1 /* $OpenBSD: udp_usrreq.c,v 1.184 2014/04/23 12:25:35 mpi Exp $ */ 2 /* $NetBSD: udp_usrreq.c,v 1.28 1996/03/16 23:54:03 christos Exp $ */ 3 4 /* 5 * Copyright (c) 1982, 1986, 1988, 1990, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * @(#)COPYRIGHT 1.1 (NRL) 17 January 1995 33 * 34 * NRL grants permission for redistribution and use in source and binary 35 * forms, with or without modification, of the software and documentation 36 * created at NRL provided that the following conditions are met: 37 * 38 * 1. Redistributions of source code must retain the above copyright 39 * notice, this list of conditions and the following disclaimer. 40 * 2. Redistributions in binary form must reproduce the above copyright 41 * notice, this list of conditions and the following disclaimer in the 42 * documentation and/or other materials provided with the distribution. 43 * 3. All advertising materials mentioning features or use of this software 44 * must display the following acknowledgements: 45 * This product includes software developed by the University of 46 * California, Berkeley and its contributors. 47 * This product includes software developed at the Information 48 * Technology Division, US Naval Research Laboratory. 49 * 4. Neither the name of the NRL nor the names of its contributors 50 * may be used to endorse or promote products derived from this software 51 * without specific prior written permission. 52 * 53 * THE SOFTWARE PROVIDED BY NRL IS PROVIDED BY NRL AND CONTRIBUTORS ``AS 54 * IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 55 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A 56 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL NRL OR 57 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 58 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 59 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 60 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 61 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 62 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 63 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 64 * 65 * The views and conclusions contained in the software and documentation 66 * are those of the authors and should not be interpreted as representing 67 * official policies, either expressed or implied, of the US Naval 68 * Research Laboratory (NRL). 69 */ 70 71 #include <sys/param.h> 72 #include <sys/systm.h> 73 #include <sys/mbuf.h> 74 #include <sys/protosw.h> 75 #include <sys/socket.h> 76 #include <sys/socketvar.h> 77 #include <sys/proc.h> 78 #include <sys/sysctl.h> 79 80 #include <net/if.h> 81 #include <net/if_media.h> 82 #include <net/route.h> 83 84 #include <netinet/in.h> 85 #include <netinet/in_systm.h> 86 #include <netinet/in_var.h> 87 #include <netinet/ip.h> 88 #include <netinet/in_pcb.h> 89 #include <netinet/ip_var.h> 90 #include <netinet/ip_icmp.h> 91 #include <netinet/udp.h> 92 #include <netinet/udp_var.h> 93 94 #ifdef IPSEC 95 #include <netinet/ip_ipsp.h> 96 #include <netinet/ip_esp.h> 97 #endif 98 99 #ifdef INET6 100 #ifndef INET 101 #include <netinet/in.h> 102 #endif 103 #include <netinet6/in6_var.h> 104 #include <netinet6/ip6_var.h> 105 #include <netinet6/ip6protosw.h> 106 #endif /* INET6 */ 107 108 #include "pf.h" 109 #if NPF > 0 110 #include <net/pfvar.h> 111 #endif 112 113 #ifdef PIPEX 114 #include <netinet/if_ether.h> 115 #include <net/pipex.h> 116 #endif 117 118 #include "vxlan.h" 119 #if NVXLAN > 0 120 #include <net/if_vxlan.h> 121 #endif 122 123 /* 124 * UDP protocol implementation. 125 * Per RFC 768, August, 1980. 126 */ 127 int udpcksum = 1; 128 129 u_int udp_sendspace = 9216; /* really max datagram size */ 130 u_int udp_recvspace = 40 * (1024 + sizeof(struct sockaddr_in)); 131 /* 40 1K datagrams */ 132 133 int *udpctl_vars[UDPCTL_MAXID] = UDPCTL_VARS; 134 135 struct inpcbtable udbtable; 136 struct udpstat udpstat; 137 138 int udp_output(struct inpcb *, struct mbuf *, struct mbuf *, struct mbuf *); 139 void udp_detach(struct inpcb *); 140 void udp_notify(struct inpcb *, int); 141 142 #ifndef UDBHASHSIZE 143 #define UDBHASHSIZE 128 144 #endif 145 int udbhashsize = UDBHASHSIZE; 146 147 void 148 udp_init() 149 { 150 in_pcbinit(&udbtable, udbhashsize); 151 } 152 153 #ifdef INET6 154 int 155 udp6_input(struct mbuf **mp, int *offp, int proto) 156 { 157 struct mbuf *m = *mp; 158 159 udp_input(m, *offp, proto); 160 return IPPROTO_DONE; 161 } 162 #endif 163 164 void 165 udp_input(struct mbuf *m, ...) 