2 * Copyright (c) 2001-2007, by Cisco Systems, Inc. All rights reserved.
3 * Copyright (c) 2008-2012, by Randall Stewart. All rights reserved.
4 * Copyright (c) 2008-2012, by Michael Tuexen. All rights reserved.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions are met:
9 * a) Redistributions of source code must retain the above copyright notice,
10 * this list of conditions and the following disclaimer.
12 * b) Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the distribution.
16 * c) Neither the name of Cisco Systems, Inc. nor the names of its
17 * contributors may be used to endorse or promote products derived
18 * from this software without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
22 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
24 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
30 * THE POSSIBILITY OF SUCH DAMAGE.
33 #include <sys/cdefs.h>
34 __FBSDID("$FreeBSD$");
36 #include <netinet/sctp_os.h>
38 #include <netinet/sctp_pcb.h>
39 #include <netinet/sctp_header.h>
40 #include <netinet/sctp_var.h>
42 #include <netinet6/sctp6_var.h>
44 #include <netinet/sctp_sysctl.h>
45 #include <netinet/sctp_output.h>
46 #include <netinet/sctp_uio.h>
47 #include <netinet/sctp_asconf.h>
48 #include <netinet/sctputil.h>
49 #include <netinet/sctp_indata.h>
50 #include <netinet/sctp_timer.h>
51 #include <netinet/sctp_auth.h>
52 #include <netinet/sctp_input.h>
53 #include <netinet/sctp_output.h>
54 #include <netinet/sctp_bsd_addr.h>
55 #include <netinet/sctp_crc32.h>
56 #include <netinet/udp.h>
59 #include <netipsec/ipsec.h>
61 #include <netipsec/ipsec6.h>
65 extern struct protosw inetsw[];
68 sctp6_input(struct mbuf **i_pak, int *offp, int proto)
73 struct sctp_inpcb *in6p = NULL;
74 struct sctp_nets *net;
79 struct inpcb *in6p_ip;
82 struct sctp_chunkhdr *ch;
83 int length, offset, iphlen;
85 struct sctp_tcb *stcb = NULL;
88 #if !defined(SCTP_WITH_NO_CSUM)
89 uint32_t check, calc_check;
95 /* get the VRF and table id's */
96 if (SCTP_GET_PKT_VRFID(*i_pak, vrf_id)) {
97 SCTP_RELEASE_PKT(*i_pak);
100 m = SCTP_HEADER_TO_CHAIN(*i_pak);
101 pkt_len = SCTP_HEADER_LEN((*i_pak));
103 #ifdef SCTP_PACKET_LOGGING
104 sctp_packet_log(m, pkt_len);
106 ip6 = mtod(m, struct ip6_hdr *);
107 /* Ensure that (sctphdr + sctp_chunkhdr) in a row. */
108 IP6_EXTHDR_GET(sh, struct sctphdr *, m, off,
109 (int)(sizeof(*sh) + sizeof(*ch)));
111 SCTP_STAT_INCR(sctps_hdrops);
112 return (IPPROTO_DONE);
114 ch = (struct sctp_chunkhdr *)((caddr_t)sh + sizeof(struct sctphdr));
116 offset = iphlen + sizeof(*sh) + sizeof(*ch);
117 SCTPDBG(SCTP_DEBUG_INPUT1,
118 "sctp6_input() length:%d iphlen:%d\n", pkt_len, iphlen);
121 #if defined(NFAITH) && NFAITH > 0
123 if (faithprefix_p != NULL && (*faithprefix_p) (&ip6->ip6_dst)) {
124 /* XXX send icmp6 host/port unreach? */
127 #endif /* NFAITH defined and > 0 */
128 SCTP_STAT_INCR(sctps_recvpackets);
129 SCTP_STAT_INCR_COUNTER64(sctps_inpackets);
130 SCTPDBG(SCTP_DEBUG_INPUT1, "V6 input gets a packet iphlen:%d pktlen:%d\n",
132 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
133 /* No multi-cast support in SCTP */
136 /* destination port of 0 is illegal, based on RFC2960. */
137 if (sh->dest_port == 0)
140 SCTPDBG(SCTP_DEBUG_CRCOFFLOAD,
141 "sctp_input(): Packet of length %d received on %s with csum_flags 0x%x.\n",
143 if_name(m->m_pkthdr.rcvif),
144 m->m_pkthdr.csum_flags);
145 #if defined(SCTP_WITH_NO_CSUM)
146 SCTP_STAT_INCR(sctps_recvnocrc);
148 if (m->m_pkthdr.csum_flags & CSUM_SCTP_VALID) {
149 SCTP_STAT_INCR(sctps_recvhwcrc);
152 check = sh->checksum; /* save incoming checksum */
153 sh->checksum = 0; /* prepare for calc */
154 calc_check = sctp_calculate_cksum(m, iphlen);
155 SCTP_STAT_INCR(sctps_recvswcrc);
156 if (calc_check != check) {
157 SCTPDBG(SCTP_DEBUG_INPUT1, "Bad CSUM on SCTP packet calc_check:%x check:%x m:%p phlen:%d\n",
158 calc_check, check, m, iphlen);
159 stcb = sctp_findassociation_addr(m, offset - sizeof(*ch),
160 sh, ch, &in6p, &net, vrf_id);
161 if ((net) && (port)) {
162 if (net->port == 0) {
163 sctp_pathmtu_adjustment(stcb, net->mtu - sizeof(struct udphdr));
167 if ((net != NULL) && (m->m_flags & M_FLOWID)) {
168 net->flowid = m->m_pkthdr.flowid;
173 /* in6p's ref-count increased && stcb locked */
174 if ((in6p) && (stcb)) {
175 sctp_send_packet_dropped(stcb, net, m, iphlen, 1);
176 sctp_chunk_output((struct sctp_inpcb *)in6p, stcb, SCTP_OUTPUT_FROM_INPUT_ERROR, SCTP_SO_NOT_LOCKED);
177 } else if ((in6p != NULL) && (stcb == NULL)) {
180 SCTP_STAT_INCR(sctps_badsum);
181 SCTP_STAT_INCR_COUNTER32(sctps_checksumerrors);
184 sh->checksum = calc_check;
190 * Locate pcb and tcb for datagram sctp_findassociation_addr() wants
191 * IP/SCTP/first chunk header...
