contrib/bind9/lib/isc/unix/net.c

   1 /*
   2  * Copyright (C) 2004, 2005, 2007, 2008, 2012  Internet Systems Consortium, Inc. ("ISC")
   3  * Copyright (C) 1999-2003  Internet Software Consortium.
   4  *
   5  * Permission to use, copy, modify, and/or distribute this software for any
   6  * purpose with or without fee is hereby granted, provided that the above
   7  * copyright notice and this permission notice appear in all copies.
   8  *
   9  * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
  10  * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
  11  * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
  12  * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
  13  * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
  14  * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  15  * PERFORMANCE OF THIS SOFTWARE.
  16  */
  17
  18 /* $Id$ */
  19
  20 #include <config.h>
  21
  22 #include <sys/types.h>
  23
  24 #if defined(HAVE_SYS_SYSCTL_H)
  25 #if defined(HAVE_SYS_PARAM_H)
  26 #include <sys/param.h>
  27 #endif
  28 #include <sys/sysctl.h>
  29 #endif
  30
  31 #include <errno.h>
  32 #include <unistd.h>
  33
  34 #include <isc/log.h>
  35 #include <isc/msgs.h>
  36 #include <isc/net.h>
  37 #include <isc/once.h>
  38 #include <isc/strerror.h>
  39 #include <isc/string.h>
  40 #include <isc/util.h>
  41
  42 /*%
  43  * Definitions about UDP port range specification.  This is a total mess of
  44  * portability variants: some use sysctl (but the sysctl names vary), some use
  45  * system-specific interfaces, some have the same interface for IPv4 and IPv6,
  46  * some separate them, etc...
  47  */
  48
  49 /*%
  50  * The last resort defaults: use all non well known port space
  51  */
  52 #ifndef ISC_NET_PORTRANGELOW
  53 #define ISC_NET_PORTRANGELOW 1024
  54 #endif  /* ISC_NET_PORTRANGELOW */
  55 #ifndef ISC_NET_PORTRANGEHIGH
  56 #define ISC_NET_PORTRANGEHIGH 65535
  57 #endif  /* ISC_NET_PORTRANGEHIGH */
  58
  59 #ifdef HAVE_SYSCTLBYNAME
  60
  61 /*%
  62  * sysctl variants
  63  */
  64 #if defined(__FreeBSD__) || defined(__APPLE__) || defined(__DragonFly__)
  65 #define USE_SYSCTL_PORTRANGE
  66 #define SYSCTL_V4PORTRANGE_LOW  "net.inet.ip.portrange.hifirst"
  67 #define SYSCTL_V4PORTRANGE_HIGH "net.inet.ip.portrange.hilast"
  68 #define SYSCTL_V6PORTRANGE_LOW  "net.inet.ip.portrange.hifirst"
  69 #define SYSCTL_V6PORTRANGE_HIGH "net.inet.ip.portrange.hilast"
  70 #endif
  71
  72 #ifdef __NetBSD__
  73 #define USE_SYSCTL_PORTRANGE
  74 #define SYSCTL_V4PORTRANGE_LOW  "net.inet.ip.anonportmin"
  75 #define SYSCTL_V4PORTRANGE_HIGH "net.inet.ip.anonportmax"
  76 #define SYSCTL_V6PORTRANGE_LOW  "net.inet6.ip6.anonportmin"
  77 #define SYSCTL_V6PORTRANGE_HIGH "net.inet6.ip6.anonportmax"
  78 #endif
  79
  80 #else /* !HAVE_SYSCTLBYNAME */
  81
  82 #ifdef __OpenBSD__
  83 #define USE_SYSCTL_PORTRANGE
  84 #define SYSCTL_V4PORTRANGE_LOW  { CTL_NET, PF_INET, IPPROTO_IP, \
