#include <sys/param.h>
#include <sys/malloc.h>
#include <sys/mbuf.h>
#include <sys/errno.h>
#include <sys/protosw.h>
#include <sys/socket.h>
#include <sys/socketvar.h>
#include <sys/systm.h>
#include <sys/kernel.h>
#include <sys/proc.h>
#include <sys/kauth.h>
#include <net/if.h>
#include <net/route.h>
#include <netinet/in.h>
#include <netinet/in_var.h>
#include <netinet/ip_var.h>
#include <netinet6/in6_var.h>
#include <netinet/ip6.h>
#include <netinet/icmp6.h>
#include <netinet6/ip6_var.h>
#include <netinet/in_pcb.h>
#include <netinet6/nd6.h>
#if IPSEC
#include <netinet6/ipsec.h>
#if INET6
#include <netinet6/ipsec6.h>
#endif
#include <netkey/key.h>
extern int ipsec_bypass;
extern lck_mtx_t *sadb_mutex;
extern lck_mtx_t *nd6_mutex;
#endif
#include <netinet6/ip6_fw.h>
#include <net/net_osdep.h>
#include <netinet/kpi_ipfilter_var.h>
#ifndef __APPLE__
static MALLOC_DEFINE(M_IPMOPTS, "ip6_moptions", "internet multicast options");
#endif
extern u_long route_generation;
struct ip6_exthdrs {
struct mbuf *ip6e_ip6;
struct mbuf *ip6e_hbh;
struct mbuf *ip6e_dest1;
struct mbuf *ip6e_rthdr;
struct mbuf *ip6e_dest2;
};
static int ip6_pcbopts(struct ip6_pktopts **, struct mbuf *,
struct socket *, struct sockopt *sopt);
static int ip6_setmoptions(int, struct inpcb *, struct mbuf *);
static int ip6_getmoptions(int, struct ip6_moptions *, struct mbuf **);
static int ip6_copyexthdr(struct mbuf **, caddr_t, int);
static int ip6_insertfraghdr(struct mbuf *, struct mbuf *, int,
struct ip6_frag **);
static int ip6_insert_jumboopt(struct ip6_exthdrs *, u_int32_t);
static int ip6_splithdr(struct mbuf *, struct ip6_exthdrs *);
extern int ip_createmoptions(struct ip_moptions **imop);
extern int ip_addmembership(struct ip_moptions *imo, struct ip_mreq *mreq);
extern int ip_dropmembership(struct ip_moptions *imo, struct ip_mreq *mreq);
extern lck_mtx_t *ip6_mutex;
int
ip6_output(
struct mbuf *m0,
struct ip6_pktopts *opt,
struct route_in6 *ro,
int flags,
struct ip6_moptions *im6o,
struct ifnet **ifpp,
int locked)
{
struct ip6_hdr *ip6, *mhip6;
struct ifnet *ifp, *origifp;
struct mbuf *m = m0;
int hlen, tlen, len, off;
struct route_in6 ip6route;
struct sockaddr_in6 *dst;
int error = 0;
struct in6_ifaddr *ia = NULL;
u_long mtu;
u_int32_t optlen = 0, plen = 0, unfragpartlen = 0;
struct ip6_exthdrs exthdrs;
struct in6_addr finaldst;
struct route_in6 *ro_pmtu = NULL;
int hdrsplit = 0;
int needipsec = 0;
ipfilter_t inject_filter_ref;
#if IPSEC
int needipsectun = 0;
struct socket *so = NULL;
struct secpolicy *sp = NULL;
if (!locked)
lck_mtx_lock(ip6_mutex);
if (ipsec_bypass == 0)
{
so = ipsec_getsocket(m);
(void)ipsec_setsocket(m, NULL);
}
#endif
ip6 = mtod(m, struct ip6_hdr *);
inject_filter_ref = ipf_get_inject_filter(m);
#define MAKE_EXTHDR(hp, mp) \
do { \
if (hp) { \
struct ip6_ext *eh = (struct ip6_ext *)(hp); \
error = ip6_copyexthdr((mp), (caddr_t)(hp), \
((eh)->ip6e_len + 1) << 3); \
if (error) \
goto freehdrs; \
} \
} while (0)
bzero(&exthdrs, sizeof(exthdrs));
if (opt) {
MAKE_EXTHDR(opt->ip6po_hbh, &exthdrs.ip6e_hbh);
MAKE_EXTHDR(opt->ip6po_dest1, &exthdrs.ip6e_dest1);
MAKE_EXTHDR(opt->ip6po_rthdr, &exthdrs.ip6e_rthdr);
MAKE_EXTHDR(opt->ip6po_dest2, &exthdrs.ip6e_dest2);
}
#if IPSEC
if (ipsec_bypass != 0)
goto skip_ipsec;
lck_mtx_lock(sadb_mutex);
if (so == NULL)
sp = ipsec6_getpolicybyaddr(m, IPSEC_DIR_OUTBOUND, 0, &error);
else
sp = ipsec6_getpolicybysock(m, IPSEC_DIR_OUTBOUND, so, &error);
if (sp == NULL) {
ipsec6stat.out_inval++;
lck_mtx_unlock(sadb_mutex);
goto freehdrs;
}
error = 0;
switch (sp->policy) {
case IPSEC_POLICY_DISCARD:
ipsec6stat.out_polvio++;
lck_mtx_unlock(sadb_mutex);
goto freehdrs;
case IPSEC_POLICY_BYPASS:
case IPSEC_POLICY_NONE:
needipsec = 0;
break;
case IPSEC_POLICY_IPSEC:
if (sp->req == NULL) {
error = key_spdacquire(sp);
lck_mtx_unlock(sadb_mutex);
goto freehdrs;
}
needipsec = 1;
break;
case IPSEC_POLICY_ENTRUST:
default:
printf("ip6_output: Invalid policy found. %d\n", sp->policy);
}
lck_mtx_unlock(sadb_mutex);
skip_ipsec:
#endif
optlen = 0;
if (exthdrs.ip6e_hbh) optlen += exthdrs.ip6e_hbh->m_len;
if (exthdrs.ip6e_dest1) optlen += exthdrs.ip6e_dest1->m_len;
if (exthdrs.ip6e_rthdr) optlen += exthdrs.ip6e_rthdr->m_len;
unfragpartlen = optlen + sizeof(struct ip6_hdr);
if (exthdrs.ip6e_dest2) optlen += exthdrs.ip6e_dest2->m_len;
if ((needipsec || optlen) && !hdrsplit) {
if ((error = ip6_splithdr(m, &exthdrs)) != 0) {
m = NULL;
goto freehdrs;
}
m = exthdrs.ip6e_ip6;
hdrsplit++;
}
ip6 = mtod(m, struct ip6_hdr *);
m->m_pkthdr.len += optlen;
plen = m->m_pkthdr.len - sizeof(*ip6);
if (plen > IPV6_MAXPACKET) {
if (!hdrsplit) {
if ((error = ip6_splithdr(m, &exthdrs)) != 0) {
m = NULL;
goto freehdrs;
}
m = exthdrs.ip6e_ip6;
hdrsplit++;
}
ip6 = mtod(m, struct ip6_hdr *);
if ((error = ip6_insert_jumboopt(&exthdrs, plen)) != 0)
goto freehdrs;
ip6->ip6_plen = 0;
} else
ip6->ip6_plen = htons(plen);
{
u_char *nexthdrp = &ip6->ip6_nxt;
struct mbuf *mprev = m;
if (exthdrs.ip6e_dest2) {
if (!hdrsplit)
panic("assumption failed: hdr not split");
exthdrs.ip6e_dest2->m_next = m->m_next;
m->m_next = exthdrs.ip6e_dest2;
*mtod(exthdrs.ip6e_dest2, u_char *) = ip6->ip6_nxt;
ip6->ip6_nxt = IPPROTO_DSTOPTS;
}
#define MAKE_CHAIN(m, mp, p, i)\
do {\
if (m) {\
if (!hdrsplit) \
panic("assumption failed: hdr not split"); \
*mtod((m), u_char *) = *(p);\
*(p) = (i);\
p = mtod((m), u_char *);\
(m)->m_next = (mp)->m_next;\
(mp)->m_next = (m);\
(mp) = (m);\
}\
} while (0)
MAKE_CHAIN(exthdrs.ip6e_hbh, mprev,
nexthdrp, IPPROTO_HOPOPTS);
