1 /* $OpenBSD: in6_pcb.c,v 1.63 2014/06/03 13:32:24 mpi Exp $ */ 2 3 /* 4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the project nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 /* 33 * @(#)COPYRIGHT 1.1 (NRL) 17 January 1995 34 * 35 * NRL grants permission for redistribution and use in source and binary 36 * forms, with or without modification, of the software and documentation 37 * created at NRL provided that the following conditions are met: 38 * 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 3. All advertising materials mentioning features or use of this software 45 * must display the following acknowledgements: 46 * This product includes software developed by the University of 47 * California, Berkeley and its contributors. 48 * This product includes software developed at the Information 49 * Technology Division, US Naval Research Laboratory. 50 * 4. Neither the name of the NRL nor the names of its contributors 51 * may be used to endorse or promote products derived from this software 52 * without specific prior written permission. 53 * 54 * THE SOFTWARE PROVIDED BY NRL IS PROVIDED BY NRL AND CONTRIBUTORS ``AS 55 * IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 56 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A 57 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL NRL OR 58 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 59 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 60 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 61 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 62 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 63 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 64 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 65 * 66 * The views and conclusions contained in the software and documentation 67 * are those of the authors and should not be interpreted as representing 68 * official policies, either expressed or implied, of the US Naval 69 * Research Laboratory (NRL). 70 */ 71 72 /* 73 * Copyright (c) 1982, 1986, 1990, 1993, 1995 74 * Regents of the University of California. All rights reserved. 75 * 76 * Redistribution and use in source and binary forms, with or without 77 * modification, are permitted provided that the following conditions 78 * are met: 79 * 1. Redistributions of source code must retain the above copyright 80 * notice, this list of conditions and the following disclaimer. 81 * 2. Redistributions in binary form must reproduce the above copyright 82 * notice, this list of conditions and the following disclaimer in the 83 * documentation and/or other materials provided with the distribution. 84 * 3. Neither the name of the University nor the names of its contributors 85 * may be used to endorse or promote products derived from this software 86 * without specific prior written permission. 87 * 88 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 89 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 90 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 91 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 92 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 93 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 94 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 95 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 96 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 97 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 98 * SUCH DAMAGE. 