193 stcb = sctp_findassociation_addr(m, offset - sizeof(*ch),
194 sh, ch, &in6p, &net, vrf_id);
195 if ((net) && (port)) {
196 if (net->port == 0) {
197 sctp_pathmtu_adjustment(stcb, net->mtu - sizeof(struct udphdr));
201 if ((net != NULL) && (m->m_flags & M_FLOWID)) {
202 net->flowid = m->m_pkthdr.flowid;
207 /* in6p's ref-count increased */
209 struct sctp_init_chunk *init_chk, chunk_buf;
211 SCTP_STAT_INCR(sctps_noport);
212 if (ch->chunk_type == SCTP_INITIATION) {
214 * we do a trick here to get the INIT tag, dig in
215 * and get the tag from the INIT and put it in the
218 init_chk = (struct sctp_init_chunk *)sctp_m_getptr(m,
219 iphlen + sizeof(*sh), sizeof(*init_chk),
220 (uint8_t *) & chunk_buf);
222 sh->v_tag = init_chk->init.initiate_tag;
226 if (ch->chunk_type == SCTP_SHUTDOWN_ACK) {
227 sctp_send_shutdown_complete2(m, sh, vrf_id, port);
230 if (ch->chunk_type == SCTP_SHUTDOWN_COMPLETE) {
233 if (ch->chunk_type != SCTP_ABORT_ASSOCIATION) {
234 if ((SCTP_BASE_SYSCTL(sctp_blackhole) == 0) ||
235 ((SCTP_BASE_SYSCTL(sctp_blackhole) == 1) &&
236 (ch->chunk_type != SCTP_INIT))) {
237 sctp_send_abort(m, iphlen, sh, 0, NULL, vrf_id, port);
241 } else if (stcb == NULL) {
246 * Check AH/ESP integrity.
248 in6p_ip = (struct inpcb *)in6p;
249 if (in6p_ip && (ipsec6_in_reject(m, in6p_ip))) {
251 MODULE_GLOBAL(ipsec6stat).in_polvio++;
257 * CONTROL chunk processing
259 offset -= sizeof(*ch);
260 ecn_bits = ((ntohl(ip6->ip6_flow) >> 20) & 0x000000ff);
262 /* Length now holds the total packet length payload + iphlen */
263 length = ntohs(ip6->ip6_plen) + iphlen;
265 /* sa_ignore NO_NULL_CHK */
266 sctp_common_input_processing(&m, iphlen, offset, length, sh, ch,
267 in6p, stcb, net, ecn_bits, vrf_id, port);
268 /* inp's ref-count reduced && stcb unlocked */
269 /* XXX this stuff below gets moved to appropriate parts later... */
272 if ((in6p) && refcount_up) {
273 /* reduce ref-count */
274 SCTP_INP_WLOCK(in6p);
275 SCTP_INP_DECR_REF(in6p);
276 SCTP_INP_WUNLOCK(in6p);
278 return (IPPROTO_DONE);
282 SCTP_TCB_UNLOCK(stcb);
284 if ((in6p) && refcount_up) {
285 /* reduce ref-count */
286 SCTP_INP_WLOCK(in6p);
287 SCTP_INP_DECR_REF(in6p);
288 SCTP_INP_WUNLOCK(in6p);
292 return (IPPROTO_DONE);
297 sctp6_notify_mbuf(struct sctp_inpcb *inp, struct icmp6_hdr *icmp6,
298 struct sctphdr *sh, struct sctp_tcb *stcb, struct sctp_nets *net)
302 if ((inp == NULL) || (stcb == NULL) || (net == NULL) ||
303 (icmp6 == NULL) || (sh == NULL)) {
306 /* First do we even look at it? */
307 if (ntohl(sh->v_tag) != (stcb->asoc.peer_vtag))
310 if (icmp6->icmp6_type != ICMP6_PACKET_TOO_BIG) {
311 /* not PACKET TO BIG */
315 * ok we need to look closely. We could even get smarter and look at
316 * anyone that we sent to in case we get a different ICMP that tells
317 * us there is no way to reach a host, but for this impl, all we
318 * care about is MTU discovery.
