1 /* $OpenBSD: udp_usrreq.c,v 1.191 2014/11/09 22:05:08 bluhm Exp $ */ 2 /* $NetBSD: udp_usrreq.c,v 1.28 1996/03/16 23:54:03 christos Exp $ */ 3 4 /* 5 * Copyright (c) 1982, 1986, 1988, 1990, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * @(#)COPYRIGHT 1.1 (NRL) 17 January 1995 33 * 34 * NRL grants permission for redistribution and use in source and binary 35 * forms, with or without modification, of the software and documentation 36 * created at NRL provided that the following conditions are met: 37 * 38 * 1. Redistributions of source code must retain the above copyright 39 * notice, this list of conditions and the following disclaimer. 40 * 2. Redistributions in binary form must reproduce the above copyright 41 * notice, this list of conditions and the following disclaimer in the 42 * documentation and/or other materials provided with the distribution. 43 * 3. All advertising materials mentioning features or use of this software 44 * must display the following acknowledgements: 45 * This product includes software developed by the University of 46 * California, Berkeley and its contributors. 47 * This product includes software developed at the Information 48 * Technology Division, US Naval Research Laboratory. 49 * 4. Neither the name of the NRL nor the names of its contributors 50 * may be used to endorse or promote products derived from this software 51 * without specific prior written permission. 52 * 53 * THE SOFTWARE PROVIDED BY NRL IS PROVIDED BY NRL AND CONTRIBUTORS ``AS 54 * IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 55 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A 56 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL NRL OR 57 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 58 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 59 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 60 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 61 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 62 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 63 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 64 * 65 * The views and conclusions contained in the software and documentation 66 * are those of the authors and should not be interpreted as representing 67 * official policies, either expressed or implied, of the US Naval 68 * Research Laboratory (NRL). 69 */ 70 71 #include <sys/param.h> 72 #include <sys/systm.h> 73 #include <sys/mbuf.h> 74 #include <sys/protosw.h> 75 #include <sys/socket.h> 76 #include <sys/socketvar.h> 77 #include <sys/sysctl.h> 78 79 #include <net/if.h> 80 #include <net/if_media.h> 81 #include <net/route.h> 82 83 #include <netinet/in.h> 84 #include <netinet/in_var.h> 85 #include <netinet/ip.h> 86 #include <netinet/in_pcb.h> 87 #include <netinet/ip_var.h> 88 #include <netinet/ip_icmp.h> 89 #include <netinet/udp.h> 90 #include <netinet/udp_var.h> 91 92 #ifdef IPSEC 93 #include <netinet/ip_ipsp.h> 94 #include <netinet/ip_esp.h> 95 #endif 96 97 #ifdef INET6 98 #ifndef INET 99 #include <netinet/in.h> 100 #endif 101 #include <netinet6/in6_var.h> 102 #include <netinet6/ip6_var.h> 103 #include <netinet6/ip6protosw.h> 104 #endif /* INET6 */ 105 106 #include "pf.h" 107 #if NPF > 0 108 #include <net/pfvar.h> 109 #endif 110 111 #ifdef PIPEX 112 #include <netinet/if_ether.h> 113 #include <net/pipex.h> 114 #endif 115 116 #include "vxlan.h" 117 #if NVXLAN > 0 118 #include <net/if_vxlan.h> 119 #endif 120 121 /* 122 * UDP protocol implementation. 123 * Per RFC 768, August, 1980. 124 */ 125 int udpcksum = 1; 126 127 u_int udp_sendspace = 9216; /* really max datagram size */ 128 u_int udp_recvspace = 40 * (1024 + sizeof(struct sockaddr_in)); 129 /* 40 1K datagrams */ 130 131 int *udpctl_vars[UDPCTL_MAXID] = UDPCTL_VARS; 132 133 struct inpcbtable udbtable; 134 struct udpstat udpstat; 135 136 int udp_output(struct inpcb *, struct mbuf *, struct mbuf *, struct mbuf *); 137 void udp_detach(struct inpcb *); 138 void udp_notify(struct inpcb *, int); 139 140 #ifndef UDB_INITIAL_HASH_SIZE 141 #define UDB_INITIAL_HASH_SIZE 128 142 #endif 143 144 void 145 udp_init() 146 { 147 in_pcbinit(&udbtable, UDB_INITIAL_HASH_SIZE); 148 } 149 150 #ifdef INET6 151 int 152 udp6_input(struct mbuf **mp, int *offp, int proto) 153 { 154 struct mbuf *m = *mp; 155 156 udp_input(m, *offp, proto); 157 return IPPROTO_DONE; 158 } 159 #endif 160 161 void 162 udp_input(struct mbuf *m, ...) 