1 /* $OpenBSD: udp_usrreq.c,v 1.149 2012/07/17 03:18:57 yasuoka Exp $ */ 2 /* $NetBSD: udp_usrreq.c,v 1.28 1996/03/16 23:54:03 christos Exp $ */ 3 4 /* 5 * Copyright (c) 1982, 1986, 1988, 1990, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * @(#)COPYRIGHT 1.1 (NRL) 17 January 1995 33 * 34 * NRL grants permission for redistribution and use in source and binary 35 * forms, with or without modification, of the software and documentation 36 * created at NRL provided that the following conditions are met: 37 * 38 * 1. Redistributions of source code must retain the above copyright 39 * notice, this list of conditions and the following disclaimer. 40 * 2. Redistributions in binary form must reproduce the above copyright 41 * notice, this list of conditions and the following disclaimer in the 42 * documentation and/or other materials provided with the distribution. 43 * 3. All advertising materials mentioning features or use of this software 44 * must display the following acknowledgements: 45 * This product includes software developed by the University of 46 * California, Berkeley and its contributors. 47 * This product includes software developed at the Information 48 * Technology Division, US Naval Research Laboratory. 49 * 4. Neither the name of the NRL nor the names of its contributors 50 * may be used to endorse or promote products derived from this software 51 * without specific prior written permission. 52 * 53 * THE SOFTWARE PROVIDED BY NRL IS PROVIDED BY NRL AND CONTRIBUTORS ``AS 54 * IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 55 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A 56 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL NRL OR 57 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 58 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 59 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 60 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 61 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 62 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 63 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 64 * 65 * The views and conclusions contained in the software and documentation 66 * are those of the authors and should not be interpreted as representing 67 * official policies, either expressed or implied, of the US Naval 68 * Research Laboratory (NRL). 69 */ 70 71 #include <sys/param.h> 72 #include <sys/systm.h> 73 #include <sys/mbuf.h> 74 #include <sys/protosw.h> 75 #include <sys/socket.h> 76 #include <sys/socketvar.h> 77 #include <sys/proc.h> 78 #include <sys/sysctl.h> 79 80 #include <net/if.h> 81 #include <net/route.h> 82 83 #include <netinet/in.h> 84 #include <netinet/in_systm.h> 85 #include <netinet/in_var.h> 86 #include <netinet/ip.h> 87 #include <netinet/in_pcb.h> 88 #include <netinet/ip_var.h> 89 #include <netinet/ip_icmp.h> 90 #include <netinet/udp.h> 91 #include <netinet/udp_var.h> 92 93 #ifdef IPSEC 94 #include <netinet/ip_ipsp.h> 95 #include <netinet/ip_esp.h> 96 #endif 97 98 #ifdef INET6 99 #ifndef INET 100 #include <netinet/in.h> 101 #endif 102 #include <netinet6/ip6protosw.h> 103 104 extern int ip6_defhlim; 105 #endif /* INET6 */ 106 107 #include "faith.h" 108 #if NFAITH > 0 109 #include <net/if_types.h> 110 #endif 111 112 #include "pf.h" 113 #if NPF > 0 114 #include <net/pfvar.h> 115 #endif 116 117 #ifdef PIPEX 118 #include <netinet/if_ether.h> 119 #include <net/pipex.h> 120 #endif 121 122 /* 123 * UDP protocol implementation. 124 * Per RFC 768, August, 1980. 125 */ 126 int udpcksum = 1; 127 128 u_int udp_sendspace = 9216; /* really max datagram size */ 129 u_int udp_recvspace = 40 * (1024 + sizeof(struct sockaddr_in)); 130 /* 40 1K datagrams */ 131 132 int *udpctl_vars[UDPCTL_MAXID] = UDPCTL_VARS; 133 134 struct inpcbtable udbtable; 135 struct udpstat udpstat; 136 137 void udp_detach(struct inpcb *); 138 void udp_notify(struct inpcb *, int); 139 140 #ifndef UDBHASHSIZE 141 #define UDBHASHSIZE 128 142 #endif 143 int udbhashsize = UDBHASHSIZE; 144 145 /* from in_pcb.c */ 146 extern struct baddynamicports baddynamicports; 147 148 void 149 udp_init() 150 { 151 in_pcbinit(&udbtable, udbhashsize); 152 } 153 154 #ifdef INET6 155 int 156 udp6_input(struct mbuf **mp, int *offp, int proto) 157 { 158 struct mbuf *m = *mp; 159 160 #if NFAITH > 0 161 if (m->m_pkthdr.rcvif) { 162 if (m->m_pkthdr.rcvif->if_type == IFT_FAITH) { 163 /* XXX send icmp6 host/port unreach? */ 164 m_freem(m); 165 return IPPROTO_DONE; 166 } 167 } 168 #endif 169 170 udp_input(m, *offp, proto); 171 return IPPROTO_DONE; 172 } 173 #endif 174 175 void 176 udp_input(struct mbuf *m, ...) 