MAKE_CHAIN(exthdrs.ip6e_dest1, mprev,
nexthdrp, IPPROTO_DSTOPTS);
MAKE_CHAIN(exthdrs.ip6e_rthdr, mprev,
nexthdrp, IPPROTO_ROUTING);
if (!TAILQ_EMPTY(&ipv6_filters)) {
struct ipfilter *filter;
int seen = (inject_filter_ref == 0);
int fixscope = 0;
struct ipf_pktopts *ippo = 0, ipf_pktopts;
if (im6o != NULL && IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
ippo = &ipf_pktopts;
ippo->ippo_flags = IPPOF_MCAST_OPTS;
ippo->ippo_mcast_ifnet = im6o->im6o_multicast_ifp;
ippo->ippo_mcast_ttl = im6o->im6o_multicast_hlim;
ippo->ippo_mcast_loop = im6o->im6o_multicast_loop;
}
if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_dst) &&
(ip6->ip6_dst.s6_addr16[1] == 0) && (ro != NULL)) {
fixscope = 1;
ip6->ip6_dst.s6_addr16[1] = htons(ro->ro_dst.sin6_scope_id);
}
{
lck_mtx_unlock(ip6_mutex);
ipf_ref();
TAILQ_FOREACH(filter, &ipv6_filters, ipf_link) {
if (seen == 0) {
if ((struct ipfilter *)inject_filter_ref == filter)
seen = 1;
} else if (filter->ipf_filter.ipf_output) {
errno_t result;
result = filter->ipf_filter.ipf_output(filter->ipf_filter.cookie, (mbuf_t*)&m, ippo);
if (result == EJUSTRETURN) {
ipf_unref();
locked = 1;
goto done;
}
if (result != 0) {
ipf_unref();
locked = 1;
goto bad;
}
}
}
ipf_unref();
lck_mtx_lock(ip6_mutex);
}
if (fixscope)
ip6->ip6_dst.s6_addr16[1] = 0;
}
#if IPSEC
if (!needipsec)
goto skip_ipsec2;
exthdrs.ip6e_dest2 = NULL;
{
struct ip6_rthdr *rh = NULL;
int segleft_org = 0;
struct ipsec_output_state state;
if (exthdrs.ip6e_rthdr) {
rh = mtod(exthdrs.ip6e_rthdr, struct ip6_rthdr *);
segleft_org = rh->ip6r_segleft;
rh->ip6r_segleft = 0;
}
bzero(&state, sizeof(state));
state.m = m;
error = ipsec6_output_trans(&state, nexthdrp, mprev, sp, flags,
&needipsectun);
m = state.m;
if (error) {
m = NULL;
switch (error) {
case EHOSTUNREACH:
case ENETUNREACH:
case EMSGSIZE:
case ENOBUFS:
case ENOMEM:
break;
default:
printf("ip6_output (ipsec): error code %d\n", error);
case ENOENT:
error = 0;
break;
}
goto bad;
}
if (exthdrs.ip6e_rthdr) {
rh->ip6r_segleft = segleft_org;
}
}
skip_ipsec2:;
#endif
}
if (exthdrs.ip6e_rthdr) {
struct ip6_rthdr *rh =
(struct ip6_rthdr *)(mtod(exthdrs.ip6e_rthdr,
struct ip6_rthdr *));
struct ip6_rthdr0 *rh0;
finaldst = ip6->ip6_dst;
switch (rh->ip6r_type) {
case IPV6_RTHDR_TYPE_0:
rh0 = (struct ip6_rthdr0 *)rh;
ip6->ip6_dst = rh0->ip6r0_addr[0];
bcopy((caddr_t)&rh0->ip6r0_addr[1],
(caddr_t)&rh0->ip6r0_addr[0],
sizeof(struct in6_addr)*(rh0->ip6r0_segleft - 1)
);
rh0->ip6r0_addr[rh0->ip6r0_segleft - 1] = finaldst;
break;
default:
error = EINVAL;
goto bad;
}
}
if (IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src) &&
(flags & IPV6_DADOUTPUT) == 0) {
error = EOPNOTSUPP;
ip6stat.ip6s_badscope++;
goto bad;
}
if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_src)) {
error = EOPNOTSUPP;
ip6stat.ip6s_badscope++;
goto bad;
}
ip6stat.ip6s_localout++;
if (ro == 0) {
ro = &ip6route;
bzero((caddr_t)ro, sizeof(*ro));
}
ro_pmtu = ro;
if (opt && opt->ip6po_rthdr)
ro = &opt->ip6po_route;
dst = (struct sockaddr_in6 *)&ro->ro_dst;
if (ro->ro_rt && ((ro->ro_rt->rt_flags & RTF_UP) == 0 ||
dst->sin6_family != AF_INET6 ||
!IN6_ARE_ADDR_EQUAL(&dst->sin6_addr, &ip6->ip6_dst) ||
ro->ro_rt->generation_id != route_generation)) {
rtfree(ro->ro_rt);
ro->ro_rt = (struct rtentry *)0;
}
if (ro->ro_rt == 0) {
bzero(dst, sizeof(*dst));
dst->sin6_family = AF_INET6;
dst->sin6_len = sizeof(struct sockaddr_in6);
dst->sin6_addr = ip6->ip6_dst;
#if SCOPEDROUTING
if (IN6_IS_SCOPE_LINKLOCAL(&dst->sin6_addr))
dst->sin6_scope_id = ntohs(dst->sin6_addr.s6_addr16[1]);
#endif
}
#if IPSEC
if (needipsec && needipsectun) {
struct ipsec_output_state state;
bzero(&exthdrs, sizeof(exthdrs));
exthdrs.ip6e_ip6 = m;
bzero(&state, sizeof(state));
state.m = m;
state.ro = (struct route *)ro;
state.dst = (struct sockaddr *)dst;
lck_mtx_lock(sadb_mutex);
error = ipsec6_output_tunnel(&state, sp, flags);
lck_mtx_unlock(sadb_mutex);
m = state.m;
ro = (struct route_in6 *)state.ro;
dst = (struct sockaddr_in6 *)state.dst;
if (error) {
m0 = m = NULL;
m = NULL;
switch (error) {
case EHOSTUNREACH:
case ENETUNREACH:
case EMSGSIZE:
case ENOBUFS:
case ENOMEM:
break;
default:
printf("ip6_output (ipsec): error code %d\n", error);
case ENOENT:
error = 0;
break;
}
lck_mtx_unlock(sadb_mutex);
goto bad;
}
exthdrs.ip6e_ip6 = m;
}
#endif
if (!IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
#define ifatoia6(ifa) ((struct in6_ifaddr *)(ifa))
#define sin6tosa(sin6) ((struct sockaddr *)(sin6))
lck_mtx_lock(rt_mtx);
if (ro->ro_rt == 0) {
rtalloc_ign_locked((struct route *)ro, 0UL);
}
if (ro->ro_rt == 0) {
ip6stat.ip6s_noroute++;
error = EHOSTUNREACH;
lck_mtx_unlock(rt_mtx);
goto bad;
}
ia = ifatoia6(ro->ro_rt->rt_ifa);
ifp = ro->ro_rt->rt_ifp;
ro->ro_rt->rt_use++;
if (ro->ro_rt->rt_flags & RTF_GATEWAY)
dst = (struct sockaddr_in6 *)ro->ro_rt->rt_gateway;
lck_mtx_unlock(rt_mtx);
m->m_flags &= ~(M_BCAST | M_MCAST);
in6_ifstat_inc(ifp, ifs6_out_request);
if (opt && opt->ip6po_pktinfo
&& opt->ip6po_pktinfo->ipi6_ifindex) {
if (!(ifp->if_flags & IFF_LOOPBACK)
&& ifp->if_index != opt->ip6po_pktinfo->ipi6_ifindex) {
ip6stat.ip6s_noroute++;
in6_ifstat_inc(ifp, ifs6_out_discard);
error = EHOSTUNREACH;
goto bad;
}
}
if (opt && opt->ip6po_hlim != -1)
ip6->ip6_hlim = opt->ip6po_hlim & 0xff;
} else {
struct in6_multi *in6m;
m->m_flags = (m->m_flags & ~M_BCAST) | M_MCAST;
ifp = NULL;
if (im6o != NULL) {
ip6->ip6_hlim = im6o->im6o_multicast_hlim;
if (im6o->im6o_multicast_ifp != NULL)
ifp = im6o->im6o_multicast_ifp;
} else
