]> git.saurik.com Git - apple/xnu.git/blame - bsd/netinet6/udp6_usrreq.c
projects / apple / xnu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
xnu-792.tar.gz
[apple/xnu.git] / bsd / netinet6 / udp6_usrreq.c
CommitLineData
9bccf70c
A		 1/* $FreeBSD: src/sys/netinet6/udp6_usrreq.c,v 1.6.2.6 2001/07/29 19:32:40 ume Exp $ */
2/* $KAME: udp6_usrreq.c,v 1.27 2001/05/21 05:45:10 jinmei Exp $ */
1c79356b
A		 3
4/*
5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the project nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE.
31 */
32
33/*
34 * Copyright (c) 1982, 1986, 1989, 1993
35 * The Regents of the University of California. All rights reserved.
36 *
37 * Redistribution and use in source and binary forms, with or without
38 * modification, are permitted provided that the following conditions
39 * are met:
40 * 1. Redistributions of source code must retain the above copyright
41 * notice, this list of conditions and the following disclaimer.
42 * 2. Redistributions in binary form must reproduce the above copyright
43 * notice, this list of conditions and the following disclaimer in the
44 * documentation and/or other materials provided with the distribution.
45 * 3. All advertising materials mentioning features or use of this software
46 * must display the following acknowledgement:
47 * This product includes software developed by the University of
48 * California, Berkeley and its contributors.
49 * 4. Neither the name of the University nor the names of its contributors
50 * may be used to endorse or promote products derived from this software
51 * without specific prior written permission.
52 *
53 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
54 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
55 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
56 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
57 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
58 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
59 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
60 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
61 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
62 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
63 * SUCH DAMAGE.
64 *
65 * @(#)udp_var.h 8.1 (Berkeley) 6/10/93
66 */
1c79356b
A		 67
68#include <sys/param.h>
69#include <sys/kernel.h>
70#include <sys/malloc.h>
71#include <sys/mbuf.h>
72#include <sys/protosw.h>
73#include <sys/socket.h>
74#include <sys/socketvar.h>
75#include <sys/sysctl.h>
76#include <sys/errno.h>
77#include <sys/stat.h>
78#include <sys/systm.h>
79#include <sys/syslog.h>
80#include <sys/proc.h>
91447636 81#include <sys/kauth.h>
1c79356b
A		 82
83#include <net/if.h>
84#include <net/route.h>
85#include <net/if_types.h>
86
87#include <netinet/in.h>
88#include <netinet/in_systm.h>
89#include <netinet/ip.h>
90#include <netinet/in_pcb.h>
91#include <netinet/in_var.h>
92#include <netinet/ip_var.h>
93#include <netinet/udp.h>
94#include <netinet/udp_var.h>
95#include <netinet/ip6.h>
96#include <netinet6/ip6_var.h>
97#include <netinet6/in6_pcb.h>
98#include <netinet/icmp6.h>
99#include <netinet6/udp6_var.h>
100#include <netinet6/ip6protosw.h>
101
102#if IPSEC
103#include <netinet6/ipsec.h>
9bccf70c
A		 104#include <netinet6/ipsec6.h>
105extern int ipsec_bypass;
91447636
A		 106extern lck_mtx_t *sadb_mutex;
107extern lck_mtx_t *nd6_mutex;
1c79356b
A		 108#endif /*IPSEC*/
109
110#include "faith.h"
9bccf70c
A		 111#if defined(NFAITH) && NFAITH > 0
112#include <net/if_faith.h>
113#endif
1c79356b
A		 114
115/*
116 * UDP protocol inplementation.
117 * Per RFC 768, August, 1980.