177 { 178 struct ip *ip; 179 struct udphdr *uh; 180 struct inpcb *inp = NULL; 181 struct mbuf *opts = NULL; 182 struct ip save_ip; 183 int iphlen, len; 184 va_list ap; 185 u_int16_t savesum; 186 union { 187 struct sockaddr sa; 188 struct sockaddr_in sin; 189 #ifdef INET6 190 struct sockaddr_in6 sin6; 191 #endif /* INET6 */ 192 } srcsa, dstsa; 193 #ifdef INET6 194 struct ip6_hdr *ip6; 195 #endif /* INET6 */ 196 #ifdef IPSEC 197 struct m_tag *mtag; 198 struct tdb_ident *tdbi; 199 struct tdb *tdb; 200 int error, s; 201 u_int32_t ipsecflowinfo = 0; 202 #endif /* IPSEC */ 203 204 va_start(ap, m); 205 iphlen = va_arg(ap, int); 206 va_end(ap); 207 208 udpstat.udps_ipackets++; 209 210 switch (mtod(m, struct ip *)->ip_v) { 211 case 4: 212 ip = mtod(m, struct ip *); 213 #ifdef INET6 214 ip6 = NULL; 215 #endif /* INET6 */ 216 srcsa.sa.sa_family = AF_INET; 217 break; 218 #ifdef INET6 219 case 6: 220 ip = NULL; 221 ip6 = mtod(m, struct ip6_hdr *); 222 srcsa.sa.sa_family = AF_INET6; 223 break; 224 #endif /* INET6 */ 225 default: 226 goto bad; 227 } 228 229 IP6_EXTHDR_GET(uh, struct udphdr *, m, iphlen, sizeof(struct udphdr)); 230 if (!uh) { 231 udpstat.udps_hdrops++; 232 return; 233 } 234 235 /* Check for illegal destination port 0 */ 236 if (uh->uh_dport == 0) { 237 udpstat.udps_noport++; 238 goto bad; 239 } 240 241 /* 242 * Make mbuf data length reflect UDP length. 243 * If not enough data to reflect UDP length, drop. 244 */ 245 len = ntohs((u_int16_t)uh->uh_ulen); 246 if (ip) { 247 if (m->m_pkthdr.len - iphlen != len) { 248 if (len > (m->m_pkthdr.len - iphlen) || 249 len < sizeof(struct udphdr)) { 250 udpstat.udps_badlen++; 251 goto bad; 252 } 253 m_adj(m, len - (m->m_pkthdr.len - iphlen)); 254 } 255 } 256 #ifdef INET6 257 else if (ip6) { 258 /* jumbograms */ 259 if (len == 0 && m->m_pkthdr.len - iphlen > 0xffff) 260 len = m->m_pkthdr.len - iphlen; 261 if (len != m->m_pkthdr.len - iphlen) { 262 udpstat.udps_badlen++; 263 goto bad; 264 } 265 } 266 #endif 267 else /* shouldn't happen */ 268 goto bad; 269 270 /* 271 * Save a copy of the IP header in case we want restore it 272 * for sending an ICMP error message in response. 273 */ 274 if (ip) 275 save_ip = *ip; 276 277 /* 278 * Checksum extended UDP header and data. 279 * from W.R.Stevens: check incoming udp cksums even if 280 * udpcksum is not set. 281 */ 282 savesum = uh->uh_sum; 283 #ifdef INET6 284 if (ip6) { 285 /* Be proactive about malicious use of IPv4 mapped address */ 286 if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) || 287 IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) { 288 /* XXX stat */ 289 goto bad; 290 } 291 292 /* 293 * In IPv6, the UDP checksum is ALWAYS used. 294 */ 295 if (uh->uh_sum == 0) { 296 udpstat.udps_nosum++; 297 goto bad; 298 } 299 if ((m->m_pkthdr.csum_flags & M_UDP_CSUM_IN_OK) == 0) { 300 if (m->m_pkthdr.csum_flags & M_UDP_CSUM_IN_BAD) { 301 udpstat.udps_badsum++; 302 udpstat.udps_inhwcsum++; 303 goto bad; 304 } 305 306 if ((uh->uh_sum = in6_cksum(m, IPPROTO_UDP, 307 iphlen, len))) { 308 udpstat.udps_badsum++; 309 goto bad; 310 } 311 } else { 312 m->m_pkthdr.csum_flags &= ~M_UDP_CSUM_IN_OK; 313 udpstat.udps_inhwcsum++; 314 } 315 } else 316 #endif /* INET6 */ 317 if (uh->uh_sum) { 318 if ((m->m_pkthdr.csum_flags & M_UDP_CSUM_IN_OK) == 0) { 319 if (m->m_pkthdr.csum_flags & M_UDP_CSUM_IN_BAD) { 320 udpstat.udps_badsum++; 321 udpstat.udps_inhwcsum++; 322 m_freem(m); 323 return; 324 } 325 326 if ((uh->uh_sum = in4_cksum(m, IPPROTO_UDP, 327 iphlen, len))) { 328 udpstat.udps_badsum++; 329 m_freem(m); 330 return; 331 } 332 } else { 333 m->m_pkthdr.csum_flags &= ~M_UDP_CSUM_IN_OK; 334 udpstat.udps_inhwcsum++; 335 } 336 } else 337 udpstat.udps_nosum++; 338 339 #ifdef IPSEC 340 if (udpencap_enable && udpencap_port && 341 uh->uh_dport == htons(udpencap_port)) { 342 u_int32_t spi; 343 int skip = iphlen + sizeof(struct udphdr); 344 345 if (m->m_pkthdr.len - skip < sizeof(u_int32_t)) { 346 /* packet too short */ 347 m_freem(m); 348 return; 349 } 350 m_copydata(m, skip, sizeof(u_int32_t), (caddr_t) &spi); 351 /* 352 * decapsulate if the SPI is not zero, otherwise pass 353 * to userland 354 */ 355 if (spi != 0) { 356 if ((m = m_pullup(m, skip)) == NULL) { 357 udpstat.udps_hdrops++; 358 return; 359 } 360 361 /* remove the UDP header */ 362 bcopy(mtod(m, u_char *), 363 mtod(m, u_char *) + sizeof(struct