search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
No empty .Rs/.Re
[netbsd-mini2440.git] / sys / netinet / udp_usrreq.c
blob33f686c328dc4c9c5a5e16ac9a094a0697e7eb5b
1 /* $NetBSD: udp_usrreq.c,v 1.178 2009/07/19 23:17:33 minskim Exp $ */
2
3 /*
4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the project nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 /*
33 * Copyright (c) 1982, 1986, 1988, 1990, 1993, 1995
34 * The Regents of the University of California. All rights reserved.
35 *
36 * Redistribution and use in source and binary forms, with or without
37 * modification, are permitted provided that the following conditions
38 * are met:
39 * 1. Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * 2. Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in the
43 * documentation and/or other materials provided with the distribution.
44 * 3. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 * SUCH DAMAGE.
59 *
60 * @(#)udp_usrreq.c 8.6 (Berkeley) 5/23/95
61 */
62
63 #include <sys/cdefs.h>
64 __KERNEL_RCSID(0, "$NetBSD: udp_usrreq.c,v 1.178 2009/07/19 23:17:33 minskim Exp $");
65
66 #include "opt_inet.h"
67 #include "opt_compat_netbsd.h"
68 #include "opt_ipsec.h"
69 #include "opt_inet_csum.h"
70 #include "opt_ipkdb.h"
71 #include "opt_mbuftrace.h"
72
73 #include <sys/param.h>
74 #include <sys/malloc.h>
75 #include <sys/mbuf.h>
76 #include <sys/protosw.h>
77 #include <sys/socket.h>
78 #include <sys/socketvar.h>
79 #include <sys/errno.h>
80 #include <sys/stat.h>
81 #include <sys/systm.h>
82 #include <sys/proc.h>
83 #include <sys/domain.h>
84 #include <sys/sysctl.h>
85
86 #include <net/if.h>
87 #include <net/route.h>
88
89 #include <netinet/in.h>
90 #include <netinet/in_systm.h>
91 #include <netinet/in_var.h>
92 #include <netinet/ip.h>
93 #include <netinet/in_pcb.h>
94 #include <netinet/ip_var.h>
95 #include <netinet/ip_icmp.h>
96 #include <netinet/udp.h>
97 #include <netinet/udp_var.h>
98 #include <netinet/udp_private.h>
99
100 #ifdef INET6
101 #include <netinet/ip6.h>
102 #include <netinet/icmp6.h>
103 #include <netinet6/ip6_var.h>
104 #include <netinet6/ip6_private.h>
105 #include <netinet6/in6_pcb.h>
106 #include <netinet6/udp6_var.h>
107 #include <netinet6/udp6_private.h>
108 #include <netinet6/scope6_var.h>
109 #endif
110
111 #ifndef INET6
112 /* always need ip6.h for IP6_EXTHDR_GET */
113 #include <netinet/ip6.h>
114 #endif
115
116 #include "faith.h"
117 #if defined(NFAITH) && NFAITH > 0
118 #include <net/if_faith.h>
119 #endif
120
121 #include <machine/stdarg.h>
122
123 #ifdef FAST_IPSEC
124 #include <netipsec/ipsec.h>
125 #include <netipsec/ipsec_var.h>
126 #include <netipsec/ipsec_private.h>
127 #include <netipsec/esp.h>
128 #ifdef INET6
129 #include <netipsec/ipsec6.h>
130 #endif
131 #endif /* FAST_IPSEC */
132
133 #ifdef IPSEC
134 #include <netinet6/ipsec.h>
135 #include <netinet6/ipsec_private.h>
136 #include <netinet6/esp.h>
137 #include <netkey/key.h>
138 #endif /* IPSEC */
139
140 #ifdef COMPAT_50
141 #include <compat/sys/socket.h>
142 #endif
143
144 #ifdef IPKDB
145 #include <ipkdb/ipkdb.h>
146 #endif
147
148 /*
149 * UDP protocol implementation.
150 * Per RFC 768, August, 1980.
151 */
152 int udpcksum = 1;
153 int udp_do_loopback_cksum = 0;
154
155 struct inpcbtable udbtable;
156
157 percpu_t *udpstat_percpu;
158
159 #ifdef INET
160 #ifdef IPSEC_NAT_T
161 static int udp4_espinudp (struct mbuf **, int, struct sockaddr *,
162 struct socket *);
163 #endif
164 static void udp4_sendup (struct mbuf *, int, struct sockaddr *,
165 struct socket *);
166 static int udp4_realinput (struct sockaddr_in *, struct sockaddr_in *,
167 struct mbuf **, int);
168 static int udp4_input_checksum(struct mbuf *, const struct udphdr *, int, int);
169 #endif
170 #ifdef INET6
171 static void udp6_sendup (struct mbuf *, int, struct sockaddr *,
172 struct socket *);
173 static int udp6_realinput (int, struct sockaddr_in6 *,
174 struct sockaddr_in6 *, struct mbuf *, int);
175 static int udp6_input_checksum(struct mbuf *, const struct udphdr *, int, int);
176 #endif
177 #ifdef INET
178 static void udp_notify (struct inpcb *, int);
179 #endif
180
181 #ifndef UDBHASHSIZE
182 #define UDBHASHSIZE 128
183 #endif
184 int udbhashsize = UDBHASHSIZE;
185
186 #ifdef MBUFTRACE
187 struct mowner udp_mowner = MOWNER_INIT("udp", "");
188 struct mowner udp_rx_mowner = MOWNER_INIT("udp", "rx");
189 struct mowner udp_tx_mowner = MOWNER_INIT("udp", "tx");
190 #endif
191
192 #ifdef UDP_CSUM_COUNTERS
193 #include <sys/device.h>
194
195 #if defined(INET)
196 struct evcnt udp_hwcsum_bad = EVCNT_INITIALIZER(EVCNT_TYPE_MISC,
197 NULL, "udp", "hwcsum bad");
198 struct evcnt udp_hwcsum_ok = EVCNT_INITIALIZER(EVCNT_TYPE_MISC,
199 NULL, "udp", "hwcsum ok");
200 struct evcnt udp_hwcsum_data = EVCNT_INITIALIZER(EVCNT_TYPE_MISC,
201 NULL, "udp", "hwcsum data");
202 struct evcnt udp_swcsum = EVCNT_INITIALIZER(EVCNT_TYPE_MISC,
203 NULL, "udp", "swcsum");
204
205 EVCNT_ATTACH_STATIC(udp_hwcsum_bad);
206 EVCNT_ATTACH_STATIC(udp_hwcsum_ok);
207 EVCNT_ATTACH_STATIC(udp_hwcsum_data);
208 EVCNT_ATTACH_STATIC(udp_swcsum);
209 #endif /* defined(INET) */
210
211 #if defined(INET6)
212 struct evcnt udp6_hwcsum_bad = EVCNT_INITIALIZER(EVCNT_TYPE_MISC,
213 NULL, "udp6", "hwcsum bad");
214 struct evcnt udp6_hwcsum_ok = EVCNT_INITIALIZER(EVCNT_TYPE_MISC,
215 NULL, "udp6", "hwcsum ok");
216 struct evcnt udp6_hwcsum_data = EVCNT_INITIALIZER(EVCNT_TYPE_MISC,
217 NULL, "udp6", "hwcsum data");
218 struct evcnt udp6_swcsum = EVCNT_INITIALIZER(EVCNT_TYPE_MISC,
219 NULL, "udp6", "swcsum");
220
221 EVCNT_ATTACH_STATIC(udp6_hwcsum_bad);
222 EVCNT_ATTACH_STATIC(udp6_hwcsum_ok);
223 EVCNT_ATTACH_STATIC(udp6_hwcsum_data);
224 EVCNT_ATTACH_STATIC(udp6_swcsum);
225 #endif /* defined(INET6) */
226
227 #define UDP_CSUM_COUNTER_INCR(ev) (ev)->ev_count++
228
229 #else
230
231 #define UDP_CSUM_COUNTER_INCR(ev) /* nothing */
232
233 #endif /* UDP_CSUM_COUNTERS */
234
235 static void sysctl_net_inet_udp_setup(struct sysctllog **);
236
237 void
238 udp_init(void)
239 {
240
241 sysctl_net_inet_udp_setup(NULL);
242
243 in_pcbinit(&udbtable, udbhashsize, udbhashsize);
244
245 MOWNER_ATTACH(&udp_tx_mowner);
246 MOWNER_ATTACH(&udp_rx_mowner);
247 MOWNER_ATTACH(&udp_mowner);
248
249 #ifdef INET
250 udpstat_percpu = percpu_alloc(sizeof(uint64_t) * UDP_NSTATS);
251 #endif
252 #ifdef INET6
253 udp6stat_percpu = percpu_alloc(sizeof(uint64_t) * UDP6_NSTATS);
254 #endif
255 }
256
257 /*
258 * Checksum extended UDP header and data.