  85                                   IPCTL_IPPORT_HIFIRSTAUTO }
  86 #define SYSCTL_V4PORTRANGE_HIGH { CTL_NET, PF_INET, IPPROTO_IP, \
  87                                   IPCTL_IPPORT_HILASTAUTO }
  88 /* Same for IPv6 */
  89 #define SYSCTL_V6PORTRANGE_LOW  SYSCTL_V4PORTRANGE_LOW
  90 #define SYSCTL_V6PORTRANGE_HIGH SYSCTL_V4PORTRANGE_HIGH
  91 #endif
  92
  93 #endif /* HAVE_SYSCTLBYNAME */
  94
  95 #if defined(ISC_PLATFORM_HAVEIPV6)
  96 # if defined(ISC_PLATFORM_NEEDIN6ADDRANY)
  97 const struct in6_addr isc_net_in6addrany = IN6ADDR_ANY_INIT;
  98 # endif
  99
 100 # if defined(ISC_PLATFORM_NEEDIN6ADDRLOOPBACK)
 101 const struct in6_addr isc_net_in6addrloop = IN6ADDR_LOOPBACK_INIT;
 102 # endif
 103
 104 # if defined(WANT_IPV6)
 105 static isc_once_t       once_ipv6only = ISC_ONCE_INIT;
 106 # endif
 107
 108 # if defined(ISC_PLATFORM_HAVEIN6PKTINFO)
 109 static isc_once_t       once_ipv6pktinfo = ISC_ONCE_INIT;
 110 # endif
 111 #endif /* ISC_PLATFORM_HAVEIPV6 */
 112
 113 static isc_once_t       once = ISC_ONCE_INIT;
 114
 115 static isc_result_t     ipv4_result = ISC_R_NOTFOUND;
 116 static isc_result_t     ipv6_result = ISC_R_NOTFOUND;
 117 static isc_result_t     unix_result = ISC_R_NOTFOUND;
 118 static isc_result_t     ipv6only_result = ISC_R_NOTFOUND;
 119 static isc_result_t     ipv6pktinfo_result = ISC_R_NOTFOUND;
 120
 121 static isc_result_t
 122 try_proto(int domain) {
 123         int s;
 124         isc_result_t result = ISC_R_SUCCESS;
 125         char strbuf[ISC_STRERRORSIZE];
 126
 127         s = socket(domain, SOCK_STREAM, 0);
 128         if (s == -1) {
 129                 switch (errno) {
 130 #ifdef EAFNOSUPPORT
 131                 case EAFNOSUPPORT:
 132 #endif
 133 #ifdef EPROTONOSUPPORT
 134                 case EPROTONOSUPPORT:
 135 #endif
 136 #ifdef EINVAL
 137                 case EINVAL:
 138 #endif
 139                         return (ISC_R_NOTFOUND);
 140                 default:
 141                         isc__strerror(errno, strbuf, sizeof(strbuf));
 142                         UNEXPECTED_ERROR(__FILE__, __LINE__,
 143                                          "socket() %s: %s",
 144                                          isc_msgcat_get(isc_msgcat,
 145                                                         ISC_MSGSET_GENERAL,
 146                                                         ISC_MSG_FAILED,
 147                                                         "failed"),
 148                                          strbuf);
 149                         return (ISC_R_UNEXPECTED);
 150                 }
 151         }
 152
 153 #ifdef ISC_PLATFORM_HAVEIPV6
 154 #ifdef WANT_IPV6
 155 #ifdef ISC_PLATFORM_HAVEIN6PKTINFO
 156         if (domain == PF_INET6) {
 157                 struct sockaddr_in6 sin6;
 158                 unsigned int len;
 159
 160                 /*
 161                  * Check to see if IPv6 is broken, as is common on Linux.