118 */
119
120extern struct protosw inetsw[];
91447636
A		 121static int in6_mcmatch(struct inpcb *, struct in6_addr *, struct ifnet *);
122static int udp6_detach(struct socket *so);
123
124
125extern void ipfwsyslog( int level, char *format,...);
126extern int fw_verbose;
127
128#define log_in_vain_log( a ) { \
129 if ( (log_in_vain == 3 ) && (fw_verbose == 2)) { /* Apple logging, log to ipfw.log */ \
130 ipfwsyslog a ; \
131 } \
132 else log a ; \
133}
134
1c79356b
A		 135
136static int
91447636
A		 137in6_mcmatch(
138 struct inpcb *in6p,
139 register struct in6_addr *ia6,
140 struct ifnet *ifp)
1c79356b
A		 141{
142 struct ip6_moptions *im6o = in6p->in6p_moptions;
143 struct in6_multi_mship *imm;
144
145 if (im6o == NULL)
146 return 0;
147
91447636 148 lck_mtx_lock(nd6_mutex);
1c79356b
A		 149 for (imm = im6o->im6o_memberships.lh_first; imm != NULL;
150 imm = imm->i6mm_chain.le_next) {
151 if ((ifp == NULL ||
152 imm->i6mm_maddr->in6m_ifp == ifp) &&
153 IN6_ARE_ADDR_EQUAL(&imm->i6mm_maddr->in6m_addr,
91447636
A		 154 ia6)) {
155 lck_mtx_unlock(nd6_mutex);
1c79356b 156 return 1;
91447636 157 }
1c79356b 158 }
91447636 159 lck_mtx_unlock(nd6_mutex);
1c79356b
A		 160 return 0;
161}
162
163int
91447636
A		 164udp6_input(
165 struct mbuf **mp,
166 int *offp)
1c79356b
A		 167{
168 struct mbuf *m = *mp;
169 register struct ip6_hdr *ip6;
170 register struct udphdr *uh;
171 register struct inpcb *in6p;
9bccf70c 172 struct mbuf *opts = NULL;
1c79356b
A		 173 int off = *offp;
174 int plen, ulen;
175 struct sockaddr_in6 udp_in6;
91447636 176 struct inpcbinfo *pcbinfo = &udbinfo;
1c79356b 177
91447636 178 IP6_EXTHDR_CHECK(m, off, sizeof(struct udphdr), return IPPROTO_DONE);
9bccf70c
A		 179
180 ip6 = mtod(m, struct ip6_hdr *);
181
1c79356b 182#if defined(NFAITH) && 0 < NFAITH
9bccf70c
A		 183 if (faithprefix(&ip6->ip6_dst)) {
184 /* XXX send icmp6 host/port unreach? */
185 m_freem(m);
186 return IPPROTO_DONE;
1c79356b
A		 187 }
188#endif
1c79356b 189
9bccf70c 190 udpstat.udps_ipackets++;
1c79356b 191
1c79356b
A		 192 plen = ntohs(ip6->ip6_plen) - off + sizeof(*ip6);
193 uh = (struct udphdr *)((caddr_t)ip6 + off);
194 ulen = ntohs((u_short)uh->uh_ulen);
195
196 if (plen != ulen) {
197 udpstat.udps_badlen++;
198 goto bad;
199 }
200
201 /*
202 * Checksum extended UDP header and data.
203 */
9bccf70c
A		 204#ifndef __APPLE__
205 if (uh->uh_sum == 0)
206 udpstat.udps_nosum++;
207#endif
1c79356b
A		 208 else if (in6_cksum(m, IPPROTO_UDP, off, ulen) != 0) {
209 udpstat.udps_badsum++;
210 goto bad;
211 }
212
213 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
214 struct inpcb *last;
215
216 /*
217 * Deliver a multicast datagram to all sockets
218 * for which the local and remote addresses and ports match
219 * those of the incoming datagram. This allows more than
220 * one process to receive multicasts on the same port.
221 * (This really ought to be done for unicast datagrams as
222 * well, but that would cause problems with existing
223 * applications that open both address-specific sockets and
224 * a wildcard socket listening to the same port -- they would
225 * end up receiving duplicates of every unicast datagram.