259 */
260
261 int
262 udp_input_checksum(int af, struct mbuf *m, const struct udphdr *uh,
263 int iphlen, int len)
264 {
265
266 switch (af) {
267 #ifdef INET
268 case AF_INET:
269 return udp4_input_checksum(m, uh, iphlen, len);
270 #endif
271 #ifdef INET6
272 case AF_INET6:
273 return udp6_input_checksum(m, uh, iphlen, len);
274 #endif
275 }
276 #ifdef DIAGNOSTIC
277 panic("udp_input_checksum: unknown af %d", af);
278 #endif
279 /* NOTREACHED */
280 return -1;
281 }
282
283 #ifdef INET
284
285 /*
286 * Checksum extended UDP header and data.
287 */
288
289 static int
290 udp4_input_checksum(struct mbuf *m, const struct udphdr *uh,
291 int iphlen, int len)
292 {
293
294 /*
295 * XXX it's better to record and check if this mbuf is
296 * already checked.
297 */
298
299 if (uh->uh_sum == 0)
300 return 0;
301
302 switch (m->m_pkthdr.csum_flags &
303 ((m->m_pkthdr.rcvif->if_csum_flags_rx & M_CSUM_UDPv4) |
304 M_CSUM_TCP_UDP_BAD | M_CSUM_DATA)) {
305 case M_CSUM_UDPv4|M_CSUM_TCP_UDP_BAD:
306 UDP_CSUM_COUNTER_INCR(&udp_hwcsum_bad);
307 goto badcsum;
308
309 case M_CSUM_UDPv4|M_CSUM_DATA: {
310 u_int32_t hw_csum = m->m_pkthdr.csum_data;
311
312 UDP_CSUM_COUNTER_INCR(&udp_hwcsum_data);
313 if (m->m_pkthdr.csum_flags & M_CSUM_NO_PSEUDOHDR) {
314 const struct ip *ip =
315 mtod(m, const struct ip *);
316
317 hw_csum = in_cksum_phdr(ip->ip_src.s_addr,
318 ip->ip_dst.s_addr,
319 htons(hw_csum + len + IPPROTO_UDP));
320 }
321 if ((hw_csum ^ 0xffff) != 0)
322 goto badcsum;
323 break;
324 }
325
326 case M_CSUM_UDPv4:
327 /* Checksum was okay. */
328 UDP_CSUM_COUNTER_INCR(&udp_hwcsum_ok);
329 break;
330
331 default:
332 /*
333 * Need to compute it ourselves. Maybe skip checksum
334 * on loopback interfaces.
335 */
336 if (__predict_true(!(m->m_pkthdr.rcvif->if_flags &
337 IFF_LOOPBACK) ||
338 udp_do_loopback_cksum)) {
339 UDP_CSUM_COUNTER_INCR(&udp_swcsum);
340 if (in4_cksum(m, IPPROTO_UDP, iphlen, len) != 0)
341 goto badcsum;
342 }
343 break;
344 }
345
346 return 0;
347
348 badcsum:
349 UDP_STATINC(UDP_STAT_BADSUM);
350 return -1;
351 }
352
353 void
354 udp_input(struct mbuf *m, ...)
355 {
356 va_list ap;
357 struct sockaddr_in src, dst;
358 struct ip *ip;
359 struct udphdr *uh;
360 int iphlen;
361 int len;
362 int n;
363 u_int16_t ip_len;
364
365 va_start(ap, m);
366 iphlen = va_arg(ap, int);
367 (void)va_arg(ap, int); /* ignore value, advance ap */
368 va_end(ap);
369
370 MCLAIM(m, &udp_rx_mowner);
371 UDP_STATINC(UDP_STAT_IPACKETS);
372
373 /*
374 * Get IP and UDP header together in first mbuf.
375 */
376 ip = mtod(m, struct ip *);
377 IP6_EXTHDR_GET(uh, struct udphdr *, m, iphlen, sizeof(struct udphdr));
378 if (uh == NULL) {
379 UDP_STATINC(UDP_STAT_HDROPS);
380 return;
381 }
382 KASSERT(UDP_HDR_ALIGNED_P(uh));
383
384 /* destination port of 0 is illegal, based on RFC768. */
385 if (uh->uh_dport == 0)
386 goto bad;
387
388 /*
389 * Make mbuf data length reflect UDP length.
390 * If not enough data to reflect UDP length, drop.
391 */
392 ip_len = ntohs(ip->ip_len);
393 len = ntohs((u_int16_t)uh->uh_ulen);
394 if (ip_len != iphlen + len) {
395 if (ip_len < iphlen + len || len < sizeof(struct udphdr)) {
396 UDP_STATINC(UDP_STAT_BADLEN);
397 goto bad;
398 }
399 m_adj(m, iphlen + len - ip_len);
400 }
401
402 /*
403 * Checksum extended UDP header and data.