166 { 167 struct ip *ip; 168 struct udphdr *uh; 169 struct inpcb *inp = NULL; 170 struct mbuf *opts = NULL; 171 struct ip save_ip; 172 int iphlen, len; 173 va_list ap; 174 u_int16_t savesum; 175 union { 176 struct sockaddr sa; 177 struct sockaddr_in sin; 178 #ifdef INET6 179 struct sockaddr_in6 sin6; 180 #endif /* INET6 */ 181 } srcsa, dstsa; 182 #ifdef INET6 183 struct ip6_hdr *ip6; 184 #endif /* INET6 */ 185 #ifdef IPSEC 186 struct m_tag *mtag; 187 struct tdb_ident *tdbi; 188 struct tdb *tdb; 189 int error; 190 u_int32_t ipsecflowinfo = 0; 191 #endif /* IPSEC */ 192 193 va_start(ap, m); 194 iphlen = va_arg(ap, int); 195 va_end(ap); 196 197 udpstat.udps_ipackets++; 198 199 switch (mtod(m, struct ip *)->ip_v) { 200 case 4: 201 ip = mtod(m, struct ip *); 202 #ifdef INET6 203 ip6 = NULL; 204 #endif /* INET6 */ 205 srcsa.sa.sa_family = AF_INET; 206 break; 207 #ifdef INET6 208 case 6: 209 ip = NULL; 210 ip6 = mtod(m, struct ip6_hdr *); 211 srcsa.sa.sa_family = AF_INET6; 212 break; 213 #endif /* INET6 */ 214 default: 215 goto bad; 216 } 217 218 IP6_EXTHDR_GET(uh, struct udphdr *, m, iphlen, sizeof(struct udphdr)); 219 if (!uh) { 220 udpstat.udps_hdrops++; 221 return; 222 } 223 224 /* Check for illegal destination port 0 */ 225 if (uh->uh_dport == 0) { 226 udpstat.udps_noport++; 227 goto bad; 228 } 229 230 /* 231 * Make mbuf data length reflect UDP length. 232 * If not enough data to reflect UDP length, drop. 233 */ 234 len = ntohs((u_int16_t)uh->uh_ulen); 235 if (ip) { 236 if (m->m_pkthdr.len - iphlen != len) { 237 if (len > (m->m_pkthdr.len - iphlen) || 238 len < sizeof(struct udphdr)) { 239 udpstat.udps_badlen++; 240 goto bad; 241 } 242 m_adj(m, len - (m->m_pkthdr.len - iphlen)); 243 } 244 } 245 #ifdef INET6 246 else if (ip6) { 247 /* jumbograms */ 248 if (len == 0 && m->m_pkthdr.len - iphlen > 0xffff) 249 len = m->m_pkthdr.len - iphlen; 250 if (len != m->m_pkthdr.len - iphlen) { 251 udpstat.udps_badlen++; 252 goto bad; 253 } 254 } 255 #endif 256 else /* shouldn't happen */ 257 goto bad; 258 259 /* 260 * Save a copy of the IP header in case we want restore it 261 * for sending an ICMP error message in response. 262 */ 263 if (ip) 264 save_ip = *ip; 265 266 #ifdef INET6 267 if (ip6) { 268 /* Be proactive about malicious use of IPv4 mapped address */ 269 if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) || 270 IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) { 271 /* XXX stat */ 272 goto bad; 273 } 274 } 275 #endif /* INET6 */ 276 277 /* 278 * Checksum extended UDP header and data. 279 * from W.R.Stevens: check incoming udp cksums even if 280 * udpcksum is not set. 281 */ 282 savesum = uh->uh_sum; 283 if (uh->uh_sum == 0) { 284 udpstat.udps_nosum++; 285 #ifdef INET6 286 /* 287 * In IPv6, the UDP checksum is ALWAYS used. 288 */ 289 if (ip6) 290 goto bad; 291 #endif /* INET6 */ 292 } else { 293 if ((m->m_pkthdr.csum_flags & M_UDP_CSUM_IN_OK) == 0) { 294 if (m->m_pkthdr.csum_flags & M_UDP_CSUM_IN_BAD) { 295 udpstat.udps_badsum++; 296 goto bad; 297 } 298 udpstat.udps_inswcsum++; 299 300 if (ip) 301 uh->uh_sum = in4_cksum(m, IPPROTO_UDP, 302 iphlen, len); 303 #ifdef INET6 304 else if (ip6) 305 uh->uh_sum = in6_cksum(m, IPPROTO_UDP, 306 iphlen, len); 307 #endif /* INET6 */ 308 if (uh->uh_sum != 0) { 309 udpstat.udps_badsum++; 310 goto bad; 311 } 312 } 313 } 314 315 #ifdef IPSEC 316 if (udpencap_enable && udpencap_port && 317 #if NPF > 0 318 !(m->m_pkthdr.pf.flags & PF_TAG_DIVERTED) && 319 #endif 320 uh->uh_dport == htons(udpencap_port)) { 321 u_int32_t spi; 322 int skip = iphlen + sizeof(struct udphdr); 323 324 if (m->m_pkthdr.len - skip < sizeof(u_int32_t)) { 325 /* packet too short */ 326 m_freem(m); 327 return; 328 } 329 m_copydata(m, skip, sizeof(u_int32_t), (caddr_t) &spi); 330 /* 331 * decapsulate if the SPI is not zero, otherwise pass 332 * to userland 333 */ 334 if (spi != 0) { 335 if ((m = m_pullup(m, skip)) == NULL) { 336 udpstat.udps_hdrops++; 337 return; 338 } 339 340 /* remove the UDP header */ 341 bcopy(mtod(m, u_char *), 342 mtod(m, u_char *) + sizeof(struct udphdr), iphlen); 343 m_adj(m, sizeof(struct udphdr)); 344 skip -= sizeof(struct udphdr); 345 346 espstat.esps_udpencin++; 347 ipsec_common_input(m, skip, offsetof(struct ip, ip_p), 348 srcsa.sa.sa_family, IPPROTO_ESP, 1); 349 return; 350 } 351 } 352 #endif 353 354 switch (srcsa.sa.sa_family) { 355 case AF_INET: 356 bzero(&srcsa, sizeof(struct sockaddr_in)); 357 srcsa.sin.sin_len = sizeof(struct sockaddr_in); 358 srcsa.sin.sin_family = AF_INET; 359 srcsa.sin.sin_port = uh->uh_sport; 