99 * 100 */ 101 102 #include <sys/param.h> 103 #include <sys/systm.h> 104 #include <sys/mbuf.h> 105 #include <sys/domain.h> 106 #include <sys/protosw.h> 107 #include <sys/socket.h> 108 #include <sys/socketvar.h> 109 #include <sys/errno.h> 110 #include <sys/time.h> 111 112 #include <net/if.h> 113 #include <net/route.h> 114 115 #include <netinet/in.h> 116 #include <netinet/in_systm.h> 117 #include <netinet/ip.h> 118 #include <netinet/in_pcb.h> 119 #include <netinet/ip_var.h> 120 121 #include <netinet6/in6_var.h> 122 #include <netinet/ip6.h> 123 #include <netinet6/ip6_var.h> 124 125 /* 126 * External globals 127 */ 128 129 #include <dev/rndvar.h> 130 131 /* 132 * Globals 133 */ 134 135 struct in6_addr zeroin6_addr; 136 137 /* 138 * Keep separate inet6ctlerrmap, because I may remap some of these. 139 * I also put it here, because, quite frankly, it belongs here, not in 140 * ip{v6,}_input(). 141 */ 142 #if 0 143 u_char inet6ctlerrmap[PRC_NCMDS] = { 144 0, 0, 0, 0, 145 0, EMSGSIZE, EHOSTDOWN, EHOSTUNREACH, 146 EHOSTUNREACH, EHOSTUNREACH, ECONNREFUSED, ECONNREFUSED, 147 EMSGSIZE, EHOSTUNREACH, 0, 0, 148 0, 0, 0, 0, 149 ENOPROTOOPT 150 }; 151 #endif 152 153 /* 154 * Bind an address (or at least a port) to an PF_INET6 socket. 155 */ 156 int 157 in6_pcbbind(struct inpcb *inp, struct mbuf *nam, struct proc *p) 158 { 159 struct socket *so = inp->inp_socket; 160 161 struct inpcbtable *head = inp->inp_table; 162 struct sockaddr_in6 *sin6; 163 u_short lport = 0; 164 int wild = INPLOOKUP_IPV6, reuseport = (so->so_options & SO_REUSEPORT); 165 int error; 166 167 /* 168 * REMINDER: Once up to speed, flow label processing should go here, 169 * too. (Same with in6_pcbconnect.) 170 */ 171 if (TAILQ_EMPTY(&in6_ifaddr)) 172 return EADDRNOTAVAIL; 173 174 if (inp->inp_lport != 0 || !IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6)) 175 return EINVAL; /* If already bound, EINVAL! */ 176 177 if ((so->so_options & (SO_REUSEADDR | SO_REUSEPORT)) == 0 && 178 ((so->so_proto->pr_flags & PR_CONNREQUIRED) == 0 || 179 (so->so_options & SO_ACCEPTCONN) == 0)) 180 wild |= INPLOOKUP_WILDCARD; 181 182 /* 183 * If I did get a sockaddr passed in... 184 */ 185 if (nam) { 186 sin6 = mtod(nam, struct sockaddr_in6 *); 187 if (nam->m_len != sizeof (*sin6)) 188 return EINVAL; 189 190 /* 191 * Unlike v4, I have no qualms about EAFNOSUPPORT if the 192 * wretched family is not filled in! 193 */ 194 if (sin6->sin6_family != AF_INET6) 195 return EAFNOSUPPORT; 196 197 /* KAME hack: embed scopeid */ 198 if (in6_embedscope(&sin6->sin6_addr, sin6, inp, NULL) != 0) 199 return EINVAL; 200 /* this must be cleared for ifa_ifwithaddr() */ 201 sin6->sin6_scope_id = 0; 202 203 lport = sin6->sin6_port; 204 205 /* reject IPv4 mapped address, we have no support for it */ 206 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) 207 return EADDRNOTAVAIL; 208 209 if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) { 210 /* 211 * Treat SO_REUSEADDR as SO_REUSEPORT for multicast; 212 * allow complete duplication of binding if 213 * SO_REUSEPORT is set, or if SO_REUSEADDR is set 214 * and a multicast address is bound on both 215 * new and duplicated sockets. 216 */ 217 if (so->so_options & SO_REUSEADDR) 218 reuseport = SO_REUSEADDR | SO_REUSEPORT; 219 } else if (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) { 220 struct ifaddr *ifa = NULL; 221 222 sin6->sin6_port = 0; /* 223 * Yechhhh, because of upcoming 224 * call to ifa_ifwithaddr(), which 225 * does bcmp's over the PORTS as 226 * well. (What about flow?) 227 */ 228 sin6->sin6_flowinfo = 0; 229 if (!