163 { 164 struct ip *ip; 165 struct udphdr *uh; 166 struct inpcb *inp = NULL; 167 struct mbuf *opts = NULL; 168 struct ip save_ip; 169 int iphlen, len; 170 va_list ap; 171 u_int16_t savesum; 172 union { 173 struct sockaddr sa; 174 struct sockaddr_in sin; 175 #ifdef INET6 176 struct sockaddr_in6 sin6; 177 #endif /* INET6 */ 178 } srcsa, dstsa; 179 #ifdef INET6 180 struct ip6_hdr *ip6; 181 #endif /* INET6 */ 182 #ifdef IPSEC 183 struct m_tag *mtag; 184 struct tdb_ident *tdbi; 185 struct tdb *tdb; 186 int error; 187 u_int32_t ipsecflowinfo = 0; 188 #endif /* IPSEC */ 189 190 va_start(ap, m); 191 iphlen = va_arg(ap, int); 192 va_end(ap); 193 194 udpstat.udps_ipackets++; 195 196 switch (mtod(m, struct ip *)->ip_v) { 197 case 4: 198 ip = mtod(m, struct ip *); 199 #ifdef INET6 200 ip6 = NULL; 201 #endif /* INET6 */ 202 srcsa.sa.sa_family = AF_INET; 203 break; 204 #ifdef INET6 205 case 6: 206 ip = NULL; 207 ip6 = mtod(m, struct ip6_hdr *); 208 srcsa.sa.sa_family = AF_INET6; 209 break; 210 #endif /* INET6 */ 211 default: 212 goto bad; 213 } 214 215 IP6_EXTHDR_GET(uh, struct udphdr *, m, iphlen, sizeof(struct udphdr)); 216 if (!uh) { 217 udpstat.udps_hdrops++; 218 return; 219 } 220 221 /* Check for illegal destination port 0 */ 222 if (uh->uh_dport == 0) { 223 udpstat.udps_noport++; 224 goto bad; 225 } 226 227 /* 228 * Make mbuf data length reflect UDP length. 229 * If not enough data to reflect UDP length, drop. 230 */ 231 len = ntohs((u_int16_t)uh->uh_ulen); 232 if (ip) { 233 if (m->m_pkthdr.len - iphlen != len) { 234 if (len > (m->m_pkthdr.len - iphlen) || 235 len < sizeof(struct udphdr)) { 236 udpstat.udps_badlen++; 237 goto bad; 238 } 239 m_adj(m, len - (m->m_pkthdr.len - iphlen)); 240 } 241 } 242 #ifdef INET6 243 else if (ip6) { 244 /* jumbograms */ 245 if (len == 0 && m->m_pkthdr.len - iphlen > 0xffff) 246 len = m->m_pkthdr.len - iphlen; 247 if (len != m->m_pkthdr.len - iphlen) { 248 udpstat.udps_badlen++; 249 goto bad; 250 } 251 } 252 #endif 253 else /* shouldn't happen */ 254 goto bad; 255 256 /* 257 * Save a copy of the IP header in case we want restore it 258 * for sending an ICMP error message in response. 259 */ 260 if (ip) 261 save_ip = *ip; 262 263 #ifdef INET6 264 if (ip6) { 265 /* Be proactive about malicious use of IPv4 mapped address */ 266 if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) || 267 IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) { 268 /* XXX stat */ 269 goto bad; 270 } 271 } 272 #endif /* INET6 */ 273 274 /* 275 * Checksum extended UDP header and data. 276 * from W.R.Stevens: check incoming udp cksums even if 277 * udpcksum is not set. 278 */ 279 savesum = uh->uh_sum; 280 if (uh->uh_sum == 0) { 281 udpstat.udps_nosum++; 282 #ifdef INET6 283 /* 284 * In IPv6, the UDP checksum is ALWAYS used. 285 */ 286 if (ip6) 287 goto bad; 288 #endif /* INET6 */ 289 } else { 290 if ((m->m_pkthdr.csum_flags & M_UDP_CSUM_IN_OK) == 0) { 291 if (m->m_pkthdr.csum_flags & M_UDP_CSUM_IN_BAD) { 292 udpstat.udps_badsum++; 293 goto bad; 294 } 295 udpstat.udps_inswcsum++; 296 297 if (ip) 298 uh->uh_sum = in4_cksum(m, IPPROTO_UDP, 299 iphlen, len); 300 #ifdef INET6 301 else if (ip6) 302 uh->uh_sum = in6_cksum(m, IPPROTO_UDP, 303 iphlen, len); 304 #endif /* INET6 */ 305 if (uh->uh_sum != 0) { 306 udpstat.udps_badsum++; 307 goto bad; 308 } 309 } 310 } 311 312 #ifdef IPSEC 313 if (udpencap_enable && udpencap_port && 314 #if NPF > 0 315 !(m->m_pkthdr.pf.flags & PF_TAG_DIVERTED) && 316 #endif 317 uh->uh_dport == htons(udpencap_port)) { 318 u_int32_t spi; 319 int skip = iphlen + sizeof(struct udphdr); 320 321 if (m->m_pkthdr.len - skip < sizeof(u_int32_t)) { 322 /* packet too short */ 323 m_freem(m); 324 return; 325 } 326 m_copydata(m, skip, sizeof(u_int32_t), (caddr_t) &spi); 327 /* 328 * decapsulate if the SPI is not zero, otherwise pass 329 * to userland 330 */ 331 if (spi != 0) { 332 if ((m = m_pullup(m, skip)) == NULL) { 333 udpstat.udps_hdrops++; 334 return; 335 } 336 337 /* remove the UDP header */ 338 bcopy(mtod(m, u_char *), 339 mtod(m, u_char *) + sizeof(struct udphdr), iphlen); 340 m_adj(m, sizeof(struct udphdr)); 341 skip -= sizeof(struct udphdr); 342 343 espstat.esps_udpencin++; 344 ipsec_common_input(m, skip, offsetof(struct ip, ip_p), 345 srcsa.sa.sa_family, IPPROTO_ESP, 1); 346 return; 347 } 348 } 349 #endif 350 351 switch (srcsa.sa.sa_family) { 352 case AF_INET: 353 bzero(&srcsa, sizeof(struct sockaddr_in)); 354 srcsa.sin.sin_len = sizeof(struct sockaddr_in); 355 srcsa.sin.sin_family = AF_INET; 356 srcsa.sin.sin_port = uh->uh_sport; 357 srcsa.sin.sin_addr = ip->ip_src; 358 359 bzero(&dstsa, sizeof(struct sockaddr_in)); 360 dstsa.sin.sin_len = sizeof(struct sockaddr_in); 361 