ip6->ip6_hlim = ip6_defmcasthlim;
if (opt && opt->ip6po_pktinfo && opt->ip6po_pktinfo->ipi6_ifindex)
ifp = ifindex2ifnet[opt->ip6po_pktinfo->ipi6_ifindex];
if (IN6_IS_ADDR_MC_NODELOCAL(&ip6->ip6_dst)) {
if (ifp && (ifp->if_flags & IFF_LOOPBACK) == 0) {
ip6stat.ip6s_badscope++;
error = ENETUNREACH;
in6_ifstat_inc(ifp, ifs6_out_discard);
goto bad;
} else {
ifp = &loif[0];
}
}
if (opt && opt->ip6po_hlim != -1)
ip6->ip6_hlim = opt->ip6po_hlim & 0xff;
if (ifp == NULL) {
lck_mtx_lock(rt_mtx);
if (ro->ro_rt == 0) {
ro->ro_rt = rtalloc1_locked((struct sockaddr *)
&ro->ro_dst, 0, 0UL);
}
if (ro->ro_rt == 0) {
ip6stat.ip6s_noroute++;
lck_mtx_unlock(rt_mtx);
error = EHOSTUNREACH;
goto bad;
}
ia = ifatoia6(ro->ro_rt->rt_ifa);
ifp = ro->ro_rt->rt_ifp;
ro->ro_rt->rt_use++;
lck_mtx_unlock(rt_mtx);
}
if ((flags & IPV6_FORWARDING) == 0)
in6_ifstat_inc(ifp, ifs6_out_request);
in6_ifstat_inc(ifp, ifs6_out_mcast);
if ((ifp->if_flags & IFF_MULTICAST) == 0) {
ip6stat.ip6s_noroute++;
in6_ifstat_inc(ifp, ifs6_out_discard);
error = ENETUNREACH;
goto bad;
}
ifnet_lock_shared(ifp);
IN6_LOOKUP_MULTI(ip6->ip6_dst, ifp, in6m);
ifnet_lock_done(ifp);
if (in6m != NULL &&
(im6o == NULL || im6o->im6o_multicast_loop)) {
ip6_mloopback(ifp, m, dst);
} else {
if (ip6_mrouter && (flags & IPV6_FORWARDING) == 0) {
if (ip6_mforward(ip6, ifp, m) != NULL) {
m_freem(m);
goto done;
}
}
}
if (ip6->ip6_hlim == 0 || (ifp->if_flags & IFF_LOOPBACK)) {
m_freem(m);
goto done;
}
}
if (ifpp)
*ifpp = ifp;
if (ro_pmtu != ro) {
struct sockaddr_in6 *sin6_fin =
(struct sockaddr_in6 *)&ro_pmtu->ro_dst;
if (ro_pmtu->ro_rt && ((ro->ro_rt->rt_flags & RTF_UP) == 0 ||
!IN6_ARE_ADDR_EQUAL(&sin6_fin->sin6_addr,
&finaldst))) {
rtfree(ro_pmtu->ro_rt);
ro_pmtu->ro_rt = (struct rtentry *)0;
}
if (ro_pmtu->ro_rt == 0) {
bzero(sin6_fin, sizeof(*sin6_fin));
sin6_fin->sin6_family = AF_INET6;
sin6_fin->sin6_len = sizeof(struct sockaddr_in6);
sin6_fin->sin6_addr = finaldst;
rtalloc((struct route *)ro_pmtu);
}
}
if (ro_pmtu->ro_rt != NULL) {
u_int32_t ifmtu = nd_ifinfo[ifp->if_index].linkmtu;
mtu = ro_pmtu->ro_rt->rt_rmx.rmx_mtu;
if (mtu > ifmtu || mtu == 0) {
mtu = ifmtu;
if ((ro_pmtu->ro_rt->rt_rmx.rmx_locks & RTV_MTU) == 0)
ro_pmtu->ro_rt->rt_rmx.rmx_mtu = mtu;
}
} else {
mtu = nd_ifinfo[ifp->if_index].linkmtu;
}
if ((flags & IPV6_MINMTU) != 0 && mtu > IPV6_MMTU)
mtu = IPV6_MMTU;
if ((ifp->if_flags & IFF_LOOPBACK) != 0) {
origifp = NULL;
if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_src))
origifp = ifindex2ifnet[ntohs(ip6->ip6_src.s6_addr16[1])];
else if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_dst))
origifp = ifindex2ifnet[ntohs(ip6->ip6_dst.s6_addr16[1])];
if (origifp == NULL)
origifp = ifp;
}
else
origifp = ifp;
#ifndef SCOPEDROUTING
in6_clearscope(&ip6->ip6_src);
in6_clearscope(&ip6->ip6_dst);
#endif
if (ip6_fw_enable && ip6_fw_chk_ptr) {
u_short port = 0;
m->m_pkthdr.rcvif = NULL;
if (ip6_fw_chk_ptr(&ip6, ifp, &port, &m)) {
m_freem(m);
goto done;
}
if (!m) {
error = EACCES;
goto done;
}
}
if (exthdrs.ip6e_hbh) {
struct ip6_hbh *hbh = mtod(exthdrs.ip6e_hbh, struct ip6_hbh *);
u_int32_t dummy1;
u_int32_t dummy2;
#if DIAGNOSTIC
if ((hbh->ip6h_len + 1) << 3 > exthdrs.ip6e_hbh->m_len)
panic("ip6e_hbh is not continuous");
#endif
m->m_flags |= M_LOOP;
m->m_pkthdr.rcvif = ifp;
if (ip6_process_hopopts(m,
(u_int8_t *)(hbh + 1),
((hbh->ip6h_len + 1) << 3) -
sizeof(struct ip6_hbh),
&dummy1, &dummy2) < 0) {
error = EINVAL;
goto done;
}
m->m_flags &= ~M_LOOP;
m->m_pkthdr.rcvif = NULL;
}
tlen = m->m_pkthdr.len;
if (tlen <= mtu
#if notyet
|| ifp->if_flags & IFF_FRAGMENTABLE
#endif
)
{
if (ia && !(flags & IPV6_FORWARDING)) {
#ifndef __APPLE__
ia->ia_ifa.if_opackets++;
ia->ia_ifa.if_obytes += m->m_pkthdr.len;
#endif
}
#ifdef IPSEC
ipsec_delaux(m);
#endif
error = nd6_output(ifp, origifp, m, dst, ro->ro_rt, 1);
goto done;
} else if (mtu < IPV6_MMTU) {
error = EMSGSIZE;
in6_ifstat_inc(ifp, ifs6_out_fragfail);
goto bad;
} else if (ip6->ip6_plen == 0) {
error = EMSGSIZE;
in6_ifstat_inc(ifp, ifs6_out_fragfail);
goto bad;
} else {
struct mbuf **mnext, *m_frgpart;
struct ip6_frag *ip6f;
u_int32_t id = htonl(ip6_id++);
u_char nextproto;
hlen = unfragpartlen;
if (mtu > IPV6_MAXPACKET)
mtu = IPV6_MAXPACKET;
len = (mtu - hlen - sizeof(struct ip6_frag)) & ~7;
if (len < 8) {
error = EMSGSIZE;
in6_ifstat_inc(ifp, ifs6_out_fragfail);
goto bad;
}
mnext = &m->m_nextpkt;
if (exthdrs.ip6e_rthdr) {
nextproto = *mtod(exthdrs.ip6e_rthdr, u_char *);
*mtod(exthdrs.ip6e_rthdr, u_char *) = IPPROTO_FRAGMENT;
} else if (exthdrs.ip6e_dest1) {
nextproto = *mtod(exthdrs.ip6e_dest1, u_char *);
*mtod(exthdrs.ip6e_dest1, u_char *) = IPPROTO_FRAGMENT;
} else if (exthdrs.ip6e_hbh) {
nextproto = *mtod(exthdrs.ip6e_hbh, u_char *);
*mtod(exthdrs.ip6e_hbh, u_char *) = IPPROTO_FRAGMENT;
} else {
nextproto = ip6->ip6_nxt;
ip6->ip6_nxt = IPPROTO_FRAGMENT;
}
m0 = m;
for (off = hlen; off < tlen; off += len) {
MGETHDR(m, M_DONTWAIT, MT_HEADER);
if (!m) {
error = ENOBUFS;
ip6stat.ip6s_odropped++;
goto sendorfree;
}
m->m_pkthdr.rcvif = NULL;
m->m_flags = m0->m_flags & M_COPYFLAGS;
*mnext = m;
mnext = &m->m_nextpkt;
m->m_data += max_linkhdr;
mhip6 = mtod(m, struct ip6_hdr *);
*mhip6 = *ip6;
m->m_len = sizeof(*mhip6);
error = ip6_insertfraghdr(m0, m, hlen, &ip6f);
if (error) {
ip6stat.ip6s_odropped++;
goto sendorfree;
}
ip6f->ip6f_offlg = htons((u_short)((off - hlen) & ~7));
if (off + len >= tlen)
len = tlen - off;
else
ip6f->ip6f_offlg |= IP6F_MORE_FRAG;
mhip6->ip6_plen = htons((u_short)(len + hlen +