404 */
405 if (udp4_input_checksum(m, uh, iphlen, len))
406 goto badcsum;
407
408 /* construct source and dst sockaddrs. */
409 sockaddr_in_init(&src, &ip->ip_src, uh->uh_sport);
410 sockaddr_in_init(&dst, &ip->ip_dst, uh->uh_dport);
411
412 if ((n = udp4_realinput(&src, &dst, &m, iphlen)) == -1) {
413 UDP_STATINC(UDP_STAT_HDROPS);
414 return;
415 }
416 #ifdef INET6
417 if (IN_MULTICAST(ip->ip_dst.s_addr) || n == 0) {
418 struct sockaddr_in6 src6, dst6;
419
420 memset(&src6, 0, sizeof(src6));
421 src6.sin6_family = AF_INET6;
422 src6.sin6_len = sizeof(struct sockaddr_in6);
423 src6.sin6_addr.s6_addr[10] = src6.sin6_addr.s6_addr[11] = 0xff;
424 memcpy(&src6.sin6_addr.s6_addr[12], &ip->ip_src,
425 sizeof(ip->ip_src));
426 src6.sin6_port = uh->uh_sport;
427 memset(&dst6, 0, sizeof(dst6));
428 dst6.sin6_family = AF_INET6;
429 dst6.sin6_len = sizeof(struct sockaddr_in6);
430 dst6.sin6_addr.s6_addr[10] = dst6.sin6_addr.s6_addr[11] = 0xff;
431 memcpy(&dst6.sin6_addr.s6_addr[12], &ip->ip_dst,
432 sizeof(ip->ip_dst));
433 dst6.sin6_port = uh->uh_dport;
434
435 n += udp6_realinput(AF_INET, &src6, &dst6, m, iphlen);
436 }
437 #endif
438
439 if (n == 0) {
440 if (m->m_flags & (M_BCAST | M_MCAST)) {
441 UDP_STATINC(UDP_STAT_NOPORTBCAST);
442 goto bad;
443 }
444 UDP_STATINC(UDP_STAT_NOPORT);
445 #ifdef IPKDB
446 if (checkipkdb(&ip->ip_src, uh->uh_sport, uh->uh_dport,
447 m, iphlen + sizeof(struct udphdr),
448 m->m_pkthdr.len - iphlen - sizeof(struct udphdr))) {
449 /*
450 * It was a debugger connect packet,
451 * just drop it now
452 */
453 goto bad;
454 }
455 #endif
456 icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_PORT, 0, 0);
457 m = NULL;
458 }
459
460 bad:
461 if (m)
462 m_freem(m);
463 return;
464
465 badcsum:
466 m_freem(m);
467 }
468 #endif
469
470 #ifdef INET6
471 static int
472 udp6_input_checksum(struct mbuf *m, const struct udphdr *uh, int off, int len)
473 {
474
475 /*
476 * XXX it's better to record and check if this mbuf is
477 * already checked.
478 */
479
480 if (__predict_false((m->m_flags & M_LOOP) && !udp_do_loopback_cksum)) {
481 goto good;
482 }
483 if (uh->uh_sum == 0) {
484 UDP6_STATINC(UDP6_STAT_NOSUM);
485 goto bad;
486 }
487
488 switch (m->m_pkthdr.csum_flags &
489 ((m->m_pkthdr.rcvif->if_csum_flags_rx & M_CSUM_UDPv6) |
490 M_CSUM_TCP_UDP_BAD | M_CSUM_DATA)) {
491 case M_CSUM_UDPv6|M_CSUM_TCP_UDP_BAD:
492 UDP_CSUM_COUNTER_INCR(&udp6_hwcsum_bad);
493 UDP6_STATINC(UDP6_STAT_BADSUM);
494 goto bad;
495
496 #if 0 /* notyet */
497 case M_CSUM_UDPv6|M_CSUM_DATA:
498 #endif
499
500 case M_CSUM_UDPv6:
501 /* Checksum was okay. */
502 UDP_CSUM_COUNTER_INCR(&udp6_hwcsum_ok);
503 break;
504
505 default:
506 /*
507 * Need to compute it ourselves. Maybe skip checksum
508 * on loopback interfaces.
509 */
510 UDP_CSUM_COUNTER_INCR(&udp6_swcsum);
511 if (in6_cksum(m, IPPROTO_UDP, off, len) != 0) {
512 UDP6_STATINC(UDP6_STAT_BADSUM);
513 goto bad;
514 }
515 }
516
517 good:
518 return 0;
519 bad:
520 return -1;
521 }
522
523 int
524 udp6_input(struct mbuf **mp, int *offp, int proto)
525 {
526 struct mbuf *m = *mp;
527 int off = *offp;
528 struct sockaddr_in6 src, dst;
529 struct ip6_hdr *ip6;
530 struct udphdr *uh;
531 u_int32_t plen, ulen;
532
533 ip6 = mtod(m, struct ip6_hdr *);
534
535 #if defined(NFAITH) && 0 < NFAITH
536 if (faithprefix(&ip6->ip6_dst)) {
537 /* send icmp6 host unreach? */
538 m_freem(m);
539 return IPPROTO_DONE;
540 }
541 #endif
542
543 UDP6_STATINC(UDP6_STAT_IPACKETS);
544
545 /* check for jumbogram is done in ip6_input. we can trust pkthdr.len */
546 plen = m->m_pkthdr.len - off;
547 IP6_EXTHDR_GET(uh, struct udphdr *, m, off, sizeof(struct udphdr));
548 if (uh == NULL) {
549 IP6_STATINC(IP6_STAT_TOOSHORT);
550 return IPPROTO_DONE;
551 }
552 KASSERT(UDP_HDR_ALIGNED_P(uh));
553 ulen = ntohs((u_short)uh->uh_ulen);
554 /*
555 * RFC2675 section 4: jumbograms will have 0 in the UDP header field,
556 * iff payload length > 0xffff.
557 */
558 if (ulen == 0 && plen > 0xffff)
559 ulen = plen;
560
561 if (plen != ulen) {
562 UDP6_STATINC(UDP6_STAT_BADLEN);
563 goto bad;
564 }
565
566 /* destination port of 0 is illegal, based on RFC768. */
567 if (uh->uh_dport == 0)
568 goto bad;
569
570 /* Be proactive about malicious use of IPv4 mapped address */
571 if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) ||
572 IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) {
573 /* XXX stat */
574 goto bad;
575 }
576
577 /*
578 * Checksum extended UDP header and data. Maybe skip checksum
579 * on loopback interfaces.
580 */
581 if (udp6_input_checksum(m, uh, off, ulen))
582 goto bad;
583
584 /*
585 * Construct source and dst sockaddrs.