226 * Those applications open the multiple sockets to overcome an
227 * inadequacy of the UDP socket interface, but for backwards
228 * compatibility we avoid the problem here rather than
229 * fixing the interface. Maybe 4.5BSD will remedy this?)
230 */
231
232 /*
233 * In a case that laddr should be set to the link-local
234 * address (this happens in RIPng), the multicast address
235 * specified in the received packet does not match with
236 * laddr. To cure this situation, the matching is relaxed
237 * if the receiving interface is the same as one specified
238 * in the socket and if the destination multicast address
239 * matches one of the multicast groups specified in the socket.
240 */
241
242 /*
243 * Construct sockaddr format source address.
244 */
245 init_sin6(&udp_in6, m); /* general init */
246 udp_in6.sin6_port = uh->uh_sport;
247 /*
248 * KAME note: usually we drop udphdr from mbuf here.
249 * We need udphdr for IPsec processing so we do that later.
250 */
251
252 /*
253 * Locate pcb(s) for datagram.
254 * (Algorithm copied from raw_intr().)
255 */
256 last = NULL;
91447636
A		 257 lck_rw_lock_shared(pcbinfo->mtx);
258
1c79356b 259 LIST_FOREACH(in6p, &udb, inp_list) {
91447636 260
1c79356b
A		 261 if ((in6p->inp_vflag & INP_IPV6) == 0)
262 continue;
91447636
A		 263
264 if (in_pcb_checkstate(in6p, WNT_ACQUIRE, 0) == WNT_STOPUSING)
265 continue;
266
267 udp_lock(in6p->in6p_socket, 1, 0);
268
269 if (in_pcb_checkstate(in6p, WNT_RELEASE, 1) == WNT_STOPUSING) {
270 udp_unlock(in6p->in6p_socket, 1, 0);
271 continue;
272 }
273 if (in6p->in6p_lport != uh->uh_dport) {
274 udp_unlock(in6p->in6p_socket, 1, 0);
1c79356b 275 continue;
91447636 276 }
1c79356b
A		 277 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr)) {
278 if (!IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr,
279 &ip6->ip6_dst) &&
280 !in6_mcmatch(in6p, &ip6->ip6_dst,
91447636
A		 281 m->m_pkthdr.rcvif)) {
282 udp_unlock(in6p->in6p_socket, 1, 0);
1c79356b 283 continue;
91447636 284 }
1c79356b
A		 285 }
286 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) {
287 if (!IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr,
288 &ip6->ip6_src) ||
91447636
A		 289 in6p->in6p_fport != uh->uh_sport) {
290 udp_unlock(in6p->in6p_socket, 1, 0);
1c79356b 291 continue;
91447636 292 }
1c79356b
A		 293 }
294
295 if (last != NULL) {
296 struct mbuf *n;
297
298#if IPSEC
299 /*
300 * Check AH/ESP integrity.
301 */
91447636
A		 302 if (ipsec_bypass == 0) {
303 lck_mtx_lock(sadb_mutex);
304 if (ipsec6_in_reject_so(m, last->inp_socket))
305 ipsec6stat.in_polvio++;
1c79356b 306 /* do not inject data into pcb */
91447636
A		 307 lck_mtx_unlock(sadb_mutex);
308 }
1c79356b
A		 309 else
310#endif /*IPSEC*/
311 if ((n = m_copy(m, 0, M_COPYALL)) != NULL) {
312 /*
313 * KAME NOTE: do not
314 * m_copy(m, offset, ...) above.
315 * sbappendaddr() expects M_PKTHDR,
316 * and m_copy() will copy M_PKTHDR
317 * only if offset is 0.