sizeof(*ip6f) -
sizeof(struct ip6_hdr)));
if ((m_frgpart = m_copy(m0, off, len)) == 0) {
error = ENOBUFS;
ip6stat.ip6s_odropped++;
goto sendorfree;
}
m_cat(m, m_frgpart);
m->m_pkthdr.len = len + hlen + sizeof(*ip6f);
m->m_pkthdr.rcvif = 0;
m->m_pkthdr.socket_id = m0->m_pkthdr.socket_id;
ip6f->ip6f_reserved = 0;
ip6f->ip6f_ident = id;
ip6f->ip6f_nxt = nextproto;
ip6stat.ip6s_ofragments++;
in6_ifstat_inc(ifp, ifs6_out_fragcreat);
}
in6_ifstat_inc(ifp, ifs6_out_fragok);
}
sendorfree:
m = m0->m_nextpkt;
m0->m_nextpkt = 0;
m_freem(m0);
for (m0 = m; m; m = m0) {
m0 = m->m_nextpkt;
m->m_nextpkt = 0;
if (error == 0) {
if (ia) {
#ifndef __APPLE__
ia->ia_ifa.if_opackets++;
ia->ia_ifa.if_obytes += m->m_pkthdr.len;
#endif
}
#if IPSEC
ipsec_delaux(m);
#endif
error = nd6_output(ifp, origifp, m, dst, ro->ro_rt, 1);
} else
m_freem(m);
}
if (error == 0)
ip6stat.ip6s_fragmented++;
done:
if (!locked)
lck_mtx_unlock(ip6_mutex);
if (ro == &ip6route && ro->ro_rt) {
rtfree(ro->ro_rt);
} else if (ro_pmtu == &ip6route && ro_pmtu->ro_rt) {
rtfree(ro_pmtu->ro_rt);
}
#if IPSEC
if (sp != NULL) {
lck_mtx_lock(sadb_mutex);
key_freesp(sp);
lck_mtx_unlock(sadb_mutex);
}
#endif
return(error);
freehdrs:
m_freem(exthdrs.ip6e_hbh);
m_freem(exthdrs.ip6e_dest1);
m_freem(exthdrs.ip6e_rthdr);
m_freem(exthdrs.ip6e_dest2);
bad:
m_freem(m);
goto done;
}
static int
ip6_copyexthdr(mp, hdr, hlen)
struct mbuf **mp;
caddr_t hdr;
int hlen;
{
struct mbuf *m;
if (hlen > MCLBYTES)
return(ENOBUFS);
MGET(m, M_DONTWAIT, MT_DATA);
if (!m)
return(ENOBUFS);
if (hlen > MLEN) {
MCLGET(m, M_DONTWAIT);
if ((m->m_flags & M_EXT) == 0) {
m_free(m);
return(ENOBUFS);
}
}
m->m_len = hlen;
if (hdr)
bcopy(hdr, mtod(m, caddr_t), hlen);
*mp = m;
return(0);
}
static int
ip6_insert_jumboopt(exthdrs, plen)
struct ip6_exthdrs *exthdrs;
u_int32_t plen;
{
struct mbuf *mopt;
u_char *optbuf;
u_int32_t v;
#define JUMBOOPTLEN 8
if (exthdrs->ip6e_hbh == 0) {
MGET(mopt, M_DONTWAIT, MT_DATA);
if (mopt == 0)
return(ENOBUFS);
mopt->m_len = JUMBOOPTLEN;
optbuf = mtod(mopt, u_char *);
optbuf[1] = 0;
exthdrs->ip6e_hbh = mopt;
} else {
struct ip6_hbh *hbh;
mopt = exthdrs->ip6e_hbh;
if (M_TRAILINGSPACE(mopt) < JUMBOOPTLEN) {
int oldoptlen = mopt->m_len;
struct mbuf *n;
if (oldoptlen + JUMBOOPTLEN > MCLBYTES)
return(ENOBUFS);
MGET(n, M_DONTWAIT, MT_DATA);
if (n) {
MCLGET(n, M_DONTWAIT);
if ((n->m_flags & M_EXT) == 0) {
m_freem(n);
n = NULL;
}
}
if (!n)
return(ENOBUFS);
n->m_len = oldoptlen + JUMBOOPTLEN;
bcopy(mtod(mopt, caddr_t), mtod(n, caddr_t),
oldoptlen);
optbuf = mtod(n, caddr_t) + oldoptlen;
m_freem(mopt);
mopt = exthdrs->ip6e_hbh = n;
} else {
optbuf = mtod(mopt, u_char *) + mopt->m_len;
mopt->m_len += JUMBOOPTLEN;
}
optbuf[0] = IP6OPT_PADN;
optbuf[1] = 1;
hbh = mtod(mopt, struct ip6_hbh *);
hbh->ip6h_len += (JUMBOOPTLEN >> 3);
}
optbuf[2] = IP6OPT_JUMBO;
optbuf[3] = 4;
v = (u_int32_t)htonl(plen + JUMBOOPTLEN);
bcopy(&v, &optbuf[4], sizeof(u_int32_t));
exthdrs->ip6e_ip6->m_pkthdr.len += JUMBOOPTLEN;
return(0);
#undef JUMBOOPTLEN
}
static int
ip6_insertfraghdr(m0, m, hlen, frghdrp)
struct mbuf *m0, *m;
int hlen;
struct ip6_frag **frghdrp;
{
struct mbuf *n, *mlast;
if (hlen > sizeof(struct ip6_hdr)) {
n = m_copym(m0, sizeof(struct ip6_hdr),
hlen - sizeof(struct ip6_hdr), M_DONTWAIT);
if (n == 0)
return(ENOBUFS);
m->m_next = n;
} else
n = m;
for (mlast = n; mlast->m_next; mlast = mlast->m_next)
;
if ((mlast->m_flags & M_EXT) == 0 &&
M_TRAILINGSPACE(mlast) >= sizeof(struct ip6_frag)) {
*frghdrp =
(struct ip6_frag *)(mtod(mlast, caddr_t) + mlast->m_len);
mlast->m_len += sizeof(struct ip6_frag);
m->m_pkthdr.len += sizeof(struct ip6_frag);
} else {
struct mbuf *mfrg;
MGET(mfrg, M_DONTWAIT, MT_DATA);
if (mfrg == 0)
return(ENOBUFS);
mfrg->m_len = sizeof(struct ip6_frag);
*frghdrp = mtod(mfrg, struct ip6_frag *);
mlast->m_next = mfrg;
}
return(0);
}
extern int load_ipfw();
int
ip6_ctloutput(so, sopt)
struct socket *so;
struct sockopt *sopt;
{
int privileged;
struct inpcb *in6p = sotoinpcb(so);
int error, optval;
int level, op, optname;
int optlen;
struct proc *p;
level = error = optval = 0;
if (sopt == NULL)
panic("ip6_ctloutput: arg soopt is NULL");
else {
level = sopt->sopt_level;
op = sopt->sopt_dir;
optname = sopt->sopt_name;
optlen = sopt->sopt_valsize;
p = sopt->sopt_p;
}
privileged = (p == 0 || proc_suser(p)) ? 0 : 1;
if (level == IPPROTO_IPV6) {
switch (op) {
case SOPT_SET:
switch (optname) {
case IPV6_PKTOPTIONS:
{
struct mbuf *m;
if (sopt->sopt_valsize > MCLBYTES) {
error = EMSGSIZE;
break;
}
error = soopt_getm(sopt, &m);
if (error != NULL)
break;
error = soopt_mcopyin(sopt, m);
if (error != NULL)
break;
error = ip6_pcbopts(&in6p->in6p_outputopts,
m, so, sopt);
m_freem(m);
break;
}
case IPV6_UNICAST_HOPS:
case IPV6_CHECKSUM:
case IPV6_FAITH:
case IPV6_V6ONLY:
if (optlen != sizeof(int)) {
error = EINVAL;
break;
}
error = sooptcopyin(sopt, &optval,
sizeof optval, sizeof optval);
if (error)
break;
switch (optname) {
case IPV6_UNICAST_HOPS:
if (optval < -1 || optval >= 256)
error = EINVAL;
else {
in6p->in6p_hops = optval;
if ((in6p->in6p_vflag &
INP_IPV4) != 0)
in6p->inp_ip_ttl = optval;
}
break;
#define OPTSET(bit) \
do { \
if (optval) \
in6p->in6p_flags |= (bit); \
else \
in6p->in6p_flags &= ~(bit); \
} while (0)
#define OPTBIT(bit) (in6p->in6p_flags & (bit) ? 1 : 0)
case IPV6_CHECKSUM:
in6p->in6p_cksum = optval;
break;
case IPV6_FAITH:
OPTSET(IN6P_FAITH);
break;
case IPV6_V6ONLY:
if (in6p->in6p_lport ||
!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr))
{
error = EINVAL;