320 nxtsz = ntohl(icmp6->icmp6_mtu);
321 /* Stop any PMTU timer */
322 sctp_timer_stop(SCTP_TIMER_TYPE_PATHMTURAISE, inp, stcb, NULL, SCTP_FROM_SCTP6_USRREQ + SCTP_LOC_1);
324 /* Adjust destination size limit */
325 if (net->mtu > nxtsz) {
328 net->mtu -= sizeof(struct udphdr);
331 /* now what about the ep? */
332 if (stcb->asoc.smallest_mtu > nxtsz) {
333 struct sctp_tmit_chunk *chk;
335 /* Adjust that too */
336 stcb->asoc.smallest_mtu = nxtsz;
337 /* now off to subtract IP_DF flag if needed */
339 TAILQ_FOREACH(chk, &stcb->asoc.send_queue, sctp_next) {
340 if ((uint32_t) (chk->send_size + IP_HDR_SIZE) > nxtsz) {
341 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK;
344 TAILQ_FOREACH(chk, &stcb->asoc.sent_queue, sctp_next) {
345 if ((uint32_t) (chk->send_size + IP_HDR_SIZE) > nxtsz) {
347 * For this guy we also mark for immediate
348 * resend since we sent to big of chunk
350 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK;
351 if (chk->sent != SCTP_DATAGRAM_RESEND)
352 stcb->asoc.sent_queue_retran_cnt++;
353 chk->sent = SCTP_DATAGRAM_RESEND;
354 chk->rec.data.doing_fast_retransmit = 0;
356 chk->sent = SCTP_DATAGRAM_RESEND;
357 /* Clear any time so NO RTT is being done */
358 chk->sent_rcv_time.tv_sec = 0;
359 chk->sent_rcv_time.tv_usec = 0;
360 stcb->asoc.total_flight -= chk->send_size;
361 net->flight_size -= chk->send_size;
365 sctp_timer_start(SCTP_TIMER_TYPE_PATHMTURAISE, inp, stcb, NULL);
368 SCTP_TCB_UNLOCK(stcb);
374 sctp6_notify(struct sctp_inpcb *inp,
375 struct icmp6_hdr *icmph,
378 struct sctp_tcb *stcb,
379 struct sctp_nets *net)
381 #if defined (__APPLE__) || defined(SCTP_SO_LOCK_TESTING)
387 if ((inp == NULL) || (stcb == NULL) || (net == NULL) ||
388 (sh == NULL) || (to == NULL)) {
390 SCTP_TCB_UNLOCK(stcb);
393 /* First job is to verify the vtag matches what I would send */
394 if (ntohl(sh->v_tag) != (stcb->asoc.peer_vtag)) {
395 SCTP_TCB_UNLOCK(stcb);
398 if (icmph->icmp6_type != ICMP_UNREACH) {
399 /* We only care about unreachable */
400 SCTP_TCB_UNLOCK(stcb);
403 if ((icmph->icmp6_code == ICMP_UNREACH_NET) ||
404 (icmph->icmp6_code == ICMP_UNREACH_HOST) ||
405 (icmph->icmp6_code == ICMP_UNREACH_NET_UNKNOWN) ||
406 (icmph->icmp6_code == ICMP_UNREACH_HOST_UNKNOWN) ||
407 (icmph->icmp6_code == ICMP_UNREACH_ISOLATED) ||
408 (icmph->icmp6_code == ICMP_UNREACH_NET_PROHIB) ||
409 (icmph->icmp6_code == ICMP_UNREACH_HOST_PROHIB) ||
410 (icmph->icmp6_code == ICMP_UNREACH_FILTER_PROHIB)) {
413 * Hmm reachablity problems we must examine closely. If its
414 * not reachable, we may have lost a network. Or if there is
415 * NO protocol at the other end named SCTP. well we consider
418 if (net->dest_state & SCTP_ADDR_REACHABLE) {
419 /* Ok that destination is NOT reachable */
420 net->dest_state &= ~SCTP_ADDR_REACHABLE;
421 net->dest_state &= ~SCTP_ADDR_PF;
422 sctp_ulp_notify(SCTP_NOTIFY_INTERFACE_DOWN,
423 stcb, 0, (void *)net, SCTP_SO_NOT_LOCKED);
425 SCTP_TCB_UNLOCK(stcb);
426 } else if ((icmph->icmp6_code == ICMP_UNREACH_PROTOCOL) ||
427 (icmph->icmp6_code == ICMP_UNREACH_PORT)) {
429 * Here the peer is either playing tricks on us, including
430 * an address that belongs to someone who does not support
431 * SCTP OR was a userland implementation that shutdown and
432 * now is dead. In either case treat it like a OOTB abort
435 sctp_abort_notification(stcb, 1, 0, NULL, SCTP_SO_NOT_LOCKED);
436 #if defined (__APPLE__) || defined(SCTP_SO_LOCK_TESTING)
437 so = SCTP_INP_SO(inp);
438 atomic_add_int(&stcb->asoc.refcnt, 1);