 162                  */
 163                 len = sizeof(sin6);
 164                 if (getsockname(s, (struct sockaddr *)&sin6, (void *)&len) < 0)
 165                 {
 166                         isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL,
 167                                       ISC_LOGMODULE_SOCKET, ISC_LOG_ERROR,
 168                                       "retrieving the address of an IPv6 "
 169                                       "socket from the kernel failed.");
 170                         isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL,
 171                                       ISC_LOGMODULE_SOCKET, ISC_LOG_ERROR,
 172                                       "IPv6 is not supported.");
 173                         result = ISC_R_NOTFOUND;
 174                 } else {
 175                         if (len == sizeof(struct sockaddr_in6))
 176                                 result = ISC_R_SUCCESS;
 177                         else {
 178                                 isc_log_write(isc_lctx,
 179                                               ISC_LOGCATEGORY_GENERAL,
 180                                               ISC_LOGMODULE_SOCKET,
 181                                               ISC_LOG_ERROR,
 182                                               "IPv6 structures in kernel and "
 183                                               "user space do not match.");
 184                                 isc_log_write(isc_lctx,
 185                                               ISC_LOGCATEGORY_GENERAL,
 186                                               ISC_LOGMODULE_SOCKET,
 187                                               ISC_LOG_ERROR,
 188                                               "IPv6 is not supported.");
 189                                 result = ISC_R_NOTFOUND;
 190                         }
 191                 }
 192         }
 193 #endif
 194 #endif
 195 #endif
 196
 197         (void)close(s);
 198
 199         return (result);
 200 }
 201
 202 static void
 203 initialize_action(void) {
 204         ipv4_result = try_proto(PF_INET);
 205 #ifdef ISC_PLATFORM_HAVEIPV6
 206 #ifdef WANT_IPV6
 207 #ifdef ISC_PLATFORM_HAVEIN6PKTINFO
 208         ipv6_result = try_proto(PF_INET6);
 209 #endif
 210 #endif
 211 #endif
 212 #ifdef ISC_PLATFORM_HAVESYSUNH
 213         unix_result = try_proto(PF_UNIX);
 214 #endif
 215 }
 216
 217 static void
 218 initialize(void) {
 219         RUNTIME_CHECK(isc_once_do(&once, initialize_action) == ISC_R_SUCCESS);
 220 }
 221
 222 isc_result_t
 223 isc_net_probeipv4(void) {
 224         initialize();
 225         return (ipv4_result);
 226 }
 227
 228 isc_result_t
 229 isc_net_probeipv6(void) {
 230         initialize();
 231         return (ipv6_result);
 232 }
 233
 234 isc_result_t
 235 isc_net_probeunix(void) {
 236         initialize();
 237         return (unix_result);
 238 }
 239
 240 #ifdef ISC_PLATFORM_HAVEIPV6
 241 #ifdef WANT_IPV6
 242 static void
 243 try_ipv6only(void) {
 244 #ifdef IPV6_V6ONLY
 245         int s, on;
 246         char strbuf[ISC_STRERRORSIZE];
 247 #endif
 248         isc_result_t result;
 249
 250         result = isc_net_probeipv6();
 251         if (result != ISC_R_SUCCESS) {
 252                 ipv6only_result = result;
 253                 return;
 254         }
 255
 256 #ifndef IPV6_V6ONLY
 257         ipv6only_result = ISC_R_NOTFOUND;
 258         return;
 259 #else
 260         /* check for TCP sockets */
 261         s = socket(PF_INET6, SOCK_STREAM, 0);
 262         if (s == -1) {
 263                 isc__strerror(errno, strbuf, sizeof(strbuf));
 264                 UNEXPECTED_ERROR(__FILE__, __LINE__,
 265                                  "socket() %s: %s",
 266                                  isc_msgcat_get(isc_msgcat,
 267                                                 ISC_MSGSET_GENERAL,
 268                                                 ISC_MSG_FAILED,
 269                                                 "failed"),
 270                                  strbuf);
 271                 ipv6only_result = ISC_R_UNEXPECTED;
 272                 return;
