1 /* $OpenBSD: in6_pcb.c,v 1.43 2005/06/24 07:57:24 markus Exp $ */
2
3 /*
4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the project nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 /*
33 * @(#)COPYRIGHT 1.1 (NRL) 17 January 1995
34 *
35 * NRL grants permission for redistribution and use in source and binary
36 * forms, with or without modification, of the software and documentation
37 * created at NRL provided that the following conditions are met:
38 *
39 * 1. Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * 2. Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in the
43 * documentation and/or other materials provided with the distribution.
44 * 3. All advertising materials mentioning features or use of this software
45 * must display the following acknowledgements:
46 * This product includes software developed by the University of
47 * California, Berkeley and its contributors.
48 * This product includes software developed at the Information
49 * Technology Division, US Naval Research Laboratory.
50 * 4. Neither the name of the NRL nor the names of its contributors
51 * may be used to endorse or promote products derived from this software
52 * without specific prior written permission.
53 *
54 * THE SOFTWARE PROVIDED BY NRL IS PROVIDED BY NRL AND CONTRIBUTORS ``AS
55 * IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
56 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
57 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL NRL OR
58 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
59 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
60 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
61 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
62 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
63 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
64 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
65 *
66 * The views and conclusions contained in the software and documentation
67 * are those of the authors and should not be interpreted as representing
68 * official policies, either expressed or implied, of the US Naval
69 * Research Laboratory (NRL).
70 */
71
72 /*
73 * Copyright (c) 1982, 1986, 1990, 1993, 1995
74 * Regents of the University of California. All rights reserved.
75 *
76 * Redistribution and use in source and binary forms, with or without
77 * modification, are permitted provided that the following conditions
78 * are met:
79 * 1. Redistributions of source code must retain the above copyright
80 * notice, this list of conditions and the following disclaimer.
81 * 2. Redistributions in binary form must reproduce the above copyright
82 * notice, this list of conditions and the following disclaimer in the
83 * documentation and/or other materials provided with the distribution.
84 * 3. Neither the name of the University nor the names of its contributors
85 * may be used to endorse or promote products derived from this software
86 * without specific prior written permission.
87 *
88 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
89 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
90 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
91 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
92 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
93 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
94 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
95 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
96 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
97 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
98 * SUCH DAMAGE.
99 *
100 */
101
102 #include <sys/param.h>
103 #include <sys/systm.h>
104 #include <sys/malloc.h>
105 #include <sys/mbuf.h>
106 #include <sys/domain.h>
107 #include <sys/protosw.h>
108 #include <sys/socket.h>
109 #include <sys/socketvar.h>
110 #include <sys/errno.h>
111 #include <sys/time.h>
112 #include <sys/proc.h>
113
114 #include <net/if.h>
115 #include <net/route.h>
116
117 #include <netinet/in.h>
118 #include <netinet/in_systm.h>
119 #include <netinet/ip.h>
120 #include <netinet/in_pcb.h>
121
122 #include <netinet6/in6_var.h>
123 #include <netinet/ip6.h>
124 #include <netinet6/ip6_var.h>
125
126 /*
127 * External globals
128 */
129
130 #include <dev/rndvar.h>
131
132 extern struct in6_ifaddr *in6_ifaddr;
133
134 /*
135 * Globals
136 */
137
138 struct in6_addr zeroin6_addr;
139
140 extern int ipport_firstauto;
141 extern int ipport_lastauto;
142 extern int ipport_hifirstauto;
143 extern int ipport_hilastauto;
144
145 /*
146 * Keep separate inet6ctlerrmap, because I may remap some of these.
147 * I also put it here, because, quite frankly, it belongs here, not in
148 * ip{v6,}_input().
149 */
150 #if 0
151 u_char inet6ctlerrmap[PRC_NCMDS] = {
152 0, 0, 0, 0,
153 0, EMSGSIZE, EHOSTDOWN, EHOSTUNREACH,
154 EHOSTUNREACH, EHOSTUNREACH, ECONNREFUSED, ECONNREFUSED,
155 EMSGSIZE, EHOSTUNREACH, 0, 0,
156 0, 0, 0, 0,
157 ENOPROTOOPT
158 };
159 #endif
160
161 /*
162 * Bind an address (or at least a port) to an PF_INET6 socket.