dstsa.sin.sin_family = AF_INET; 362 dstsa.sin.sin_port = uh->uh_dport; 363 dstsa.sin.sin_addr = ip->ip_dst; 364 break; 365 #ifdef INET6 366 case AF_INET6: 367 bzero(&srcsa, sizeof(struct sockaddr_in6)); 368 srcsa.sin6.sin6_len = sizeof(struct sockaddr_in6); 369 srcsa.sin6.sin6_family = AF_INET6; 370 srcsa.sin6.sin6_port = uh->uh_sport; 371 #if 0 /*XXX inbound flowinfo */ 372 srcsa.sin6.sin6_flowinfo = htonl(0x0fffffff) & ip6->ip6_flow; 373 #endif 374 /* KAME hack: recover scopeid */ 375 (void)in6_recoverscope(&srcsa.sin6, &ip6->ip6_src, 376 m->m_pkthdr.rcvif); 377 378 bzero(&dstsa, sizeof(struct sockaddr_in6)); 379 dstsa.sin6.sin6_len = sizeof(struct sockaddr_in6); 380 dstsa.sin6.sin6_family = AF_INET6; 381 dstsa.sin6.sin6_port = uh->uh_dport; 382 /* KAME hack: recover scopeid */ 383 (void)in6_recoverscope(&dstsa.sin6, &ip6->ip6_dst, 384 m->m_pkthdr.rcvif); 385 break; 386 #endif /* INET6 */ 387 } 388 389 #if NVXLAN > 0 390 if (vxlan_enable > 0 && 391 #if NPF > 0 392 !(m->m_pkthdr.pf.flags & PF_TAG_DIVERTED) && 393 #endif 394 (error = vxlan_lookup(m, uh, iphlen, &srcsa.sa)) != 0) { 395 if (error == -1) { 396 udpstat.udps_hdrops++; 397 m_freem(m); 398 } 399 return; 400 } 401 #endif 402 403 #ifdef INET6 404 if ((ip6 && IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) || 405 (ip && IN_MULTICAST(ip->ip_dst.s_addr)) || 406 (ip && in_broadcast(ip->ip_dst, m->m_pkthdr.rcvif, 407 m->m_pkthdr.ph_rtableid))) { 408 #else /* INET6 */ 409 if (IN_MULTICAST(ip->ip_dst.s_addr) || 410 in_broadcast(ip->ip_dst, m->m_pkthdr.rcvif, 411 m->m_pkthdr.ph_rtableid)) { 412 #endif /* INET6 */ 413 struct inpcb *last; 414 /* 415 * Deliver a multicast or broadcast datagram to *all* sockets 416 * for which the local and remote addresses and ports match 417 * those of the incoming datagram. This allows more than 418 * one process to receive multi/broadcasts on the same port. 419 * (This really ought to be done for unicast datagrams as 420 * well, but that would cause problems with existing 421 * applications that open both address-specific sockets and 422 * a wildcard socket listening to the same port -- they would 423 * end up receiving duplicates of every unicast datagram. 424 * Those applications open the multiple sockets to overcome an 425 * inadequacy of the UDP socket interface, but for backwards 426 * compatibility we avoid the problem here rather than 427 * fixing the interface. Maybe 4.5BSD will remedy this?) 428 */ 429 430 iphlen += sizeof(struct udphdr); 431 432 /* 433 * Locate pcb(s) for datagram. 434 * (Algorithm copied from raw_intr().) 435 */ 436 last = NULL; 437 TAILQ_FOREACH(inp, &udbtable.inpt_queue, inp_queue) { 438 if (inp->inp_socket->so_state & SS_CANTRCVMORE) 439 continue; 440 #ifdef INET6 441 /* don't accept it if AF does not match */ 442 if (ip6 && !(inp->inp_flags & INP_IPV6)) 443 continue; 444 if (!ip6 && (inp->inp_flags & INP_IPV6)) 445 continue; 446 #endif 447 if (rtable_l2(inp->inp_rtableid) != 448 rtable_l2(m->m_pkthdr.ph_rtableid)) 449 continue; 450 if (inp->inp_lport != uh->uh_dport) 451 continue; 452 #ifdef INET6 453 if (ip6) { 454 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6)) 455 if (!IN6_ARE_ADDR_EQUAL(&inp->inp_laddr6, 456 &ip6->ip6_dst)) 457 continue; 458 } else 459 #endif /* INET6 */ 460 if (inp->inp_laddr.s_addr != INADDR_ANY) { 461 if (inp->inp_laddr.s_addr != ip->ip_dst.s_addr) 462 continue; 463 } 464 #ifdef INET6 465 if (ip6) { 466 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->inp_faddr6)) 467 if (!IN6_ARE_ADDR_EQUAL(&inp->inp_faddr6, 468 &ip6->ip6_src) || 469 inp->inp_fport != uh->uh_sport) 470 continue; 471 } else 472 #endif /* INET6 */ 473 if (inp->inp_faddr.s_addr != INADDR_ANY) { 474 if (inp->inp_faddr.s_addr != 475 ip->ip_src.s_addr || 476 inp->inp_fport != uh->uh_sport) 477 continue; 478 } 479 480 if (last != NULL) { 481 struct mbuf *n; 482 483 if ((n = m_copy(m, 0, M_COPYALL)) != NULL) { 484 #ifdef INET6 485 if (ip6 && (last->inp_flags & 486 IN6P_CONTROLOPTS || 487 last->inp_socket->so_options & 488 SO_TIMESTAMP)) 489 ip6_savecontrol(last, n, &opts); 490 #endif /* INET6 */ 491 if (ip && (last->inp_flags & 492 INP_CONTROLOPTS || 493 last->inp_socket->so_options & 494 SO_TIMESTAMP)) 495 ip_savecontrol(last, &opts, 496 ip, n); 497 498 m_adj(n, iphlen); 499 if (sbappendaddr( 500 &last->inp_socket->so_rcv, 501 &srcsa.sa, n, opts) == 0) { 502 m_freem(n); 503 if (opts) 504 m_freem(opts); 505 udpstat.udps_fullsock++; 506 } else 507 sorwakeup(last->inp_socket); 508 opts = NULL; 509 } 510 } 511 last = inp; 512 /* 513 * Don't look for additional matches if this one does 514 * not have either the SO_REUSEPORT or SO_REUSEADDR 515 * socket options set. This heuristic avoids searching 516 * through all pcbs in the common case of a non-shared 517 * port. It assumes that an application will never 518 * clear these options after setting them. 519 */ 520 if ((last->inp_socket->so_options & (SO_REUSEPORT | 521 SO_REUSEADDR)) == 0) 522 break; 523 } 524 525 if (last == NULL) { 526 /* 527 * No matching pcb found; discard datagram. 