 273         }
 274
 275         on = 1;
 276         if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) < 0) {
 277                 ipv6only_result = ISC_R_NOTFOUND;
 278                 goto close;
 279         }
 280
 281         close(s);
 282
 283         /* check for UDP sockets */
 284         s = socket(PF_INET6, SOCK_DGRAM, 0);
 285         if (s == -1) {
 286                 isc__strerror(errno, strbuf, sizeof(strbuf));
 287                 UNEXPECTED_ERROR(__FILE__, __LINE__,
 288                                  "socket() %s: %s",
 289                                  isc_msgcat_get(isc_msgcat,
 290                                                 ISC_MSGSET_GENERAL,
 291                                                 ISC_MSG_FAILED,
 292                                                 "failed"),
 293                                  strbuf);
 294                 ipv6only_result = ISC_R_UNEXPECTED;
 295                 return;
 296         }
 297
 298         on = 1;
 299         if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) < 0) {
 300                 ipv6only_result = ISC_R_NOTFOUND;
 301                 goto close;
 302         }
 303
 304         ipv6only_result = ISC_R_SUCCESS;
 305
 306 close:
 307         close(s);
 308         return;
 309 #endif /* IPV6_V6ONLY */
 310 }
 311
 312 static void
 313 initialize_ipv6only(void) {
 314         RUNTIME_CHECK(isc_once_do(&once_ipv6only,
 315                                   try_ipv6only) == ISC_R_SUCCESS);
 316 }
 317 #endif /* WANT_IPV6 */
 318
 319 #ifdef ISC_PLATFORM_HAVEIN6PKTINFO
 320 static void
 321 try_ipv6pktinfo(void) {
 322         int s, on;
 323         char strbuf[ISC_STRERRORSIZE];
 324         isc_result_t result;
 325         int optname;
 326
 327         result = isc_net_probeipv6();
 328         if (result != ISC_R_SUCCESS) {
 329                 ipv6pktinfo_result = result;
 330                 return;
 331         }
 332
 333         /* we only use this for UDP sockets */
 334         s = socket(PF_INET6, SOCK_DGRAM, IPPROTO_UDP);
 335         if (s == -1) {
 336                 isc__strerror(errno, strbuf, sizeof(strbuf));
 337                 UNEXPECTED_ERROR(__FILE__, __LINE__,
 338                                  "socket() %s: %s",
 339                                  isc_msgcat_get(isc_msgcat,
 340                                                 ISC_MSGSET_GENERAL,
 341                                                 ISC_MSG_FAILED,
 342                                                 "failed"),
 343                                  strbuf);
 344                 ipv6pktinfo_result = ISC_R_UNEXPECTED;
 345                 return;
 346         }
 347
 348 #ifdef IPV6_RECVPKTINFO
 349         optname = IPV6_RECVPKTINFO;
 350 #else
 351         optname = IPV6_PKTINFO;
 352 #endif
 353         on = 1;
 354         if (setsockopt(s, IPPROTO_IPV6, optname, &on, sizeof(on)) < 0) {
 355                 ipv6pktinfo_result = ISC_R_NOTFOUND;
 356                 goto close;
 357         }
 358
 359         ipv6pktinfo_result = ISC_R_SUCCESS;
 360
 361 close:
 362         close(s);
 363         return;
 364 }
 365
 366 static void
 367 initialize_ipv6pktinfo(void) {
 368         RUNTIME_CHECK(isc_once_do(&once_ipv6pktinfo,
 369                                   try_ipv6pktinfo) == ISC_R_SUCCESS);
 370 }
 371 #endif /* ISC_PLATFORM_HAVEIN6PKTINFO */
 372 #endif /* ISC_PLATFORM_HAVEIPV6 */
 373
 374 isc_result_t
 375 isc_net_probe_ipv6only(void) {
 376 #ifdef ISC_PLATFORM_HAVEIPV6
 377 #ifdef WANT_IPV6
 378         initialize_ipv6only();
 379 #else
 380         ipv6only_result = ISC_R_NOTFOUND;
 381 #endif
 382 #endif
 383         return (ipv6only_result);
 384 }
 385
 386 isc_result_t
 387 isc_net_probe_ipv6pktinfo(void) {
 388 #ifdef ISC_PLATFORM_HAVEIPV6
 389 #ifdef ISC_PLATFORM_HAVEIN6PKTINFO
 390 #ifdef WANT_IPV6
 391         initialize_ipv6pktinfo();
 392 #else
 393         ipv6pktinfo_result = ISC_R_NOTFOUND;
 394 #endif
 395 #endif
 396 #endif
 397         return (ipv6pktinfo_result);
 398 }
 399
 400 #if defined(USE_SYSCTL_PORTRANGE)