163 */
164 int
165 in6_pcbbind(inp, nam)
166 struct inpcb *inp;
167 struct mbuf *nam;
168 {
169 struct socket *so = inp->inp_socket;
170
171 struct inpcbtable *head = inp->inp_table;
172 struct sockaddr_in6 *sin6;
173 struct proc *p = curproc; /* XXX */
174 u_short lport = 0;
175 int wild = INPLOOKUP_IPV6, reuseport = (so->so_options & SO_REUSEPORT);
176 int error;
177
178 /*
179 * REMINDER: Once up to speed, flow label processing should go here,
180 * too. (Same with in6_pcbconnect.)
181 */
182 if (in6_ifaddr == 0)
183 return EADDRNOTAVAIL;
184
185 if (inp->inp_lport != 0 || !IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6))
186 return EINVAL; /* If already bound, EINVAL! */
187
188 if ((so->so_options & (SO_REUSEADDR | SO_REUSEPORT)) == 0 &&
189 ((so->so_proto->pr_flags & PR_CONNREQUIRED) == 0 ||
190 (so->so_options & SO_ACCEPTCONN) == 0))
191 wild |= INPLOOKUP_WILDCARD;
192
193 /*
194 * If I did get a sockaddr passed in...
195 */
196 if (nam) {
197 sin6 = mtod(nam, struct sockaddr_in6 *);
198 if (nam->m_len != sizeof (*sin6))
199 return EINVAL;
200
201 /*
202 * Unlike v4, I have no qualms about EAFNOSUPPORT if the
203 * wretched family is not filled in!
204 */
205 if (sin6->sin6_family != AF_INET6)
206 return EAFNOSUPPORT;
207
208 /* KAME hack: embed scopeid */
209 if (in6_embedscope(&sin6->sin6_addr, sin6, inp, NULL) != 0)
210 return EINVAL;
211 /* this must be cleared for ifa_ifwithaddr() */
212 sin6->sin6_scope_id = 0;
213
214 lport = sin6->sin6_port;
215
216 /* reject IPv4 mapped address, we have no support for it */
217 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr))
218 return EADDRNOTAVAIL;
219
220 if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) {
221 /*
222 * Treat SO_REUSEADDR as SO_REUSEPORT for multicast;
223 * allow complete duplication of binding if
224 * SO_REUSEPORT is set, or if SO_REUSEADDR is set
225 * and a multicast address is bound on both
226 * new and duplicated sockets.
227 */
228 if (so->so_options & SO_REUSEADDR)
229 reuseport = SO_REUSEADDR | SO_REUSEPORT;
230 } else if (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) {
231 struct ifaddr *ia = NULL;
232
233 sin6->sin6_port = 0; /*
234 * Yechhhh, because of upcoming
235 * call to ifa_ifwithaddr(), which
236 * does bcmp's over the PORTS as
237 * well. (What about flow?)
238 */
239 sin6->sin6_flowinfo = 0;
240 if ((ia = ifa_ifwithaddr((struct sockaddr *)sin6))
241 == NULL)
242 return EADDRNOTAVAIL;
243
244 /*
245 * bind to an anycast address might accidentally
246 * cause sending a packet with an anycast source
247 * address, so we forbid it.
248 *
249 * We should allow to bind to a deprecated address,
250 * since the application dare to use it.
251 * But, can we assume that they are careful enough
252 * to check if the address is deprecated or not?
253 * Maybe, as a safeguard, we should have a setsockopt
254 * flag to control the bind(2) behavior against
255 * deprecated addresses (default: forbid bind(2)).
256 */
257 if (ia &&
258 ((struct in6_ifaddr *)ia)->ia6_flags &
259 (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY|IN6_IFF_DETACHED))
260 return (EADDRNOTAVAIL);
261 }
262 if (lport) {
263 struct inpcb *t;
264
265 /*
266 * Question: Do we wish to continue the Berkeley
267 * tradition of ports < IPPORT_RESERVED be only for
268 * root?