528 * (No need to send an ICMP Port Unreachable 529 * for a broadcast or multicast datgram.) 530 */ 531 udpstat.udps_noportbcast++; 532 goto bad; 533 } 534 535 #ifdef INET6 536 if (ip6 && (last->inp_flags & IN6P_CONTROLOPTS || 537 last->inp_socket->so_options & SO_TIMESTAMP)) 538 ip6_savecontrol(last, m, &opts); 539 #endif /* INET6 */ 540 if (ip && (last->inp_flags & INP_CONTROLOPTS || 541 last->inp_socket->so_options & SO_TIMESTAMP)) 542 ip_savecontrol(last, &opts, ip, m); 543 544 m_adj(m, iphlen); 545 if (sbappendaddr(&last->inp_socket->so_rcv, 546 &srcsa.sa, m, opts) == 0) { 547 udpstat.udps_fullsock++; 548 goto bad; 549 } 550 sorwakeup(last->inp_socket); 551 return; 552 } 553 /* 554 * Locate pcb for datagram. 555 */ 556 #if 0 557 if (m->m_pkthdr.pf.statekey) { 558 inp = m->m_pkthdr.pf.statekey->inp; 559 if (inp && inp->inp_pf_sk) 560 KASSERT(m->m_pkthdr.pf.statekey == inp->inp_pf_sk); 561 } 562 #endif 563 if (inp == NULL) { 564 #ifdef INET6 565 if (ip6) 566 inp = in6_pcbhashlookup(&udbtable, &ip6->ip6_src, 567 uh->uh_sport, &ip6->ip6_dst, uh->uh_dport, 568 m->m_pkthdr.ph_rtableid); 569 else 570 #endif /* INET6 */ 571 inp = in_pcbhashlookup(&udbtable, ip->ip_src, uh->uh_sport, 572 ip->ip_dst, uh->uh_dport, m->m_pkthdr.ph_rtableid); 573 #if NPF > 0 574 if (m->m_pkthdr.pf.statekey && inp) { 575 m->m_pkthdr.pf.statekey->inp = inp; 576 inp->inp_pf_sk = m->m_pkthdr.pf.statekey; 577 } 578 #endif 579 } 580 if (inp == 0) { 581 int inpl_reverse = 0; 582 if (m->m_pkthdr.pf.flags & PF_TAG_TRANSLATE_LOCALHOST) 583 inpl_reverse = 1; 584 ++udpstat.udps_pcbhashmiss; 585 #ifdef INET6 586 if (ip6) { 587 inp = in6_pcblookup_listen(&udbtable, 588 &ip6->ip6_dst, uh->uh_dport, inpl_reverse, m, 589 m->m_pkthdr.ph_rtableid); 590 } else 591 #endif /* INET6 */ 592 inp = in_pcblookup_listen(&udbtable, 593 ip->ip_dst, uh->uh_dport, inpl_reverse, m, 594 m->m_pkthdr.ph_rtableid); 595 if (inp == 0) { 596 udpstat.udps_noport++; 597 if (m->m_flags & (M_BCAST | M_MCAST)) { 598 udpstat.udps_noportbcast++; 599 goto bad; 600 } 601 #ifdef INET6 602 if (ip6) { 603 uh->uh_sum = savesum; 604 icmp6_error(m, ICMP6_DST_UNREACH, 605 ICMP6_DST_UNREACH_NOPORT,0); 606 } else 607 #endif /* INET6 */ 608 { 609 *ip = save_ip; 610 uh->uh_sum = savesum; 611 icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_PORT, 612 0, 0); 613 } 614 return; 615 } 616 } 617 KASSERT(sotoinpcb(inp->inp_socket) == inp); 618 619 #if NPF > 0 620 if (m->m_pkthdr.pf.statekey && !m->m_pkthdr.pf.statekey->inp && 621 !inp->inp_pf_sk && (inp->inp_socket->so_state & SS_ISCONNECTED)) { 622 m->m_pkthdr.pf.statekey->inp = inp; 623 inp->inp_pf_sk = m->m_pkthdr.pf.statekey; 624 } 625 /* The statekey has finished finding the inp, it is no longer needed. */ 626 m->m_pkthdr.pf.statekey = NULL; 627 #endif 628 629 #ifdef IPSEC 630 mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL); 631 if (mtag != NULL) { 632 tdbi = (struct tdb_ident *)(mtag + 1); 633 tdb = gettdb(tdbi->rdomain, tdbi->spi, 634 &tdbi->dst, tdbi->proto); 635 } else 636 tdb = NULL; 637 ipsp_spd_lookup(m, srcsa.sa.sa_family, iphlen, &error, 638 IPSP_DIRECTION_IN, tdb, inp, 0); 639 if (error) { 640 udpstat.udps_nosec++; 641 goto bad; 642 } 643 644 /* Latch SA only if the socket is connected */ 645 if (inp->inp_tdb_in != tdb && 646 (inp->inp_socket->so_state & SS_ISCONNECTED)) { 647 if (tdb) { 648 tdb_add_inp(tdb, inp, 1); 649 if (inp->inp_ipo == NULL) { 650 inp->inp_ipo = ipsec_add_policy(inp, 651 srcsa.sa.sa_family, IPSP_DIRECTION_OUT); 652 if (inp->inp_ipo == NULL) { 653 goto bad; 654 } 655 } 656 if (inp->inp_ipo->ipo_dstid == NULL && 657 tdb->tdb_srcid != NULL) { 658 inp->inp_ipo->ipo_dstid = tdb->tdb_srcid; 659 tdb->tdb_srcid->ref_count++; 660 } 661 if (inp->inp_ipsec_remotecred == NULL && 662 tdb->tdb_remote_cred != NULL) { 663 inp->inp_ipsec_remotecred = 664 tdb->tdb_remote_cred; 665 tdb->tdb_remote_cred->ref_count++; 666 } 667 if (inp->inp_ipsec_remoteauth == NULL && 668 tdb->tdb_remote_auth != NULL) { 669 inp->inp_ipsec_remoteauth = 670 tdb->tdb_remote_auth; 671 tdb->tdb_remote_auth->ref_count++; 