360 srcsa.sin.sin_addr = ip->ip_src; 361 362 bzero(&dstsa, sizeof(struct sockaddr_in)); 363 dstsa.sin.sin_len = sizeof(struct sockaddr_in); 364 dstsa.sin.sin_family = AF_INET; 365 dstsa.sin.sin_port = uh->uh_dport; 366 dstsa.sin.sin_addr = ip->ip_dst; 367 break; 368 #ifdef INET6 369 case AF_INET6: 370 bzero(&srcsa, sizeof(struct sockaddr_in6)); 371 srcsa.sin6.sin6_len = sizeof(struct sockaddr_in6); 372 srcsa.sin6.sin6_family = AF_INET6; 373 srcsa.sin6.sin6_port = uh->uh_sport; 374 #if 0 /*XXX inbound flowinfo */ 375 srcsa.sin6.sin6_flowinfo = htonl(0x0fffffff) & ip6->ip6_flow; 376 #endif 377 /* KAME hack: recover scopeid */ 378 (void)in6_recoverscope(&srcsa.sin6, &ip6->ip6_src, 379 m->m_pkthdr.rcvif); 380 381 bzero(&dstsa, sizeof(struct sockaddr_in6)); 382 dstsa.sin6.sin6_len = sizeof(struct sockaddr_in6); 383 dstsa.sin6.sin6_family = AF_INET6; 384 dstsa.sin6.sin6_port = uh->uh_dport; 385 /* KAME hack: recover scopeid */ 386 (void)in6_recoverscope(&dstsa.sin6, &ip6->ip6_dst, 387 m->m_pkthdr.rcvif); 388 break; 389 #endif /* INET6 */ 390 } 391 392 #if NVXLAN > 0 393 if (vxlan_enable > 0 && 394 #if NPF > 0 395 !(m->m_pkthdr.pf.flags & PF_TAG_DIVERTED) && 396 #endif 397 (error = vxlan_lookup(m, uh, iphlen, &srcsa.sa)) != 0) { 398 if (error == -1) { 399 udpstat.udps_hdrops++; 400 m_freem(m); 401 } 402 return; 403 } 404 #endif 405 406 #ifdef INET6 407 if ((ip6 && IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) || 408 (ip && IN_MULTICAST(ip->ip_dst.s_addr)) || 409 (ip && in_broadcast(ip->ip_dst, m->m_pkthdr.rcvif, 410 m->m_pkthdr.ph_rtableid))) { 411 #else /* INET6 */ 412 if (IN_MULTICAST(ip->ip_dst.s_addr) || 413 in_broadcast(ip->ip_dst, m->m_pkthdr.rcvif, 414 m->m_pkthdr.ph_rtableid)) { 415 #endif /* INET6 */ 416 struct inpcb *last; 417 /* 418 * Deliver a multicast or broadcast datagram to *all* sockets 419 * for which the local and remote addresses and ports match 420 * those of the incoming datagram. This allows more than 421 * one process to receive multi/broadcasts on the same port. 422 * (This really ought to be done for unicast datagrams as 423 * well, but that would cause problems with existing 424 * applications that open both address-specific sockets and 425 * a wildcard socket listening to the same port -- they would 426 * end up receiving duplicates of every unicast datagram. 427 * Those applications open the multiple sockets to overcome an 428 * inadequacy of the UDP socket interface, but for backwards 429 * compatibility we avoid the problem here rather than 430 * fixing the interface. Maybe 4.5BSD will remedy this?) 431 */ 432 433 iphlen += sizeof(struct udphdr); 434 435 /* 436 * Locate pcb(s) for datagram. 437 * (Algorithm copied from raw_intr().) 438 */ 439 last = NULL; 440 TAILQ_FOREACH(inp, &udbtable.inpt_queue, inp_queue) { 441 if (inp->inp_socket->so_state & SS_CANTRCVMORE) 442 continue; 443 #ifdef INET6 444 /* don't accept it if AF does not match */ 445 if (ip6 && !(inp->inp_flags & INP_IPV6)) 446 continue; 447 if (!ip6 && (inp->inp_flags & INP_IPV6)) 448 continue; 449 #endif 450 if (rtable_l2(inp->inp_rtableid) != 451 rtable_l2(m->m_pkthdr.ph_rtableid)) 452 continue; 453 if (inp->inp_lport != uh->uh_dport) 454 continue; 455 #ifdef INET6 456 if (ip6) { 457 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6)) 458 if (!IN6_ARE_ADDR_EQUAL(&inp->inp_laddr6, 459 &ip6->ip6_dst)) 460 continue; 461 } else 462 #endif /* INET6 */ 463 if (inp->inp_laddr.s_addr != INADDR_ANY) { 464 if (inp->inp_laddr.s_addr != ip->ip_dst.s_addr) 465 continue; 466 } 467 #ifdef INET6 468 if (ip6) { 469 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->inp_faddr6)) 470 if (!IN6_ARE_ADDR_EQUAL(&inp->inp_faddr6, 471 &ip6->ip6_src) || 472 inp->inp_fport != uh->uh_sport) 473 continue; 474 } else 475 #endif /* INET6 */ 476 if (inp->inp_faddr.s_addr != INADDR_ANY) { 477 if (inp->inp_faddr.s_addr != 478 ip->ip_src.s_addr || 479 inp->inp_fport != uh->uh_sport) 480 continue; 481 } 482 483 if (last != NULL) { 484 struct mbuf *n; 485 486 if ((n = m_copy(m, 0, M_COPYALL)) != NULL) { 487 #ifdef INET6 488 if (ip6 && (last->inp_flags & 489 IN6P_CONTROLOPTS || 490 last->inp_socket->so_options & 491 SO_TIMESTAMP)) 492 ip6_savecontrol(last, n, &opts); 493 #endif /* INET6 */ 494 if (ip && (last->inp_flags & 495 INP_CONTROLOPTS || 496 last->inp_socket->so_options & 497 SO_TIMESTAMP)) 498 ip_savecontrol(last, &opts, 499 ip, n); 500 501 m_adj(n, iphlen); 502 if (sbappendaddr( 503 &last->inp_socket->so_rcv, 504 &srcsa.sa, n, opts) == 