269 * Answer: For now yes, but IMHO, it should be REMOVED!
270 * OUCH: One other thing, is there no better way of
271 * finding a process for a socket instead of using
272 * curproc? (Marked with BSD's {in,}famous XXX ?
273 */
274 if (ntohs(lport) < IPPORT_RESERVED &&
275 (error = suser(p, 0)))
276 return error;
277
278 t = in_pcblookup(head,
279 (struct in_addr *)&zeroin6_addr, 0,
280 (struct in_addr *)&sin6->sin6_addr, lport,
281 wild);
282
283 if (t && (reuseport & t->inp_socket->so_options) == 0)
284 return EADDRINUSE;
285 }
286 inp->inp_laddr6 = sin6->sin6_addr;
287 }
288
289 if (lport == 0) {
290 error = in6_pcbsetport(&inp->inp_laddr6, inp, p);
291 if (error != 0)
292 return error;
293 } else {
294 inp->inp_lport = lport;
295 in_pcbrehash(inp);
296 }
297
298 return 0;
299 }
300
301 int
302 in6_pcbsetport(laddr, inp, p)
303 struct in6_addr *laddr;
304 struct inpcb *inp;
305 struct proc *p;
306 {
307 struct socket *so = inp->inp_socket;
308 struct inpcbtable *table = inp->inp_table;
309 u_int16_t first, last;
310 u_int16_t *lastport = &inp->inp_table->inpt_lastport;
311 u_int16_t lport = 0;
312 int count;
313 int wild = INPLOOKUP_IPV6;
314 int error;
315
316 /* XXX we no longer support IPv4 mapped address, so no tweaks here */
317
318 if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0 &&
319 ((so->so_proto->pr_flags & PR_CONNREQUIRED) == 0 ||
320 (so->so_options & SO_ACCEPTCONN) == 0))
321 wild |= INPLOOKUP_WILDCARD;
322
323 if (inp->inp_flags & INP_HIGHPORT) {
324 first = ipport_hifirstauto; /* sysctl */
325 last = ipport_hilastauto;
326 } else if (inp->inp_flags & INP_LOWPORT) {
327 if ((error = suser(p, 0)))
328 return (EACCES);
329 first = IPPORT_RESERVED-1; /* 1023 */
330 last = 600; /* not IPPORT_RESERVED/2 */
331 } else {
332 first = ipport_firstauto; /* sysctl */
333 last = ipport_lastauto;
334 }
335
336 /*
337 * Simple check to ensure all ports are not used up causing
338 * a deadlock here.
339 *
340 * We split the two cases (up and down) so that the direction
341 * is not being tested on each round of the loop.
342 */
343
344 if (first > last) {
345 /*
346 * counting down
347 */
348 count = first - last;
349 if (count)
350 *lastport = first - (arc4random() % count);
351
352 do {
353 if (count-- < 0) /* completely used? */
354 return (EADDRNOTAVAIL);
355 --*lastport;
356 if (*lastport > first || *lastport < last)
357 *lastport = first;
358 lport = htons(*lastport);
359 } while (in_baddynamic(*lastport, so->so_proto->pr_protocol) ||
360 in_pcblookup(table, &zeroin6_addr, 0,
361 &inp->inp_laddr6, lport, wild));
362 } else {
363 /*
364 * counting up
365 */
366 count = last - first;
367 if (count)
368 *lastport = first + (arc4random() % count);
369
370 do {
371 if (count-- < 0) /* completely used? */
372 return (EADDRNOTAVAIL);
373 ++*lastport;
374 if (*lastport < first || *lastport > last)
375 *lastport = first;
376 lport = htons(*lastport);
377 } while (in_baddynamic(*lastport, so->so_proto->pr_protocol) ||
378 in_pcblookup(table, &zeroin6_addr, 0,
379 &inp->inp_laddr6, lport, wild));
380 }
381
382 inp->inp_lport = lport;
383 in_pcbrehash(inp);
384
385 #if 0
386 inp->inp_flowinfo = 0; /* XXX */
387 #endif
388
389 return 0;
390 }
391
392 /*
393 * Connect from a socket to a specified address.