break;
}
OPTSET(IN6P_IPV6_V6ONLY);
if (optval)
in6p->in6p_vflag &= ~INP_IPV4;
else
in6p->in6p_vflag |= INP_IPV4;
break;
}
break;
case IPV6_PKTINFO:
case IPV6_HOPLIMIT:
case IPV6_HOPOPTS:
case IPV6_DSTOPTS:
case IPV6_RTHDR:
if (optlen != sizeof(int)) {
error = EINVAL;
break;
}
error = sooptcopyin(sopt, &optval,
sizeof optval, sizeof optval);
if (error)
break;
switch (optname) {
case IPV6_PKTINFO:
OPTSET(IN6P_PKTINFO);
break;
case IPV6_HOPLIMIT:
OPTSET(IN6P_HOPLIMIT);
break;
case IPV6_HOPOPTS:
if (!privileged)
return(EPERM);
OPTSET(IN6P_HOPOPTS);
break;
case IPV6_DSTOPTS:
if (!privileged)
return(EPERM);
OPTSET(IN6P_DSTOPTS|IN6P_RTHDRDSTOPTS);
break;
case IPV6_RTHDR:
OPTSET(IN6P_RTHDR);
break;
}
break;
#undef OPTSET
case IPV6_MULTICAST_IF:
case IPV6_MULTICAST_HOPS:
case IPV6_MULTICAST_LOOP:
case IPV6_JOIN_GROUP:
case IPV6_LEAVE_GROUP:
{
struct mbuf *m;
if (sopt->sopt_valsize > MLEN) {
error = EMSGSIZE;
break;
}
MGET(m, sopt->sopt_p ? M_WAIT : M_DONTWAIT, MT_HEADER);
if (m == 0) {
error = ENOBUFS;
break;
}
m->m_len = sopt->sopt_valsize;
error = sooptcopyin(sopt, mtod(m, char *),
m->m_len, m->m_len);
error = ip6_setmoptions(sopt->sopt_name, in6p, m);
(void)m_free(m);
}
break;
case IPV6_PORTRANGE:
error = sooptcopyin(sopt, &optval,
sizeof optval, sizeof optval);
if (error)
break;
switch (optval) {
case IPV6_PORTRANGE_DEFAULT:
in6p->in6p_flags &= ~(IN6P_LOWPORT);
in6p->in6p_flags &= ~(IN6P_HIGHPORT);
break;
case IPV6_PORTRANGE_HIGH:
in6p->in6p_flags &= ~(IN6P_LOWPORT);
in6p->in6p_flags |= IN6P_HIGHPORT;
break;
case IPV6_PORTRANGE_LOW:
in6p->in6p_flags &= ~(IN6P_HIGHPORT);
in6p->in6p_flags |= IN6P_LOWPORT;
break;
default:
error = EINVAL;
break;
}
break;
#if IPSEC
case IPV6_IPSEC_POLICY:
{
caddr_t req = NULL;
size_t len = 0;
struct mbuf *m;
if (sopt->sopt_valsize > MCLBYTES) {
error = EMSGSIZE;
break;
}
if ((error = soopt_getm(sopt, &m)) != 0)
break;
if ((error = soopt_mcopyin(sopt, m)) != 0)
break;
if (m) {
req = mtod(m, caddr_t);
len = m->m_len;
}
lck_mtx_lock(sadb_mutex);
error = ipsec6_set_policy(in6p, optname, req,
len, privileged);
lck_mtx_unlock(sadb_mutex);
m_freem(m);
}
break;
#endif
case IPV6_FW_ADD:
case IPV6_FW_DEL:
case IPV6_FW_FLUSH:
case IPV6_FW_ZERO:
{
if (ip6_fw_ctl_ptr == NULL && load_ipfw() != 0)
return EINVAL;
error = (*ip6_fw_ctl_ptr)(sopt);
}
break;
default:
error = ENOPROTOOPT;
break;
}
break;
case SOPT_GET:
switch (optname) {
case IPV6_PKTOPTIONS:
if (in6p->in6p_options) {
struct mbuf *m;
m = m_copym(in6p->in6p_options,
0, M_COPYALL, M_WAIT);
error = soopt_mcopyout(sopt, m);
if (error == 0)
m_freem(m);
} else
sopt->sopt_valsize = 0;
break;
case IPV6_UNICAST_HOPS:
case IPV6_CHECKSUM:
case IPV6_FAITH:
case IPV6_V6ONLY:
case IPV6_PORTRANGE:
switch (optname) {
case IPV6_UNICAST_HOPS:
optval = in6p->in6p_hops;
break;
case IPV6_CHECKSUM:
optval = in6p->in6p_cksum;
break;
case IPV6_FAITH:
optval = OPTBIT(IN6P_FAITH);
break;
case IPV6_V6ONLY:
optval = OPTBIT(IN6P_IPV6_V6ONLY);
break;
case IPV6_PORTRANGE:
{
int flags;
flags = in6p->in6p_flags;
if (flags & IN6P_HIGHPORT)
optval = IPV6_PORTRANGE_HIGH;
else if (flags & IN6P_LOWPORT)
optval = IPV6_PORTRANGE_LOW;
else
optval = 0;
break;
}
}
error = sooptcopyout(sopt, &optval,
sizeof optval);
break;
case IPV6_PKTINFO:
case IPV6_HOPLIMIT:
case IPV6_HOPOPTS:
case IPV6_RTHDR:
case IPV6_DSTOPTS:
if ((optname == IPV6_HOPOPTS ||
optname == IPV6_DSTOPTS) &&
!privileged)
return(EPERM);
switch (optname) {
case IPV6_PKTINFO:
optval = OPTBIT(IN6P_PKTINFO);
break;
case IPV6_HOPLIMIT:
optval = OPTBIT(IN6P_HOPLIMIT);
break;
case IPV6_HOPOPTS:
if (!privileged)
return(EPERM);
optval = OPTBIT(IN6P_HOPOPTS);
break;
case IPV6_RTHDR:
optval = OPTBIT(IN6P_RTHDR);
break;
case IPV6_DSTOPTS:
if (!privileged)
return(EPERM);
optval = OPTBIT(IN6P_DSTOPTS|IN6P_RTHDRDSTOPTS);
break;
}
error = sooptcopyout(sopt, &optval,
sizeof optval);
break;
case IPV6_MULTICAST_IF:
case IPV6_MULTICAST_HOPS:
case IPV6_MULTICAST_LOOP:
case IPV6_JOIN_GROUP:
case IPV6_LEAVE_GROUP:
{
struct mbuf *m;
error = ip6_getmoptions(sopt->sopt_name,
in6p->in6p_moptions, &m);
if (error == 0)
error = sooptcopyout(sopt,
mtod(m, char *), m->m_len);
m_freem(m);
}
break;
#if IPSEC
case IPV6_IPSEC_POLICY:
{
caddr_t req = NULL;
size_t len = 0;
struct mbuf *m = NULL;
struct mbuf **mp = &m;
if (sopt->sopt_valsize > MCLBYTES) {
error = EMSGSIZE;
break;
}
error = soopt_getm(sopt, &m);
if (error != NULL)
break;
error = soopt_mcopyin(sopt, m);
if (error != NULL)
break;
if (m) {
req = mtod(m, caddr_t);
len = m->m_len;
}
lck_mtx_lock(sadb_mutex);
error = ipsec6_get_policy(in6p, req, len, mp);
lck_mtx_unlock(sadb_mutex);
if (error == 0)
error = soopt_mcopyout(sopt, m);
if (error == 0 && m)
m_freem(m);
break;
}
#endif
case IPV6_FW_GET:
{
if (ip6_fw_ctl_ptr == NULL && load_ipfw() != 0)
return EINVAL;
error = (*ip6_fw_ctl_ptr)(sopt);
}
break;
default:
error = ENOPROTOOPT;
break;
}
break;
}
} else {
error = EINVAL;
}
return(error);
}
static int
ip6_pcbopts(pktopt, m, so, sopt)
struct ip6_pktopts **pktopt;
struct mbuf *m;
struct socket *so;
struct sockopt *sopt;
{
struct ip6_pktopts *opt = *pktopt;
int error = 0;
struct proc *p = sopt->sopt_p;
int priv = 0;
if (opt) {
#if DIAGNOSTIC
if (opt->ip6po_pktinfo || opt->ip6po_nexthop ||
opt->ip6po_hbh || opt->ip6po_dest1 || opt->ip6po_dest2 ||
opt->ip6po_rhinfo.ip6po_rhi_rthdr)
printf("ip6_pcbopts: all specified options are cleared.\n");
#endif
ip6_clearpktopts(opt, 1, -1);
} else
opt = _MALLOC(sizeof(*opt), M_IP6OPT, M_WAITOK);
*pktopt = NULL;
if (!m || m->m_len == 0) {