0) { 505 m_freem(n); 506 if (opts) 507 m_freem(opts); 508 udpstat.udps_fullsock++; 509 } else 510 sorwakeup(last->inp_socket); 511 opts = NULL; 512 } 513 } 514 last = inp; 515 /* 516 * Don't look for additional matches if this one does 517 * not have either the SO_REUSEPORT or SO_REUSEADDR 518 * socket options set. This heuristic avoids searching 519 * through all pcbs in the common case of a non-shared 520 * port. It assumes that an application will never 521 * clear these options after setting them. 522 */ 523 if ((last->inp_socket->so_options & (SO_REUSEPORT | 524 SO_REUSEADDR)) == 0) 525 break; 526 } 527 528 if (last == NULL) { 529 /* 530 * No matching pcb found; discard datagram. 531 * (No need to send an ICMP Port Unreachable 532 * for a broadcast or multicast datgram.) 533 */ 534 udpstat.udps_noportbcast++; 535 goto bad; 536 } 537 538 #ifdef INET6 539 if (ip6 && (last->inp_flags & IN6P_CONTROLOPTS || 540 last->inp_socket->so_options & SO_TIMESTAMP)) 541 ip6_savecontrol(last, m, &opts); 542 #endif /* INET6 */ 543 if (ip && (last->inp_flags & INP_CONTROLOPTS || 544 last->inp_socket->so_options & SO_TIMESTAMP)) 545 ip_savecontrol(last, &opts, ip, m); 546 547 m_adj(m, iphlen); 548 if (sbappendaddr(&last->inp_socket->so_rcv, 549 &srcsa.sa, m, opts) == 0) { 550 udpstat.udps_fullsock++; 551 goto bad; 552 } 553 sorwakeup(last->inp_socket); 554 return; 555 } 556 /* 557 * Locate pcb for datagram. 558 */ 559 #if 0 560 if (m->m_pkthdr.pf.statekey) 561 inp = m->m_pkthdr.pf.statekey->inp; 562 #endif 563 if (inp == NULL) { 564 #ifdef INET6 565 if (ip6) 566 inp = in6_pcbhashlookup(&udbtable, &ip6->ip6_src, 567 uh->uh_sport, &ip6->ip6_dst, uh->uh_dport, 568 m->m_pkthdr.ph_rtableid); 569 else 570 #endif /* INET6 */ 571 inp = in_pcbhashlookup(&udbtable, ip->ip_src, uh->uh_sport, 572 ip->ip_dst, uh->uh_dport, m->m_pkthdr.ph_rtableid); 573 #if NPF > 0 574 if (m->m_pkthdr.pf.statekey && inp) { 575 m->m_pkthdr.pf.statekey->inp = inp; 576 inp->inp_pf_sk = m->m_pkthdr.pf.statekey; 577 } 578 #endif 579 } 580 if (inp == 0) { 581 int inpl_reverse = 0; 582 if (m->m_pkthdr.pf.flags & PF_TAG_TRANSLATE_LOCALHOST) 583 inpl_reverse = 1; 584 ++udpstat.udps_pcbhashmiss; 585 #ifdef INET6 586 if (ip6) { 587 inp = in6_pcblookup_listen(&udbtable, 588 &ip6->ip6_dst, uh->uh_dport, inpl_reverse, m, 589 m->m_pkthdr.ph_rtableid); 590 } else 591 #endif /* INET6 */ 592 inp = in_pcblookup_listen(&udbtable, 593 ip->ip_dst, uh->uh_dport, inpl_reverse, m, 594 m->m_pkthdr.ph_rtableid); 595 if (inp == 0) { 596 udpstat.udps_noport++; 597 if (m->m_flags & (M_BCAST | M_MCAST)) { 598 udpstat.udps_noportbcast++; 599 goto bad; 600 } 601 #ifdef INET6 602 if (ip6) { 603 uh->uh_sum = savesum; 604 icmp6_error(m, ICMP6_DST_UNREACH, 605 ICMP6_DST_UNREACH_NOPORT,0); 606 } else 607 #endif /* INET6 */ 608 { 609 *ip = save_ip; 610 uh->uh_sum = savesum; 611 icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_PORT, 612 0, 0); 613 } 614 return; 615 } 616 } 617 KASSERT(sotoinpcb(inp->inp_socket) == inp); 618 619 #if NPF > 0 620 /* The statekey has finished finding the inp, it is no longer needed. */ 621 m->m_pkthdr.pf.statekey = NULL; 622 #endif 623 624 #ifdef IPSEC 625 mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL); 626 if (mtag != NULL) { 627 tdbi = (struct tdb_ident *)(mtag + 1); 628 tdb = gettdb(tdbi->rdomain, tdbi->spi, 629 &tdbi->dst, tdbi->proto); 630 } else 631 tdb = NULL; 632 ipsp_spd_lookup(m, srcsa.sa.sa_family, iphlen, &error, 633 IPSP_DIRECTION_IN, tdb, inp, 0); 634 if (error) { 635 udpstat.udps_nosec++; 636 goto bad; 637 } 638 639 /* Latch SA only if the socket is connected */ 640 if (inp->inp_tdb_in != tdb && 641 (inp->inp_socket->so_state & SS_ISCONNECTED)) { 642 if (tdb) { 643 tdb_add_inp(tdb, inp, 1); 644 if (inp->inp_ipo == NULL) { 645 inp->inp_ipo = ipsec_add_policy(inp, 646 srcsa.sa.sa_family, IPSP_DIRECTION_OUT); 647 if (inp->inp_ipo == NULL) { 648 goto bad; 649 } 650 } 651 if (inp->inp_ipo->ipo_dstid == NULL && 652 tdb->tdb_srcid != NULL) { 653 inp->inp_ipo->ipo_dstid = tdb->tdb_srcid; 654 tdb->tdb_srcid->ref_count++; 655 } 656 if (inp->inp_ipsec_remotecred == NULL && 657 tdb->tdb_remote_cred != NULL) { 658 inp->inp_ipsec_remotecred = 659 tdb->tdb_remote_cred; 660 tdb->tdb_remote_cred->ref_count++; 661 } 662 if (inp->inp_ipsec_remoteauth == NULL && 663 tdb->tdb_remote_auth != NULL) { 664 inp->inp_ipsec_remoteauth = 665 tdb->tdb_remote_auth; 666 tdb->tdb_remote_auth->ref_count++; 667 } 668 } else { /* Just reset */ 669 