672 } 673 } else { /* Just reset */ 674 TAILQ_REMOVE(&inp->inp_tdb_in->tdb_inp_in, inp, 675 inp_tdb_in_next); 676 inp->inp_tdb_in = NULL; 677 } 678 } 679 /* create ipsec options while we know that tdb cannot be modified */ 680 if (tdb) 681 ipsecflowinfo = tdb->tdb_spi; 682 683 #endif /*IPSEC */ 684 685 opts = NULL; 686 #ifdef INET6 687 if (ip6 && (inp->inp_flags & IN6P_CONTROLOPTS || 688 inp->inp_socket->so_options & SO_TIMESTAMP)) 689 ip6_savecontrol(inp, m, &opts); 690 #endif /* INET6 */ 691 if (ip && (inp->inp_flags & INP_CONTROLOPTS || 692 inp->inp_socket->so_options & SO_TIMESTAMP)) 693 ip_savecontrol(inp, &opts, ip, m); 694 #ifdef INET6 695 if (ip6 && (inp->inp_flags & IN6P_RECVDSTPORT)) { 696 struct mbuf **mp = &opts; 697 698 while (*mp) 699 mp = &(*mp)->m_next; 700 *mp = sbcreatecontrol((caddr_t)&uh->uh_dport, sizeof(u_int16_t), 701 IPV6_RECVDSTPORT, IPPROTO_IPV6); 702 } 703 #endif /* INET6 */ 704 if (ip && (inp->inp_flags & INP_RECVDSTPORT)) { 705 struct mbuf **mp = &opts; 706 707 while (*mp) 708 mp = &(*mp)->m_next; 709 *mp = sbcreatecontrol((caddr_t)&uh->uh_dport, sizeof(u_int16_t), 710 IP_RECVDSTPORT, IPPROTO_IP); 711 } 712 #ifdef IPSEC 713 if (ipsecflowinfo && (inp->inp_flags & INP_IPSECFLOWINFO)) { 714 struct mbuf **mp = &opts; 715 716 while (*mp) 717 mp = &(*mp)->m_next; 718 *mp = sbcreatecontrol((caddr_t)&ipsecflowinfo, 719 sizeof(u_int32_t), IP_IPSECFLOWINFO, IPPROTO_IP); 720 } 721 #endif 722 #ifdef PIPEX 723 if (pipex_enable && inp->inp_pipex) { 724 struct pipex_session *session; 725 int off = iphlen + sizeof(struct udphdr); 726 if ((session = pipex_l2tp_lookup_session(m, off)) != NULL) { 727 if ((m = pipex_l2tp_input(m, off, session, 728 ipsecflowinfo)) == NULL) { 729 if (opts) 730 m_freem(opts); 731 return; /* the packet is handled by PIPEX */ 732 } 733 } 734 } 735 #endif 736 737 iphlen += sizeof(struct udphdr); 738 m_adj(m, iphlen); 739 if (sbappendaddr(&inp->inp_socket->so_rcv, &srcsa.sa, m, opts) == 0) { 740 udpstat.udps_fullsock++; 741 goto bad; 742 } 743 sorwakeup(inp->inp_socket); 744 return; 745 bad: 746 m_freem(m); 747 if (opts) 748 m_freem(opts); 749 } 750 751 /* 752 * Notify a udp user of an asynchronous error; 753 * just wake up so that he can collect error status. 754 */ 755 void 756 udp_notify(struct inpcb *inp, int errno) 757 { 758 inp->inp_socket->so_error = errno; 759 sorwakeup(inp->inp_socket); 760 sowwakeup(inp->inp_socket); 761 } 762 763 #ifdef INET6 764 void 765 udp6_ctlinput(int cmd, struct sockaddr *sa, u_int rdomain, void *d) 766 { 767 struct udphdr uh; 768 struct sockaddr_in6 sa6; 769 struct ip6_hdr *ip6; 770 struct mbuf *m; 771 int off; 772 void *cmdarg; 773 struct ip6ctlparam *ip6cp = NULL; 774 struct udp_portonly { 775 u_int16_t uh_sport; 776 u_int16_t uh_dport; 777 } *uhp; 778 void (*notify)(struct inpcb *, int) = udp_notify; 779 780 if (sa == NULL) 781 return; 782 if (sa->sa_family != AF_INET6 || 783 sa->sa_len != sizeof(struct sockaddr_in6)) 784 return; 785 786 if ((unsigned)cmd >= PRC_NCMDS) 787 return; 788 if (PRC_IS_REDIRECT(cmd)) 789 notify = in_rtchange, d = NULL; 790 else if (cmd == PRC_HOSTDEAD) 791 d = NULL; 792 else if (cmd == PRC_MSGSIZE) 793 ; /* special code is present, see below */ 794 else if (inet6ctlerrmap[cmd] == 0) 795 return; 796 797 /* if the parameter is from icmp6, decode it. */ 798 if (d != NULL) { 799 ip6cp = (struct ip6ctlparam *)d; 800 m = ip6cp->ip6c_m; 801 ip6 = ip6cp->ip6c_ip6; 802 off = ip6cp->ip6c_off; 803 cmdarg = ip6cp->ip6c_cmdarg; 804 } else { 805 m = NULL; 806 ip6 = NULL; 807 cmdarg = NULL; 808 /* XXX: translate addresses into internal form */ 809 sa6 = *(struct sockaddr_in6 *)sa; 810 #ifndef SCOPEDROUTING 811 if (in6_embedscope(&sa6.sin6_addr, &sa6, NULL, NULL)) { 812 /* should be impossible */ 813 return; 814 } 815 #endif 816 } 817 818 if (ip6cp && ip6cp->ip6c_finaldst) { 819 bzero(&sa6, sizeof(sa6)); 820 sa6.sin6_family = AF_INET6; 821 sa6.sin6_len = sizeof(sa6); 822 sa6.sin6_addr = *ip6cp->ip6c_finaldst; 823 /* XXX: assuming M is valid in this case */ 824 sa6.sin6_scope_id = in6_addr2scopeid(m->m_pkthdr.rcvif, 825 ip6cp->ip6c_finaldst); 826 #ifndef SCOPEDROUTING 827 if (in6_embedscope(ip6cp->ip6c_finaldst, &sa6, NULL, NULL)) { 828 /* should be impossible */ 829 return; 830 } 831 #endif 832 } else { 833 /* XXX: translate addresses into internal form */ 834 sa6 = *(struct sockaddr_in6 *)sa; 835 #ifndef SCOPEDROUTING 836 if (in6_embedscope(&sa6.sin6_addr, &sa6, NULL, NULL)) { 837 /* should be impossible */ 838 return; 839 } 840 #endif 841 } 842 843 if (ip6) { 844 /* 845 * XXX: We assume that when IPV6 is non NULL, 846 * M and OFF are valid. 