 800 return; 801 } 802 #endif 803 } 804 805 if (ip6cp && ip6cp->ip6c_finaldst) { 806 bzero(&sa6, sizeof(sa6)); 807 sa6.sin6_family = AF_INET6; 808 sa6.sin6_len = sizeof(sa6); 809 sa6.sin6_addr = *ip6cp->ip6c_finaldst; 810 /* XXX: assuming M is valid in this case */ 811 sa6.sin6_scope_id = in6_addr2scopeid(m->m_pkthdr.rcvif, 812 ip6cp->ip6c_finaldst); 813 #ifndef SCOPEDROUTING 814 if (in6_embedscope(ip6cp->ip6c_finaldst, &sa6, NULL, NULL)) { 815 /* should be impossible */ 816 return; 817 } 818 #endif 819 } else { 820 /* XXX: translate addresses into internal form */ 821 sa6 = *(struct sockaddr_in6 *)sa; 822 #ifndef SCOPEDROUTING 823 if (in6_embedscope(&sa6.sin6_addr, &sa6, NULL, NULL)) { 824 /* should be impossible */ 825 return; 826 } 827 #endif 828 } 829 830 if (ip6) { 831 /* 832 * XXX: We assume that when IPV6 is non NULL, 833 * M and OFF are valid. 834 */ 835 struct sockaddr_in6 sa6_src; 836 837 /* check if we can safely examine src and dst ports */ 838 if (m->m_pkthdr.len < off + sizeof(*uhp)) 839 return; 840 841 bzero(&uh, sizeof(uh)); 842 m_copydata(m, off, sizeof(*uhp), (caddr_t)&uh); 843 844 bzero(&sa6_src, sizeof(sa6_src)); 845 sa6_src.sin6_family = AF_INET6; 846 sa6_src.sin6_len = sizeof(sa6_src); 847 sa6_src.sin6_addr = ip6->ip6_src; 848 sa6_src.sin6_scope_id = in6_addr2scopeid(m->m_pkthdr.rcvif, 849 &ip6->ip6_src); 850 #ifndef SCOPEDROUTING 851 if (in6_embedscope(&sa6_src.sin6_addr, &sa6_src, NULL, NULL)) { 852 /* should be impossible */ 853 return; 854 } 855 #endif 856 857 if (cmd == PRC_MSGSIZE) { 858 int valid = 0; 859 860 /* 861 * Check to see if we have a valid UDP socket 862 * corresponding to the address in the ICMPv6 message 863 * payload. 864 */ 865 if (in6_pcbhashlookup(&udbtable, &sa6.sin6_addr, 866 uh.uh_dport, &sa6_src.sin6_addr, uh.uh_sport)) 867 valid = 1; 868 #if 0 869 /* 870 * As the use of sendto(2) is fairly popular, 871 * we may want to allow non-connected pcb too. 872 * But it could be too weak against attacks... 873 * We should at least check if the local address (= s) 874 * is really ours. 875 */ 876 else if (in6_pcblookup_listen(&udbtable, 877 &sa6_src.sin6_addr, uh.uh_sport, 0); 878 valid = 1; 879 #endif 880 881 /* 882 * Depending on the value of "valid" and routing table 883 * size (mtudisc_{hi,lo}wat), we will: 884 * - recalculate the new MTU and create the 885 * corresponding routing entry, or 886 * - ignore the MTU change notification. 887 */ 888 icmp6_mtudisc_update((struct ip6ctlparam *)d, valid); 889 890 /* 891 * regardless of if we called icmp6_mtudisc_update(), 892 * we need to call in6_pcbnotify(), to notify path 893 * MTU change to the userland (2292bis-02), because 894 * some unconnected sockets may share the same 895 * destination and want to know the path MTU. 896 */ 897 } 898 899 (void) in6_pcbnotify(&udbtable, (struct sockaddr *)&sa6, 900 uh.uh_dport, (struct sockaddr *)&sa6_src, 901 uh.uh_sport, cmd, cmdarg, notify); 