586 */
587 memset(&src, 0, sizeof(src));
588 src.sin6_family = AF_INET6;
589 src.sin6_len = sizeof(struct sockaddr_in6);
590 src.sin6_addr = ip6->ip6_src;
591 src.sin6_port = uh->uh_sport;
592 memset(&dst, 0, sizeof(dst));
593 dst.sin6_family = AF_INET6;
594 dst.sin6_len = sizeof(struct sockaddr_in6);
595 dst.sin6_addr = ip6->ip6_dst;
596 dst.sin6_port = uh->uh_dport;
597
598 if (udp6_realinput(AF_INET6, &src, &dst, m, off) == 0) {
599 if (m->m_flags & M_MCAST) {
600 UDP6_STATINC(UDP6_STAT_NOPORTMCAST);
601 goto bad;
602 }
603 UDP6_STATINC(UDP6_STAT_NOPORT);
604 icmp6_error(m, ICMP6_DST_UNREACH, ICMP6_DST_UNREACH_NOPORT, 0);
605 m = NULL;
606 }
607
608 bad:
609 if (m)
610 m_freem(m);
611 return IPPROTO_DONE;
612 }
613 #endif
614
615 #ifdef INET
616 static void
617 udp4_sendup(struct mbuf *m, int off /* offset of data portion */,
618 struct sockaddr *src, struct socket *so)
619 {
620 struct mbuf *opts = NULL;
621 struct mbuf *n;
622 struct inpcb *inp = NULL;
623
624 if (!so)
625 return;
626 switch (so->so_proto->pr_domain->dom_family) {
627 case AF_INET:
628 inp = sotoinpcb(so);
629 break;
630 #ifdef INET6
631 case AF_INET6:
632 break;
633 #endif
634 default:
635 return;
636 }
637
638 #if defined(IPSEC) || defined(FAST_IPSEC)
639 /* check AH/ESP integrity. */
640 if (so != NULL && ipsec4_in_reject_so(m, so)) {
641 IPSEC_STATINC(IPSEC_STAT_IN_POLVIO);
642 if ((n = m_copypacket(m, M_DONTWAIT)) != NULL)
643 icmp_error(n, ICMP_UNREACH, ICMP_UNREACH_ADMIN_PROHIBIT,
644 0, 0);
645 return;
646 }
647 #endif /*IPSEC*/
648
649 if ((n = m_copypacket(m, M_DONTWAIT)) != NULL) {
650 if (inp && (inp->inp_flags & INP_CONTROLOPTS
651 #ifdef SO_OTIMESTAMP
652 || so->so_options & SO_OTIMESTAMP
653 #endif
654 || so->so_options & SO_TIMESTAMP)) {
655 struct ip *ip = mtod(n, struct ip *);
656 ip_savecontrol(inp, &opts, ip, n);
657 }
658
659 m_adj(n, off);
660 if (sbappendaddr(&so->so_rcv, src, n,
661 opts) == 0) {
662 m_freem(n);
663 if (opts)
664 m_freem(opts);
665 so->so_rcv.sb_overflowed++;
666 UDP_STATINC(UDP_STAT_FULLSOCK);
667 } else
668 sorwakeup(so);
669 }
670 }
671 #endif
672
673 #ifdef INET6
674 static void
675 udp6_sendup(struct mbuf *m, int off /* offset of data portion */,
676 struct sockaddr *src, struct socket *so)
677 {
678 struct mbuf *opts = NULL;
679 struct mbuf *n;
680 struct in6pcb *in6p = NULL;
681
682 if (!so)
683 return;
684 if (so->so_proto->pr_domain->dom_family != AF_INET6)
685 return;
686 in6p = sotoin6pcb(so);
687
688 #if defined(IPSEC) || defined(FAST_IPSEC)
689 /* check AH/ESP integrity. */
690 if (so != NULL && ipsec6_in_reject_so(m, so)) {
691 IPSEC6_STATINC(IPSEC_STAT_IN_POLVIO);
692 if ((n = m_copypacket(m, M_DONTWAIT)) != NULL)
693 icmp6_error(n, ICMP6_DST_UNREACH,
694 ICMP6_DST_UNREACH_ADMIN, 0);
695 return;
696 }
697 #endif /*IPSEC*/
698
699 if ((n = m_copypacket(m, M_DONTWAIT)) != NULL) {
700 if (in6p && (in6p->in6p_flags & IN6P_CONTROLOPTS
701 #ifdef SO_OTIMESTAMP
702 || in6p->in6p_socket->so_options & SO_OTIMESTAMP
703 #endif
704 || in6p->in6p_socket->so_options & SO_TIMESTAMP)) {
705 struct ip6_hdr *ip6 = mtod(n, struct ip6_hdr *);
706 ip6_savecontrol(in6p, &opts, ip6, n);
707 }
708
709 m_adj(n, off);
710 if (sbappendaddr(&so->so_rcv, src, n, opts) == 0) {
711 m_freem(n);
712 if (opts)
713 m_freem(opts);
714 so->so_rcv.sb_overflowed++;
715 UDP6_STATINC(UDP6_STAT_FULLSOCK);
716 } else
717 sorwakeup(so);
718 }
719 }
720 #endif
721
722 #ifdef INET
723 static int
724 udp4_realinput(struct sockaddr_in *src, struct sockaddr_in *dst,
725 struct mbuf **mp, int off /* offset of udphdr */)
726 {
727 u_int16_t *sport, *dport;
728 int rcvcnt;
729 struct in_addr *src4, *dst4;
730 struct inpcb_hdr *inph;
731 struct inpcb *inp;
732 struct mbuf *m = *mp;
733
734 rcvcnt = 0;
735 off += sizeof(struct udphdr); /* now, offset of payload */
736
737 if (src->sin_family != AF_INET || dst->sin_family != AF_INET)
738 goto bad;
739
740 src4 = &src->sin_addr;
741 sport = &src->sin_port;
742 dst4 = &dst->sin_addr;
743 dport = &dst->sin_port;
744
745 if (IN_MULTICAST(dst4->s_addr) ||
746 in_broadcast(*dst4, m->m_pkthdr.rcvif)) {
747 /*
748 * Deliver a multicast or broadcast datagram to *all* sockets
749 * for which the local and remote addresses and ports match
750 * those of the incoming datagram. This allows more than
751 * one process to receive multi/broadcasts on the same port.
752 * (This really ought to be done for unicast datagrams as
753 * well, but that would cause problems with existing
754 * applications that open both address-specific sockets and
755 * a wildcard socket listening to the same port -- they would
756 * end up receiving duplicates of every unicast datagram.
757 * Those applications open the multiple sockets to overcome an
758 * inadequacy of the UDP socket interface, but for backwards
759 * compatibility we avoid the problem here rather than
760 * fixing the interface. Maybe 4.5BSD will remedy this?)
761 */
762
763 /*
764 * KAME note: traditionally we dropped udpiphdr from mbuf here.
765 * we need udpiphdr for IPsec processing so we do that later.
766 */
767 /*
768 * Locate pcb(s) for datagram.
769 */
770 CIRCLEQ_FOREACH(inph, &udbtable.inpt_queue, inph_queue) {
771 inp = (struct inpcb *)inph;
772 if (inp->inp_af != AF_INET)
773 continue;
774
775 if (inp->inp_lport != *dport)
776 continue;
777 if (!in_nullhost(inp->inp_laddr)) {
778 if (!in_hosteq(inp->inp_laddr, *dst4))
779 continue;
780 }
781 if (!in_nullhost(inp->inp_faddr)) {
782 if (!in_hosteq(inp->inp_faddr, *src4) ||
783 inp->inp_fport != *sport)
784 continue;
785 }
786
787 udp4_sendup(m, off, (struct sockaddr *)src,
788 inp->inp_socket);
789 rcvcnt++;
790
791 /*
792 * Don't look for additional matches if this one does
793 * not have either the SO_REUSEPORT or SO_REUSEADDR
794 * socket options set. This heuristic avoids searching
795 * through all pcbs in the common case of a non-shared
796 * port. It assumes that an application will never
797 * clear these options after setting them.