udphdr), iphlen); 364 m_adj(m, sizeof(struct udphdr)); 365 skip -= sizeof(struct udphdr); 366 367 espstat.esps_udpencin++; 368 ipsec_common_input(m, skip, offsetof(struct ip, ip_p), 369 srcsa.sa.sa_family, IPPROTO_ESP, 1); 370 return; 371 } 372 } 373 #endif 374 375 switch (srcsa.sa.sa_family) { 376 case AF_INET: 377 bzero(&srcsa, sizeof(struct sockaddr_in)); 378 srcsa.sin.sin_len = sizeof(struct sockaddr_in); 379 srcsa.sin.sin_family = AF_INET; 380 srcsa.sin.sin_port = uh->uh_sport; 381 srcsa.sin.sin_addr = ip->ip_src; 382 383 bzero(&dstsa, sizeof(struct sockaddr_in)); 384 dstsa.sin.sin_len = sizeof(struct sockaddr_in); 385 dstsa.sin.sin_family = AF_INET; 386 dstsa.sin.sin_port = uh->uh_dport; 387 dstsa.sin.sin_addr = ip->ip_dst; 388 break; 389 #ifdef INET6 390 case AF_INET6: 391 bzero(&srcsa, sizeof(struct sockaddr_in6)); 392 srcsa.sin6.sin6_len = sizeof(struct sockaddr_in6); 393 srcsa.sin6.sin6_family = AF_INET6; 394 srcsa.sin6.sin6_port = uh->uh_sport; 395 #if 0 /*XXX inbound flowinfo */ 396 srcsa.sin6.sin6_flowinfo = htonl(0x0fffffff) & ip6->ip6_flow; 397 #endif 398 /* KAME hack: recover scopeid */ 399 (void)in6_recoverscope(&srcsa.sin6, &ip6->ip6_src, 400 m->m_pkthdr.rcvif); 401 402 bzero(&dstsa, sizeof(struct sockaddr_in6)); 403 dstsa.sin6.sin6_len = sizeof(struct sockaddr_in6); 404 dstsa.sin6.sin6_family = AF_INET6; 405 dstsa.sin6.sin6_port = uh->uh_dport; 406 /* KAME hack: recover scopeid */ 407 (void)in6_recoverscope(&dstsa.sin6, &ip6->ip6_dst, 408 m->m_pkthdr.rcvif); 409 break; 410 #endif /* INET6 */ 411 } 412 413 #ifdef INET6 414 if ((ip6 && IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) || 415 (ip && IN_MULTICAST(ip->ip_dst.s_addr)) || 416 (ip && in_broadcast(ip->ip_dst, m->m_pkthdr.rcvif, 417 m->m_pkthdr.rdomain))) { 418 #else /* INET6 */ 419 if (IN_MULTICAST(ip->ip_dst.s_addr) || 420 in_broadcast(ip->ip_dst, m->m_pkthdr.rcvif, m->m_pkthdr.rdomain)) { 421 #endif /* INET6 */ 422 struct inpcb *last; 423 /* 424 * Deliver a multicast or broadcast datagram to *all* sockets 425 * for which the local and remote addresses and ports match 426 * those of the incoming datagram. This allows more than 427 * one process to receive multi/broadcasts on the same port. 428 * (This really ought to be done for unicast datagrams as 429 * well, but that would cause problems with existing 430 * applications that open both address-specific sockets and 431 * a wildcard socket listening to the same port -- they would 432 * end up receiving duplicates of every unicast datagram. 433 * Those applications open the multiple sockets to overcome an 434 * inadequacy of the UDP socket interface, but for backwards 435 * compatibility we avoid the problem here rather than 436 * fixing the interface. Maybe 4.5BSD will remedy this?) 437 */ 438 439 iphlen += sizeof(struct udphdr); 440 441 /* 442 * Locate pcb(s) for datagram. 443 * (Algorithm copied from raw_intr().) 444 */ 445 last = NULL; 446 CIRCLEQ_FOREACH(inp, &udbtable.inpt_queue, inp_queue) { 447 if (inp->inp_socket->so_state & SS_CANTRCVMORE) 448 continue; 449 #ifdef INET6 450 /* don't accept it if AF does not match */ 451 if (ip6 && !(inp->inp_flags & INP_IPV6)) 452 continue; 453 if (!ip6 && (inp->inp_flags & INP_IPV6)) 454 continue; 455 #endif 456 if (rtable_l2(inp->inp_rtableid) != 457 rtable_l2(m->m_pkthdr.rdomain)) 458 continue; 459 if (inp->inp_lport != uh->uh_dport) 460 continue; 461 #ifdef INET6 462 if (ip6) { 463 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6)) 464 if (!IN6_ARE_ADDR_EQUAL(&inp->inp_laddr6, 465 &ip6->ip6_dst)) 466 continue; 467 } else 468 #endif /* INET6 */ 469 if (inp->inp_laddr.s_addr != INADDR_ANY) { 470 if (inp->inp_laddr.s_addr != ip->ip_dst.s_addr) 471 continue; 472 } 473 #ifdef INET6 474 if (ip6) { 475 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->inp_faddr6)) 476 if (!IN6_ARE_ADDR_EQUAL(&inp->inp_faddr6, 477 &ip6->ip6_src) || 478 inp->inp_fport != uh->uh_sport) 479 continue; 480 } else 481 #endif /* INET6 */ 482 if (inp->inp_faddr.s_addr != INADDR_ANY) { 483 if (inp->inp_faddr.s_addr != 484 ip->ip_src.s_addr || 485 inp->inp_fport != uh->uh_sport) 486 continue; 487 } 488 489 if (last != NULL) { 490 struct mbuf *n; 491 492 if ((n = m_copy(m, 0, M_COPYALL)) != NULL) { 493 #ifdef INET6 494 if (ip6 && (last->inp_flags & 495 IN6P_CONTROLOPTS || 496 last->inp_socket->so_options & 497 SO_TIMESTAMP)) 498 ip6_savecontrol(last, n, &opts); 499 #endif /* INET6 */ 500 if (ip && (last->inp_flags & 501 INP_CONTROLOPTS || 502 