902 } else { 903 (void) in6_pcbnotify(&udbtable, (struct sockaddr *)&sa6, 0, 904 (struct sockaddr *)&sa6_any, 0, cmd, cmdarg, notify); 905 } 906 } 907 #endif 908 909 void * 910 udp_ctlinput(int cmd, struct sockaddr *sa, u_int rdomain, void *v) 911 { 912 struct ip *ip = v; 913 struct udphdr *uhp; 914 struct in_addr faddr; 915 struct inpcb *inp; 916 extern int inetctlerrmap[]; 917 void (*notify)(struct inpcb *, int) = udp_notify; 918 int errno; 919 920 if (sa == NULL) 921 return NULL; 922 if (sa->sa_family != AF_INET || 923 sa->sa_len != sizeof(struct sockaddr_in)) 924 return NULL; 925 faddr = satosin(sa)->sin_addr; 926 if (faddr.s_addr == INADDR_ANY) 927 return NULL; 928 929 if ((unsigned)cmd >= PRC_NCMDS) 930 return NULL; 931 errno = inetctlerrmap[cmd]; 932 if (PRC_IS_REDIRECT(cmd)) 933 notify = in_rtchange, ip = 0; 934 else if (cmd == PRC_HOSTDEAD) 935 ip = 0; 936 else if (errno == 0) 937 return NULL; 938 if (ip) { 939 uhp = (struct udphdr *)((caddr_t)ip + (ip->ip_hl << 2)); 940 941 #ifdef IPSEC 942 /* PMTU discovery for udpencap */ 943 if (cmd == PRC_MSGSIZE && ip_mtudisc && udpencap_enable && 944 udpencap_port && uhp->uh_sport == htons(udpencap_port)) { 945 udpencap_ctlinput(cmd, sa, rdomain, v); 946 return (NULL); 947 } 948 #endif 949 inp = in_pcbhashlookup(&udbtable, 950 ip->ip_dst, uhp->uh_dport, ip->ip_src, uhp->uh_sport, 951 rdomain); 952 if (inp && inp->inp_socket != NULL) 953 notify(inp, errno); 954 } else 955 in_pcbnotifyall(&udbtable, sa, rdomain, errno, notify); 956 return (NULL); 957 } 958 959 int 960 udp_output(struct mbuf *m, ...) 961 { 962 struct inpcb *inp; 963 struct mbuf *addr, *control; 964 struct udpiphdr *ui; 965 u_int32_t ipsecflowinfo = 0; 966 int len = m->m_pkthdr.len; 967 struct in_addr laddr; 968 int s = 0, error = 0; 969 va_list ap; 970 971 va_start(ap, m); 972 inp = va_arg(ap, struct inpcb *); 973 addr = va_arg(ap, struct mbuf *); 974 control = va_arg(ap, struct mbuf *); 975 va_end(ap); 976 977 #ifdef DIAGNOSTIC 978 if ((inp->inp_flags & INP_IPV6) != 0) 979 panic("IPv6 inpcb to udp_output"); 980 #endif 981 982 /* 983 * Compute the packet length of the IP header, and 984 * punt if the length looks bogus. 985 */ 986 if ((len + sizeof(struct udpiphdr)) > IP_MAXPACKET) { 987 error = EMSGSIZE; 988 goto release; 989 } 990 991 if (addr) { 992 laddr = inp->inp_laddr; 993 if (inp->inp_faddr.s_addr != INADDR_ANY) { 994 error = EISCONN; 995 goto release; 996 } 997 /* 998 * Must block input while temporarily connected. 