394 * Both address and port must be specified in argument sin6.
395 * Eventually, flow labels will have to be dealt with here, as well.
396 *
397 * If don't have a local address for this socket yet,
398 * then pick one.
399 *
400 * I believe this has to be called at splnet().
401 */
402 int
403 in6_pcbconnect(inp, nam)
404 struct inpcb *inp;
405 struct mbuf *nam;
406 {
407 struct in6_addr *in6a = NULL;
408 struct sockaddr_in6 *sin6 = mtod(nam, struct sockaddr_in6 *);
409 struct ifnet *ifp = NULL; /* outgoing interface */
410 int error = 0;
411 struct sockaddr_in6 tmp;
412
413 (void)&in6a; /* XXX fool gcc */
414
415 if (nam->m_len != sizeof(*sin6))
416 return (EINVAL);
417 if (sin6->sin6_family != AF_INET6)
418 return (EAFNOSUPPORT);
419 if (sin6->sin6_port == 0)
420 return (EADDRNOTAVAIL);
421
422 /* reject IPv4 mapped address, we have no support for it */
423 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr))
424 return EADDRNOTAVAIL;
425
426 /* sanity check for mapped address case */
427 if (IN6_IS_ADDR_V4MAPPED(&inp->inp_laddr6))
428 return EINVAL;
429
430 /* protect *sin6 from overwrites */
431 tmp = *sin6;
432 sin6 = &tmp;
433
434 /* KAME hack: embed scopeid */
435 if (in6_embedscope(&sin6->sin6_addr, sin6, inp, &ifp) != 0)
436 return EINVAL;
437 /* this must be cleared for ifa_ifwithaddr() */
438 sin6->sin6_scope_id = 0;
439
440 /* Source address selection. */
441 /*
442 * XXX: in6_selectsrc might replace the bound local address
443 * with the address specified by setsockopt(IPV6_PKTINFO).
444 * Is it the intended behavior?
445 */
446 in6a = in6_selectsrc(sin6, inp->inp_outputopts6,
447 inp->inp_moptions6, &inp->inp_route6, &inp->inp_laddr6,
448 &error);
449 if (in6a == 0) {
450 if (error == 0)
451 error = EADDRNOTAVAIL;
452 return (error);
453 }
454
455 if (inp->inp_route6.ro_rt)
456 ifp = inp->inp_route6.ro_rt->rt_ifp;
457
458 inp->inp_ipv6.ip6_hlim = (u_int8_t)in6_selecthlim(inp, ifp);
459
460 if (in_pcblookup(inp->inp_table, &sin6->sin6_addr, sin6->sin6_port,
461 IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6) ? in6a : &inp->inp_laddr6,
462 inp->inp_lport, INPLOOKUP_IPV6)) {
463 return (EADDRINUSE);
464 }
465 if (IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6)) {
466 if (inp->inp_lport == 0)
467 (void)in6_pcbbind(inp, (struct mbuf *)0);
468 inp->inp_laddr6 = *in6a;
469 }
470 inp->inp_faddr6 = sin6->sin6_addr;
471 inp->inp_fport = sin6->sin6_port;
472 inp->inp_flowinfo &= ~IPV6_FLOWLABEL_MASK;
473 if (ip6_auto_flowlabel)
474 inp->inp_flowinfo |=
475 (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK);
476 in_pcbrehash(inp);
477 return (0);
478 }
479
480 /*
481 * Pass some notification to all connections of a protocol
482 * associated with address dst. The local address and/or port numbers
483 * may be specified to limit the search. The "usual action" will be
484 * taken, depending on the ctlinput cmd. The caller must filter any
485 * cmds that are uninteresting (e.g., no error in the map).
486 * Call the protocol specific routine (if any) to report
487 * any errors for each matching socket.