439 SCTP_TCB_UNLOCK(stcb);
440 SCTP_SOCKET_LOCK(so, 1);
442 atomic_subtract_int(&stcb->asoc.refcnt, 1);
444 (void)sctp_free_assoc(inp, stcb, SCTP_NORMAL_PROC, SCTP_FROM_SCTP_USRREQ + SCTP_LOC_2);
445 #if defined (__APPLE__) || defined(SCTP_SO_LOCK_TESTING)
446 SCTP_SOCKET_UNLOCK(so, 1);
447 /* SCTP_TCB_UNLOCK(stcb); MT: I think this is not needed. */
449 /* no need to unlock here, since the TCB is gone */
451 SCTP_TCB_UNLOCK(stcb);
458 sctp6_ctlinput(int cmd, struct sockaddr *pktdst, void *d)
461 struct ip6ctlparam *ip6cp = NULL;
464 vrf_id = SCTP_DEFAULT_VRFID;
466 if (pktdst->sa_family != AF_INET6 ||
467 pktdst->sa_len != sizeof(struct sockaddr_in6))
470 if ((unsigned)cmd >= PRC_NCMDS)
472 if (PRC_IS_REDIRECT(cmd)) {
474 } else if (inet6ctlerrmap[cmd] == 0) {
477 /* if the parameter is from icmp6, decode it. */
479 ip6cp = (struct ip6ctlparam *)d;
481 ip6cp = (struct ip6ctlparam *)NULL;
486 * XXX: We assume that when IPV6 is non NULL, M and OFF are
489 /* check if we can safely examine src and dst ports */
490 struct sctp_inpcb *inp = NULL;
491 struct sctp_tcb *stcb = NULL;
492 struct sctp_nets *net = NULL;
493 struct sockaddr_in6 final;
495 if (ip6cp->ip6c_m == NULL)
498 bzero(&sh, sizeof(sh));
499 bzero(&final, sizeof(final));
502 m_copydata(ip6cp->ip6c_m, ip6cp->ip6c_off, sizeof(sh),
504 ip6cp->ip6c_src->sin6_port = sh.src_port;
505 final.sin6_len = sizeof(final);
506 final.sin6_family = AF_INET6;
507 final.sin6_addr = ((struct sockaddr_in6 *)pktdst)->sin6_addr;
508 final.sin6_port = sh.dest_port;
509 stcb = sctp_findassociation_addr_sa((struct sockaddr *)ip6cp->ip6c_src,
510 (struct sockaddr *)&final,
511 &inp, &net, 1, vrf_id);
512 /* inp's ref-count increased && stcb locked */
513 if (stcb != NULL && inp && (inp->sctp_socket != NULL)) {
514 if (cmd == PRC_MSGSIZE) {
515 sctp6_notify_mbuf(inp,
520 /* inp's ref-count reduced && stcb unlocked */
522 sctp6_notify(inp, ip6cp->ip6c_icmp6, &sh,
523 (struct sockaddr *)&final,
525 /* inp's ref-count reduced && stcb unlocked */
528 if (PRC_IS_REDIRECT(cmd) && inp) {
529 in6_rtchange((struct in6pcb *)inp,
530 inet6ctlerrmap[cmd]);
533 /* reduce inp's ref-count */
535 SCTP_INP_DECR_REF(inp);
536 SCTP_INP_WUNLOCK(inp);
539 SCTP_TCB_UNLOCK(stcb);
545 * this routine can probably be collasped into the one in sctp_userreq.c
546 * since they do the same thing and now we lookup with a sockaddr
549 sctp6_getcred(SYSCTL_HANDLER_ARGS)
552 struct sockaddr_in6 addrs[2];
553 struct sctp_inpcb *inp;
554 struct sctp_nets *net;
555 struct sctp_tcb *stcb;
559 vrf_id = SCTP_DEFAULT_VRFID;
561 error = priv_check(req->td, PRIV_NETINET_GETCRED);
565 if (req->newlen != sizeof(addrs)) {
566 SCTP_LTRACE_ERR_RET(NULL, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
569 if (req->oldlen != sizeof(struct ucred)) {
570 SCTP_LTRACE_ERR_RET(NULL, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
573 error = SYSCTL_IN(req, addrs, sizeof(addrs));
577 stcb = sctp_findassociation_addr_sa(sin6tosa(&addrs[0]),
579 &inp, &net, 1, vrf_id);
580 if (stcb == NULL || inp == NULL || inp->sctp_socket == NULL) {
581 if ((inp != NULL) && (stcb == NULL)) {
582 /* reduce ref-count */
584 SCTP_INP_DECR_REF(inp);
587 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, ENOENT);
591 SCTP_TCB_UNLOCK(stcb);
593 * We use the write lock here, only since in the error leg we need
594 * it. If we used RLOCK, then we would have to
595 * wlock/decr/unlock/rlock. Which in theory could create a hole.
596 * Better to use higher wlock.