999 */ 1000 s = splsoftnet(); 1001 error = in_pcbconnect(inp, addr); 1002 if (error) { 1003 splx(s); 1004 goto release; 1005 } 1006 } else { 1007 if (inp->inp_faddr.s_addr == INADDR_ANY) { 1008 error = ENOTCONN; 1009 goto release; 1010 } 1011 } 1012 1013 #ifdef IPSEC 1014 if (control && (inp->inp_flags & INP_IPSECFLOWINFO) != 0) { 1015 u_int clen; 1016 struct cmsghdr *cm; 1017 caddr_t cmsgs; 1018 1019 /* 1020 * XXX: Currently, we assume all the optional information is stored 1021 * in a single mbuf. 1022 */ 1023 if (control->m_next) { 1024 error = EINVAL; 1025 goto bail; 1026 } 1027 1028 clen = control->m_len; 1029 cmsgs = mtod(control, caddr_t); 1030 do { 1031 if (clen < CMSG_LEN(0)) { 1032 error = EINVAL; 1033 goto bail; 1034 } 1035 cm = (struct cmsghdr *)cmsgs; 1036 if (cm->cmsg_len < CMSG_LEN(0) || 1037 CMSG_ALIGN(cm->cmsg_len) > clen) { 1038 error = EINVAL; 1039 goto bail; 1040 } 1041 if (cm->cmsg_len == CMSG_LEN(sizeof(ipsecflowinfo)) && 1042 cm->cmsg_level == IPPROTO_IP && 1043 cm->cmsg_type == IP_IPSECFLOWINFO) { 1044 ipsecflowinfo = *(u_int32_t *)CMSG_DATA(cm); 1045 break; 1046 } 1047 clen -= CMSG_ALIGN(cm->cmsg_len); 1048 cmsgs += CMSG_ALIGN(cm->cmsg_len); 1049 } while (clen); 1050 } 1051 #endif 1052 /* 1053 * Calculate data length and get a mbuf 1054 * for UDP and IP headers. 1055 */ 1056 M_PREPEND(m, sizeof(struct udpiphdr), M_DONTWAIT); 1057 if (m == NULL) { 1058 error = ENOBUFS; 1059 goto bail; 1060 } 1061 1062 /* 1063 * Fill in mbuf with extended UDP header 1064 * and addresses and length put into network format. 1065 */ 1066 ui = mtod(m, struct udpiphdr *); 1067 bzero(ui->ui_x1, sizeof ui->ui_x1); 1068 ui->ui_pr = IPPROTO_UDP; 1069 ui->ui_len = htons((u_int16_t)len + sizeof (struct udphdr)); 1070 ui->ui_src = inp->inp_laddr; 1071 ui->ui_dst = inp->inp_faddr; 1072 ui->ui_sport = inp->inp_lport; 1073 ui->ui_dport = inp->inp_fport; 1074 ui->ui_ulen = ui->ui_len; 1075 1076 /* 1077 * Compute the pseudo-header checksum; defer further checksumming 1078 * until ip_output() or hardware (if it exists). 1079 */ 1080 if (udpcksum) { 1081 m->m_pkthdr.csum_flags |= M_UDP_CSUM_OUT; 1082 ui->ui_sum = in_cksum_phdr(ui->ui_src.s_addr, 1083 ui->ui_dst.s_addr, htons((u_int16_t)len + 1084 sizeof (struct udphdr) + IPPROTO_UDP)); 1085 } else 1086 ui->ui_sum = 0; 1087 ((struct ip *)ui)->ip_len = htons(sizeof (struct udpiphdr) + len); 1088 ((struct ip *)ui)->ip_ttl = inp->inp_ip.ip_ttl; 1089 ((struct ip *)ui)->ip_tos = inp->inp_ip.ip_tos; 1090 1091 udpstat.udps_opackets++; 1092 1093 /* force routing domain */ 1094 m->m_pkthdr.rdomain = inp->inp_rtableid; 1095 1096 error = ip_output(m, inp->inp_options, &inp->inp_route, 1097 (inp->inp_socket->so_options & (SO_DONTROUTE | SO_BROADCAST)) 1098 |IP_IPSECFLOW, inp->inp_moptions, inp, ipsecflowinfo); 1099 if (error == EACCES) /* translate pf(4) error for userland */ 1100 error = EHOSTUNREACH; 1101 1102 bail: 1103 if (addr) { 1104 inp->inp_laddr = laddr; 1105 in_pcbdisconnect(inp); 1106 splx(s); 1107 } 1108 if (control) 1109 m_freem(control); 1110 return (error); 1111 1112 release: 1113 m_freem(m); 1114 if (control) 1115 m_freem(control); 1116 return (error); 1117 } 1118 1119 /*ARGSUSED*/ 1120 int 1121 udp_usrreq(struct socket *so, int req, struct mbuf *m, struct mbuf *addr, 1122 struct mbuf *control, struct proc *p) 1123 { 1124 