 401 #if defined(HAVE_SYSCTLBYNAME)
 402 static isc_result_t
 403 getudpportrange_sysctl(int af, in_port_t *low, in_port_t *high) {
 404         int port_low, port_high;
 405         size_t portlen;
 406         const char *sysctlname_lowport, *sysctlname_hiport;
 407
 408         if (af == AF_INET) {
 409                 sysctlname_lowport = SYSCTL_V4PORTRANGE_LOW;
 410                 sysctlname_hiport = SYSCTL_V4PORTRANGE_HIGH;
 411         } else {
 412                 sysctlname_lowport = SYSCTL_V6PORTRANGE_LOW;
 413                 sysctlname_hiport = SYSCTL_V6PORTRANGE_HIGH;
 414         }
 415         portlen = sizeof(portlen);
 416         if (sysctlbyname(sysctlname_lowport, &port_low, &portlen,
 417                          NULL, 0) < 0) {
 418                 return (ISC_R_FAILURE);
 419         }
 420         portlen = sizeof(portlen);
 421         if (sysctlbyname(sysctlname_hiport, &port_high, &portlen,
 422                          NULL, 0) < 0) {
 423                 return (ISC_R_FAILURE);
 424         }
 425         if ((port_low & ~0xffff) != 0 || (port_high & ~0xffff) != 0)
 426                 return (ISC_R_RANGE);
 427
 428         *low = (in_port_t)port_low;
 429         *high = (in_port_t)port_high;
 430
 431         return (ISC_R_SUCCESS);
 432 }
 433 #else /* !HAVE_SYSCTLBYNAME */
 434 static isc_result_t
 435 getudpportrange_sysctl(int af, in_port_t *low, in_port_t *high) {
 436         int mib_lo4[4] = SYSCTL_V4PORTRANGE_LOW;
 437         int mib_hi4[4] = SYSCTL_V4PORTRANGE_HIGH;
 438         int mib_lo6[4] = SYSCTL_V6PORTRANGE_LOW;
 439         int mib_hi6[4] = SYSCTL_V6PORTRANGE_HIGH;
 440         int *mib_lo, *mib_hi, miblen;
 441         int port_low, port_high;
 442         size_t portlen;
 443
 444         if (af == AF_INET) {
 445                 mib_lo = mib_lo4;
 446                 mib_hi = mib_hi4;
 447                 miblen = sizeof(mib_lo4) / sizeof(mib_lo4[0]);
 448         } else {
 449                 mib_lo = mib_lo6;
 450                 mib_hi = mib_hi6;
 451                 miblen = sizeof(mib_lo6) / sizeof(mib_lo6[0]);
 452         }
 453
 454         portlen = sizeof(portlen);
 455         if (sysctl(mib_lo, miblen, &port_low, &portlen, NULL, 0) < 0) {
 456                 return (ISC_R_FAILURE);
 457         }
 458
 459         portlen = sizeof(portlen);
 460         if (sysctl(mib_hi, miblen, &port_high, &portlen, NULL, 0) < 0) {
 461                 return (ISC_R_FAILURE);
 462         }
 463
 464         if ((port_low & ~0xffff) != 0 || (port_high & ~0xffff) != 0)
 465                 return (ISC_R_RANGE);
 466
 467         *low = (in_port_t) port_low;
 468         *high = (in_port_t) port_high;
 469
 470         return (ISC_R_SUCCESS);
 471 }
 472 #endif /* HAVE_SYSCTLBYNAME */
 473 #endif /* USE_SYSCTL_PORTRANGE */
 474
 475 isc_result_t
 476 isc_net_getudpportrange(int af, in_port_t *low, in_port_t *high) {
 477         int result = ISC_R_FAILURE;
 478
 479         REQUIRE(low != NULL && high != NULL);
 480
 481 #if defined(USE_SYSCTL_PORTRANGE)
 482         result = getudpportrange_sysctl(af, low, high);
 483 #else
 484         UNUSED(af);
 485 #endif
 486
 487         if (result != ISC_R_SUCCESS) {
 488                 *low = ISC_NET_PORTRANGELOW;
 489                 *high = ISC_NET_PORTRANGEHIGH;
 490         }
 491
 492         return (ISC_R_SUCCESS); /* we currently never fail in this function */
 493 }
 494
 495 void
 496 isc_net_disableipv4(void) {
 497         initialize();
 498         if (ipv4_result == ISC_R_SUCCESS)
 499                 ipv4_result = ISC_R_DISABLED;
 500 }
 501
 502 void
 503 isc_net_disableipv6(void) {
 504         initialize();
 505         if (ipv6_result == ISC_R_SUCCESS)
 506                 ipv6_result = ISC_R_DISABLED;
 507 }
 508
 509 void
 510 isc_net_enableipv4(void) {
 511         initialize();
 512         if (ipv4_result == ISC_R_DISABLED)
 513                 ipv4_result = ISC_R_SUCCESS;
 514 }
 515
 516 void
 517 isc_net_enableipv6(void) {
 518         initialize();
 519         if (ipv6_result == ISC_R_DISABLED)
 520                 ipv6_result = ISC_R_SUCCESS;
 521 }