]> git.saurik.com Git - apple/xnu.git/blob - bsd/netinet6/route6.c
9325aadece0fd82d247da8a74ba70a76e6d84228
[apple/xnu.git] / bsd / netinet6 / route6.c
1 /*
2 * Copyright (c) 2000-2011 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28
29 /* $FreeBSD: src/sys/netinet6/route6.c,v 1.1.2.3 2001/07/03 11:01:55 ume Exp $ */
30 /* $KAME: route6.c,v 1.24 2001/03/14 03:07:05 itojun Exp $ */
31
32 /*
33 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
34 * All rights reserved.
35 *
36 * Redistribution and use in source and binary forms, with or without
37 * modification, are permitted provided that the following conditions
38 * are met:
39 * 1. Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * 2. Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in the
43 * documentation and/or other materials provided with the distribution.
44 * 3. Neither the name of the project nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 * SUCH DAMAGE.
59 */
60
61 #include <sys/param.h>
62 #include <sys/mcache.h>
63 #include <sys/mbuf.h>
64 #include <sys/socket.h>
65 #include <sys/queue.h>
66 #include <kern/debug.h>
67 #include <string.h>
68
69 #include <net/if.h>
70 #include <net/route.h>
71
72 #include <netinet/in.h>
73 #include <netinet6/in6_var.h>
74 #include <netinet/ip6.h>
75 #include <netinet6/ip6_var.h>
76
77 #include <netinet/icmp6.h>
78
79 #if IP6_RTHDR0_ALLOWED
80 static int ip6_rthdr0(struct mbuf *, struct ip6_hdr *,
81 struct ip6_rthdr0 *);
82 #endif /* IP6_RTHDR0_ALLOWED */
83
84 int
85 route6_input(struct mbuf **mp, int *offp, int proto)
86 {
87 #pragma unused(proto)
88 struct ip6_hdr *ip6;
89 struct mbuf *m = *mp;
90 struct ip6_rthdr *rh;
91 int off = *offp, rhlen;
92 struct ip6aux *ip6a;
93
94 ip6a = ip6_findaux(m);
95 if (ip6a) {
96 /* XXX reject home-address option before rthdr */
97 if (ip6a->ip6a_flags & IP6A_SWAP) {
98 ip6stat.ip6s_badoptions++;
99 m_freem(m);
100 return IPPROTO_DONE;
101 }
102 }
103
104 #ifndef PULLDOWN_TEST
105 IP6_EXTHDR_CHECK(m, off, sizeof(*rh), return IPPROTO_DONE);
106
107 /* Expect 32-bit aligned data pointer on strict-align platforms */
108 MBUF_STRICT_DATA_ALIGNMENT_CHECK_32(m);
109
110 ip6 = mtod(m, struct ip6_hdr *);
111 rh = (struct ip6_rthdr *)((caddr_t)ip6 + off);
112 #else
113 /* Expect 32-bit aligned data pointer on strict-align platforms */
114 MBUF_STRICT_DATA_ALIGNMENT_CHECK_32(m);
115
116 ip6 = mtod(m, struct ip6_hdr *);
117 IP6_EXTHDR_GET(rh, struct ip6_rthdr *, m, off, sizeof(*rh));
118 if (rh == NULL) {
119 ip6stat.ip6s_tooshort++;
120 return IPPROTO_DONE;
121 }
122 #endif
123
124 switch (rh->ip6r_type) {
125 #if IP6_RTHDR0_ALLOWED
126 case IPV6_RTHDR_TYPE_0:
127 rhlen = (rh->ip6r_len + 1) << 3;
128 #ifndef PULLDOWN_TEST
129 /*
130 * note on option length:
131 * due to IP6_EXTHDR_CHECK assumption, we cannot handle
132 * very big routing header (max rhlen == 2048).
133 */
134 IP6_EXTHDR_CHECK(m, off, rhlen, return IPPROTO_DONE);
135 #else
136 /*
137 * note on option length:
138 * maximum rhlen: 2048
139 * max mbuf m_pulldown can handle: MCLBYTES == usually 2048
140 * so, here we are assuming that m_pulldown can handle
141 * rhlen == 2048 case. this may not be a good thing to
142 * assume - we may want to avoid pulling it up altogether.
143 */
144 IP6_EXTHDR_GET(rh, struct ip6_rthdr *, m, off, rhlen);
145 if (rh == NULL) {
146 ip6stat.ip6s_tooshort++;
147 return IPPROTO_DONE;
148 }
149 #endif
150 if (ip6_rthdr0(m, ip6, (struct ip6_rthdr0 *)rh))
151 return(IPPROTO_DONE);
152 break;
153 #endif /* IP6_RTHDR0_ALLOWED */
154 default:
155 /* unknown routing type */
156 if (rh->ip6r_segleft == 0) {
157 rhlen = (rh->ip6r_len + 1) << 3;
158 break; /* Final dst. Just ignore the header. */
159 }
160 ip6stat.ip6s_badoptions++;
161 icmp6_error(m, ICMP6_PARAM_PROB, ICMP6_PARAMPROB_HEADER,
162 (caddr_t)&rh->ip6r_type - (caddr_t)ip6);
163 return(IPPROTO_DONE);
164 }
165
166 *offp += rhlen;
167 return(rh->ip6r_nxt);
168 }
169
170 #if IP6_RTHDR0_ALLOWED
171 /*
172 * Type0 routing header processing
173 *
174 * RFC2292 backward compatibility warning: no support for strict/loose bitmap,
175 * as it was dropped between RFC1883 and RFC2460.