last->inp_socket->so_options & 503 SO_TIMESTAMP)) 504 ip_savecontrol(last, &opts, 505 ip, n); 506 507 m_adj(n, iphlen); 508 if (sbappendaddr( 509 &last->inp_socket->so_rcv, 510 &srcsa.sa, n, opts) == 0) { 511 m_freem(n); 512 if (opts) 513 m_freem(opts); 514 udpstat.udps_fullsock++; 515 } else 516 sorwakeup(last->inp_socket); 517 opts = NULL; 518 } 519 } 520 last = inp; 521 /* 522 * Don't look for additional matches if this one does 523 * not have either the SO_REUSEPORT or SO_REUSEADDR 524 * socket options set. This heuristic avoids searching 525 * through all pcbs in the common case of a non-shared 526 * port. It assumes that an application will never 527 * clear these options after setting them. 528 */ 529 if ((last->inp_socket->so_options & (SO_REUSEPORT | 530 SO_REUSEADDR)) == 0) 531 break; 532 } 533 534 if (last == NULL) { 535 /* 536 * No matching pcb found; discard datagram. 537 * (No need to send an ICMP Port Unreachable 538 * for a broadcast or multicast datgram.) 539 */ 540 udpstat.udps_noportbcast++; 541 goto bad; 542 } 543 544 #ifdef INET6 545 if (ip6 && (last->inp_flags & IN6P_CONTROLOPTS || 546 last->inp_socket->so_options & SO_TIMESTAMP)) 547 ip6_savecontrol(last, m, &opts); 548 #endif /* INET6 */ 549 if (ip && (last->inp_flags & INP_CONTROLOPTS || 550 last->inp_socket->so_options & SO_TIMESTAMP)) 551 ip_savecontrol(last, &opts, ip, m); 552 553 m_adj(m, iphlen); 554 if (sbappendaddr(&last->inp_socket->so_rcv, 555 &srcsa.sa, m, opts) == 0) { 556 udpstat.udps_fullsock++; 557 goto bad; 558 } 559 sorwakeup(last->inp_socket); 560 return; 561 } 562 /* 563 * Locate pcb for datagram. 564 */ 565 #if 0 566 if (m->m_pkthdr.pf.statekey) 567 inp = ((struct pf_state_key *)m->m_pkthdr.pf.statekey)->inp; 568 #endif 569 if (inp == NULL) { 570 #ifdef INET6 571 if (ip6) 572 inp = in6_pcbhashlookup(&udbtable, &ip6->ip6_src, 573 uh->uh_sport, &ip6->ip6_dst, uh->uh_dport); 574 else 575 #endif /* INET6 */ 576 inp = in_pcbhashlookup(&udbtable, ip->ip_src, uh->uh_sport, 577 ip->ip_dst, uh->uh_dport, m->m_pkthdr.rdomain); 578 #if NPF > 0 579 if (m->m_pkthdr.pf.statekey && inp) { 580 ((struct pf_state_key *)m->m_pkthdr.pf.statekey)->inp = 581 inp; 582 inp->inp_pf_sk = m->m_pkthdr.pf.statekey; 583 } 584 #endif 585 } 586 if (inp == 0) { 587 int inpl_reverse = 0; 588 if (m->m_pkthdr.pf.flags & PF_TAG_TRANSLATE_LOCALHOST) 589 inpl_reverse = 1; 590 ++udpstat.udps_pcbhashmiss; 591 #ifdef INET6 592 if (ip6) { 593 inp = in6_pcblookup_listen(&udbtable, 594 &ip6->ip6_dst, uh->uh_dport, inpl_reverse, m); 595 } else 596 #endif /* INET6 */ 597 inp = in_pcblookup_listen(&udbtable, 598 ip->ip_dst, uh->uh_dport, inpl_reverse, m, 599 m->m_pkthdr.rdomain); 600 if (inp == 0) { 601 udpstat.udps_noport++; 602 if (m->m_flags & (M_BCAST | M_MCAST)) { 603 udpstat.udps_noportbcast++; 604 goto bad; 605 } 606 #ifdef INET6 607 if (ip6) { 608 uh->uh_sum = savesum; 609 icmp6_error(m, ICMP6_DST_UNREACH, 610 ICMP6_DST_UNREACH_NOPORT,0); 611 } else 612 #endif /* INET6 */ 613 { 614 *ip = save_ip; 615 uh->uh_sum = savesum; 616 icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_PORT, 617 0, 0); 618 } 619 return; 620 } 621 } 622 623 #ifdef IPSEC 624 mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL); 625 s = splnet(); 626 if (mtag != NULL) { 627 tdbi = (struct tdb_ident *)(mtag + 1); 628 tdb = gettdb(tdbi->rdomain, tdbi->spi, 629 &tdbi->dst, tdbi->proto); 630 } else 631 tdb = NULL; 632 ipsp_spd_lookup(m, srcsa.sa.sa_family, iphlen, &error, 633 IPSP_DIRECTION_IN, tdb, inp, 0); 634 if (error) { 635 splx(s); 636 goto bad; 637 } 638 639 /* Latch SA only if the socket is connected */ 640 if (inp->inp_tdb_in != tdb && 641 (inp->inp_socket->so_state & SS_ISCONNECTED)) { 642 if (tdb) { 643 tdb_add_inp(tdb, inp, 1); 644 if (inp->inp_ipo == NULL) { 645 inp->inp_ipo = ipsec_add_policy(inp, 646 srcsa.sa.sa_family, IPSP_DIRECTION_OUT); 647 if (inp->inp_ipo == NULL) { 648 splx(s); 649 goto bad; 650 } 651 } 652 if (inp->inp_ipo->ipo_dstid == NULL && 653 tdb->tdb_srcid != NULL) { 654 inp->inp_ipo->ipo_dstid = tdb->tdb_srcid; 655 tdb->tdb_srcid->ref_count++; 656 } 657 if (inp->inp_ipsec_remotecred == NULL && 658 tdb->tdb_remote_cred != NULL) { 659 inp->inp_ipsec_remotecred = 660 tdb->tdb_remote_cred; 661 tdb->tdb_remote_cred->ref_count++; 662 } 663 if (inp->inp_ipsec_remoteauth == NULL && 664 tdb->tdb_remote_auth != NULL) { 665 inp->inp_ipsec_remoteauth = 666 tdb->tdb_remote_auth; 667 tdb->tdb_remote_auth->ref_count++; 668 } 669 } else { /* Just reset */ 670 