if (opt)
FREE(opt, M_IP6OPT);
return(0);
}
if (p && !proc_suser(p))
priv = 1;
if ((error = ip6_setpktoptions(m, opt, priv, 1)) != 0) {
ip6_clearpktopts(opt, 1, -1);
FREE(opt, M_IP6OPT);
return(error);
}
*pktopt = opt;
return(0);
}
void
init_ip6pktopts(opt)
struct ip6_pktopts *opt;
{
bzero(opt, sizeof(*opt));
opt->ip6po_hlim = -1;
}
void
ip6_clearpktopts(pktopt, needfree, optname)
struct ip6_pktopts *pktopt;
int needfree, optname;
{
if (pktopt == NULL)
return;
if (optname == -1) {
if (needfree && pktopt->ip6po_pktinfo)
FREE(pktopt->ip6po_pktinfo, M_IP6OPT);
pktopt->ip6po_pktinfo = NULL;
}
if (optname == -1)
pktopt->ip6po_hlim = -1;
if (optname == -1) {
if (needfree && pktopt->ip6po_nexthop)
FREE(pktopt->ip6po_nexthop, M_IP6OPT);
pktopt->ip6po_nexthop = NULL;
}
if (optname == -1) {
if (needfree && pktopt->ip6po_hbh)
FREE(pktopt->ip6po_hbh, M_IP6OPT);
pktopt->ip6po_hbh = NULL;
}
if (optname == -1) {
if (needfree && pktopt->ip6po_dest1)
FREE(pktopt->ip6po_dest1, M_IP6OPT);
pktopt->ip6po_dest1 = NULL;
}
if (optname == -1) {
if (needfree && pktopt->ip6po_rhinfo.ip6po_rhi_rthdr)
FREE(pktopt->ip6po_rhinfo.ip6po_rhi_rthdr, M_IP6OPT);
pktopt->ip6po_rhinfo.ip6po_rhi_rthdr = NULL;
if (pktopt->ip6po_route.ro_rt) {
rtfree(pktopt->ip6po_route.ro_rt);
pktopt->ip6po_route.ro_rt = NULL;
}
}
if (optname == -1) {
if (needfree && pktopt->ip6po_dest2)
FREE(pktopt->ip6po_dest2, M_IP6OPT);
pktopt->ip6po_dest2 = NULL;
}
}
#define PKTOPT_EXTHDRCPY(type) \
do {\
if (src->type) {\
int hlen =\
(((struct ip6_ext *)src->type)->ip6e_len + 1) << 3;\
dst->type = _MALLOC(hlen, M_IP6OPT, canwait);\
if (dst->type == NULL && canwait == M_NOWAIT)\
goto bad;\
bcopy(src->type, dst->type, hlen);\
}\
} while (0)
struct ip6_pktopts *
ip6_copypktopts(src, canwait)
struct ip6_pktopts *src;
int canwait;
{
struct ip6_pktopts *dst;
if (src == NULL) {
printf("ip6_clearpktopts: invalid argument\n");
return(NULL);
}
dst = _MALLOC(sizeof(*dst), M_IP6OPT, canwait);
if (dst == NULL && canwait == M_NOWAIT)
return (NULL);
bzero(dst, sizeof(*dst));
dst->ip6po_hlim = src->ip6po_hlim;
if (src->ip6po_pktinfo) {
dst->ip6po_pktinfo = _MALLOC(sizeof(*dst->ip6po_pktinfo),
M_IP6OPT, canwait);
if (dst->ip6po_pktinfo == NULL && canwait == M_NOWAIT)
goto bad;
*dst->ip6po_pktinfo = *src->ip6po_pktinfo;
}
if (src->ip6po_nexthop) {
dst->ip6po_nexthop = _MALLOC(src->ip6po_nexthop->sa_len,
M_IP6OPT, canwait);
if (dst->ip6po_nexthop == NULL && canwait == M_NOWAIT)
goto bad;
bcopy(src->ip6po_nexthop, dst->ip6po_nexthop,
src->ip6po_nexthop->sa_len);
}
PKTOPT_EXTHDRCPY(ip6po_hbh);
PKTOPT_EXTHDRCPY(ip6po_dest1);
PKTOPT_EXTHDRCPY(ip6po_dest2);
PKTOPT_EXTHDRCPY(ip6po_rthdr);
return(dst);
bad:
if (dst->ip6po_pktinfo) FREE(dst->ip6po_pktinfo, M_IP6OPT);
if (dst->ip6po_nexthop) FREE(dst->ip6po_nexthop, M_IP6OPT);
if (dst->ip6po_hbh) FREE(dst->ip6po_hbh, M_IP6OPT);
if (dst->ip6po_dest1) FREE(dst->ip6po_dest1, M_IP6OPT);
if (dst->ip6po_dest2) FREE(dst->ip6po_dest2, M_IP6OPT);
if (dst->ip6po_rthdr) FREE(dst->ip6po_rthdr, M_IP6OPT);
FREE(dst, M_IP6OPT);
return(NULL);
}
#undef PKTOPT_EXTHDRCPY
void
ip6_freepcbopts(pktopt)
struct ip6_pktopts *pktopt;
{
if (pktopt == NULL)
return;
ip6_clearpktopts(pktopt, 1, -1);
FREE(pktopt, M_IP6OPT);
}
static int
ip6_setmoptions(
int optname,
struct inpcb* in6p,
struct mbuf *m)
{
int error = 0;
u_int loop, ifindex;
struct ipv6_mreq *mreq;
struct ifnet *ifp;
struct ip6_moptions **im6op = &in6p->in6p_moptions;
struct ip6_moptions *im6o = *im6op;
struct ip_moptions *imo;
struct route_in6 ro;
struct sockaddr_in6 *dst;
struct in6_multi_mship *imm;
struct proc *p = current_proc();
if (im6o == NULL) {
im6o = (struct ip6_moptions *)
_MALLOC(sizeof(*im6o), M_IPMOPTS, M_WAITOK);
if (im6o == NULL)
return(ENOBUFS);
*im6op = im6o;
im6o->im6o_multicast_ifp = NULL;
im6o->im6o_multicast_hlim = ip6_defmcasthlim;
im6o->im6o_multicast_loop = IPV6_DEFAULT_MULTICAST_LOOP;
LIST_INIT(&im6o->im6o_memberships);
}
if (in6p->inp_moptions == NULL) {
error = ip_createmoptions(&in6p->inp_moptions);
if (error != 0)
return error;
}
imo = in6p->inp_moptions;
switch (optname) {
case IPV6_MULTICAST_IF:
if (m == NULL || m->m_len != sizeof(u_int)) {
error = EINVAL;
break;
}
bcopy(mtod(m, u_int *), &ifindex, sizeof(ifindex));
if (ifindex < 0 || if_index < ifindex) {
error = ENXIO;
break;
}
ifp = ifindex2ifnet[ifindex];
if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0) {
error = EADDRNOTAVAIL;
break;
}
im6o->im6o_multicast_ifp = ifp;
imo->imo_multicast_ifp = ifp;
break;
case IPV6_MULTICAST_HOPS:
{
int optval;
if (m == NULL || m->m_len != sizeof(int)) {
error = EINVAL;
break;
}
bcopy(mtod(m, u_int *), &optval, sizeof(optval));
if (optval < -1 || optval >= 256)
error = EINVAL;
else if (optval == -1) {
im6o->im6o_multicast_hlim = ip6_defmcasthlim;
imo->imo_multicast_ttl = IP_DEFAULT_MULTICAST_TTL;
} else {
im6o->im6o_multicast_hlim = optval;
imo->imo_multicast_ttl = optval;
}
break;
}
case IPV6_MULTICAST_LOOP:
if (m == NULL || m->m_len != sizeof(u_int)) {
error = EINVAL;
break;
}
bcopy(mtod(m, u_int *), &loop, sizeof(loop));
if (loop > 1) {
error = EINVAL;
break;
}
im6o->im6o_multicast_loop = loop;
imo->imo_multicast_loop = loop;
break;
case IPV6_JOIN_GROUP:
if (m == NULL || m->m_len != sizeof(struct ipv6_mreq)) {
error = EINVAL;
break;
}
mreq = mtod(m, struct ipv6_mreq *);
if (mreq->ipv6mr_interface < 0
|| if_index < mreq->ipv6mr_interface) {
error = ENXIO;
break;
}
if (IN6_IS_ADDR_UNSPECIFIED(&mreq->ipv6mr_multiaddr)) {
if (suser(kauth_cred_get(), 0))
{
error = EACCES;
break;