847 */ 848 struct sockaddr_in6 sa6_src; 849 850 /* check if we can safely examine src and dst ports */ 851 if (m->m_pkthdr.len < off + sizeof(*uhp)) 852 return; 853 854 bzero(&uh, sizeof(uh)); 855 m_copydata(m, off, sizeof(*uhp), (caddr_t)&uh); 856 857 bzero(&sa6_src, sizeof(sa6_src)); 858 sa6_src.sin6_family = AF_INET6; 859 sa6_src.sin6_len = sizeof(sa6_src); 860 sa6_src.sin6_addr = ip6->ip6_src; 861 sa6_src.sin6_scope_id = in6_addr2scopeid(m->m_pkthdr.rcvif, 862 &ip6->ip6_src); 863 #ifndef SCOPEDROUTING 864 if (in6_embedscope(&sa6_src.sin6_addr, &sa6_src, NULL, NULL)) { 865 /* should be impossible */ 866 return; 867 } 868 #endif 869 870 if (cmd == PRC_MSGSIZE) { 871 int valid = 0; 872 873 /* 874 * Check to see if we have a valid UDP socket 875 * corresponding to the address in the ICMPv6 message 876 * payload. 877 */ 878 if (in6_pcbhashlookup(&udbtable, &sa6.sin6_addr, 879 uh.uh_dport, &sa6_src.sin6_addr, uh.uh_sport, 880 rdomain)) 881 valid = 1; 882 #if 0 883 /* 884 * As the use of sendto(2) is fairly popular, 885 * we may want to allow non-connected pcb too. 886 * But it could be too weak against attacks... 887 * We should at least check if the local address (= s) 888 * is really ours. 889 */ 890 else if (in6_pcblookup_listen(&udbtable, 891 &sa6_src.sin6_addr, uh.uh_sport, 0, 892 rdomain)) 893 valid = 1; 894 #endif 895 896 /* 897 * Depending on the value of "valid" and routing table 898 * size (mtudisc_{hi,lo}wat), we will: 899 * - recalculate the new MTU and create the 900 * corresponding routing entry, or 901 * - ignore the MTU change notification. 902 */ 903 icmp6_mtudisc_update((struct ip6ctlparam *)d, valid); 904 905 /* 906 * regardless of if we called icmp6_mtudisc_update(), 907 * we need to call in6_pcbnotify(), to notify path 908 * MTU change to the userland (2292bis-02), because 909 * some unconnected sockets may share the same 910 * destination and want to know the path MTU. 911 */ 912 } 913 914 (void) in6_pcbnotify(&udbtable, &sa6, uh.uh_dport, 915 &sa6_src, uh.uh_sport, rdomain, cmd, cmdarg, notify); 916 } else { 917 (void) in6_pcbnotify(&udbtable, &sa6, 0, 918 &sa6_any, 0, rdomain, cmd, cmdarg, notify); 919 } 920 } 921 #endif 922 923 void * 924 udp_ctlinput(int cmd, struct sockaddr *sa, u_int rdomain, void *v) 925 { 926 struct ip *ip = v; 927 struct udphdr *uhp; 928 struct in_addr faddr; 929 struct inpcb *inp; 930 void (*notify)(struct inpcb *, int) = udp_notify; 931 int errno; 932 933 if (sa == NULL) 934 return NULL; 935 if (sa->sa_family != AF_INET || 936 sa->sa_len != sizeof(struct sockaddr_in)) 937 return NULL; 938 faddr = satosin(sa)->sin_addr; 939 if (faddr.s_addr == INADDR_ANY) 940 return NULL; 941 942 if ((unsigned)cmd >= PRC_NCMDS) 943 return NULL; 944 errno = inetctlerrmap[cmd]; 945 if (PRC_IS_REDIRECT(cmd)) 946 notify = in_rtchange, ip = 0; 947 else if (cmd == PRC_HOSTDEAD) 948 ip = 0; 949 else if (errno == 0) 950 return NULL; 951 if (ip) { 952 uhp = (struct udphdr *)((caddr_t)ip + (ip->ip_hl << 2)); 953 954 #ifdef IPSEC 955 /* PMTU discovery for udpencap */ 956 if (cmd == PRC_MSGSIZE && ip_mtudisc && udpencap_enable && 957 udpencap_port && uhp->uh_sport == htons(udpencap_port)) { 958 udpencap_ctlinput(cmd, sa, rdomain, v); 959 return (NULL); 960 } 961 #endif 962 inp = in_pcbhashlookup(&udbtable, 963 ip->ip_dst, uhp->uh_dport, ip->ip_src, uhp->uh_sport, 964 rdomain); 965 if (inp && inp->inp_socket != NULL) 966 notify(inp, errno); 967 } else 968 in_pcbnotifyall(&udbtable, sa, rdomain, errno, notify); 969 return (NULL); 970 } 971 972 int 973 udp_output(struct inpcb *inp, struct mbuf *m, struct mbuf *addr, 974 struct mbuf *control) 975 { 976 struct sockaddr_in *sin = NULL; 977 struct udpiphdr *ui; 978 u_int32_t ipsecflowinfo = 0; 979 int len = m->m_pkthdr.len; 980 struct in_addr *laddr; 981 int error = 0; 982 983 #ifdef DIAGNOSTIC 984 if ((inp->inp_flags & INP_IPV6) != 0) 985 panic("IPv6 inpcb to %s", __func__); 986 #endif 987 988 /* 989 * Compute the packet length of the IP header, and 990 * punt if the length looks bogus. 