TAILQ_REMOVE(&inp->inp_tdb_in->tdb_inp_in, inp, 671 inp_tdb_in_next); 672 inp->inp_tdb_in = NULL; 673 } 674 } 675 /* create ipsec options while we know that tdb cannot be modified */ 676 if (tdb) 677 ipsecflowinfo = tdb->tdb_spi; 678 679 splx(s); 680 #endif /*IPSEC */ 681 682 opts = NULL; 683 #ifdef INET6 684 if (ip6 && (inp->inp_flags & IN6P_CONTROLOPTS || 685 inp->inp_socket->so_options & SO_TIMESTAMP)) 686 ip6_savecontrol(inp, m, &opts); 687 #endif /* INET6 */ 688 if (ip && (inp->inp_flags & INP_CONTROLOPTS || 689 inp->inp_socket->so_options & SO_TIMESTAMP)) 690 ip_savecontrol(inp, &opts, ip, m); 691 if (ip && (inp->inp_flags & INP_RECVDSTPORT)) { 692 struct mbuf **mp = &opts; 693 694 while (*mp) 695 mp = &(*mp)->m_next; 696 *mp = sbcreatecontrol((caddr_t)&uh->uh_dport, sizeof(u_int16_t), 697 IP_RECVDSTPORT, IPPROTO_IP); 698 } 699 #ifdef IPSEC 700 if (ipsecflowinfo && (inp->inp_flags & INP_IPSECFLOWINFO)) { 701 struct mbuf **mp = &opts; 702 703 while (*mp) 704 mp = &(*mp)->m_next; 705 *mp = sbcreatecontrol((caddr_t)&ipsecflowinfo, 706 sizeof(u_int32_t), IP_IPSECFLOWINFO, IPPROTO_IP); 707 } 708 #endif 709 #ifdef PIPEX 710 if (pipex_enable && inp->inp_pipex) { 711 struct pipex_session *session; 712 int off = iphlen + sizeof(struct udphdr); 713 if ((session = pipex_l2tp_lookup_session(m, off)) != NULL) { 714 if ((m = pipex_l2tp_input(m, off, session, 715 ipsecflowinfo)) == NULL) 716 return; /* the packet is handled by PIPEX */ 717 } 718 } 719 #endif 720 721 iphlen += sizeof(struct udphdr); 722 m_adj(m, iphlen); 723 if (sbappendaddr(&inp->inp_socket->so_rcv, &srcsa.sa, m, opts) == 0) { 724 udpstat.udps_fullsock++; 725 goto bad; 726 } 727 sorwakeup(inp->inp_socket); 728 return; 729 bad: 730 m_freem(m); 731 if (opts) 732 m_freem(opts); 733 } 734 735 /* 736 * Notify a udp user of an asynchronous error; 737 * just wake up so that he can collect error status. 738 */ 739 void 740 udp_notify(struct inpcb *inp, int errno) 741 { 742 inp->inp_socket->so_error = errno; 743 sorwakeup(inp->inp_socket); 744 sowwakeup(inp->inp_socket); 745 } 746 747 #ifdef INET6 748 void 749 udp6_ctlinput(int cmd, struct sockaddr *sa, void *d) 750 { 751 struct udphdr uh; 752 struct sockaddr_in6 sa6; 753 struct ip6_hdr *ip6; 754 struct mbuf *m; 755 int off; 756 void *cmdarg; 757 struct ip6ctlparam *ip6cp = NULL; 758 struct udp_portonly { 759 u_int16_t uh_sport; 760 u_int16_t uh_dport; 761 } *uhp; 762 void (*notify)(struct inpcb *, int) = udp_notify; 763 764 if (sa == NULL) 765 return; 766 if (sa->sa_family != AF_INET6 || 767 sa->sa_len != sizeof(struct sockaddr_in6)) 768 return; 769 770 if ((unsigned)cmd >= PRC_NCMDS) 771 return; 772 if (PRC_IS_REDIRECT(cmd)) 773 notify = in_rtchange, d = NULL; 774 else if (cmd == PRC_HOSTDEAD) 775 d = NULL; 776 else if (cmd == PRC_MSGSIZE) 777 ; /* special code is present, see below */ 778 else if (inet6ctlerrmap[cmd] == 0) 779 return; 780 781 /* if the parameter is from icmp6, decode it. */ 782 if (d != NULL) { 783 ip6cp = (struct ip6ctlparam *)d; 784 m = ip6cp->ip6c_m; 785 ip6 = ip6cp->ip6c_ip6; 786 off = ip6cp->ip6c_off; 787 cmdarg = ip6cp->ip6c_cmdarg; 788 } else { 789 m = NULL; 790 ip6 = NULL; 791 cmdarg = NULL; 792 /* XXX: translate addresses into internal form */ 793 sa6 = *(struct sockaddr_in6 *)sa; 794 #ifndef SCOPEDROUTING 795 if (in6_embedscope(&sa6.sin6_addr, &sa6, NULL, NULL)) { 796 /* should be impossible */ 797 return; 798 } 799 #endif 800 } 801 802 if (ip6cp && ip6cp->ip6c_finaldst) { 803 bzero(&sa6, sizeof(sa6)); 804 sa6.sin6_family = AF_INET6; 805 sa6.sin6_len = sizeof(sa6); 806 sa6.sin6_addr = *ip6cp->ip6c_finaldst; 807 /* XXX: assuming M is valid in this case */ 808 sa6.sin6_scope_id = in6_addr2scopeid(m->m_pkthdr.rcvif, 809 ip6cp->ip6c_finaldst); 810 #ifndef SCOPEDROUTING 811 if (in6_embedscope(ip6cp->ip6c_finaldst, &sa6, NULL, NULL)) { 812 /* should be impossible */ 813 return; 814 } 815 #endif 816 } else { 817 /* XXX: translate addresses into internal form */ 818 sa6 = *(struct sockaddr_in6 *)sa; 819 #ifndef SCOPEDROUTING 820 if (in6_embedscope(&sa6.sin6_addr, &sa6, NULL, NULL)) { 821 /* should be impossible */ 822 return; 823 } 824 #endif 825 } 826 827 if (ip6) { 828 /* 829 * XXX: We assume that when IPV6 is non NULL, 830 * M and OFF are valid. 