600 error = cr_canseesocket(req->td->td_ucred, inp->sctp_socket);
602 SCTP_INP_WUNLOCK(inp);
605 cru2x(inp->sctp_socket->so_cred, &xuc);
606 SCTP_INP_WUNLOCK(inp);
607 error = SYSCTL_OUT(req, &xuc, sizeof(struct xucred));
612 SYSCTL_PROC(_net_inet6_sctp6, OID_AUTO, getcred, CTLTYPE_OPAQUE | CTLFLAG_RW,
614 sctp6_getcred, "S,ucred", "Get the ucred of a SCTP6 connection");
617 /* This is the same as the sctp_abort() could be made common */
619 sctp6_abort(struct socket *so)
621 struct sctp_inpcb *inp;
624 inp = (struct sctp_inpcb *)so->so_pcb;
626 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
630 flags = inp->sctp_flags;
631 #ifdef SCTP_LOG_CLOSING
632 sctp_log_closing(inp, NULL, 17);
634 if (((flags & SCTP_PCB_FLAGS_SOCKET_GONE) == 0) &&
635 (atomic_cmpset_int(&inp->sctp_flags, flags, (flags | SCTP_PCB_FLAGS_SOCKET_GONE | SCTP_PCB_FLAGS_CLOSE_IP)))) {
636 #ifdef SCTP_LOG_CLOSING
637 sctp_log_closing(inp, NULL, 16);
639 sctp_inpcb_free(inp, SCTP_FREE_SHOULD_USE_ABORT,
640 SCTP_CALLED_AFTER_CMPSET_OFCLOSE);
642 SCTP_SB_CLEAR(so->so_snd);
644 * same for the rcv ones, they are only here for the
647 SCTP_SB_CLEAR(so->so_rcv);
648 /* Now null out the reference, we are completely detached. */
652 flags = inp->sctp_flags;
653 if ((flags & SCTP_PCB_FLAGS_SOCKET_GONE) == 0) {
654 goto sctp_must_try_again;
661 sctp6_attach(struct socket *so, int proto SCTP_UNUSED, struct thread *p SCTP_UNUSED)
665 struct sctp_inpcb *inp;
666 uint32_t vrf_id = SCTP_DEFAULT_VRFID;
668 inp = (struct sctp_inpcb *)so->so_pcb;
670 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
673 if (so->so_snd.sb_hiwat == 0 || so->so_rcv.sb_hiwat == 0) {
674 error = SCTP_SORESERVE(so, SCTP_BASE_SYSCTL(sctp_sendspace), SCTP_BASE_SYSCTL(sctp_recvspace));
678 error = sctp_inpcb_alloc(so, vrf_id);
681 inp = (struct sctp_inpcb *)so->so_pcb;
683 inp->sctp_flags |= SCTP_PCB_FLAGS_BOUND_V6; /* I'm v6! */
684 inp6 = (struct in6pcb *)inp;
686 inp6->inp_vflag |= INP_IPV6;
687 inp6->in6p_hops = -1; /* use kernel default */
688 inp6->in6p_cksum = -1; /* just to be sure */
691 * XXX: ugly!! IPv4 TTL initialization is necessary for an IPv6
692 * socket as well, because the socket may be bound to an IPv6
693 * wildcard address, which may match an IPv4-mapped IPv6 address.
695 inp6->inp_ip_ttl = MODULE_GLOBAL(ip_defttl);
698 * Hmm what about the IPSEC stuff that is missing here but in
701 SCTP_INP_WUNLOCK(inp);
706 sctp6_bind(struct socket *so, struct sockaddr *addr, struct thread *p)
708 struct sctp_inpcb *inp;
712 inp = (struct sctp_inpcb *)so->so_pcb;
714 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
718 switch (addr->sa_family) {
721 if (addr->sa_len != sizeof(struct sockaddr_in)) {
722 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
729 if (addr->sa_len != sizeof(struct sockaddr_in6)) {
730 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
736 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
740 inp6 = (struct in6pcb *)inp;
741 inp6->inp_vflag &= ~INP_IPV4;
742 inp6->inp_vflag |= INP_IPV6;
743 if ((addr != NULL) && (SCTP_IPV6_V6ONLY(inp6) == 0)) {
744 switch (addr->sa_family) {
747 /* binding v4 addr to v6 socket, so reset flags */
748 inp6->inp_vflag |= INP_IPV4;
749 inp6->inp_vflag &= ~INP_IPV6;
755 struct sockaddr_in6 *sin6_p;
757 sin6_p = (struct sockaddr_in6 *)addr;
759 if (IN6_IS_ADDR_UNSPECIFIED(&sin6_p->sin6_addr)) {
760 inp6->inp_vflag |= INP_IPV4;
763 if (IN6_IS_ADDR_V4MAPPED(&sin6_p->sin6_addr)) {
764 struct sockaddr_in sin;
766 in6_sin6_2_sin(&sin, sin6_p);
767 inp6->inp_vflag |= INP_IPV4;
768 inp6->inp_vflag &= ~INP_IPV6;
769 error = sctp_inpcb_bind(so, (struct sockaddr *)&sin, NULL, p);
779 } else if (addr != NULL) {
780 struct sockaddr_in6 *sin6_p;
782 /* IPV6_V6ONLY socket */
784 if (addr->sa_family == AF_INET) {
785 /* can't bind v4 addr to v6 only socket! */
786 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