318 */
319 if (last->in6p_flags & IN6P_CONTROLOPTS
320 || last->in6p_socket->so_options & SO_TIMESTAMP)
9bccf70c
A		 321 ip6_savecontrol(last, &opts,
322 ip6, n);
1c79356b
A		 323
324 m_adj(n, off + sizeof(struct udphdr));
325 if (sbappendaddr(&last->in6p_socket->so_rcv,
326 (struct sockaddr *)&udp_in6,
91447636 327 n, opts, NULL) == 0) {
1c79356b
A		 328 udpstat.udps_fullsock++;
329 } else
330 sorwakeup(last->in6p_socket);
9bccf70c 331 opts = NULL;
1c79356b 332 }
91447636 333 udp_unlock(last->in6p_socket, 1, 0);
1c79356b
A		 334 }
335 last = in6p;
336 /*
337 * Don't look for additional matches if this one does
338 * not have either the SO_REUSEPORT or SO_REUSEADDR
339 * socket options set. This heuristic avoids searching
340 * through all pcbs in the common case of a non-shared
341 * port. It assumes that an application will never
342 * clear these options after setting them.
343 */
344 if ((last->in6p_socket->so_options &
345 (SO_REUSEPORT|SO_REUSEADDR)) == 0)
346 break;
347 }
91447636 348 lck_rw_done(pcbinfo->mtx);
1c79356b
A		 349
350 if (last == NULL) {
351 /*
352 * No matching pcb found; discard datagram.
353 * (No need to send an ICMP Port Unreachable
354 * for a broadcast or multicast datgram.)
355 */
356 udpstat.udps_noport++;
9bccf70c
A		 357#ifndef __APPLE__
358 udpstat.udps_noportmcast++;
359#endif
1c79356b
A		 360 goto bad;
361 }
362#if IPSEC
363 /*
364 * Check AH/ESP integrity.
365 */
91447636
A		 366 if (ipsec_bypass == 0) {
367 lck_mtx_lock(sadb_mutex);
368 if (ipsec6_in_reject_so(m, last->inp_socket)) {
369 ipsec6stat.in_polvio++;
370 lck_mtx_unlock(sadb_mutex);
371 udp_unlock(last->in6p_socket, 1, 0);
372 goto bad;
373 }
374 lck_mtx_unlock(sadb_mutex);
1c79356b
A		 375 }
376#endif /*IPSEC*/
377 if (last->in6p_flags & IN6P_CONTROLOPTS
378 || last->in6p_socket->so_options & SO_TIMESTAMP)
9bccf70c 379 ip6_savecontrol(last, &opts, ip6, m);
1c79356b
A		 380
381 m_adj(m, off + sizeof(struct udphdr));
382 if (sbappendaddr(&last->in6p_socket->so_rcv,
383 (struct sockaddr *)&udp_in6,
91447636 384 m, opts, NULL) == 0) {
1c79356b 385 udpstat.udps_fullsock++;
91447636
A		 386 m = NULL;
387 opts = NULL;
388 udp_unlock(last->in6p_socket, 1, 0);
1c79356b
A		 389 goto bad;
390 }
391 sorwakeup(last->in6p_socket);
91447636 392 udp_unlock(last->in6p_socket, 1, 0);
1c79356b
A		 393 return IPPROTO_DONE;
394 }
395 /*
396 * Locate pcb for datagram.
397 */
398 in6p = in6_pcblookup_hash(&udbinfo, &ip6->ip6_src, uh->uh_sport,
399 &ip6->ip6_dst, uh->uh_dport, 1,
400 m->m_pkthdr.rcvif);
401 if (in6p == 0) {
402 if (log_in_vain) {
403 char buf[INET6_ADDRSTRLEN];
404
405 strcpy(buf, ip6_sprintf(&ip6->ip6_dst));
91447636
A		 406 if (log_in_vain != 3)
407 log(LOG_INFO,
408 "Connection attempt to UDP %s:%d from %s:%d\n",
409 buf, ntohs(uh->uh_dport),
410 ip6_sprintf(&ip6->ip6_src), ntohs(uh->uh_sport));
411 else if (!(m->m_flags & (M_BCAST | M_MCAST)) &&
412 !IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, &ip6->ip6_src))
413 log_in_vain_log((LOG_INFO,
414 "Connection attempt to UDP %s:%d from %s:%d\n",
415 buf, ntohs(uh->uh_dport),
416 ip6_sprintf(&ip6->ip6_src), ntohs(uh->uh_sport)));
1c79356b
A		 417 }
418 udpstat.udps_noport++;
419 if (m->m_flags & M_MCAST) {
420 printf("UDP6: M_MCAST is set in a unicast packet.\n");
9bccf70c
A		 421#ifndef __APPLE__
422 udpstat.udps_noportmcast++;
423#endif
1c79356b
A		 424 goto bad;
425 }
426 icmp6_error(m, ICMP6_DST_UNREACH, ICMP6_DST_UNREACH_NOPORT, 0);
427 return IPPROTO_DONE;
428 }
429#if IPSEC
430 /*
431 * Check AH/ESP integrity.