991 */ 992 if ((len + sizeof(struct udpiphdr)) > IP_MAXPACKET) { 993 error = EMSGSIZE; 994 goto release; 995 } 996 997 if (addr) { 998 sin = mtod(addr, struct sockaddr_in *); 999 1000 if (addr->m_len != sizeof(*sin)) { 1001 error = EINVAL; 1002 goto release; 1003 } 1004 if (sin->sin_family != AF_INET) { 1005 error = EAFNOSUPPORT; 1006 goto release; 1007 } 1008 if (sin->sin_port == 0) { 1009 error = EADDRNOTAVAIL; 1010 goto release; 1011 } 1012 1013 if (inp->inp_faddr.s_addr != INADDR_ANY) { 1014 error = EISCONN; 1015 goto release; 1016 } 1017 1018 error = in_selectsrc(&laddr, sin, inp->inp_moptions, 1019 &inp->inp_route, &inp->inp_laddr, inp->inp_rtableid); 1020 if (error) 1021 goto release; 1022 1023 if (inp->inp_lport == 0) { 1024 int s = splsoftnet(); 1025 error = in_pcbbind(inp, NULL, curproc); 1026 splx(s); 1027 if (error) 1028 goto release; 1029 } 1030 } else { 1031 if (inp->inp_faddr.s_addr == INADDR_ANY) { 1032 error = ENOTCONN; 1033 goto release; 1034 } 1035 laddr = &inp->inp_laddr; 1036 } 1037 1038 #ifdef IPSEC 1039 if (control && (inp->inp_flags & INP_IPSECFLOWINFO) != 0) { 1040 u_int clen; 1041 struct cmsghdr *cm; 1042 caddr_t cmsgs; 1043 1044 /* 1045 * XXX: Currently, we assume all the optional information is stored 1046 * in a single mbuf. 1047 */ 1048 if (control->m_next) { 1049 error = EINVAL; 1050 goto release; 1051 } 1052 1053 clen = control->m_len; 1054 cmsgs = mtod(control, caddr_t); 1055 do { 1056 if (clen < CMSG_LEN(0)) { 1057 error = EINVAL; 1058 goto release; 1059 } 1060 cm = (struct cmsghdr *)cmsgs; 1061 if (cm->cmsg_len < CMSG_LEN(0) || 1062 CMSG_ALIGN(cm->cmsg_len) > clen) { 1063 error = EINVAL; 1064 goto release; 1065 } 1066 if (cm->cmsg_len == CMSG_LEN(sizeof(ipsecflowinfo)) && 1067 cm->cmsg_level == IPPROTO_IP && 1068 cm->cmsg_type == IP_IPSECFLOWINFO) { 1069 ipsecflowinfo = *(u_int32_t *)CMSG_DATA(cm); 1070 break; 1071 } 1072 clen -= CMSG_ALIGN(cm->cmsg_len); 1073 cmsgs += CMSG_ALIGN(cm->cmsg_len); 1074 } while (clen); 1075 } 1076 #endif 1077 /* 1078 * Calculate data length and get a mbuf 1079 * for UDP and IP headers. 1080 */ 1081 M_PREPEND(m, sizeof(struct udpiphdr), M_DONTWAIT); 1082 if (m == NULL) { 1083 error = ENOBUFS; 1084 goto bail; 1085 } 1086 1087 /* 1088 * Fill in mbuf with extended UDP header 1089 * and addresses and length put into network format. 1090 */ 1091 ui = mtod(m, struct udpiphdr *); 1092 bzero(ui->ui_x1, sizeof ui->ui_x1); 1093 ui->ui_pr = IPPROTO_UDP; 1094 ui->ui_len = htons((u_int16_t)len + sizeof (struct udphdr)); 1095 ui->ui_src = *laddr; 1096 ui->ui_dst = sin ? sin->sin_addr : inp->inp_faddr; 1097 ui->ui_sport = inp->inp_lport; 1098 ui->ui_dport = sin ? sin->sin_port : inp->inp_fport; 1099 ui->ui_ulen = ui->ui_len; 1100 ((struct ip *)ui)->ip_len = htons(sizeof (struct udpiphdr) + len); 1101 ((struct ip *)ui)->ip_ttl = inp->inp_ip.ip_ttl; 1102 ((struct ip *)ui)->ip_tos = inp->inp_ip.ip_tos; 1103 if (udpcksum) 1104 m->m_pkthdr.csum_flags |= M_UDP_CSUM_OUT; 1105 1106 udpstat.udps_opackets++; 1107 1108 /* force routing table */ 1109 m->m_pkthdr.ph_rtableid = inp->inp_rtableid; 1110 1111 #if NPF > 0 1112 if (inp->inp_socket->so_state & SS_ISCONNECTED) 1113 m->m_pkthdr.pf.inp = inp; 1114 #endif 1115 1116 error = ip_output(m, inp->inp_options, &inp->inp_route, 1117 (inp->inp_socket->so_options & SO_BROADCAST), inp->inp_moptions, 1118 inp, ipsecflowinfo); 1119 if (error == EACCES) /* translate pf(4) error for userland */ 1120 error = EHOSTUNREACH; 1121 1122 bail: 1123 if (control) 1124 m_freem(control); 1125 return (error); 1126 1127 release: 1128 m_freem(m); 1129 goto bail; 1130 } 1131 1132 /*ARGSUSED*/ 1133 int 1134 udp_usrreq(struct socket *so, int req, struct mbuf *m, struct mbuf *addr, 1135 struct mbuf *control, struct proc *p) 1136 { 1137 struct inpcb *inp = sotoinpcb(so); 1138 int error = 0; 1139 int s; 1140 1141 if (req == PRU_CONTROL) { 1142 #ifdef INET6 1143 if (inp->inp_flags & INP_IPV6) 1144 return (in6_control(so, (u_long)m, (caddr_t)addr, 1145 (struct ifnet *)control)); 1146 else 1147 #endif /* INET6 */ 1148 return (in_control(so, (u_long)m, (caddr_t)addr, 1149 (struct ifnet *)control)); 1150 } 1151 if (inp == NULL && req != PRU_ATTACH) { 1152 error = EINVAL; 1153 goto release; 1154 } 1155 /* 1156 * Note: need to block udp_input while changing 1157 * the udp pcb queue and/or pcb addresses. 