790 sin6_p = (struct sockaddr_in6 *)addr;
792 if (IN6_IS_ADDR_V4MAPPED(&sin6_p->sin6_addr)) {
793 /* can't bind v4-mapped addrs either! */
794 /* NOTE: we don't support SIIT */
795 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
799 error = sctp_inpcb_bind(so, addr, NULL, p);
805 sctp6_close(struct socket *so)
810 /* This could be made common with sctp_detach() since they are identical */
814 sctp6_disconnect(struct socket *so)
816 return (sctp_disconnect(so));
821 sctp_sendm(struct socket *so, int flags, struct mbuf *m, struct sockaddr *addr,
822 struct mbuf *control, struct thread *p);
826 sctp6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *addr,
827 struct mbuf *control, struct thread *p)
829 struct sctp_inpcb *inp;
833 struct sockaddr_in6 *sin6;
836 /* No SPL needed since sctp_output does this */
838 inp = (struct sctp_inpcb *)so->so_pcb;
841 SCTP_RELEASE_PKT(control);
845 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
848 inp6 = (struct in6pcb *)inp;
850 * For the TCP model we may get a NULL addr, if we are a connected
853 if ((inp->sctp_flags & SCTP_PCB_FLAGS_CONNECTED) &&
860 SCTP_RELEASE_PKT(control);
863 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EDESTADDRREQ);
864 return (EDESTADDRREQ);
867 sin6 = (struct sockaddr_in6 *)addr;
868 if (SCTP_IPV6_V6ONLY(inp6)) {
870 * if IPV6_V6ONLY flag, we discard datagrams destined to a
871 * v4 addr or v4-mapped addr
873 if (addr->sa_family == AF_INET) {
874 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
877 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) {
878 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
882 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) {
883 if (!MODULE_GLOBAL(ip6_v6only)) {
884 struct sockaddr_in sin;
886 /* convert v4-mapped into v4 addr and send */
887 in6_sin6_2_sin(&sin, sin6);
888 return (sctp_sendm(so, flags, m, (struct sockaddr *)&sin,
891 /* mapped addresses aren't enabled */
892 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
898 /* now what about control */
901 SCTP_PRINTF("huh? control set?\n");
902 SCTP_RELEASE_PKT(inp->control);
905 inp->control = control;
909 SCTP_BUF_NEXT(inp->pkt_last) = m;
912 inp->pkt_last = inp->pkt = m;
915 /* FreeBSD and MacOSX uses a flag passed */
916 ((flags & PRUS_MORETOCOME) == 0)
919 * note with the current version this code will only be used
920 * by OpenBSD, NetBSD and FreeBSD have methods for
921 * re-defining sosend() to use sctp_sosend(). One can
922 * optionaly switch back to this code (by changing back the
923 * defininitions but this is not advisable.
927 ret = sctp_output(inp, inp->pkt, addr, inp->control, p, flags);
937 sctp6_connect(struct socket *so, struct sockaddr *addr, struct thread *p)
941 struct sctp_inpcb *inp;
943 struct sctp_tcb *stcb;
946 struct sockaddr_in6 *sin6;
947 struct sockaddr_storage ss;
951 inp6 = (struct in6pcb *)so->so_pcb;
952 inp = (struct sctp_inpcb *)so->so_pcb;
954 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, ECONNRESET);
955 return (ECONNRESET); /* I made the same as TCP since we are
959 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
962 switch (addr->sa_family) {
965 if (addr->sa_len != sizeof(struct sockaddr_in)) {
966 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
973 if (addr->sa_len != sizeof(struct sockaddr_in6)) {
974 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
980 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
984 vrf_id = inp->def_vrf_id;
985 SCTP_ASOC_CREATE_LOCK(inp);
987 if ((inp->sctp_flags & SCTP_PCB_FLAGS_UNBOUND) ==
988 SCTP_PCB_FLAGS_UNBOUND) {
989 /* Bind a ephemeral port */
990 SCTP_INP_RUNLOCK(inp);
991 error = sctp6_bind(so, NULL, p);
993 SCTP_ASOC_CREATE_UNLOCK(inp);
999 if ((inp->sctp_flags & SCTP_PCB_FLAGS_TCPTYPE) &&
1000 (inp->sctp_flags & SCTP_PCB_FLAGS_CONNECTED)) {
1001 /* We are already connected AND the TCP model */