488 *
489 * Also perform input-side security policy check
490 * once PCB to be notified has been located.
491 *
492 * Must be called at splnet.
493 */
494 int
495 in6_pcbnotify(head, dst, fport_arg, src, lport_arg, cmd, cmdarg, notify)
496 struct inpcbtable *head;
497 struct sockaddr *dst, *src;
498 uint fport_arg;
499 uint lport_arg;
500 int cmd;
501 void *cmdarg;
502 void (*notify)(struct inpcb *, int);
503 {
504 struct inpcb *inp, *ninp;
505 u_short fport = fport_arg, lport = lport_arg;
506 struct sockaddr_in6 sa6_src, *sa6_dst;
507 int errno, nmatch = 0;
508 u_int32_t flowinfo;
509
510 if ((unsigned)cmd >= PRC_NCMDS || dst->sa_family != AF_INET6)
511 return (0);
512
513 sa6_dst = (struct sockaddr_in6 *)dst;
514 if (IN6_IS_ADDR_UNSPECIFIED(&sa6_dst->sin6_addr))
515 return (0);
516 if (IN6_IS_ADDR_V4MAPPED(&sa6_dst->sin6_addr)) {
517 #ifdef DIAGNOSTIC
518 printf("Huh? Thought in6_pcbnotify() never got "
519 "called with mapped!\n");
520 #endif
521 return (0);
522 }
523
524 /*
525 * note that src can be NULL when we get notify by local fragmentation.
526 */
527 sa6_src = (src == NULL) ? sa6_any : *(struct sockaddr_in6 *)src;
528 flowinfo = sa6_src.sin6_flowinfo;
529
530 /*
531 * Redirects go to all references to the destination,
532 * and use in_rtchange to invalidate the route cache.
533 * Dead host indications: also use in_rtchange to invalidate
534 * the cache, and deliver the error to all the sockets.
535 * Otherwise, if we have knowledge of the local port and address,
536 * deliver only to that socket.
537 */
538 if (PRC_IS_REDIRECT(cmd) || cmd == PRC_HOSTDEAD) {
539 fport = 0;
540 lport = 0;
541 sa6_src.sin6_addr = in6addr_any;
542
543 if (cmd != PRC_HOSTDEAD)
544 notify = in_rtchange;
545 }
546 errno = inet6ctlerrmap[cmd];
547
548 for (inp = CIRCLEQ_FIRST(&head->inpt_queue);
549 inp != CIRCLEQ_END(&head->inpt_queue); inp = ninp) {
550 ninp = CIRCLEQ_NEXT(inp, inp_queue);
551
552 if ((inp->inp_flags & INP_IPV6) == 0)
553 continue;
554
555 /*
556 * Under the following condition, notify of redirects
557 * to the pcb, without making address matches against inpcb.
558 * - redirect notification is arrived.
559 * - the inpcb is unconnected.
560 * - the inpcb is caching !RTF_HOST routing entry.
561 * - the ICMPv6 notification is from the gateway cached in the
562 * inpcb. i.e. ICMPv6 notification is from nexthop gateway
563 * the inpcb used very recently.
564 *
565 * This is to improve interaction between netbsd/openbsd
566 * redirect handling code, and inpcb route cache code.
567 * without the clause, !RTF_HOST routing entry (which carries
568 * gateway used by inpcb right before the ICMPv6 redirect)
569 * will be cached forever in unconnected inpcb.
570 *
571 * There still is a question regarding to what is TRT:
572 * - On bsdi/freebsd, RTF_HOST (cloned) routing entry will be
573 * generated on packet output. inpcb will always cache
574 * RTF_HOST routing entry so there's no need for the clause
575 * (ICMPv6 redirect will update RTF_HOST routing entry,
576 * and inpcb is caching it already).
577 * However, bsdi/freebsd are vulnerable to local DoS attacks
578 * due to the cloned routing entries.
579 * - Specwise, "destination cache" is mentioned in RFC2461.
580 * Jinmei says that it implies bsdi/freebsd behavior, itojun
581 * is not really convinced.