798 */
799 if ((inp->inp_socket->so_options &
800 (SO_REUSEPORT|SO_REUSEADDR)) == 0)
801 break;
802 }
803 } else {
804 /*
805 * Locate pcb for datagram.
806 */
807 inp = in_pcblookup_connect(&udbtable, *src4, *sport, *dst4, *dport);
808 if (inp == 0) {
809 UDP_STATINC(UDP_STAT_PCBHASHMISS);
810 inp = in_pcblookup_bind(&udbtable, *dst4, *dport);
811 if (inp == 0)
812 return rcvcnt;
813 }
814
815 #ifdef IPSEC_NAT_T
816 /* Handle ESP over UDP */
817 if (inp->inp_flags & INP_ESPINUDP_ALL) {
818 struct sockaddr *sa = (struct sockaddr *)src;
819
820 switch(udp4_espinudp(mp, off, sa, inp->inp_socket)) {
821 case -1: /* Error, m was freeed */
822 rcvcnt = -1;
823 goto bad;
824 break;
825
826 case 1: /* ESP over UDP */
827 rcvcnt++;
828 goto bad;
829 break;
830
831 case 0: /* plain UDP */
832 default: /* Unexpected */
833 /*
834 * Normal UDP processing will take place
835 * m may have changed.
836 */
837 m = *mp;
838 break;
839 }
840 }
841 #endif
842
843 /*
844 * Check the minimum TTL for socket.
845 */
846 if (mtod(m, struct ip *)->ip_ttl < inp->inp_ip_minttl)
847 goto bad;
848
849 udp4_sendup(m, off, (struct sockaddr *)src, inp->inp_socket);
850 rcvcnt++;
851 }
852
853 bad:
854 return rcvcnt;
855 }
856 #endif
857
858 #ifdef INET6
859 static int
860 udp6_realinput(int af, struct sockaddr_in6 *src, struct sockaddr_in6 *dst,
861 struct mbuf *m, int off)
862 {
863 u_int16_t sport, dport;
864 int rcvcnt;
865 struct in6_addr src6, *dst6;
866 const struct in_addr *dst4;
867 struct inpcb_hdr *inph;
868 struct in6pcb *in6p;
869
870 rcvcnt = 0;
871 off += sizeof(struct udphdr); /* now, offset of payload */
872
873 if (af != AF_INET && af != AF_INET6)
874 goto bad;
875 if (src->sin6_family != AF_INET6 || dst->sin6_family != AF_INET6)
876 goto bad;
877
878 src6 = src->sin6_addr;
879 if (sa6_recoverscope(src) != 0) {
880 /* XXX: should be impossible. */
881 goto bad;
882 }
883 sport = src->sin6_port;
884
885 dport = dst->sin6_port;
886 dst4 = (struct in_addr *)&dst->sin6_addr.s6_addr[12];
887 dst6 = &dst->sin6_addr;
888
889 if (IN6_IS_ADDR_MULTICAST(dst6) ||
890 (af == AF_INET && IN_MULTICAST(dst4->s_addr))) {
891 /*
892 * Deliver a multicast or broadcast datagram to *all* sockets
893 * for which the local and remote addresses and ports match
894 * those of the incoming datagram. This allows more than
895 * one process to receive multi/broadcasts on the same port.
896 * (This really ought to be done for unicast datagrams as
897 * well, but that would cause problems with existing
898 * applications that open both address-specific sockets and
899 * a wildcard socket listening to the same port -- they would
900 * end up receiving duplicates of every unicast datagram.
901 * Those applications open the multiple sockets to overcome an
902 * inadequacy of the UDP socket interface, but for backwards
903 * compatibility we avoid the problem here rather than
904 * fixing the interface. Maybe 4.5BSD will remedy this?)
905 */
906
907 /*
908 * KAME note: traditionally we dropped udpiphdr from mbuf here.
909 * we need udpiphdr for IPsec processing so we do that later.
910 */
911 /*
912 * Locate pcb(s) for datagram.
913 */
914 CIRCLEQ_FOREACH(inph, &udbtable.inpt_queue, inph_queue) {
915 in6p = (struct in6pcb *)inph;
916 if (in6p->in6p_af != AF_INET6)
917 continue;
918
919 if (in6p->in6p_lport != dport)
920 continue;
921 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_laddr)) {
922 if (!IN6_ARE_ADDR_EQUAL(&in6p->in6p_laddr,
923 dst6))
924 continue;
925 } else {
926 if (IN6_IS_ADDR_V4MAPPED(dst6) &&
927 (in6p->in6p_flags & IN6P_IPV6_V6ONLY))
928 continue;
929 }
930 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr)) {
931 if (!IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr,
932 &src6) || in6p->in6p_fport != sport)
933 continue;
934 } else {
935 if (IN6_IS_ADDR_V4MAPPED(&src6) &&
936 (in6p->in6p_flags & IN6P_IPV6_V6ONLY))
937 continue;
938 }
939
940 udp6_sendup(m, off, (struct sockaddr *)src,
941 in6p->in6p_socket);
942 rcvcnt++;
943
944 /*
945 * Don't look for additional matches if this one does
946 * not have either the SO_REUSEPORT or SO_REUSEADDR
947 * socket options set. This heuristic avoids searching
948 * through all pcbs in the common case of a non-shared
949 * port. It assumes that an application will never
950 * clear these options after setting them.
951 */
952 if ((in6p->in6p_socket->so_options &
953 (SO_REUSEPORT|SO_REUSEADDR)) == 0)
954 break;
955 }
956 } else {
957 /*
958 * Locate pcb for datagram.
959 */
960 in6p = in6_pcblookup_connect(&udbtable, &src6, sport, dst6,
961 dport, 0);
962 if (in6p == 0) {
963 UDP_STATINC(UDP_STAT_PCBHASHMISS);
964 in6p = in6_pcblookup_bind(&udbtable, dst6, dport, 0);
965 if (in6p == 0)
966 return rcvcnt;
967 }
968
969 udp6_sendup(m, off, (struct sockaddr *)src, in6p->in6p_socket);
970 rcvcnt++;
971 }
972
973 bad:
974 return rcvcnt;
975 }
976 #endif
977
978 #ifdef INET
979 /*
980 * Notify a udp user of an asynchronous error;
981 * just wake up so that he can collect error status.