1002 SCTP_INP_RUNLOCK(inp);
1003 SCTP_ASOC_CREATE_UNLOCK(inp);
1004 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EADDRINUSE);
1005 return (EADDRINUSE);
1008 sin6 = (struct sockaddr_in6 *)addr;
1009 if (SCTP_IPV6_V6ONLY(inp6)) {
1011 * if IPV6_V6ONLY flag, ignore connections destined to a v4
1012 * addr or v4-mapped addr
1014 if (addr->sa_family == AF_INET) {
1015 SCTP_INP_RUNLOCK(inp);
1016 SCTP_ASOC_CREATE_UNLOCK(inp);
1017 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
1020 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) {
1021 SCTP_INP_RUNLOCK(inp);
1022 SCTP_ASOC_CREATE_UNLOCK(inp);
1023 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
1027 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) {
1028 if (!MODULE_GLOBAL(ip6_v6only)) {
1029 /* convert v4-mapped into v4 addr */
1030 in6_sin6_2_sin((struct sockaddr_in *)&ss, sin6);
1031 addr = (struct sockaddr *)&ss;
1033 /* mapped addresses aren't enabled */
1034 SCTP_INP_RUNLOCK(inp);
1035 SCTP_ASOC_CREATE_UNLOCK(inp);
1036 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
1041 /* Now do we connect? */
1042 if (inp->sctp_flags & SCTP_PCB_FLAGS_CONNECTED) {
1043 stcb = LIST_FIRST(&inp->sctp_asoc_list);
1045 SCTP_TCB_UNLOCK(stcb);
1047 SCTP_INP_RUNLOCK(inp);
1049 SCTP_INP_RUNLOCK(inp);
1050 SCTP_INP_WLOCK(inp);
1051 SCTP_INP_INCR_REF(inp);
1052 SCTP_INP_WUNLOCK(inp);
1053 stcb = sctp_findassociation_ep_addr(&inp, addr, NULL, NULL, NULL);
1055 SCTP_INP_WLOCK(inp);
1056 SCTP_INP_DECR_REF(inp);
1057 SCTP_INP_WUNLOCK(inp);
1062 /* Already have or am bring up an association */
1063 SCTP_ASOC_CREATE_UNLOCK(inp);
1064 SCTP_TCB_UNLOCK(stcb);
1065 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EALREADY);
1068 /* We are GOOD to go */
1069 stcb = sctp_aloc_assoc(inp, addr, &error, 0, vrf_id, p);
1070 SCTP_ASOC_CREATE_UNLOCK(inp);
1072 /* Gak! no memory */
1075 if (stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_TCPTYPE) {
1076 stcb->sctp_ep->sctp_flags |= SCTP_PCB_FLAGS_CONNECTED;
1077 /* Set the connected flag so we can queue data */
1080 stcb->asoc.state = SCTP_STATE_COOKIE_WAIT;
1081 (void)SCTP_GETTIME_TIMEVAL(&stcb->asoc.time_entered);
1083 /* initialize authentication parameters for the assoc */
1084 sctp_initialize_auth_params(inp, stcb);
1086 sctp_send_initiate(inp, stcb, SCTP_SO_LOCKED);
1087 SCTP_TCB_UNLOCK(stcb);
1092 sctp6_getaddr(struct socket *so, struct sockaddr **addr)
1094 struct sockaddr_in6 *sin6;
1095 struct sctp_inpcb *inp;
1097 struct sctp_ifa *sctp_ifa;
1102 * Do the malloc first in case it blocks.
1104 SCTP_MALLOC_SONAME(sin6, struct sockaddr_in6 *, sizeof(*sin6));
1107 sin6->sin6_family = AF_INET6;
1108 sin6->sin6_len = sizeof(*sin6);
1110 inp = (struct sctp_inpcb *)so->so_pcb;
1112 SCTP_FREE_SONAME(sin6);
1113 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, ECONNRESET);
1114 return (ECONNRESET);
1116 SCTP_INP_RLOCK(inp);
1117 sin6->sin6_port = inp->sctp_lport;
1118 if (inp->sctp_flags & SCTP_PCB_FLAGS_BOUNDALL) {
1119 /* For the bound all case you get back 0 */
1120 if (inp->sctp_flags & SCTP_PCB_FLAGS_CONNECTED) {
1121 struct sctp_tcb *stcb;
1122 struct sockaddr_in6 *sin_a6;
1123 struct sctp_nets *net;
1126 stcb = LIST_FIRST(&inp->sctp_asoc_list);
1132 TAILQ_FOREACH(net, &stcb->asoc.nets, sctp_next) {
1133 sin_a6 = (struct sockaddr_in6 *)&net->ro._l_addr;
1135 /* this will make coverity happy */
1138 if (sin_a6->sin6_family == AF_INET6) {
1143 if ((!fnd) || (sin_a6 == NULL)) {
1147 vrf_id = inp->def_vrf_id;
1148 sctp_ifa = sctp_source_address_selection(inp, stcb, (sctp_route_t *) & net->ro, net, 0, vrf_id);
1150 sin6->sin6_addr = sctp_ifa->address.sin6.sin6_addr;
1153 /* For the bound all case you get back 0 */
1155 memset(&sin6->sin6_addr, 0, sizeof(sin6->sin6_addr));
1158 /* Take the first IPv6 address in the list */
1159 struct sctp_laddr *laddr;