582 * - Having hiwat/lowat on # of cloned host route (redirect/
583 * pmtud) may be a good idea. netbsd/openbsd has it. see
584 * icmp6_mtudisc_update().
585 */
586 if ((PRC_IS_REDIRECT(cmd) || cmd == PRC_HOSTDEAD) &&
587 IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6) &&
588 inp->inp_route.ro_rt &&
589 !(inp->inp_route.ro_rt->rt_flags & RTF_HOST)) {
590 struct sockaddr_in6 *dst6;
591
592 dst6 = (struct sockaddr_in6 *)&inp->inp_route.ro_dst;
593 if (IN6_ARE_ADDR_EQUAL(&dst6->sin6_addr,
594 &sa6_dst->sin6_addr))
595 goto do_notify;
596 }
597
598 /*
599 * Detect if we should notify the error. If no source and
600 * destination ports are specified, but non-zero flowinfo and
601 * local address match, notify the error. This is the case
602 * when the error is delivered with an encrypted buffer
603 * by ESP. Otherwise, just compare addresses and ports
604 * as usual.
605 */
606 if (lport == 0 && fport == 0 && flowinfo &&
607 inp->inp_socket != NULL &&
608 flowinfo == (inp->inp_flowinfo & IPV6_FLOWLABEL_MASK) &&
609 IN6_ARE_ADDR_EQUAL(&inp->inp_laddr6, &sa6_src.sin6_addr))
610 goto do_notify;
611 else if (!IN6_ARE_ADDR_EQUAL(&inp->inp_faddr6,
612 &sa6_dst->sin6_addr) ||
613 inp->inp_socket == 0 ||
614 (lport && inp->inp_lport != lport) ||
615 (!IN6_IS_ADDR_UNSPECIFIED(&sa6_src.sin6_addr) &&
616 !IN6_ARE_ADDR_EQUAL(&inp->inp_laddr6,
617 &sa6_src.sin6_addr)) ||
618 (fport && inp->inp_fport != fport)) {
619 continue;
620 }
621 do_notify:
622 nmatch++;
623 if (notify)
624 (*notify)(inp, errno);
625 }
626 return (nmatch);
627 }
628
629 /*
630 * Get the local address/port, and put it in a sockaddr_in6.
631 * This services the getsockname(2) call.
632 */
633 int
634 in6_setsockaddr(inp, nam)
635 struct inpcb *inp;
636 struct mbuf *nam;
637 {
638 struct sockaddr_in6 *sin6;
639
640 nam->m_len = sizeof(struct sockaddr_in6);
641 sin6 = mtod(nam,struct sockaddr_in6 *);
642
643 bzero ((caddr_t)sin6,sizeof(struct sockaddr_in6));
644 sin6->sin6_family = AF_INET6;
645 sin6->sin6_len = sizeof(struct sockaddr_in6);
646 sin6->sin6_port = inp->inp_lport;
647 sin6->sin6_addr = inp->inp_laddr6;
648 /* KAME hack: recover scopeid */
649 (void)in6_recoverscope(sin6, &inp->inp_laddr6, NULL);
650
651 return 0;
652 }
653
654 /*
655 * Get the foreign address/port, and put it in a sockaddr_in6.
656 * This services the getpeername(2) call.
657 */
658 int
659 in6_setpeeraddr(inp, nam)
660 struct inpcb *inp;
661 struct mbuf *nam;
662 {
663 struct sockaddr_in6 *sin6;
664
665 nam->m_len = sizeof(struct sockaddr_in6);
666 sin6 = mtod(nam,struct sockaddr_in6 *);
667
668 bzero ((caddr_t)sin6,sizeof(struct sockaddr_in6));
669 sin6->sin6_family = AF_INET6;
670 sin6->sin6_len = sizeof(struct sockaddr_in6);
671 sin6->sin6_port = inp->inp_fport;
672 sin6->sin6_addr = inp->inp_faddr6;
673 /* KAME hack: recover scopeid */
674 (void)in6_recoverscope(sin6, &inp->inp_faddr6, NULL);
675
676 return 0;
677 }