432 */
91447636
A		 433 if (ipsec_bypass == 0) {
434 lck_mtx_lock(sadb_mutex);
435 if (ipsec6_in_reject_so(m, in6p->in6p_socket)) {
436 ipsec6stat.in_polvio++;
437 lck_mtx_unlock(sadb_mutex);
438 in_pcb_checkstate(in6p, WNT_RELEASE, 0);
439 goto bad;
440 }
441 lck_mtx_unlock(sadb_mutex);
1c79356b
A		 442 }
443#endif /*IPSEC*/
444
445 /*
446 * Construct sockaddr format source address.
447 * Stuff source address and datagram in user buffer.
448 */
91447636
A		 449 udp_lock(in6p->in6p_socket, 1, 0);
450
451 if (in_pcb_checkstate(in6p, WNT_RELEASE, 1) == WNT_STOPUSING) {
452 udp_unlock(in6p->in6p_socket, 1, 0);
453 goto bad;
454 }
455
1c79356b
A		 456 init_sin6(&udp_in6, m); /* general init */
457 udp_in6.sin6_port = uh->uh_sport;
458 if (in6p->in6p_flags & IN6P_CONTROLOPTS
459 || in6p->in6p_socket->so_options & SO_TIMESTAMP)
9bccf70c 460 ip6_savecontrol(in6p, &opts, ip6, m);
1c79356b
A		 461 m_adj(m, off + sizeof(struct udphdr));
462 if (sbappendaddr(&in6p->in6p_socket->so_rcv,
463 (struct sockaddr *)&udp_in6,
91447636
A		 464 m, opts, NULL) == 0) {
465 m = NULL;
466 opts = NULL;
1c79356b 467 udpstat.udps_fullsock++;
91447636 468 udp_unlock(in6p->in6p_socket, 1, 0);
1c79356b
A		 469 goto bad;
470 }
471 sorwakeup(in6p->in6p_socket);
91447636 472 udp_unlock(in6p->in6p_socket, 1, 0);
1c79356b
A		 473 return IPPROTO_DONE;
474bad:
475 if (m)
476 m_freem(m);
9bccf70c
A		 477 if (opts)
478 m_freem(opts);
1c79356b
A		 479 return IPPROTO_DONE;
480}
481
482void
91447636
A		 483udp6_ctlinput(
484 int cmd,
485 struct sockaddr *sa,
486 void *d)
1c79356b 487{
1c79356b 488 struct udphdr uh;
1c79356b
A		 489 struct ip6_hdr *ip6;
490 struct mbuf *m;
491 int off = 0;
9bccf70c
A		 492 struct ip6ctlparam *ip6cp = NULL;
493 const struct sockaddr_in6 *sa6_src = NULL;
91447636 494 void (*notify)(struct inpcb *, int) = udp_notify;
9bccf70c
A		 495 struct udp_portonly {
496 u_int16_t uh_sport;
497 u_int16_t uh_dport;
498 } *uhp;
1c79356b
A		 499
500 if (sa->sa_family != AF_INET6 ||
501 sa->sa_len != sizeof(struct sockaddr_in6))
502 return;
503
504 if ((unsigned)cmd >= PRC_NCMDS)
505 return;
506 if (PRC_IS_REDIRECT(cmd))
507 notify = in6_rtchange, d = NULL;
508 else if (cmd == PRC_HOSTDEAD)
509 d = NULL;
510 else if (inet6ctlerrmap[cmd] == 0)
511 return;
512
513 /* if the parameter is from icmp6, decode it. */
514 if (d != NULL) {
9bccf70c 515 ip6cp = (struct ip6ctlparam *)d;
1c79356b
A		 516 m = ip6cp->ip6c_m;
517 ip6 = ip6cp->ip6c_ip6;
518 off = ip6cp->ip6c_off;
9bccf70c 519 sa6_src = ip6cp->ip6c_src;
1c79356b
A		 520 } else {
521 m = NULL;
522 ip6 = NULL;
9bccf70c 523 sa6_src = &sa6_any;
1c79356b
A		 524 }
525
1c79356b
A		 526 if (ip6) {
527 /*
528 * XXX: We assume that when IPV6 is non NULL,
529 * M and OFF are valid.