982 */
983 static void
984 udp_notify(struct inpcb *inp, int errno)
985 {
986 inp->inp_socket->so_error = errno;
987 sorwakeup(inp->inp_socket);
988 sowwakeup(inp->inp_socket);
989 }
990
991 void *
992 udp_ctlinput(int cmd, const struct sockaddr *sa, void *v)
993 {
994 struct ip *ip = v;
995 struct udphdr *uh;
996 void (*notify)(struct inpcb *, int) = udp_notify;
997 int errno;
998
999 if (sa->sa_family != AF_INET
1000 || sa->sa_len != sizeof(struct sockaddr_in))
1001 return NULL;
1002 if ((unsigned)cmd >= PRC_NCMDS)
1003 return NULL;
1004 errno = inetctlerrmap[cmd];
1005 if (PRC_IS_REDIRECT(cmd))
1006 notify = in_rtchange, ip = 0;
1007 else if (cmd == PRC_HOSTDEAD)
1008 ip = 0;
1009 else if (errno == 0)
1010 return NULL;
1011 if (ip) {
1012 uh = (struct udphdr *)((char *)ip + (ip->ip_hl << 2));
1013 in_pcbnotify(&udbtable, satocsin(sa)->sin_addr, uh->uh_dport,
1014 ip->ip_src, uh->uh_sport, errno, notify);
1015
1016 /* XXX mapped address case */
1017 } else
1018 in_pcbnotifyall(&udbtable, satocsin(sa)->sin_addr, errno,
1019 notify);
1020 return NULL;
1021 }
1022
1023 int
1024 udp_ctloutput(int op, struct socket *so, struct sockopt *sopt)
1025 {
1026 int s;
1027 int error = 0;
1028 struct inpcb *inp;
1029 int family;
1030 int optval;
1031
1032 family = so->so_proto->pr_domain->dom_family;
1033
1034 s = splsoftnet();
1035 switch (family) {
1036 #ifdef INET
1037 case PF_INET:
1038 if (sopt->sopt_level != IPPROTO_UDP) {
1039 error = ip_ctloutput(op, so, sopt);
1040 goto end;
1041 }
1042 break;
1043 #endif
1044 #ifdef INET6
1045 case PF_INET6:
1046 if (sopt->sopt_level != IPPROTO_UDP) {
1047 error = ip6_ctloutput(op, so, sopt);
1048 goto end;
1049 }
1050 break;
1051 #endif
1052 default:
1053 error = EAFNOSUPPORT;
1054 goto end;
1055 }
1056
1057
1058 switch (op) {
1059 case PRCO_SETOPT:
1060 inp = sotoinpcb(so);
1061
1062 switch (sopt->sopt_name) {
1063 case UDP_ENCAP:
1064 error = sockopt_getint(sopt, &optval);
1065 if (error)
1066 break;
1067
1068 switch(optval) {
1069 #ifdef IPSEC_NAT_T
1070 case 0:
1071 inp->inp_flags &= ~INP_ESPINUDP_ALL;
1072 break;
1073
1074 case UDP_ENCAP_ESPINUDP:
1075 inp->inp_flags &= ~INP_ESPINUDP_ALL;
1076 inp->inp_flags |= INP_ESPINUDP;
1077 break;
1078
1079 case UDP_ENCAP_ESPINUDP_NON_IKE:
1080 inp->inp_flags &= ~INP_ESPINUDP_ALL;
1081 inp->inp_flags |= INP_ESPINUDP_NON_IKE;
1082 break;
1083 #endif
1084 default:
1085 error = EINVAL;
1086 break;
1087 }
1088 break;
1089
1090 default:
1091 error = ENOPROTOOPT;
1092 break;
1093 }
1094 break;
1095
1096 default:
1097 error = EINVAL;
1098 break;
1099 }
1100
1101 end:
1102 splx(s);
1103 return error;
1104 }
1105
1106
1107 int
1108 udp_output(struct mbuf *m, ...)
1109 {
1110 struct inpcb *inp;
1111 struct udpiphdr *ui;
1112 struct route *ro;
1113 int len = m->m_pkthdr.len;
1114 int error = 0;
1115 va_list ap;
1116
1117 MCLAIM(m, &udp_tx_mowner);
1118 va_start(ap, m);
1119 inp = va_arg(ap, struct inpcb *);
1120 va_end(ap);
1121
1122 /*
1123 * Calculate data length and get a mbuf
1124 * for UDP and IP headers.
1125 */
1126 M_PREPEND(m, sizeof(struct udpiphdr), M_DONTWAIT);
1127 if (m == 0) {
1128 error = ENOBUFS;
1129 goto release;
1130 }
1131
1132 /*
1133 * Compute the packet length of the IP header, and
1134 * punt if the length looks bogus.
1135 */
1136 if (len + sizeof(struct udpiphdr) > IP_MAXPACKET) {
1137 error = EMSGSIZE;
1138 goto release;
1139 }
1140
1141 /*
1142 * Fill in mbuf with extended UDP header
1143 * and addresses and length put into network format.
1144 */
1145 ui = mtod(m, struct udpiphdr *);
1146 ui->ui_pr = IPPROTO_UDP;
1147 ui->ui_src = inp->inp_laddr;
1148 ui->ui_dst = inp->inp_faddr;
1149 ui->ui_sport = inp->inp_lport;
1150 ui->ui_dport = inp->inp_fport;
1151 ui->ui_ulen = htons((u_int16_t)len + sizeof(struct udphdr));
1152
1153 ro = &inp->inp_route;
1154
1155 /*
1156 * Set up checksum and output datagram.
1157 */
1158 if (udpcksum) {
1159 /*
1160 * XXX Cache pseudo-header checksum part for
1161 * XXX "connected" UDP sockets.
1162 */
1163 ui->ui_sum = in_cksum_phdr(ui->ui_src.s_addr,
1164 ui->ui_dst.s_addr, htons((u_int16_t)len +
1165 sizeof(struct udphdr) + IPPROTO_UDP));
1166 m->m_pkthdr.csum_flags = M_CSUM_UDPv4;
1167 m->m_pkthdr.csum_data = offsetof(struct udphdr, uh_sum);
1168 } else
1169 ui->ui_sum = 0;
1170 ((struct ip *)ui)->ip_len = htons(sizeof (struct udpiphdr) + len);
1171 ((struct ip *)ui)->ip_ttl = inp->inp_ip.ip_ttl; /* XXX */
1172 ((struct ip *)ui)->ip_tos = inp->inp_ip.ip_tos; /* XXX */
1173 UDP_STATINC(UDP_STAT_OPACKETS);
1174
1175 return (ip_output(m, inp->inp_options, ro,
1176 inp->inp_socket->so_options & (SO_DONTROUTE | SO_BROADCAST),
1177 inp->inp_moptions, inp->inp_socket));
1178
1179 release:
1180 m_freem(m);
1181 return (error);
1182 }
1183
1184 int udp_sendspace = 9216; /* really max datagram size */
1185 int udp_recvspace = 40 * (1024 + sizeof(struct sockaddr_in));
1186 /* 40 1K datagrams */
1187
1188 /*ARGSUSED*/
1189 int
1190 udp_usrreq(struct socket *so, int req, struct mbuf *m, struct mbuf *nam,
1191 struct mbuf *control, struct lwp *l)
1192 {
1193 struct inpcb *inp;
1194 int s;
1195 int error = 0;
1196
1197 if (req == PRU_CONTROL)
1198 return (in_control(so, (long)m, (void *)nam,
1199 (struct ifnet *)control, l));
1200
1201 s = splsoftnet();
1202
1203 if (req == PRU_PURGEIF) {
1204 mutex_enter(softnet_lock);
1205 in_pcbpurgeif0(&udbtable, (struct ifnet *)control);
1206 in_purgeif((struct ifnet *)control);
1207 in_pcbpurgeif(&udbtable, (struct ifnet *)control);
1208 mutex_exit(softnet_lock);
1209 splx(s);
1210 return (0);
1211 }
1212
1213 inp = sotoinpcb(so);
1214 #ifdef DIAGNOSTIC
1215 if (req != PRU_SEND && req != PRU_SENDOOB && control)
1216 panic("udp_usrreq: unexpected control mbuf");
1217 #endif
1218 if (req == PRU_ATTACH) {
1219 sosetlock(so);
1220 } else if (inp == 0) {
1221 error = EINVAL;
1222 goto release;
1223 }
1224
1225 /*
1226 * Note: need to block udp_input while changing
1227 * the udp pcb queue and/or pcb addresses.