}
} else if (IN6_IS_ADDR_V4MAPPED(&mreq->ipv6mr_multiaddr)) {
struct ip_mreq v4req;
v4req.imr_multiaddr.s_addr = mreq->ipv6mr_multiaddr.s6_addr32[3];
v4req.imr_interface.s_addr = INADDR_ANY;
if (mreq->ipv6mr_interface != 0) {
struct in_ifaddr *ifa;
ifp = ifindex2ifnet[mreq->ipv6mr_interface];
lck_mtx_lock(rt_mtx);
TAILQ_FOREACH(ifa, &in_ifaddrhead, ia_link) {
if (ifa->ia_ifp == ifp) {
v4req.imr_interface = IA_SIN(ifa)->sin_addr;
break;
}
}
lck_mtx_unlock(rt_mtx);
if (v4req.imr_multiaddr.s_addr == 0) {
error = EINVAL;
break;
}
}
error = ip_addmembership(imo, &v4req);
break;
} else if (!IN6_IS_ADDR_MULTICAST(&mreq->ipv6mr_multiaddr)) {
error = EINVAL;
break;
}
if (mreq->ipv6mr_interface == 0) {
if (IN6_IS_ADDR_MC_NODELOCAL(&mreq->ipv6mr_multiaddr)) {
ifp = &loif[0];
} else {
ro.ro_rt = NULL;
dst = (struct sockaddr_in6 *)&ro.ro_dst;
bzero(dst, sizeof(*dst));
dst->sin6_len = sizeof(struct sockaddr_in6);
dst->sin6_family = AF_INET6;
dst->sin6_addr = mreq->ipv6mr_multiaddr;
rtalloc((struct route *)&ro);
if (ro.ro_rt == NULL) {
error = EADDRNOTAVAIL;
break;
}
ifp = ro.ro_rt->rt_ifp;
rtfree(ro.ro_rt);
}
} else
ifp = ifindex2ifnet[mreq->ipv6mr_interface];
if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0) {
error = EADDRNOTAVAIL;
break;
}
if (IN6_IS_ADDR_MC_LINKLOCAL(&mreq->ipv6mr_multiaddr)) {
mreq->ipv6mr_multiaddr.s6_addr16[1]
= htons(mreq->ipv6mr_interface);
}
lck_mtx_lock(nd6_mutex);
for (imm = im6o->im6o_memberships.lh_first;
imm != NULL; imm = imm->i6mm_chain.le_next)
if (imm->i6mm_maddr->in6m_ifp == ifp &&
IN6_ARE_ADDR_EQUAL(&imm->i6mm_maddr->in6m_addr,
&mreq->ipv6mr_multiaddr))
break;
if (imm != NULL) {
error = EADDRINUSE;
lck_mtx_unlock(nd6_mutex);
break;
}
imm = _MALLOC(sizeof(*imm), M_IPMADDR, M_WAITOK);
if (imm == NULL) {
error = ENOBUFS;
lck_mtx_unlock(nd6_mutex);
break;
}
if ((imm->i6mm_maddr =
in6_addmulti(&mreq->ipv6mr_multiaddr, ifp, &error, 1)) == NULL) {
FREE(imm, M_IPMADDR);
lck_mtx_unlock(nd6_mutex);
break;
}
LIST_INSERT_HEAD(&im6o->im6o_memberships, imm, i6mm_chain);
lck_mtx_unlock(nd6_mutex);
break;
case IPV6_LEAVE_GROUP:
if (m == NULL || m->m_len != sizeof(struct ipv6_mreq)) {
error = EINVAL;
break;
}
mreq = mtod(m, struct ipv6_mreq *);
if (mreq->ipv6mr_interface < 0
|| if_index < mreq->ipv6mr_interface) {
error = ENXIO;
break;
}
ifp = ifindex2ifnet[mreq->ipv6mr_interface];
if (IN6_IS_ADDR_UNSPECIFIED(&mreq->ipv6mr_multiaddr)) {
if (suser(kauth_cred_get(), 0)) {
error = EACCES;
break;
}
} else if (IN6_IS_ADDR_V4MAPPED(&mreq->ipv6mr_multiaddr)) {
struct ip_mreq v4req;
v4req.imr_multiaddr.s_addr = mreq->ipv6mr_multiaddr.s6_addr32[3];
v4req.imr_interface.s_addr = INADDR_ANY;
if (ifp != NULL) {
struct in_ifaddr *ifa;
lck_mtx_lock(rt_mtx);
TAILQ_FOREACH(ifa, &in_ifaddrhead, ia_link) {
if (ifa->ia_ifp == ifp) {
v4req.imr_interface = IA_SIN(ifa)->sin_addr;
break;
}
}
lck_mtx_unlock(rt_mtx);
}
error = ip_dropmembership(imo, &v4req);
break;
} else if (!IN6_IS_ADDR_MULTICAST(&mreq->ipv6mr_multiaddr)) {
error = EINVAL;
break;
}
if (IN6_IS_ADDR_MC_LINKLOCAL(&mreq->ipv6mr_multiaddr)) {
mreq->ipv6mr_multiaddr.s6_addr16[1]
= htons(mreq->ipv6mr_interface);
}
lck_mtx_lock(nd6_mutex);
for (imm = im6o->im6o_memberships.lh_first;
imm != NULL; imm = imm->i6mm_chain.le_next) {
if ((ifp == NULL ||
imm->i6mm_maddr->in6m_ifp == ifp) &&
IN6_ARE_ADDR_EQUAL(&imm->i6mm_maddr->in6m_addr,
&mreq->ipv6mr_multiaddr))
break;
}
if (imm == NULL) {
error = EADDRNOTAVAIL;
lck_mtx_unlock(nd6_mutex);
break;
}
LIST_REMOVE(imm, i6mm_chain);
in6_delmulti(imm->i6mm_maddr, 1);
lck_mtx_unlock(nd6_mutex);
FREE(imm, M_IPMADDR);
break;
default:
error = EOPNOTSUPP;
break;
}
lck_mtx_lock(nd6_mutex);
if (im6o->im6o_multicast_ifp == NULL &&
im6o->im6o_multicast_hlim == ip6_defmcasthlim &&
im6o->im6o_multicast_loop == IPV6_DEFAULT_MULTICAST_LOOP &&
im6o->im6o_memberships.lh_first == NULL) {
FREE(*im6op, M_IPMOPTS);
*im6op = NULL;
}
if (imo->imo_multicast_ifp == NULL &&
imo->imo_multicast_vif == -1 &&
imo->imo_multicast_ttl == IP_DEFAULT_MULTICAST_TTL &&
imo->imo_multicast_loop == IP_DEFAULT_MULTICAST_LOOP &&
imo->imo_num_memberships == 0) {
ip_freemoptions(imo);
in6p->inp_moptions = 0;
}
lck_mtx_unlock(nd6_mutex);
return(error);
}
static int
ip6_getmoptions(optname, im6o, mp)
int optname;
struct ip6_moptions *im6o;
struct mbuf **mp;
{
u_int *hlim, *loop, *ifindex;
*mp = m_get(M_WAIT, MT_HEADER);
switch (optname) {
case IPV6_MULTICAST_IF:
ifindex = mtod(*mp, u_int *);
(*mp)->m_len = sizeof(u_int);
if (im6o == NULL || im6o->im6o_multicast_ifp == NULL)
*ifindex = 0;
else
*ifindex = im6o->im6o_multicast_ifp->if_index;
return(0);
case IPV6_MULTICAST_HOPS:
hlim = mtod(*mp, u_int *);
(*mp)->m_len = sizeof(u_int);
if (im6o == NULL)
*hlim = ip6_defmcasthlim;
else
*hlim = im6o->im6o_multicast_hlim;
return(0);
case IPV6_MULTICAST_LOOP:
loop = mtod(*mp, u_int *);
(*mp)->m_len = sizeof(u_int);
if (im6o == NULL)
*loop = ip6_defmcasthlim;
else
*loop = im6o->im6o_multicast_loop;
return(0);
default:
return(EOPNOTSUPP);
}
}
void
ip6_freemoptions(im6o)
struct ip6_moptions *im6o;
{
struct in6_multi_mship *imm;
if (im6o == NULL)
return;
lck_mtx_lock(nd6_mutex);
while ((imm = im6o->im6o_memberships.lh_first) != NULL) {
LIST_REMOVE(imm, i6mm_chain);
if (imm->i6mm_maddr)
in6_delmulti(imm->i6mm_maddr, 1);
FREE(imm, M_IPMADDR);
}
lck_mtx_unlock(nd6_mutex);
FREE(im6o, M_IPMOPTS);
}
int
ip6_setpktoptions(control, opt, priv, needcopy)
struct mbuf *control;
struct ip6_pktopts *opt;
int priv, needcopy;
{
struct cmsghdr *cm = 0;
if (control == 0 || opt == 0)