176 */
177 static int
178 ip6_rthdr0(m, ip6, rh0)
179 struct mbuf *m;
180 struct ip6_hdr *ip6;
181 struct ip6_rthdr0 *rh0;
182 {
183 int addrs, index;
184 struct in6_addr *nextaddr, tmpaddr, ia6 = NULL;
185 struct route_in6 ip6forward_rt;
186
187 if (rh0->ip6r0_segleft == 0)
188 return(0);
189
190 if (rh0->ip6r0_len % 2
191 #if COMPAT_RFC1883
192 || rh0->ip6r0_len > 46
193 #endif
194 ) {
195 /*
196 * Type 0 routing header can't contain more than 23 addresses.
197 * RFC 2462: this limitation was removed since strict/loose
198 * bitmap field was deleted.
199 */
200 ip6stat.ip6s_badoptions++;
201 icmp6_error(m, ICMP6_PARAM_PROB, ICMP6_PARAMPROB_HEADER,
202 (caddr_t)&rh0->ip6r0_len - (caddr_t)ip6);
203 return (-1);
204 }
205
206 if ((addrs = rh0->ip6r0_len / 2) < rh0->ip6r0_segleft) {
207 ip6stat.ip6s_badoptions++;
208 icmp6_error(m, ICMP6_PARAM_PROB, ICMP6_PARAMPROB_HEADER,
209 (caddr_t)&rh0->ip6r0_segleft - (caddr_t)ip6);
210 return (-1);
211 }
212
213 index = addrs - rh0->ip6r0_segleft;
214 rh0->ip6r0_segleft--;
215 /* note that ip6r0_addr does not exist in RFC2292bis */
216 nextaddr = rh0->ip6r0_addr + index;
217
218 /*
219 * reject invalid addresses. be proactive about malicious use of
220 * IPv4 mapped/compat address.
221 * XXX need more checks?
222 */
223 if (IN6_IS_ADDR_MULTICAST(nextaddr) ||
224 IN6_IS_ADDR_UNSPECIFIED(nextaddr) ||
225 IN6_IS_ADDR_V4MAPPED(nextaddr) ||
226 IN6_IS_ADDR_V4COMPAT(nextaddr)) {
227 ip6stat.ip6s_badoptions++;
228 m_freem(m);
229 return (-1);
230 }
231 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) ||
232 IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_dst) ||
233 IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst) ||
234 IN6_IS_ADDR_V4COMPAT(&ip6->ip6_dst)) {
235 ip6stat.ip6s_badoptions++;
236 m_freem(m);
237 return (-1);
238 }
239
240 /*
241 * Determine the scope zone of the next hop, based on the interface
242 * of the current hop. [RFC4007, Section 9]
243 * Then disambiguate the scope zone for the next hop (if necessary).
244 */
245 if ((ia6 = ip6_getdstifaddr(m)) == NULL)
246 goto bad;
247 if (in6_setscope(nextaddr, ia6->ia_ifp, NULL) != 0) {
248 ip6stat.ip6s_badscope++;
249 IFA_REMREF(&ia6->ia_ifa);
250 ia6 = NULL;
251 goto bad;
252 }
253 IFA_REMREF(&ia6->ia_ifa);
254 ia6 = NULL;
255
256 /*
257 * Swap the IPv6 destination address and nextaddr. Forward the packet.
258 */
259 tmpaddr = *nextaddr;
260 *nextaddr = ip6->ip6_dst;
261 in6_clearscope(nextaddr); /* XXX */
262 ip6->ip6_dst = tmpaddr;
263 if (IN6_IS_ADDR_LINKLOCAL(&ip6->ip6_dst))
264 ip6->ip6_dst.s6_addr16[1] = htons(m->m_pkthdr.rcvif->if_index);
265
266 /*
267 * Don't use the globally cached route to forward packet having
268 * Type 0 routing header(s); instead, do an explicit lookup using
269 * a local route entry variable, in case the next address in the
270 * packet is bogus (which would otherwise unnecessarily invalidate
271 * the globally cached route).
272 */
273 bzero(&ip6forward_rt, sizeof (ip6forward_rt));
274
275 #if COMPAT_RFC1883
276 if (rh0->ip6r0_slmap[index / 8] & (1 << (7 - (index % 8))))
277 ip6_forward(m, &ip6forward_rt, IPV6_SRCRT_NEIGHBOR, 0);
278 else
279 ip6_forward(m, &ip6forward_rt, IPV6_SRCRT_NOTNEIGHBOR, 0);
280 #else
281 ip6_forward(m, &ip6forward_rt, 1, 0);
282 #endif
283
284 /* Release reference to the looked up route */
285 if (ip6forward_rt.ro_rt != NULL) {
286 rtfree(ip6forward_rt.ro_rt);
287 ip6forward_rt.ro_rt = NULL;
288 }
289
290 return(-1); /* m would be freed in ip6_forward() */
291 }
292 #endif /* IP6_RTHDR0_ALLOWED */
293