530 */
1c79356b 531
9bccf70c
A		 532 /* check if we can safely examine src and dst ports */
533 if (m->m_pkthdr.len < off + sizeof(*uhp))
534 return;
1c79356b 535
9bccf70c
A		 536 bzero(&uh, sizeof(uh));
537 m_copydata(m, off, sizeof(*uhp), (caddr_t)&uh);
538
91447636 539 (void) in6_pcbnotify(&udbinfo, sa, uh.uh_dport,
9bccf70c
A		 540 (struct sockaddr*)ip6cp->ip6c_src,
541 uh.uh_sport, cmd, notify);
1c79356b 542 } else
91447636 543 (void) in6_pcbnotify(&udbinfo, sa, 0, (struct sockaddr *)&sa6_src,
9bccf70c 544 0, cmd, notify);
1c79356b 545}
9bccf70c
A		 546
547#ifndef __APPLE__
1c79356b
A		 548static int
549udp6_getcred SYSCTL_HANDLER_ARGS
550{
551 struct sockaddr_in6 addrs[2];
552 struct inpcb *inp;
553 int error, s;
554
555 error = suser(req->p->p_ucred, &req->p->p_acflag);
556 if (error)
557 return (error);
558
559 if (req->newlen != sizeof(addrs))
560 return (EINVAL);
91447636 561 if (req->oldlen != sizeof(*(kauth_cred_t)0))
1c79356b
A		 562 return (EINVAL);
563 error = SYSCTL_IN(req, addrs, sizeof(addrs));
564 if (error)
565 return (error);
566 s = splnet();
567 inp = in6_pcblookup_hash(&udbinfo, &addrs[1].sin6_addr,
568 addrs[1].sin6_port,
569 &addrs[0].sin6_addr, addrs[0].sin6_port,
570 1, NULL);
571 if (!inp || !inp->inp_socket || !inp->inp_socket->so_cred) {
572 error = ENOENT;
573 goto out;
574 }
575 error = SYSCTL_OUT(req, inp->inp_socket->so_cred->pc_ucred,
91447636 576 sizeof(*(kauth_cred_t)0));
1c79356b
A		 577
578out:
579 splx(s);
580 return (error);
581}
582
583SYSCTL_PROC(_net_inet6_udp6, OID_AUTO, getcred, CTLTYPE_OPAQUE|CTLFLAG_RW,
584 0, 0,
585 udp6_getcred, "S,ucred", "Get the ucred of a UDP6 connection");
586#endif
1c79356b
A		 587
588static int
589udp6_abort(struct socket *so)
590{
591 struct inpcb *inp;
1c79356b
A		 592
593 inp = sotoinpcb(so);
594 if (inp == 0)
595 return EINVAL; /* ??? possible? panic instead? */
596 soisdisconnected(so);
1c79356b 597 in6_pcbdetach(inp);
1c79356b
A		 598 return 0;
599}
600
601static int
602udp6_attach(struct socket *so, int proto, struct proc *p)
603{
604 struct inpcb *inp;
91447636 605 int error;
1c79356b
A		 606
607 inp = sotoinpcb(so);
608 if (inp != 0)
609 return EINVAL;
610
91447636
A		 611 error = in_pcballoc(so, &udbinfo, p);
612 if (error)
613 return error;
614
1c79356b
A		 615 if (so->so_snd.sb_hiwat == 0 || so->so_rcv.sb_hiwat == 0) {
616 error = soreserve(so, udp_sendspace, udp_recvspace);
617 if (error)
618 return error;
619 }
1c79356b
A		 620 inp = (struct inpcb *)so->so_pcb;
621 inp->inp_vflag |= INP_IPV6;
55e303ae
A		 622 if (ip6_mapped_addr_on)
623 inp->inp_vflag |= INP_IPV4;
1c79356b
A		 624 inp->in6p_hops = -1; /* use kernel default */
625 inp->in6p_cksum = -1; /* just to be sure */
9bccf70c
A		 626 /*
627 * XXX: ugly!!