TAILQ_REMOVE(&inp->inp_tdb_in->tdb_inp_in, inp, 670 inp_tdb_in_next); 671 inp->inp_tdb_in = NULL; 672 } 673 } 674 /* create ipsec options while we know that tdb cannot be modified */ 675 if (tdb) 676 ipsecflowinfo = tdb->tdb_spi; 677 678 #endif /*IPSEC */ 679 680 opts = NULL; 681 #ifdef INET6 682 if (ip6 && (inp->inp_flags & IN6P_CONTROLOPTS || 683 inp->inp_socket->so_options & SO_TIMESTAMP)) 684 ip6_savecontrol(inp, m, &opts); 685 #endif /* INET6 */ 686 if (ip && (inp->inp_flags & INP_CONTROLOPTS || 687 inp->inp_socket->so_options & SO_TIMESTAMP)) 688 ip_savecontrol(inp, &opts, ip, m); 689 #ifdef INET6 690 if (ip6 && (inp->inp_flags & IN6P_RECVDSTPORT)) { 691 struct mbuf **mp = &opts; 692 693 while (*mp) 694 mp = &(*mp)->m_next; 695 *mp = sbcreatecontrol((caddr_t)&uh->uh_dport, sizeof(u_int16_t), 696 IPV6_RECVDSTPORT, IPPROTO_IPV6); 697 } 698 #endif /* INET6 */ 699 if (ip && (inp->inp_flags & INP_RECVDSTPORT)) { 700 struct mbuf **mp = &opts; 701 702 while (*mp) 703 mp = &(*mp)->m_next; 704 *mp = sbcreatecontrol((caddr_t)&uh->uh_dport, sizeof(u_int16_t), 705 IP_RECVDSTPORT, IPPROTO_IP); 706 } 707 #ifdef IPSEC 708 if (ipsecflowinfo && (inp->inp_flags & INP_IPSECFLOWINFO)) { 709 struct mbuf **mp = &opts; 710 711 while (*mp) 712 mp = &(*mp)->m_next; 713 *mp = sbcreatecontrol((caddr_t)&ipsecflowinfo, 714 sizeof(u_int32_t), IP_IPSECFLOWINFO, IPPROTO_IP); 715 } 716 #endif 717 #ifdef PIPEX 718 if (pipex_enable && inp->inp_pipex) { 719 struct pipex_session *session; 720 int off = iphlen + sizeof(struct udphdr); 721 if ((session = pipex_l2tp_lookup_session(m, off)) != NULL) { 722 if ((m = pipex_l2tp_input(m, off, session, 723 ipsecflowinfo)) == NULL) { 724 if (opts) 725 m_freem(opts); 726 return; /* the packet is handled by PIPEX */ 727 } 728 } 729 } 730 #endif 731 732 iphlen += sizeof(struct udphdr); 733 m_adj(m, iphlen); 734 if (sbappendaddr(&inp->inp_socket->so_rcv, &srcsa.sa, m, opts) == 0) { 735 udpstat.udps_fullsock++; 736 goto bad; 737 } 738 sorwakeup(inp->inp_socket); 739 return; 740 bad: 741 m_freem(m); 742 if (opts) 743 m_freem(opts); 744 } 745 746 /* 747 * Notify a udp user of an asynchronous error; 748 * just wake up so that he can collect error status. 749 */ 750 void 751 udp_notify(struct inpcb *inp, int errno) 752 { 753 inp->inp_socket->so_error = errno; 754 sorwakeup(inp->inp_socket); 755 sowwakeup(inp->inp_socket); 756 } 757 758 #ifdef INET6 759 void 760 udp6_ctlinput(int cmd, struct sockaddr *sa, u_int rdomain, void *d) 761 { 762 struct udphdr uh; 763 struct sockaddr_in6 sa6; 764 struct ip6_hdr *ip6; 765 struct mbuf *m; 766 int off; 767 void *cmdarg; 768 struct ip6ctlparam *ip6cp = NULL; 769 struct udp_portonly { 770 u_int16_t uh_sport; 771 u_int16_t uh_dport; 772 } *uhp; 773 void (*notify)(struct inpcb *, int) = udp_notify; 774 775 if (sa == NULL) 776 return; 777 if (sa->sa_family != AF_INET6 || 778 sa->sa_len != sizeof(struct sockaddr_in6)) 779 return; 780 781 if ((unsigned)cmd >= PRC_NCMDS) 782 return; 783 if (PRC_IS_REDIRECT(cmd)) 784 notify = in_rtchange, d = NULL; 785 else if (cmd == PRC_HOSTDEAD) 786 d = NULL; 787 else if (cmd == PRC_MSGSIZE) 788 ; /* special code is present, see below */ 789 else if (inet6ctlerrmap[cmd] == 0) 790 return; 791 792 /* if the parameter is from icmp6, decode it. */ 793 if (d != NULL) { 794 ip6cp = (struct ip6ctlparam *)d; 795 m = ip6cp->ip6c_m; 796 ip6 = ip6cp->ip6c_ip6; 797 off = ip6cp->ip6c_off; 798 cmdarg = ip6cp->ip6c_cmdarg; 799 } else { 800 m = NULL; 801 ip6 = NULL; 802 cmdarg = NULL; 803 /* XXX: translate addresses into internal form */ 804 sa6 = *(struct sockaddr_in6 *)sa; 805 #ifndef SCOPEDROUTING 806 if (in6_embedscope(&sa6.sin6_addr, &sa6, NULL, NULL)) { 807 /* should be impossible */ 808 return; 809 } 810 #endif 811 } 812 813 if (ip6cp && ip6cp->ip6c_finaldst) { 814 bzero(&sa6, sizeof(sa6)); 815 sa6.sin6_family = AF_INET6; 816 sa6.sin6_len = sizeof(sa6); 817 sa6.sin6_addr = *ip6cp->ip6c_finaldst; 818 /* XXX: assuming M is valid in this case */ 819 sa6.sin6_scope_id = in6_addr2scopeid(m->m_pkthdr.rcvif, 820 ip6cp->ip6c_finaldst); 821 #ifndef SCOPEDROUTING 822 if (in6_embedscope(ip6cp->ip6c_finaldst, &sa6, NULL, NULL)) { 823 /* should be impossible */ 824 return; 825 } 826 #endif 827 } else { 828 /* XXX: translate addresses into internal form */ 829 sa6 = *(struct sockaddr_in6 *)sa; 830 #ifndef SCOPEDROUTING 831 if (in6_embedscope(&sa6.sin6_addr, &sa6, NULL, NULL)) { 832 /* should be impossible */ 833 return; 834 } 835 #endif 836 } 837 838 if (ip6) { 839 /* 840 * XXX: We assume that when IPV6 is non NULL, 841 * M and OFF are valid. 