(so->so_options & SO_BINDANY) && 230 (ifa = ifa_ifwithaddr(sin6tosa(sin6), 231 inp->inp_rtableid)) == NULL) 232 return EADDRNOTAVAIL; 233 234 /* 235 * bind to an anycast address might accidentally 236 * cause sending a packet with an anycast source 237 * address, so we forbid it. 238 * 239 * We should allow to bind to a deprecated address, 240 * since the application dare to use it. 241 * But, can we assume that they are careful enough 242 * to check if the address is deprecated or not? 243 * Maybe, as a safeguard, we should have a setsockopt 244 * flag to control the bind(2) behavior against 245 * deprecated addresses (default: forbid bind(2)). 246 */ 247 if (ifa && 248 ifatoia6(ifa)->ia6_flags & 249 (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY|IN6_IFF_DETACHED)) 250 return (EADDRNOTAVAIL); 251 } 252 if (lport) { 253 struct inpcb *t; 254 255 /* 256 * Question: Do we wish to continue the Berkeley 257 * tradition of ports < IPPORT_RESERVED be only for 258 * root? 259 * Answer: For now yes, but IMHO, it should be REMOVED! 260 * OUCH: One other thing, is there no better way of 261 * finding a process for a socket instead of using 262 * curproc? (Marked with BSD's {in,}famous XXX ? 263 */ 264 if (ntohs(lport) < IPPORT_RESERVED && 265 (error = suser(p, 0))) 266 return error; 267 268 t = in_pcblookup(head, 269 (struct in_addr *)&zeroin6_addr, 0, 270 (struct in_addr *)&sin6->sin6_addr, lport, 271 wild, inp->inp_rtableid); 272 273 if (t && (reuseport & t->inp_socket->so_options) == 0) 274 return EADDRINUSE; 275 } 276 inp->inp_laddr6 = sin6->sin6_addr; 277 } 278 279 if (lport == 0) { 280 error = in6_pcbsetport(&inp->inp_laddr6, inp, p); 281 if (error != 0) 282 return error; 283 } else { 284 inp->inp_lport = lport; 285 in_pcbrehash(inp); 286 } 287 288 return 0; 289 } 290 291 int 292 in6_pcbsetport(struct in6_addr *laddr, struct inpcb *inp, struct proc *p) 293 { 294 struct socket *so = inp->inp_socket; 295 struct inpcbtable *table = inp->inp_table; 296 u_int16_t first, last; 297 u_int16_t *lastport = &inp->inp_table->inpt_lastport; 298 u_int16_t lport = 0; 299 int count; 300 int wild = INPLOOKUP_IPV6; 301 int error; 302 303 /* XXX we no longer support IPv4 mapped address, so no tweaks here */ 304 305 if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0 && 306 ((so->so_proto->pr_flags & PR_CONNREQUIRED) == 0 || 307 (so->so_options & SO_ACCEPTCONN) == 0)) 308 wild |= INPLOOKUP_WILDCARD; 309 310 if (inp->inp_flags & INP_HIGHPORT) { 311 first = ipport_hifirstauto; /* sysctl */ 312 last = ipport_hilastauto; 313 } else if (inp->inp_flags & INP_LOWPORT) { 314 if ((error = suser(p, 0))) 315 return (EACCES); 316 first = IPPORT_RESERVED-1; /* 1023 */ 317 last = 600; /* not IPPORT_RESERVED/2 */ 318 } else { 319 first = ipport_firstauto; /* sysctl */ 320 last = ipport_lastauto; 321 } 322 323 /* 324 * Simple check to ensure all ports are not used up causing 325 * a deadlock here. 326 * 327 * We split the two cases (up and down) so that the direction 328 * is not being tested on each round of the loop. 329 */ 330 331 if (first > last) { 332 /* 333 * counting down 334 */ 335 count = first - last; 336 if (count) 337 *lastport = first - arc4random_uniform(count); 338 339 do { 340 if (count-- < 