1228 */
1229 switch (req) {
1230
1231 case PRU_ATTACH:
1232 if (inp != 0) {
1233 error = EISCONN;
1234 break;
1235 }
1236 #ifdef MBUFTRACE
1237 so->so_mowner = &udp_mowner;
1238 so->so_rcv.sb_mowner = &udp_rx_mowner;
1239 so->so_snd.sb_mowner = &udp_tx_mowner;
1240 #endif
1241 if (so->so_snd.sb_hiwat == 0 || so->so_rcv.sb_hiwat == 0) {
1242 error = soreserve(so, udp_sendspace, udp_recvspace);
1243 if (error)
1244 break;
1245 }
1246 error = in_pcballoc(so, &udbtable);
1247 if (error)
1248 break;
1249 inp = sotoinpcb(so);
1250 inp->inp_ip.ip_ttl = ip_defttl;
1251 break;
1252
1253 case PRU_DETACH:
1254 in_pcbdetach(inp);
1255 break;
1256
1257 case PRU_BIND:
1258 error = in_pcbbind(inp, nam, l);
1259 break;
1260
1261 case PRU_LISTEN:
1262 error = EOPNOTSUPP;
1263 break;
1264
1265 case PRU_CONNECT:
1266 error = in_pcbconnect(inp, nam, l);
1267 if (error)
1268 break;
1269 soisconnected(so);
1270 break;
1271
1272 case PRU_CONNECT2:
1273 error = EOPNOTSUPP;
1274 break;
1275
1276 case PRU_DISCONNECT:
1277 /*soisdisconnected(so);*/
1278 so->so_state &= ~SS_ISCONNECTED; /* XXX */
1279 in_pcbdisconnect(inp);
1280 inp->inp_laddr = zeroin_addr; /* XXX */
1281 in_pcbstate(inp, INP_BOUND); /* XXX */
1282 break;
1283
1284 case PRU_SHUTDOWN:
1285 socantsendmore(so);
1286 break;
1287
1288 case PRU_RCVD:
1289 error = EOPNOTSUPP;
1290 break;
1291
1292 case PRU_SEND:
1293 if (control && control->m_len) {
1294 m_freem(control);
1295 m_freem(m);
1296 error = EINVAL;
1297 break;
1298 }
1299 {
1300 struct in_addr laddr; /* XXX */
1301
1302 if (nam) {
1303 laddr = inp->inp_laddr; /* XXX */
1304 if ((so->so_state & SS_ISCONNECTED) != 0) {
1305 error = EISCONN;
1306 goto die;
1307 }
1308 error = in_pcbconnect(inp, nam, l);
1309 if (error)
1310 goto die;
1311 } else {
1312 if ((so->so_state & SS_ISCONNECTED) == 0) {
1313 error = ENOTCONN;
1314 goto die;
1315 }
1316 }
1317 error = udp_output(m, inp);
1318 m = NULL;
1319 if (nam) {
1320 in_pcbdisconnect(inp);
1321 inp->inp_laddr = laddr; /* XXX */
1322 in_pcbstate(inp, INP_BOUND); /* XXX */
1323 }
1324 die:
1325 if (m)
1326 m_freem(m);
1327 }
1328 break;
1329
1330 case PRU_SENSE:
1331 /*
1332 * stat: don't bother with a blocksize.
1333 */
1334 splx(s);
1335 return (0);
1336
1337 case PRU_RCVOOB:
1338 error = EOPNOTSUPP;
1339 break;
1340
1341 case PRU_SENDOOB:
1342 m_freem(control);
1343 m_freem(m);
1344 error = EOPNOTSUPP;
1345 break;
1346
1347 case PRU_SOCKADDR:
1348 in_setsockaddr(inp, nam);
1349 break;
1350
1351 case PRU_PEERADDR:
1352 in_setpeeraddr(inp, nam);
1353 break;
1354
1355 default:
1356 panic("udp_usrreq");
1357 }
1358
1359 release:
1360 splx(s);
1361 return (error);
1362 }
1363
1364 static int
1365 sysctl_net_inet_udp_stats(SYSCTLFN_ARGS)
1366 {
1367
1368 return (NETSTAT_SYSCTL(udpstat_percpu, UDP_NSTATS));
1369 }
1370
1371 /*
1372 * Sysctl for udp variables.