842 */ 843 struct sockaddr_in6 sa6_src; 844 845 /* check if we can safely examine src and dst ports */ 846 if (m->m_pkthdr.len < off + sizeof(*uhp)) 847 return; 848 849 bzero(&uh, sizeof(uh)); 850 m_copydata(m, off, sizeof(*uhp), (caddr_t)&uh); 851 852 bzero(&sa6_src, sizeof(sa6_src)); 853 sa6_src.sin6_family = AF_INET6; 854 sa6_src.sin6_len = sizeof(sa6_src); 855 sa6_src.sin6_addr = ip6->ip6_src; 856 sa6_src.sin6_scope_id = in6_addr2scopeid(m->m_pkthdr.rcvif, 857 &ip6->ip6_src); 858 #ifndef SCOPEDROUTING 859 if (in6_embedscope(&sa6_src.sin6_addr, &sa6_src, NULL, NULL)) { 860 /* should be impossible */ 861 return; 862 } 863 #endif 864 865 if (cmd == PRC_MSGSIZE) { 866 int valid = 0; 867 868 /* 869 * Check to see if we have a valid UDP socket 870 * corresponding to the address in the ICMPv6 message 871 * payload. 872 */ 873 if (in6_pcbhashlookup(&udbtable, &sa6.sin6_addr, 874 uh.uh_dport, &sa6_src.sin6_addr, uh.uh_sport, 875 rdomain)) 876 valid = 1; 877 #if 0 878 /* 879 * As the use of sendto(2) is fairly popular, 880 * we may want to allow non-connected pcb too. 881 * But it could be too weak against attacks... 882 * We should at least check if the local address (= s) 883 * is really ours. 884 */ 885 else if (in6_pcblookup_listen(&udbtable, 886 &sa6_src.sin6_addr, uh.uh_sport, 0, 887 rdomain)) 888 valid = 1; 889 #endif 890 891 /* 892 * Depending on the value of "valid" and routing table 893 * size (mtudisc_{hi,lo}wat), we will: 894 * - recalculate the new MTU and create the 895 * corresponding routing entry, or 896 * - ignore the MTU change notification. 897 */ 898 icmp6_mtudisc_update((struct ip6ctlparam *)d, valid); 899 900 /* 901 * regardless of if we called icmp6_mtudisc_update(), 902 * we need to call in6_pcbnotify(), to notify path 903 * MTU change to the userland (2292bis-02), because 904 * some unconnected sockets may share the same 905 * destination and want to know the path MTU. 906 */ 907 } 908 909 (void) in6_pcbnotify(&udbtable, &sa6, uh.uh_dport, 910 &sa6_src, uh.uh_sport, rdomain, cmd, cmdarg, notify); 911 } else { 912 (void) in6_pcbnotify(&udbtable, &sa6, 0, 913 &sa6_any, 0, rdomain, cmd, cmdarg, notify); 914 } 915 } 916 #endif 917 918 void * 919 udp_ctlinput(int cmd, struct sockaddr *sa, u_int rdomain, void *v) 920 { 921 struct ip *ip = v; 922 struct udphdr *uhp; 923 struct in_addr faddr; 924 struct inpcb *inp; 925 void (*notify)(struct inpcb *, int) = udp_notify; 926 int errno; 927 928 if (sa == NULL) 929 return NULL; 930 if (sa->sa_family != AF_INET || 931 sa->sa_len != sizeof(struct sockaddr_in)) 932 return NULL; 933 faddr = satosin(sa)->sin_addr; 934 if (faddr.s_addr == INADDR_ANY) 935 return NULL; 936 937 if ((unsigned)cmd >= PRC_NCMDS) 938 return NULL; 939 errno = inetctlerrmap[cmd]; 940 if (PRC_IS_REDIRECT(cmd)) 941 notify = in_rtchange, ip = 0; 942 else if (cmd == PRC_HOSTDEAD) 943 ip = 0; 944 else if (errno == 0) 945 return NULL; 946 if (ip) { 947 uhp = (struct udphdr *)((caddr_t)ip + (ip->ip_hl << 2)); 948 949 #ifdef IPSEC 950 /* PMTU discovery for udpencap */ 951 if (cmd == PRC_MSGSIZE && ip_mtudisc && udpencap_enable && 952 udpencap_port && uhp->uh_sport == htons(udpencap_port)) { 953 udpencap_ctlinput(cmd, sa, rdomain, v); 954 return (NULL); 955 } 956 #endif 957 inp = in_pcbhashlookup(&udbtable, 958 ip->ip_dst, uhp->uh_dport, ip->ip_src, uhp->uh_sport, 959 rdomain); 960 if (inp && inp->inp_socket != NULL) 961 notify(inp, errno); 962 } else 963 in_pcbnotifyall(&udbtable, sa, rdomain, errno, notify); 964 return (NULL); 965 } 966 967 int 968 udp_output(struct inpcb *inp, struct mbuf *m, struct mbuf *addr, 969 struct mbuf *control) 970 { 971 struct sockaddr_in *sin = NULL; 972 struct udpiphdr *ui; 973 u_int32_t ipsecflowinfo = 0; 974 int len = m->m_pkthdr.len; 975 struct in_addr *laddr; 976 int error = 0; 977 978 #ifdef DIAGNOSTIC 979 if ((inp->inp_flags & INP_IPV6) != 0) 980 panic("IPv6 inpcb to %s", __func__); 981 #endif 982 983 /* 984 * Compute the packet length of the IP header, and 985 * punt if the length looks bogus. 