628 * IPv4 TTL initialization is necessary for an IPv6 socket as well,
629 * because the socket may be bound to an IPv6 wildcard address,
630 * which may match an IPv4-mapped IPv6 address.
631 */
632 inp->inp_ip_ttl = ip_defttl;
1c79356b
A		 633 return 0;
634}
635
636static int
637udp6_bind(struct socket *so, struct sockaddr *nam, struct proc *p)
638{
639 struct inpcb *inp;
91447636 640 int error;
1c79356b
A		 641
642 inp = sotoinpcb(so);
643 if (inp == 0)
644 return EINVAL;
645
646 inp->inp_vflag &= ~INP_IPV4;
647 inp->inp_vflag |= INP_IPV6;
9bccf70c 648 if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0) {
1c79356b
A		 649 struct sockaddr_in6 *sin6_p;
650
651 sin6_p = (struct sockaddr_in6 *)nam;
652
653 if (IN6_IS_ADDR_UNSPECIFIED(&sin6_p->sin6_addr))
654 inp->inp_vflag |= INP_IPV4;
655 else if (IN6_IS_ADDR_V4MAPPED(&sin6_p->sin6_addr)) {
656 struct sockaddr_in sin;
657
658 in6_sin6_2_sin(&sin, sin6_p);
659 inp->inp_vflag |= INP_IPV4;
660 inp->inp_vflag &= ~INP_IPV6;
1c79356b 661 error = in_pcbbind(inp, (struct sockaddr *)&sin, p);
1c79356b
A		 662 return error;
663 }
664 }
665
1c79356b 666 error = in6_pcbbind(inp, nam, p);
1c79356b
A		 667 return error;
668}
669
670static int
671udp6_connect(struct socket *so, struct sockaddr *nam, struct proc *p)
672{
673 struct inpcb *inp;
91447636 674 int error;
1c79356b
A		 675
676 inp = sotoinpcb(so);
677 if (inp == 0)
678 return EINVAL;
679
9bccf70c 680 if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0) {
1c79356b
A		 681 struct sockaddr_in6 *sin6_p;
682
683 sin6_p = (struct sockaddr_in6 *)nam;
684 if (IN6_IS_ADDR_V4MAPPED(&sin6_p->sin6_addr)) {
685 struct sockaddr_in sin;
686
687 if (inp->inp_faddr.s_addr != INADDR_ANY)
688 return EISCONN;
689 in6_sin6_2_sin(&sin, sin6_p);
1c79356b 690 error = in_pcbconnect(inp, (struct sockaddr *)&sin, p);
1c79356b
A		 691 if (error == 0) {
692 inp->inp_vflag |= INP_IPV4;
693 inp->inp_vflag &= ~INP_IPV6;
694 soisconnected(so);
695 }
696 return error;
697 }
698 }
699
700 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr))
701 return EISCONN;
1c79356b 702 error = in6_pcbconnect(inp, nam, p);
1c79356b 703 if (error == 0) {
55e303ae 704 if (ip6_mapped_addr_on || (inp->inp_flags & IN6P_IPV6_V6ONLY) == 0) { /* should be non mapped addr */
1c79356b
A		 705 inp->inp_vflag &= ~INP_IPV4;
706 inp->inp_vflag |= INP_IPV6;
707 }
708 soisconnected(so);
709 }
710 return error;
711}
712
713static int
714udp6_detach(struct socket *so)
715{