struct inpcb *inp = sotoinpcb(so); 1125 int error = 0; 1126 int s; 1127 1128 if (req == PRU_CONTROL) { 1129 #ifdef INET6 1130 if (inp->inp_flags & INP_IPV6) 1131 return (in6_control(so, (u_long)m, (caddr_t)addr, 1132 (struct ifnet *)control, 0)); 1133 else 1134 #endif /* INET6 */ 1135 return (in_control(so, (u_long)m, (caddr_t)addr, 1136 (struct ifnet *)control)); 1137 } 1138 if (inp == NULL && req != PRU_ATTACH) { 1139 error = EINVAL; 1140 goto release; 1141 } 1142 /* 1143 * Note: need to block udp_input while changing 1144 * the udp pcb queue and/or pcb addresses. 1145 */ 1146 switch (req) { 1147 1148 case PRU_ATTACH: 1149 if (inp != NULL) { 1150 error = EINVAL; 1151 break; 1152 } 1153 s = splsoftnet(); 1154 error = in_pcballoc(so, &udbtable); 1155 splx(s); 1156 if (error) 1157 break; 1158 error = soreserve(so, udp_sendspace, udp_recvspace); 1159 if (error) 1160 break; 1161 #ifdef INET6 1162 if (((struct inpcb *)so->so_pcb)->inp_flags & INP_IPV6) 1163 ((struct inpcb *) so->so_pcb)->inp_ipv6.ip6_hlim = 1164 ip6_defhlim; 1165 else 1166 #endif /* INET6 */ 1167 ((struct inpcb *) so->so_pcb)->inp_ip.ip_ttl = ip_defttl; 1168 break; 1169 1170 case PRU_DETACH: 1171 udp_detach(inp); 1172 break; 1173 1174 case PRU_BIND: 1175 s = splsoftnet(); 1176 #ifdef INET6 1177 if (inp->inp_flags & INP_IPV6) 1178 error = in6_pcbbind(inp, addr, p); 1179 else 1180 #endif 1181 error = in_pcbbind(inp, addr, p); 1182 splx(s); 1183 break; 1184 1185 case PRU_LISTEN: 1186 error = EOPNOTSUPP; 1187 break; 1188 1189 case PRU_CONNECT: 1190 #ifdef INET6 1191 if (inp->inp_flags & INP_IPV6) { 1192 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->inp_faddr6)) { 1193 error = EISCONN; 1194 break; 1195 } 1196 s = splsoftnet(); 1197 error = in6_pcbconnect(inp, addr); 1198 splx(s); 1199 } else 1200 #endif /* INET6 */ 1201 { 1202 if (inp->inp_faddr.s_addr != INADDR_ANY) { 1203 error = EISCONN; 1204 break; 1205 } 1206 s = splsoftnet(); 1207 error = in_pcbconnect(inp, addr); 1208 splx(s); 1209 } 1210 1211 if (error == 0) 1212 soisconnected(so); 1213 break; 1214 1215 case PRU_CONNECT2: 1216 error = EOPNOTSUPP; 1217 break; 1218 1219 case PRU_ACCEPT: 1220 error = EOPNOTSUPP; 1221 break; 1222 1223 case PRU_DISCONNECT: 1224 #ifdef INET6 1225 if (inp->inp_flags & INP_IPV6) { 1226 if (IN6_IS_ADDR_UNSPECIFIED(&inp->inp_faddr6)) { 1227 error = ENOTCONN; 1228 break; 1229 } 1230 } else 1231 #endif /* INET6 */ 1232 { 1233 if (inp->inp_faddr.s_addr == INADDR_ANY) { 1234 error = ENOTCONN; 1235 break; 1236 } 1237 } 1238 1239 s = splsoftnet(); 1240 #ifdef INET6 1241 if (inp->inp_flags & INP_IPV6) 1242 inp->inp_laddr6 = in6addr_any; 1243 else 1244 #endif /* INET6 */ 1245 inp->inp_laddr.s_addr = INADDR_ANY; 1246 in_pcbdisconnect(inp); 1247 1248 splx(s); 1249 so->so_state &= ~SS_ISCONNECTED; /* XXX */ 1250 break; 1251 1252 case PRU_SHUTDOWN: 1253 socantsendmore(so); 1254 break; 1255 1256 case PRU_SEND: 1257 #ifdef