1373 */
1374 static void
1375 sysctl_net_inet_udp_setup(struct sysctllog **clog)
1376 {
1377
1378 sysctl_createv(clog, 0, NULL, NULL,
1379 CTLFLAG_PERMANENT,
1380 CTLTYPE_NODE, "net", NULL,
1381 NULL, 0, NULL, 0,
1382 CTL_NET, CTL_EOL);
1383 sysctl_createv(clog, 0, NULL, NULL,
1384 CTLFLAG_PERMANENT,
1385 CTLTYPE_NODE, "inet", NULL,
1386 NULL, 0, NULL, 0,
1387 CTL_NET, PF_INET, CTL_EOL);
1388 sysctl_createv(clog, 0, NULL, NULL,
1389 CTLFLAG_PERMANENT,
1390 CTLTYPE_NODE, "udp",
1391 SYSCTL_DESCR("UDPv4 related settings"),
1392 NULL, 0, NULL, 0,
1393 CTL_NET, PF_INET, IPPROTO_UDP, CTL_EOL);
1394
1395 sysctl_createv(clog, 0, NULL, NULL,
1396 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1397 CTLTYPE_INT, "checksum",
1398 SYSCTL_DESCR("Compute UDP checksums"),
1399 NULL, 0, &udpcksum, 0,
1400 CTL_NET, PF_INET, IPPROTO_UDP, UDPCTL_CHECKSUM,
1401 CTL_EOL);
1402 sysctl_createv(clog, 0, NULL, NULL,
1403 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1404 CTLTYPE_INT, "sendspace",
1405 SYSCTL_DESCR("Default UDP send buffer size"),
1406 NULL, 0, &udp_sendspace, 0,
1407 CTL_NET, PF_INET, IPPROTO_UDP, UDPCTL_SENDSPACE,
1408 CTL_EOL);
1409 sysctl_createv(clog, 0, NULL, NULL,
1410 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1411 CTLTYPE_INT, "recvspace",
1412 SYSCTL_DESCR("Default UDP receive buffer size"),
1413 NULL, 0, &udp_recvspace, 0,
1414 CTL_NET, PF_INET, IPPROTO_UDP, UDPCTL_RECVSPACE,
1415 CTL_EOL);
1416 sysctl_createv(clog, 0, NULL, NULL,
1417 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1418 CTLTYPE_INT, "do_loopback_cksum",
1419 SYSCTL_DESCR("Perform UDP checksum on loopback"),
1420 NULL, 0, &udp_do_loopback_cksum, 0,
1421 CTL_NET, PF_INET, IPPROTO_UDP, UDPCTL_LOOPBACKCKSUM,
1422 CTL_EOL);
1423 sysctl_createv(clog, 0, NULL, NULL,
1424 CTLFLAG_PERMANENT,
1425 CTLTYPE_STRUCT, "pcblist",
1426 SYSCTL_DESCR("UDP protocol control block list"),
1427 sysctl_inpcblist, 0, &udbtable, 0,
1428 CTL_NET, PF_INET, IPPROTO_UDP, CTL_CREATE,
1429 CTL_EOL);
1430 sysctl_createv(clog, 0, NULL, NULL,
1431 CTLFLAG_PERMANENT,
1432 CTLTYPE_STRUCT, "stats",
1433 SYSCTL_DESCR("UDP statistics"),
1434 sysctl_net_inet_udp_stats, 0, NULL, 0,
1435 CTL_NET, PF_INET, IPPROTO_UDP, UDPCTL_STATS,
1436 CTL_EOL);
1437 }
1438 #endif
1439
1440 void
1441 udp_statinc(u_int stat)
1442 {
1443
1444 KASSERT(stat < UDP_NSTATS);
1445 UDP_STATINC(stat);
1446 }
1447
1448 #if (defined INET && defined IPSEC_NAT_T)
1449 /*
1450 * Returns:
1451 * 1 if the packet was processed
1452 * 0 if normal UDP processing should take place
1453 * -1 if an error occurent and m was freed
1454 */
1455 static int
1456 udp4_espinudp(struct mbuf **mp, int off, struct sockaddr *src,
1457 struct socket *so)
1458 {
1459 size_t len;
1460 void *data;
1461 struct inpcb *inp;
1462 size_t skip = 0;
1463 size_t minlen;
1464 size_t iphdrlen;
1465 struct ip *ip;
1466 struct mbuf *n;
1467 struct m_tag *tag;
1468 struct udphdr *udphdr;
1469 u_int16_t sport, dport;
1470 struct mbuf *m = *mp;
1471
1472 /*
1473 * Collapse the mbuf chain if the first mbuf is too short
1474 * The longest case is: UDP + non ESP marker + ESP
1475 */
1476 minlen = off + sizeof(u_int64_t) + sizeof(struct esp);
1477 if (minlen > m->m_pkthdr.len)
1478 minlen = m->m_pkthdr.len;
1479
1480 if (m->m_len < minlen) {
1481 if ((*mp = m_pullup(m, minlen)) == NULL) {
1482 printf("udp4_espinudp: m_pullup failed\n");
1483 return -1;
1484 }
1485 m = *mp;
1486 }
1487
1488 len = m->m_len - off;
1489 data = mtod(m, char *) + off;
1490 inp = sotoinpcb(so);
1491
1492 /* Ignore keepalive packets */
1493 if ((len == 1) && (*(unsigned char *)data == 0xff)) {
1494 return 1;
1495 }
1496
1497 /*
1498 * Check that the payload is long enough to hold
1499 * an ESP header and compute the length of encapsulation
1500 * header to remove
1501 */
1502 if (inp->inp_flags & INP_ESPINUDP) {
1503 u_int32_t *st = (u_int32_t *)data;
1504
1505 if ((len <= sizeof(struct esp)) || (*st == 0))
1506 return 0; /* Normal UDP processing */
1507
1508 skip = sizeof(struct udphdr);
1509 }
1510
1511 if (inp->inp_flags & INP_ESPINUDP_NON_IKE) {
1512 u_int32_t *st = (u_int32_t *)data;
1513
1514 if ((len <= sizeof(u_int64_t) + sizeof(struct esp))
1515 || ((st[0] | st[1]) != 0))
1516 return 0; /* Normal UDP processing */
1517
1518 skip = sizeof(struct udphdr) + sizeof(u_int64_t);
1519 }
1520
1521 /*
1522 * Get the UDP ports. They are handled in network
1523 * order everywhere in IPSEC_NAT_T code.
1524 */
1525 udphdr = (struct udphdr *)((char *)data - skip);
1526 sport = udphdr->uh_sport;
1527 dport = udphdr->uh_dport;
1528
1529 /*
1530 * Remove the UDP header (and possibly the non ESP marker)
1531 * IP header lendth is iphdrlen
1532 * Before:
1533 * <--- off --->
1534 * +----+------+-----+
1535 * | IP | UDP | ESP |
1536 * +----+------+-----+
1537 * <-skip->
1538 * After:
1539 * +----+-----+
1540 * | IP | ESP |
1541 * +----+-----+
1542 * <-skip->
1543 */
1544 iphdrlen = off - sizeof(struct udphdr);
1545 memmove(mtod(m, char *) + skip, mtod(m, void *), iphdrlen);
1546 m_adj(m, skip);
1547
1548 ip = mtod(m, struct ip *);
1549 ip->ip_len = htons(ntohs(ip->ip_len) - skip);
1550 ip->ip_p = IPPROTO_ESP;
1551
1552 /*
1553 * Copy the mbuf to avoid multiple free, as both
1554 * esp4_input (which we call) and udp_input (which
1555 * called us) free the mbuf.
1556 */
1557 if ((n = m_dup(m, 0, M_COPYALL, M_DONTWAIT)) == NULL) {
1558 printf("udp4_espinudp: m_dup failed\n");
1559 return 0;
1560 }
1561
1562 /*
1563 * Add a PACKET_TAG_IPSEC_NAT_T_PORT tag to remember
1564 * the source UDP port. This is required if we want
1565 * to select the right SPD for multiple hosts behind
1566 * same NAT
1567 */
1568 if ((tag = m_tag_get(PACKET_TAG_IPSEC_NAT_T_PORTS,
1569 sizeof(sport) + sizeof(dport), M_DONTWAIT)) == NULL) {
1570 printf("udp4_espinudp: m_tag_get failed\n");
1571 m_freem(n);
1572 return 0;
1573 }
1574 ((u_int16_t *)(tag + 1))[0] = sport;
1575 ((u_int16_t *)(tag + 1))[1] = dport;
1576 m_tag_prepend(n, tag);
1577
1578 #ifdef FAST_IPSEC
1579 ipsec4_common_input(n, iphdrlen, IPPROTO_ESP);
1580 #else
1581 esp4_input(n, iphdrlen);
1582 #endif
1583
1584 /* We handled it, it shoudln't be handled by UDP */
1585 return 1;
1586 }
1587 #endif
NetBSD on the FriendlyARM MINI2440