1162 LIST_FOREACH(laddr, &inp->sctp_addr_list, sctp_nxt_addr) {
1163 if (laddr->ifa->address.sa.sa_family == AF_INET6) {
1164 struct sockaddr_in6 *sin_a;
1166 sin_a = (struct sockaddr_in6 *)&laddr->ifa->address.sin6;
1167 sin6->sin6_addr = sin_a->sin6_addr;
1173 SCTP_FREE_SONAME(sin6);
1174 SCTP_INP_RUNLOCK(inp);
1175 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, ENOENT);
1179 SCTP_INP_RUNLOCK(inp);
1180 /* Scoping things for v6 */
1181 if ((error = sa6_recoverscope(sin6)) != 0) {
1182 SCTP_FREE_SONAME(sin6);
1185 (*addr) = (struct sockaddr *)sin6;
1190 sctp6_peeraddr(struct socket *so, struct sockaddr **addr)
1192 struct sockaddr_in6 *sin6;
1194 struct sockaddr_in6 *sin_a6;
1195 struct sctp_inpcb *inp;
1196 struct sctp_tcb *stcb;
1197 struct sctp_nets *net;
1200 /* Do the malloc first in case it blocks. */
1201 SCTP_MALLOC_SONAME(sin6, struct sockaddr_in6 *, sizeof *sin6);
1204 sin6->sin6_family = AF_INET6;
1205 sin6->sin6_len = sizeof(*sin6);
1207 inp = (struct sctp_inpcb *)so->so_pcb;
1208 if ((inp == NULL) ||
1209 ((inp->sctp_flags & SCTP_PCB_FLAGS_CONNECTED) == 0)) {
1210 /* UDP type and listeners will drop out here */
1211 SCTP_FREE_SONAME(sin6);
1212 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, ENOTCONN);
1215 SCTP_INP_RLOCK(inp);
1216 stcb = LIST_FIRST(&inp->sctp_asoc_list);
1218 SCTP_TCB_LOCK(stcb);
1220 SCTP_INP_RUNLOCK(inp);
1222 SCTP_FREE_SONAME(sin6);
1223 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, ECONNRESET);
1224 return (ECONNRESET);
1227 TAILQ_FOREACH(net, &stcb->asoc.nets, sctp_next) {
1228 sin_a6 = (struct sockaddr_in6 *)&net->ro._l_addr;
1229 if (sin_a6->sin6_family == AF_INET6) {
1231 sin6->sin6_port = stcb->rport;
1232 sin6->sin6_addr = sin_a6->sin6_addr;
1236 SCTP_TCB_UNLOCK(stcb);
1238 /* No IPv4 address */
1239 SCTP_FREE_SONAME(sin6);
1240 SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, ENOENT);
1243 if ((error = sa6_recoverscope(sin6)) != 0)
1245 *addr = (struct sockaddr *)sin6;
1250 sctp6_in6getaddr(struct socket *so, struct sockaddr **nam)
1253 struct sockaddr *addr;
1256 struct in6pcb *inp6 = sotoin6pcb(so);
1260 SCTP_LTRACE_ERR_RET(NULL, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
1263 /* allow v6 addresses precedence */
1264 error = sctp6_getaddr(so, nam);
1267 /* try v4 next if v6 failed */
1268 error = sctp_ingetaddr(so, nam);
1273 /* if I'm V6ONLY, convert it to v4-mapped */
1274 if (SCTP_IPV6_V6ONLY(inp6)) {
1275 struct sockaddr_in6 sin6;
1277 in6_sin_2_v4mapsin6((struct sockaddr_in *)addr, &sin6);
1278 memcpy(addr, &sin6, sizeof(struct sockaddr_in6));
1287 sctp6_getpeeraddr(struct socket *so, struct sockaddr **nam)
1290 struct sockaddr *addr;
1293 struct in6pcb *inp6 = sotoin6pcb(so);
1297 SCTP_LTRACE_ERR_RET(NULL, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL);
1300 /* allow v6 addresses precedence */
1301 error = sctp6_peeraddr(so, nam);
1304 /* try v4 next if v6 failed */
1305 error = sctp_peeraddr(so, nam);
1310 /* if I'm V6ONLY, convert it to v4-mapped */
1311 if (SCTP_IPV6_V6ONLY(inp6)) {
1312 struct sockaddr_in6 sin6;
1314 in6_sin_2_v4mapsin6((struct sockaddr_in *)addr, &sin6);
1315 memcpy(addr, &sin6, sizeof(struct sockaddr_in6));
1322 struct pr_usrreqs sctp6_usrreqs = {
1323 .pru_abort = sctp6_abort,
1324 .pru_accept = sctp_accept,
1325 .pru_attach = sctp6_attach,
1326 .pru_bind = sctp6_bind,
1327 .pru_connect = sctp6_connect,
1328 .pru_control = in6_control,
1329 .pru_close = sctp6_close,
1330 .pru_detach = sctp6_close,
1331 .pru_sopoll = sopoll_generic,
1332 .pru_flush = sctp_flush,
1333 .pru_disconnect = sctp6_disconnect,
1334 .pru_listen = sctp_listen,
1335 .pru_peeraddr = sctp6_getpeeraddr,
1336 .pru_send = sctp6_send,
1337 .pru_shutdown = sctp_shutdown,
1338 .pru_sockaddr = sctp6_in6getaddr,
1339 .pru_sosend = sctp_sosend,
1340 .pru_soreceive = sctp_soreceive
projects / FreeBSD / stable / 9.git / blob