831 */ 832 struct sockaddr_in6 sa6_src; 833 834 /* check if we can safely examine src and dst ports */ 835 if (m->m_pkthdr.len < off + sizeof(*uhp)) 836 return; 837 838 bzero(&uh, sizeof(uh)); 839 m_copydata(m, off, sizeof(*uhp), (caddr_t)&uh); 840 841 bzero(&sa6_src, sizeof(sa6_src)); 842 sa6_src.sin6_family = AF_INET6; 843 sa6_src.sin6_len = sizeof(sa6_src); 844 sa6_src.sin6_addr = ip6->ip6_src; 845 sa6_src.sin6_scope_id = in6_addr2scopeid(m->m_pkthdr.rcvif, 846 &ip6->ip6_src); 847 #ifndef SCOPEDROUTING 848 if (in6_embedscope(&sa6_src.sin6_addr, &sa6_src, NULL, NULL)) { 849 /* should be impossible */ 850 return; 851 } 852 #endif 853 854 if (cmd == PRC_MSGSIZE) { 855 int valid = 0; 856 857 /* 858 * Check to see if we have a valid UDP socket 859 * corresponding to the address in the ICMPv6 message 860 * payload. 861 */ 862 if (in6_pcbhashlookup(&udbtable, &sa6.sin6_addr, 863 uh.uh_dport, &sa6_src.sin6_addr, uh.uh_sport)) 864 valid = 1; 865 #if 0 866 /* 867 * As the use of sendto(2) is fairly popular, 868 * we may want to allow non-connected pcb too. 869 * But it could be too weak against attacks... 870 * We should at least check if the local address (= s) 871 * is really ours. 872 */ 873 else if (in6_pcblookup_listen(&udbtable, 874 &sa6_src.sin6_addr, uh.uh_sport, 0); 875 valid = 1; 876 #endif 877 878 /* 879 * Depending on the value of "valid" and routing table 880 * size (mtudisc_{hi,lo}wat), we will: 881 * - recalculate the new MTU and create the 882 * corresponding routing entry, or 883 * - ignore the MTU change notification. 884 */ 885 icmp6_mtudisc_update((struct ip6ctlparam *)d, valid); 886 887 /* 888 * regardless of if we called icmp6_mtudisc_update(), 889 * we need to call in6_pcbnotify(), to notify path 890 * MTU change to the userland (2292bis-02), because 891 * some unconnected sockets may share the same 892 * destination and want to know the path MTU. 893 */ 894 } 895 896 (void) in6_pcbnotify(&udbtable, (struct sockaddr *)&sa6, 897 uh.uh_dport, (struct sockaddr *)&sa6_src, 898 uh.uh_sport, cmd, cmdarg, notify); 899 } else { 900 (void) in6_pcbnotify(&udbtable, (struct sockaddr *)&sa6, 0, 901 (struct sockaddr *)&sa6_any, 0, cmd, cmdarg, notify); 902 } 903 } 904 #endif 905 906 void * 907 udp_ctlinput(int cmd, struct sockaddr *sa, u_int rdomain, void *v) 908 { 909 struct ip *ip = v; 910 struct udphdr *uhp; 911 struct in_addr faddr; 912 struct inpcb *inp; 913 extern int inetctlerrmap[]; 914 void (*notify)(struct inpcb *, int) = udp_notify; 915 int errno; 916 917 if (sa == NULL) 918 return NULL; 919 if (sa->sa_family != AF_INET || 920 sa->sa_len != sizeof(struct sockaddr_in)) 921 return NULL; 922 faddr = satosin(sa)->sin_addr; 923 if (faddr.s_addr == INADDR_ANY) 924 return NULL; 925 926 if ((unsigned)cmd >= PRC_NCMDS) 927 return NULL; 928 errno = inetctlerrmap[cmd]; 929 if (PRC_IS_REDIRECT(cmd)) 930 notify = in_rtchange, ip = 0; 931 else if (cmd == PRC_HOSTDEAD) 932 ip = 0; 933 else if (errno == 0) 934 return NULL; 935 if (ip) { 936 uhp = (struct udphdr *)((caddr_t)ip + (ip->ip_hl << 2)); 937 938 #ifdef IPSEC 939 /* PMTU discovery for udpencap */ 940 if (cmd == PRC_MSGSIZE && ip_mtudisc && udpencap_enable && 941 udpencap_port && uhp->uh_sport == htons(udpencap_port)) { 942 udpencap_ctlinput(cmd, sa, rdomain, v); 943 return (NULL); 944 } 945 #endif 946 inp = in_pcbhashlookup(&udbtable, 947 ip->ip_dst, uhp->uh_dport, ip->ip_src, uhp->uh_sport, 948 rdomain); 949 if (inp && inp->inp_socket != NULL) 950 notify(inp, errno); 951 } else 952 in_pcbnotifyall(&udbtable, sa, rdomain, errno, notify); 953 return (NULL); 954 } 955 956 int 957 udp_output(struct mbuf *m, ...) 958 { 959 struct inpcb *inp; 960 struct mbuf *addr, *control; 961 struct udpiphdr *ui; 962 u_int32_t ipsecflowinfo = 0; 963 int len = m->m_pkthdr.len; 964 struct in_addr laddr; 965 int s = 0, error = 0; 966 va_list ap; 967 968 va_start(ap, m); 969 inp = va_arg(ap, struct inpcb *); 970 addr = va_arg(ap, struct mbuf *); 971 control = va_arg(ap, struct mbuf *); 972 va_end(ap); 973 974 #ifdef DIAGNOSTIC 975 if ((inp->inp_flags & INP_IPV6) != 0) 976 panic("IPv6 inpcb to udp_output"); 977 #endif 978 979 /* 980 * Compute the packet length of the IP header, and 981 * punt if the length looks bogus. 982 */ 983 if ((len + sizeof(struct udpiphdr)) > IP_MAXPACKET) { 984 error = EMSGSIZE; 985 goto release; 986 } 987 988 if (addr) { 989 laddr = inp->inp_laddr; 990 if (inp->inp_faddr.s_addr != INADDR_ANY) { 991 error = EISCONN; 992 goto release; 993 } 994 /* 995 * Must block input while temporarily connected. 