986 */ 987 if ((len + sizeof(struct udpiphdr)) > IP_MAXPACKET) { 988 error = EMSGSIZE; 989 goto release; 990 } 991 992 if (addr) { 993 sin = mtod(addr, struct sockaddr_in *); 994 995 if (addr->m_len != sizeof(*sin)) { 996 error = EINVAL; 997 goto release; 998 } 999 if (sin->sin_family != AF_INET) { 1000 error = EAFNOSUPPORT; 1001 goto release; 1002 } 1003 if (sin->sin_port == 0) { 1004 error = EADDRNOTAVAIL; 1005 goto release; 1006 } 1007 1008 if (inp->inp_faddr.s_addr != INADDR_ANY) { 1009 error = EISCONN; 1010 goto release; 1011 } 1012 1013 error = in_selectsrc(&laddr, sin, inp->inp_moptions, 1014 &inp->inp_route, &inp->inp_laddr, inp->inp_rtableid); 1015 if (error) 1016 goto release; 1017 1018 if (inp->inp_lport == 0) { 1019 int s = splsoftnet(); 1020 error = in_pcbbind(inp, NULL, curproc); 1021 splx(s); 1022 if (error) 1023 goto release; 1024 } 1025 } else { 1026 if (inp->inp_faddr.s_addr == INADDR_ANY) { 1027 error = ENOTCONN; 1028 goto release; 1029 } 1030 laddr = &inp->inp_laddr; 1031 } 1032 1033 #ifdef IPSEC 1034 if (control && (inp->inp_flags & INP_IPSECFLOWINFO) != 0) { 1035 u_int clen; 1036 struct cmsghdr *cm; 1037 caddr_t cmsgs; 1038 1039 /* 1040 * XXX: Currently, we assume all the optional information is stored 1041 * in a single mbuf. 1042 */ 1043 if (control->m_next) { 1044 error = EINVAL; 1045 goto release; 1046 } 1047 1048 clen = control->m_len; 1049 cmsgs = mtod(control, caddr_t); 1050 do { 1051 if (clen < CMSG_LEN(0)) { 1052 error = EINVAL; 1053 goto release; 1054 } 1055 cm = (struct cmsghdr *)cmsgs; 1056 if (cm->cmsg_len < CMSG_LEN(0) || 1057 CMSG_ALIGN(cm->cmsg_len) > clen) { 1058 error = EINVAL; 1059 goto release; 1060 } 1061 if (cm->cmsg_len == CMSG_LEN(sizeof(ipsecflowinfo)) && 1062 cm->cmsg_level == IPPROTO_IP && 1063 cm->cmsg_type == IP_IPSECFLOWINFO) { 1064 ipsecflowinfo = *(u_int32_t *)CMSG_DATA(cm); 1065 break; 1066 } 1067 clen -= CMSG_ALIGN(cm->cmsg_len); 1068 cmsgs += CMSG_ALIGN(cm->cmsg_len); 1069 } while (clen); 1070 } 1071 #endif 1072 /* 1073 * Calculate data length and get a mbuf 1074 * for UDP and IP headers. 1075 */ 1076 M_PREPEND(m, sizeof(struct udpiphdr), M_DONTWAIT); 1077 if (m == NULL) { 1078 error = ENOBUFS; 1079 goto bail; 1080 } 1081 1082 /* 1083 * Fill in mbuf with extended UDP header 1084 * and addresses and length put into network format. 1085 */ 1086 ui = mtod(m, struct udpiphdr *); 1087 bzero(ui->ui_x1, sizeof ui->ui_x1); 1088 ui->ui_pr = IPPROTO_UDP; 1089 ui->ui_len = htons((u_int16_t)len + sizeof (struct udphdr)); 1090 ui->ui_src = *laddr; 1091 ui->ui_dst = sin ? sin->sin_addr : inp->inp_faddr; 1092 ui->ui_sport = inp->inp_lport; 1093 ui->ui_dport = sin ? sin->sin_port : inp->inp_fport; 1094 ui->ui_ulen = ui->ui_len; 1095 ((struct ip *)ui)->ip_len = htons(sizeof (struct udpiphdr) + len); 1096 ((struct ip *)ui)->ip_ttl = inp->inp_ip.ip_ttl; 1097 ((struct ip *)ui)->ip_tos = inp->inp_ip.ip_tos; 1098 if (udpcksum) 1099 m->m_pkthdr.csum_flags |= M_UDP_CSUM_OUT; 1100 1101 udpstat.udps_opackets++; 1102 1103 /* force routing table */ 1104 m->m_pkthdr.ph_rtableid = inp->inp_rtableid; 1105 1106 error = ip_output(m, inp->inp_options, &inp->inp_route, 1107 (inp->inp_socket->so_options & SO_BROADCAST), inp->inp_moptions, 1108 inp, ipsecflowinfo); 1109 if (error == EACCES) /* translate pf(4) error for userland */ 1110 error = EHOSTUNREACH; 1111 1112 bail: 1113 if (control) 1114 m_freem(control); 1115 return (error); 1116 1117 release: 1118 m_freem(m); 1119 goto bail; 1120 } 1121 1122 /*ARGSUSED*/ 1123 int 1124 udp_usrreq(struct socket *so, int req, struct mbuf *m, struct mbuf *addr, 1125 struct mbuf *control, struct proc *p) 1126 { 1127 struct inpcb *inp = sotoinpcb(so); 1128 int error = 0; 1129 int s; 1130 1131 if (req == PRU_CONTROL) { 1132 #ifdef INET6 1133 if (inp->inp_flags & INP_IPV6) 1134 return (in6_control(so, (u_long)m, (caddr_t)addr, 1135 (struct ifnet *)control)); 1136 else 1137 #endif /* INET6 */ 1138 return (in_control(so, (u_long)m, (caddr_t)addr, 1139 (struct ifnet *)control)); 1140 } 1141 if (inp == NULL && req != PRU_ATTACH) { 1142 error = EINVAL; 1143 goto release; 1144 } 1145 /* 1146 * Note: need to block udp_input while changing 1147 * the udp pcb queue and/or pcb addresses. 1148 */ 1149 switch (req) { 1150 1151 case PRU_ATTACH: 1152 if (inp != NULL) { 1153 error = EINVAL; 1154 break; 1155 } 1156 s = splsoftnet(); 1157 if ((error = soreserve(so, udp_sendspace, udp_recvspace)) || 1158 (error = in_pcballoc(so, &udbtable))) { 1159 splx(s); 1160 break; 1161 } 1162 splx(s); 1163 #ifdef INET6 1164 if (sotoinpcb(so)->inp_flags & INP_IPV6) 1165 sotoinpcb(so)->inp_ipv6.ip6_hlim = ip6_defhlim; 1166 else 1167 #endif /* INET6 */ 1168 sotoinpcb(so)->inp_ip.ip_ttl = ip_defttl; 1169 break; 1170 1171 case PRU_DETACH: 1172 udp_detach(inp); 1173 break; 1174 1175 case PRU_BIND: 1176 s = splsoftnet(); 1177 #ifdef INET6 1178 if (inp->inp_flags & INP_IPV6) 1179 error = in6_pcbbind(inp, addr, p); 1180 else 1181 #endif 1182 error = in_pcbbind(inp, addr, p); 1183 splx(s); 1184 break; 1185 1186 case PRU_LISTEN: 1187 error = EOPNOTSUPP; 1188 break; 1189 1190 case PRU_CONNECT: 1191 #ifdef INET6 1192 if (inp->inp_flags & INP_IPV6) { 1193 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->inp_faddr6)) { 1194 error = EISCONN; 1195 break; 1196 } 1197 s = splsoftnet(); 1198 error = in6_pcbconnect(inp, addr); 1199 splx(s); 1200 } else 1201 #endif /* INET6 */ 1202 { 1203 if (inp->inp_faddr.s_addr != INADDR_ANY) { 1204 error = EISCONN; 1205 break; 1206 } 1207 s = splsoftnet(); 1208 error = in_pcbconnect(inp, addr); 1209 splx(s); 1210 } 1211 1212 if (error == 0) 1213 soisconnected(so); 1214 break; 1215 1216 case PRU_CONNECT2: 1217 error = EOPNOTSUPP; 1218 break; 1219 1220 case PRU_ACCEPT: 1221 error = EOPNOTSUPP; 1222 break; 1223 1224 case PRU_DISCONNECT: 1225 #ifdef INET6 1226 if (inp->inp_flags & INP_IPV6) { 1227 if (IN6_IS_ADDR_UNSPECIFIED(&inp->inp_faddr6)) { 1228 error = ENOTCONN; 1229 break; 1230 } 1231 } else 1232 #endif /* INET6 */ 1233 { 1234 if (inp->inp_faddr.s_addr == INADDR_ANY) { 1235 error = ENOTCONN; 1236 break; 1237 } 1238 } 1239 1240 s = splsoftnet(); 1241 #ifdef INET6 1242 if (inp->inp_flags & INP_IPV6) 1243 inp->inp_laddr6 = in6addr_any; 1244 else 1245 #endif /* INET6 */ 1246 inp->inp_laddr.s_addr = INADDR_ANY; 1247 in_pcbdisconnect(inp); 1248 1249 splx(s); 1250 so->so_state &= ~SS_ISCONNECTED; /* XXX */ 1251 break; 1252 1253 case PRU_SHUTDOWN: 1254 socantsendmore(so); 1255 break; 1256 1257 case PRU_SEND: 1258 #ifdef PIPEX 1259 if (inp->inp_pipex) { 1260 struct pipex_session *session; 1261 1262 if (addr != NULL) 1263 session = 1264 pipex_l2tp_userland_lookup_session(m, 1265 mtod(addr, struct sockaddr *)); 1266 else 1267 #ifdef INET6 1268 if (inp->inp_flags & INP_IPV6) 1269 session = 1270 pipex_l2tp_userland_lookup_session_ipv6( 1271 m, inp->inp_faddr6); 1272 else 1273 #endif 1274 session = 1275 pipex_l2tp_userland_lookup_session_ipv4( 1276 m, inp->inp_faddr); 1277 if (session != NULL) 1278 if ((m = pipex_l2tp_userland_output( 1279 m, session)) == NULL) { 1280 error = ENOMEM; 1281 goto release; 1282 } 1283 } 1284 #endif 1285 1286 #ifdef INET6 1287 if (inp->inp_flags & INP_IPV6) 1288 return (udp6_output(inp, m, addr, control)); 1289 else 1290 return (udp_output(inp, m, addr, control)); 1291 #else 1292 return (udp_output(inp, m, addr, control)); 1293 #endif 1294 1295 case PRU_ABORT: 1296 soisdisconnected(so); 1297 udp_detach(inp); 1298 break; 1299 1300 case PRU_SOCKADDR: 1301 #ifdef INET6 1302 if (inp->inp_flags & INP_IPV6) 1303 in6_setsockaddr(inp, addr); 1304 else 1305 #endif /* INET6 */ 1306 in_setsockaddr(inp, addr); 1307 break; 1308 1309 case PRU_PEERADDR: 1310 #ifdef INET6 1311 if (inp->inp_flags & INP_IPV6) 1312 in6_setpeeraddr(inp, addr); 1313 else 1314 #endif /* INET6 */ 1315 in_setpeeraddr(inp, addr); 1316 break; 1317 1318 case PRU_SENSE: 1319 /* 1320 * stat: don't bother with a blocksize. 1321 */ 1322 /* 1323 * Perhaps Path MTU might be returned for a connected 1324 * UDP socket in this case. 1325 */ 1326 return (0); 1327 1328 case PRU_SENDOOB: 1329 case PRU_FASTTIMO: 1330 case PRU_SLOWTIMO: 1331 case PRU_PROTORCV: 1332 case PRU_PROTOSEND: 1333 error = EOPNOTSUPP; 1334 break; 1335 1336 case PRU_RCVD: 1337 case PRU_RCVOOB: 1338 return (EOPNOTSUPP); /* do not free mbuf's */ 1339 1340 default: 1341 panic("udp_usrreq"); 1342 } 1343 1344 release: 1345 if (control) { 1346 m_freem(control); 1347 } 1348 if (m) 1349 m_freem(m); 1350 return (error); 1351 } 1352 1353 void 1354 udp_detach(struct inpcb *inp) 1355 { 1356 int s = splsoftnet(); 1357 1358 in_pcbdetach(inp); 1359 splx(s); 1360 } 1361 1362 /* 1363 * Sysctl for udp variables. 1364 */ 1365 int 1366 udp_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp, 1367 size_t newlen) 1368 { 1369 /* All sysctl names at this level are terminal. */ 1370 if (namelen != 1) 1371 return (ENOTDIR); 1372 1373 switch (name[0]) { 1374 case UDPCTL_BADDYNAMIC: 1375 return (sysctl_struct(oldp, oldlenp, newp, newlen, 1376 baddynamicports.udp, sizeof(baddynamicports.udp))); 1377 1378 case UDPCTL_STATS: 1379 if (newp != NULL) 1380 return (EPERM); 1381 return (sysctl_struct(oldp, oldlenp, newp, newlen, 1382 &udpstat, sizeof(udpstat))); 1383 1384 default: 1385 if (name[0] < UDPCTL_MAXID) 1386 return (sysctl_int_arr(udpctl_vars, name, namelen, 1387 oldp, oldlenp, newp, newlen)); 1388 return (ENOPROTOOPT); 1389 } 1390 /* NOTREACHED */ 1391 } 1392