return(EINVAL);
init_ip6pktopts(opt);
if (control->m_next)
return(EINVAL);
for (; control->m_len; control->m_data += CMSG_ALIGN(cm->cmsg_len),
control->m_len -= CMSG_ALIGN(cm->cmsg_len)) {
cm = mtod(control, struct cmsghdr *);
if (cm->cmsg_len == 0 || cm->cmsg_len > control->m_len)
return(EINVAL);
if (cm->cmsg_level != IPPROTO_IPV6)
continue;
switch (cm->cmsg_type) {
case IPV6_PKTINFO:
if (cm->cmsg_len != CMSG_LEN(sizeof(struct in6_pktinfo)))
return(EINVAL);
if (needcopy) {
opt->ip6po_pktinfo =
_MALLOC(sizeof(struct in6_pktinfo),
M_IP6OPT, M_WAITOK);
bcopy(CMSG_DATA(cm), opt->ip6po_pktinfo,
sizeof(struct in6_pktinfo));
} else
opt->ip6po_pktinfo =
(struct in6_pktinfo *)CMSG_DATA(cm);
if (opt->ip6po_pktinfo->ipi6_ifindex &&
IN6_IS_ADDR_LINKLOCAL(&opt->ip6po_pktinfo->ipi6_addr))
opt->ip6po_pktinfo->ipi6_addr.s6_addr16[1] =
htons(opt->ip6po_pktinfo->ipi6_ifindex);
if (opt->ip6po_pktinfo->ipi6_ifindex > if_index
|| opt->ip6po_pktinfo->ipi6_ifindex < 0) {
return(ENXIO);
}
if (!IN6_IS_ADDR_UNSPECIFIED(&opt->ip6po_pktinfo->ipi6_addr)) {
struct in6_ifaddr *ia6;
struct sockaddr_in6 sin6;
bzero(&sin6, sizeof(sin6));
sin6.sin6_len = sizeof(sin6);
sin6.sin6_family = AF_INET6;
sin6.sin6_addr =
opt->ip6po_pktinfo->ipi6_addr;
ia6 = (struct in6_ifaddr *)ifa_ifwithaddr(sin6tosa(&sin6));
if (ia6 == NULL ||
(ia6->ia6_flags & (IN6_IFF_ANYCAST |
IN6_IFF_NOTREADY)) != 0) {
if (ia6) ifafree(&ia6->ia_ifa);
return(EADDRNOTAVAIL);
}
ifafree(&ia6->ia_ifa);
ia6 = NULL;
}
break;
case IPV6_HOPLIMIT:
if (cm->cmsg_len != CMSG_LEN(sizeof(int)))
return(EINVAL);
opt->ip6po_hlim = *(int *)CMSG_DATA(cm);
if (opt->ip6po_hlim < -1 || opt->ip6po_hlim > 255)
return(EINVAL);
break;
case IPV6_NEXTHOP:
if (!priv)
return(EPERM);
if (cm->cmsg_len < sizeof(u_char) ||
cm->cmsg_len < CMSG_LEN(*CMSG_DATA(cm)))
return(EINVAL);
if (needcopy) {
opt->ip6po_nexthop =
_MALLOC(*CMSG_DATA(cm),
M_IP6OPT, M_WAITOK);
bcopy(CMSG_DATA(cm),
opt->ip6po_nexthop,
*CMSG_DATA(cm));
} else
opt->ip6po_nexthop =
(struct sockaddr *)CMSG_DATA(cm);
break;
case IPV6_HOPOPTS:
{
struct ip6_hbh *hbh;
int hbhlen;
if (cm->cmsg_len < CMSG_LEN(sizeof(struct ip6_hbh)))
return(EINVAL);
hbh = (struct ip6_hbh *)CMSG_DATA(cm);
hbhlen = (hbh->ip6h_len + 1) << 3;
if (cm->cmsg_len != CMSG_LEN(hbhlen))
return(EINVAL);
if (needcopy) {
opt->ip6po_hbh =
_MALLOC(hbhlen, M_IP6OPT, M_WAITOK);
bcopy(hbh, opt->ip6po_hbh, hbhlen);
} else
opt->ip6po_hbh = hbh;
break;
}
case IPV6_DSTOPTS:
{
struct ip6_dest *dest, **newdest;
int destlen;
if (cm->cmsg_len < CMSG_LEN(sizeof(struct ip6_dest)))
return(EINVAL);
dest = (struct ip6_dest *)CMSG_DATA(cm);
destlen = (dest->ip6d_len + 1) << 3;
if (cm->cmsg_len != CMSG_LEN(destlen))
return(EINVAL);
if (opt->ip6po_rthdr == NULL)
newdest = &opt->ip6po_dest1;
else
newdest = &opt->ip6po_dest2;
if (needcopy) {
*newdest = _MALLOC(destlen, M_IP6OPT, M_WAITOK);
bcopy(dest, *newdest, destlen);
} else
*newdest = dest;
break;
}
case IPV6_RTHDR:
{
struct ip6_rthdr *rth;
int rthlen;
if (cm->cmsg_len < CMSG_LEN(sizeof(struct ip6_rthdr)))
return(EINVAL);
rth = (struct ip6_rthdr *)CMSG_DATA(cm);
rthlen = (rth->ip6r_len + 1) << 3;
if (cm->cmsg_len != CMSG_LEN(rthlen))
return(EINVAL);
switch (rth->ip6r_type) {
case IPV6_RTHDR_TYPE_0:
if (rth->ip6r_len == 0)
return(EINVAL);
if (rth->ip6r_len % 2)
return(EINVAL);
if (rth->ip6r_len / 2 != rth->ip6r_segleft)
return(EINVAL);
break;
default:
return(EINVAL);
}
if (needcopy) {
opt->ip6po_rthdr = _MALLOC(rthlen, M_IP6OPT,
M_WAITOK);
bcopy(rth, opt->ip6po_rthdr, rthlen);
} else
opt->ip6po_rthdr = rth;
break;
}
default:
return(ENOPROTOOPT);
}
}
return(0);
}
void
ip6_mloopback(
struct ifnet *ifp,
struct mbuf *m,
struct sockaddr_in6 *dst)
{
struct mbuf *copym;
struct ip6_hdr *ip6;
copym = m_copy(m, 0, M_COPYALL);
if (copym == NULL)
return;
if ((copym->m_flags & M_EXT) != 0 ||
copym->m_len < sizeof(struct ip6_hdr)) {
copym = m_pullup(copym, sizeof(struct ip6_hdr));
if (copym == NULL)
return;
}
#if DIAGNOSTIC
if (copym->m_len < sizeof(*ip6)) {
m_freem(copym);
return;
}
#endif
ip6 = mtod(copym, struct ip6_hdr *);
#ifndef SCOPEDROUTING
in6_clearscope(&ip6->ip6_src);
in6_clearscope(&ip6->ip6_dst);
#endif
#ifdef __APPLE__
copym->m_pkthdr.rcvif = 0;
copym->m_pkthdr.csum_data = 0;
copym->m_pkthdr.csum_flags = 0;
if (lo_ifp) {
copym->m_pkthdr.rcvif = ifp;
lck_mtx_unlock(ip6_mutex);
dlil_output(lo_ifp, PF_INET6, copym, 0, (struct sockaddr *)dst, 0);
lck_mtx_lock(ip6_mutex);
} else
m_free(copym);
#else
(void)if_simloop(ifp, copym, dst->sin6_family, NULL);
#endif
}
static int
ip6_splithdr(m, exthdrs)
struct mbuf *m;
struct ip6_exthdrs *exthdrs;
{
struct mbuf *mh;
struct ip6_hdr *ip6;
ip6 = mtod(m, struct ip6_hdr *);
if (m->m_len > sizeof(*ip6)) {
MGETHDR(mh, M_DONTWAIT, MT_HEADER);
if (mh == 0) {
m_freem(m);
return ENOBUFS;
}
M_COPY_PKTHDR(mh, m);
MH_ALIGN(mh, sizeof(*ip6));
m->m_flags &= ~M_PKTHDR;
m->m_len -= sizeof(*ip6);
m->m_data += sizeof(*ip6);
mh->m_next = m;
m = mh;
m->m_len = sizeof(*ip6);
bcopy((caddr_t)ip6, mtod(m, caddr_t), sizeof(*ip6));
}
exthdrs->ip6e_ip6 = m;
return 0;
}
int
ip6_optlen(in6p)
struct in6pcb *in6p;
{
int len;
if (!in6p->in6p_outputopts)
return 0;
len = 0;
#define elen(x) \
(((struct ip6_ext *)(x)) ? (((struct ip6_ext *)(x))->ip6e_len + 1) << 3 : 0)
len += elen(in6p->in6p_outputopts->ip6po_hbh);
if (in6p->in6p_outputopts->ip6po_rthdr)
len += elen(in6p->in6p_outputopts->ip6po_dest1);
len += elen(in6p->in6p_outputopts->ip6po_rthdr);
len += elen(in6p->in6p_outputopts->ip6po_dest2);
return len;
#undef elen
}