996 */ 997 s = splsoftnet(); 998 error = in_pcbconnect(inp, addr); 999 if (error) { 1000 splx(s); 1001 goto release; 1002 } 1003 } else { 1004 if (inp->inp_faddr.s_addr == INADDR_ANY) { 1005 error = ENOTCONN; 1006 goto release; 1007 } 1008 } 1009 1010 #ifdef IPSEC 1011 if (control && (inp->inp_flags & INP_IPSECFLOWINFO) != 0) { 1012 u_int clen; 1013 struct cmsghdr *cm; 1014 caddr_t cmsgs; 1015 1016 /* 1017 * XXX: Currently, we assume all the optional information is stored 1018 * in a single mbuf. 1019 */ 1020 if (control->m_next) { 1021 error = EINVAL; 1022 goto bail; 1023 } 1024 1025 clen = control->m_len; 1026 cmsgs = mtod(control, caddr_t); 1027 do { 1028 if (clen < CMSG_LEN(0)) { 1029 error = EINVAL; 1030 goto bail; 1031 } 1032 cm = (struct cmsghdr *)cmsgs; 1033 if (cm->cmsg_len < CMSG_LEN(0) || 1034 CMSG_ALIGN(cm->cmsg_len) > clen) { 1035 error = EINVAL; 1036 goto bail; 1037 } 1038 if (cm->cmsg_len == CMSG_LEN(sizeof(ipsecflowinfo)) && 1039 cm->cmsg_level == IPPROTO_IP && 1040 cm->cmsg_type == IP_IPSECFLOWINFO) { 1041 ipsecflowinfo = *(u_int32_t *)CMSG_DATA(cm); 1042 break; 1043 } 1044 clen -= CMSG_ALIGN(cm->cmsg_len); 1045 cmsgs += CMSG_ALIGN(cm->cmsg_len); 1046 } while (clen); 1047 } 1048 #endif 1049 /* 1050 * Calculate data length and get a mbuf 1051 * for UDP and IP headers. 1052 */ 1053 M_PREPEND(m, sizeof(struct udpiphdr), M_DONTWAIT); 1054 if (m == NULL) { 1055 error = ENOBUFS; 1056 goto bail; 1057 } 1058 1059 /* 1060 * Fill in mbuf with extended UDP header 1061 * and addresses and length put into network format. 1062 */ 1063 ui = mtod(m, struct udpiphdr *); 1064 bzero(ui->ui_x1, sizeof ui->ui_x1); 1065 ui->ui_pr = IPPROTO_UDP; 1066 ui->ui_len = htons((u_int16_t)len + sizeof (struct udphdr)); 1067 ui->ui_src = inp->inp_laddr; 1068 ui->ui_dst = inp->inp_faddr; 1069 ui->ui_sport = inp->inp_lport; 1070 ui->ui_dport = inp->inp_fport; 1071 ui->ui_ulen = ui->ui_len; 1072 1073 /* 1074 * Compute the pseudo-header checksum; defer further checksumming 1075 * until ip_output() or hardware (if it exists). 1076 */ 1077 if (udpcksum) { 1078 m->m_pkthdr.csum_flags |= M_UDP_CSUM_OUT; 1079 ui->ui_sum = in_cksum_phdr(ui->ui_src.s_addr, 1080 ui->ui_dst.s_addr, htons((u_int16_t)len + 1081 sizeof (struct udphdr) + IPPROTO_UDP)); 1082 } else 1083 ui->ui_sum = 0; 1084 ((struct ip *)ui)->ip_len = htons(sizeof (struct udpiphdr) + len); 1085 ((struct ip *)ui)->ip_ttl = inp->inp_ip.ip_ttl; 1086 ((struct ip *)ui)->ip_tos = inp->inp_ip.ip_tos; 1087 1088 udpstat.udps_opackets++; 1089 1090 /* force routing domain */ 1091 m->m_pkthdr.rdomain = inp->inp_rtableid; 1092 1093 error = ip_output(m, inp->inp_options, &inp->inp_route, 1094 (inp->inp_socket->so_options & (SO_DONTROUTE | SO_BROADCAST)) 1095 |IP_IPSECFLOW, inp->inp_moptions, inp, ipsecflowinfo); 1096 if (error == EACCES) /* translate pf(4) error for userland */ 1097 error = EHOSTUNREACH; 1098 1099 bail: 1100 if (addr) { 1101 inp->inp_laddr = laddr; 1102 in_pcbdisconnect(inp); 1103 splx(s); 1104 } 1105 if (control) 1106 m_freem(control); 1107 return (error); 1108 1109 release: 1110 m_freem(m); 1111 if (control) 1112 m_freem(control); 1113 return (error); 1114 } 1115 1116 /*ARGSUSED*/ 1117 int 1118 udp_usrreq(struct socket *so, int req, struct mbuf *m, struct mbuf *addr, 1119 struct mbuf *control, struct proc *p) 1120 { 1121 struct inpcb *inp = sotoinpcb(so); 1122 int error = 0; 1123 int s; 1124 1125 if (req == PRU_CONTROL) { 1126 #ifdef INET6 1127 if (inp->inp_flags & INP_IPV6) 1128 return (in6_control(so, (u_long)m, (caddr_t)addr, 1129 (struct ifnet *)control, 0)); 1130 else 1131 #endif /* INET6 */ 1132 return (in_control(so, (u_long)m, (caddr_t)addr, 1133 (struct ifnet *)control)); 1134 } 1135 if (inp == NULL && req != PRU_ATTACH) { 1136 error = EINVAL; 1137 goto release; 1138 } 1139 /* 1140 * Note: need to block udp_input while changing 1141 * the udp pcb queue and/or pcb addresses. 1142 */ 1143 switch (req) { 1144 1145 case PRU_ATTACH: 1146 if (inp != NULL) { 1147 error = EINVAL; 1148 break; 1149 } 1150 s = splsoftnet(); 1151 error = in_pcballoc(so, &udbtable); 1152 splx(s); 1153 if (error) 1154 break; 1155 error = soreserve(so, udp_sendspace, udp_recvspace); 1156 if (error) 1157 break; 1158 #ifdef INET6 1159 if (((struct inpcb *)so->so_pcb)->inp_flags & INP_IPV6) 1160 ((struct inpcb *) so->so_pcb)->inp_ipv6.ip6_hlim = 1161 ip6_defhlim; 1162 else 1163 #endif /* INET6 */ 1164 ((struct inpcb *) so->so_pcb)->inp_ip.ip_ttl = ip_defttl; 1165 break; 1166 1167 case PRU_DETACH: 1168 udp_detach(inp); 1169 break; 1170 1171 case PRU_BIND: 1172 s = splsoftnet(); 1173 #ifdef INET6 1174 if (inp->inp_flags & INP_IPV6) 1175 error = in6_pcbbind(inp, addr, p); 