716 struct inpcb *inp;
1c79356b
A		 717
718 inp = sotoinpcb(so);
719 if (inp == 0)
720 return EINVAL;
1c79356b 721 in6_pcbdetach(inp);
1c79356b
A		 722 return 0;
723}
724
725static int
726udp6_disconnect(struct socket *so)
727{
728 struct inpcb *inp;
1c79356b
A		 729
730 inp = sotoinpcb(so);
731 if (inp == 0)
732 return EINVAL;
733
734 if (inp->inp_vflag & INP_IPV4) {
735 struct pr_usrreqs *pru;
736
737 pru = ip_protox[IPPROTO_UDP]->pr_usrreqs;
738 return ((*pru->pru_disconnect)(so));
739 }
740
741 if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr))
742 return ENOTCONN;
743
1c79356b
A		 744 in6_pcbdisconnect(inp);
745 inp->in6p_laddr = in6addr_any;
1c79356b
A		 746 so->so_state &= ~SS_ISCONNECTED; /* XXX */
747 return 0;
748}
749
750static int
751udp6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *addr,
752 struct mbuf *control, struct proc *p)
753{
754 struct inpcb *inp;
9bccf70c 755 int error = 0;
1c79356b
A		 756
757 inp = sotoinpcb(so);
758 if (inp == 0) {
9bccf70c
A		 759 error = EINVAL;
760 goto bad;
761 }
762
763 if (addr) {
764 if (addr->sa_len != sizeof(struct sockaddr_in6)) {
765 error = EINVAL;
766 goto bad;
767 }
768 if (addr->sa_family != AF_INET6) {
769 error = EAFNOSUPPORT;
770 goto bad;
771 }
1c79356b
A		 772 }
773
55e303ae 774 if (ip6_mapped_addr_on || (inp->inp_flags & IN6P_IPV6_V6ONLY) == 0) {
1c79356b
A		 775 int hasv4addr;
776 struct sockaddr_in6 *sin6 = 0;
777
778 if (addr == 0)
779 hasv4addr = (inp->inp_vflag & INP_IPV4);
780 else {
781 sin6 = (struct sockaddr_in6 *)addr;
782 hasv4addr = IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)
783 ? 1 : 0;
784 }
785 if (hasv4addr) {
786 struct pr_usrreqs *pru;
1c79356b
A		 787
788 if (sin6)
789 in6_sin6_2_sin_in_sock(addr);
790 pru = ip_protox[IPPROTO_UDP]->pr_usrreqs;
791 error = ((*pru->pru_send)(so, flags, m, addr, control,
792 p));
793 /* addr will just be freed in sendit(). */
794 return error;
795 }
796 }
797
798 return udp6_output(inp, m, addr, control, p);
9bccf70c
A		 799
800 bad:
801 m_freem(m);
802 return(error);
1c79356b
A		 803}
804
805struct pr_usrreqs udp6_usrreqs = {
806 udp6_abort, pru_accept_notsupp, udp6_attach, udp6_bind, udp6_connect,
807 pru_connect2_notsupp, in6_control, udp6_detach, udp6_disconnect,
808 pru_listen_notsupp, in6_mapped_peeraddr, pru_rcvd_notsupp,
809 pru_rcvoob_notsupp, udp6_send, pru_sense_null, udp_shutdown,
91447636 810 in6_mapped_sockaddr, sosend, soreceive, pru_sopoll_notsupp
1c79356b 811};
mirror of XNU