0) /* completely used? */ 341 return (EADDRNOTAVAIL); 342 --*lastport; 343 if (*lastport > first || *lastport < last) 344 *lastport = first; 345 lport = htons(*lastport); 346 } while (in_baddynamic(*lastport, so->so_proto->pr_protocol) || 347 in_pcblookup(table, &zeroin6_addr, 0, 348 &inp->inp_laddr6, lport, wild, inp->inp_rtableid)); 349 } else { 350 /* 351 * counting up 352 */ 353 count = last - first; 354 if (count) 355 *lastport = first + arc4random_uniform(count); 356 357 do { 358 if (count-- < 0) /* completely used? */ 359 return (EADDRNOTAVAIL); 360 ++*lastport; 361 if (*lastport < first || *lastport > last) 362 *lastport = first; 363 lport = htons(*lastport); 364 } while (in_baddynamic(*lastport, so->so_proto->pr_protocol) || 365 in_pcblookup(table, &zeroin6_addr, 0, 366 &inp->inp_laddr6, lport, wild, inp->inp_rtableid)); 367 } 368 369 inp->inp_lport = lport; 370 in_pcbrehash(inp); 371 372 #if 0 373 inp->inp_flowinfo = 0; /* XXX */ 374 #endif 375 376 return 0; 377 } 378 379 /* 380 * Connect from a socket to a specified address. 381 * Both address and port must be specified in argument sin6. 382 * Eventually, flow labels will have to be dealt with here, as well. 383 * 384 * If don't have a local address for this socket yet, 385 * then pick one. 386 * 387 * I believe this has to be called at splnet(). 388 */ 389 int 390 in6_pcbconnect(struct inpcb *inp, struct mbuf *nam) 391 { 392 struct in6_addr *in6a = NULL; 393 struct sockaddr_in6 *sin6 = mtod(nam, struct sockaddr_in6 *); 394 struct ifnet *ifp = NULL; /* outgoing interface */ 395 int error = 0; 396 struct sockaddr_in6 tmp; 397 398 (void)&in6a; /* XXX fool gcc */ 399 400 if (nam->m_len != sizeof(*sin6)) 401 return (EINVAL); 402 if (sin6->sin6_family != AF_INET6) 403 return (EAFNOSUPPORT); 404 if (sin6->sin6_port == 0) 405 return (EADDRNOTAVAIL); 406 407 /* reject IPv4 mapped address, we have no support for it */ 408 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) 409 return EADDRNOTAVAIL; 410 411 /* sanity check for mapped address case */ 412 if (IN6_IS_ADDR_V4MAPPED(&inp->inp_laddr6)) 413 return EINVAL; 414 415 /* protect *sin6 from overwrites */ 416 tmp = *sin6; 417 sin6 = &tmp; 418 419 /* KAME hack: embed scopeid */ 420 if (in6_embedscope(&sin6->sin6_addr, sin6, inp, &ifp) != 0) 421 return EINVAL; 422 /* this must be cleared for ifa_ifwithaddr() */ 423 sin6->sin6_scope_id = 0; 424 425 /* Source address selection. */ 426 /* 427 * XXX: in6_selectsrc might replace the bound local address 428 * with the address specified by setsockopt(IPV6_PKTINFO). 429 * Is it the intended behavior? 430 */ 431 error = in6_selectsrc(&in6a, sin6, inp->inp_outputopts6, 432 inp->inp_moptions6, &inp->inp_route6, &inp->inp_laddr6, 433 inp->inp_rtableid); 434 if (error) 435 return (error); 436 437 if (inp->inp_route6.ro_rt && inp->inp_route6.ro_rt->rt_flags & RTF_UP) 438 ifp = inp->inp_route6.ro_rt->rt_ifp; 439 440 inp->inp_ipv6.ip6_hlim = (u_int8_t)in6_selecthlim(inp, ifp); 441 442 if (in_pcblookup(inp->inp_table, &sin6->sin6_addr, sin6->sin6_port, 443 IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6) ? in6a : &inp->inp_laddr6, 444 inp->inp_lport, INPLOOKUP_IPV6, inp->inp_rtableid)) { 445 return (EADDRINUSE); 446 } 447 448 KASSERT(IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6) || inp->inp_lport); 449 450 if (IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6)) { 451 if (inp->inp_lport == 0) 452 (void)in6_pcbbind(inp, NULL, curproc); 453 inp->inp_laddr6 = *in6a; 454 } 455 inp->inp_faddr6 = sin6->sin6_addr; 456 inp->inp_fport = sin6->sin6_port; 457 inp->inp_flowinfo &= ~IPV6_FLOWLABEL_MASK; 458 if (ip6_auto_flowlabel) 459 inp->inp_flowinfo |= 460 (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK); 461 in_pcbrehash(inp); 462 return (0); 463 } 464 465 /* 466 * Pass some notification to all connections of a protocol 467 * associated with address dst. The local address and/or port numbers 468 * may be specified to limit the search. The "usual action" will be 469 * taken, depending on the ctlinput cmd. The caller must filter any 470 * cmds that are uninteresting (e.g., no error in the map). 471 * Call the protocol specific routine (if any) to report 472 * any errors for each matching socket. 473 * 474 * Also perform input-side security policy check 475 * once PCB to be notified has been located. 476 * 477 * Must be called at splnet. 478 */ 479 int 480 in6_pcbnotify(struct inpcbtable *head, struct sockaddr_in6 *dst, 481 uint fport_arg, const struct sockaddr_in6 *src, uint lport_arg, 482 u_int rdomain, int cmd, void *cmdarg, void (*notify)(struct inpcb *, int)) 483 { 484 struct inpcb *inp, *ninp; 485 u_short fport = fport_arg, lport = lport_arg; 486 struct sockaddr_in6 sa6_src; 487 int errno, nmatch = 0; 488 u_int32_t flowinfo; 489 490 if ((unsigned)cmd >= PRC_NCMDS) 491 return (0); 492 493 if (IN6_IS_ADDR_UNSPECIFIED(&dst->sin6_addr)) 494 return (0); 495 if (IN6_IS_ADDR_V4MAPPED(&dst->sin6_addr)) { 496 #ifdef DIAGNOSTIC 497 printf("Huh? Thought in6_pcbnotify() never got " 498 "called with mapped!\n"); 499 #endif 500 return (0); 501 } 502 503 rdomain = rtable_l2(rdomain); 504 /* 505 * note that src can be NULL when we get notify by local fragmentation. 506 */ 507 sa6_src = (src == NULL) ? sa6_any : *src; 508 flowinfo = sa6_src.sin6_flowinfo; 509 510 /* 511 * Redirects go to all references to the destination, 512 * and use in_rtchange to invalidate the route cache. 513 * Dead host indications: also use in_rtchange to invalidate 514 * the cache, and deliver the error to all the sockets. 515 * Otherwise, if we have knowledge of the local port and address, 516 * deliver only to that socket. 517 */ 518 if (PRC_IS_REDIRECT(cmd) || cmd == PRC_HOSTDEAD) { 519 fport = 0; 520 lport = 0; 521 sa6_src.sin6_addr = in6addr_any; 522 523 if (cmd != PRC_HOSTDEAD) 524 notify = in_rtchange; 525 } 526 errno = inet6ctlerrmap[cmd]; 527 528 TAILQ_FOREACH_SAFE(inp, &head->inpt_queue, inp_queue, ninp) { 529 if ((inp->inp_flags & INP_IPV6) == 0) 530 continue; 531 532 /* 533 * Under the following condition, notify of redirects 534 * to the pcb, without making address matches against inpcb. 535 * - redirect notification is arrived. 536 * - the inpcb is unconnected. 537 * - the inpcb is caching !RTF_HOST routing entry. 538 * - the ICMPv6 notification is from the gateway cached in the 539 * inpcb. i.e. ICMPv6 notification is from nexthop gateway 540 * the inpcb used very recently. 541 * 542 * This is to improve interaction between netbsd/openbsd 543 * redirect handling code, and inpcb route cache code. 544 * without the clause, !RTF_HOST routing entry (which carries 545 * gateway used by inpcb right before the ICMPv6 redirect) 546 * will be cached forever in unconnected inpcb. 