1176 else 1177 #endif 1178 error = in_pcbbind(inp, addr, p); 1179 splx(s); 1180 break; 1181 1182 case PRU_LISTEN: 1183 error = EOPNOTSUPP; 1184 break; 1185 1186 case PRU_CONNECT: 1187 #ifdef INET6 1188 if (inp->inp_flags & INP_IPV6) { 1189 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->inp_faddr6)) { 1190 error = EISCONN; 1191 break; 1192 } 1193 s = splsoftnet(); 1194 error = in6_pcbconnect(inp, addr); 1195 splx(s); 1196 } else 1197 #endif /* INET6 */ 1198 { 1199 if (inp->inp_faddr.s_addr != INADDR_ANY) { 1200 error = EISCONN; 1201 break; 1202 } 1203 s = splsoftnet(); 1204 error = in_pcbconnect(inp, addr); 1205 splx(s); 1206 } 1207 1208 if (error == 0) 1209 soisconnected(so); 1210 break; 1211 1212 case PRU_CONNECT2: 1213 error = EOPNOTSUPP; 1214 break; 1215 1216 case PRU_ACCEPT: 1217 error = EOPNOTSUPP; 1218 break; 1219 1220 case PRU_DISCONNECT: 1221 #ifdef INET6 1222 if (inp->inp_flags & INP_IPV6) { 1223 if (IN6_IS_ADDR_UNSPECIFIED(&inp->inp_faddr6)) { 1224 error = ENOTCONN; 1225 break; 1226 } 1227 } else 1228 #endif /* INET6 */ 1229 { 1230 if (inp->inp_faddr.s_addr == INADDR_ANY) { 1231 error = ENOTCONN; 1232 break; 1233 } 1234 } 1235 1236 s = splsoftnet(); 1237 #ifdef INET6 1238 if (inp->inp_flags & INP_IPV6) 1239 inp->inp_laddr6 = in6addr_any; 1240 else 1241 #endif /* INET6 */ 1242 inp->inp_laddr.s_addr = INADDR_ANY; 1243 in_pcbdisconnect(inp); 1244 1245 splx(s); 1246 so->so_state &= ~SS_ISCONNECTED; /* XXX */ 1247 break; 1248 1249 case PRU_SHUTDOWN: 1250 socantsendmore(so); 1251 break; 1252 1253 case PRU_SEND: 1254 #ifdef PIPEX 1255 if (inp->inp_pipex) { 1256 struct pipex_session *session; 1257 1258 if (addr != NULL) 1259 session = 1260 pipex_l2tp_userland_lookup_session(m, 1261 mtod(addr, struct sockaddr *)); 1262 else 1263 #ifdef INET6 1264 if (inp->inp_flags & INP_IPV6) 1265 session = 1266 pipex_l2tp_userland_lookup_session_ipv6( 1267 m, inp->inp_faddr6); 1268 else 1269 #endif 1270 session = 1271 pipex_l2tp_userland_lookup_session_ipv4( 1272 m, inp->inp_faddr); 1273 if (session != NULL) 1274 if ((m = pipex_l2tp_userland_output( 1275 m, session)) == NULL) { 1276 error = ENOMEM; 1277 goto release; 1278 } 1279 } 1280 #endif 1281 1282 #ifdef INET6 1283 if (inp->inp_flags & INP_IPV6) 1284 return (udp6_output(inp, m, addr, control)); 1285 else 1286 return (udp_output(m, inp, addr, control)); 1287 #else 1288 return (udp_output(m, inp, addr, control)); 1289 #endif 1290 1291 case PRU_ABORT: 1292 soisdisconnected(so); 1293 udp_detach(inp); 1294 break; 1295 1296 case PRU_SOCKADDR: 1297 #ifdef INET6 1298 if (inp->inp_flags & INP_IPV6) 1299 in6_setsockaddr(inp, addr); 1300 else 1301 #endif /* INET6 */ 1302 in_setsockaddr(inp, addr); 1303 break; 1304 1305 case PRU_PEERADDR: 1306 #ifdef INET6 1307 if (inp->inp_flags & INP_IPV6) 1308 in6_setpeeraddr(inp, addr); 1309 else 1310 #endif /* INET6 */ 1311 in_setpeeraddr(inp, addr); 1312 break; 1313 1314 case PRU_SENSE: 1315 /* 1316 * stat: don't bother with a blocksize. 1317 */ 1318 /* 1319 * Perhaps Path MTU might be returned for a connected 1320 * UDP socket in this case. 1321 */ 1322 return (0); 1323 1324 case PRU_SENDOOB: 1325 case PRU_FASTTIMO: 1326 case PRU_SLOWTIMO: 1327 case PRU_PROTORCV: 1328 case PRU_PROTOSEND: 1329 error = EOPNOTSUPP; 1330 break; 1331 1332 case PRU_RCVD: 1333 case PRU_RCVOOB: 1334 return (EOPNOTSUPP); /* do not free mbuf's */ 1335 1336 default: 1337 panic("udp_usrreq"); 1338 } 1339 1340 release: 1341 if (control) { 1342 m_freem(control); 1343 } 1344 if (m) 1345 m_freem(m); 1346 return (error); 1347 } 1348 1349 void 1350 udp_detach(struct inpcb *inp) 1351 { 1352 int s = splsoftnet(); 1353 1354 in_pcbdetach(inp); 1355 splx(s); 1356 } 1357 1358 /* 1359 * Sysctl for udp variables. 1360 */ 1361 int 1362 udp_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp, 1363 size_t newlen) 1364 { 1365 /* All sysctl names at this level are terminal. */ 1366 if (namelen != 1) 1367 return (ENOTDIR); 1368 1369 switch (name[0]) { 1370 case UDPCTL_BADDYNAMIC: 1371 return (sysctl_struct(oldp, oldlenp, newp, newlen, 1372 baddynamicports.udp, sizeof(baddynamicports.udp))); 1373 1374 case UDPCTL_STATS: 1375 if (newp != NULL) 1376 return (EPERM); 1377 return (sysctl_struct(oldp, oldlenp, newp, newlen, 1378 &udpstat, sizeof(udpstat))); 1379 1380 default: 1381 if (name[0] < UDPCTL_MAXID) 1382 return (sysctl_int_arr(udpctl_vars, name, namelen, 1383 oldp, oldlenp, newp, newlen)); 1384 return (ENOPROTOOPT); 1385 } 1386 /* NOTREACHED */ 1387 } 1388