PIPEX 1258 if (inp->inp_pipex) { 1259 struct pipex_session *session; 1260 1261 if (addr != NULL) 1262 session = 1263 pipex_l2tp_userland_lookup_session(m, 1264 mtod(addr, struct sockaddr *)); 1265 else 1266 #ifdef INET6 1267 if (inp->inp_flags & INP_IPV6) 1268 session = 1269 pipex_l2tp_userland_lookup_session_ipv6( 1270 m, inp->inp_faddr6); 1271 else 1272 #endif 1273 session = 1274 pipex_l2tp_userland_lookup_session_ipv4( 1275 m, inp->inp_faddr); 1276 if (session != NULL) 1277 if ((m = pipex_l2tp_userland_output( 1278 m, session)) == NULL) { 1279 error = ENOMEM; 1280 goto release; 1281 } 1282 } 1283 #endif 1284 1285 #ifdef INET6 1286 if (inp->inp_flags & INP_IPV6) 1287 return (udp6_output(inp, m, addr, control)); 1288 else 1289 return (udp_output(m, inp, addr, control)); 1290 #else 1291 return (udp_output(m, inp, addr, control)); 1292 #endif 1293 1294 case PRU_ABORT: 1295 soisdisconnected(so); 1296 udp_detach(inp); 1297 break; 1298 1299 case PRU_SOCKADDR: 1300 #ifdef INET6 1301 if (inp->inp_flags & INP_IPV6) 1302 in6_setsockaddr(inp, addr); 1303 else 1304 #endif /* INET6 */ 1305 in_setsockaddr(inp, addr); 1306 break; 1307 1308 case PRU_PEERADDR: 1309 #ifdef INET6 1310 if (inp->inp_flags & INP_IPV6) 1311 in6_setpeeraddr(inp, addr); 1312 else 1313 #endif /* INET6 */ 1314 in_setpeeraddr(inp, addr); 1315 break; 1316 1317 case PRU_SENSE: 1318 /* 1319 * stat: don't bother with a blocksize. 1320 */ 1321 /* 1322 * Perhaps Path MTU might be returned for a connected 1323 * UDP socket in this case. 1324 */ 1325 return (0); 1326 1327 case PRU_SENDOOB: 1328 case PRU_FASTTIMO: 1329 case PRU_SLOWTIMO: 1330 case PRU_PROTORCV: 1331 case PRU_PROTOSEND: 1332 error = EOPNOTSUPP; 1333 break; 1334 1335 case PRU_RCVD: 1336 case PRU_RCVOOB: 1337 return (EOPNOTSUPP); /* do not free mbuf's */ 1338 1339 default: 1340 panic("udp_usrreq"); 1341 } 1342 1343 release: 1344 if (control) { 1345 m_freem(control); 1346 } 1347 if (m) 1348 m_freem(m); 1349 return (error); 1350 } 1351 1352 void 1353 udp_detach(struct inpcb *inp) 1354 { 1355 int s = splsoftnet(); 1356 1357 in_pcbdetach(inp); 1358 splx(s); 1359 } 1360 1361 /* 1362 * Sysctl for udp variables. 1363 */ 1364 int 1365 udp_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp, 1366 size_t newlen) 1367 { 1368 /* All sysctl names at this level are terminal. */ 1369 if (namelen != 1) 1370 return (ENOTDIR); 1371 1372 switch (name[0]) { 1373 case UDPCTL_BADDYNAMIC: 1374 return (sysctl_struct(oldp, oldlenp, newp, newlen, 1375 baddynamicports.udp, sizeof(baddynamicports.udp))); 1376 1377 case UDPCTL_STATS: 1378 if (newp != NULL) 1379 return (EPERM); 1380 return (sysctl_struct(oldp, oldlenp, newp, newlen, 1381 &udpstat, sizeof(udpstat))); 1382 1383 default: 1384 if (name[0] < UDPCTL_MAXID) 1385 return (sysctl_int_arr(udpctl_vars, name, namelen, 1386 oldp, oldlenp, newp, newlen)); 1387 return (ENOPROTOOPT); 1388 } 1389 /* NOTREACHED */ 1390 } 1391