547 * 548 * There still is a question regarding to what is TRT: 549 * - On bsdi/freebsd, RTF_HOST (cloned) routing entry will be 550 * generated on packet output. inpcb will always cache 551 * RTF_HOST routing entry so there's no need for the clause 552 * (ICMPv6 redirect will update RTF_HOST routing entry, 553 * and inpcb is caching it already). 554 * However, bsdi/freebsd are vulnerable to local DoS attacks 555 * due to the cloned routing entries. 556 * - Specwise, "destination cache" is mentioned in RFC2461. 557 * Jinmei says that it implies bsdi/freebsd behavior, itojun 558 * is not really convinced. 559 * - Having hiwat/lowat on # of cloned host route (redirect/ 560 * pmtud) may be a good idea. netbsd/openbsd has it. see 561 * icmp6_mtudisc_update(). 562 */ 563 if ((PRC_IS_REDIRECT(cmd) || cmd == PRC_HOSTDEAD) && 564 IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6) && 565 inp->inp_route.ro_rt && 566 !(inp->inp_route.ro_rt->rt_flags & RTF_HOST)) { 567 struct sockaddr_in6 *dst6; 568 569 dst6 = satosin6(&inp->inp_route.ro_dst); 570 if (IN6_ARE_ADDR_EQUAL(&dst6->sin6_addr, 571 &dst->sin6_addr)) 572 goto do_notify; 573 } 574 575 /* 576 * Detect if we should notify the error. If no source and 577 * destination ports are specified, but non-zero flowinfo and 578 * local address match, notify the error. This is the case 579 * when the error is delivered with an encrypted buffer 580 * by ESP. Otherwise, just compare addresses and ports 581 * as usual. 582 */ 583 if (lport == 0 && fport == 0 && flowinfo && 584 inp->inp_socket != NULL && 585 flowinfo == (inp->inp_flowinfo & IPV6_FLOWLABEL_MASK) && 586 IN6_ARE_ADDR_EQUAL(&inp->inp_laddr6, &sa6_src.sin6_addr)) 587 goto do_notify; 588 else if (!IN6_ARE_ADDR_EQUAL(&inp->inp_faddr6, 589 &dst->sin6_addr) || 590 rtable_l2(inp->inp_rtableid) != rdomain || 591 inp->inp_socket == 0 || 592 (lport && inp->inp_lport != lport) || 593 (!IN6_IS_ADDR_UNSPECIFIED(&sa6_src.sin6_addr) && 594 !IN6_ARE_ADDR_EQUAL(&inp->inp_laddr6, 595 &sa6_src.sin6_addr)) || 596 (fport && inp->inp_fport != fport)) { 597 continue; 598 } 599 do_notify: 600 nmatch++; 601 if (notify) 602 (*notify)(inp, errno); 603 } 604 return (nmatch); 605 } 606 607 /* 608 * Get the local address/port, and put it in a sockaddr_in6. 609 * This services the getsockname(2) call. 610 */ 611 int 612 in6_setsockaddr(struct inpcb *inp, struct mbuf *nam) 613 { 614 struct sockaddr_in6 *sin6; 615 616 nam->m_len = sizeof(struct sockaddr_in6); 617 sin6 = mtod(nam,struct sockaddr_in6 *); 618 619 bzero ((caddr_t)sin6,sizeof(struct sockaddr_in6)); 620 sin6->sin6_family = AF_INET6; 621 sin6->sin6_len = sizeof(struct sockaddr_in6); 622 sin6->sin6_port = inp->inp_lport; 623 sin6->sin6_addr = inp->inp_laddr6; 624 /* KAME hack: recover scopeid */ 625 (void)in6_recoverscope(sin6, &inp->inp_laddr6, NULL); 626 627 return 0; 628 } 629 630 /* 631 * Get the foreign address/port, and put it in a sockaddr_in6. 632 * This services the getpeername(2) call. 633 */ 634 int 635 in6_setpeeraddr(struct inpcb *inp, struct mbuf *nam) 636 { 637 struct sockaddr_in6 *sin6; 638 639 nam->m_len = sizeof(struct sockaddr_in6); 640 sin6 = mtod(nam,struct sockaddr_in6 *); 641 642 bzero ((caddr_t)sin6,sizeof(struct sockaddr_in6)); 643 sin6->sin6_family = AF_INET6; 644 sin6->sin6_len = sizeof(struct sockaddr_in6); 645 sin6->sin6_port = inp->inp_fport; 646 sin6->sin6_addr = inp->inp_faddr6; 647 /* KAME hack: recover scopeid */ 648 (void)in6_recoverscope(sin6, &inp->inp_faddr6, NULL); 649 650 return 0; 651 } 652