1158 */ 1159 switch (req) { 1160 1161 case PRU_ATTACH: 1162 if (inp != NULL) { 1163 error = EINVAL; 1164 break; 1165 } 1166 s = splsoftnet(); 1167 if ((error = soreserve(so, udp_sendspace, udp_recvspace)) || 1168 (error = in_pcballoc(so, &udbtable))) { 1169 splx(s); 1170 break; 1171 } 1172 splx(s); 1173 #ifdef INET6 1174 if (sotoinpcb(so)->inp_flags & INP_IPV6) 1175 sotoinpcb(so)->inp_ipv6.ip6_hlim = ip6_defhlim; 1176 else 1177 #endif /* INET6 */ 1178 sotoinpcb(so)->inp_ip.ip_ttl = ip_defttl; 1179 break; 1180 1181 case PRU_DETACH: 1182 udp_detach(inp); 1183 break; 1184 1185 case PRU_BIND: 1186 s = splsoftnet(); 1187 #ifdef INET6 1188 if (inp->inp_flags & INP_IPV6) 1189 error = in6_pcbbind(inp, addr, p); 1190 else 1191 #endif 1192 error = in_pcbbind(inp, addr, p); 1193 splx(s); 1194 break; 1195 1196 case PRU_LISTEN: 1197 error = EOPNOTSUPP; 1198 break; 1199 1200 case PRU_CONNECT: 1201 #ifdef INET6 1202 if (inp->inp_flags & INP_IPV6) { 1203 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->inp_faddr6)) { 1204 error = EISCONN; 1205 break; 1206 } 1207 s = splsoftnet(); 1208 error = in6_pcbconnect(inp, addr); 1209 splx(s); 1210 } else 1211 #endif /* INET6 */ 1212 { 1213 if (inp->inp_faddr.s_addr != INADDR_ANY) { 1214 error = EISCONN; 1215 break; 1216 } 1217 s = splsoftnet(); 1218 error = in_pcbconnect(inp, addr); 1219 splx(s); 1220 } 1221 1222 if (error == 0) 1223 soisconnected(so); 1224 break; 1225 1226 case PRU_CONNECT2: 1227 error = EOPNOTSUPP; 1228 break; 1229 1230 case PRU_ACCEPT: 1231 error = EOPNOTSUPP; 1232 break; 1233 1234 case PRU_DISCONNECT: 1235 #ifdef INET6 1236 if (inp->inp_flags & INP_IPV6) { 1237 if (IN6_IS_ADDR_UNSPECIFIED(&inp->inp_faddr6)) { 1238 error = ENOTCONN; 1239 break; 1240 } 1241 } else 1242 #endif /* INET6 */ 1243 { 1244 if (inp->inp_faddr.s_addr == INADDR_ANY) { 1245 error = ENOTCONN; 1246 break; 1247 } 1248 } 1249 1250 s = splsoftnet(); 1251 #ifdef INET6 1252 if (inp->inp_flags & INP_IPV6) 1253 inp->inp_laddr6 = in6addr_any; 1254 else 1255 #endif /* INET6 */ 1256 inp->inp_laddr.s_addr = INADDR_ANY; 1257 in_pcbdisconnect(inp); 1258 1259 splx(s); 1260 so->so_state &= ~SS_ISCONNECTED; /* XXX */ 1261 break; 1262 1263 case PRU_SHUTDOWN: 1264 socantsendmore(so); 1265 break; 1266 1267 case PRU_SEND: 1268 #ifdef PIPEX 1269 if (inp->inp_pipex) { 1270 struct pipex_session *session; 1271 1272 if (addr != NULL) 1273 session = 1274 pipex_l2tp_userland_lookup_session(m, 1275 mtod(addr, struct sockaddr *)); 1276 else 1277 #ifdef INET6 1278 if (inp->inp_flags & INP_IPV6) 1279 session = 1280 pipex_l2tp_userland_lookup_session_ipv6( 1281 m, inp->inp_faddr6); 1282 else 1283 #endif 1284 session = 1285 pipex_l2tp_userland_lookup_session_ipv4( 1286 m, inp->inp_faddr); 1287 if (session != NULL) 1288 if ((m = pipex_l2tp_userland_output( 1289 m, session)) == NULL) { 1290 error = ENOMEM; 1291 goto release; 1292 } 1293 } 1294 #endif 1295 1296 #ifdef INET6 1297 if (inp->inp_flags & INP_IPV6) 1298 return (udp6_output(inp, m, addr, control)); 1299 else 1300 return (udp_output(inp, m, addr, control)); 1301 #else 1302 return (udp_output(inp, m, addr, control)); 1303 #endif 1304 1305 case PRU_ABORT: 1306 soisdisconnected(so); 1307 udp_detach(inp); 1308 break; 1309 1310 case PRU_SOCKADDR: 1311 #ifdef INET6 1312 if (inp->inp_flags & INP_IPV6) 1313 in6_setsockaddr(inp, addr); 1314 else 1315 #endif /* INET6 */ 1316 in_setsockaddr(inp, addr); 1317 break; 1318 1319 case PRU_PEERADDR: 1320 #ifdef INET6 1321 if (inp->inp_flags & INP_IPV6) 1322 in6_setpeeraddr(inp, addr); 1323 else 1324 #endif /* INET6 */ 1325 in_setpeeraddr(inp, addr); 1326 break; 1327 1328 case PRU_SENSE: 1329 /* 1330 * stat: don't bother with a blocksize. 1331 */ 1332 /* 1333 * Perhaps Path MTU might be returned for a connected 1334 * UDP socket in this case. 1335 */ 1336 return (0); 1337 1338 case PRU_SENDOOB: 1339 case PRU_FASTTIMO: 1340 case PRU_SLOWTIMO: 1341 case PRU_PROTORCV: 1342 case PRU_PROTOSEND: 1343 error = EOPNOTSUPP; 1344 break; 1345 1346 case PRU_RCVD: 1347 case PRU_RCVOOB: 1348 return (EOPNOTSUPP); /* do not free mbuf's */ 1349 1350 default: 1351 panic("udp_usrreq"); 1352 } 1353 1354 release: 1355 if (control) { 1356 m_freem(control); 1357 } 1358 if (m) 1359 m_freem(m); 1360 return (error); 1361 } 1362 1363 void 1364 udp_detach(struct inpcb *inp) 1365 { 1366 int s = splsoftnet(); 1367 1368 in_pcbdetach(inp); 1369 splx(s); 1370 } 1371 1372 /* 1373 * Sysctl for udp variables. 1374 */ 1375 int 1376 udp_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp, 1377 size_t newlen) 1378 { 1379 /* All sysctl names at this level are terminal. */ 1380 if (namelen != 1) 1381 return (ENOTDIR); 1382 1383 switch (name[0]) { 1384 case UDPCTL_BADDYNAMIC: 1385 return (sysctl_struct(oldp, oldlenp, newp, newlen, 1386 baddynamicports.udp, sizeof(baddynamicports.udp))); 1387 1388 case UDPCTL_STATS: 1389 if (newp != NULL) 1390 return (EPERM); 1391 return (sysctl_struct(oldp, oldlenp, newp, newlen, 1392 &udpstat, sizeof(udpstat))); 1393 1394 default: 1395 if (name[0] < UDPCTL_MAXID) 1396 return (sysctl_int_arr(udpctl_vars, name, namelen, 1397 oldp, oldlenp, newp, newlen)); 1398 return (ENOPROTOOPT); 1399 } 1400 /* NOTREACHED */ 1401 } 1402